Skip to content
Permalink
Browse files
2010-09-06 Adam Barth <abarth@webkit.org> 
        Reviewed by Darin Adler.

        Rename SecurityOrigin::canLoad to canDisplay
        https://bugs.webkit.org/show_bug.cgi?id=45214

        canLoad is a pretty opaque name.  This function is really about whether
        you can display the contents of the URL in an iframe, an image, or a
        plugin.

        * WebCore.exp.in:
        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::isSafeToLoadURL):
        * loader/Cache.cpp:
        (WebCore::Cache::requestResource):
        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::loadFrameRequest):
        * loader/PingLoader.cpp:
        (WebCore::PingLoader::loadImage):
        * loader/SubframeLoader.cpp:
        (WebCore::SubframeLoader::loadMediaPlayerProxyPlugin):
        (WebCore::SubframeLoader::createJavaAppletWidget):
        (WebCore::SubframeLoader::loadSubframe):
        (WebCore::SubframeLoader::loadPlugin):
        * loader/SubresourceLoader.cpp:
        (WebCore::SubresourceLoader::create):
        * page/SecurityOrigin.cpp:
        (WebCore::SecurityOrigin::canDisplay):
        * page/SecurityOrigin.h:
        * plugins/PluginView.cpp:
        (WebCore::PluginView::load):
2010-09-06  Adam Barth  <abarth@webkit.org>

        Reviewed by Darin Adler.

        Rename SecurityOrigin::canLoad to canDisplay
        https://bugs.webkit.org/show_bug.cgi?id=45214

        Propagate name change.

        * Plugins/Hosted/NetscapePluginInstanceProxy.mm:
        (WebKit::NetscapePluginInstanceProxy::loadRequest):
        * Plugins/WebNetscapePluginStream.mm:
        (WebNetscapePluginStream::WebNetscapePluginStream):
        * Plugins/WebNetscapePluginView.mm:
        (-[WebNetscapePluginView loadRequest:inTarget:withNotifyData:sendNotification:]):
        * Plugins/WebPluginContainerCheck.mm:
        (-[WebPluginContainerCheck _isForbiddenFileLoad]):
        * WebView/WebFrame.mm:
        (-[WebFrame _allowsFollowingLink:]):
2010-09-06  Adam Barth  <abarth@webkit.org>

        Reviewed by Darin Adler.

        Rename SecurityOrigin::canLoad to canDisplay
        https://bugs.webkit.org/show_bug.cgi?id=45214

        Propagate name change.

        * WebFrame.cpp:
        (WebFrame::allowsFollowingLink):
2010-09-06  Adam Barth  <abarth@webkit.org>

        Reviewed by Darin Adler.

        Rename SecurityOrigin::canLoad to canDisplay
        https://bugs.webkit.org/show_bug.cgi?id=45214

        Propagate name change.

        * WebProcess/Plugins/PluginView.cpp:
        (WebKit::PluginView::performFrameLoadURLRequest):

Canonical link: https://commits.webkit.org/57573@main
git-svn-id: https://svn.webkit.org/repository/webkit/trunk@66815 268f45cc-cd09-0410-ab3c-d52691b4dbfc
  • Loading branch information
Adam Barth committed Sep 6, 2010
1 parent 177486a commit 1ef598cec87d5e3e4d7a43aa5da3f69af407cad2
Showing 21 changed files with 101 additions and 23 deletions.
33 WebCore/ChangeLog
View file
@@ -1,3 +1,36 @@
2010-09-06 Adam Barth <abarth@webkit.org>

Reviewed by Darin Adler.

Rename SecurityOrigin::canLoad to canDisplay
https://bugs.webkit.org/show_bug.cgi?id=45214

canLoad is a pretty opaque name. This function is really about whether
you can display the contents of the URL in an iframe, an image, or a
plugin.

* WebCore.exp.in:
* html/HTMLMediaElement.cpp:
(WebCore::HTMLMediaElement::isSafeToLoadURL):
* loader/Cache.cpp:
(WebCore::Cache::requestResource):
* loader/FrameLoader.cpp:
(WebCore::FrameLoader::loadFrameRequest):
* loader/PingLoader.cpp:
(WebCore::PingLoader::loadImage):
* loader/SubframeLoader.cpp:
(WebCore::SubframeLoader::loadMediaPlayerProxyPlugin):
(WebCore::SubframeLoader::createJavaAppletWidget):
(WebCore::SubframeLoader::loadSubframe):
(WebCore::SubframeLoader::loadPlugin):
* loader/SubresourceLoader.cpp:
(WebCore::SubresourceLoader::create):
* page/SecurityOrigin.cpp:
(WebCore::SecurityOrigin::canDisplay):
* page/SecurityOrigin.h:
* plugins/PluginView.cpp:
(WebCore::PluginView::load):

2010-08-31 Yury Semikhatsky <yurys@chromium.org>

Reviewed by Joseph Pecoraro.
2 WebCore/WebCore.exp.in
View file
@@ -314,6 +314,7 @@ __ZN7WebCore14SVGSMILElement13isSMILElementEPNS_4NodeE
__ZN7WebCore14SchemeRegistry24registerURLSchemeAsLocalERKN3WTF6StringE
__ZN7WebCore14SchemeRegistry25registerURLSchemeAsSecureERKN3WTF6StringE
__ZN7WebCore14SchemeRegistry32registerURLSchemeAsEmptyDocumentERKN3WTF6StringE
__ZN7WebCore14SecurityOrigin10canDisplayERKNS_4KURLERKN3WTF6StringEPNS_8DocumentE
__ZN7WebCore14SecurityOrigin16createFromStringERKN3WTF6StringE
__ZN7WebCore14SecurityOrigin18setLocalLoadPolicyENS0_15LocalLoadPolicyE
__ZN7WebCore14SecurityOrigin18shouldHideReferrerERKNS_4KURLERKN3WTF6StringE
@@ -322,7 +323,6 @@ __ZN7WebCore14SecurityOrigin29addOriginAccessWhitelistEntryERKS0_RKN3WTF6StringE
__ZN7WebCore14SecurityOrigin32removeOriginAccessWhitelistEntryERKS0_RKN3WTF6StringES6_b
__ZN7WebCore14SecurityOrigin40setDomainRelaxationForbiddenForURLSchemeEbRKN3WTF6StringE
__ZN7WebCore14SecurityOrigin6createERKNS_4KURLEi
__ZN7WebCore14SecurityOrigin7canLoadERKNS_4KURLERKN3WTF6StringEPNS_8DocumentE
__ZN7WebCore15ArchiveResource6createEN3WTF10PassRefPtrINS_12SharedBufferEEERKNS_4KURLERKNS1_6StringESA_SA_RKNS_16ResourceResponseE
__ZN7WebCore15DOMWrapperWorld15unregisterWorldEv
__ZN7WebCore15DOMWrapperWorldD1Ev
2 WebCore/html/HTMLMediaElement.cpp
View file
@@ -699,7 +699,7 @@ bool HTMLMediaElement::isSafeToLoadURL(const KURL& url, InvalidSourceAction acti
FrameLoader* loader = frame ? frame->loader() : 0;

// don't allow remote to local urls, and check with the frame loader client.
if (!loader || !SecurityOrigin::canLoad(url, String(), document())) {
if (!loader || !SecurityOrigin::canDisplay(url, String(), document())) {
if (actionIfInvalid == Complain)
FrameLoader::reportLocalLoadFailed(frame, url.string());
return false;
2 WebCore/loader/Cache.cpp
View file
@@ -106,7 +106,7 @@ CachedResource* Cache::requestResource(DocLoader* docLoader, CachedResource::Typ
if (resource && requestIsPreload && !resource->isPreloaded())
return 0;

if (SecurityOrigin::restrictAccessToLocal() && !SecurityOrigin::canLoad(url, String(), docLoader->doc())) {
if (SecurityOrigin::restrictAccessToLocal() && !SecurityOrigin::canDisplay(url, String(), docLoader->doc())) {
Document* doc = docLoader->doc();
if (doc && !requestIsPreload)
FrameLoader::reportLocalLoadFailed(doc->frame(), url.string());
2 WebCore/loader/FrameLoader.cpp
View file
@@ -1261,7 +1261,7 @@ void FrameLoader::loadFrameRequest(const FrameLoadRequest& request, bool lockHis

ASSERT(frame()->document());
if (SchemeRegistry::shouldTreatURLAsLocal(url.string()) && !isFeedWithNestedProtocolInHTTPFamily(url)) {
if (!SecurityOrigin::canLoad(url, String(), frame()->document()) && !SecurityOrigin::canLoad(url, referrer, 0)) {
if (!SecurityOrigin::canDisplay(url, String(), frame()->document()) && !SecurityOrigin::canDisplay(url, referrer, 0)) {
FrameLoader::reportLocalLoadFailed(m_frame, url.string());
return;
}
2 WebCore/loader/PingLoader.cpp
View file
@@ -42,7 +42,7 @@ namespace WebCore {

void PingLoader::loadImage(Frame* frame, const KURL& url)
{
if (SecurityOrigin::restrictAccessToLocal() && !SecurityOrigin::canLoad(url, String(), frame->document())) {
if (SecurityOrigin::restrictAccessToLocal() && !SecurityOrigin::canDisplay(url, String(), frame->document())) {
FrameLoader::reportLocalLoadFailed(frame, url);
return;
}
8 WebCore/loader/SubframeLoader.cpp
View file
@@ -147,7 +147,7 @@ PassRefPtr<Widget> SubframeLoader::loadMediaPlayerProxyPlugin(Node* node, const
if (!url.isEmpty())
completedURL = completeURL(url);

if (!SecurityOrigin::canLoad(completedURL, String(), m_frame->document())) {
if (!SecurityOrigin::canDisplay(completedURL, String(), m_frame->document())) {
FrameLoader::reportLocalLoadFailed(m_frame, completedURL.string());
return 0;
}
@@ -205,7 +205,7 @@ PassRefPtr<Widget> SubframeLoader::createJavaAppletWidget(const IntSize& size, H

if (!codeBaseURLString.isEmpty()) {
KURL codeBaseURL = completeURL(codeBaseURLString);
if (!SecurityOrigin::canLoad(codeBaseURL, String(), element->document())) {
if (!SecurityOrigin::canDisplay(codeBaseURL, String(), element->document())) {
FrameLoader::reportLocalLoadFailed(m_frame, codeBaseURL.string());
return 0;
}
@@ -247,7 +247,7 @@ Frame* SubframeLoader::loadSubframe(HTMLFrameOwnerElement* ownerElement, const K
marginHeight = o->getMarginHeight();
}

if (!SecurityOrigin::canLoad(url, String(), ownerElement->document())) {
if (!SecurityOrigin::canDisplay(url, String(), ownerElement->document())) {
FrameLoader::reportLocalLoadFailed(m_frame, url.string());
return 0;
}
@@ -336,7 +336,7 @@ bool SubframeLoader::loadPlugin(HTMLPlugInImageElement* pluginElement, const KUR
if (!renderer || useFallback)
return false;

if (!SecurityOrigin::canLoad(url, String(), document())) {
if (!SecurityOrigin::canDisplay(url, String(), document())) {
FrameLoader::reportLocalLoadFailed(m_frame, url.string());
return false;
}
2 WebCore/loader/SubresourceLoader.cpp
View file
@@ -73,7 +73,7 @@ PassRefPtr<SubresourceLoader> SubresourceLoader::create(Frame* frame, Subresourc

if (securityCheck == DoSecurityCheck
&& SecurityOrigin::restrictAccessToLocal()
&& !SecurityOrigin::canLoad(request.url(), String(), frame->document())) {
&& !SecurityOrigin::canDisplay(request.url(), String(), frame->document())) {
FrameLoader::reportLocalLoadFailed(frame, request.url().string());
return 0;
}
2 WebCore/page/SecurityOrigin.cpp
View file
@@ -284,7 +284,7 @@ bool SecurityOrigin::isAccessWhiteListed(const SecurityOrigin* targetOrigin) con
return false;
}

bool SecurityOrigin::canLoad(const KURL& url, const String& referrer, Document* document)
bool SecurityOrigin::canDisplay(const KURL& url, const String& referrer, Document* document)
{
#if ENABLE(BLOB)
if (url.protocolIs("blob") && document) {
9 WebCore/page/SecurityOrigin.h
View file
@@ -84,10 +84,11 @@ class SecurityOrigin : public ThreadSafeShared<SecurityOrigin> {
// drawing an image onto an HTML canvas element with the drawImage API.
bool taintsCanvas(const KURL&) const;

// Returns true for any non-local URL. If document parameter is supplied,
// its local load policy dictates, otherwise if referrer is non-empty and
// represents a local file, then the local load is allowed.
static bool canLoad(const KURL&, const String& referrer, Document* document);
// Returns true if |document| can display content from the given URL (e.g.,
// in an iframe or as an image). For example, web sites generally cannot
// display content from the user's files system. If |document| is 0,
// |referrer| is used to make this determination.
static bool canDisplay(const KURL&, const String& referrer, Document* document);

// Returns true if this SecurityOrigin can load local resources, such
// as images, iframes, and style sheets, and can link to local URLs.
2 WebCore/plugins/PluginView.cpp
View file
@@ -537,7 +537,7 @@ NPError PluginView::load(const FrameLoadRequest& frameLoadRequest, bool sendNoti
// For security reasons, only allow JS requests to be made on the frame that contains the plug-in.
if (!targetFrameName.isNull() && m_parentFrame->tree()->find(targetFrameName) != m_parentFrame)
return NPERR_INVALID_PARAM;
} else if (!SecurityOrigin::canLoad(url, String(), m_parentFrame->document()))
} else if (!SecurityOrigin::canDisplay(url, String(), m_parentFrame->document()))
return NPERR_GENERIC_ERROR;

PluginRequest* request = new PluginRequest(frameLoadRequest, sendNotification, notifyData, arePopupsAllowed());
20 WebKit/mac/ChangeLog
View file
@@ -1,3 +1,23 @@
2010-09-06 Adam Barth <abarth@webkit.org>

Reviewed by Darin Adler.

Rename SecurityOrigin::canLoad to canDisplay
https://bugs.webkit.org/show_bug.cgi?id=45214

Propagate name change.

* Plugins/Hosted/NetscapePluginInstanceProxy.mm:
(WebKit::NetscapePluginInstanceProxy::loadRequest):
* Plugins/WebNetscapePluginStream.mm:
(WebNetscapePluginStream::WebNetscapePluginStream):
* Plugins/WebNetscapePluginView.mm:
(-[WebNetscapePluginView loadRequest:inTarget:withNotifyData:sendNotification:]):
* Plugins/WebPluginContainerCheck.mm:
(-[WebPluginContainerCheck _isForbiddenFileLoad]):
* WebView/WebFrame.mm:
(-[WebFrame _allowsFollowingLink:]):

2010-09-03 Jesus Sanchez-Palencia <jesus.palencia@openbossa.org>

Reviewed by Darin Adler.
2 WebKit/mac/Plugins/Hosted/NetscapePluginInstanceProxy.mm
View file
@@ -762,7 +762,7 @@
return NPERR_GENERIC_ERROR;
}
} else {
if (!SecurityOrigin::canLoad(URL, String(), core([m_pluginView webFrame])->document()))
if (!SecurityOrigin::canDisplay(URL, String(), core([m_pluginView webFrame])->document()))
return NPERR_GENERIC_ERROR;
}

2 WebKit/mac/Plugins/WebNetscapePluginStream.mm
View file
@@ -161,7 +161,7 @@
WebNetscapePluginView *view = (WebNetscapePluginView *)plugin->ndata;

// This check has already been done by the plug-in view.
ASSERT(SecurityOrigin::canLoad([request URL], String(), core([view webFrame])->document()));
ASSERT(SecurityOrigin::canDisplay([request URL], String(), core([view webFrame])->document()));

ASSERT([request URL]);
ASSERT(plugin);
2 WebKit/mac/Plugins/WebNetscapePluginView.mm
View file
@@ -1728,7 +1728,7 @@ - (NPError)loadRequest:(NSMutableURLRequest *)request inTarget:(const char *)cTa
return NPERR_INVALID_PARAM;
}
} else {
if (!SecurityOrigin::canLoad(URL, String(), core([self webFrame])->document()))
if (!SecurityOrigin::canDisplay(URL, String(), core([self webFrame])->document()))
return NPERR_GENERIC_ERROR;
}

2 WebKit/mac/Plugins/WebPluginContainerCheck.mm
View file
@@ -99,7 +99,7 @@ - (BOOL)_isForbiddenFileLoad
{
Frame* coreFrame = core([_controller webFrame]);
ASSERT(coreFrame);
if (!SecurityOrigin::canLoad([_request URL], String(), coreFrame->document())) {
if (!SecurityOrigin::canDisplay([_request URL], String(), coreFrame->document())) {
[self _continueWithPolicy:PolicyIgnore];
return YES;
}
2 WebKit/mac/WebView/WebFrame.mm
View file
@@ -1282,7 +1282,7 @@ - (BOOL)_allowsFollowingLink:(NSURL *)URL
{
if (!_private->coreFrame)
return YES;
return SecurityOrigin::canLoad(URL, String(), _private->coreFrame->document());
return SecurityOrigin::canDisplay(URL, String(), _private->coreFrame->document());
}

- (NSString *)_stringByEvaluatingJavaScriptFromString:(NSString *)string withGlobalObject:(JSObjectRef)globalObjectRef inScriptWorld:(WebScriptWorld *)world
12 WebKit/win/ChangeLog
View file
@@ -1,3 +1,15 @@
2010-09-06 Adam Barth <abarth@webkit.org>

Reviewed by Darin Adler.

Rename SecurityOrigin::canLoad to canDisplay
https://bugs.webkit.org/show_bug.cgi?id=45214

Propagate name change.

* WebFrame.cpp:
(WebFrame::allowsFollowingLink):

2010-09-03 Jesus Sanchez-Palencia <jesus.palencia@openbossa.org>

Reviewed by Darin Adler.
2 WebKit/win/WebFrame.cpp
View file
@@ -1353,7 +1353,7 @@ HRESULT WebFrame::allowsFollowingLink(BSTR url, BOOL* result)
if (!frame)
return E_FAIL;

*result = SecurityOrigin::canLoad(MarshallingHelpers::BSTRToKURL(url), String(), frame->document());
*result = SecurityOrigin::canDisplay(MarshallingHelpers::BSTRToKURL(url), String(), frame->document());
return S_OK;
}

12 WebKit2/ChangeLog
View file
@@ -1,3 +1,15 @@
2010-09-06 Adam Barth <abarth@webkit.org>

Reviewed by Darin Adler.

Rename SecurityOrigin::canLoad to canDisplay
https://bugs.webkit.org/show_bug.cgi?id=45214

Propagate name change.

* WebProcess/Plugins/PluginView.cpp:
(WebKit::PluginView::performFrameLoadURLRequest):

2010-09-04 Sam Weinig <sam@webkit.org>

Reviewed by Anders Carlsson.
2 WebKit2/WebProcess/Plugins/PluginView.cpp
View file
@@ -515,7 +515,7 @@ void PluginView::performFrameLoadURLRequest(URLRequest* request)
return;

// Check if this is URL can be loaded.
if (!SecurityOrigin::canLoad(request->request().url(), String(), m_pluginElement->document())) {
if (!SecurityOrigin::canDisplay(request->request().url(), String(), m_pluginElement->document())) {
// We can't load the request, send back a reply to the plug-in.
m_plugin->frameDidFail(request->requestID(), false);
return;

0 comments on commit 1ef598c

Please sign in to comment.