Commit 301bdfea authored by tsepez@chromium.org's avatar tsepez@chromium.org

Pass content-security-policy directive into shared workers.

https://bugs.webkit.org/show_bug.cgi?id=75660

Reviewed by Darin Fisher.

* public/WebContentSecurityPolicy.h: Added.
* public/WebSharedWorker.h:
(WebKit::WebSharedWorker::startWorkerContext):
* src/AssertMatchingEnums.cpp:
* src/SharedWorkerRepository.cpp:
(WebCore::SharedWorkerScriptLoader::notifyFinished):
* src/WebSharedWorkerImpl.cpp:
(WebKit::WebSharedWorkerImpl::startWorkerContext):
* src/WebSharedWorkerImpl.h:


git-svn-id: http://svn.webkit.org/repository/webkit/trunk@105380 268f45cc-cd09-0410-ab3c-d52691b4dbfc
parent 59fabdc5
2012-01-18 Tom Sepez <tsepez@chromium.org>
Pass content-security-policy directive into shared workers.
https://bugs.webkit.org/show_bug.cgi?id=75660
Reviewed by Darin Fisher.
* public/WebContentSecurityPolicy.h: Added.
* public/WebSharedWorker.h:
(WebKit::WebSharedWorker::startWorkerContext):
* src/AssertMatchingEnums.cpp:
* src/SharedWorkerRepository.cpp:
(WebCore::SharedWorkerScriptLoader::notifyFinished):
* src/WebSharedWorkerImpl.cpp:
(WebKit::WebSharedWorkerImpl::startWorkerContext):
* src/WebSharedWorkerImpl.h:
2012-01-18 Ian Vollick <vollick@chromium.org>
[chromium] Create a base-class CCAnimation to represent compositor animations
......
/*
* Copyright (C) 2012 Google Inc. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions are
* met:
*
* * Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* * Redistributions in binary form must reproduce the above
* copyright notice, this list of conditions and the following disclaimer
* in the documentation and/or other materials provided with the
* distribution.
* * Neither the name of Google Inc. nor the names of its
* contributors may be used to endorse or promote products derived from
* this software without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
* A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
* OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#ifndef WebContentSecurityPolicy_h
#define WebContentSecurityPolicy_h
namespace WebKit {
enum WebContentSecurityPolicyType {
WebContentSecurityPolicyTypeReportOnly,
WebContentSecurityPolicyTypeEnforcePolicy
};
} // namespace WebKit
#endif
......@@ -31,6 +31,7 @@
#ifndef WebSharedWorker_h
#define WebSharedWorker_h
#include "WebContentSecurityPolicy.h"
#include "platform/WebCommon.h"
namespace WebCore {
......@@ -57,12 +58,26 @@ public:
// FIXME(atwilson): Remove this when we move the initial script loading into the worker process.
virtual bool isStarted() = 0;
// API is transitioning from first form to the second. This function must stay virtual for now to prevent breaking chrome on webkit roll.
// DEPRECATED
virtual void startWorkerContext(const WebURL& scriptURL,
const WebString& name,
const WebString& userAgent,
const WebString& sourceCode,
long long scriptResourceAppCacheID) = 0;
// Chromium will need to fallback to this method to avoid breaking during the next webkit roll.
// It will become a pure virtual method once the chromium side is updated.
virtual void startWorkerContext(const WebURL& scriptURL,
const WebString& name,
const WebString& userAgent,
const WebString& sourceCode,
const WebString& contentSecurityPolicy,
WebContentSecurityPolicyType,
long long scriptResourceAppCacheID) {
startWorkerContext(scriptURL, name, userAgent, sourceCode, scriptResourceAppCacheID);
}
class ConnectListener {
public:
// Invoked once the connect event has been sent so the caller can free this object.
......
......@@ -37,6 +37,7 @@
#include "AccessibilityObject.h"
#include "ApplicationCacheHost.h"
#include "AsyncFileSystem.h"
#include "ContentSecurityPolicy.h"
#include "DocumentMarker.h"
#include "EditorInsertAction.h"
#include "ExceptionCode.h"
......@@ -68,6 +69,7 @@
#include "WebAccessibilityNotification.h"
#include "WebAccessibilityObject.h"
#include "WebApplicationCacheHost.h"
#include "WebContentSecurityPolicy.h"
#include "WebCursorInfo.h"
#include "WebEditingAction.h"
#include "WebFileError.h"
......@@ -494,3 +496,6 @@ COMPILE_ASSERT_MATCHING_ENUM(WebReferrerPolicyAlways, SecurityPolicy::ReferrerPo
COMPILE_ASSERT_MATCHING_ENUM(WebReferrerPolicyDefault, SecurityPolicy::ReferrerPolicyDefault);
COMPILE_ASSERT_MATCHING_ENUM(WebReferrerPolicyNever, SecurityPolicy::ReferrerPolicyNever);
COMPILE_ASSERT_MATCHING_ENUM(WebReferrerPolicyOrigin, SecurityPolicy::ReferrerPolicyOrigin);
COMPILE_ASSERT_MATCHING_ENUM(WebContentSecurityPolicyTypeReportOnly, ContentSecurityPolicy::ReportOnly);
COMPILE_ASSERT_MATCHING_ENUM(WebContentSecurityPolicyTypeEnforcePolicy, ContentSecurityPolicy::EnforcePolicy);
......@@ -34,6 +34,7 @@
#include "SharedWorkerRepository.h"
#include "ContentSecurityPolicy.h"
#include "Event.h"
#include "EventNames.h"
#include "ExceptionCode.h"
......@@ -42,13 +43,14 @@
#include "PlatformMessagePortChannel.h"
#include "ScriptExecutionContext.h"
#include "SharedWorker.h"
#include "WebContentSecurityPolicy.h"
#include "WebFrameClient.h"
#include "WebFrameImpl.h"
#include "WebKit.h"
#include "platform/WebKitPlatformSupport.h"
#include "WebMessagePortChannel.h"
#include "WebSharedWorker.h"
#include "WebSharedWorkerRepository.h"
#include "platform/WebKitPlatformSupport.h"
#include "platform/WebString.h"
#include "platform/WebURL.h"
#include "WorkerScriptLoader.h"
......@@ -168,7 +170,10 @@ void SharedWorkerScriptLoader::notifyFinished()
} else {
InspectorInstrumentation::scriptImported(m_worker->scriptExecutionContext(), m_scriptLoader->identifier(), m_scriptLoader->script());
// Pass the script off to the worker, then send a connect event.
m_webWorker->startWorkerContext(m_url, m_name, m_worker->scriptExecutionContext()->userAgent(m_url), m_scriptLoader->script(), m_responseAppCacheID);
m_webWorker->startWorkerContext(m_url, m_name, m_worker->scriptExecutionContext()->userAgent(m_url), m_scriptLoader->script(),
m_worker->scriptExecutionContext()->contentSecurityPolicy()->policy(),
static_cast<WebKit::WebContentSecurityPolicyType>(m_worker->scriptExecutionContext()->contentSecurityPolicy()->headerType()),
m_responseAppCacheID);
sendConnect();
}
}
......
......@@ -361,12 +361,18 @@ void WebSharedWorkerImpl::connectTask(ScriptExecutionContext* context, PassOwnPt
workerContext->dispatchEvent(createConnectEvent(port));
}
void WebSharedWorkerImpl::startWorkerContext(const WebURL& url, const WebString& name, const WebString& userAgent, const WebString& sourceCode, long long)
void WebSharedWorkerImpl::startWorkerContext(const WebURL& url, const WebString& name, const WebString& userAgent, const WebString& sourceCode, long long cacheId)
{
startWorkerContext(url, name, userAgent, sourceCode, "", WebContentSecurityPolicyTypeReportOnly, cacheId);
}
void WebSharedWorkerImpl::startWorkerContext(const WebURL& url, const WebString& name, const WebString& userAgent, const WebString& sourceCode, const WebString& contentSecurityPolicy, WebContentSecurityPolicyType policyType, long long)
{
initializeLoader(url);
WorkerThreadStartMode startMode = m_pauseWorkerContextOnStart ? PauseWorkerContextOnStart : DontPauseWorkerContextOnStart;
// FIXME: pass content-security-policy directives into shared worker.
setWorkerThread(SharedWorkerThread::create(name, url, userAgent, sourceCode, *this, *this, startMode, "", ContentSecurityPolicy::ReportOnly));
setWorkerThread(SharedWorkerThread::create(name, url, userAgent, sourceCode, *this, *this, startMode, contentSecurityPolicy,
static_cast<WebCore::ContentSecurityPolicy::HeaderType>(policyType)));
workerThread()->start();
}
......
......@@ -36,6 +36,7 @@
#if ENABLE(SHARED_WORKERS)
#include "ScriptExecutionContext.h"
#include "WebCommonWorkerClient.h"
#include "WebContentSecurityPolicy.h"
#include "WebFrameClient.h"
#include "WebSharedWorkerClient.h"
#include "WebWorkerBase.h"
......@@ -95,7 +96,11 @@ public:
// WebSharedWorker methods:
virtual bool isStarted();
// API is transitioning from first form to second form. The methods must remain virtual to avoid breaking chromium on the next webkit roll.
virtual void startWorkerContext(const WebURL&, const WebString& name, const WebString& userAgent, const WebString& sourceCode, long long);
virtual void startWorkerContext(const WebURL&, const WebString& name, const WebString& userAgent, const WebString& sourceCode, const WebString& contentSecurityPolicy, WebContentSecurityPolicyType, long long cacheId);
virtual void connect(WebMessagePortChannel*, ConnectListener*);
virtual void terminateWorkerContext();
virtual void clientDestroyed();
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment