[SCM] WebKit Debian packaging branch, debian/experimental, updated. upstream/1.3.3-10851-g50815da
ossy at webkit.org
ossy at webkit.org
Wed Dec 22 18:12:01 UTC 2010
The following commit has been merged in the debian/experimental branch:
commit 8212c7dd4eb37b76ba128bd5247de5f46f2e4fb2
Author: ossy at webkit.org <ossy at webkit.org@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Date: Wed Dec 8 19:02:23 2010 +0000
2010-12-08 Csaba Osztrogonác <ossy at webkit.org>
Unreviewed, rolling out r73521.
http://trac.webkit.org/changeset/73521
https://bugs.webkit.org/show_bug.cgi?id=50640
It broke 90 layout tests
* bindings/js/JSDOMBinding.cpp:
(WebCore::printErrorMessageForFrame):
* bindings/js/JSDOMWindowBase.cpp:
(WebCore::JSDOMWindowBase::crossDomainAccessErrorMessage):
* bindings/js/JSDOMWindowCustom.cpp:
(WebCore::JSDOMWindow::setLocation):
* page/DOMWindow.cpp:
* page/DOMWindow.h:
git-svn-id: http://svn.webkit.org/repository/webkit/trunk@73532 268f45cc-cd09-0410-ab3c-d52691b4dbfc
diff --git a/WebCore/ChangeLog b/WebCore/ChangeLog
index ffb18a0..7e8d219 100644
--- a/WebCore/ChangeLog
+++ b/WebCore/ChangeLog
@@ -1,3 +1,20 @@
+2010-12-08 Csaba Osztrogonác <ossy at webkit.org>
+
+ Unreviewed, rolling out r73521.
+ http://trac.webkit.org/changeset/73521
+ https://bugs.webkit.org/show_bug.cgi?id=50640
+
+ It broke 90 layout tests
+
+ * bindings/js/JSDOMBinding.cpp:
+ (WebCore::printErrorMessageForFrame):
+ * bindings/js/JSDOMWindowBase.cpp:
+ (WebCore::JSDOMWindowBase::crossDomainAccessErrorMessage):
+ * bindings/js/JSDOMWindowCustom.cpp:
+ (WebCore::JSDOMWindow::setLocation):
+ * page/DOMWindow.cpp:
+ * page/DOMWindow.h:
+
2010-12-08 David Hyatt <hyatt at apple.com>
Reviewed by Anders Carlsson.
diff --git a/WebCore/bindings/js/JSDOMBinding.cpp b/WebCore/bindings/js/JSDOMBinding.cpp
index 4aca314..0d94b44 100644
--- a/WebCore/bindings/js/JSDOMBinding.cpp
+++ b/WebCore/bindings/js/JSDOMBinding.cpp
@@ -697,7 +697,16 @@ void printErrorMessageForFrame(Frame* frame, const String& message)
{
if (!frame)
return;
- frame->domWindow()->printErrorMessage(message);
+ if (message.isEmpty())
+ return;
+
+ Settings* settings = frame->settings();
+ if (!settings)
+ return;
+ if (settings->privateBrowsingEnabled())
+ return;
+
+ frame->domWindow()->console()->addMessage(JSMessageSource, LogMessageType, ErrorMessageLevel, message, 1, String()); // FIXME: provide a real line number and source URL.
}
Frame* toLexicalFrame(ExecState* exec)
diff --git a/WebCore/bindings/js/JSDOMWindowBase.cpp b/WebCore/bindings/js/JSDOMWindowBase.cpp
index 0bd9c0b..ad4e2f7 100644
--- a/WebCore/bindings/js/JSDOMWindowBase.cpp
+++ b/WebCore/bindings/js/JSDOMWindowBase.cpp
@@ -77,7 +77,14 @@ ScriptExecutionContext* JSDOMWindowBase::scriptExecutionContext() const
String JSDOMWindowBase::crossDomainAccessErrorMessage(const JSGlobalObject* other) const
{
- return impl()->crossDomainAccessErrorMessage(asJSDOMWindow(other)->impl()->frame());
+ KURL originURL = asJSDOMWindow(other)->impl()->url();
+ KURL targetURL = d()->shell->window()->impl()->url();
+ if (originURL.isNull() || targetURL.isNull())
+ return String();
+
+ // FIXME: this error message should contain more specifics of why the same origin check has failed.
+ return makeString("Unsafe JavaScript attempt to access frame with URL ", targetURL.string(),
+ " from frame with URL ", originURL.string(), ". Domains, protocols and ports must match.\n");
}
void JSDOMWindowBase::printErrorMessage(const String& message) const
diff --git a/WebCore/bindings/js/JSDOMWindowCustom.cpp b/WebCore/bindings/js/JSDOMWindowCustom.cpp
index aeb6bab..9048120 100644
--- a/WebCore/bindings/js/JSDOMWindowCustom.cpp
+++ b/WebCore/bindings/js/JSDOMWindowCustom.cpp
@@ -34,6 +34,11 @@
#include "HTMLDocument.h"
#include "History.h"
#include "JSAudioConstructor.h"
+
+#if ENABLE(WEB_AUDIO)
+#include "JSAudioContext.h"
+#endif
+
#include "JSDOMWindowShell.h"
#include "JSEvent.h"
#include "JSEventListener.h"
@@ -46,8 +51,27 @@
#include "JSMessagePort.h"
#include "JSMessagePortCustom.h"
#include "JSOptionConstructor.h"
+
+#if ENABLE(SHARED_WORKERS)
+#include "JSSharedWorker.h"
+#endif
+
+#if ENABLE(3D_CANVAS) || ENABLE(BLOB)
+#include "JSArrayBuffer.h"
+#include "JSDataView.h"
+#include "JSInt8Array.h"
+#include "JSUint8Array.h"
+#include "JSInt32Array.h"
+#include "JSUint32Array.h"
+#include "JSInt16Array.h"
+#include "JSUint16Array.h"
+#include "JSFloat32Array.h"
+#endif
#include "JSWebKitCSSMatrix.h"
#include "JSWebKitPoint.h"
+#if ENABLE(WEB_SOCKETS)
+#include "JSWebSocket.h"
+#endif
#include "JSWorker.h"
#include "JSXMLHttpRequest.h"
#include "JSXSLTProcessor.h"
@@ -70,30 +94,6 @@
#include <runtime/PrototypeFunction.h>
#include <wtf/text/AtomicString.h>
-#if ENABLE(3D_CANVAS) || ENABLE(BLOB)
-#include "JSArrayBuffer.h"
-#include "JSDataView.h"
-#include "JSFloat32Array.h"
-#include "JSInt16Array.h"
-#include "JSInt32Array.h"
-#include "JSInt8Array.h"
-#include "JSUint16Array.h"
-#include "JSUint32Array.h"
-#include "JSUint8Array.h"
-#endif
-
-#if ENABLE(SHARED_WORKERS)
-#include "JSSharedWorker.h"
-#endif
-
-#if ENABLE(WEB_AUDIO)
-#include "JSAudioContext.h"
-#endif
-
-#if ENABLE(WEB_SOCKETS)
-#include "JSWebSocket.h"
-#endif
-
using namespace JSC;
namespace WebCore {
@@ -490,18 +490,15 @@ JSValue JSDOMWindow::location(ExecState* exec) const
void JSDOMWindow::setLocation(ExecState* exec, JSValue value)
{
- Frame* activeFrame = toLexicalFrame(exec);
- if (!activeFrame)
- return;
- Frame* firstFrame = toDynamicFrame(exec);
- if (!firstFrame)
+ Frame* lexicalFrame = toLexicalFrame(exec);
+ if (!lexicalFrame)
return;
#if ENABLE(DASHBOARD_SUPPORT)
// To avoid breaking old widgets, make "var location =" in a top-level frame create
// a property named "location" instead of performing a navigation (<rdar://problem/5688039>).
- if (Settings* settings = activeFrame->settings()) {
- if (settings->usesDashboardBackwardCompatibilityMode() && !activeFrame->tree()->parent()) {
+ if (Settings* settings = lexicalFrame->settings()) {
+ if (settings->usesDashboardBackwardCompatibilityMode() && !lexicalFrame->tree()->parent()) {
if (allowsAccessFrom(exec))
putDirect(Identifier(exec, "location"), value);
return;
@@ -509,11 +506,21 @@ void JSDOMWindow::setLocation(ExecState* exec, JSValue value)
}
#endif
- UString locationString = value.toString(exec);
- if (exec->hadException())
+ Frame* frame = impl()->frame();
+ ASSERT(frame);
+
+ KURL url = completeURL(exec, ustringToString(value.toString(exec)));
+ if (url.isNull())
return;
- impl()->setLocation(ustringToString(locationString), activeFrame, firstFrame);
+ if (!shouldAllowNavigation(exec, frame))
+ return;
+
+ if (!protocolIsJavaScript(url) || allowsAccessFrom(exec)) {
+ // We want a new history item if this JS was called via a user gesture.
+ frame->navigationScheduler()->scheduleLocationChange(lexicalFrame->document()->securityOrigin(),
+ url, lexicalFrame->loader()->outgoingReferrer(), !lexicalFrame->script()->anyPageIsProcessingUserGesture(), false);
+ }
}
JSValue JSDOMWindow::crypto(ExecState*) const
diff --git a/WebCore/page/DOMWindow.cpp b/WebCore/page/DOMWindow.cpp
index 8453674..ebb3db5 100644
--- a/WebCore/page/DOMWindow.cpp
+++ b/WebCore/page/DOMWindow.cpp
@@ -1618,61 +1618,4 @@ void DOMWindow::revokeObjectURL(const String& blobURLString)
}
#endif
-void DOMWindow::setLocation(const String& location, Frame* activeFrame, Frame* firstFrame)
-{
- if (!activeFrame)
- return;
- if (!firstFrame)
- return;
-
- KURL locationURL = firstFrame->loader()->completeURL(location);
- if (locationURL.isNull())
- return;
-
- if (!activeFrame->loader()->shouldAllowNavigation(m_frame))
- return;
-
- if (protocolIsJavaScript(locationURL)) {
- // FIXME: Is there some way to eliminate the need for a separate "activeFrame != m_frame" check?
- // FIXME: The name canAccess seems to be a roundabout way to ask "can execute script".
- // Can we name the SecurityOrigin function better to make this more clear?
- if (activeFrame != m_frame && !activeFrame->domWindow()->securityOrigin()->canAccess(securityOrigin())) {
- printErrorMessage(crossDomainAccessErrorMessage(activeFrame));
- return;
- }
- }
-
- // We want a new history item if we are processing a user gesture.
- m_frame->navigationScheduler()->scheduleLocationChange(activeFrame->document()->securityOrigin(),
- locationURL, activeFrame->loader()->outgoingReferrer(),
- !activeFrame->script()->anyPageIsProcessingUserGesture(), false);
-}
-
-void DOMWindow::printErrorMessage(const String& message)
-{
- if (message.isEmpty())
- return;
-
- Settings* settings = m_frame->settings();
- if (!settings)
- return;
- if (settings->privateBrowsingEnabled())
- return;
-
- // FIXME: Add arguments so that we can provide a correct source URL and line number.
- console()->addMessage(JSMessageSource, LogMessageType, ErrorMessageLevel, message, 1, String());
-}
-
-String DOMWindow::crossDomainAccessErrorMessage(Frame* activeFrame)
-{
- const KURL& activeFrameURL = activeFrame->domWindow()->url();
- if (activeFrameURL.isNull())
- return String();
-
- // FIXME: This error message should contain more specifics of why the same origin check has failed.
- // Perhaps we should involve the security origin object in composing it.
- return makeString("Unsafe JavaScript attempt to access frame with URL ", m_url.string(),
- " from frame with URL ", activeFrameURL.string(), ". Domains, protocols and ports must match.");
-}
-
} // namespace WebCore
diff --git a/WebCore/page/DOMWindow.h b/WebCore/page/DOMWindow.h
index 332109c..68b21ff 100644
--- a/WebCore/page/DOMWindow.h
+++ b/WebCore/page/DOMWindow.h
@@ -141,8 +141,6 @@ namespace WebCore {
#endif
Location* location() const;
- void setLocation(const String& location, Frame* activeFrame, Frame* firstFrame);
-
DOMSelection* getSelection();
Element* frameElement() const;
@@ -228,9 +226,6 @@ namespace WebCore {
Console* console() const;
- void printErrorMessage(const String&);
- String crossDomainAccessErrorMessage(Frame* activeFrame);
-
#if ENABLE(OFFLINE_WEB_APPLICATIONS)
DOMApplicationCache* applicationCache() const;
#endif
--
WebKit Debian packaging
More information about the Pkg-webkit-commits
mailing list