Reviewed by Adam Barth.
https://bugs.webkit.org/show_bug.cgi?id=38497 <rdar://problem/7759438> Make sure that http URLs always have a host in SecurityOrigin This is a hardening fix, and behavior really depends on what an underlying networking layer does. So, no test. * page/SecurityOrigin.cpp: (WebCore::schemeRequiresAuthority): List schemes that need an authority for successful loading. (WebCore::SecurityOrigin::SecurityOrigin): Never let e.g. http origins with empty authorities have the same security origin. git-svn-id: http://svn.webkit.org/repository/webkit/trunk@58792 268f45cc-cd09-0410-ab3c-d52691b4dbfc
Showing with 33 additions and 0 deletions