Skip to content
Permalink
Browse files
2010-07-21 Brady Eidson <beidson@apple.com>
        Reviewed by Geoffrey Garen.

        Break out "scheme registration" functionality from SecurityOrigin to a SchemeRegistry
        https://bugs.webkit.org/show_bug.cgi?id=42783

        * src/WebSecurityPolicy.cpp:
        (WebKit::WebSecurityPolicy::registerURLSchemeAsLocal):
        (WebKit::WebSecurityPolicy::registerURLSchemeAsNoAccess):
        (WebKit::WebSecurityPolicy::registerURLSchemeAsSecure):
2010-07-21  Brady Eidson  <beidson@apple.com>

        Reviewed by Geoffrey Garen.

        Break out "scheme registration" functionality from SecurityOrigin to a SchemeRegistry
        https://bugs.webkit.org/show_bug.cgi?id=42783

        * Api/qwebpage.cpp:
        (QWebPage::acceptNavigationRequest):
        * Api/qwebsecurityorigin.cpp:
        (QWebSecurityOrigin::addLocalScheme):
        (QWebSecurityOrigin::removeLocalScheme):
        (QWebSecurityOrigin::localSchemes):
2010-07-21  Brady Eidson  <beidson@apple.com>

        Reviewed by Geoffrey Garen.

        Break out "scheme registration" functionality from SecurityOrigin to a SchemeRegistry
        https://bugs.webkit.org/show_bug.cgi?id=42783

        * WebView.cpp:
        (WebView::registerURLSchemeAsLocal):
        (WebView::registerURLSchemeAsSecure):
2010-07-21  Brady Eidson  <beidson@apple.com>

        Reviewed by Geoffrey Garen.

        Break out "scheme registration" functionality from SecurityOrigin to a SchemeRegistry
        https://bugs.webkit.org/show_bug.cgi?id=42783

        * WebView/WebView.mm:
        (+[WebView _registerURLSchemeAsSecure:]):
        (+[WebView registerURLSchemeAsLocal:]):
2010-07-21  Brady Eidson  <beidson@apple.com>

        Reviewed by Geoffrey Garen.

        Break out "scheme registration" functionality from SecurityOrigin to a SchemeRegistry
        https://bugs.webkit.org/show_bug.cgi?id=42783

        No new tests. (No change in behavior)

        * GNUmakefile.am:
        * WebCore.exp.in:
        * WebCore.gypi:
        * WebCore.pro:
        * WebCore.vcproj/WebCore.vcproj:
        * WebCore.xcodeproj/project.pbxproj:

        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::isMixedContent):
        (WebCore::FrameLoader::loadFrameRequest):

        * page/SecurityOrigin.cpp:
        (WebCore::SecurityOrigin::SecurityOrigin):
        (WebCore::SecurityOrigin::canLoad):
        (WebCore::SecurityOrigin::isLocal):
        * page/SecurityOrigin.h:

        * platform/SchemeRegistry.cpp: Added.
        (WebCore::localSchemes):
        (WebCore::secureSchemes):
        (WebCore::schemesWithUniqueOrigins):
        (WebCore::SchemeRegistry::registerURLSchemeAsLocal):
        (WebCore::SchemeRegistry::removeURLSchemeRegisteredAsLocal):
        (WebCore::SchemeRegistry::localURLSchemes):
        (WebCore::SchemeRegistry::shouldTreatURLAsLocal):
        (WebCore::SchemeRegistry::shouldTreatURLSchemeAsLocal):
        (WebCore::SchemeRegistry::registerURLSchemeAsNoAccess):
        (WebCore::SchemeRegistry::shouldTreatURLSchemeAsNoAccess):
        (WebCore::SchemeRegistry::registerURLSchemeAsSecure):
        (WebCore::SchemeRegistry::shouldTreatURLSchemeAsSecure):
        * platform/SchemeRegistry.h: Added.


Canonical link: https://commits.webkit.org/54700@main
git-svn-id: https://svn.webkit.org/repository/webkit/trunk@63863 268f45cc-cd09-0410-ab3c-d52691b4dbfc
  • Loading branch information
beidson committed Jul 21, 2010
1 parent bb56891 commit 2940dc414598311cea16ccb0b4cc6c0ef2bcbbf9
@@ -1,3 +1,44 @@
2010-07-21 Brady Eidson <beidson@apple.com>

Reviewed by Geoffrey Garen.

Break out "scheme registration" functionality from SecurityOrigin to a SchemeRegistry
https://bugs.webkit.org/show_bug.cgi?id=42783

No new tests. (No change in behavior)

* GNUmakefile.am:
* WebCore.exp.in:
* WebCore.gypi:
* WebCore.pro:
* WebCore.vcproj/WebCore.vcproj:
* WebCore.xcodeproj/project.pbxproj:

* loader/FrameLoader.cpp:
(WebCore::FrameLoader::isMixedContent):
(WebCore::FrameLoader::loadFrameRequest):

* page/SecurityOrigin.cpp:
(WebCore::SecurityOrigin::SecurityOrigin):
(WebCore::SecurityOrigin::canLoad):
(WebCore::SecurityOrigin::isLocal):
* page/SecurityOrigin.h:

* platform/SchemeRegistry.cpp: Added.
(WebCore::localSchemes):
(WebCore::secureSchemes):
(WebCore::schemesWithUniqueOrigins):
(WebCore::SchemeRegistry::registerURLSchemeAsLocal):
(WebCore::SchemeRegistry::removeURLSchemeRegisteredAsLocal):
(WebCore::SchemeRegistry::localURLSchemes):
(WebCore::SchemeRegistry::shouldTreatURLAsLocal):
(WebCore::SchemeRegistry::shouldTreatURLSchemeAsLocal):
(WebCore::SchemeRegistry::registerURLSchemeAsNoAccess):
(WebCore::SchemeRegistry::shouldTreatURLSchemeAsNoAccess):
(WebCore::SchemeRegistry::registerURLSchemeAsSecure):
(WebCore::SchemeRegistry::shouldTreatURLSchemeAsSecure):
* platform/SchemeRegistry.h: Added.

2010-07-21 Chris Marrin <cmarrin@apple.com>

Reviewed by Simon Fraser.
@@ -1915,6 +1915,8 @@ webcore_sources += \
WebCore/platform/ScrollTypes.h \
WebCore/platform/ScrollView.cpp \
WebCore/platform/ScrollView.h \
WebCore/platform/SchemeRegistry.cpp \
WebCore/platform/SchemeRegistry.h \
WebCore/platform/Scrollbar.cpp \
WebCore/platform/Scrollbar.h \
WebCore/platform/ScrollbarClient.h \
@@ -310,11 +310,11 @@ __ZN7WebCore14ResourceHandle20forceContentSniffingEv
__ZN7WebCore14ResourceLoader14cancelledErrorEv
__ZN7WebCore14ResourceLoader19setShouldBufferDataEb
__ZN7WebCore14SVGSMILElement13isSMILElementEPNS_4NodeE
__ZN7WebCore14SchemeRegistry25registerURLSchemeAsSecureERKNS_6StringE
__ZN7WebCore14SchemeRegistry24registerURLSchemeAsLocalERKNS_6StringE
__ZN7WebCore14SecurityOrigin16createFromStringERKNS_6StringE
__ZN7WebCore14SecurityOrigin18setLocalLoadPolicyENS0_15LocalLoadPolicyE
__ZN7WebCore14SecurityOrigin18shouldHideReferrerERKNS_4KURLERKNS_6StringE
__ZN7WebCore14SecurityOrigin24registerURLSchemeAsLocalERKNS_6StringE
__ZN7WebCore14SecurityOrigin25registerURLSchemeAsSecureERKNS_6StringE
__ZN7WebCore14SecurityOrigin27resetOriginAccessWhitelistsEv
__ZN7WebCore14SecurityOrigin29addOriginAccessWhitelistEntryERKS0_RKNS_6StringES5_b
__ZN7WebCore14SecurityOrigin32removeOriginAccessWhitelistEntryERKS0_RKNS_6StringES5_b
@@ -3029,6 +3029,8 @@
'platform/ScrollTypes.h',
'platform/ScrollView.cpp',
'platform/ScrollView.h',
'platform/SchemeRegistry.cpp',
'platform/SchemeRegistry.h',
'platform/Scrollbar.cpp',
'platform/Scrollbar.h',
'platform/ScrollbarClient.h',
@@ -925,6 +925,7 @@ SOURCES += \
platform/network/ResourceRequestBase.cpp \
platform/network/ResourceResponseBase.cpp \
platform/text/RegularExpression.cpp \
platform/SchemeRegistry.cpp \
platform/Scrollbar.cpp \
platform/ScrollbarThemeComposite.cpp \
platform/ScrollView.cpp \
@@ -23456,6 +23456,14 @@
RelativePath="..\platform\PurgeableBuffer.h"
>
</File>
<File
RelativePath="..\platform\SchemeRegistry.cpp"
>
</File>
<File
RelativePath="..\platform\SchemeRegistry.h"
>
</File>
<File
RelativePath="..\platform\Scrollbar.cpp"
>
@@ -1106,6 +1106,8 @@
5160300B0CC4251200C8AC25 /* FileSystemPOSIX.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 5160300A0CC4251200C8AC25 /* FileSystemPOSIX.cpp */; };
5160306C0CC4362300C8AC25 /* FileSystemCF.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 5160306B0CC4362300C8AC25 /* FileSystemCF.cpp */; };
5160F4980B0AA75F00C1D2AF /* HistoryItemMac.mm in Sources */ = {isa = PBXBuildFile; fileRef = 5160F4970B0AA75F00C1D2AF /* HistoryItemMac.mm */; };
5162C7F411F77EFB00612EFE /* SchemeRegistry.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 5162C7F211F77EFA00612EFE /* SchemeRegistry.cpp */; };
5162C7F511F77EFB00612EFE /* SchemeRegistry.h in Headers */ = {isa = PBXBuildFile; fileRef = 5162C7F311F77EFB00612EFE /* SchemeRegistry.h */; settings = {ATTRIBUTES = (Private, ); }; };
516BB7940CE91E6800512F79 /* JSTreeWalkerCustom.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 516BB7920CE91E6800512F79 /* JSTreeWalkerCustom.cpp */; };
51721FBB11D2790700638B42 /* BeforeProcessEvent.h in Headers */ = {isa = PBXBuildFile; fileRef = 51721FB911D2790700638B42 /* BeforeProcessEvent.h */; };
51721FD211D27EF200638B42 /* JSBeforeProcessEvent.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 51721FD011D27EF200638B42 /* JSBeforeProcessEvent.cpp */; };
@@ -6850,6 +6852,8 @@
5160300A0CC4251200C8AC25 /* FileSystemPOSIX.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = FileSystemPOSIX.cpp; sourceTree = "<group>"; };
5160306B0CC4362300C8AC25 /* FileSystemCF.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = FileSystemCF.cpp; sourceTree = "<group>"; };
5160F4970B0AA75F00C1D2AF /* HistoryItemMac.mm */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.objcpp; name = HistoryItemMac.mm; path = mac/HistoryItemMac.mm; sourceTree = "<group>"; };
5162C7F211F77EFA00612EFE /* SchemeRegistry.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = SchemeRegistry.cpp; sourceTree = "<group>"; };
5162C7F311F77EFB00612EFE /* SchemeRegistry.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = SchemeRegistry.h; sourceTree = "<group>"; };
516BB7920CE91E6800512F79 /* JSTreeWalkerCustom.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = JSTreeWalkerCustom.cpp; sourceTree = "<group>"; };
51721FB911D2790700638B42 /* BeforeProcessEvent.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = BeforeProcessEvent.h; sourceTree = "<group>"; };
51721FBA11D2790700638B42 /* BeforeProcessEvent.idl */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = text; path = BeforeProcessEvent.idl; sourceTree = "<group>"; };
@@ -16235,6 +16239,8 @@
BC3BE12A0E98092F00835588 /* PopupMenuStyle.h */,
E4D687780ED7AE4F006EA978 /* PurgeableBuffer.h */,
1C63A2460F71646600C09D5A /* RunLoopTimer.h */,
5162C7F211F77EFA00612EFE /* SchemeRegistry.cpp */,
5162C7F311F77EFB00612EFE /* SchemeRegistry.h */,
BC7B2AF80450824100A8000F /* Scrollbar.h */,
BC9BC64D0E7C4889008B9849 /* ScrollbarClient.h */,
BC8B854A0E7C7F5600AB6984 /* ScrollbarTheme.h */,
@@ -19832,6 +19838,7 @@
97DD4D870FDF4D6E00ECF9A4 /* XSSAuditor.h in Headers */,
CE172E011136E8CE0062A533 /* ZoomMode.h in Headers */,
8C6EA61A11EF7E0400FD8EE3 /* RuntimeEnabledFeatures.h in Headers */,
5162C7F511F77EFB00612EFE /* SchemeRegistry.h in Headers */,
);
runOnlyForDeploymentPostprocessing = 0;
};
@@ -22226,6 +22233,7 @@
E1BE512D0CF6C512002EA959 /* XSLTUnicodeSort.cpp in Sources */,
97DD4D860FDF4D6E00ECF9A4 /* XSSAuditor.cpp in Sources */,
8C6EA61911EF7E0400FD8EE3 /* RuntimeEnabledFeatures.cpp in Sources */,
5162C7F411F77EFB00612EFE /* SchemeRegistry.cpp in Sources */,
);
runOnlyForDeploymentPostprocessing = 0;
};
@@ -85,6 +85,7 @@
#include "ProgressTracker.h"
#include "ResourceHandle.h"
#include "ResourceRequest.h"
#include "SchemeRegistry.h"
#include "ScriptController.h"
#include "ScriptSourceCode.h"
#include "ScriptString.h"
@@ -1058,7 +1059,7 @@ bool FrameLoader::isMixedContent(SecurityOrigin* context, const KURL& url)
if (context->protocol() != "https")
return false; // We only care about HTTPS security origins.

if (!url.isValid() || SecurityOrigin::shouldTreatURLSchemeAsSecure(url.protocol()))
if (!url.isValid() || SchemeRegistry::shouldTreatURLSchemeAsSecure(url.protocol()))
return false; // Loading these protocols is secure.

return true;
@@ -1320,7 +1321,7 @@ void FrameLoader::loadFrameRequest(const FrameLoadRequest& request, bool lockHis
referrer = m_outgoingReferrer;

ASSERT(frame()->document());
if (SecurityOrigin::shouldTreatURLAsLocal(url.string()) && !isFeedWithNestedProtocolInHTTPFamily(url)) {
if (SchemeRegistry::shouldTreatURLAsLocal(url.string()) && !isFeedWithNestedProtocolInHTTPFamily(url)) {
if (!SecurityOrigin::canLoad(url, String(), frame()->document()) && !SecurityOrigin::canLoad(url, referrer, 0)) {
FrameLoader::reportLocalLoadFailed(m_frame, url.string());
return;
@@ -32,6 +32,7 @@
#include "Document.h"
#include "KURL.h"
#include "OriginAccessEntry.h"
#include "SchemeRegistry.h"
#include <wtf/StdLibExtras.h>

namespace WebCore {
@@ -47,48 +48,6 @@ static OriginAccessMap& originAccessMap()
return originAccessMap;
}

static URLSchemesMap& localSchemes()
{
DEFINE_STATIC_LOCAL(URLSchemesMap, localSchemes, ());

if (localSchemes.isEmpty()) {
localSchemes.add("file");
#if PLATFORM(MAC)
localSchemes.add("applewebdata");
#endif
#if PLATFORM(QT)
localSchemes.add("qrc");
#endif
}

return localSchemes;
}

static URLSchemesMap& secureSchemes()
{
DEFINE_STATIC_LOCAL(URLSchemesMap, secureSchemes, ());

if (secureSchemes.isEmpty()) {
secureSchemes.add("https");
secureSchemes.add("about");
secureSchemes.add("data");
}

return secureSchemes;
}

static URLSchemesMap& schemesWithUniqueOrigins()
{
DEFINE_STATIC_LOCAL(URLSchemesMap, schemesWithUniqueOrigins, ());

// This is a willful violation of HTML5.
// See https://bugs.webkit.org/show_bug.cgi?id=11885
if (schemesWithUniqueOrigins.isEmpty())
schemesWithUniqueOrigins.add("data");

return schemesWithUniqueOrigins;
}

static bool schemeRequiresAuthority(const String& scheme)
{
DEFINE_STATIC_LOCAL(URLSchemesMap, schemes, ());
@@ -108,7 +67,7 @@ SecurityOrigin::SecurityOrigin(const KURL& url, SandboxFlags sandboxFlags)
, m_protocol(url.protocol().isNull() ? "" : url.protocol().lower())
, m_host(url.host().isNull() ? "" : url.host().lower())
, m_port(url.port())
, m_isUnique(isSandboxed(SandboxOrigin) || shouldTreatURLSchemeAsNoAccess(m_protocol))
, m_isUnique(isSandboxed(SandboxOrigin) || SchemeRegistry::shouldTreatURLSchemeAsNoAccess(m_protocol))
, m_universalAccess(false)
, m_domainWasSetInDOM(false)
, m_enforceFilePathSeparation(false)
@@ -315,7 +274,7 @@ bool SecurityOrigin::isAccessWhiteListed(const SecurityOrigin* targetOrigin) con

bool SecurityOrigin::canLoad(const KURL& url, const String& referrer, Document* document)
{
if (!shouldTreatURLAsLocal(url.string()))
if (!SchemeRegistry::shouldTreatURLAsLocal(url.string()))
return true;

// If we were provided a document, we first check if the access has been white listed.
@@ -329,7 +288,7 @@ bool SecurityOrigin::canLoad(const KURL& url, const String& referrer, Document*
return documentOrigin->canLoadLocalResources();
}
if (!referrer.isEmpty())
return shouldTreatURLAsLocal(referrer);
return SchemeRegistry::shouldTreatURLAsLocal(referrer);
return false;
}

@@ -357,7 +316,7 @@ void SecurityOrigin::enforceFilePathSeparation()

bool SecurityOrigin::isLocal() const
{
return shouldTreatURLSchemeAsLocal(m_protocol);
return SchemeRegistry::shouldTreatURLSchemeAsLocal(m_protocol);
}

bool SecurityOrigin::isSecureTransitionTo(const KURL& url) const
@@ -557,85 +516,6 @@ bool SecurityOrigin::isSameSchemeHostPort(const SecurityOrigin* other) const
return true;
}

void SecurityOrigin::registerURLSchemeAsLocal(const String& scheme)
{
localSchemes().add(scheme);
}

void SecurityOrigin::removeURLSchemeRegisteredAsLocal(const String& scheme)
{
if (scheme == "file")
return;
#if PLATFORM(MAC)
if (scheme == "applewebdata")
return;
#endif
localSchemes().remove(scheme);
}

const URLSchemesMap& SecurityOrigin::localURLSchemes()
{
return localSchemes();
}

bool SecurityOrigin::shouldTreatURLAsLocal(const String& url)
{
// This avoids an allocation of another String and the HashSet contains()
// call for the file: and http: schemes.
if (url.length() >= 5) {
const UChar* s = url.characters();
if (s[0] == 'h' && s[1] == 't' && s[2] == 't' && s[3] == 'p' && s[4] == ':')
return false;
if (s[0] == 'f' && s[1] == 'i' && s[2] == 'l' && s[3] == 'e' && s[4] == ':')
return true;
}

int loc = url.find(':');
if (loc == -1)
return false;

String scheme = url.left(loc);
return localSchemes().contains(scheme);
}

bool SecurityOrigin::shouldTreatURLSchemeAsLocal(const String& scheme)
{
// This avoids an allocation of another String and the HashSet contains()
// call for the file: and http: schemes.
if (scheme.length() == 4) {
const UChar* s = scheme.characters();
if (s[0] == 'h' && s[1] == 't' && s[2] == 't' && s[3] == 'p')
return false;
if (s[0] == 'f' && s[1] == 'i' && s[2] == 'l' && s[3] == 'e')
return true;
}

if (scheme.isEmpty())
return false;

return localSchemes().contains(scheme);
}

void SecurityOrigin::registerURLSchemeAsNoAccess(const String& scheme)
{
schemesWithUniqueOrigins().add(scheme);
}

bool SecurityOrigin::shouldTreatURLSchemeAsNoAccess(const String& scheme)
{
return schemesWithUniqueOrigins().contains(scheme);
}

void SecurityOrigin::registerURLSchemeAsSecure(const String& scheme)
{
secureSchemes().add(scheme);
}

bool SecurityOrigin::shouldTreatURLSchemeAsSecure(const String& scheme)
{
return secureSchemes().contains(scheme);
}

bool SecurityOrigin::shouldHideReferrer(const KURL& url, const String& referrer)
{
bool referrerIsSecureURL = protocolIs(referrer, "https");
@@ -40,8 +40,6 @@

namespace WebCore {

typedef HashSet<String, CaseFoldingHash> URLSchemesMap;

class Document;
class KURL;

@@ -174,18 +172,6 @@ class SecurityOrigin : public ThreadSafeShared<SecurityOrigin> {
// (and whether it was set) but considering the host. It is used for postMessage.
bool isSameSchemeHostPort(const SecurityOrigin*) const;

static void registerURLSchemeAsLocal(const String&);
static void removeURLSchemeRegisteredAsLocal(const String&);
static const URLSchemesMap& localURLSchemes();
static bool shouldTreatURLAsLocal(const String&);
static bool shouldTreatURLSchemeAsLocal(const String&);

// Secure schemes do not trigger mixed content warnings. For example,
// https and data are secure schemes because they cannot be corrupted by
// active network attackers.
static void registerURLSchemeAsSecure(const String&);
static bool shouldTreatURLSchemeAsSecure(const String&);

static bool shouldHideReferrer(const KURL&, const String& referrer);

enum LocalLoadPolicy {
@@ -197,9 +183,6 @@ class SecurityOrigin : public ThreadSafeShared<SecurityOrigin> {
static bool restrictAccessToLocal();
static bool allowSubstituteDataAccessToLocal();

static void registerURLSchemeAsNoAccess(const String&);
static bool shouldTreatURLSchemeAsNoAccess(const String&);

static void addOriginAccessWhitelistEntry(const SecurityOrigin& sourceOrigin, const String& destinationProtocol, const String& destinationDomains, bool allowDestinationSubdomains);
static void removeOriginAccessWhitelistEntry(const SecurityOrigin& sourceOrigin, const String& destinationProtocol, const String& destinationDomains, bool allowDestinationSubdomains);
static void resetOriginAccessWhitelists();

0 comments on commit 2940dc4

Please sign in to comment.