[SCM] WebKit Debian packaging branch, debian/unstable, updated. debian/1.1.18-1-697-g2f78b87
abarth at webkit.org
abarth at webkit.org
Wed Jan 20 22:20:31 UTC 2010
The following commit has been merged in the debian/unstable branch:
commit 9b2fc9fde045f25f1913e4d74183739b50feefa4
Author: abarth at webkit.org <abarth at webkit.org@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Date: Tue Jan 12 10:42:06 2010 +0000
2010-01-12 Jakub Wieczorek <faw217 at gmail.com>
Reviewed by Adam Barth.
[Qt] XSL stylesheets can load documents from a different origin
https://bugs.webkit.org/show_bug.cgi?id=33423
Add two expected results for Qt:
QXmlQuery has a different behaviour with regard to loading failures
comparing to libxslt.
* platform/qt/http/tests/security/xss-DENIED-xsl-document-expected.txt:
* platform/qt/http/tests/security/xss-DENIED-xsl-document-redirect-expected.txt:
2010-01-12 Jakub Wieczorek <faw217 at gmail.com>
Reviewed by Adam Barth.
[Qt] XSL stylesheets can load documents from a different origin
https://bugs.webkit.org/show_bug.cgi?id=33423
* xml/XSLTProcessorQt.cpp:
(WebCore::XSLTUriResolver::XSLTUriResolver):
(WebCore::XSLTUriResolver::resolve):
(WebCore::XSLTProcessor::transformToString):
git-svn-id: http://svn.webkit.org/repository/webkit/trunk@53127 268f45cc-cd09-0410-ab3c-d52691b4dbfc
diff --git a/LayoutTests/ChangeLog b/LayoutTests/ChangeLog
index 7ef7f92..4defd6d 100644
--- a/LayoutTests/ChangeLog
+++ b/LayoutTests/ChangeLog
@@ -1,3 +1,18 @@
+2010-01-12 Jakub Wieczorek <faw217 at gmail.com>
+
+ Reviewed by Adam Barth.
+
+ [Qt] XSL stylesheets can load documents from a different origin
+
+ https://bugs.webkit.org/show_bug.cgi?id=33423
+
+ Add two expected results for Qt:
+ QXmlQuery has a different behaviour with regard to loading failures
+ comparing to libxslt.
+
+ * platform/qt/http/tests/security/xss-DENIED-xsl-document-expected.txt:
+ * platform/qt/http/tests/security/xss-DENIED-xsl-document-redirect-expected.txt:
+
2010-01-12 Simon Hausmann <simon.hausmann at nokia.com>
Reviewed by Adam Barth.
diff --git a/LayoutTests/platform/gtk/dom/xhtml/level3/core/canonicalform08-expected.txt b/LayoutTests/platform/qt/http/tests/security/xss-DENIED-xsl-document-expected.txt
similarity index 100%
copy from LayoutTests/platform/gtk/dom/xhtml/level3/core/canonicalform08-expected.txt
copy to LayoutTests/platform/qt/http/tests/security/xss-DENIED-xsl-document-expected.txt
diff --git a/LayoutTests/platform/gtk/dom/xhtml/level3/core/canonicalform08-expected.txt b/LayoutTests/platform/qt/http/tests/security/xss-DENIED-xsl-document-redirect-expected.txt
similarity index 100%
copy from LayoutTests/platform/gtk/dom/xhtml/level3/core/canonicalform08-expected.txt
copy to LayoutTests/platform/qt/http/tests/security/xss-DENIED-xsl-document-redirect-expected.txt
diff --git a/WebCore/ChangeLog b/WebCore/ChangeLog
index 7bc6ca0..67f2275 100644
--- a/WebCore/ChangeLog
+++ b/WebCore/ChangeLog
@@ -1,3 +1,16 @@
+2010-01-12 Jakub Wieczorek <faw217 at gmail.com>
+
+ Reviewed by Adam Barth.
+
+ [Qt] XSL stylesheets can load documents from a different origin
+
+ https://bugs.webkit.org/show_bug.cgi?id=33423
+
+ * xml/XSLTProcessorQt.cpp:
+ (WebCore::XSLTUriResolver::XSLTUriResolver):
+ (WebCore::XSLTUriResolver::resolve):
+ (WebCore::XSLTProcessor::transformToString):
+
2010-01-12 Joanmarie Diggs <joanmarie.diggs at gmail.com>
Reviewed by Gustavo Noronha Silva.
diff --git a/WebCore/xml/XSLTProcessorQt.cpp b/WebCore/xml/XSLTProcessorQt.cpp
index 50ee427..3e05ca0 100644
--- a/WebCore/xml/XSLTProcessorQt.cpp
+++ b/WebCore/xml/XSLTProcessorQt.cpp
@@ -36,6 +36,7 @@
#include <wtf/Vector.h>
#include <qabstractmessagehandler.h>
+#include <qabstracturiresolver.h>
#include <qbuffer.h>
#include <qsourcelocation.h>
#include <qxmlquery.h>
@@ -87,6 +88,31 @@ void XSLTMessageHandler::handleMessage(QtMsgType type, const QString& descriptio
sourceLocation.line(), sourceLocation.uri().toString());
}
+class XSLTUriResolver : public QAbstractUriResolver {
+
+public:
+ XSLTUriResolver(Document* document);
+ virtual QUrl resolve(const QUrl& relative, const QUrl& baseURI) const;
+
+private:
+ Document* m_document;
+};
+
+XSLTUriResolver::XSLTUriResolver(Document* document)
+ : QAbstractUriResolver()
+ , m_document(document)
+{
+}
+
+QUrl XSLTUriResolver::resolve(const QUrl& relative, const QUrl& baseURI) const
+{
+ QUrl url = baseURI.resolved(relative);
+
+ if (!m_document->frame() || !m_document->securityOrigin()->canRequest(url))
+ return QUrl();
+ return url;
+}
+
bool XSLTProcessor::transformToString(Node* sourceNode, String&, String& resultString, String&)
{
bool success = false;
@@ -107,6 +133,7 @@ bool XSLTProcessor::transformToString(Node* sourceNode, String&, String& resultS
QXmlQuery query(QXmlQuery::XSLT20);
XSLTMessageHandler messageHandler(ownerDocument.get());
+ XSLTUriResolver uriResolver(ownerDocument.get());
query.setMessageHandler(&messageHandler);
XSLTProcessor::ParameterMap::iterator end = m_parameters.end();
@@ -132,6 +159,9 @@ bool XSLTProcessor::transformToString(Node* sourceNode, String&, String& resultS
query.setFocus(&inputBuffer);
query.setQuery(&styleSheetBuffer, QUrl(stylesheet->href()));
+
+ query.setUriResolver(&uriResolver);
+
success = query.evaluateTo(&outputBuffer);
outputBuffer.reset();
resultString = QString::fromUtf8(outputBuffer.readAll()).trimmed();
--
WebKit Debian packaging
More information about the Pkg-webkit-commits
mailing list