Make it possible to call ContentSecurityPolicy::upgradeInsecureRequestIfNeeded()...
authorcdumez@apple.com <cdumez@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Wed, 28 Mar 2018 00:12:32 +0000 (00:12 +0000)
committercdumez@apple.com <cdumez@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Wed, 28 Mar 2018 00:12:32 +0000 (00:12 +0000)
commit6a067edfe2ce9ef9f602f3c5049ba71610a8444e
tree06c0f22e1a75ead827062bf7166ad2e5b722f382
parent8cc82dc9907151afc367568977879ca85bb7ecf0
Make it possible to call ContentSecurityPolicy::upgradeInsecureRequestIfNeeded() from non-main threads
https://bugs.webkit.org/show_bug.cgi?id=184029

Reviewed by Youenn Fablet.

Make it possible to call ContentSecurityPolicy::upgradeInsecureRequestIfNeeded() from non-main threads
by having it use SecurityOriginData (which is safe to construct on non-main threads) instead of
SecurityOrigin (which isn't).

ContentSecurityPolicy::upgradeInsecureRequestIfNeeded() is already called from non-main thread in
FetchLoader, XHR and WebSocket when used in workers. This wasn't safe.

* loader/DocumentWriter.cpp:
(WebCore::DocumentWriter::begin):
* page/csp/ContentSecurityPolicy.cpp:
(WebCore::ContentSecurityPolicy::upgradeInsecureRequestIfNeeded const):
(WebCore::ContentSecurityPolicy::setUpgradeInsecureRequests):
(WebCore::ContentSecurityPolicy::takeNavigationRequestsToUpgrade):
(WebCore::ContentSecurityPolicy::setInsecureNavigationRequestsToUpgrade):
* page/csp/ContentSecurityPolicy.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@230017 268f45cc-cd09-0410-ab3c-d52691b4dbfc
Source/WebCore/ChangeLog
Source/WebCore/loader/DocumentWriter.cpp
Source/WebCore/page/csp/ContentSecurityPolicy.cpp
Source/WebCore/page/csp/ContentSecurityPolicy.h