Isolated worlds should respect Content Security Policy; User Agent Shadow DOM
authordbates@webkit.org <dbates@webkit.org@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Tue, 7 Jul 2015 00:42:50 +0000 (00:42 +0000)
committerdbates@webkit.org <dbates@webkit.org@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Tue, 7 Jul 2015 00:42:50 +0000 (00:42 +0000)
commit2099255fff5668833b8bbbf8a3b71565751b7648
treee3fa1157a9bee1aaeee763031c29d1829b44f384
parent023116abdf37ea767ba8e38623faaed8e570597b
Isolated worlds should respect Content Security Policy; User Agent Shadow DOM
should be exempt from Content Security Policy
https://bugs.webkit.org/show_bug.cgi?id=144830
<rdar://problem/18860261>

Reviewed by Geoffrey Garen.

Source/WebCore:

Make scripts that run in an isolated world be subject to the Content Security Policy (CSP) of the page
and exempt features implemented using a user agent shadow DOM. As a side effect of this change,
Safari Content Extensions will respect the CSP policy of the page when loading subresources (e.g. an image).

Tests: http/tests/security/contentSecurityPolicy/userAgentShadowDOM/allow-audio.html
       http/tests/security/contentSecurityPolicy/userAgentShadowDOM/allow-css-background.html
       http/tests/security/contentSecurityPolicy/userAgentShadowDOM/allow-css-cursor.html
       http/tests/security/contentSecurityPolicy/userAgentShadowDOM/allow-css-filter-on-image.html
       http/tests/security/contentSecurityPolicy/userAgentShadowDOM/allow-css-webkit-image-set.html
       http/tests/security/contentSecurityPolicy/userAgentShadowDOM/allow-embed-plugin.html
       http/tests/security/contentSecurityPolicy/userAgentShadowDOM/allow-external-script.html
       http/tests/security/contentSecurityPolicy/userAgentShadowDOM/allow-iframe.html
       http/tests/security/contentSecurityPolicy/userAgentShadowDOM/allow-image-after-redirect.html
       http/tests/security/contentSecurityPolicy/userAgentShadowDOM/allow-image.html
       http/tests/security/contentSecurityPolicy/userAgentShadowDOM/allow-inline-script.html
       http/tests/security/contentSecurityPolicy/userAgentShadowDOM/allow-inline-style.html
       http/tests/security/contentSecurityPolicy/userAgentShadowDOM/allow-inline-stylesheet.html
       http/tests/security/contentSecurityPolicy/userAgentShadowDOM/allow-object-plugin.html
       http/tests/security/contentSecurityPolicy/userAgentShadowDOM/allow-object.html
       http/tests/security/contentSecurityPolicy/userAgentShadowDOM/allow-svg-feimage-element.html
       http/tests/security/contentSecurityPolicy/userAgentShadowDOM/allow-svg-font.html
       http/tests/security/contentSecurityPolicy/userAgentShadowDOM/allow-svg-use-element.html
       http/tests/security/contentSecurityPolicy/userAgentShadowDOM/allow-track.html
       http/tests/security/contentSecurityPolicy/userAgentShadowDOM/allow-video.html
       http/tests/security/contentSecurityPolicy/userAgentShadowDOM/block-loading-user-agent-image-from-non-user-agent-content.html
       http/tests/security/contentSecurityPolicy/userAgentShadowDOM/default-src-object-data-url-allowed.html
       http/tests/security/contentSecurityPolicy/userAgentShadowDOM/default-src-object-data-url-blocked.html
       http/tests/security/contentSecurityPolicy/userAgentShadowDOM/default-src-object-data-url-blocked2.html
       http/tests/security/contentSecurityPolicy/userAgentShadowDOM/default-src-object-data-url-blocked3.html
       http/tests/security/contentSecurityPolicy/userAgentShadowDOM/video-controls-allowed.html
       http/tests/security/isolatedWorld/image-load-should-not-bypass-main-world-csp.html

* Modules/websockets/WebSocket.cpp:
(WebCore::WebSocket::connect): Pass shouldBypassMainWorldContentSecurityPolicy to ContentSecurityPolicy::allowConnectToSource().
* css/CSSCanvasValue.h:
(WebCore::CSSCanvasValue::loadSubimages): Modified to take argument ResourceLoaderOptions (unused).
* css/CSSCrossfadeValue.cpp:
(WebCore::CSSCrossfadeValue::fixedSize): Explicitly instantiate default ResourceLoaderOptions and pass
pass it when requesting a cached image. Added FIXME comment to skip Content Security Policy check when
the cross fade is applied to an element in a user agent shadow tree.
(WebCore::CSSCrossfadeValue::loadSubimages): Take a ResourceLoaderOptions as an argument and passes it
as appropriate.
(WebCore::CSSCrossfadeValue::image): Explicitly instantiate default ResourceLoaderOptions and pass it
when requesting a cached image. Added FIXME comment to skip Content Security Policy check when the cross
fade is applied to an element in a user agent shadow tree.
* css/CSSCrossfadeValue.h:
* css/CSSCursorImageValue.cpp:
(WebCore::CSSCursorImageValue::cachedImage): Take a ResourceLoaderOptions as an argument and passes it
as appropriate.
* css/CSSCursorImageValue.h:
* css/CSSFilterImageValue.cpp:
(WebCore::CSSFilterImageValue::fixedSize): Explicitly instantiate default ResourceLoaderOptions and pass
pass it when requesting a cached image. Added FIXME comment to skip Content Security Policy check when
the cross fade is applied to an element in a user agent shadow tree.
(WebCore::CSSFilterImageValue::loadSubimages): Take a ResourceLoaderOptions as an argument and passes it
as appropriate.
(WebCore::CSSFilterImageValue::loadSubimages): Explicitly instantiate default ResourceLoaderOptions and pass
pass it when requesting a cached image. Added FIXME comment to skip Content Security Policy check when
the cross fade is applied to an element in a user agent shadow tree.
(WebCore::CSSFilterImageValue::image):
* css/CSSFilterImageValue.h:
* css/CSSFontFaceSrcValue.cpp:
(WebCore::CSSFontFaceSrcValue::cachedFont): Take a boolean, isInitiatingElementInUserAgentShadowTree,
so as to determine the appropriate CSP imposition. In particular, we skip the CSP check when the initiating element
(e.g. SVG font-face element) is in a user agent shadow tree.
* css/CSSFontFaceSrcValue.h:
* css/CSSFontSelector.cpp:
(WebCore::CSSFontSelector::addFontFaceRule): Take a boolean, isInitiatingElementInUserAgentShadowTree, and passes
it as appropriate.
* css/CSSFontSelector.h:
* css/CSSGradientValue.h:
(WebCore::CSSGradientValue::loadSubimages): Take a ResourceLoaderOptions as an argument and passes it
as appropriate.
* css/CSSImageGeneratorValue.cpp:
(WebCore::CSSImageGeneratorValue::loadSubimages): Ditto.
(WebCore::CSSImageGeneratorValue::cachedImageForCSSValue): Ditto.
* css/CSSImageGeneratorValue.h:
* css/CSSImageSetValue.cpp:
(WebCore::CSSImageSetValue::cachedImageSet): Deleted.
* css/CSSImageSetValue.h:
* css/CSSImageValue.cpp:
(WebCore::CSSImageValue::cachedImage): Deleted.
* css/CSSImageValue.h:
* css/RuleSet.cpp:
(WebCore::RuleSet::addChildRules): Take a boolean, isInitiatingElementInUserAgentShadowTree, and passes
it as appropriate.
(WebCore::RuleSet::addRulesFromSheet): Added FIXME comment to skip Content Security Policy check when
when stylesheet is in a user agent shadow tree.
* css/RuleSet.h:
* css/StyleResolver.cpp:
(WebCore::StyleResolver::StyleResolver): Determine whether the SVG font-face element is in a user agent shadow tree
and pass the appropriate value when calling CSSFontSelector::addFontFaceRule(). Also, modernized code; used C++11 range
-based for-loop instead of const_iterator idiom.
(WebCore::StyleResolver::loadPendingSVGDocuments): Skip CSP check when requesting subresources as a byproduct of
resolving style for an element in a user agent shadow tree.
(WebCore::StyleResolver::loadPendingImage): Ditto.
(WebCore::StyleResolver::loadPendingShapeImage): Ditto.
* css/StyleRuleImport.cpp:
(WebCore::StyleRuleImport::requestStyleSheet): Added FIXME comment to skip Content Security Policy check when
when stylesheet is in a user agent shadow tree.
* dom/Element.h:
* dom/InlineStyleSheetOwner.cpp:
(WebCore::InlineStyleSheetOwner::createSheet): Skip CSP check for an inline <style> that is in a user agent shadow tree.
* dom/Node.cpp:
(WebCore::Node::isInUserAgentShadowTree): Added.
* dom/Node.h:
* dom/ScriptElement.cpp:
(WebCore::ScriptElement::requestScript): Skip CSP check for an external JavaScript script in a user agent shadow tree.
(WebCore::ScriptElement::executeScript): Skip CSP check for an inline JavaScript script that is in a user agent shadow tree.
* dom/StyledElement.cpp:
(WebCore::StyledElement::styleAttributeChanged): Skip CSP check when modifying the inline style of an element in a user
agent shadow tree.
* html/HTMLMediaElement.cpp:
(WebCore::HTMLMediaElement::isSafeToLoadURL): Skip CSP check for a <audio>, <video> in a user agent shadow tree.
(WebCore::HTMLMediaElement::outOfBandTrackSources): Ditto.
* html/HTMLTrackElement.cpp:
(WebCore::HTMLTrackElement::canLoadURL): Ditto.
* html/track/LoadableTextTrack.cpp:
(WebCore::LoadableTextTrack::loadTimerFired): Determine whether the <track> is in a user agent shadow tree
and pass the appropriate value when calling TextTrackLoader::load().
* loader/DocumentLoader.cpp:
(WebCore::DocumentLoader::startLoadingMainResource): Do CSP check when loading a resource by default.
* loader/ImageLoader.cpp:
(WebCore::ImageLoader::updateFromElement): Skip CSP check for an image that is in a user agent shadow tree.
* loader/MediaResourceLoader.cpp:
(WebCore::MediaResourceLoader::start): Instantiate ResourceLoaderOptions passing placeholder value ContentSecurityPolicyImposition::DoPolicyCheck.
This value does not affect the request because we do not check the Content Security Policy for raw resource requests.
* loader/NetscapePlugInStreamLoader.cpp:
(WebCore::NetscapePlugInStreamLoader::NetscapePlugInStreamLoader): Added FIXME comment to skip Content Security Policy check
when when associated plugin element is in a user agent shadow tree.
* loader/PolicyChecker.cpp:
(WebCore::PolicyChecker::checkNavigationPolicy): Skip CSP check for a <iframe> in a user agent shadow tree.
* loader/ResourceLoaderOptions.h: Defined enum class ContentSecurityPolicyImposition with explicit type uint8_t so
as to provide a hint to the compiler (for better packing) when it computes the memory layout for struct that
contains an instance of this class.
(WebCore::ResourceLoaderOptions::ResourceLoaderOptions): Added argument contentSecurityPolicyImposition.
(WebCore::ResourceLoaderOptions::contentSecurityPolicyImposition): Added.
(WebCore::ResourceLoaderOptions::setContentSecurityPolicyImposition): Added.
* loader/SubframeLoader.cpp:
(WebCore::SubframeLoader::pluginIsLoadable): Skip CSP check for a plugin element that is in a user agent shadow tree.
(WebCore::SubframeLoader::createJavaAppletWidget): Skip CSP check for an applet element that is in a user agent shadow tree.
* loader/TextTrackLoader.cpp:
(WebCore::TextTrackLoader::load): Take a boolean, isInitiatingElementInUserAgentShadowTree, and sets the appropriate
Content Security Policy imposition for the text track request.
* loader/TextTrackLoader.h:
* loader/cache/CachedResourceLoader.cpp:
(WebCore::CachedResourceLoader::requestUserCSSStyleSheet): Skip CSP check for a user-specified stylesheet.
(WebCore::CachedResourceLoader::canRequest): Only check the CSP of the page if specified in the resource loader options for the request.
(WebCore::CachedResourceLoader::defaultCachedResourceOptions): Add ContentSecurityPolicyImposition::DoPolicyCheck to the default
resource loader options so that do check the CSP policy of the page before performing a resource request by default.
* loader/cache/CachedSVGDocumentReference.cpp:
(WebCore::CachedSVGDocumentReference::load): Take a ResourceLoaderOptions as an argument and passes it as appropriate.
* loader/cache/CachedSVGDocumentReference.h:
* loader/icon/IconLoader.cpp:
(WebCore::IconLoader::startLoading): Instantiate ResourceLoaderOptions passing placeholder value ContentSecurityPolicyImposition::DoPolicyCheck.
This value does not affect the request because we do not check the Content Security Policy for raw resource requests.
* page/ContentSecurityPolicy.cpp:
(WebCore::ContentSecurityPolicy::allowJavaScriptURLs): Take an argument called overrideContentSecurityPolicy (defaults to false). When
overrideContentSecurityPolicy := true, this function unconditionally returns true.
(WebCore::ContentSecurityPolicy::allowInlineEventHandlers): Ditto.
(WebCore::ContentSecurityPolicy::allowInlineScript): Ditto.
(WebCore::ContentSecurityPolicy::allowInlineStyle): Ditto.
(WebCore::ContentSecurityPolicy::allowEval): Ditto.
(WebCore::ContentSecurityPolicy::allowPluginType): Ditto.
(WebCore::ContentSecurityPolicy::allowScriptFromSource): Ditto.
(WebCore::ContentSecurityPolicy::allowObjectFromSource): Ditto.
(WebCore::ContentSecurityPolicy::allowChildFrameFromSource): Ditto.
(WebCore::ContentSecurityPolicy::allowImageFromSource): Ditto.
(WebCore::ContentSecurityPolicy::allowStyleFromSource): Ditto.
(WebCore::ContentSecurityPolicy::allowFontFromSource): Ditto.
(WebCore::ContentSecurityPolicy::allowMediaFromSource): Ditto.
(WebCore::ContentSecurityPolicy::allowConnectToSource): Ditto.
(WebCore::ContentSecurityPolicy::allowFormAction): Ditto.
(WebCore::ContentSecurityPolicy::allowBaseURI): Ditto.
* page/ContentSecurityPolicy.h:
* page/DOMSecurityPolicy.cpp:
* page/EventSource.cpp:
(WebCore::EventSource::create): Pass shouldBypassMainWorldContentSecurityPolicy to ContentSecurityPolicy::allowConnectToSource().
* platform/graphics/avfoundation/objc/WebCoreAVFResourceLoader.mm:
(WebCore::WebCoreAVFResourceLoader::startLoading): Instantiate ResourceLoaderOptions passing placeholder value ContentSecurityPolicyImposition::DoPolicyCheck.
This value does not affect the request because we do not check the Content Security Policy for raw resource requests.
* svg/SVGFEImageElement.cpp:
(WebCore::SVGFEImageElement::requestImageResource): Skip CSP check for a SVG FEImage element in a user agent shadow tree.
* svg/SVGFontFaceUriElement.cpp:
(WebCore::SVGFontFaceUriElement::loadFont): Skip CSP check for a SVG font-face-uri element in a user agent shadow tree.
* svg/SVGUseElement.cpp:
(WebCore::SVGUseElement::updateExternalDocument): Skip CSP check for a SVG use element in a user agent shadow tree.
* testing/Internals.cpp:
(WebCore::Internals::ensureUserAgentShadowRoot): Added.
* testing/Internals.h:
* testing/Internals.idl: Added declaration for ensureUserAgentShadowRoot().
* xml/XMLHttpRequest.cpp:
(WebCore::XMLHttpRequest::open): Pass shouldBypassMainWorldContentSecurityPolicy to ContentSecurityPolicy::allowConnectToSource().

LayoutTests:

Add tests to ensure that we exempt nodes in a user agent shadow tree from the Content Security Policy (CSP) of the page.

Updated test LayoutTests/http/tests/security/isolatedWorld/bypass-main-world-csp.html to ensure that
we do not bypass the CSP of the page for a script that executes in an isolated world and renamed the
file image-load-should-not-bypass-main-world-csp.html.

* http/tests/security/contentSecurityPolicy/resources/alert-pass-and-notify-done.js: Added.
* http/tests/security/contentSecurityPolicy/resources/wait-until-done.js: Added.
(alertAndDone):
* http/tests/security/contentSecurityPolicy/userAgentShadowDOM/allow-audio-expected.txt: Added.
* http/tests/security/contentSecurityPolicy/userAgentShadowDOM/allow-audio.html: Added.
* http/tests/security/contentSecurityPolicy/userAgentShadowDOM/allow-css-background-expected.txt: Added.
* http/tests/security/contentSecurityPolicy/userAgentShadowDOM/allow-css-background.html: Added.
* http/tests/security/contentSecurityPolicy/userAgentShadowDOM/allow-css-cursor-expected.txt: Added.
* http/tests/security/contentSecurityPolicy/userAgentShadowDOM/allow-css-cursor.html: Added.
* http/tests/security/contentSecurityPolicy/userAgentShadowDOM/allow-css-filter-on-image-expected.txt: Added.
* http/tests/security/contentSecurityPolicy/userAgentShadowDOM/allow-css-filter-on-image.html: Added.
* http/tests/security/contentSecurityPolicy/userAgentShadowDOM/allow-css-webkit-image-set-expected.txt: Added.
* http/tests/security/contentSecurityPolicy/userAgentShadowDOM/allow-css-webkit-image-set.html: Added.
* http/tests/security/contentSecurityPolicy/userAgentShadowDOM/allow-embed-plugin-expected.txt: Added.
* http/tests/security/contentSecurityPolicy/userAgentShadowDOM/allow-embed-plugin.html: Added.
* http/tests/security/contentSecurityPolicy/userAgentShadowDOM/allow-external-script-expected.txt: Added.
* http/tests/security/contentSecurityPolicy/userAgentShadowDOM/allow-external-script.html: Added.
* http/tests/security/contentSecurityPolicy/userAgentShadowDOM/allow-iframe-expected.txt: Added.
* http/tests/security/contentSecurityPolicy/userAgentShadowDOM/allow-iframe.html: Added.
* http/tests/security/contentSecurityPolicy/userAgentShadowDOM/allow-image-after-redirect-expected.txt: Added.
* http/tests/security/contentSecurityPolicy/userAgentShadowDOM/allow-image-after-redirect.html: Added.
* http/tests/security/contentSecurityPolicy/userAgentShadowDOM/allow-image-expected.txt: Added.
* http/tests/security/contentSecurityPolicy/userAgentShadowDOM/allow-image.html: Added.
* http/tests/security/contentSecurityPolicy/userAgentShadowDOM/allow-inline-script-expected.txt: Added.
* http/tests/security/contentSecurityPolicy/userAgentShadowDOM/allow-inline-script.html: Added.
* http/tests/security/contentSecurityPolicy/userAgentShadowDOM/allow-inline-style-expected.txt: Added.
* http/tests/security/contentSecurityPolicy/userAgentShadowDOM/allow-inline-style.html: Added.
* http/tests/security/contentSecurityPolicy/userAgentShadowDOM/allow-inline-stylesheet-expected.txt: Added.
* http/tests/security/contentSecurityPolicy/userAgentShadowDOM/allow-inline-stylesheet.html: Added.
* http/tests/security/contentSecurityPolicy/userAgentShadowDOM/allow-object-expected.txt: Added.
* http/tests/security/contentSecurityPolicy/userAgentShadowDOM/allow-object-plugin-expected.txt: Added.
* http/tests/security/contentSecurityPolicy/userAgentShadowDOM/allow-object-plugin.html: Added.
* http/tests/security/contentSecurityPolicy/userAgentShadowDOM/allow-object.html: Added.
* http/tests/security/contentSecurityPolicy/userAgentShadowDOM/allow-svg-feimage-element-expected.txt: Added.
* http/tests/security/contentSecurityPolicy/userAgentShadowDOM/allow-svg-feimage-element.html: Added.
* http/tests/security/contentSecurityPolicy/userAgentShadowDOM/allow-svg-font-expected.txt: Added.
* http/tests/security/contentSecurityPolicy/userAgentShadowDOM/allow-svg-font.html: Added.
* http/tests/security/contentSecurityPolicy/userAgentShadowDOM/allow-svg-use-element-expected.txt: Added.
* http/tests/security/contentSecurityPolicy/userAgentShadowDOM/allow-svg-use-element.html: Added.
* http/tests/security/contentSecurityPolicy/userAgentShadowDOM/allow-track-expected.txt: Added.
* http/tests/security/contentSecurityPolicy/userAgentShadowDOM/allow-track.html: Added.
* http/tests/security/contentSecurityPolicy/userAgentShadowDOM/allow-video-expected.txt: Added.
* http/tests/security/contentSecurityPolicy/userAgentShadowDOM/allow-video.html: Added.
* http/tests/security/contentSecurityPolicy/userAgentShadowDOM/block-loading-user-agent-image-from-non-user-agent-content-expected.txt: Added.
* http/tests/security/contentSecurityPolicy/userAgentShadowDOM/block-loading-user-agent-image-from-non-user-agent-content.html: Added.
* http/tests/security/contentSecurityPolicy/userAgentShadowDOM/default-src-object-data-url-allowed-expected.txt: Added.
* http/tests/security/contentSecurityPolicy/userAgentShadowDOM/default-src-object-data-url-allowed.html: Added.
* http/tests/security/contentSecurityPolicy/userAgentShadowDOM/default-src-object-data-url-blocked-expected.txt: Added.
* http/tests/security/contentSecurityPolicy/userAgentShadowDOM/default-src-object-data-url-blocked.html: Added.
* http/tests/security/contentSecurityPolicy/userAgentShadowDOM/default-src-object-data-url-blocked2-expected.txt: Added.
* http/tests/security/contentSecurityPolicy/userAgentShadowDOM/default-src-object-data-url-blocked2.html: Added.
* http/tests/security/contentSecurityPolicy/userAgentShadowDOM/default-src-object-data-url-blocked3-expected.txt: Added.
* http/tests/security/contentSecurityPolicy/userAgentShadowDOM/default-src-object-data-url-blocked3.html: Added.
* http/tests/security/contentSecurityPolicy/userAgentShadowDOM/resources/ABCFont.svg: Added.
* http/tests/security/contentSecurityPolicy/userAgentShadowDOM/resources/allow-inline-script.js: Added.
(window.onload):
(testPassed):
* http/tests/security/contentSecurityPolicy/userAgentShadowDOM/resources/floodGreenFilter.svg: Added.
* http/tests/security/contentSecurityPolicy/userAgentShadowDOM/video-controls-allowed-expected.txt: Added.
* http/tests/security/contentSecurityPolicy/userAgentShadowDOM/video-controls-allowed.html: Added.
* http/tests/security/isolatedWorld/image-load-should-not-bypass-main-world-csp-expected.txt: Renamed from LayoutTests/http/tests/security/isolatedWorld/bypass-main-world-csp-expected.txt.
* http/tests/security/isolatedWorld/image-load-should-not-bypass-main-world-csp.html: Renamed from LayoutTests/http/tests/security/isolatedWorld/bypass-main-world-csp.html.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@186388 268f45cc-cd09-0410-ab3c-d52691b4dbfc
118 files changed:
LayoutTests/ChangeLog
LayoutTests/http/tests/security/contentSecurityPolicy/resources/alert-pass-and-notify-done.js [new file with mode: 0644]
LayoutTests/http/tests/security/contentSecurityPolicy/resources/wait-until-done.js [new file with mode: 0644]
LayoutTests/http/tests/security/contentSecurityPolicy/userAgentShadowDOM/allow-audio-expected.txt [new file with mode: 0644]
LayoutTests/http/tests/security/contentSecurityPolicy/userAgentShadowDOM/allow-audio.html [new file with mode: 0644]
LayoutTests/http/tests/security/contentSecurityPolicy/userAgentShadowDOM/allow-css-background-expected.txt [new file with mode: 0644]
LayoutTests/http/tests/security/contentSecurityPolicy/userAgentShadowDOM/allow-css-background.html [new file with mode: 0644]
LayoutTests/http/tests/security/contentSecurityPolicy/userAgentShadowDOM/allow-css-cursor-expected.txt [new file with mode: 0644]
LayoutTests/http/tests/security/contentSecurityPolicy/userAgentShadowDOM/allow-css-cursor.html [new file with mode: 0644]
LayoutTests/http/tests/security/contentSecurityPolicy/userAgentShadowDOM/allow-css-filter-on-image-expected.txt [new file with mode: 0644]
LayoutTests/http/tests/security/contentSecurityPolicy/userAgentShadowDOM/allow-css-filter-on-image.html [new file with mode: 0644]
LayoutTests/http/tests/security/contentSecurityPolicy/userAgentShadowDOM/allow-css-webkit-image-set-expected.txt [new file with mode: 0644]
LayoutTests/http/tests/security/contentSecurityPolicy/userAgentShadowDOM/allow-css-webkit-image-set.html [new file with mode: 0644]
LayoutTests/http/tests/security/contentSecurityPolicy/userAgentShadowDOM/allow-embed-plugin-expected.txt [new file with mode: 0644]
LayoutTests/http/tests/security/contentSecurityPolicy/userAgentShadowDOM/allow-embed-plugin.html [new file with mode: 0644]
LayoutTests/http/tests/security/contentSecurityPolicy/userAgentShadowDOM/allow-external-script-expected.txt [new file with mode: 0644]
LayoutTests/http/tests/security/contentSecurityPolicy/userAgentShadowDOM/allow-external-script.html [new file with mode: 0644]
LayoutTests/http/tests/security/contentSecurityPolicy/userAgentShadowDOM/allow-iframe-expected.txt [new file with mode: 0644]
LayoutTests/http/tests/security/contentSecurityPolicy/userAgentShadowDOM/allow-iframe.html [new file with mode: 0644]
LayoutTests/http/tests/security/contentSecurityPolicy/userAgentShadowDOM/allow-image-after-redirect-expected.txt [new file with mode: 0644]
LayoutTests/http/tests/security/contentSecurityPolicy/userAgentShadowDOM/allow-image-after-redirect.html [new file with mode: 0644]
LayoutTests/http/tests/security/contentSecurityPolicy/userAgentShadowDOM/allow-image-expected.txt [new file with mode: 0644]
LayoutTests/http/tests/security/contentSecurityPolicy/userAgentShadowDOM/allow-image.html [new file with mode: 0644]
LayoutTests/http/tests/security/contentSecurityPolicy/userAgentShadowDOM/allow-inline-script-expected.txt [new file with mode: 0644]
LayoutTests/http/tests/security/contentSecurityPolicy/userAgentShadowDOM/allow-inline-script.html [new file with mode: 0644]
LayoutTests/http/tests/security/contentSecurityPolicy/userAgentShadowDOM/allow-inline-style-expected.txt [new file with mode: 0644]
LayoutTests/http/tests/security/contentSecurityPolicy/userAgentShadowDOM/allow-inline-style.html [new file with mode: 0644]
LayoutTests/http/tests/security/contentSecurityPolicy/userAgentShadowDOM/allow-inline-stylesheet-expected.txt [new file with mode: 0644]
LayoutTests/http/tests/security/contentSecurityPolicy/userAgentShadowDOM/allow-inline-stylesheet.html [new file with mode: 0644]
LayoutTests/http/tests/security/contentSecurityPolicy/userAgentShadowDOM/allow-object-expected.txt [new file with mode: 0644]
LayoutTests/http/tests/security/contentSecurityPolicy/userAgentShadowDOM/allow-object-plugin-expected.txt [new file with mode: 0644]
LayoutTests/http/tests/security/contentSecurityPolicy/userAgentShadowDOM/allow-object-plugin.html [new file with mode: 0644]
LayoutTests/http/tests/security/contentSecurityPolicy/userAgentShadowDOM/allow-object.html [new file with mode: 0644]
LayoutTests/http/tests/security/contentSecurityPolicy/userAgentShadowDOM/allow-svg-feimage-element-expected.txt [new file with mode: 0644]
LayoutTests/http/tests/security/contentSecurityPolicy/userAgentShadowDOM/allow-svg-feimage-element.html [new file with mode: 0644]
LayoutTests/http/tests/security/contentSecurityPolicy/userAgentShadowDOM/allow-svg-font-expected.txt [new file with mode: 0644]
LayoutTests/http/tests/security/contentSecurityPolicy/userAgentShadowDOM/allow-svg-font.html [new file with mode: 0644]
LayoutTests/http/tests/security/contentSecurityPolicy/userAgentShadowDOM/allow-svg-use-element-expected.txt [new file with mode: 0644]
LayoutTests/http/tests/security/contentSecurityPolicy/userAgentShadowDOM/allow-svg-use-element.html [new file with mode: 0644]
LayoutTests/http/tests/security/contentSecurityPolicy/userAgentShadowDOM/allow-track-expected.txt [new file with mode: 0644]
LayoutTests/http/tests/security/contentSecurityPolicy/userAgentShadowDOM/allow-track.html [new file with mode: 0644]
LayoutTests/http/tests/security/contentSecurityPolicy/userAgentShadowDOM/allow-video-expected.txt [new file with mode: 0644]
LayoutTests/http/tests/security/contentSecurityPolicy/userAgentShadowDOM/allow-video.html [new file with mode: 0644]
LayoutTests/http/tests/security/contentSecurityPolicy/userAgentShadowDOM/block-loading-user-agent-image-from-non-user-agent-content-expected.txt [new file with mode: 0644]
LayoutTests/http/tests/security/contentSecurityPolicy/userAgentShadowDOM/block-loading-user-agent-image-from-non-user-agent-content.html [new file with mode: 0644]
LayoutTests/http/tests/security/contentSecurityPolicy/userAgentShadowDOM/default-src-object-data-url-allowed-expected.txt [new file with mode: 0644]
LayoutTests/http/tests/security/contentSecurityPolicy/userAgentShadowDOM/default-src-object-data-url-allowed.html [new file with mode: 0644]
LayoutTests/http/tests/security/contentSecurityPolicy/userAgentShadowDOM/default-src-object-data-url-blocked-expected.txt [new file with mode: 0644]
LayoutTests/http/tests/security/contentSecurityPolicy/userAgentShadowDOM/default-src-object-data-url-blocked.html [new file with mode: 0644]
LayoutTests/http/tests/security/contentSecurityPolicy/userAgentShadowDOM/default-src-object-data-url-blocked2-expected.txt [new file with mode: 0644]
LayoutTests/http/tests/security/contentSecurityPolicy/userAgentShadowDOM/default-src-object-data-url-blocked2.html [new file with mode: 0644]
LayoutTests/http/tests/security/contentSecurityPolicy/userAgentShadowDOM/default-src-object-data-url-blocked3-expected.txt [new file with mode: 0644]
LayoutTests/http/tests/security/contentSecurityPolicy/userAgentShadowDOM/default-src-object-data-url-blocked3.html [new file with mode: 0644]
LayoutTests/http/tests/security/contentSecurityPolicy/userAgentShadowDOM/resources/ABCFont.svg [new file with mode: 0644]
LayoutTests/http/tests/security/contentSecurityPolicy/userAgentShadowDOM/resources/allow-inline-script.js [new file with mode: 0644]
LayoutTests/http/tests/security/contentSecurityPolicy/userAgentShadowDOM/resources/floodGreenFilter.svg [new file with mode: 0644]
LayoutTests/http/tests/security/contentSecurityPolicy/userAgentShadowDOM/video-controls-allowed-expected.txt [new file with mode: 0644]
LayoutTests/http/tests/security/contentSecurityPolicy/userAgentShadowDOM/video-controls-allowed.html [new file with mode: 0644]
LayoutTests/http/tests/security/isolatedWorld/image-load-should-not-bypass-main-world-csp-expected.txt [moved from LayoutTests/http/tests/security/isolatedWorld/bypass-main-world-csp-expected.txt with 56% similarity]
LayoutTests/http/tests/security/isolatedWorld/image-load-should-not-bypass-main-world-csp.html [moved from LayoutTests/http/tests/security/isolatedWorld/bypass-main-world-csp.html with 97% similarity]
Source/WebCore/ChangeLog
Source/WebCore/Modules/websockets/WebSocket.cpp
Source/WebCore/css/CSSCanvasValue.h
Source/WebCore/css/CSSCrossfadeValue.cpp
Source/WebCore/css/CSSCrossfadeValue.h
Source/WebCore/css/CSSCursorImageValue.cpp
Source/WebCore/css/CSSCursorImageValue.h
Source/WebCore/css/CSSFilterImageValue.cpp
Source/WebCore/css/CSSFilterImageValue.h
Source/WebCore/css/CSSFontFaceSrcValue.cpp
Source/WebCore/css/CSSFontFaceSrcValue.h
Source/WebCore/css/CSSFontSelector.cpp
Source/WebCore/css/CSSFontSelector.h
Source/WebCore/css/CSSGradientValue.h
Source/WebCore/css/CSSImageGeneratorValue.cpp
Source/WebCore/css/CSSImageGeneratorValue.h
Source/WebCore/css/CSSImageSetValue.cpp
Source/WebCore/css/CSSImageSetValue.h
Source/WebCore/css/CSSImageValue.cpp
Source/WebCore/css/CSSImageValue.h
Source/WebCore/css/RuleSet.cpp
Source/WebCore/css/RuleSet.h
Source/WebCore/css/StyleResolver.cpp
Source/WebCore/css/StyleRuleImport.cpp
Source/WebCore/dom/Element.h
Source/WebCore/dom/InlineStyleSheetOwner.cpp
Source/WebCore/dom/Node.cpp
Source/WebCore/dom/Node.h
Source/WebCore/dom/ScriptElement.cpp
Source/WebCore/dom/StyledElement.cpp
Source/WebCore/html/HTMLMediaElement.cpp
Source/WebCore/html/HTMLTrackElement.cpp
Source/WebCore/html/track/LoadableTextTrack.cpp
Source/WebCore/loader/DocumentLoader.cpp
Source/WebCore/loader/ImageLoader.cpp
Source/WebCore/loader/MediaResourceLoader.cpp
Source/WebCore/loader/NetscapePlugInStreamLoader.cpp
Source/WebCore/loader/PolicyChecker.cpp
Source/WebCore/loader/ResourceLoaderOptions.h
Source/WebCore/loader/SubframeLoader.cpp
Source/WebCore/loader/TextTrackLoader.cpp
Source/WebCore/loader/TextTrackLoader.h
Source/WebCore/loader/cache/CachedResourceLoader.cpp
Source/WebCore/loader/cache/CachedSVGDocumentReference.cpp
Source/WebCore/loader/cache/CachedSVGDocumentReference.h
Source/WebCore/loader/icon/IconLoader.cpp
Source/WebCore/page/ContentSecurityPolicy.cpp
Source/WebCore/page/ContentSecurityPolicy.h
Source/WebCore/page/DOMSecurityPolicy.cpp
Source/WebCore/page/EventSource.cpp
Source/WebCore/platform/graphics/avfoundation/objc/WebCoreAVFResourceLoader.mm
Source/WebCore/svg/SVGFEImageElement.cpp
Source/WebCore/svg/SVGFontFaceUriElement.cpp
Source/WebCore/svg/SVGUseElement.cpp
Source/WebCore/testing/Internals.cpp
Source/WebCore/testing/Internals.h
Source/WebCore/testing/Internals.idl
Source/WebCore/xml/XMLHttpRequest.cpp