Unable to play videos in Safari using QuickTime plug-in until I've played those video...
authorcommit-queue@webkit.org <commit-queue@webkit.org@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Tue, 4 Jun 2013 06:03:19 +0000 (06:03 +0000)
committercommit-queue@webkit.org <commit-queue@webkit.org@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Tue, 4 Jun 2013 06:03:19 +0000 (06:03 +0000)
https://bugs.webkit.org/show_bug.cgi?id=117174
<rdar://problem/13711687>

Patch by Simon Cooper <scooper@apple.com> on 2013-06-03
Reviewed by Alexey Proskuryakov.

Pull in fixes that allow https connections within the plugin
environment.

* Resources/PlugInSandboxProfiles/com.apple.WebKit.plugin-common.sb:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@151156 268f45cc-cd09-0410-ab3c-d52691b4dbfc

Source/WebKit2/ChangeLog
Source/WebKit2/Resources/PlugInSandboxProfiles/com.apple.WebKit.plugin-common.sb

index ded87d9..c187e33 100644 (file)
@@ -1,3 +1,16 @@
+2013-06-03  Simon Cooper  <scooper@apple.com>
+
+        Unable to play videos in Safari using QuickTime plug-in until I've played those videos in Chrome first
+        https://bugs.webkit.org/show_bug.cgi?id=117174
+        <rdar://problem/13711687>
+
+        Reviewed by Alexey Proskuryakov.
+
+        Pull in fixes that allow https connections within the plugin
+        environment.
+
+        * Resources/PlugInSandboxProfiles/com.apple.WebKit.plugin-common.sb:
+
 2013-06-03  Marcelo Lira  <marcelo.lira@openbossa.org>
 
         [WK2] REGRESSION(r150798): scrolling coordinator is not being enabled when WebPage is set to use fixed layout
 2013-06-03  Marcelo Lira  <marcelo.lira@openbossa.org>
 
         [WK2] REGRESSION(r150798): scrolling coordinator is not being enabled when WebPage is set to use fixed layout
index 6a92ee0..a2269e4 100644 (file)
                        (home-library-preferences-regex (string-append #"/ByHost/" (regex-quote domain) #"\..*\.plist$")))))
             domains))
 
                        (home-library-preferences-regex (string-append #"/ByHost/" (regex-quote domain) #"\..*\.plist$")))))
             domains))
 
+;; OS X 10.7 (Lion) compatibility
+(if (not (defined? 'ipc-posix-shm*))
+    (define ipc-posix-shm* ipc-posix-shm))
+(if (not (defined? 'ipc-posix-shm-read*))
+    (define ipc-posix-shm-read* ipc-posix-shm))
+(if (not (defined? 'ipc-posix-shm-write-data))
+    (define ipc-posix-shm-write-data ipc-posix-shm))
 
 ;; Graphics
 (if (defined? 'system-graphics)
 
 ;; Graphics
 (if (defined? 'system-graphics)
@@ -85,6 +92,7 @@
     "com.apple.LaunchServices"
     "com.apple.MultitouchSupport"
     "com.apple.security"
     "com.apple.LaunchServices"
     "com.apple.MultitouchSupport"
     "com.apple.security"
+    "com.apple.security.revocation"
     "com.apple.security_common"
     "com.apple.speech.voice.prefs"
     "com.apple.speech.synthesis.general.prefs"
     "com.apple.security_common"
     "com.apple.speech.voice.prefs"
     "com.apple.speech.synthesis.general.prefs"
     ;; FIXME: This should be removed when <rdar://problem/10479685> is fixed.
     (subpath "/Library/Keychains"))
 
     ;; FIXME: This should be removed when <rdar://problem/10479685> is fixed.
     (subpath "/Library/Keychains"))
 
+;; Security framework
+(allow mach-lookup (global-name "com.apple.ocspd"))
+(allow file-read* file-write* (home-library-subpath "/Keychains"))
+(allow file-read*
+       (subpath "/private/var/db/mds")
+       (literal "/private/var/db/DetachedSignatures"))
+(allow ipc-posix-shm-read* ipc-posix-shm-write-data
+       (ipc-posix-name "com.apple.AppleDatabaseChanged"))
 
 ;; Read-write preferences and data
 (allow file*
 
 ;; Read-write preferences and data
 (allow file*
 (define (webkit-imagecapture)
     (allow appleevent-send (appleevent-destination "com.apple.imagecaptureextension2")))
 
 (define (webkit-imagecapture)
     (allow appleevent-send (appleevent-destination "com.apple.imagecaptureextension2")))
 
-(if (not (defined? 'ipc-posix-shm*))
-    (define ipc-posix-shm* ipc-posix-shm))
-
 (allow ipc-posix-shm*
     (ipc-posix-name-regex #"^AudioIO")
     (ipc-posix-name-regex #"^CFPBS:")
     (ipc-posix-name "_CS_GSHMEMLOCK")
     (ipc-posix-name "_CS_DSHMEMLOCK"))
 
 (allow ipc-posix-shm*
     (ipc-posix-name-regex #"^AudioIO")
     (ipc-posix-name-regex #"^CFPBS:")
     (ipc-posix-name "_CS_GSHMEMLOCK")
     (ipc-posix-name "_CS_DSHMEMLOCK"))
 
-(if (not (defined? 'ipc-posix-shm-read*))
-    (define ipc-posix-shm-read* ipc-posix-shm))
-
 (allow ipc-posix-shm-read*
 (allow ipc-posix-shm-read*
+    (ipc-posix-name "FNetwork.defaultStorageSession")
     (ipc-posix-name "apple.shm.notification_center"))
 
 ;; Silently block access to some resources
     (ipc-posix-name "apple.shm.notification_center"))
 
 ;; Silently block access to some resources