[SCM] WebKit Debian packaging branch, webkit-1.3, updated. upstream/1.3.7-4207-g178b198
abarth at webkit.org
abarth at webkit.org
Sun Feb 20 22:45:12 UTC 2011
The following commit has been merged in the webkit-1.3 branch:
commit c655f688b12dfee738e293d2e8363a9cd5fffa40
Author: abarth at webkit.org <abarth at webkit.org@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Date: Tue Jan 11 01:02:01 2011 +0000
2011-01-10 Adam Barth <abarth at webkit.org>
Reviewed by Darin Adler.
Introduce the notion of a "display-isolated" URL scheme for use by
Chrome-internal URLs
https://bugs.webkit.org/show_bug.cgi?id=50182
This patch adds a Chromium API for registering schemes as
display-isolated. In a subsequent patch, I'll change the "chrome"
scheme in Chrome to be display isolated instead of local. That will
prevent file URLs from linking to chrome URLs.
* public/WebSecurityPolicy.h:
* src/WebSecurityPolicy.cpp:
(WebKit::WebSecurityPolicy::registerURLSchemeAsDisplayIsolated):
2011-01-10 Adam Barth <abarth at webkit.org>
Reviewed by Darin Adler.
Introduce the notion of a "display-isolated" URL scheme for use by
Chrome-internal URLs
https://bugs.webkit.org/show_bug.cgi?id=50182
Update to new function name.
* Api/qwebsecurityorigin.cpp:
(QWebSecurityOrigin::localSchemes):
2011-01-10 Adam Barth <abarth at webkit.org>
Reviewed by Darin Adler.
Introduce the notion of a "display-isolated" URL scheme for use by
Chrome-internal URLs
https://bugs.webkit.org/show_bug.cgi?id=50182
This patch adds the basic plumbing for display-isolated URL schemes.
Originally, this patch also had the functional change, but I've split
that off into a separate patch because the original patch caused a
performance regression.
* page/SecurityOrigin.cpp:
(WebCore::SecurityOrigin::canDisplay):
* platform/SchemeRegistry.cpp:
(WebCore::displayIsolatedURLSchemes):
(WebCore::SchemeRegistry::registerURLSchemeAsLocal):
(WebCore::SchemeRegistry::removeURLSchemeRegisteredAsLocal):
(WebCore::SchemeRegistry::localSchemes):
(WebCore::SchemeRegistry::deprecatedShouldTreatURLAsLocal):
(WebCore::SchemeRegistry::shouldTreatURLSchemeAsLocal):
(WebCore::SchemeRegistry::registerURLSchemeAsDisplayIsolated):
(WebCore::SchemeRegistry::shouldTreatURLSchemeAsDisplayIsolated):
* platform/SchemeRegistry.h:
git-svn-id: http://svn.webkit.org/repository/webkit/trunk@75455 268f45cc-cd09-0410-ab3c-d52691b4dbfc
diff --git a/Source/WebCore/ChangeLog b/Source/WebCore/ChangeLog
index ba84174..e450f66 100644
--- a/Source/WebCore/ChangeLog
+++ b/Source/WebCore/ChangeLog
@@ -1,3 +1,29 @@
+2011-01-10 Adam Barth <abarth at webkit.org>
+
+ Reviewed by Darin Adler.
+
+ Introduce the notion of a "display-isolated" URL scheme for use by
+ Chrome-internal URLs
+ https://bugs.webkit.org/show_bug.cgi?id=50182
+
+ This patch adds the basic plumbing for display-isolated URL schemes.
+ Originally, this patch also had the functional change, but I've split
+ that off into a separate patch because the original patch caused a
+ performance regression.
+
+ * page/SecurityOrigin.cpp:
+ (WebCore::SecurityOrigin::canDisplay):
+ * platform/SchemeRegistry.cpp:
+ (WebCore::displayIsolatedURLSchemes):
+ (WebCore::SchemeRegistry::registerURLSchemeAsLocal):
+ (WebCore::SchemeRegistry::removeURLSchemeRegisteredAsLocal):
+ (WebCore::SchemeRegistry::localSchemes):
+ (WebCore::SchemeRegistry::deprecatedShouldTreatURLAsLocal):
+ (WebCore::SchemeRegistry::shouldTreatURLSchemeAsLocal):
+ (WebCore::SchemeRegistry::registerURLSchemeAsDisplayIsolated):
+ (WebCore::SchemeRegistry::shouldTreatURLSchemeAsDisplayIsolated):
+ * platform/SchemeRegistry.h:
+
2011-01-10 Jer Noble <jer.noble at apple.com>
Reviewed by Simon Fraser.
diff --git a/Source/WebCore/page/SecurityOrigin.cpp b/Source/WebCore/page/SecurityOrigin.cpp
index 16de640..821c7d9 100644
--- a/Source/WebCore/page/SecurityOrigin.cpp
+++ b/Source/WebCore/page/SecurityOrigin.cpp
@@ -303,6 +303,7 @@ bool SecurityOrigin::isAccessWhiteListed(const SecurityOrigin* targetOrigin) con
bool SecurityOrigin::canDisplay(const KURL& url) const
{
#if ENABLE(BLOB)
+ // FIXME: We should generalize this check.
if (url.protocolIs(BlobURL::blobProtocol()))
return canRequest(url);
#endif
@@ -310,7 +311,9 @@ bool SecurityOrigin::canDisplay(const KURL& url) const
if (!restrictAccessToLocal())
return true;
- if (!SchemeRegistry::shouldTreatURLAsLocal(url.string()))
+ // FIXME: I suspect this check is incorrect because url has not necessarily
+ // been canonicalized.
+ if (!SchemeRegistry::deprecatedShouldTreatURLAsLocal(url.string()))
return true;
RefPtr<SecurityOrigin> targetOrigin = SecurityOrigin::create(url);
diff --git a/Source/WebCore/platform/SchemeRegistry.cpp b/Source/WebCore/platform/SchemeRegistry.cpp
index 58df51a..617acd3 100644
--- a/Source/WebCore/platform/SchemeRegistry.cpp
+++ b/Source/WebCore/platform/SchemeRegistry.cpp
@@ -45,6 +45,12 @@ static URLSchemesMap& localURLSchemes()
return localSchemes;
}
+static URLSchemesMap& displayIsolatedURLSchemes()
+{
+ DEFINE_STATIC_LOCAL(URLSchemesMap, displayIsolatedSchemes, ());
+ return displayIsolatedSchemes;
+}
+
static URLSchemesMap& secureSchemes()
{
DEFINE_STATIC_LOCAL(URLSchemesMap, secureSchemes, ());
@@ -82,7 +88,7 @@ static URLSchemesMap& emptyDocumentSchemes()
void SchemeRegistry::registerURLSchemeAsLocal(const String& scheme)
{
- WebCore::localURLSchemes().add(scheme);
+ localURLSchemes().add(scheme);
}
void SchemeRegistry::removeURLSchemeRegisteredAsLocal(const String& scheme)
@@ -93,15 +99,15 @@ void SchemeRegistry::removeURLSchemeRegisteredAsLocal(const String& scheme)
if (scheme == "applewebdata")
return;
#endif
- WebCore::localURLSchemes().remove(scheme);
+ localURLSchemes().remove(scheme);
}
-const URLSchemesMap& SchemeRegistry::localURLSchemes()
+const URLSchemesMap& SchemeRegistry::localSchemes()
{
- return WebCore::localURLSchemes();
+ return localURLSchemes();
}
-bool SchemeRegistry::shouldTreatURLAsLocal(const String& url)
+bool SchemeRegistry::deprecatedShouldTreatURLAsLocal(const String& url)
{
// This avoids an allocation of another String and the HashSet contains()
// call for the file: and http: schemes.
@@ -118,7 +124,7 @@ bool SchemeRegistry::shouldTreatURLAsLocal(const String& url)
return false;
String scheme = url.left(loc);
- return WebCore::localURLSchemes().contains(scheme);
+ return localURLSchemes().contains(scheme);
}
bool SchemeRegistry::shouldTreatURLSchemeAsLocal(const String& scheme)
@@ -136,7 +142,7 @@ bool SchemeRegistry::shouldTreatURLSchemeAsLocal(const String& scheme)
if (scheme.isEmpty())
return false;
- return WebCore::localURLSchemes().contains(scheme);
+ return localURLSchemes().contains(scheme);
}
void SchemeRegistry::registerURLSchemeAsNoAccess(const String& scheme)
@@ -149,6 +155,16 @@ bool SchemeRegistry::shouldTreatURLSchemeAsNoAccess(const String& scheme)
return schemesWithUniqueOrigins().contains(scheme);
}
+void SchemeRegistry::registerURLSchemeAsDisplayIsolated(const String& scheme)
+{
+ displayIsolatedURLSchemes().add(scheme);
+}
+
+bool SchemeRegistry::shouldTreatURLSchemeAsDisplayIsolated(const String& scheme)
+{
+ return displayIsolatedURLSchemes().contains(scheme);
+}
+
void SchemeRegistry::registerURLSchemeAsSecure(const String& scheme)
{
secureSchemes().add(scheme);
diff --git a/Source/WebCore/platform/SchemeRegistry.h b/Source/WebCore/platform/SchemeRegistry.h
index 56e3b33..9d79b3f 100644
--- a/Source/WebCore/platform/SchemeRegistry.h
+++ b/Source/WebCore/platform/SchemeRegistry.h
@@ -38,10 +38,10 @@ class SchemeRegistry {
public:
static void registerURLSchemeAsLocal(const String&);
static void removeURLSchemeRegisteredAsLocal(const String&);
- static const URLSchemesMap& localURLSchemes();
+ static const URLSchemesMap& localSchemes();
- static bool shouldTreatURLAsLocal(const String&);
static bool shouldTreatURLSchemeAsLocal(const String&);
+ static bool deprecatedShouldTreatURLAsLocal(const String&);
// Secure schemes do not trigger mixed content warnings. For example,
// https and data are secure schemes because they cannot be corrupted by
@@ -51,7 +51,12 @@ public:
static void registerURLSchemeAsNoAccess(const String&);
static bool shouldTreatURLSchemeAsNoAccess(const String&);
-
+
+ // Display-isolated schemes can only be displayed (in the sense of
+ // SecurityOrigin::canDisplay) by documents from the same scheme.
+ static void registerURLSchemeAsDisplayIsolated(const String&);
+ static bool shouldTreatURLSchemeAsDisplayIsolated(const String&);
+
static void registerURLSchemeAsEmptyDocument(const String&);
static bool shouldLoadURLSchemeAsEmptyDocument(const String&);
};
diff --git a/WebKit/chromium/ChangeLog b/WebKit/chromium/ChangeLog
index 49501c5..41c2801 100644
--- a/WebKit/chromium/ChangeLog
+++ b/WebKit/chromium/ChangeLog
@@ -1,3 +1,20 @@
+2011-01-10 Adam Barth <abarth at webkit.org>
+
+ Reviewed by Darin Adler.
+
+ Introduce the notion of a "display-isolated" URL scheme for use by
+ Chrome-internal URLs
+ https://bugs.webkit.org/show_bug.cgi?id=50182
+
+ This patch adds a Chromium API for registering schemes as
+ display-isolated. In a subsequent patch, I'll change the "chrome"
+ scheme in Chrome to be display isolated instead of local. That will
+ prevent file URLs from linking to chrome URLs.
+
+ * public/WebSecurityPolicy.h:
+ * src/WebSecurityPolicy.cpp:
+ (WebKit::WebSecurityPolicy::registerURLSchemeAsDisplayIsolated):
+
2011-01-10 John Abd-El-Malek <jam at chromium.org>
Reviewed by James Robinson.
diff --git a/WebKit/chromium/public/WebSecurityPolicy.h b/WebKit/chromium/public/WebSecurityPolicy.h
index f15dd75..9cf293d 100644
--- a/WebKit/chromium/public/WebSecurityPolicy.h
+++ b/WebKit/chromium/public/WebSecurityPolicy.h
@@ -41,15 +41,21 @@ class WebURL;
class WebSecurityPolicy {
public:
// Registers a URL scheme to be treated as a local scheme (i.e., with the
- // same security rules as those applied to "file" URLs). This means that
+ // same security rules as those applied to "file" URLs). This means that
// normal pages cannot link to or access URLs of this scheme.
WEBKIT_API static void registerURLSchemeAsLocal(const WebString&);
- // Registers a URL scheme to be treated as a noAccess scheme. This means
+ // Registers a URL scheme to be treated as a noAccess scheme. This means
// that pages loaded with this URL scheme cannot access pages loaded with
// any other URL scheme.
WEBKIT_API static void registerURLSchemeAsNoAccess(const WebString&);
+ // Registers a URL scheme to be treated as display-isolated. This means
+ // that pages cannot display these URLs unless they are from the same
+ // scheme. For example, pages in other origin cannot create iframes or
+ // hyperlinks to URLs with the scheme.
+ WEBKIT_API static void registerURLSchemeAsDisplayIsolated(const WebString&);
+
// Registers a URL scheme to not generate mixed content warnings when
// included by an HTTPS page.
WEBKIT_API static void registerURLSchemeAsSecure(const WebString&);
@@ -62,7 +68,7 @@ public:
const WebURL& sourceOrigin, const WebString& destinationProtocol,
const WebString& destinationHost, bool allowDestinationSubdomains);
WEBKIT_API static void resetOriginAccessWhitelists();
-
+
// Returns whether the url should be allowed to see the referrer
// based on their respective protocols.
WEBKIT_API static bool shouldHideReferrer(const WebURL& url, const WebString& referrer);
diff --git a/WebKit/chromium/src/WebSecurityPolicy.cpp b/WebKit/chromium/src/WebSecurityPolicy.cpp
index 58d0893..8e4e702 100644
--- a/WebKit/chromium/src/WebSecurityPolicy.cpp
+++ b/WebKit/chromium/src/WebSecurityPolicy.cpp
@@ -52,6 +52,11 @@ void WebSecurityPolicy::registerURLSchemeAsNoAccess(const WebString& scheme)
SchemeRegistry::registerURLSchemeAsNoAccess(scheme);
}
+void WebSecurityPolicy::registerURLSchemeAsDisplayIsolated(const WebString& scheme)
+{
+ SchemeRegistry::registerURLSchemeAsDisplayIsolated(scheme);
+}
+
void WebSecurityPolicy::registerURLSchemeAsSecure(const WebString& scheme)
{
SchemeRegistry::registerURLSchemeAsSecure(scheme);
diff --git a/WebKit/qt/Api/qwebsecurityorigin.cpp b/WebKit/qt/Api/qwebsecurityorigin.cpp
index 08e8f69..97f887a 100644
--- a/WebKit/qt/Api/qwebsecurityorigin.cpp
+++ b/WebKit/qt/Api/qwebsecurityorigin.cpp
@@ -259,7 +259,7 @@ void QWebSecurityOrigin::removeLocalScheme(const QString& scheme)
QStringList QWebSecurityOrigin::localSchemes()
{
QStringList list;
- const URLSchemesMap& map = SchemeRegistry::localURLSchemes();
+ const URLSchemesMap& map = SchemeRegistry::localSchemes();
URLSchemesMap::const_iterator end = map.end();
for (URLSchemesMap::const_iterator i = map.begin(); i != end; ++i) {
const QString scheme = *i;
diff --git a/WebKit/qt/ChangeLog b/WebKit/qt/ChangeLog
index ce716d4..a730b25 100644
--- a/WebKit/qt/ChangeLog
+++ b/WebKit/qt/ChangeLog
@@ -1,3 +1,16 @@
+2011-01-10 Adam Barth <abarth at webkit.org>
+
+ Reviewed by Darin Adler.
+
+ Introduce the notion of a "display-isolated" URL scheme for use by
+ Chrome-internal URLs
+ https://bugs.webkit.org/show_bug.cgi?id=50182
+
+ Update to new function name.
+
+ * Api/qwebsecurityorigin.cpp:
+ (QWebSecurityOrigin::localSchemes):
+
2011-01-10 Benjamin Poulain <benjamin.poulain at nokia.com>
Reviewed by Kenneth Rohde Christiansen.
--
WebKit Debian packaging
More information about the Pkg-webkit-commits
mailing list