Title: [141621] trunk
Revision
141621
Author
[email protected]
Date
2013-02-01 11:58:47 -0800 (Fri, 01 Feb 2013)

Log Message

Remove call to SecurityOrigin::canAccessDatabase from IDB constructor.
https://bugs.webkit.org/show_bug.cgi?id=108477

Reviewed by Adam Barth.

Source/WebCore:

This change removes the 'SecurityOrigin::canAccessDatabase' check from
the constructor for the 'indexedDB' property on both DOMWindow and
WorkerContext. After the patch for http://wkbug.com/94171 this check
is redundant, as all the entry points to IDB are now gated on access
being granted.

As a side-effect, dropping the check in WorkerContextIndexedDatabase
allows us to stop holding a pointer to the ScriptExecutionContext we're
extending, which can only be a good thing.

The tests in storage/indexeddb should continue to pass.

* Modules/indexeddb/DOMWindowIndexedDatabase.cpp:
(WebCore::DOMWindowIndexedDatabase::indexedDB):
    Drop the SecurityOrigin::canAccessDatabase check.
* Modules/indexeddb/WorkerContextIndexedDatabase.cpp:
(WebCore::WorkerContextIndexedDatabase::WorkerContextIndexedDatabase):
(WebCore::WorkerContextIndexedDatabase::from):
    Drop the ScriptExecutionContext parameter from the class's
    constructor and callsites.
(WebCore::WorkerContextIndexedDatabase::indexedDB):
    Drop the SecurityOrigin::canAccessDatabase check.
* Modules/indexeddb/WorkerContextIndexedDatabase.h:
(WorkerContextIndexedDatabase):
    Drop the stored pointer to ScriptExecutionContext, as we no longer
    need it in ::indexedDB.

LayoutTests:

* http/tests/security/no-indexeddb-from-sandbox-expected.txt:
* http/tests/security/no-indexeddb-from-sandbox.html:
    This test expected the 'webkitIndexedDB' property to be missing
    entirely inside a sandbox. The expectation has been updated to
    expect 'webkitIndexedDB.open()' to throw a SECURITY_ERR.
* platform/efl/TestExpectations:
* platform/mac-snowleopard/TestExpectations:
* platform/mac/TestExpectations:
* platform/qt/TestExpectations:
* platform/win/TestExpectations:
* platform/wincairo/TestExpectations:
    This test was accidentally passing on a variety of platforms that
    don't yet implement IndexedDB. Now that failure is distinguishable
    we should skip it on a variety of platforms.

Modified Paths

Diff

Modified: trunk/LayoutTests/ChangeLog (141620 => 141621)


--- trunk/LayoutTests/ChangeLog	2013-02-01 19:54:03 UTC (rev 141620)
+++ trunk/LayoutTests/ChangeLog	2013-02-01 19:58:47 UTC (rev 141621)
@@ -1,3 +1,25 @@
+2013-02-01  Mike West  <[email protected]>
+
+        Remove call to SecurityOrigin::canAccessDatabase from IDB constructor.
+        https://bugs.webkit.org/show_bug.cgi?id=108477
+
+        Reviewed by Adam Barth.
+
+        * http/tests/security/no-indexeddb-from-sandbox-expected.txt:
+        * http/tests/security/no-indexeddb-from-sandbox.html:
+            This test expected the 'webkitIndexedDB' property to be missing
+            entirely inside a sandbox. The expectation has been updated to
+            expect 'webkitIndexedDB.open()' to throw a SECURITY_ERR.
+        * platform/efl/TestExpectations:
+        * platform/mac-snowleopard/TestExpectations:
+        * platform/mac/TestExpectations:
+        * platform/qt/TestExpectations:
+        * platform/win/TestExpectations:
+        * platform/wincairo/TestExpectations:
+            This test was accidentally passing on a variety of platforms that
+            don't yet implement IndexedDB. Now that failure is distinguishable
+            we should skip it on a variety of platforms.
+
 2013-02-01  Ryosuke Niwa  <[email protected]>
 
         Smart link can erroneously move caret after an URL when typing immediately before it

Modified: trunk/LayoutTests/http/tests/security/no-indexeddb-from-sandbox-expected.txt (141620 => 141621)


--- trunk/LayoutTests/http/tests/security/no-indexeddb-from-sandbox-expected.txt	2013-02-01 19:54:03 UTC (rev 141620)
+++ trunk/LayoutTests/http/tests/security/no-indexeddb-from-sandbox-expected.txt	2013-02-01 19:58:47 UTC (rev 141621)
@@ -1,2 +1,2 @@
-ALERT: PASS
+ALERT: PASS: db.open() threw a SECURITY_ERR!
 

Modified: trunk/LayoutTests/http/tests/security/no-indexeddb-from-sandbox.html (141620 => 141621)


--- trunk/LayoutTests/http/tests/security/no-indexeddb-from-sandbox.html	2013-02-01 19:54:03 UTC (rev 141620)
+++ trunk/LayoutTests/http/tests/security/no-indexeddb-from-sandbox.html	2013-02-01 19:58:47 UTC (rev 141621)
@@ -5,7 +5,15 @@
 <iframe sandbox="allow-scripts"
     src=""
          <script>
-         var db = window.webkitIndexedDB;
-         alert(db ? 'FAIL' : 'PASS');
+             var db = window.webkitIndexedDB;
+             try {
+                 db.open('test');
+                 alert('FAIL: db.open() should throw a SECURITY_ERR in a sandbox.');
+             } catch (e) {
+                 if (e.code === DOMException.SECURITY_ERR)
+                     alert('PASS: db.open() threw a SECURITY_ERR!');
+                 else
+                     alert('FAIL: db.open() threw a ' + e.name);
+             }
          </script>"
      ></iframe>

Modified: trunk/LayoutTests/platform/efl/TestExpectations (141620 => 141621)


--- trunk/LayoutTests/platform/efl/TestExpectations	2013-02-01 19:54:03 UTC (rev 141620)
+++ trunk/LayoutTests/platform/efl/TestExpectations	2013-02-01 19:58:47 UTC (rev 141621)
@@ -1125,6 +1125,7 @@
 Bug(EFL) http/tests/security/cross-origin-indexeddb.html
 Bug(EFL) http/tests/security/cross-origin-worker-indexeddb-allowed.html
 Bug(EFL) http/tests/security/cross-origin-worker-indexeddb.html
+Bug(EFL) http/tests/security/no-indexeddb-from-sandbox.html
 
 # Quota API is not supported.
 Bug(EFL) storage/storageinfo-missing-arguments.html

Modified: trunk/LayoutTests/platform/mac/TestExpectations (141620 => 141621)


--- trunk/LayoutTests/platform/mac/TestExpectations	2013-02-01 19:54:03 UTC (rev 141620)
+++ trunk/LayoutTests/platform/mac/TestExpectations	2013-02-01 19:58:47 UTC (rev 141621)
@@ -139,6 +139,7 @@
 http/tests/security/cross-origin-indexeddb.html
 http/tests/security/cross-origin-worker-indexeddb-allowed.html
 http/tests/security/cross-origin-worker-indexeddb.html
+http/tests/security/no-indexeddb-from-sandbox.html
 
 # Remove from list after enabling CANVAS_PATH
 fast/canvas/canvas-currentPath.html

Modified: trunk/LayoutTests/platform/mac-snowleopard/TestExpectations (141620 => 141621)


--- trunk/LayoutTests/platform/mac-snowleopard/TestExpectations	2013-02-01 19:54:03 UTC (rev 141620)
+++ trunk/LayoutTests/platform/mac-snowleopard/TestExpectations	2013-02-01 19:58:47 UTC (rev 141621)
@@ -138,6 +138,7 @@
 http/tests/security/cross-origin-indexeddb.html
 http/tests/security/cross-origin-worker-indexeddb-allowed.html
 http/tests/security/cross-origin-worker-indexeddb.html
+http/tests/security/no-indexeddb-from-sandbox.html
 
 # Philip's canvas tests that fail on SnowLeopard only
 canvas/philip/tests/2d.gradient.interpolate.overlap.html

Modified: trunk/LayoutTests/platform/qt/TestExpectations (141620 => 141621)


--- trunk/LayoutTests/platform/qt/TestExpectations	2013-02-01 19:54:03 UTC (rev 141620)
+++ trunk/LayoutTests/platform/qt/TestExpectations	2013-02-01 19:58:47 UTC (rev 141621)
@@ -121,6 +121,7 @@
 http/tests/security/cross-origin-indexeddb.html
 http/tests/security/cross-origin-worker-indexeddb-allowed.html
 http/tests/security/cross-origin-worker-indexeddb.html
+http/tests/security/no-indexeddb-from-sandbox.html
 
 inspector/timeline/timeline-animation-frame.html
 

Modified: trunk/LayoutTests/platform/win/TestExpectations (141620 => 141621)


--- trunk/LayoutTests/platform/win/TestExpectations	2013-02-01 19:54:03 UTC (rev 141620)
+++ trunk/LayoutTests/platform/win/TestExpectations	2013-02-01 19:58:47 UTC (rev 141621)
@@ -1100,6 +1100,7 @@
 http/tests/security/cross-origin-indexeddb.html
 http/tests/security/cross-origin-worker-indexeddb-allowed.html
 http/tests/security/cross-origin-worker-indexeddb.html
+http/tests/security/no-indexeddb-from-sandbox.html
 
 # StorageTracker is not enabled.
 storage/domstorage/localstorage/storagetracker

Modified: trunk/LayoutTests/platform/wincairo/TestExpectations (141620 => 141621)


--- trunk/LayoutTests/platform/wincairo/TestExpectations	2013-02-01 19:54:03 UTC (rev 141620)
+++ trunk/LayoutTests/platform/wincairo/TestExpectations	2013-02-01 19:58:47 UTC (rev 141621)
@@ -1622,6 +1622,7 @@
 http/tests/security/cross-origin-indexeddb.html
 http/tests/security/cross-origin-worker-indexeddb-allowed.html
 http/tests/security/cross-origin-worker-indexeddb.html
+http/tests/security/no-indexeddb-from-sandbox.html
 
 # StorageTracker is not enabled.
 storage/domstorage/localstorage/storagetracker

Modified: trunk/Source/WebCore/ChangeLog (141620 => 141621)


--- trunk/Source/WebCore/ChangeLog	2013-02-01 19:54:03 UTC (rev 141620)
+++ trunk/Source/WebCore/ChangeLog	2013-02-01 19:58:47 UTC (rev 141621)
@@ -1,3 +1,37 @@
+2013-02-01  Mike West  <[email protected]>
+
+        Remove call to SecurityOrigin::canAccessDatabase from IDB constructor.
+        https://bugs.webkit.org/show_bug.cgi?id=108477
+
+        Reviewed by Adam Barth.
+
+        This change removes the 'SecurityOrigin::canAccessDatabase' check from
+        the constructor for the 'indexedDB' property on both DOMWindow and
+        WorkerContext. After the patch for http://wkbug.com/94171 this check
+        is redundant, as all the entry points to IDB are now gated on access
+        being granted.
+
+        As a side-effect, dropping the check in WorkerContextIndexedDatabase
+        allows us to stop holding a pointer to the ScriptExecutionContext we're
+        extending, which can only be a good thing.
+
+        The tests in storage/indexeddb should continue to pass.
+
+        * Modules/indexeddb/DOMWindowIndexedDatabase.cpp:
+        (WebCore::DOMWindowIndexedDatabase::indexedDB):
+            Drop the SecurityOrigin::canAccessDatabase check.
+        * Modules/indexeddb/WorkerContextIndexedDatabase.cpp:
+        (WebCore::WorkerContextIndexedDatabase::WorkerContextIndexedDatabase):
+        (WebCore::WorkerContextIndexedDatabase::from):
+            Drop the ScriptExecutionContext parameter from the class's
+            constructor and callsites.
+        (WebCore::WorkerContextIndexedDatabase::indexedDB):
+            Drop the SecurityOrigin::canAccessDatabase check.
+        * Modules/indexeddb/WorkerContextIndexedDatabase.h:
+        (WorkerContextIndexedDatabase):
+            Drop the stored pointer to ScriptExecutionContext, as we no longer
+            need it in ::indexedDB.
+
 2013-02-01  Beth Dakin  <[email protected]>
 
         Speculative Windows build fix. 

Modified: trunk/Source/WebCore/Modules/indexeddb/DOMWindowIndexedDatabase.cpp (141620 => 141621)


--- trunk/Source/WebCore/Modules/indexeddb/DOMWindowIndexedDatabase.cpp	2013-02-01 19:54:03 UTC (rev 141620)
+++ trunk/Source/WebCore/Modules/indexeddb/DOMWindowIndexedDatabase.cpp	2013-02-01 19:58:47 UTC (rev 141621)
@@ -107,9 +107,6 @@
     if (!page)
         return 0;
 
-    if (!document->securityOrigin()->canAccessDatabase())
-        return 0;
-
     if (!m_window->isCurrentlyDisplayedInFrame())
         return 0;
 

Modified: trunk/Source/WebCore/Modules/indexeddb/WorkerContextIndexedDatabase.cpp (141620 => 141621)


--- trunk/Source/WebCore/Modules/indexeddb/WorkerContextIndexedDatabase.cpp	2013-02-01 19:54:03 UTC (rev 141620)
+++ trunk/Source/WebCore/Modules/indexeddb/WorkerContextIndexedDatabase.cpp	2013-02-01 19:58:47 UTC (rev 141621)
@@ -38,8 +38,7 @@
 
 namespace WebCore {
 
-WorkerContextIndexedDatabase::WorkerContextIndexedDatabase(ScriptExecutionContext* context)
-    : m_context(context)
+WorkerContextIndexedDatabase::WorkerContextIndexedDatabase()
 {
 }
 
@@ -56,7 +55,7 @@
 {
     WorkerContextIndexedDatabase* supplement = static_cast<WorkerContextIndexedDatabase*>(Supplement<ScriptExecutionContext>::from(context, supplementName()));
     if (!supplement) {
-        supplement = new WorkerContextIndexedDatabase(context);
+        supplement = new WorkerContextIndexedDatabase();
         provideTo(context, supplementName(), adoptPtr(supplement));
     }
     return supplement;
@@ -69,8 +68,6 @@
 
 IDBFactory* WorkerContextIndexedDatabase::indexedDB()
 {
-    if (!m_context->securityOrigin()->canAccessDatabase())
-        return 0;
     if (!m_factoryBackend)
         m_factoryBackend = IDBFactoryBackendInterface::create();
     if (!m_idbFactory)

Modified: trunk/Source/WebCore/Modules/indexeddb/WorkerContextIndexedDatabase.h (141620 => 141621)


--- trunk/Source/WebCore/Modules/indexeddb/WorkerContextIndexedDatabase.h	2013-02-01 19:54:03 UTC (rev 141620)
+++ trunk/Source/WebCore/Modules/indexeddb/WorkerContextIndexedDatabase.h	2013-02-01 19:58:47 UTC (rev 141621)
@@ -45,12 +45,11 @@
     static IDBFactory* indexedDB(ScriptExecutionContext*);
 
 private:
-    explicit WorkerContextIndexedDatabase(ScriptExecutionContext*);
+    WorkerContextIndexedDatabase();
 
     IDBFactory* indexedDB();
     static const char* supplementName();
 
-    ScriptExecutionContext* m_context;
     RefPtr<IDBFactoryBackendInterface> m_factoryBackend;
     RefPtr<IDBFactory> m_idbFactory;
 };
_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes

Reply via email to