1. 04 Nov, 2008 14 commits
  2. 03 Nov, 2008 17 commits
  3. 02 Nov, 2008 3 commits
  4. 01 Nov, 2008 3 commits
    • abarth@webkit.org's avatar
      WebCore: · a796cc07
      abarth@webkit.org authored
      2008-11-01  Adam Barth  <abarth@webkit.org>
      
              Reviewed by Sam Weinig.
      
              Be sure to check the final URLs of requested resources to make sure we
              don't get fooled by HTTP redirects.
      
              https://bugs.webkit.org/show_bug.cgi?id=21963
      
              Tests: http/tests/security/xss-DENIED-xsl-document-redirect.xml
                     http/tests/security/xss-DENIED-xsl-external-entity-redirect.xml
      
              * dom/XMLTokenizerLibxml2.cpp:
              (WebCore::openFunc):
              * loader/DocLoader.cpp:
              (WebCore::DocLoader::canRequest):
              (WebCore::DocLoader::requestResource):
              * loader/DocLoader.h:
              * xml/XSLTProcessor.cpp:
              (WebCore::docLoaderFunc):
      
      LayoutTests:
      
      2008-11-01  Adam Barth  <abarth@webkit.org>
      
              Reviewed by Sam Weinig.
      
              Test that we properly block non-same-origin redirects for these
              esoteric loads.
      
              https://bugs.webkit.org/show_bug.cgi?id=21963
      
              * http/tests/security/resources/xsl-using-document-redirect.xsl: Added.
              * http/tests/security/resources/xsl-using-external-entity-redirect.xsl: Added.
              * http/tests/security/xss-DENIED-xsl-document-redirect-expected.txt: Copied from LayoutTests/http/tests/security/xss-DENIED-xsl-document-expected.txt.
              * http/tests/security/xss-DENIED-xsl-document-redirect.xml: Added.
              * http/tests/security/xss-DENIED-xsl-external-entity-redirect-expected.txt: Copied from LayoutTests/http/tests/security/xss-DENIED-xsl-external-entity-expected.txt.
              * http/tests/security/xss-DENIED-xsl-external-entity-redirect.xml: Added.
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@38065 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      a796cc07
    • ap@webkit.org's avatar
      Reviewed by Darin Adler. · ec7365b9
      ap@webkit.org authored
              https://bugs.webkit.org/show_bug.cgi?id=22001
              AtomicStringImpl* keys of event listener maps can outlive their strings
      
              Test: fast/events/destroyed-atomic-string.html
      
              * dom/MessagePort.cpp:
              (WebCore::MessagePort::addEventListener):
              (WebCore::MessagePort::removeEventListener):
              (WebCore::MessagePort::dispatchEvent):
              * dom/MessagePort.h:
              * loader/appcache/DOMApplicationCache.cpp:
              (WebCore::DOMApplicationCache::addEventListener):
              (WebCore::DOMApplicationCache::removeEventListener):
              (WebCore::DOMApplicationCache::dispatchEvent):
              * loader/appcache/DOMApplicationCache.h:
              * xml/XMLHttpRequest.cpp:
              (WebCore::XMLHttpRequest::addEventListener):
              (WebCore::XMLHttpRequest::removeEventListener):
              (WebCore::XMLHttpRequest::dispatchEvent):
              * xml/XMLHttpRequest.h:
              * xml/XMLHttpRequestUpload.cpp:
              (WebCore::XMLHttpRequestUpload::addEventListener):
              (WebCore::XMLHttpRequestUpload::removeEventListener):
              (WebCore::XMLHttpRequestUpload::dispatchEvent):
              * xml/XMLHttpRequestUpload.h:
              Changed EventListenersMap to use AtomicString as key (instead of AtomicStringImpl*).
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@38064 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      ec7365b9
    • ap@webkit.org's avatar
      Reviewed by Darin Adler. · f319b265
      ap@webkit.org authored
              https://bugs.webkit.org/show_bug.cgi?id=21998
              Use JSDOMGlobalObject in EventListener-related bindings
      
              * dom/MessagePort.idl: Auto-generate bindings for onclose and onmessage.
      
              * bindings/scripts/CodeGeneratorJS.pm: Use JSDOMGlobalObject instead of JSDOMWindow in JS
              bindings for inline event handlers.
      
              * bindings/js/JSDOMApplicationCacheCustom.cpp:
              (WebCore::JSDOMApplicationCache::addEventListener):
              (WebCore::JSDOMApplicationCache::removeEventListener):
              * bindings/js/JSEventTargetNodeCustom.cpp:
              (WebCore::JSEventTargetNode::addEventListener):
              (WebCore::JSEventTargetNode::removeEventListener):
              * bindings/js/JSMessagePortCustom.cpp:
              (WebCore::JSMessagePort::removeEventListener):
              * bindings/js/JSSVGElementInstanceCustom.cpp:
              (WebCore::JSSVGElementInstance::addEventListener):
              (WebCore::JSSVGElementInstance::removeEventListener):
              * bindings/js/JSXMLHttpRequestCustom.cpp:
              (WebCore::JSXMLHttpRequest::addEventListener):
              (WebCore::JSXMLHttpRequest::removeEventListener):
              * bindings/js/JSXMLHttpRequestUploadCustom.cpp:
              (WebCore::JSXMLHttpRequestUpload::addEventListener):
              (WebCore::JSXMLHttpRequestUpload::removeEventListener):
              Use ScriptExecutionContext and JSDOMGlobalObject in bindings.
      
              * dom/EventTarget.h:
              * dom/EventTargetNode.cpp:
              (WebCore::EventTargetNode::scriptExecutionContext):
              * dom/EventTargetNode.h:
              * dom/MessagePort.cpp:
              * dom/MessagePort.h:
              (WebCore::MessagePort::scriptExecutionContext):
              * loader/appcache/DOMApplicationCache.cpp:
              (WebCore::DOMApplicationCache::scriptExecutionContext):
              * loader/appcache/DOMApplicationCache.h:
              * svg/SVGElementInstance.cpp:
              (WebCore::SVGElementInstance::scriptExecutionContext):
              * svg/SVGElementInstance.h:
              * xml/XMLHttpRequest.cpp:
              (WebCore::XMLHttpRequest::scriptExecutionContext):
              * xml/XMLHttpRequest.h:
              * xml/XMLHttpRequestUpload.cpp:
              (WebCore::XMLHttpRequestUpload::scriptExecutionContext):
              * xml/XMLHttpRequestUpload.h:
              Remove associatedFrame() method, and provide scriptExecutionContext() where it wasn't
              available yet.
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@38063 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      f319b265
  5. 31 Oct, 2008 3 commits
    • slewis@apple.com's avatar
      2008-10-31 Stephanie Lewis <slewis@apple.com> · 487c452c
      slewis@apple.com authored
              Fix build by including right files.
      
              * JSRun.cpp:
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@38062 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      487c452c
    • cwzwarich@webkit.org's avatar
      2008-10-31 Cameron Zwarich <zwarich@apple.com> · 16e3891a
      cwzwarich@webkit.org authored
              Rubber-stamped by Geoff Garen.
      
              Rename SourceRange.h to SourceCode.h.
      
              JavaScriptCore:
      
              * API/JSBase.cpp:
              * GNUmakefile.am:
              * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
              * JavaScriptCore.xcodeproj/project.pbxproj:
              * VM/CodeBlock.h:
              * kjs/SourceCode.h: Copied from kjs/SourceRange.h.
              * kjs/SourceRange.h: Removed.
              * kjs/grammar.y:
              * kjs/lexer.h:
              * kjs/nodes.cpp:
              (JSC::ForInNode::ForInNode):
              * kjs/nodes.h:
              (JSC::ThrowableExpressionData::setExceptionSourceCode):
      
              WebCore:
      
              * ForwardingHeaders/kjs/SourceCode.h: Copied from ForwardingHeaders/kjs/SourceRange.h.
              * ForwardingHeaders/kjs/SourceRange.h: Removed.
              * bindings/js/StringSourceProvider.h:
              * bridge/NP_jsobject.cpp:
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@38061 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      16e3891a
    • cwzwarich@webkit.org's avatar
      2008-10-31 Cameron Zwarich <zwarich@apple.com> · 7d328d5f
      cwzwarich@webkit.org authored
              Reviewed by Darin Adler.
      
              Bug 22019: Move JSC::Interpreter::shouldPrintExceptions() to WebCore::Console
              <https://bugs.webkit.org/show_bug.cgi?id=22019>
      
              The JSC::Interpreter::shouldPrintExceptions() function is not used at
              all in JavaScriptCore, so it should be moved to WebCore::Console, its
              only user.
      
              JavaScriptCore:
      
              * JavaScriptCore.exp:
              * kjs/interpreter.cpp:
              * kjs/interpreter.h:
      
              WebCore:
      
              * WebCore.base.exp:
              * page/Console.cpp:
              (WebCore::printToStandardOut):
              (WebCore::Console::shouldPrintExceptions):
              (WebCore::Console::setShouldPrintExceptions):
              * page/Console.h:
      
              WebKit/mac:
      
              * Misc/WebCoreStatistics.mm:
              (+[WebCoreStatistics shouldPrintExceptions]):
              (+[WebCoreStatistics setShouldPrintExceptions:]):
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@38060 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      7d328d5f