Disallow use of Geolocation service from unique origins
authordbates@webkit.org <dbates@webkit.org@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Thu, 14 Jan 2016 21:42:35 +0000 (21:42 +0000)
committerdbates@webkit.org <dbates@webkit.org@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Thu, 14 Jan 2016 21:42:35 +0000 (21:42 +0000)
commitc14469c3f1bfab2e14a564518d13f80162ad1e06
treead94c46f8c57a7f26ca3c3201d0fcd1d3f4b7a93
parent1aabaa3f2bba839a5df36e3f6fec4a66df96f532
Disallow use of Geolocation service from unique origins
https://bugs.webkit.org/show_bug.cgi?id=153102
<rdar://problem/23055645>

Reviewed by Alexey Proskuryakov.

Source/WebCore:

Tests: fast/dom/Geolocation/dataURL-getCurrentPosition.html
       fast/dom/Geolocation/dataURL-watchPosition.html
       fast/dom/Geolocation/srcdoc-getCurrentPosition.html
       fast/dom/Geolocation/srcdoc-watchPosition.html
       http/tests/security/sandboxed-iframe-geolocation-getCurrentPosition.html
       http/tests/security/sandboxed-iframe-geolocation-watchPosition.html

* Modules/geolocation/Geolocation.cpp:
(WebCore::Geolocation::securityOrigin): Convenience function to get the SecurityOrigin object
associated with this script execution context.
(WebCore::Geolocation::startRequest): Notify requester POSITION_UNAVAILABLE when requested
from a document with a unique origin.
* Modules/geolocation/Geolocation.h:
* page/SecurityOrigin.h:
(WebCore::SecurityOrigin::canRequestGeolocation): Added.

LayoutTests:

* fast/dom/Geolocation/dataURL-getCurrentPosition-expected.txt: Added.
* fast/dom/Geolocation/dataURL-getCurrentPosition.html: Added.
* fast/dom/Geolocation/dataURL-watchPosition-expected.txt: Added.
* fast/dom/Geolocation/dataURL-watchPosition.html: Added.
* fast/dom/Geolocation/srcdoc-getCurrentPosition-expected.txt: Added.
* fast/dom/Geolocation/srcdoc-getCurrentPosition.html: Added.
* fast/dom/Geolocation/srcdoc-watchPosition-expected.txt: Added.
* fast/dom/Geolocation/srcdoc-watchPosition.html: Added.
* http/tests/security/resources/checkThatPositionErrorCallbackIsCalledWithPositionUnavailableForGeolocationMethod.js: Added.
(done):
(logMessage):
(didReceivePosition):
(didReceiveError):
(checkThatPositionErrorCallbackIsCalledWithPositionUnavailableForGeolocationMethod):
(markupToCheckThatPositionErrorCallbackIsCalledWithPositionUnavailableForGeolocationMethod):
(dataURLToCheckThatPositionErrorCallbackIsCalledWithPositionUnavailableForGeolocationMethod):
* http/tests/security/resources/sandboxed-iframe-geolocation-getCurrentPosition.html: Added.
* http/tests/security/resources/sandboxed-iframe-geolocation-watchPosition.html: Added.
* http/tests/security/sandboxed-iframe-geolocation-getCurrentPosition-expected.txt: Added.
* http/tests/security/sandboxed-iframe-geolocation-getCurrentPosition.html: Added.
* http/tests/security/sandboxed-iframe-geolocation-watchPosition-expected.txt: Added.
* http/tests/security/sandboxed-iframe-geolocation-watchPosition.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@195075 268f45cc-cd09-0410-ab3c-d52691b4dbfc
20 files changed:
LayoutTests/ChangeLog
LayoutTests/fast/dom/Geolocation/dataURL-getCurrentPosition-expected.txt [new file with mode: 0644]
LayoutTests/fast/dom/Geolocation/dataURL-getCurrentPosition.html [new file with mode: 0644]
LayoutTests/fast/dom/Geolocation/dataURL-watchPosition-expected.txt [new file with mode: 0644]
LayoutTests/fast/dom/Geolocation/dataURL-watchPosition.html [new file with mode: 0644]
LayoutTests/fast/dom/Geolocation/srcdoc-getCurrentPosition-expected.txt [new file with mode: 0644]
LayoutTests/fast/dom/Geolocation/srcdoc-getCurrentPosition.html [new file with mode: 0644]
LayoutTests/fast/dom/Geolocation/srcdoc-watchPosition-expected.txt [new file with mode: 0644]
LayoutTests/fast/dom/Geolocation/srcdoc-watchPosition.html [new file with mode: 0644]
LayoutTests/http/tests/security/resources/checkThatPositionErrorCallbackIsCalledWithPositionUnavailableForGeolocationMethod.js [new file with mode: 0644]
LayoutTests/http/tests/security/resources/sandboxed-iframe-geolocation-getCurrentPosition.html [new file with mode: 0644]
LayoutTests/http/tests/security/resources/sandboxed-iframe-geolocation-watchPosition.html [new file with mode: 0644]
LayoutTests/http/tests/security/sandboxed-iframe-geolocation-getCurrentPosition-expected.txt [new file with mode: 0644]
LayoutTests/http/tests/security/sandboxed-iframe-geolocation-getCurrentPosition.html [new file with mode: 0644]
LayoutTests/http/tests/security/sandboxed-iframe-geolocation-watchPosition-expected.txt [new file with mode: 0644]
LayoutTests/http/tests/security/sandboxed-iframe-geolocation-watchPosition.html [new file with mode: 0644]
Source/WebCore/ChangeLog
Source/WebCore/Modules/geolocation/Geolocation.cpp
Source/WebCore/Modules/geolocation/Geolocation.h
Source/WebCore/page/SecurityOrigin.h