[SCM] WebKit Debian packaging branch, webkit-1.1, updated. upstream/1.1.15.1-1414-gc69ee75
eric at webkit.org
eric at webkit.org
Thu Oct 29 20:40:38 UTC 2009
The following commit has been merged in the webkit-1.1 branch:
commit 98d2161bbc31a74d13b34f68ec267a81b44d1e06
Author: eric at webkit.org <eric at webkit.org@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Date: Wed Oct 7 01:14:23 2009 +0000
2009-10-06 Adam Barth <abarth at webkit.org>
Reviewed by Eric Seidel.
Move FrameLoader::canLoad to SecurityOrigin
https://bugs.webkit.org/show_bug.cgi?id=30111
* WebCore.base.exp:
* html/HTMLMediaElement.cpp:
(WebCore::HTMLMediaElement::isSafeToLoadURL):
* loader/Cache.cpp:
(WebCore::Cache::requestResource):
* loader/FrameLoader.cpp:
(WebCore::FrameLoader::loadSubframe):
(WebCore::FrameLoader::loadPlugin):
(WebCore::FrameLoader::loadFrameRequest):
(WebCore::FrameLoader::loadResourceSynchronously):
(WebCore::FrameLoader::createJavaAppletWidget):
* loader/FrameLoader.h:
* loader/SubresourceLoader.cpp:
(WebCore::SubresourceLoader::create):
* page/SecurityOrigin.cpp:
(WebCore::SecurityOrigin::canLoad):
(WebCore::SecurityOrigin::shouldHideReferrer):
* page/SecurityOrigin.h:
2009-10-06 Adam Barth <abarth at webkit.org>
Reviewed by Eric Seidel.
Move FrameLoader::canLoad to SecurityOrigin
https://bugs.webkit.org/show_bug.cgi?id=30111
* Plugins/Hosted/HostedNetscapePluginStream.mm:
(WebKit::HostedNetscapePluginStream::HostedNetscapePluginStream):
* Plugins/Hosted/NetscapePluginInstanceProxy.mm:
(WebKit::NetscapePluginInstanceProxy::loadRequest):
* Plugins/WebBaseNetscapePluginStream.mm:
(WebNetscapePluginStream::WebNetscapePluginStream):
* Plugins/WebNetscapePluginView.mm:
(-[WebNetscapePluginView loadRequest:inTarget:withNotifyData:sendNotification:]):
* Plugins/WebPluginContainerCheck.mm:
(-[WebPluginContainerCheck _isForbiddenFileLoad]):
* WebView/WebFrame.mm:
(-[WebFrame _allowsFollowingLink:]):
2009-10-06 Adam Barth <abarth at webkit.org>
Reviewed by Eric Seidel.
Move FrameLoader::canLoad to SecurityOrigin
https://bugs.webkit.org/show_bug.cgi?id=30111
* WebFrame.cpp:
(WebFrame::allowsFollowingLink):
git-svn-id: http://svn.webkit.org/repository/webkit/trunk@49212 268f45cc-cd09-0410-ab3c-d52691b4dbfc
diff --git a/WebCore/ChangeLog b/WebCore/ChangeLog
index d9584fc..433dac9 100644
--- a/WebCore/ChangeLog
+++ b/WebCore/ChangeLog
@@ -2,6 +2,32 @@
Reviewed by Eric Seidel.
+ Move FrameLoader::canLoad to SecurityOrigin
+ https://bugs.webkit.org/show_bug.cgi?id=30111
+
+ * WebCore.base.exp:
+ * html/HTMLMediaElement.cpp:
+ (WebCore::HTMLMediaElement::isSafeToLoadURL):
+ * loader/Cache.cpp:
+ (WebCore::Cache::requestResource):
+ * loader/FrameLoader.cpp:
+ (WebCore::FrameLoader::loadSubframe):
+ (WebCore::FrameLoader::loadPlugin):
+ (WebCore::FrameLoader::loadFrameRequest):
+ (WebCore::FrameLoader::loadResourceSynchronously):
+ (WebCore::FrameLoader::createJavaAppletWidget):
+ * loader/FrameLoader.h:
+ * loader/SubresourceLoader.cpp:
+ (WebCore::SubresourceLoader::create):
+ * page/SecurityOrigin.cpp:
+ (WebCore::SecurityOrigin::canLoad):
+ (WebCore::SecurityOrigin::shouldHideReferrer):
+ * page/SecurityOrigin.h:
+
+2009-10-06 Adam Barth <abarth at webkit.org>
+
+ Reviewed by Eric Seidel.
+
Move setLocalLoadPolicy and friends to SecurityOrigin
https://bugs.webkit.org/show_bug.cgi?id=30110
diff --git a/WebCore/WebCore.base.exp b/WebCore/WebCore.base.exp
index ab6ef05..24d8355 100644
--- a/WebCore/WebCore.base.exp
+++ b/WebCore/WebCore.base.exp
@@ -164,7 +164,6 @@ __ZN7WebCore11FrameLoader16detachFromParentEv
__ZN7WebCore11FrameLoader16loadFrameRequestERKNS_16FrameLoadRequestEbbN3WTF10PassRefPtrINS_5EventEEENS5_INS_9FormStateEEE
__ZN7WebCore11FrameLoader17stopForUserCancelEb
__ZN7WebCore11FrameLoader18currentHistoryItemEv
-__ZN7WebCore11FrameLoader18shouldHideReferrerERKNS_4KURLERKNS_6StringE
__ZN7WebCore11FrameLoader21loadURLIntoChildFrameERKNS_4KURLERKNS_6StringEPNS_5FrameE
__ZN7WebCore11FrameLoader21setCurrentHistoryItemEN3WTF10PassRefPtrINS_11HistoryItemEEE
__ZN7WebCore11FrameLoader22findFrameForNavigationERKNS_12AtomicStringE
@@ -178,7 +177,6 @@ __ZN7WebCore11FrameLoader4loadERKNS_15ResourceRequestERKNS_6StringEb
__ZN7WebCore11FrameLoader4loadERKNS_15ResourceRequestEb
__ZN7WebCore11FrameLoader6reloadEb
__ZN7WebCore11FrameLoader7addDataEPKci
-__ZN7WebCore11FrameLoader7canLoadERKNS_4KURLERKNS_6StringEPKNS_8DocumentE
__ZN7WebCore11Geolocation12setIsAllowedEb
__ZN7WebCore11HistoryItem10targetItemEv
__ZN7WebCore11HistoryItem11setReferrerERKNS_6StringE
@@ -302,10 +300,12 @@ __ZN7WebCore14ResourceLoader14cancelledErrorEv
__ZN7WebCore14ResourceLoader19setShouldBufferDataEb
__ZN7WebCore14SecurityOrigin16createFromStringERKNS_6StringE
__ZN7WebCore14SecurityOrigin18setLocalLoadPolicyENS0_15LocalLoadPolicyE
+__ZN7WebCore14SecurityOrigin18shouldHideReferrerERKNS_4KURLERKNS_6StringE
__ZN7WebCore14SecurityOrigin24registerURLSchemeAsLocalERKNS_6StringE
__ZN7WebCore14SecurityOrigin25whiteListAccessFromOriginERKS0_RKNS_6StringES5_b
__ZN7WebCore14SecurityOrigin27resetOriginAccessWhiteListsEv
__ZN7WebCore14SecurityOrigin6createERKNS_4KURLE
+__ZN7WebCore14SecurityOrigin7canLoadERKNS_4KURLERKNS_6StringEPNS_8DocumentE
__ZN7WebCore15ArchiveResource6createEN3WTF10PassRefPtrINS_12SharedBufferEEERKNS_4KURLERKNS_6StringESA_SA_RKNS_16ResourceResponseE
__ZN7WebCore15BackForwardList10removeItemEPNS_11HistoryItemE
__ZN7WebCore15BackForwardList10setEnabledEb
diff --git a/WebCore/html/HTMLMediaElement.cpp b/WebCore/html/HTMLMediaElement.cpp
index 728ccdc..6b645f4 100644
--- a/WebCore/html/HTMLMediaElement.cpp
+++ b/WebCore/html/HTMLMediaElement.cpp
@@ -606,7 +606,7 @@ bool HTMLMediaElement::isSafeToLoadURL(const KURL& url, InvalidSourceAction acti
FrameLoader* loader = frame ? frame->loader() : 0;
// don't allow remote to local urls, and check with the frame loader client.
- if (!loader || !loader->canLoad(url, String(), document()) || !loader->client()->shouldLoadMediaElementURL(url)) {
+ if (!loader || !SecurityOrigin::canLoad(url, String(), document()) || !loader->client()->shouldLoadMediaElementURL(url)) {
if (actionIfInvalid == Complain)
FrameLoader::reportLocalLoadFailed(frame, url.string());
return false;
diff --git a/WebCore/loader/Cache.cpp b/WebCore/loader/Cache.cpp
index 6f91193..391790f 100644
--- a/WebCore/loader/Cache.cpp
+++ b/WebCore/loader/Cache.cpp
@@ -105,7 +105,7 @@ CachedResource* Cache::requestResource(DocLoader* docLoader, CachedResource::Typ
if (resource && requestIsPreload && !resource->isPreloaded())
return 0;
- if (SecurityOrigin::restrictAccessToLocal() && !FrameLoader::canLoad(url, String(), docLoader->doc())) {
+ if (SecurityOrigin::restrictAccessToLocal() && !SecurityOrigin::canLoad(url, String(), docLoader->doc())) {
Document* doc = docLoader->doc();
if (doc && !requestIsPreload)
FrameLoader::reportLocalLoadFailed(doc->frame(), url.string());
diff --git a/WebCore/loader/FrameLoader.cpp b/WebCore/loader/FrameLoader.cpp
index 21c7637..17f9039 100644
--- a/WebCore/loader/FrameLoader.cpp
+++ b/WebCore/loader/FrameLoader.cpp
@@ -380,12 +380,12 @@ Frame* FrameLoader::loadSubframe(HTMLFrameOwnerElement* ownerElement, const KURL
marginHeight = o->getMarginHeight();
}
- if (!canLoad(url, referrer)) {
+ if (!SecurityOrigin::canLoad(url, referrer, 0)) {
FrameLoader::reportLocalLoadFailed(m_frame, url.string());
return 0;
}
- bool hideReferrer = shouldHideReferrer(url, referrer);
+ bool hideReferrer = SecurityOrigin::shouldHideReferrer(url, referrer);
RefPtr<Frame> frame = m_client->createFrame(url, name, ownerElement, hideReferrer ? String() : referrer, allowsScrolling, marginWidth, marginHeight);
if (!frame) {
@@ -1444,7 +1444,7 @@ bool FrameLoader::loadPlugin(RenderPart* renderer, const KURL& url, const String
if (renderer && !useFallback) {
HTMLPlugInElement* element = toPlugInElement(renderer->node());
- if (!canLoad(url, String(), frame()->document())) {
+ if (!SecurityOrigin::canLoad(url, String(), frame()->document())) {
FrameLoader::reportLocalLoadFailed(m_frame, url.string());
return false;
}
@@ -1916,13 +1916,13 @@ void FrameLoader::loadFrameRequest(const FrameLoadRequest& request, bool lockHis
ASSERT(frame()->document());
if (SecurityOrigin::shouldTreatURLAsLocal(url.string()) && !isFeedWithNestedProtocolInHTTPFamily(url)) {
- if (!canLoad(url, String(), frame()->document()) && !canLoad(url, referrer)) {
+ if (!SecurityOrigin::canLoad(url, String(), frame()->document()) && !SecurityOrigin::canLoad(url, referrer, 0)) {
FrameLoader::reportLocalLoadFailed(m_frame, url.string());
return;
}
}
- if (shouldHideReferrer(url, referrer))
+ if (SecurityOrigin::shouldHideReferrer(url, referrer))
referrer = String();
FrameLoadType loadType;
@@ -2129,26 +2129,6 @@ void FrameLoader::loadWithDocumentLoader(DocumentLoader* loader, FrameLoadType t
}
}
-bool FrameLoader::canLoad(const KURL& url, const String& referrer, const Document* doc)
-{
- return canLoad(url, referrer, doc ? doc->securityOrigin() : 0);
-}
-
-bool FrameLoader::canLoad(const KURL& url, const String& referrer, const SecurityOrigin* securityOrigin)
-{
- // We can always load any URL that isn't considered local (e.g. http URLs).
- if (!SecurityOrigin::shouldTreatURLAsLocal(url.string()))
- return true;
-
- // If we were provided a document, we let its local file policy dictate the result,
- // otherwise we allow local loads only if the supplied referrer is also local.
- if (securityOrigin)
- return securityOrigin->canLoadLocalResources();
- if (!referrer.isEmpty())
- return SecurityOrigin::shouldTreatURLAsLocal(referrer);
- return false;
-}
-
void FrameLoader::reportLocalLoadFailed(Frame* frame, const String& url)
{
ASSERT(!url.isEmpty());
@@ -2158,22 +2138,6 @@ void FrameLoader::reportLocalLoadFailed(Frame* frame, const String& url)
frame->domWindow()->console()->addMessage(JSMessageSource, LogMessageType, ErrorMessageLevel, "Not allowed to load local resource: " + url, 0, String());
}
-bool FrameLoader::shouldHideReferrer(const KURL& url, const String& referrer)
-{
- bool referrerIsSecureURL = protocolIs(referrer, "https");
- bool referrerIsWebURL = referrerIsSecureURL || protocolIs(referrer, "http");
-
- if (!referrerIsWebURL)
- return true;
-
- if (!referrerIsSecureURL)
- return false;
-
- bool URLIsSecureURL = url.protocolIs("https");
-
- return !URLIsSecureURL;
-}
-
const ResourceRequest& FrameLoader::initialRequest() const
{
return activeDocumentLoader()->originalRequest();
@@ -3424,7 +3388,7 @@ void FrameLoader::loadPostRequest(const ResourceRequest& inRequest, const String
unsigned long FrameLoader::loadResourceSynchronously(const ResourceRequest& request, StoredCredentials storedCredentials, ResourceError& error, ResourceResponse& response, Vector<char>& data)
{
String referrer = m_outgoingReferrer;
- if (shouldHideReferrer(request.url(), referrer))
+ if (SecurityOrigin::shouldHideReferrer(request.url(), referrer))
referrer = String();
ResourceRequest initialRequest = request;
@@ -4750,7 +4714,7 @@ PassRefPtr<Widget> FrameLoader::createJavaAppletWidget(const IntSize& size, HTML
if (!codeBaseURLString.isEmpty()) {
KURL codeBaseURL = completeURL(codeBaseURLString);
- if (!canLoad(codeBaseURL, String(), element->document())) {
+ if (!SecurityOrigin::canLoad(codeBaseURL, String(), element->document())) {
FrameLoader::reportLocalLoadFailed(m_frame, codeBaseURL.string());
return 0;
}
diff --git a/WebCore/loader/FrameLoader.h b/WebCore/loader/FrameLoader.h
index 91056ca..7aab3f7 100644
--- a/WebCore/loader/FrameLoader.h
+++ b/WebCore/loader/FrameLoader.h
@@ -106,14 +106,8 @@ namespace WebCore {
void loadArchive(PassRefPtr<Archive>);
- // Returns true for any non-local URL. If document parameter is supplied, its local load policy dictates,
- // otherwise if referrer is non-empty and represents a local file, then the local load is allowed.
- static bool canLoad(const KURL&, const String& referrer, const Document*);
- static bool canLoad(const KURL&, const String& referrer, const SecurityOrigin* = 0);
static void reportLocalLoadFailed(Frame*, const String& url);
- static bool shouldHideReferrer(const KURL&, const String& referrer);
-
// Called by createWindow in JSDOMWindowBase.cpp, e.g. to fulfill a modal dialog creation
Frame* createWindow(FrameLoader* frameLoaderForFrameLookup, const FrameLoadRequest&, const WindowFeatures&, bool& created);
diff --git a/WebCore/loader/SubresourceLoader.cpp b/WebCore/loader/SubresourceLoader.cpp
index 33e9430..2ee4626 100644
--- a/WebCore/loader/SubresourceLoader.cpp
+++ b/WebCore/loader/SubresourceLoader.cpp
@@ -74,12 +74,12 @@ PassRefPtr<SubresourceLoader> SubresourceLoader::create(Frame* frame, Subresourc
if (!skipCanLoadCheck
&& SecurityOrigin::restrictAccessToLocal()
- && !FrameLoader::canLoad(request.url(), String(), frame->document())) {
+ && !SecurityOrigin::canLoad(request.url(), String(), frame->document())) {
FrameLoader::reportLocalLoadFailed(frame, request.url().string());
return 0;
}
- if (FrameLoader::shouldHideReferrer(request.url(), fl->outgoingReferrer()))
+ if (SecurityOrigin::shouldHideReferrer(request.url(), fl->outgoingReferrer()))
newRequest.clearHTTPReferrer();
else if (!request.httpReferrer())
newRequest.setHTTPReferrer(fl->outgoingReferrer());
diff --git a/WebCore/page/SecurityOrigin.cpp b/WebCore/page/SecurityOrigin.cpp
index 3bc4588..338bf9f 100644
--- a/WebCore/page/SecurityOrigin.cpp
+++ b/WebCore/page/SecurityOrigin.cpp
@@ -30,6 +30,7 @@
#include "SecurityOrigin.h"
#include "CString.h"
+#include "Document.h"
#include "KURL.h"
#include "OriginAccessEntry.h"
#include <wtf/StdLibExtras.h>
@@ -238,6 +239,20 @@ bool SecurityOrigin::taintsCanvas(const KURL& url) const
return true;
}
+bool SecurityOrigin::canLoad(const KURL& url, const String& referrer, Document* document)
+{
+ if (!shouldTreatURLAsLocal(url.string()))
+ return true;
+
+ // If we were provided a document, we let its local file policy dictate the result,
+ // otherwise we allow local loads only if the supplied referrer is also local.
+ if (document)
+ return document->securityOrigin()->canLoadLocalResources();
+ if (!referrer.isEmpty())
+ return shouldTreatURLAsLocal(referrer);
+ return false;
+}
+
void SecurityOrigin::grantLoadLocalResources()
{
// This method exists only to support backwards compatibility with older
@@ -444,6 +459,22 @@ bool SecurityOrigin::shouldTreatURLSchemeAsNoAccess(const String& scheme)
return noAccessSchemes().contains(scheme);
}
+bool SecurityOrigin::shouldHideReferrer(const KURL& url, const String& referrer)
+{
+ bool referrerIsSecureURL = protocolIs(referrer, "https");
+ bool referrerIsWebURL = referrerIsSecureURL || protocolIs(referrer, "http");
+
+ if (!referrerIsWebURL)
+ return true;
+
+ if (!referrerIsSecureURL)
+ return false;
+
+ bool URLIsSecureURL = url.protocolIs("https");
+
+ return !URLIsSecureURL;
+}
+
void SecurityOrigin::setLocalLoadPolicy(LocalLoadPolicy policy)
{
localLoadPolicy = policy;
diff --git a/WebCore/page/SecurityOrigin.h b/WebCore/page/SecurityOrigin.h
index 46c1d26..46e6fad 100644
--- a/WebCore/page/SecurityOrigin.h
+++ b/WebCore/page/SecurityOrigin.h
@@ -40,7 +40,8 @@
namespace WebCore {
typedef HashSet<String, CaseFoldingHash> URLSchemesMap;
-
+
+ class Document;
class KURL;
class SecurityOrigin : public ThreadSafeShared<SecurityOrigin> {
@@ -81,6 +82,11 @@ namespace WebCore {
// drawing an image onto an HTML canvas element with the drawImage API.
bool taintsCanvas(const KURL&) const;
+ // Returns true for any non-local URL. If document parameter is supplied,
+ // its local load policy dictates, otherwise if referrer is non-empty and
+ // represents a local file, then the local load is allowed.
+ static bool canLoad(const KURL&, const String& referrer, Document* document);
+
// Returns true if this SecurityOrigin can load local resources, such
// as images, iframes, and style sheets, and can link to local URLs.
// For example, call this function before creating an iframe to a
@@ -143,6 +149,8 @@ namespace WebCore {
static bool shouldTreatURLAsLocal(const String&);
static bool shouldTreatURLSchemeAsLocal(const String&);
+ static bool shouldHideReferrer(const KURL&, const String& referrer);
+
enum LocalLoadPolicy {
AllowLocalLoadsForAll, // No restriction on local loads.
AllowLocalLoadsForLocalAndSubstituteData,
diff --git a/WebKit/mac/ChangeLog b/WebKit/mac/ChangeLog
index 2ff3cd0..384b7ee 100644
--- a/WebKit/mac/ChangeLog
+++ b/WebKit/mac/ChangeLog
@@ -2,6 +2,26 @@
Reviewed by Eric Seidel.
+ Move FrameLoader::canLoad to SecurityOrigin
+ https://bugs.webkit.org/show_bug.cgi?id=30111
+
+ * Plugins/Hosted/HostedNetscapePluginStream.mm:
+ (WebKit::HostedNetscapePluginStream::HostedNetscapePluginStream):
+ * Plugins/Hosted/NetscapePluginInstanceProxy.mm:
+ (WebKit::NetscapePluginInstanceProxy::loadRequest):
+ * Plugins/WebBaseNetscapePluginStream.mm:
+ (WebNetscapePluginStream::WebNetscapePluginStream):
+ * Plugins/WebNetscapePluginView.mm:
+ (-[WebNetscapePluginView loadRequest:inTarget:withNotifyData:sendNotification:]):
+ * Plugins/WebPluginContainerCheck.mm:
+ (-[WebPluginContainerCheck _isForbiddenFileLoad]):
+ * WebView/WebFrame.mm:
+ (-[WebFrame _allowsFollowingLink:]):
+
+2009-10-06 Adam Barth <abarth at webkit.org>
+
+ Reviewed by Eric Seidel.
+
Move setLocalLoadPolicy and friends to SecurityOrigin
https://bugs.webkit.org/show_bug.cgi?id=30110
diff --git a/WebKit/mac/Plugins/Hosted/HostedNetscapePluginStream.mm b/WebKit/mac/Plugins/Hosted/HostedNetscapePluginStream.mm
index c0a735e..5c25ef7 100644
--- a/WebKit/mac/Plugins/Hosted/HostedNetscapePluginStream.mm
+++ b/WebKit/mac/Plugins/Hosted/HostedNetscapePluginStream.mm
@@ -39,6 +39,7 @@
#import <WebCore/DocumentLoader.h>
#import <WebCore/Frame.h>
#import <WebCore/FrameLoader.h>
+#import <WebCore/SecurityOrigin.h>
#import <WebCore/WebCoreURLResponse.h>
#import <wtf/RefCountedLeakCounter.h>
@@ -58,7 +59,7 @@ HostedNetscapePluginStream::HostedNetscapePluginStream(NetscapePluginInstancePro
, m_requestURL([request URL])
, m_frameLoader(0)
{
- if (core([instance->pluginView() webFrame])->loader()->shouldHideReferrer([request URL], core([instance->pluginView() webFrame])->loader()->outgoingReferrer()))
+ if (SecurityOrigin::shouldHideReferrer([request URL], core([instance->pluginView() webFrame])->loader()->outgoingReferrer()))
[m_request.get() _web_setHTTPReferrer:nil];
#ifndef NDEBUG
diff --git a/WebKit/mac/Plugins/Hosted/NetscapePluginInstanceProxy.mm b/WebKit/mac/Plugins/Hosted/NetscapePluginInstanceProxy.mm
index de159f4..21f35e2 100644
--- a/WebKit/mac/Plugins/Hosted/NetscapePluginInstanceProxy.mm
+++ b/WebKit/mac/Plugins/Hosted/NetscapePluginInstanceProxy.mm
@@ -49,6 +49,7 @@
#import <WebCore/FrameLoader.h>
#import <WebCore/FrameTree.h>
#import <WebCore/KURL.h>
+#import <WebCore/SecurityOrigin.h>
#import <WebCore/ScriptController.h>
#import <WebCore/ScriptValue.h>
#import <WebCore/StringSourceProvider.h>
@@ -598,7 +599,7 @@ NPError NetscapePluginInstanceProxy::loadRequest(NSURLRequest *request, const ch
return NPERR_GENERIC_ERROR;
}
} else {
- if (!FrameLoader::canLoad(URL, String(), core([m_pluginView webFrame])->document()))
+ if (!SecurityOrigin::canLoad(URL, String(), core([m_pluginView webFrame])->document()))
return NPERR_GENERIC_ERROR;
}
diff --git a/WebKit/mac/Plugins/WebBaseNetscapePluginStream.mm b/WebKit/mac/Plugins/WebBaseNetscapePluginStream.mm
index de44e49..232a6c4 100644
--- a/WebKit/mac/Plugins/WebBaseNetscapePluginStream.mm
+++ b/WebKit/mac/Plugins/WebBaseNetscapePluginStream.mm
@@ -42,6 +42,7 @@
#import <WebCore/DocumentLoader.h>
#import <WebCore/Frame.h>
#import <WebCore/FrameLoader.h>
+#import <WebCore/SecurityOrigin.h>
#import <WebCore/WebCoreObjCExtras.h>
#import <WebCore/WebCoreURLResponse.h>
#import <WebKitSystemInterface.h>
@@ -160,7 +161,7 @@ WebNetscapePluginStream::WebNetscapePluginStream(NSURLRequest *request, NPP plug
WebNetscapePluginView *view = (WebNetscapePluginView *)plugin->ndata;
// This check has already been done by the plug-in view.
- ASSERT(FrameLoader::canLoad([request URL], String(), core([view webFrame])->document()));
+ ASSERT(SecurityOrigin::canLoad([request URL], String(), core([view webFrame])->document()));
ASSERT([request URL]);
ASSERT(plugin);
@@ -169,7 +170,7 @@ WebNetscapePluginStream::WebNetscapePluginStream(NSURLRequest *request, NPP plug
streams().add(&m_stream, plugin);
- if (core([view webFrame])->loader()->shouldHideReferrer([request URL], core([view webFrame])->loader()->outgoingReferrer()))
+ if (SecurityOrigin::shouldHideReferrer([request URL], core([view webFrame])->loader()->outgoingReferrer()))
[m_request.get() _web_setHTTPReferrer:nil];
}
diff --git a/WebKit/mac/Plugins/WebNetscapePluginView.mm b/WebKit/mac/Plugins/WebNetscapePluginView.mm
index 5c82a9a..5debb97 100644
--- a/WebKit/mac/Plugins/WebNetscapePluginView.mm
+++ b/WebKit/mac/Plugins/WebNetscapePluginView.mm
@@ -69,6 +69,7 @@
#import <WebCore/Page.h>
#import <WebCore/PluginMainThreadScheduler.h>
#import <WebCore/ScriptController.h>
+#import <WebCore/SecurityOrigin.h>
#import <WebCore/SoftLinking.h>
#import <WebCore/WebCoreObjCExtras.h>
#import <WebCore/WebCoreURLResponse.h>
@@ -1682,7 +1683,7 @@ static inline void getNPRect(const NSRect& nr, NPRect& npr)
return NPERR_INVALID_PARAM;
}
} else {
- if (!FrameLoader::canLoad(URL, String(), core([self webFrame])->document()))
+ if (!SecurityOrigin::canLoad(URL, String(), core([self webFrame])->document()))
return NPERR_GENERIC_ERROR;
}
diff --git a/WebKit/mac/Plugins/WebPluginContainerCheck.mm b/WebKit/mac/Plugins/WebPluginContainerCheck.mm
index 2180b02..5609d80 100644
--- a/WebKit/mac/Plugins/WebPluginContainerCheck.mm
+++ b/WebKit/mac/Plugins/WebPluginContainerCheck.mm
@@ -40,6 +40,7 @@
#import <WebCore/Frame.h>
#import <WebCore/FrameLoader.h>
#import <WebCore/FrameLoaderTypes.h>
+#import <WebCore/SecurityOrigin.h>
#import <wtf/Assertions.h>
#import <objc/objc-runtime.h>
@@ -98,7 +99,7 @@ using namespace WebCore;
{
Frame* coreFrame = core([_controller webFrame]);
ASSERT(coreFrame);
- if (!coreFrame->loader()->canLoad([_request URL], String(), coreFrame->document())) {
+ if (!SecurityOrigin::canLoad([_request URL], String(), coreFrame->document())) {
[self _continueWithPolicy:PolicyIgnore];
return YES;
}
diff --git a/WebKit/mac/WebView/WebFrame.mm b/WebKit/mac/WebView/WebFrame.mm
index 672f189..27aac67 100644
--- a/WebKit/mac/WebView/WebFrame.mm
+++ b/WebKit/mac/WebView/WebFrame.mm
@@ -1199,7 +1199,7 @@ static inline WebDataSource *dataSource(DocumentLoader* loader)
{
if (!_private->coreFrame)
return YES;
- return FrameLoader::canLoad(URL, String(), _private->coreFrame->document());
+ return SecurityOrigin::canLoad(URL, String(), _private->coreFrame->document());
}
@end
diff --git a/WebKit/win/ChangeLog b/WebKit/win/ChangeLog
index e054982..c40e3d4 100644
--- a/WebKit/win/ChangeLog
+++ b/WebKit/win/ChangeLog
@@ -1,3 +1,13 @@
+2009-10-06 Adam Barth <abarth at webkit.org>
+
+ Reviewed by Eric Seidel.
+
+ Move FrameLoader::canLoad to SecurityOrigin
+ https://bugs.webkit.org/show_bug.cgi?id=30111
+
+ * WebFrame.cpp:
+ (WebFrame::allowsFollowingLink):
+
2009-10-06 Pavel Feldman <pfeldman at chromium.org>
Reviewed by Timothy Hatcher.
diff --git a/WebKit/win/WebFrame.cpp b/WebKit/win/WebFrame.cpp
index 36e8cfc..44efe83 100644
--- a/WebKit/win/WebFrame.cpp
+++ b/WebKit/win/WebFrame.cpp
@@ -94,6 +94,7 @@
#include <WebCore/TextIterator.h>
#include <WebCore/JSDOMBinding.h>
#include <WebCore/ScriptController.h>
+#include <WebCore/SecurityOrigin.h>
#include <JavaScriptCore/APICast.h>
#include <wtf/MathExtras.h>
#pragma warning(pop)
@@ -1159,7 +1160,7 @@ HRESULT WebFrame::allowsFollowingLink(BSTR url, BOOL* result)
if (!frame)
return E_FAIL;
- *result = FrameLoader::canLoad(MarshallingHelpers::BSTRToKURL(url), String(), frame->document());
+ *result = SecurityOrigin::canLoad(MarshallingHelpers::BSTRToKURL(url), String(), frame->document());
return S_OK;
}
--
WebKit Debian packaging
More information about the Pkg-webkit-commits
mailing list