Commit 205006ed authored by weinig@apple.com's avatar weinig@apple.com

WebCore:

2008-04-26  Adam Barth  <hk9565@gmail.com>

        Reviewed by Adam Roben and Sam Weinig.

        Fixes bug http://bugs.webkit.org/show_bug.cgi?id=17331
        Fixes bug http://bugs.webkit.org/show_bug.cgi?id=16848
        
        Updates postMessage implementation to match HTML 5 specification:
        1) Adds origin parameter to postMessage.
        2) Removes domain and uri attributes of MessageEvent in favor of
           origin attribute.

        In order to do this correctly, we need to distinguish between hosts and domains
        in the SecurityOrigin class. There are now three ways to compare security origins:
        1) isSameSchemeHostPort compares scheme, host, and port, and is used for postMessage
        2) equal compares all aspects of the security origin, and is used for hash keys
        3) canAccess understands the semantics of schemes such as file:// and data:// URLs,
           and should be used for scripting access checks.

        Changed SecurityOrigin::toString() to generate identifiers that are suitable for 
        being used as a MessageEvent's origin property. In the future, they could be used 
        as database string identifiers as well. Re-used KURL parser to parse serialized 
        SecurityOrigins.

        Collin Jackson <collinj-webkit@collinjackson.com> also contributed to this patch.
        
        Tests: http/tests/security/postMessage/invalid-origin-throws-exception.html
               http/tests/security/postMessage/javascript-page-still-sends-origin.html
               http/tests/security/postMessage/origin-unaffected-by-base-tag.html
               http/tests/security/postMessage/origin-unaffected-by-document-domain.html
               http/tests/security/postMessage/target-origin.html

        * WebCore.base.exp:
        * bindings/js/JSDOMWindowCustom.cpp:
        (WebCore::JSDOMWindow::postMessage):
        * dom/Document.cpp:
        (WebCore::Document::domain):
        * dom/MessageEvent.cpp:
        (WebCore::MessageEvent::MessageEvent):
        (WebCore::MessageEvent::initMessageEvent):
        * dom/MessageEvent.h:
        (WebCore::MessageEvent::origin):
        * dom/MessageEvent.idl:
        * html/CanvasRenderingContext2D.cpp:
        (WebCore::CanvasRenderingContext2D::checkOrigin):
        (WebCore::CanvasRenderingContext2D::createPattern):
        * page/DOMWindow.cpp:
        (WebCore::DOMWindow::postMessage):
        * page/DOMWindow.h:
        * page/DOMWindow.idl:
        * platform/SecurityOrigin.cpp:
        (WebCore::SecurityOrigin::SecurityOrigin):
        (WebCore::SecurityOrigin::create):
        (WebCore::SecurityOrigin::createForFrame):
        (WebCore::SecurityOrigin::copy):
        (WebCore::SecurityOrigin::setDomainFromDOM):
        (WebCore::SecurityOrigin::canAccess):
        (WebCore::SecurityOrigin::isSecureTransitionTo):
        (WebCore::SecurityOrigin::toString):
        (WebCore::SecurityOrigin::createFromString):
        (WebCore::SecurityOrigin::createFromDatabaseIdentifier):
        (WebCore::SecurityOrigin::databaseIdentifier):
        (WebCore::SecurityOrigin::equal):
        (WebCore::SecurityOrigin::isSameSchemeHostPort):
        * platform/SecurityOrigin.h:
        (WebCore::SecurityOrigin::host):
        (WebCore::SecurityOrigin::domain):
        * platform/SecurityOriginHash.h:
        (WebCore::SecurityOriginTraits::deletedValue):
        * storage/DatabaseTracker.cpp:
        (WebCore::DatabaseTracker::hasEntryForDatabase):
        (WebCore::DatabaseTracker::originPath):
        (WebCore::DatabaseTracker::fullPathForDatabase):
        (WebCore::DatabaseTracker::populateOrigins):
        (WebCore::DatabaseTracker::databaseNamesForOrigin):
        (WebCore::DatabaseTracker::detailsForNameAndOrigin):
        (WebCore::DatabaseTracker::setDatabaseDetails):
        (WebCore::DatabaseTracker::setQuota):
        (WebCore::DatabaseTracker::addDatabase):
        (WebCore::DatabaseTracker::deleteOrigin):
        (WebCore::DatabaseTracker::deleteDatabase):

WebKit/mac:

2008-04-20 Adam Barth <hk9565@gmail.com>

        Reviewed by Adam Roben and Sam Weinig.

        Updated WebSecurityOrigin to match new SecurityOrigin API.

        Collin Jackson <collinj-webkit@collinjackson.com> also contributed to this patch.

        * Storage/WebSecurityOrigin.mm:
        (-[WebSecurityOrigin host]):
        (-[WebSecurityOrigin domain]):
        * Storage/WebSecurityOriginPrivate.h:

WebKit/win:

2008-04-26  Adam Barth <hk9565@gmail.com>

        Reviewed by Adam Roben and Sam Weinig.

        Renamed "domain" method to "host" to match SecurityOrigin.

        * Interfaces/IWebSecurityOrigin.idl:
        * WebSecurityOrigin.cpp:
        (WebSecurityOrigin::host):
        * WebSecurityOrigin.h:

WebKitTools:

2008-04-26  Adam Barth <hk9565@gmail.com>

        Reviewed by Adam Roben and Sam Weinig.

        Updates LayoutTestController to use host instead of domain.

        Collin Jackson <collinj-webkit@collinjackson.com> also contributed to this patch.

        * DumpRenderTree/mac/LayoutTestControllerMac.mm:
        (LayoutTestController::setDatabaseQuota):
        * DumpRenderTree/mac/UIDelegate.mm:
        (-[UIDelegate webView:frame:exceededDatabaseQuotaForSecurityOrigin:database:]):

LayoutTests:

2008-04-26  Adam Barth  <hk9565@gmail.com>

        Reviewed by Adam Roben and Sam Weinig.

        Update LayoutTests for new postMessage API.

        Collin Jackson <collinj-webkit@collinjackson.com> also contributed to this patch.

        * http/tests/security/postMessage/domain-and-uri-unaffected-by-base-tag-expected.txt: Removed.
        * http/tests/security/postMessage/domain-and-uri-unaffected-by-base-tag.html: Removed.
        * http/tests/security/postMessage/domain-unaffected-by-document-domain-expected.txt: Removed.
        * http/tests/security/postMessage/domain-unaffected-by-document-domain.html: Removed.
        * http/tests/security/postMessage/invalid-origin-throws-exception-expected.txt: Added.
        * http/tests/security/postMessage/invalid-origin-throws-exception.html: Added.
        * http/tests/security/postMessage/javascript-page-still-sends-domain-expected.txt: Removed.
        * http/tests/security/postMessage/javascript-page-still-sends-domain.html: Removed.
        * http/tests/security/postMessage/javascript-page-still-sends-origin-expected.txt: Copied from LayoutTests/http/tests/security/postMessage/javascript-page-still-sends-domain-expected.txt.
        * http/tests/security/postMessage/javascript-page-still-sends-origin.html: Copied from LayoutTests/http/tests/security/postMessage/javascript-page-still-sends-domain.html.
        * http/tests/security/postMessage/origin-unaffected-by-base-tag-expected.txt: Copied from LayoutTests/http/tests/security/postMessage/domain-and-uri-unaffected-by-base-tag-expected.txt.
        * http/tests/security/postMessage/origin-unaffected-by-base-tag.html: Copied from LayoutTests/http/tests/security/postMessage/domain-and-uri-unaffected-by-base-tag.html.
        * http/tests/security/postMessage/origin-unaffected-by-document-domain-expected.txt: Copied from LayoutTests/http/tests/security/postMessage/domain-unaffected-by-document-domain-expected.txt.
        * http/tests/security/postMessage/origin-unaffected-by-document-domain.html: Copied from LayoutTests/http/tests/security/postMessage/domain-unaffected-by-document-domain.html.
        * http/tests/security/postMessage/target-origin-expected.txt: Added.
        * http/tests/security/postMessage/target-origin.html: Added.



git-svn-id: http://svn.webkit.org/repository/webkit/trunk@32597 268f45cc-cd09-0410-ab3c-d52691b4dbfc
parent 2a45c93f
2008-04-26 Adam Barth <hk9565@gmail.com>
Reviewed by Adam Roben and Sam Weinig.
Update LayoutTests for new postMessage API.
Collin Jackson <collinj-webkit@collinjackson.com> also contributed to this patch.
* http/tests/security/postMessage/domain-and-uri-unaffected-by-base-tag-expected.txt: Removed.
* http/tests/security/postMessage/domain-and-uri-unaffected-by-base-tag.html: Removed.
* http/tests/security/postMessage/domain-unaffected-by-document-domain-expected.txt: Removed.
* http/tests/security/postMessage/domain-unaffected-by-document-domain.html: Removed.
* http/tests/security/postMessage/invalid-origin-throws-exception-expected.txt: Added.
* http/tests/security/postMessage/invalid-origin-throws-exception.html: Added.
* http/tests/security/postMessage/javascript-page-still-sends-domain-expected.txt: Removed.
* http/tests/security/postMessage/javascript-page-still-sends-domain.html: Removed.
* http/tests/security/postMessage/javascript-page-still-sends-origin-expected.txt: Copied from LayoutTests/http/tests/security/postMessage/javascript-page-still-sends-domain-expected.txt.
* http/tests/security/postMessage/javascript-page-still-sends-origin.html: Copied from LayoutTests/http/tests/security/postMessage/javascript-page-still-sends-domain.html.
* http/tests/security/postMessage/origin-unaffected-by-base-tag-expected.txt: Copied from LayoutTests/http/tests/security/postMessage/domain-and-uri-unaffected-by-base-tag-expected.txt.
* http/tests/security/postMessage/origin-unaffected-by-base-tag.html: Copied from LayoutTests/http/tests/security/postMessage/domain-and-uri-unaffected-by-base-tag.html.
* http/tests/security/postMessage/origin-unaffected-by-document-domain-expected.txt: Copied from LayoutTests/http/tests/security/postMessage/domain-unaffected-by-document-domain-expected.txt.
* http/tests/security/postMessage/origin-unaffected-by-document-domain.html: Copied from LayoutTests/http/tests/security/postMessage/domain-unaffected-by-document-domain.html.
* http/tests/security/postMessage/target-origin-expected.txt: Added.
* http/tests/security/postMessage/target-origin.html: Added.
2008-04-26 Anatoli Papirovski <apapirovski@mac.com>
Reviewed by Dave Hyatt.
data: Something uri: http://127.0.0.1:8000/messaging/cross-domain-message-send.html domain: 127.0.0.1
data: Something origin: http://127.0.0.1:8000
......@@ -9,8 +9,7 @@
function receiver(e) {
var result = "";
result += "data: " + e.data + "\n";
result += "uri: " + e.uri + "\n";
result += "domain: " + e.domain + "\n";
result += "origin: " + e.origin + "\n";
e.source.postMessage(result);
}
......
window.location.href = http://127.0.0.1:8000/security/postMessage/domain-and-uri-unaffected-by-base-tag.html
Received message: data="Message from parent" domain="127.0.0.1" uri="http://127.0.0.1:8000/security/postMessage/domain-and-uri-unaffected-by-base-tag.html"
CONSOLE MESSAGE: line 0: Unable to post message to asdf:. Recipient has origin http://localhost:8000.
CONSOLE MESSAGE: line 0: Unable to post message to http:. Recipient has origin http://localhost:8000.
CONSOLE MESSAGE: line 0: Unable to post message to /tmp/foo. Recipient has origin http://localhost:8000.
CONSOLE MESSAGE: line 0: Unable to post message to //localhost. Recipient has origin http://localhost:8000.
window.location.href = http://127.0.0.1:8000/security/postMessage/invalid-origin-throws-exception.html
waiting...
Encountered exception Error: SYNTAX_ERR: DOM Exception 12 while posting message to ''.
Encountered exception Error: SYNTAX_ERR: DOM Exception 12 while posting message to 'asdf'.
Posted message to 'asdf:' without any exceptions.
Posted message to 'http:' without any exceptions.
Posted message to '/tmp/foo' without any exceptions.
Posted message to '//localhost' without any exceptions.
<script>
if (window.layoutTestController)
layoutTestController.dumpAsText();
</script>
<!DOCTYPE html>
<html>
<head>
<script>
if (window.layoutTestController) {
layoutTestController.dumpAsText();
layoutTestController.waitUntilDone();
}
function recv(e) {
document.getElementById("result").innerHTML += "<br>" + e.data;
}
document.addEventListener("message", recv, false);
function tryPostMessage(origin) {
try {
win.postMessage("Trying origin=" + origin, origin);
document.getElementById("result").innerHTML += "<br>Posted message to '" + origin + "' without any exceptions.";
} catch(ex) {
document.getElementById("result").innerHTML += "<br>Encountered exception " + ex + " while posting message to '" + origin + "'.";
}
}
function test() {
var iframe = document.getElementById('child');
win = iframe.contentWindow;
// Non-URLs should fail with a syntax error.
tryPostMessage("");
tryPostMessage("asdf");
// URLs without an origin should fail without generating any errors.
tryPostMessage("asdf:");
tryPostMessage("http:");
// WebKit converts URLs that start with / to file:// URLs. They don't match the target frame, so they fail silently.
tryPostMessage("/tmp/foo");
tryPostMessage("//localhost");
if (window.layoutTestController)
layoutTestController.notifyDone();
}
</script>
<body>
<div>window.location.href = <script>document.write(window.location.href);</script></div>
<div><iframe src="http://localhost:8000/security/postMessage/resources/post-message-listener.html" onload="test()"
id="child" width="800" height="300" style="border: 1px solid black;">
</iframe></div>
<div id="result">waiting...</div>
</body>
</html>
window.location.href = http://127.0.0.1:8000/security/postMessage/javascript-page-still-sends-domain.html
Received message: data="Hello from child" domain="localhost" uri="http://localhost:8000/security/postMessage/resources/javascript-post-message-sender.html"
window.location.href = http://127.0.0.1:8000/security/postMessage/javascript-page-still-sends-origin.html
Received message: data="Hello from child" origin="http://localhost:8000"
......@@ -8,7 +8,7 @@ if (window.layoutTestController) {
}
function recv(e) {
var msg = 'Received message: data="' + e.data + '" domain="' + e.domain + '" uri="' + e.uri + '"';
var msg = 'Received message: data="' + e.data + '" origin="' + e.origin + '"';
document.getElementById("result").firstChild.data = msg;
......
window.location.href = http://127.0.0.1:8000/security/postMessage/origin-unaffected-by-base-tag.html
Received message: data="Message from parent" origin="http://127.0.0.1:8000"
window.location.href = http://127.0.0.1:8000/security/postMessage/domain-unaffected-by-document-domain.html
window.location.href = http://127.0.0.1:8000/security/postMessage/origin-unaffected-by-document-domain.html
document.domain = 0.0.1
Received message: data="Message from parent" domain="127.0.0.1" uri="http://127.0.0.1:8000/security/postMessage/domain-unaffected-by-document-domain.html"
Received message: data="Message from parent" origin="http://127.0.0.1:8000"
......@@ -4,7 +4,7 @@
<div>window.location.href = <script>document.write(window.location.href);</script></div>
<script>
function recv(e) {
var msg = 'Received message: data="' + e.data + '" domain="' + e.domain + '" uri="' + e.uri + '"';
var msg = 'Received message: data="' + e.data + '" origin="' + e.origin + '"';
top.postMessage(msg);
}
......
CONSOLE MESSAGE: line 0: Unable to post message to http://localhost:9090. Recipient has origin http://localhost:8000.
CONSOLE MESSAGE: line 0: Unable to post message to http://localhost. Recipient has origin http://localhost:8000.
CONSOLE MESSAGE: line 0: Unable to post message to https://localhost. Recipient has origin http://localhost:8000.
CONSOLE MESSAGE: line 0: Unable to post message to https://localhost:8000. Recipient has origin http://localhost:8000.
CONSOLE MESSAGE: line 0: Unable to post message to http://www.example.com. Recipient has origin http://localhost:8000.
window.location.href = http://127.0.0.1:8000/security/postMessage/target-origin.html
waiting...
Received message: data="Trying origin=http://localhost:8000" origin="http://127.0.0.1:8000"
Received message: data="Trying origin=http://localhost:8000/" origin="http://127.0.0.1:8000"
Received message: data="Trying origin=http://localhost:8000/foo" origin="http://127.0.0.1:8000"
Received message: data="Trying origin=http://localhost:8000/foo?bar" origin="http://127.0.0.1:8000"
Received message: data="Trying origin=http://localhost:8000/foo?bar#baz" origin="http://127.0.0.1:8000"
Received message: data="Trying origin=http://user:pass@localhost:8000/foo?bar#baz" origin="http://127.0.0.1:8000"
Received message: data="Trying origin=null" origin="http://127.0.0.1:8000"
Received message: data="Trying origin=undefined" origin="http://127.0.0.1:8000"
<!DOCTYPE html>
<html>
<head>
<script>
if (window.layoutTestController) {
layoutTestController.dumpAsText();
layoutTestController.waitUntilDone();
}
function recv(e) {
document.getElementById("result").innerHTML += "<br>" + e.data;
}
document.addEventListener("message", recv, false);
function tryPostMessage(win, origin) {
win.postMessage("Trying origin=" + origin, origin);
}
function test() {
var iframe = document.getElementById('child');
var win = iframe.contentWindow;
// Should succeed:
tryPostMessage(win, "http://localhost:8000");
tryPostMessage(win, "http://localhost:8000/");
tryPostMessage(win, "http://localhost:8000/foo");
tryPostMessage(win, "http://localhost:8000/foo?bar");
tryPostMessage(win, "http://localhost:8000/foo?bar#baz");
tryPostMessage(win, "http://user:pass@localhost:8000/foo?bar#baz");
tryPostMessage(win, null);
tryPostMessage(win, undefined);
// Should fail:
tryPostMessage(win, "http://localhost:9090");
tryPostMessage(win, "http://localhost");
tryPostMessage(win, "https://localhost");
tryPostMessage(win, "https://localhost:8000");
tryPostMessage(win, "http://www.example.com");
if (window.layoutTestController)
layoutTestController.notifyDone();
}
</script>
<body>
<div>window.location.href = <script>document.write(window.location.href);</script></div>
<div><iframe src="http://localhost:8000/security/postMessage/resources/post-message-listener.html" onload="test()"
id="child" width="800" height="300" style="border: 1px solid black;">
</iframe></div>
<div id="result">waiting...</div>
</body>
</html>
2008-04-26 Adam Barth <hk9565@gmail.com>
Reviewed by Adam Roben and Sam Weinig.
Fixes bug http://bugs.webkit.org/show_bug.cgi?id=17331
Fixes bug http://bugs.webkit.org/show_bug.cgi?id=16848
Updates postMessage implementation to match HTML 5 specification:
1) Adds origin parameter to postMessage.
2) Removes domain and uri attributes of MessageEvent in favor of
origin attribute.
In order to do this correctly, we need to distinguish between hosts and domains
in the SecurityOrigin class. There are now three ways to compare security origins:
1) isSameSchemeHostPort compares scheme, host, and port, and is used for postMessage
2) equal compares all aspects of the security origin, and is used for hash keys
3) canAccess understands the semantics of schemes such as file:// and data:// URLs,
and should be used for scripting access checks.
Changed SecurityOrigin::toString() to generate identifiers that are suitable for
being used as a MessageEvent's origin property. In the future, they could be used
as database string identifiers as well. Re-used KURL parser to parse serialized
SecurityOrigins.
Collin Jackson <collinj-webkit@collinjackson.com> also contributed to this patch.
Tests: http/tests/security/postMessage/invalid-origin-throws-exception.html
http/tests/security/postMessage/javascript-page-still-sends-origin.html
http/tests/security/postMessage/origin-unaffected-by-base-tag.html
http/tests/security/postMessage/origin-unaffected-by-document-domain.html
http/tests/security/postMessage/target-origin.html
* WebCore.base.exp:
* bindings/js/JSDOMWindowCustom.cpp:
(WebCore::JSDOMWindow::postMessage):
* dom/Document.cpp:
(WebCore::Document::domain):
* dom/MessageEvent.cpp:
(WebCore::MessageEvent::MessageEvent):
(WebCore::MessageEvent::initMessageEvent):
* dom/MessageEvent.h:
(WebCore::MessageEvent::origin):
* dom/MessageEvent.idl:
* html/CanvasRenderingContext2D.cpp:
(WebCore::CanvasRenderingContext2D::checkOrigin):
(WebCore::CanvasRenderingContext2D::createPattern):
* page/DOMWindow.cpp:
(WebCore::DOMWindow::postMessage):
* page/DOMWindow.h:
* page/DOMWindow.idl:
* platform/SecurityOrigin.cpp:
(WebCore::SecurityOrigin::SecurityOrigin):
(WebCore::SecurityOrigin::create):
(WebCore::SecurityOrigin::createForFrame):
(WebCore::SecurityOrigin::copy):
(WebCore::SecurityOrigin::setDomainFromDOM):
(WebCore::SecurityOrigin::canAccess):
(WebCore::SecurityOrigin::isSecureTransitionTo):
(WebCore::SecurityOrigin::toString):
(WebCore::SecurityOrigin::createFromString):
(WebCore::SecurityOrigin::createFromDatabaseIdentifier):
(WebCore::SecurityOrigin::databaseIdentifier):
(WebCore::SecurityOrigin::equal):
(WebCore::SecurityOrigin::isSameSchemeHostPort):
* platform/SecurityOrigin.h:
(WebCore::SecurityOrigin::host):
(WebCore::SecurityOrigin::domain):
* platform/SecurityOriginHash.h:
(WebCore::SecurityOriginTraits::deletedValue):
* storage/DatabaseTracker.cpp:
(WebCore::DatabaseTracker::hasEntryForDatabase):
(WebCore::DatabaseTracker::originPath):
(WebCore::DatabaseTracker::fullPathForDatabase):
(WebCore::DatabaseTracker::populateOrigins):
(WebCore::DatabaseTracker::databaseNamesForOrigin):
(WebCore::DatabaseTracker::detailsForNameAndOrigin):
(WebCore::DatabaseTracker::setDatabaseDetails):
(WebCore::DatabaseTracker::setQuota):
(WebCore::DatabaseTracker::addDatabase):
(WebCore::DatabaseTracker::deleteOrigin):
(WebCore::DatabaseTracker::deleteDatabase):
2008-04-26 Kevin Ollivier <kevino@theolliviers.com>
wx build fix. Add the AX*ActionVerb functions to the wx build.
......@@ -287,7 +287,8 @@ __ZN7WebCore14DragController9dragEndedEv
__ZN7WebCore14ResourceHandle12releaseProxyEv
__ZN7WebCore14ResourceLoader14cancelledErrorEv
__ZN7WebCore14ResourceLoader19setShouldBufferDataEb
__ZN7WebCore14SecurityOrigin6createERKNS_6StringES3_tPS0_
__ZN7WebCore14SecurityOrigin6createERKNS_4KURLE
__ZNK7WebCore14SecurityOrigin5equalEPKS0_
__ZN7WebCore15ArchiveResource6createEN3WTF10PassRefPtrINS_12SharedBufferEEERKNS_4KURLERKNS_6StringESA_SA_RKNS_16ResourceResponseE
__ZN7WebCore15BackForwardList10removeItemEPNS_11HistoryItemE
__ZN7WebCore15BackForwardList10setEnabledEb
......
......@@ -207,14 +207,18 @@ JSValue* JSDOMWindow::postMessage(ExecState* exec, const List& args)
DOMWindow* window = impl();
DOMWindow* source = toJSDOMWindow(exec->dynamicGlobalObject())->impl();
String domain = source->frame()->loader()->url().host();
String uri = source->frame()->loader()->url().string();
String message = args[0]->toString(exec);
if (exec->hadException())
return jsUndefined();
window->postMessage(message, domain, uri, source);
String targetOrigin = valueToStringWithUndefinedOrNullCheck(exec, args[1]);
if (exec->hadException())
return jsUndefined();
ExceptionCode ec = 0;
window->postMessage(message, targetOrigin, source, ec);
setDOMException(exec, ec);
return jsUndefined();
}
......
......@@ -2755,7 +2755,7 @@ String Document::referrer() const
String Document::domain() const
{
return m_securityOrigin->host();
return m_securityOrigin->domain();
}
void Document::setDomain(const String& newDomain)
......
......@@ -41,11 +41,10 @@ MessageEvent::MessageEvent()
{
}
MessageEvent::MessageEvent(const String& data, const String& domain, const String& uri, DOMWindow* source)
MessageEvent::MessageEvent(const String& data, const String& origin, DOMWindow* source)
: Event(messageEvent, true, true)
, m_data(data)
, m_domain(domain)
, m_uri(uri)
, m_origin(origin)
, m_source(source)
{
}
......@@ -54,7 +53,7 @@ MessageEvent::~MessageEvent()
{
}
void MessageEvent::initMessageEvent(const AtomicString& type, bool canBubble, bool cancelable, const String& data, const String& domain, const String& uri, DOMWindow* source)
void MessageEvent::initMessageEvent(const AtomicString& type, bool canBubble, bool cancelable, const String& data, const String& origin, DOMWindow* source)
{
if (dispatched())
return;
......@@ -62,8 +61,7 @@ void MessageEvent::initMessageEvent(const AtomicString& type, bool canBubble, bo
initEvent(type, canBubble, cancelable);
m_data = data;
m_domain = domain;
m_uri = uri;
m_origin = origin;
m_source = source;
}
......
......@@ -39,22 +39,20 @@ namespace WebCore {
class MessageEvent : public Event {
public:
MessageEvent();
MessageEvent(const String& data, const String& domain, const String& uri, DOMWindow* source);
MessageEvent(const String& data, const String& origin, DOMWindow* source);
virtual ~MessageEvent();
void initMessageEvent(const AtomicString& type, bool canBubble, bool cancelable, const String& data, const String& domain, const String& uri, DOMWindow* source);
void initMessageEvent(const AtomicString& type, bool canBubble, bool cancelable, const String& data, const String& origin, DOMWindow* source);
const String& data() const { return m_data; }
const String& domain() const { return m_domain; }
const String& uri() const { return m_uri; }
const String& origin() const { return m_origin; }
DOMWindow* source() const { return m_source.get(); }
virtual bool isMessageEvent() const;
private:
String m_data;
String m_domain;
String m_uri;
String m_origin;
RefPtr<DOMWindow> m_source;
};
......
......@@ -29,11 +29,10 @@ module events {
interface [Conditional=CROSS_DOCUMENT_MESSAGING,GenerateConstructor] MessageEvent : Event {
readonly attribute DOMString data;
readonly attribute DOMString domain;
readonly attribute DOMString uri;
readonly attribute DOMString origin;
readonly attribute DOMWindow source;
void initMessageEvent(in DOMString typeArg, in boolean canBubbleArg, in boolean cancelableArg, in DOMString dataArg, in DOMString domainArg, in DOMString uriArg, in DOMWindow sourceArg);
void initMessageEvent(in DOMString typeArg, in boolean canBubbleArg, in boolean cancelableArg, in DOMString dataArg, in DOMString originArg, in DOMWindow sourceArg);
};
......
......@@ -910,7 +910,7 @@ void CanvasRenderingContext2D::drawImage(HTMLImageElement* image,
void CanvasRenderingContext2D::checkOrigin(const KURL& url)
{
RefPtr<SecurityOrigin> origin = SecurityOrigin::create(url.protocol(), url.host(), url.port(), 0);
RefPtr<SecurityOrigin> origin = SecurityOrigin::create(url);
SecurityOrigin::Reason reason;
if (!m_canvas->document()->securityOrigin()->canAccess(origin.get(), reason))
m_canvas->setOriginTainted();
......@@ -1061,7 +1061,7 @@ PassRefPtr<CanvasPattern> CanvasRenderingContext2D::createPattern(HTMLImageEleme
bool originClean = true;
if (CachedImage* cachedImage = image->cachedImage()) {
KURL url(cachedImage->url());
RefPtr<SecurityOrigin> origin = SecurityOrigin::create(url.protocol(), url.host(), url.port(), 0);
RefPtr<SecurityOrigin> origin = SecurityOrigin::create(url);
SecurityOrigin::Reason reason;
originClean = m_canvas->document()->securityOrigin()->canAccess(origin.get(), reason);
}
......
......@@ -30,11 +30,13 @@
#include "CSSComputedStyleDeclaration.h"
#include "CSSRuleList.h"
#include "CSSStyleSelector.h"
#include "CString.h"
#include "Chrome.h"
#include "Console.h"
#include "DOMSelection.h"
#include "Document.h"
#include "Element.h"
#include "ExceptionCode.h"
#include "FloatRect.h"
#include "Frame.h"
#include "FrameLoader.h"
......@@ -320,10 +322,39 @@ Storage* DOMWindow::localStorage() const
#endif
#if ENABLE(CROSS_DOCUMENT_MESSAGING)
void DOMWindow::postMessage(const String& message, const String& domain, const String& uri, DOMWindow* source) const
void DOMWindow::postMessage(const String& message, const String& targetOrigin, DOMWindow* source, ExceptionCode& ecForSender) const
{
ExceptionCode ec;
document()->dispatchEvent(new MessageEvent(message, domain, uri, source), ec, true);
if (!m_frame)
return;
if (!targetOrigin.isNull()) {
KURL desiredTargetURL(targetOrigin);
if (!desiredTargetURL.isValid()) {
ecForSender = SYNTAX_ERR;
return;
}
RefPtr<SecurityOrigin> desiredTargetOrigin = SecurityOrigin::create(desiredTargetURL);
SecurityOrigin* actualTargetOrigin = document()->securityOrigin();
if (desiredTargetOrigin->isEmpty() || !desiredTargetOrigin->isSameSchemeHostPort(actualTargetOrigin)) {
// The sender is not allowed to find out the origin of
// the recipient, so we fail silently and log a message
// to the console.
String message = String::format("Unable to post message to %s. Recipient has origin %s.\n",
targetOrigin.utf8().data(), actualTargetOrigin->toString().utf8().data());
console()->addMessage(JSMessageSource, ErrorMessageLevel, message, 0, String());
return;
}
}
Document* sourceDocument = source->document();
if (!sourceDocument)
return;
String sourceOrigin = sourceDocument->securityOrigin()->toString();
// Sender is not allowed to see exceptions other than syntax errors
ExceptionCode ec;
document()->dispatchEvent(new MessageEvent(message, sourceOrigin, source), ec, true);
}
#endif
......
......@@ -165,7 +165,7 @@ namespace WebCore {
DOMApplicationCache* applicationCache() const;
#endif
#if ENABLE(CROSS_DOCUMENT_MESSAGING)
void postMessage(const String& message, const String& domain, const String& uri, DOMWindow* source) const;
void postMessage(const String& message, const String& targetOrigin, DOMWindow* source, ExceptionCode& ecForSender) const;
#endif
void scrollBy(int x, int y) const;
......
......@@ -148,7 +148,8 @@ module window {
#if defined(ENABLE_CROSS_DOCUMENT_MESSAGING)
// cross-document messaging
[DoNotCheckDomainSecurity, Custom] void postMessage(in DOMString message);
[DoNotCheckDomainSecurity, Custom] void postMessage(in DOMString message, in [Optional] DOMString targetOrigin)
raises(DOMException);
#endif
#if defined(LANGUAGE_JAVASCRIPT)
......
......@@ -29,6 +29,7 @@
#include "config.h"
#include "SecurityOrigin.h"
#include "CString.h"
#include "Document.h"
#include "Frame.h"
#include "FrameLoader.h"
......@@ -53,11 +54,10 @@ static bool isDefaultPortForProtocol(unsigned short port, const String& protocol
return defaultPorts.get(protocol) == port;
}
SecurityOrigin::SecurityOrigin(const String& protocol, const String& host, unsigned short port)
: m_protocol(protocol.isNull() ? "" : protocol.lower())
, m_host(host.isNull() ? "" : host.lower())
, m_port(port)
, m_portSet(port)
SecurityOrigin::SecurityOrigin(const KURL& url)
: m_protocol(url.protocol().isNull() ? "" : url.protocol().lower())
, m_host(url.host().isNull() ? "" : url.host().lower())
, m_port(url.port())
, m_noAccess(false)
, m_domainWasSetInDOM(false)
{
......@@ -69,11 +69,21 @@ SecurityOrigin::SecurityOrigin(const String& protocol, const String& host, unsig
if (m_protocol == "data")
m_noAccess = true;
// document.domain starts as m_host, but can be set by the DOM.
m_domain = m_host;
if (isDefaultPortForProtocol(m_port, m_protocol)) {
if (isDefaultPortForProtocol(m_port, m_protocol))
m_port = 0;
m_portSet = false;
}
}
SecurityOrigin::SecurityOrigin(const SecurityOrigin* other)
: m_protocol(other->m_protocol.copy())
, m_host(other->m_host.copy())
, m_domain(other->m_domain.copy())
, m_port(other->m_port)
, m_noAccess(other->m_noAccess)
, m_domainWasSetInDOM(other->m_domainWasSetInDOM)
{
}
bool SecurityOrigin::isEmpty() const
......@@ -81,24 +91,15 @@ bool SecurityOrigin::isEmpty() const
return m_protocol.isEmpty();
}
PassRefPtr<SecurityOrigin> SecurityOrigin::create(const String& protocol, const String& host, unsigned short port, SecurityOrigin* ownerFrameOrigin)
PassRefPtr<SecurityOrigin> SecurityOrigin::create(const KURL& url)
{