-
commit-queue@webkit.org authored
https://bugs.webkit.org/show_bug.cgi?id=94918 Patch by Mike West <mkwst@chromium.org> on 2012-08-27 Reviewed by Adam Barth. Source/WebCore: 'blob:' and 'filesystem:' URLs are same-origin with the page on which they were created. Currently, we're using the wrong URL for comparison when matching against CSP directive source lists. This patch adjusts the matching logic to compare against the blob's inner URL, rather than directly against the blob itself. Tests: http/tests/security/contentSecurityPolicy/blob-urls-match-self.html http/tests/security/contentSecurityPolicy/filesystem-urls-match-self.html http/tests/security/contentSecurityPolicy/source-list-parsing-08.html * page/ContentSecurityPolicy.cpp: (WebCore::CSPSourceList::matches): If we should use the inner URL of a given resource, extract it into a local variable, and pass that into CSPSource for comparison. * page/SecurityOrigin.cpp: (WebCore::SecurityOrigin::shouldUseInnerURL): (WebCore::SecurityOrigin::extractInnerURL): Move shouldUseInnerURL and extractInnerURL to SecurityOrigin's public signature. (WebCore::shouldTreatAsUniqueOrigin): (WebCore::SecurityOrigin::create): (WebCore::SecurityOrigin::isSecure): shouldUseInnerURL and extractInnerURL are now static methods of SecurityOrigin: updating calls to mathc. * page/SecurityOrigin.h: LayoutTests: * http/tests/security/contentSecurityPolicy/blob-urls-match-self-expected.txt: Added. * http/tests/security/contentSecurityPolicy/blob-urls-match-self.html: Added. * http/tests/security/contentSecurityPolicy/filesystem-urls-match-self-expected.txt: Added. * http/tests/security/contentSecurityPolicy/filesystem-urls-match-self.html: Added. Test the new functionality. * http/tests/security/contentSecurityPolicy/resources/multiple-iframe-test.js: (test): Adding support for data: URLs. * http/tests/security/contentSecurityPolicy/source-list-parsing-08-expected.txt: Added. * http/tests/security/contentSecurityPolicy/source-list-parsing-08.html: Added. Adding data: URL tests to ensure that grabbing the inner URL of the URL to test doesn't inadvertently regress that behavior. * platform/efl/Skipped: * platform/mac/Skipped: * platform/qt/Skipped: * platform/win/Skipped: Skipping filessytem test on ports where it's not enabled. git-svn-id: http://svn.webkit.org/repository/webkit/trunk@126785 268f45cc-cd09-0410-ab3c-d52691b4dbfc
3fde8622