https://bugs.webkit.org/show_bug.cgi?id=71755

Reviewed by Eric Seidel.

Source/WebCore: 

The SecurityOrigin class should be focused on representing a web
security origin rather than being a dumping ground for all
security-related state.  This patch moves a bunch of static "policy"
state into its own SecurityPolicy class.

* WebCore.exp.in:
* WebCore.gypi:
* dom/Document.cpp:
(WebCore::Document::initSecurityContext):
* html/HTMLAnchorElement.cpp:
(WebCore::HTMLAnchorElement::handleClick):
* loader/FrameLoader.cpp:
(WebCore::FrameLoader::loadFrameRequest):
(WebCore::FrameLoader::loadResourceSynchronously):
* loader/PingLoader.cpp:
(WebCore::PingLoader::loadImage):
(WebCore::PingLoader::sendPing):
(WebCore::PingLoader::reportContentSecurityPolicyViolation):
* loader/SubframeLoader.cpp:
(WebCore::SubframeLoader::loadSubframe):
* loader/SubresourceLoader.cpp:
(WebCore::SubresourceLoader::create):
* page/SecurityOrigin.cpp:
(WebCore::SecurityOrigin::canRequest):
(WebCore::SecurityOrigin::canDisplay):
(WebCore::SecurityOrigin::grantLoadLocalResources):
* page/SecurityOrigin.h:

Source/WebKit/chromium: 

* src/WebFrameImpl.cpp:
(WebKit::WebFrameImpl::setReferrerForRequest):
* src/WebSecurityPolicy.cpp:
(WebKit::WebSecurityPolicy::addOriginAccessWhitelistEntry):
(WebKit::WebSecurityPolicy::removeOriginAccessWhitelistEntry):
(WebKit::WebSecurityPolicy::resetOriginAccessWhitelists):
(WebKit::WebSecurityPolicy::shouldHideReferrer):
* src/WebViewImpl.cpp:
(WebKit::WebViewImpl::initializeMainFrame):

Source/WebKit/gtk: 

* WebCoreSupport/DumpRenderTreeSupportGtk.cpp:
(DumpRenderTreeSupportGtk::whiteListAccessFromOrigin):
(DumpRenderTreeSupportGtk::resetOriginAccessWhiteLists):

Source/WebKit/mac: 

* Plugins/Hosted/HostedNetscapePluginStream.mm:
(WebKit::HostedNetscapePluginStream::HostedNetscapePluginStream):
* Plugins/WebNetscapePluginStream.mm:
(WebNetscapePluginStream::WebNetscapePluginStream):
* WebView/WebView.mm:
(-[WebView _commonInitializationWithFrameName:groupName:]):
(+[WebView _addOriginAccessWhitelistEntryWithSourceOrigin:destinationProtocol:destinationHost:allowDestinationSubdomains:]):
(+[WebView _removeOriginAccessWhitelistEntryWithSourceOrigin:destinationProtocol:destinationHost:allowDestinationSubdomains:]):
(+[WebView _resetOriginAccessWhitelists]):

Source/WebKit/qt: 

* Api/qwebpage.cpp:
(QWebPagePrivate::QWebPagePrivate):
* WebCoreSupport/DumpRenderTreeSupportQt.cpp:
(DumpRenderTreeSupportQt::whiteListAccessFromOrigin):
(DumpRenderTreeSupportQt::removeWhiteListAccessFromOrigin):
(DumpRenderTreeSupportQt::resetOriginAccessWhiteLists):

Source/WebKit/win: 

* WebView.cpp:
(WebView::addOriginAccessWhitelistEntry):
(WebView::removeOriginAccessWhitelistEntry):
(WebView::resetOriginAccessWhitelists):

Source/WebKit2: 

* WebProcess/InjectedBundle/InjectedBundle.cpp:
(WebKit::InjectedBundle::addOriginAccessWhitelistEntry):
(WebKit::InjectedBundle::removeOriginAccessWhitelistEntry):
(WebKit::InjectedBundle::resetOriginAccessWhitelists):
* WebProcess/Plugins/PluginView.cpp:
(WebKit::PluginView::loadURL):


git-svn-id: http://svn.webkit.org/repository/webkit/trunk@99659 268f45cc-cd09-0410-ab3c-d52691b4dbfc