Commit 15d2021e authored by ap@apple.com's avatar ap@apple.com
Browse files

<rdar://problem/13490123> Sandbox extension tracking is incorrect when restoring a session

        https://bugs.webkit.org/show_bug.cgi?id=113709

        Reviewed by Anders Carlsson.

        * WebProcess/WebPage/WebPage.cpp:
        (WebKit::WebPage::SandboxExtensionTracker::didStartProvisionalLoad): Added an assertion
        to catch extension tracking logic errors that could result in giving an extension to
        non-local pages.
        (WebKit::WebPage::SandboxExtensionTracker::didCommitProvisionalLoad): Just like
        below, clearing m_pendingProvisionalSandboxExtension appears incorrect, even though
        I am not aware of any scenarios where this happens in practice.
        (WebKit::WebPage::SandboxExtensionTracker::didFailProvisionalLoad): The load may
        be failing exactly because a new one cancels it, so we shouldn't be preventing
        the new one from using its extension.



git-svn-id: http://svn.webkit.org/repository/webkit/trunk@147344 268f45cc-cd09-0410-ab3c-d52691b4dbfc
parent 7af48c64
2013-04-01 Alexey Proskuryakov <ap@apple.com>
<rdar://problem/13490123> Sandbox extension tracking is incorrect when restoring a session
https://bugs.webkit.org/show_bug.cgi?id=113709
Reviewed by Anders Carlsson.
* WebProcess/WebPage/WebPage.cpp:
(WebKit::WebPage::SandboxExtensionTracker::didStartProvisionalLoad): Added an assertion
to catch extension tracking logic errors that could result in giving an extension to
non-local pages.
(WebKit::WebPage::SandboxExtensionTracker::didCommitProvisionalLoad): Just like
below, clearing m_pendingProvisionalSandboxExtension appears incorrect, even though
I am not aware of any scenarios where this happens in practice.
(WebKit::WebPage::SandboxExtensionTracker::didFailProvisionalLoad): The load may
be failing exactly because a new one cancels it, so we shouldn't be preventing
the new one from using its extension.
2013-04-01 Brady Eidson <beidson@apple.com>
 
SharedMemory release build hardening.
......@@ -3170,6 +3170,8 @@ void WebPage::SandboxExtensionTracker::didStartProvisionalLoad(WebFrame* frame)
if (!m_provisionalSandboxExtension)
return;
ASSERT(!m_provisionalSandboxExtension || frame->coreFrame()->loader()->provisionalDocumentLoader()->url().isLocalFile());
m_provisionalSandboxExtension->consume();
}
......@@ -3178,14 +3180,13 @@ void WebPage::SandboxExtensionTracker::didCommitProvisionalLoad(WebFrame* frame)
if (!frame->isMainFrame())
return;
// Generally, there should be no pending extension at this stage, but we can have one if UI process
// has an out of date idea of WebProcess state, and initiates a load or reload without stopping an existing one.
m_pendingProvisionalSandboxExtension = nullptr;
if (m_committedSandboxExtension)
m_committedSandboxExtension->revoke();
m_committedSandboxExtension = m_provisionalSandboxExtension.release();
// We can also have a non-null m_pendingProvisionalSandboxExtension if a new load is being started.
// This extension is not cleared, because it does not pertain to the failed load, and will be needed.
}
void WebPage::SandboxExtensionTracker::didFailProvisionalLoad(WebFrame* frame)
......@@ -3193,15 +3194,15 @@ void WebPage::SandboxExtensionTracker::didFailProvisionalLoad(WebFrame* frame)
if (!frame->isMainFrame())
return;
// Generally, there should be no pending extension at this stage, but we can have one if UI process
// has an out of date idea of WebProcess state, and initiates a load or reload without stopping an existing one.
m_pendingProvisionalSandboxExtension = nullptr;
if (!m_provisionalSandboxExtension)
return;
m_provisionalSandboxExtension->revoke();
m_provisionalSandboxExtension = nullptr;
// We can also have a non-null m_pendingProvisionalSandboxExtension if a new load is being started
// (notably, if the current one fails because the new one cancels it). This extension is not cleared,
// because it does not pertain to the failed load, and will be needed.
}
bool WebPage::hasLocalDataForURL(const KURL& url)
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment