[SCM] WebKit Debian packaging branch, debian/experimental, updated. upstream/1.3.3-9427-gc2be6fc
abarth at webkit.org
abarth at webkit.org
Wed Dec 22 13:20:45 UTC 2010
The following commit has been merged in the debian/experimental branch:
commit ba0dab20be7d4e71ea433f5e30a2ec53979329b1
Author: abarth at webkit.org <abarth at webkit.org@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Date: Sun Sep 12 02:28:10 2010 +0000
2010-09-11 Adam Barth <abarth at webkit.org>
Reviewed by Sam Weinig.
Make SecurityOrigin::canDisplay an instance function
https://bugs.webkit.org/show_bug.cgi?id=45219
This function was secretly an instance function because callers needed
to pass in a document (which owns a SecurityOrigin). Only the
FrameLoader actually needs the method to be static.
* WebCore.exp.in:
* html/HTMLMediaElement.cpp:
(WebCore::HTMLMediaElement::isSafeToLoadURL):
* loader/Cache.cpp:
(WebCore::Cache::requestResource):
- Notice that DocLoader::doc() can never be 0.
* loader/FrameLoader.cpp:
(WebCore::FrameLoader::loadFrameRequest):
* loader/PingLoader.cpp:
(WebCore::PingLoader::loadImage):
* loader/SubframeLoader.cpp:
(WebCore::SubframeLoader::loadMediaPlayerProxyPlugin):
(WebCore::SubframeLoader::createJavaAppletWidget):
(WebCore::SubframeLoader::loadSubframe):
(WebCore::SubframeLoader::loadPlugin):
* loader/SubresourceLoader.cpp:
(WebCore::SubresourceLoader::create):
* page/SecurityOrigin.cpp:
(WebCore::SecurityOrigin::canDisplay):
(WebCore::SecurityOrigin::deprecatedCanDisplay):
* page/SecurityOrigin.h:
* plugins/PluginView.cpp:
(WebCore::PluginView::load):
2010-09-11 Adam Barth <abarth at webkit.org>
Reviewed by Sam Weinig.
Make SecurityOrigin::canDisplay an instance function
https://bugs.webkit.org/show_bug.cgi?id=45219
* Plugins/Hosted/NetscapePluginInstanceProxy.mm:
(WebKit::NetscapePluginInstanceProxy::loadRequest):
* Plugins/WebNetscapePluginStream.mm:
(WebNetscapePluginStream::WebNetscapePluginStream):
* Plugins/WebNetscapePluginView.mm:
(-[WebNetscapePluginView loadRequest:inTarget:withNotifyData:sendNotification:]):
* Plugins/WebPluginContainerCheck.mm:
(-[WebPluginContainerCheck _isForbiddenFileLoad]):
* WebView/WebFrame.mm:
(-[WebFrame _allowsFollowingLink:]):
2010-09-11 Adam Barth <abarth at webkit.org>
Reviewed by Sam Weinig.
Make SecurityOrigin::canDisplay an instance function
https://bugs.webkit.org/show_bug.cgi?id=45219
* WebFrame.cpp:
(WebFrame::allowsFollowingLink):
2010-09-11 Adam Barth <abarth at webkit.org>
Reviewed by Sam Weinig.
Make SecurityOrigin::canDisplay an instance function
https://bugs.webkit.org/show_bug.cgi?id=45219
* WebProcess/Plugins/PluginView.cpp:
(WebKit::PluginView::performFrameLoadURLRequest):
git-svn-id: http://svn.webkit.org/repository/webkit/trunk@67316 268f45cc-cd09-0410-ab3c-d52691b4dbfc
diff --git a/WebCore/ChangeLog b/WebCore/ChangeLog
index a1cdf36..75fdc6e 100644
--- a/WebCore/ChangeLog
+++ b/WebCore/ChangeLog
@@ -1,3 +1,73 @@
+2010-09-11 Adam Barth <abarth at webkit.org>
+
+ Reviewed by Sam Weinig.
+
+ Make SecurityOrigin::canDisplay an instance function
+ https://bugs.webkit.org/show_bug.cgi?id=45219
+
+ This function was secretly an instance function because callers needed
+ to pass in a document (which owns a SecurityOrigin). Only the
+ FrameLoader actually needs the method to be static.
+
+ * WebCore.exp.in:
+ * html/HTMLMediaElement.cpp:
+ (WebCore::HTMLMediaElement::isSafeToLoadURL):
+ * loader/Cache.cpp:
+ (WebCore::Cache::requestResource):
+ - Notice that DocLoader::doc() can never be 0.
+ * loader/FrameLoader.cpp:
+ (WebCore::FrameLoader::loadFrameRequest):
+ * loader/PingLoader.cpp:
+ (WebCore::PingLoader::loadImage):
+ * loader/SubframeLoader.cpp:
+ (WebCore::SubframeLoader::loadMediaPlayerProxyPlugin):
+ (WebCore::SubframeLoader::createJavaAppletWidget):
+ (WebCore::SubframeLoader::loadSubframe):
+ (WebCore::SubframeLoader::loadPlugin):
+ * loader/SubresourceLoader.cpp:
+ (WebCore::SubresourceLoader::create):
+ * page/SecurityOrigin.cpp:
+ (WebCore::SecurityOrigin::canDisplay):
+ (WebCore::SecurityOrigin::deprecatedCanDisplay):
+ * page/SecurityOrigin.h:
+ * plugins/PluginView.cpp:
+ (WebCore::PluginView::load):
+
+2010-09-11 Adam Barth <abarth at webkit.org>
+
+ Reviewed by Sam Weinig.
+
+ Make SecurityOrigin::canDisplay an instance function
+ https://bugs.webkit.org/show_bug.cgi?id=45219
+
+ This function was secretly an instance function because callers needed
+ to pass in a document (which owns a SecurityOrigin). Only the
+ FrameLoader actually needs the method to be static.
+
+ * WebCore.exp.in:
+ * html/HTMLMediaElement.cpp:
+ (WebCore::HTMLMediaElement::isSafeToLoadURL):
+ * loader/Cache.cpp:
+ (WebCore::Cache::requestResource):
+ - Notice that DocLoader::doc() can never be 0.
+ * loader/FrameLoader.cpp:
+ (WebCore::FrameLoader::loadFrameRequest):
+ * loader/PingLoader.cpp:
+ (WebCore::PingLoader::loadImage):
+ * loader/SubframeLoader.cpp:
+ (WebCore::SubframeLoader::loadMediaPlayerProxyPlugin):
+ (WebCore::SubframeLoader::createJavaAppletWidget):
+ (WebCore::SubframeLoader::loadSubframe):
+ (WebCore::SubframeLoader::loadPlugin):
+ * loader/SubresourceLoader.cpp:
+ (WebCore::SubresourceLoader::create):
+ * page/SecurityOrigin.cpp:
+ (WebCore::SecurityOrigin::canDisplay):
+ (WebCore::SecurityOrigin::deprecatedCanDisplay):
+ * page/SecurityOrigin.h:
+ * plugins/PluginView.cpp:
+ (WebCore::PluginView::load):
+
2010-09-11 Simon Hausmann <simon.hausmann at nokia.com>
Unreviewed.
diff --git a/WebCore/WebCore.exp.in b/WebCore/WebCore.exp.in
index 2dd0048..7a3e53e 100644
--- a/WebCore/WebCore.exp.in
+++ b/WebCore/WebCore.exp.in
@@ -314,7 +314,6 @@ __ZN7WebCore14SVGSMILElement13isSMILElementEPNS_4NodeE
__ZN7WebCore14SchemeRegistry24registerURLSchemeAsLocalERKN3WTF6StringE
__ZN7WebCore14SchemeRegistry25registerURLSchemeAsSecureERKN3WTF6StringE
__ZN7WebCore14SchemeRegistry32registerURLSchemeAsEmptyDocumentERKN3WTF6StringE
-__ZN7WebCore14SecurityOrigin10canDisplayERKNS_4KURLERKN3WTF6StringEPNS_8DocumentE
__ZN7WebCore14SecurityOrigin16createFromStringERKN3WTF6StringE
__ZN7WebCore14SecurityOrigin18setLocalLoadPolicyENS0_15LocalLoadPolicyE
__ZN7WebCore14SecurityOrigin18shouldHideReferrerERKNS_4KURLERKN3WTF6StringE
@@ -933,6 +932,7 @@ __ZNK7WebCore14DocumentLoader3urlEv
__ZNK7WebCore14RenderListItem10markerTextEv
__ZNK7WebCore14ResourceHandle10connectionEv
__ZNK7WebCore14ResourceLoader11frameLoaderEv
+__ZNK7WebCore14SecurityOrigin10canDisplayERKNS_4KURLE
__ZNK7WebCore14SecurityOrigin5equalEPKS0_
__ZNK7WebCore15FocusController18focusedOrMainFrameEv
__ZNK7WebCore15GraphicsContext15platformContextEv
diff --git a/WebCore/html/HTMLMediaElement.cpp b/WebCore/html/HTMLMediaElement.cpp
index 1d4a1bd..65d350f 100644
--- a/WebCore/html/HTMLMediaElement.cpp
+++ b/WebCore/html/HTMLMediaElement.cpp
@@ -741,19 +741,16 @@ bool HTMLMediaElement::isSafeToLoadURL(const KURL& url, InvalidSourceAction acti
if (!url.isValid()) {
LOG(Media, "HTMLMediaElement::isSafeToLoadURL(%s) -> FALSE because url is invalid", urlForLogging(url.string()).utf8().data());
return false;
- }
-
- Frame* frame = document()->frame();
- FrameLoader* loader = frame ? frame->loader() : 0;
+ }
- // don't allow remote to local urls, and check with the frame loader client.
- if (!loader || !SecurityOrigin::canDisplay(url, String(), document())) {
+ Frame* frame = document()->frame();
+ if (!frame || !document()->securityOrigin()->canDisplay(url)) {
if (actionIfInvalid == Complain)
FrameLoader::reportLocalLoadFailed(frame, url.string());
LOG(Media, "HTMLMediaElement::isSafeToLoadURL(%s) -> FALSE rejected by SecurityOrigin", urlForLogging(url.string()).utf8().data());
return false;
}
-
+
return true;
}
diff --git a/WebCore/loader/Cache.cpp b/WebCore/loader/Cache.cpp
index 7acbd56..dbcec00 100644
--- a/WebCore/loader/Cache.cpp
+++ b/WebCore/loader/Cache.cpp
@@ -99,17 +99,16 @@ CachedResource* Cache::requestResource(CachedResourceLoader* cachedResourceLoade
// Would it be better to just go on with the cache code and let it fail later?
if (url.isEmpty())
return 0;
-
+
// Look up the resource in our map.
CachedResource* resource = resourceForURL(url.string());
-
+
if (resource && requestIsPreload && !resource->isPreloaded())
return 0;
-
- if (SecurityOrigin::restrictAccessToLocal() && !SecurityOrigin::canDisplay(url, String(), cachedResourceLoader->doc())) {
- Document* doc = cachedResourceLoader->doc();
- if (doc && !requestIsPreload)
- FrameLoader::reportLocalLoadFailed(doc->frame(), url.string());
+
+ if (!cachedResourceLoader->doc()->securityOrigin()->canDisplay(url)) {
+ if (!requestIsPreload)
+ FrameLoader::reportLocalLoadFailed(cachedResourceLoader->doc()->frame(), url.string());
return 0;
}
diff --git a/WebCore/loader/FrameLoader.cpp b/WebCore/loader/FrameLoader.cpp
index 4b33fa0..2ec6f72 100644
--- a/WebCore/loader/FrameLoader.cpp
+++ b/WebCore/loader/FrameLoader.cpp
@@ -1257,9 +1257,10 @@ void FrameLoader::loadFrameRequest(const FrameLoadRequest& request, bool lockHis
referrer = m_outgoingReferrer;
ASSERT(frame()->document());
- if (SchemeRegistry::shouldTreatURLAsLocal(url.string()) && !isFeedWithNestedProtocolInHTTPFamily(url)) {
- if (!SecurityOrigin::canDisplay(url, String(), frame()->document()) && !SecurityOrigin::canDisplay(url, referrer, 0)) {
- FrameLoader::reportLocalLoadFailed(m_frame, url.string());
+ // FIXME: Should we move the isFeedWithNestedProtocolInHTTPFamily logic inside SecurityOrigin::canDisplay?
+ if (!isFeedWithNestedProtocolInHTTPFamily(url)) {
+ if (!frame()->document()->securityOrigin()->canDisplay(url) && !SecurityOrigin::deprecatedCanDisplay(referrer, url)) {
+ reportLocalLoadFailed(m_frame, url.string());
return;
}
}
diff --git a/WebCore/loader/PingLoader.cpp b/WebCore/loader/PingLoader.cpp
index 372cc82..2a628ce 100644
--- a/WebCore/loader/PingLoader.cpp
+++ b/WebCore/loader/PingLoader.cpp
@@ -42,7 +42,7 @@ namespace WebCore {
void PingLoader::loadImage(Frame* frame, const KURL& url)
{
- if (SecurityOrigin::restrictAccessToLocal() && !SecurityOrigin::canDisplay(url, String(), frame->document())) {
+ if (!frame->document()->securityOrigin()->canDisplay(url)) {
FrameLoader::reportLocalLoadFailed(frame, url);
return;
}
diff --git a/WebCore/loader/SubframeLoader.cpp b/WebCore/loader/SubframeLoader.cpp
index d364e88..e247e5b 100644
--- a/WebCore/loader/SubframeLoader.cpp
+++ b/WebCore/loader/SubframeLoader.cpp
@@ -156,7 +156,7 @@ PassRefPtr<Widget> SubframeLoader::loadMediaPlayerProxyPlugin(Node* node, const
if (!url.isEmpty())
completedURL = completeURL(url);
- if (!SecurityOrigin::canDisplay(completedURL, String(), m_frame->document())) {
+ if (!m_frame->document()->securityOrigin()->canDisplay(completedURL)) {
FrameLoader::reportLocalLoadFailed(m_frame, completedURL.string());
return 0;
}
@@ -214,7 +214,7 @@ PassRefPtr<Widget> SubframeLoader::createJavaAppletWidget(const IntSize& size, H
if (!codeBaseURLString.isEmpty()) {
KURL codeBaseURL = completeURL(codeBaseURLString);
- if (!SecurityOrigin::canDisplay(codeBaseURL, String(), element->document())) {
+ if (!element->document()->securityOrigin()->canDisplay(codeBaseURL)) {
FrameLoader::reportLocalLoadFailed(m_frame, codeBaseURL.string());
return 0;
}
@@ -256,7 +256,7 @@ Frame* SubframeLoader::loadSubframe(HTMLFrameOwnerElement* ownerElement, const K
marginHeight = o->getMarginHeight();
}
- if (!SecurityOrigin::canDisplay(url, String(), ownerElement->document())) {
+ if (!ownerElement->document()->securityOrigin()->canDisplay(url)) {
FrameLoader::reportLocalLoadFailed(m_frame, url.string());
return 0;
}
@@ -345,7 +345,7 @@ bool SubframeLoader::loadPlugin(HTMLPlugInImageElement* pluginElement, const KUR
if (!renderer || useFallback)
return false;
- if (!SecurityOrigin::canDisplay(url, String(), document())) {
+ if (!document()->securityOrigin()->canDisplay(url)) {
FrameLoader::reportLocalLoadFailed(m_frame, url.string());
return false;
}
diff --git a/WebCore/loader/SubresourceLoader.cpp b/WebCore/loader/SubresourceLoader.cpp
index 69d4a5c..e5cec88 100644
--- a/WebCore/loader/SubresourceLoader.cpp
+++ b/WebCore/loader/SubresourceLoader.cpp
@@ -71,9 +71,7 @@ PassRefPtr<SubresourceLoader> SubresourceLoader::create(Frame* frame, Subresourc
ResourceRequest newRequest = request;
- if (securityCheck == DoSecurityCheck
- && SecurityOrigin::restrictAccessToLocal()
- && !SecurityOrigin::canDisplay(request.url(), String(), frame->document())) {
+ if (securityCheck == DoSecurityCheck && !frame->document()->securityOrigin()->canDisplay(request.url())) {
FrameLoader::reportLocalLoadFailed(frame, request.url().string());
return 0;
}
diff --git a/WebCore/page/SecurityOrigin.cpp b/WebCore/page/SecurityOrigin.cpp
index 14320e3..6001983 100644
--- a/WebCore/page/SecurityOrigin.cpp
+++ b/WebCore/page/SecurityOrigin.cpp
@@ -284,32 +284,35 @@ bool SecurityOrigin::isAccessWhiteListed(const SecurityOrigin* targetOrigin) con
return false;
}
-bool SecurityOrigin::canDisplay(const KURL& url, const String& referrer, Document* document)
+bool SecurityOrigin::canDisplay(const KURL& url) const
{
#if ENABLE(BLOB)
- if (url.protocolIs(BlobURL::blobProtocol()) && document) {
- SecurityOrigin* documentOrigin = document->securityOrigin();
- RefPtr<SecurityOrigin> targetOrigin = SecurityOrigin::create(url);
- return documentOrigin->isSameSchemeHostPort(targetOrigin.get());
- }
+ if (url.protocolIs(BlobURL::blobProtocol()))
+ return canRequest(url);
#endif
+ if (!restrictAccessToLocal())
+ return true;
+
if (!SchemeRegistry::shouldTreatURLAsLocal(url.string()))
return true;
- // If we were provided a document, we first check if the access has been white listed.
- // Then we let its local file police dictate the result.
- // Otherwise we allow local loads only if the supplied referrer is also local.
- if (document) {
- SecurityOrigin* documentOrigin = document->securityOrigin();
- RefPtr<SecurityOrigin> targetOrigin = SecurityOrigin::create(url);
- if (documentOrigin->isAccessWhiteListed(targetOrigin.get()))
- return true;
- return documentOrigin->canLoadLocalResources();
- }
- if (!referrer.isEmpty())
- return SchemeRegistry::shouldTreatURLAsLocal(referrer);
- return false;
+ RefPtr<SecurityOrigin> targetOrigin = SecurityOrigin::create(url);
+ if (isAccessWhiteListed(targetOrigin.get()))
+ return true;
+
+ return canLoadLocalResources();
+}
+
+bool SecurityOrigin::deprecatedCanDisplay(const String& referrer, const KURL& url)
+{
+ if (!restrictAccessToLocal())
+ return true;
+
+ if (!SchemeRegistry::shouldTreatURLAsLocal(url.string()))
+ return true;
+
+ return SchemeRegistry::shouldTreatURLAsLocal(referrer);
}
void SecurityOrigin::grantLoadLocalResources()
diff --git a/WebCore/page/SecurityOrigin.h b/WebCore/page/SecurityOrigin.h
index 132fa5f..4789d3c 100644
--- a/WebCore/page/SecurityOrigin.h
+++ b/WebCore/page/SecurityOrigin.h
@@ -86,9 +86,11 @@ public:
// Returns true if |document| can display content from the given URL (e.g.,
// in an iframe or as an image). For example, web sites generally cannot
- // display content from the user's files system. If |document| is 0,
- // |referrer| is used to make this determination.
- static bool canDisplay(const KURL&, const String& referrer, Document* document);
+ // display content from the user's files system.
+ bool canDisplay(const KURL&) const;
+
+ // FIXME: Remove this function. This function exists only to service FrameLoader.
+ static bool deprecatedCanDisplay(const String& referrer, const KURL& targetURL);
// Returns true if this SecurityOrigin can load local resources, such
// as images, iframes, and style sheets, and can link to local URLs.
diff --git a/WebCore/plugins/PluginView.cpp b/WebCore/plugins/PluginView.cpp
index 6a9eb13..977a3fc 100644
--- a/WebCore/plugins/PluginView.cpp
+++ b/WebCore/plugins/PluginView.cpp
@@ -537,8 +537,8 @@ NPError PluginView::load(const FrameLoadRequest& frameLoadRequest, bool sendNoti
// For security reasons, only allow JS requests to be made on the frame that contains the plug-in.
if (!targetFrameName.isNull() && m_parentFrame->tree()->find(targetFrameName) != m_parentFrame)
return NPERR_INVALID_PARAM;
- } else if (!SecurityOrigin::canDisplay(url, String(), m_parentFrame->document()))
- return NPERR_GENERIC_ERROR;
+ } else if (!m_parentFrame->document()->securityOrigin()->canDisplay(url))
+ return NPERR_GENERIC_ERROR;
PluginRequest* request = new PluginRequest(frameLoadRequest, sendNotification, notifyData, arePopupsAllowed());
scheduleRequest(request);
diff --git a/WebKit/mac/ChangeLog b/WebKit/mac/ChangeLog
index 8603050..4d7e083 100644
--- a/WebKit/mac/ChangeLog
+++ b/WebKit/mac/ChangeLog
@@ -1,3 +1,21 @@
+2010-09-11 Adam Barth <abarth at webkit.org>
+
+ Reviewed by Sam Weinig.
+
+ Make SecurityOrigin::canDisplay an instance function
+ https://bugs.webkit.org/show_bug.cgi?id=45219
+
+ * Plugins/Hosted/NetscapePluginInstanceProxy.mm:
+ (WebKit::NetscapePluginInstanceProxy::loadRequest):
+ * Plugins/WebNetscapePluginStream.mm:
+ (WebNetscapePluginStream::WebNetscapePluginStream):
+ * Plugins/WebNetscapePluginView.mm:
+ (-[WebNetscapePluginView loadRequest:inTarget:withNotifyData:sendNotification:]):
+ * Plugins/WebPluginContainerCheck.mm:
+ (-[WebPluginContainerCheck _isForbiddenFileLoad]):
+ * WebView/WebFrame.mm:
+ (-[WebFrame _allowsFollowingLink:]):
+
2010-09-10 Sam Weinig <sam at webkit.org>
Reviewed by Darin Adler.
diff --git a/WebKit/mac/Plugins/Hosted/NetscapePluginInstanceProxy.mm b/WebKit/mac/Plugins/Hosted/NetscapePluginInstanceProxy.mm
index 88df4cf..c0c480b 100644
--- a/WebKit/mac/Plugins/Hosted/NetscapePluginInstanceProxy.mm
+++ b/WebKit/mac/Plugins/Hosted/NetscapePluginInstanceProxy.mm
@@ -762,7 +762,7 @@ NPError NetscapePluginInstanceProxy::loadRequest(NSURLRequest *request, const ch
return NPERR_GENERIC_ERROR;
}
} else {
- if (!SecurityOrigin::canDisplay(URL, String(), core([m_pluginView webFrame])->document()))
+ if (!core([m_pluginView webFrame])->document()->securityOrigin()->canDisplay(URL))
return NPERR_GENERIC_ERROR;
}
diff --git a/WebKit/mac/Plugins/WebNetscapePluginStream.mm b/WebKit/mac/Plugins/WebNetscapePluginStream.mm
index 35af439..f39b104 100644
--- a/WebKit/mac/Plugins/WebNetscapePluginStream.mm
+++ b/WebKit/mac/Plugins/WebNetscapePluginStream.mm
@@ -161,7 +161,7 @@ WebNetscapePluginStream::WebNetscapePluginStream(NSURLRequest *request, NPP plug
WebNetscapePluginView *view = (WebNetscapePluginView *)plugin->ndata;
// This check has already been done by the plug-in view.
- ASSERT(SecurityOrigin::canDisplay([request URL], String(), core([view webFrame])->document()));
+ ASSERT(core([view webFrame])->document()->securityOrigin()->canDisplay([request URL]));
ASSERT([request URL]);
ASSERT(plugin);
diff --git a/WebKit/mac/Plugins/WebNetscapePluginView.mm b/WebKit/mac/Plugins/WebNetscapePluginView.mm
index e98c6b7..3d5d7a1 100644
--- a/WebKit/mac/Plugins/WebNetscapePluginView.mm
+++ b/WebKit/mac/Plugins/WebNetscapePluginView.mm
@@ -1728,7 +1728,7 @@ static inline void getNPRect(const NSRect& nr, NPRect& npr)
return NPERR_INVALID_PARAM;
}
} else {
- if (!SecurityOrigin::canDisplay(URL, String(), core([self webFrame])->document()))
+ if (!core([self webFrame])->document()->securityOrigin()->canDisplay(URL))
return NPERR_GENERIC_ERROR;
}
diff --git a/WebKit/mac/Plugins/WebPluginContainerCheck.mm b/WebKit/mac/Plugins/WebPluginContainerCheck.mm
index e273bfc..30368a8 100644
--- a/WebKit/mac/Plugins/WebPluginContainerCheck.mm
+++ b/WebKit/mac/Plugins/WebPluginContainerCheck.mm
@@ -99,7 +99,7 @@ using namespace WebCore;
{
Frame* coreFrame = core([_controller webFrame]);
ASSERT(coreFrame);
- if (!SecurityOrigin::canDisplay([_request URL], String(), coreFrame->document())) {
+ if (!coreFrame->document()->securityOrigin()->canDisplay([_request URL])) {
[self _continueWithPolicy:PolicyIgnore];
return YES;
}
diff --git a/WebKit/mac/WebView/WebFrame.mm b/WebKit/mac/WebView/WebFrame.mm
index 2995aef..d222998 100644
--- a/WebKit/mac/WebView/WebFrame.mm
+++ b/WebKit/mac/WebView/WebFrame.mm
@@ -1265,7 +1265,7 @@ static inline WebDataSource *dataSource(DocumentLoader* loader)
{
if (!_private->coreFrame)
return YES;
- return SecurityOrigin::canDisplay(URL, String(), _private->coreFrame->document());
+ return _private->coreFrame->document()->securityOrigin()->canDisplay(URL);
}
- (NSString *)_stringByEvaluatingJavaScriptFromString:(NSString *)string withGlobalObject:(JSObjectRef)globalObjectRef inScriptWorld:(WebScriptWorld *)world
diff --git a/WebKit/win/ChangeLog b/WebKit/win/ChangeLog
index b6fcbcf..369241a 100644
--- a/WebKit/win/ChangeLog
+++ b/WebKit/win/ChangeLog
@@ -1,3 +1,13 @@
+2010-09-11 Adam Barth <abarth at webkit.org>
+
+ Reviewed by Sam Weinig.
+
+ Make SecurityOrigin::canDisplay an instance function
+ https://bugs.webkit.org/show_bug.cgi?id=45219
+
+ * WebFrame.cpp:
+ (WebFrame::allowsFollowingLink):
+
2010-09-10 Jesus Sanchez-Palencia <jesus.palencia at openbossa.org>
Reviewed by Darin Adler.
diff --git a/WebKit/win/WebFrame.cpp b/WebKit/win/WebFrame.cpp
index f6c7a26..1c021f9 100644
--- a/WebKit/win/WebFrame.cpp
+++ b/WebKit/win/WebFrame.cpp
@@ -1345,7 +1345,7 @@ HRESULT WebFrame::allowsFollowingLink(BSTR url, BOOL* result)
if (!frame)
return E_FAIL;
- *result = SecurityOrigin::canDisplay(MarshallingHelpers::BSTRToKURL(url), String(), frame->document());
+ *result = frame->document()->securityOrigin()->canDisplay(MarshallingHelpers::BSTRToKURL(url));
return S_OK;
}
diff --git a/WebKit2/ChangeLog b/WebKit2/ChangeLog
index 98f63be..f3c3359 100644
--- a/WebKit2/ChangeLog
+++ b/WebKit2/ChangeLog
@@ -1,3 +1,13 @@
+2010-09-11 Adam Barth <abarth at webkit.org>
+
+ Reviewed by Sam Weinig.
+
+ Make SecurityOrigin::canDisplay an instance function
+ https://bugs.webkit.org/show_bug.cgi?id=45219
+
+ * WebProcess/Plugins/PluginView.cpp:
+ (WebKit::PluginView::performFrameLoadURLRequest):
+
2010-09-11 Sam Weinig <sam at webkit.org>
Reviewed by Dan Bernstein.
diff --git a/WebKit2/WebProcess/Plugins/PluginView.cpp b/WebKit2/WebProcess/Plugins/PluginView.cpp
index 3e83079..eb2d691 100644
--- a/WebKit2/WebProcess/Plugins/PluginView.cpp
+++ b/WebKit2/WebProcess/Plugins/PluginView.cpp
@@ -514,8 +514,7 @@ void PluginView::performFrameLoadURLRequest(URLRequest* request)
if (!frame)
return;
- // Check if this is URL can be loaded.
- if (!SecurityOrigin::canDisplay(request->request().url(), String(), m_pluginElement->document())) {
+ if (!m_pluginElement->document()->securityOrigin()->canDisplay(request->request().url())) {
// We can't load the request, send back a reply to the plug-in.
m_plugin->frameDidFail(request->requestID(), false);
return;
--
WebKit Debian packaging
More information about the Pkg-webkit-commits
mailing list