Commit 7c4df494 authored by andersca@apple.com's avatar andersca@apple.com

Unreviewed, rolling out r149866.

http://trac.webkit.org/changeset/149866
https://bugs.webkit.org/show_bug.cgi?id=115898

Broke tests

* dom/Document.cpp:
(WebCore::Document::setDomain):
(WebCore::Document::initSecurityContext):
* page/SecurityOrigin.cpp:
(WebCore::SecurityOrigin::SecurityOrigin):
(WebCore::SecurityOrigin::isolatedCopy):
(WebCore::SecurityOrigin::setDomainFromDOM):
(WebCore::SecurityOrigin::grantUniversalAccess):
* page/SecurityOrigin.h:
(SecurityOrigin):

git-svn-id: http://svn.webkit.org/repository/webkit/trunk@149869 268f45cc-cd09-0410-ab3c-d52691b4dbfc
parent 3ff2f019
2013-05-10 Anders Carlsson <andersca@apple.com>
Unreviewed, rolling out r149866.
http://trac.webkit.org/changeset/149866
https://bugs.webkit.org/show_bug.cgi?id=115898
Broke tests
* dom/Document.cpp:
(WebCore::Document::setDomain):
(WebCore::Document::initSecurityContext):
* page/SecurityOrigin.cpp:
(WebCore::SecurityOrigin::SecurityOrigin):
(WebCore::SecurityOrigin::isolatedCopy):
(WebCore::SecurityOrigin::setDomainFromDOM):
(WebCore::SecurityOrigin::grantUniversalAccess):
* page/SecurityOrigin.h:
(SecurityOrigin):
2013-05-10 Andrei Bucur <abucur@adobe.com>
Remove overflow dead code
......
......@@ -3804,13 +3804,13 @@ void Document::setDomain(const String& newDomain, ExceptionCode& ec)
// FIXME: We should add logging indicating why a domain was not allowed.
// If the new domain is the same as the old domain, still call
// securityOrigin()->copyWithDomainSetFromDOM. This will change the
// securityOrigin()->setDomainForDOM. This will change the
// security check behavior. For example, if a page loaded on port 8000
// assigns its current domain using document.domain, the page will
// allow other pages loaded on different ports in the same domain that
// have also assigned to access this page.
if (equalIgnoringCase(domain(), newDomain)) {
setSecurityOrigin(securityOrigin()->copyWithDomainSetFromDOM(newDomain));
securityOrigin()->setDomainFromDOM(newDomain);
return;
}
......@@ -3837,7 +3837,7 @@ void Document::setDomain(const String& newDomain, ExceptionCode& ec)
return;
}
setSecurityOrigin(securityOrigin()->copyWithDomainSetFromDOM(newDomain));
securityOrigin()->setDomainFromDOM(newDomain);
}
// http://www.whatwg.org/specs/web-apps/current-work/#dom-document-lastmodified
......@@ -4597,11 +4597,11 @@ void Document::initSecurityContext()
if (!settings->webSecurityEnabled()) {
// Web security is turned off. We should let this document access every other document. This is used primary by testing
// harnesses for web sites.
setSecurityOrigin(securityOrigin()->copyWithUniversalAccessGranted());
securityOrigin()->grantUniversalAccess();
} else if (securityOrigin()->isLocal()) {
if (settings->allowUniversalAccessFromFileURLs() || m_frame->loader()->client()->shouldForceUniversalAccessFromLocalURL(m_url)) {
// Some clients want local URLs to have universal access, but that setting is dangerous for other clients.
setSecurityOrigin(securityOrigin()->copyWithUniversalAccessGranted());
securityOrigin()->grantUniversalAccess();
} else if (!settings->allowFileAccessFromFileURLs()) {
// Some clients want local URLs to have even tighter restrictions by default, and not be able to access other local files.
// FIXME 81578: The naming of this is confusing. Files with restricted access to other local files
......
......@@ -156,19 +156,19 @@ SecurityOrigin::SecurityOrigin()
{
}
SecurityOrigin::SecurityOrigin(const String& protocol, const String& host, const String& domain, const String& filePath, unsigned short port, bool isUnique, bool universalAccess, bool domainWasSetInDOM, bool canLoadLocalResources, StorageBlockingPolicy storageBlockingPolicy, bool enforceFilePathSeparation, bool needsDatabaseIdentifierQuirkForFiles)
: m_protocol(protocol)
, m_host(host)
, m_domain(domain)
, m_filePath(filePath)
, m_port(port)
, m_isUnique(isUnique)
, m_universalAccess(universalAccess)
, m_domainWasSetInDOM(domainWasSetInDOM)
, m_canLoadLocalResources(canLoadLocalResources)
, m_storageBlockingPolicy(storageBlockingPolicy)
, m_enforceFilePathSeparation(enforceFilePathSeparation)
, m_needsDatabaseIdentifierQuirkForFiles(needsDatabaseIdentifierQuirkForFiles)
SecurityOrigin::SecurityOrigin(const SecurityOrigin* other)
: m_protocol(other->m_protocol.isolatedCopy())
, m_host(other->m_host.isolatedCopy())
, m_domain(other->m_domain.isolatedCopy())
, m_filePath(other->m_filePath.isolatedCopy())
, m_port(other->m_port)
, m_isUnique(other->m_isUnique)
, m_universalAccess(other->m_universalAccess)
, m_domainWasSetInDOM(other->m_domainWasSetInDOM)
, m_canLoadLocalResources(other->m_canLoadLocalResources)
, m_storageBlockingPolicy(other->m_storageBlockingPolicy)
, m_enforceFilePathSeparation(other->m_enforceFilePathSeparation)
, m_needsDatabaseIdentifierQuirkForFiles(other->m_needsDatabaseIdentifierQuirkForFiles)
{
}
......@@ -207,16 +207,13 @@ PassRefPtr<SecurityOrigin> SecurityOrigin::createUnique()
PassRefPtr<SecurityOrigin> SecurityOrigin::isolatedCopy() const
{
return adoptRef(new SecurityOrigin(m_protocol.isolatedCopy(), m_host.isolatedCopy(), m_domain.isolatedCopy(), m_filePath.isolatedCopy(), m_port, m_isUnique, m_universalAccess, m_domainWasSetInDOM, m_canLoadLocalResources, m_storageBlockingPolicy, m_enforceFilePathSeparation, m_needsDatabaseIdentifierQuirkForFiles));
return adoptRef(new SecurityOrigin(this));
}
PassRefPtr<SecurityOrigin> SecurityOrigin::copyWithDomainSetFromDOM(const String& newDomain) const
void SecurityOrigin::setDomainFromDOM(const String& newDomain)
{
String domain = newDomain.lower();
if (m_domainWasSetInDOM && m_domain == domain)
return const_cast<SecurityOrigin*>(this);
return adoptRef(new SecurityOrigin(m_protocol, m_host, domain, m_filePath, m_port, m_isUnique, m_universalAccess, true, m_canLoadLocalResources, m_storageBlockingPolicy, m_enforceFilePathSeparation, m_needsDatabaseIdentifierQuirkForFiles));
m_domainWasSetInDOM = true;
m_domain = newDomain.lower();
}
bool SecurityOrigin::isSecure(const KURL& url)
......@@ -437,12 +434,9 @@ void SecurityOrigin::grantLoadLocalResources()
m_canLoadLocalResources = true;
}
PassRefPtr<SecurityOrigin> SecurityOrigin::copyWithUniversalAccessGranted() const
void SecurityOrigin::grantUniversalAccess()
{
if (m_universalAccess)
return const_cast<SecurityOrigin*>(this);
return adoptRef(new SecurityOrigin(m_protocol, m_host, m_domain, m_filePath, m_port, m_isUnique, true, m_domainWasSetInDOM, m_canLoadLocalResources, m_storageBlockingPolicy, m_enforceFilePathSeparation, m_needsDatabaseIdentifierQuirkForFiles));
m_universalAccess = true;
}
#if ENABLE(CACHE_PARTITIONING)
......
......@@ -74,10 +74,10 @@ public:
// when marshalling a SecurityOrigin to another thread.
PassRefPtr<SecurityOrigin> isolatedCopy() const;
// Create a new security origin with the domain property set to newDomain. This
// Set the domain property of this security origin to newDomain. This
// function does not check whether newDomain is a suffix of the current
// domain. The caller is responsible for validating newDomain.
PassRefPtr<SecurityOrigin> copyWithDomainSetFromDOM(const String& newDomain) const;
void setDomainFromDOM(const String& newDomain);
bool domainWasSetInDOM() const { return m_domainWasSetInDOM; }
String protocol() const { return m_protocol; }
......@@ -137,7 +137,7 @@ public:
// Explicitly grant the ability to access very other SecurityOrigin.
//
// WARNING: This is an extremely powerful ability. Use with caution!
PassRefPtr<SecurityOrigin> copyWithUniversalAccessGranted() const;
void grantUniversalAccess();
void setStorageBlockingPolicy(StorageBlockingPolicy policy) { m_storageBlockingPolicy = policy; }
......@@ -215,7 +215,6 @@ private:
SecurityOrigin();
explicit SecurityOrigin(const KURL&);
explicit SecurityOrigin(const SecurityOrigin*);
SecurityOrigin(const String& protocol, const String& host, const String& domain, const String& filePath, unsigned short port, bool isUnique, bool universalAccess, bool domainWasSetInDOM, bool canLoadLocalResources, StorageBlockingPolicy, bool enforceFilePathSeparation, bool needsDatabaseIdentifierQuirkForFiles);
// FIXME: Rename this function to something more semantic.
bool passesFileCheck(const SecurityOrigin*) const;
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment