[SCM] WebKit Debian packaging branch, webkit-1.3, updated. upstream/1.3.7-4207-g178b198
abarth at webkit.org
abarth at webkit.org
Sun Feb 20 22:49:34 UTC 2011
The following commit has been merged in the webkit-1.3 branch:
commit 75a12a2bfb64cfddd720ddbc28ea17f3cba67dfd
Author: abarth at webkit.org <abarth at webkit.org@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Date: Tue Jan 11 22:53:39 2011 +0000
2011-01-11 Adam Barth <abarth at webkit.org>
Reviewed by Eric Seidel.
Introduce the notion of a "display-isolated" URL scheme for use by
Chrome-internal URLs
https://bugs.webkit.org/show_bug.cgi?id=50182
This patch actually makes the display-isolated schemes display
isolated. The behavior should be the same as the previous iteration of
this patch, but re-organized a bit because reading the access white
list is expensive.
* page/SecurityOrigin.cpp:
(WebCore::SecurityOrigin::isAccessToURLWhiteListed):
(WebCore::SecurityOrigin::canDisplay):
* page/SecurityOrigin.h:
* platform/SchemeRegistry.cpp:
* platform/SchemeRegistry.h:
git-svn-id: http://svn.webkit.org/repository/webkit/trunk@75557 268f45cc-cd09-0410-ab3c-d52691b4dbfc
diff --git a/Source/WebCore/ChangeLog b/Source/WebCore/ChangeLog
index 0a2b6e2..e1cd3d1 100644
--- a/Source/WebCore/ChangeLog
+++ b/Source/WebCore/ChangeLog
@@ -1,3 +1,23 @@
+2011-01-11 Adam Barth <abarth at webkit.org>
+
+ Reviewed by Eric Seidel.
+
+ Introduce the notion of a "display-isolated" URL scheme for use by
+ Chrome-internal URLs
+ https://bugs.webkit.org/show_bug.cgi?id=50182
+
+ This patch actually makes the display-isolated schemes display
+ isolated. The behavior should be the same as the previous iteration of
+ this patch, but re-organized a bit because reading the access white
+ list is expensive.
+
+ * page/SecurityOrigin.cpp:
+ (WebCore::SecurityOrigin::isAccessToURLWhiteListed):
+ (WebCore::SecurityOrigin::canDisplay):
+ * page/SecurityOrigin.h:
+ * platform/SchemeRegistry.cpp:
+ * platform/SchemeRegistry.h:
+
2011-01-11 Mihai Parparita <mihaip at chromium.org>
Reviewed by Darin Fisher.
diff --git a/Source/WebCore/page/SecurityOrigin.cpp b/Source/WebCore/page/SecurityOrigin.cpp
index 821c7d9..789fdf9 100644
--- a/Source/WebCore/page/SecurityOrigin.cpp
+++ b/Source/WebCore/page/SecurityOrigin.cpp
@@ -299,28 +299,30 @@ bool SecurityOrigin::isAccessWhiteListed(const SecurityOrigin* targetOrigin) con
}
return false;
}
-
+
+bool SecurityOrigin::isAccessToURLWhiteListed(const KURL& url) const
+{
+ RefPtr<SecurityOrigin> targetOrigin = SecurityOrigin::create(url);
+ return isAccessWhiteListed(targetOrigin.get());
+}
+
bool SecurityOrigin::canDisplay(const KURL& url) const
{
+ String protocol = url.protocol().lower();
+
#if ENABLE(BLOB)
// FIXME: We should generalize this check.
- if (url.protocolIs(BlobURL::blobProtocol()))
+ if (protocol == BlobURL::blobProtocol())
return canRequest(url);
#endif
- if (!restrictAccessToLocal())
- return true;
+ if (SchemeRegistry::shouldTreatURLSchemeAsDisplayIsolated(protocol))
+ return m_protocol == protocol || isAccessToURLWhiteListed(url);
- // FIXME: I suspect this check is incorrect because url has not necessarily
- // been canonicalized.
- if (!SchemeRegistry::deprecatedShouldTreatURLAsLocal(url.string()))
- return true;
+ if (restrictAccessToLocal() && SchemeRegistry::shouldTreatURLSchemeAsLocal(protocol))
+ return canLoadLocalResources() || isAccessToURLWhiteListed(url);
- RefPtr<SecurityOrigin> targetOrigin = SecurityOrigin::create(url);
- if (isAccessWhiteListed(targetOrigin.get()))
- return true;
-
- return canLoadLocalResources();
+ return true;
}
void SecurityOrigin::grantLoadLocalResources()
diff --git a/Source/WebCore/page/SecurityOrigin.h b/Source/WebCore/page/SecurityOrigin.h
index 61f6ab8..f27c593 100644
--- a/Source/WebCore/page/SecurityOrigin.h
+++ b/Source/WebCore/page/SecurityOrigin.h
@@ -193,9 +193,11 @@ private:
SecurityOrigin(const KURL&, SandboxFlags);
explicit SecurityOrigin(const SecurityOrigin*);
- bool passesFileCheck(const SecurityOrigin* other) const;
+ // FIXME: Rename this function to something more semantic.
+ bool passesFileCheck(const SecurityOrigin*) const;
- bool isAccessWhiteListed(const SecurityOrigin* targetOrigin) const;
+ bool isAccessWhiteListed(const SecurityOrigin*) const;
+ bool isAccessToURLWhiteListed(const KURL&) const;
SandboxFlags m_sandboxFlags;
String m_protocol;
diff --git a/Source/WebCore/platform/SchemeRegistry.cpp b/Source/WebCore/platform/SchemeRegistry.cpp
index 617acd3..f4891d5 100644
--- a/Source/WebCore/platform/SchemeRegistry.cpp
+++ b/Source/WebCore/platform/SchemeRegistry.cpp
@@ -107,26 +107,6 @@ const URLSchemesMap& SchemeRegistry::localSchemes()
return localURLSchemes();
}
-bool SchemeRegistry::deprecatedShouldTreatURLAsLocal(const String& url)
-{
- // This avoids an allocation of another String and the HashSet contains()
- // call for the file: and http: schemes.
- if (url.length() >= 5) {
- const UChar* s = url.characters();
- if (s[0] == 'h' && s[1] == 't' && s[2] == 't' && s[3] == 'p' && s[4] == ':')
- return false;
- if (s[0] == 'f' && s[1] == 'i' && s[2] == 'l' && s[3] == 'e' && s[4] == ':')
- return true;
- }
-
- size_t loc = url.find(':');
- if (loc == notFound)
- return false;
-
- String scheme = url.left(loc);
- return localURLSchemes().contains(scheme);
-}
-
bool SchemeRegistry::shouldTreatURLSchemeAsLocal(const String& scheme)
{
// This avoids an allocation of another String and the HashSet contains()
diff --git a/Source/WebCore/platform/SchemeRegistry.h b/Source/WebCore/platform/SchemeRegistry.h
index 9d79b3f..530fcab 100644
--- a/Source/WebCore/platform/SchemeRegistry.h
+++ b/Source/WebCore/platform/SchemeRegistry.h
@@ -41,7 +41,6 @@ public:
static const URLSchemesMap& localSchemes();
static bool shouldTreatURLSchemeAsLocal(const String&);
- static bool deprecatedShouldTreatURLAsLocal(const String&);
// Secure schemes do not trigger mixed content warnings. For example,
// https and data are secure schemes because they cannot be corrupted by
--
WebKit Debian packaging
More information about the Pkg-webkit-commits
mailing list