-
jpfau@apple.com authored
https://bugs.webkit.org/show_bug.cgi?id=94057 Reviewed by Adam Barth. Source/WebCore: Add a check for pages in third-party pages to allow third-party storage blocking of Web SQL databases. Tests: http/tests/security/cross-origin-websql-allowed.html http/tests/security/cross-origin-websql.html * Modules/webdatabase/DOMWindowWebDatabase.cpp: (WebCore::DOMWindowWebDatabase::openDatabase): Pass top origin to canAccessDatabase * page/SecurityOrigin.cpp: (WebCore::SecurityOrigin::canAccessStorage): Common method for various types of storage that use the same criteria * page/SecurityOrigin.h: (WebCore::SecurityOrigin::canAccessDatabase): Use canAccessStorage (WebCore::SecurityOrigin::canAccessLocalStorage): Change to using canAccessStorage (SecurityOrigin): LayoutTests: Created tests for accessing openDatabase from a third party and first party context when third-party blocking is on and off. * http/tests/security/cross-origin-websql-allowed-expected.txt: Added. * http/tests/security/cross-origin-websql-allowed.html: Added. * http/tests/security/cross-origin-websql-expected.txt: Added. * http/tests/security/cross-origin-websql.html: Added. * http/tests/security/resources/cross-origin-iframe-for-websql.html: Added. git-svn-id: http://svn.webkit.org/repository/webkit/trunk@125736 268f45cc-cd09-0410-ab3c-d52691b4dbfc
5a0c1173
