Commit 2c65ac11 authored by trey's avatar trey

3144458 - user's credentials are present in a form that is revisited via b/f or history

	We now never save/restore password fields.  Also if the page has a form with a password
	field that would be submitted securely, we do not save anything on that page.

        Reviewed by Darin.

        * force-clean-timestamp:  PB isn't smart enough to know what to rebuild.
        * khtml/html/html_formimpl.cpp:
        (HTMLFormElementImpl::formWouldHaveSecureSubmission):  Utility function.
        (HTMLFormElementImpl::attach):  Tell doc if we've added a secure form.
        (HTMLFormElementImpl::parseAttribute):  Tell doc if form became secure.
        (HTMLInputElementImpl::state):  Assert that we never save password fields.
        (HTMLInputElementImpl::restoreState):  Assert that we never restore password fields.
        (HTMLInputElementImpl::attach):  Tell doc if we've added a password field.
        * khtml/html/html_formimpl.h:
        * khtml/xml/dom_docimpl.cpp:
        (DocumentImpl::DocumentImpl):  Init count of secure forms, password fields.
        (DocumentImpl::passwordFieldAdded):
        (DocumentImpl::passwordFieldRemoved):
        (DocumentImpl::hasPasswordField):  New methods to count password fields.
        (DocumentImpl::secureFormAdded):
        (DocumentImpl::secureFormRemoved):
        (DocumentImpl::hasSecureForm):  New methods to count secure forms.
        * khtml/xml/dom_docimpl.h:
        * kwq/KWQKHTMLPart.mm:
        (KWQKHTMLPart::canCachePage):   Never let pages with password fields in the page cache.
        (KWQKHTMLPart::saveDocumentState):  Do not save form state if page has a form with
	a password field that would be submitted securely


git-svn-id: http://svn.webkit.org/repository/webkit/trunk@3328 268f45cc-cd09-0410-ab3c-d52691b4dbfc
parent 13748990
2003-01-15 Trey Matteson <trey@apple.com>
3144458 - user's credentials are present in a form that is revisited via b/f or history
We now never save/restore password fields. Also if the page has a form with a password
field that would be submitted securely, we do not save anything on that page.
Reviewed by Darin.
* force-clean-timestamp: PB isn't smart enough to know what to rebuild.
* khtml/html/html_formimpl.cpp:
(HTMLFormElementImpl::formWouldHaveSecureSubmission): Utility function.
(HTMLFormElementImpl::attach): Tell doc if we've added a secure form.
(HTMLFormElementImpl::parseAttribute): Tell doc if form became secure.
(HTMLInputElementImpl::state): Assert that we never save password fields.
(HTMLInputElementImpl::restoreState): Assert that we never restore password fields.
(HTMLInputElementImpl::attach): Tell doc if we've added a password field.
* khtml/html/html_formimpl.h:
* khtml/xml/dom_docimpl.cpp:
(DocumentImpl::DocumentImpl): Init count of secure forms, password fields.
(DocumentImpl::passwordFieldAdded):
(DocumentImpl::passwordFieldRemoved):
(DocumentImpl::hasPasswordField): New methods to count password fields.
(DocumentImpl::secureFormAdded):
(DocumentImpl::secureFormRemoved):
(DocumentImpl::hasSecureForm): New methods to count secure forms.
* khtml/xml/dom_docimpl.h:
* kwq/KWQKHTMLPart.mm:
(KWQKHTMLPart::canCachePage): Never let pages with password fields in the page cache.
(KWQKHTMLPart::saveDocumentState): Do not save form state if page has a form with
a password field that would be submitted securely
2003-01-15 Darin Adler <darin@apple.com>
Reviewed by Ken.
......
2003-01-15 Trey Matteson <trey@apple.com>
3144458 - user's credentials are present in a form that is revisited via b/f or history
We now never save/restore password fields. Also if the page has a form with a password
field that would be submitted securely, we do not save anything on that page.
Reviewed by Darin.
* force-clean-timestamp: PB isn't smart enough to know what to rebuild.
* khtml/html/html_formimpl.cpp:
(HTMLFormElementImpl::formWouldHaveSecureSubmission): Utility function.
(HTMLFormElementImpl::attach): Tell doc if we've added a secure form.
(HTMLFormElementImpl::parseAttribute): Tell doc if form became secure.
(HTMLInputElementImpl::state): Assert that we never save password fields.
(HTMLInputElementImpl::restoreState): Assert that we never restore password fields.
(HTMLInputElementImpl::attach): Tell doc if we've added a password field.
* khtml/html/html_formimpl.h:
* khtml/xml/dom_docimpl.cpp:
(DocumentImpl::DocumentImpl): Init count of secure forms, password fields.
(DocumentImpl::passwordFieldAdded):
(DocumentImpl::passwordFieldRemoved):
(DocumentImpl::hasPasswordField): New methods to count password fields.
(DocumentImpl::secureFormAdded):
(DocumentImpl::secureFormRemoved):
(DocumentImpl::hasSecureForm): New methods to count secure forms.
* khtml/xml/dom_docimpl.h:
* kwq/KWQKHTMLPart.mm:
(KWQKHTMLPart::canCachePage): Never let pages with password fields in the page cache.
(KWQKHTMLPart::saveDocumentState): Do not save form state if page has a form with
a password field that would be submitted securely
2003-01-15 Darin Adler <darin@apple.com>
Reviewed by Ken.
......
DOMString constructor 12/13
New member vars in DocumentImpl 1/15/03
......@@ -90,6 +90,18 @@ NodeImpl::Id HTMLFormElementImpl::id() const
return ID_FORM;
}
#if APPLE_CHANGES
bool HTMLFormElementImpl::formWouldHaveSecureSubmission(DOMString url)
{
if (url.isNull()) {
return false;
} else {
QString fullUrl = getDocument()->completeURL( url.string() );
return strncmp(fullUrl.latin1(), "https:", 6) == 0;
}
}
#endif
void HTMLFormElementImpl::attach()
{
HTMLElementImpl::attach();
......@@ -99,6 +111,13 @@ void HTMLFormElementImpl::attach()
document->addNamedImageOrForm(oldNameAttr);
document->addNamedImageOrForm(oldIdAttr);
}
#if APPLE_CHANGES
// note we don't deal with calling secureFormRemoved() on detach, because the timing
// was such that it cleared our state too early
if (formWouldHaveSecureSubmission(m_url))
getDocument()->secureFormAdded();
#endif
}
void HTMLFormElementImpl::detach()
......@@ -498,7 +517,21 @@ void HTMLFormElementImpl::parseAttribute(AttributeImpl *attr)
switch(attr->id())
{
case ATTR_ACTION:
#if APPLE_CHANGES
{
bool oldURLWasSecure = formWouldHaveSecureSubmission(m_url);
#endif
m_url = khtml::parseURL(attr->value());
#if APPLE_CHANGES
bool newURLIsSecure = formWouldHaveSecureSubmission(m_url);
if (m_attached && (oldURLWasSecure != newURLIsSecure))
if (newURLIsSecure)
getDocument()->secureFormAdded();
else
getDocument()->secureFormRemoved();
}
#endif
break;
case ATTR_TARGET:
m_target = attr->value();
......@@ -1038,6 +1071,8 @@ DOMString HTMLInputElementImpl::type() const
QString HTMLInputElementImpl::state( )
{
assert(m_type != PASSWORD); // should never save/restore password fields
QString state = HTMLGenericFormElementImpl::state();
switch (m_type) {
case CHECKBOX:
......@@ -1050,6 +1085,8 @@ QString HTMLInputElementImpl::state( )
void HTMLInputElementImpl::restoreState(QStringList &states)
{
assert(m_type != PASSWORD); // should never save/restore password fields
QString state = HTMLGenericFormElementImpl::findMatchingState(states);
if (state.isNull()) return;
......@@ -1266,6 +1303,13 @@ void HTMLInputElementImpl::attach()
HTMLGenericFormElementImpl::attach();
_style->deref();
#if APPLE_CHANGES
// note we don't deal with calling passwordFieldRemoved() on detach, because the timing
// was such that it cleared our state too early
if (m_type == PASSWORD)
getDocument()->passwordFieldAdded();
#endif
}
DOMString HTMLInputElementImpl::altText() const
......
......@@ -119,6 +119,9 @@ public:
private:
QString oldIdAttr;
QString oldNameAttr;
#if APPLE_CHANGES
bool formWouldHaveSecureSubmission(DOMString url);
#endif
};
// -------------------------------------------------------------------------
......@@ -282,7 +285,7 @@ public:
void blur();
void focus();
virtual bool maintainsState() { return true; }
virtual bool maintainsState() { return m_type != PASSWORD; }
virtual QString state();
virtual void restoreState(QStringList &);
......
......@@ -228,7 +228,8 @@ QPtrList<DocumentImpl> * DocumentImpl::changedDocuments = 0;
DocumentImpl::DocumentImpl(DOMImplementationImpl *_implementation, KHTMLView *v)
: NodeBaseImpl( new DocumentPtr() )
#if APPLE_CHANGES
, m_finishedParsing(this, SIGNAL(finishedParsing())), m_inPageCache(0)
, m_finishedParsing(this, SIGNAL(finishedParsing())), m_inPageCache(0),
m_passwordFields(0), m_secureForms(0)
#endif
{
document->doc = this;
......@@ -2242,6 +2243,39 @@ void DocumentImpl::setInPageCache(bool flag)
{
m_inPageCache = flag;
}
void DocumentImpl::passwordFieldAdded()
{
m_passwordFields++;
}
void DocumentImpl::passwordFieldRemoved()
{
assert(m_passwordFields > 0);
m_passwordFields--;
}
bool DocumentImpl::hasPasswordField() const
{
return m_passwordFields > 0;
}
void DocumentImpl::secureFormAdded()
{
m_secureForms++;
}
void DocumentImpl::secureFormRemoved()
{
assert(m_secureForms > 0);
m_secureForms--;
}
bool DocumentImpl::hasSecureForm() const
{
return m_secureForms > 0;
}
#endif
#include "dom_docimpl.moc"
......@@ -418,9 +418,19 @@ public:
bool inPageCache();
void setInPageCache (bool flag);
void restoreRenderer(khtml::RenderObject* render);
void passwordFieldAdded();
void passwordFieldRemoved();
bool hasPasswordField() const ;
void secureFormAdded();
void secureFormRemoved();
bool hasSecureForm() const ;
private:
bool m_inPageCache;
int m_passwordFields;
int m_secureForms;
#endif
protected:
......
......@@ -468,13 +468,15 @@ bool KWQKHTMLPart::canCachePage()
// 1. We're not a frame or frameset.
// 2. The page has no javascript timers.
// 3. The page has no unload handler.
// 4. The page has no plugins.
// 5. The page has no JavaScript window timeouts.
// 4. The page has no password fields.
// 5. The page has no plugins.
// 6. The page has no JavaScript window timeouts.
if (d->m_doc &&
(d->m_frames.count() ||
parentPart() ||
d->m_objects.count() ||
d->m_doc->getWindowEventListener (EventImpl::UNLOAD_EVENT))) {
d->m_doc->getWindowEventListener (EventImpl::UNLOAD_EVENT) ||
d->m_doc->hasPasswordField())) {
return false;
}
if (d->m_doc && d->m_jscript) {
......@@ -611,7 +613,11 @@ void KWQKHTMLPart::clearDocumentFocus(QWidget *widget)
void KWQKHTMLPart::saveDocumentState()
{
[_bridge saveDocumentState];
// Do not save doc state if the page has a password field and a form that would be submitted
// via https
if (!(d->m_doc && d->m_doc->hasPasswordField() && d->m_doc->hasSecureForm())) {
[_bridge saveDocumentState];
}
}
void KWQKHTMLPart::restoreDocumentState()
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment