Pass SecurityOrigin as references in CORS check code
authorcommit-queue@webkit.org <commit-queue@webkit.org@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Thu, 30 Jun 2016 06:28:58 +0000 (06:28 +0000)
committercommit-queue@webkit.org <commit-queue@webkit.org@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Thu, 30 Jun 2016 06:28:58 +0000 (06:28 +0000)
https://bugs.webkit.org/show_bug.cgi?id=159263

Patch by Youenn Fablet <youenn@apple.com> on 2016-06-29
Reviewed by Alex Christensen.

No change of behavior.

* css/CSSImageSetValue.cpp:
(WebCore::CSSImageSetValue::cachedImageSet):
* css/CSSImageValue.cpp:
(WebCore::CSSImageValue::cachedImage):
* dom/ScriptElement.cpp:
(WebCore::ScriptElement::requestScript):
* loader/CrossOriginAccessControl.cpp:
(WebCore::updateRequestForAccessControl):
(WebCore::createAccessControlPreflightRequest):
(WebCore::passesAccessControlCheck):
* loader/CrossOriginAccessControl.h:
* loader/CrossOriginPreflightChecker.cpp:
(WebCore::CrossOriginPreflightChecker::validatePreflightResponse):
* loader/DocumentThreadableLoader.cpp:
(WebCore::DocumentThreadableLoader::DocumentThreadableLoader):
(WebCore::DocumentThreadableLoader::makeCrossOriginAccessRequest):
(WebCore::DocumentThreadableLoader::preflightSuccess):
(WebCore::DocumentThreadableLoader::isAllowedRedirect):
(WebCore::DocumentThreadableLoader::securityOrigin):
* loader/DocumentThreadableLoader.h:
* loader/ImageLoader.cpp:
(WebCore::ImageLoader::updateFromElement):
* loader/LinkLoader.cpp:
(WebCore::preloadIfNeeded):
* loader/MediaResourceLoader.cpp:
(WebCore::MediaResourceLoader::requestResource):
* loader/SubresourceLoader.cpp:
(WebCore::SubresourceLoader::checkCrossOriginAccessControl):
* loader/TextTrackLoader.cpp:
(WebCore::TextTrackLoader::load):
* loader/cache/CachedResource.cpp:
(WebCore::CachedResource::passesAccessControlCheck):
* loader/cache/CachedResourceRequest.cpp:
(WebCore::CachedResourceRequest::setAsPotentiallyCrossOrigin):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@202674 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 files changed:
Source/WebCore/ChangeLog
Source/WebCore/css/CSSImageSetValue.cpp
Source/WebCore/css/CSSImageValue.cpp
Source/WebCore/dom/ScriptElement.cpp
Source/WebCore/loader/CrossOriginAccessControl.cpp
Source/WebCore/loader/CrossOriginAccessControl.h
Source/WebCore/loader/CrossOriginPreflightChecker.cpp
Source/WebCore/loader/DocumentThreadableLoader.cpp
Source/WebCore/loader/DocumentThreadableLoader.h
Source/WebCore/loader/ImageLoader.cpp
Source/WebCore/loader/LinkLoader.cpp
Source/WebCore/loader/MediaResourceLoader.cpp
Source/WebCore/loader/SubresourceLoader.cpp
Source/WebCore/loader/TextTrackLoader.cpp
Source/WebCore/loader/cache/CachedResource.cpp
Source/WebCore/loader/cache/CachedResourceRequest.cpp

index d4ec67b..4970710 100644 (file)
@@ -1,3 +1,47 @@
+2016-06-29  Youenn Fablet  <youenn@apple.com>
+
+        Pass SecurityOrigin as references in CORS check code
+        https://bugs.webkit.org/show_bug.cgi?id=159263
+
+        Reviewed by Alex Christensen.
+
+        No change of behavior.
+
+        * css/CSSImageSetValue.cpp:
+        (WebCore::CSSImageSetValue::cachedImageSet):
+        * css/CSSImageValue.cpp:
+        (WebCore::CSSImageValue::cachedImage):
+        * dom/ScriptElement.cpp:
+        (WebCore::ScriptElement::requestScript):
+        * loader/CrossOriginAccessControl.cpp:
+        (WebCore::updateRequestForAccessControl):
+        (WebCore::createAccessControlPreflightRequest):
+        (WebCore::passesAccessControlCheck):
+        * loader/CrossOriginAccessControl.h:
+        * loader/CrossOriginPreflightChecker.cpp:
+        (WebCore::CrossOriginPreflightChecker::validatePreflightResponse):
+        * loader/DocumentThreadableLoader.cpp:
+        (WebCore::DocumentThreadableLoader::DocumentThreadableLoader):
+        (WebCore::DocumentThreadableLoader::makeCrossOriginAccessRequest):
+        (WebCore::DocumentThreadableLoader::preflightSuccess):
+        (WebCore::DocumentThreadableLoader::isAllowedRedirect):
+        (WebCore::DocumentThreadableLoader::securityOrigin):
+        * loader/DocumentThreadableLoader.h:
+        * loader/ImageLoader.cpp:
+        (WebCore::ImageLoader::updateFromElement):
+        * loader/LinkLoader.cpp:
+        (WebCore::preloadIfNeeded):
+        * loader/MediaResourceLoader.cpp:
+        (WebCore::MediaResourceLoader::requestResource):
+        * loader/SubresourceLoader.cpp:
+        (WebCore::SubresourceLoader::checkCrossOriginAccessControl):
+        * loader/TextTrackLoader.cpp:
+        (WebCore::TextTrackLoader::load):
+        * loader/cache/CachedResource.cpp:
+        (WebCore::CachedResource::passesAccessControlCheck):
+        * loader/cache/CachedResourceRequest.cpp:
+        (WebCore::CachedResourceRequest::setAsPotentiallyCrossOrigin):
+
 2016-06-29  Adam Bergkvist  <adam.bergkvist@ericsson.com>
 
         WebRTC: Implement MediaEndpointPeerConnection::setConfiguration()
index c244d7b..0d50ffd 100644 (file)
@@ -118,8 +118,10 @@ StyleCachedImageSet* CSSImageSetValue::cachedImageSet(CachedResourceLoader& load
         ImageWithScale image = bestImageForScaleFactor();
         CachedResourceRequest request(ResourceRequest(document->completeURL(image.imageURL)), options);
         request.setInitiator(cachedResourceRequestInitiators().css);
-        if (options.requestOriginPolicy() == PotentiallyCrossOriginEnabled)
-            updateRequestForAccessControl(request.mutableResourceRequest(), document->securityOrigin(), options.allowCredentials());
+        if (options.requestOriginPolicy() == PotentiallyCrossOriginEnabled) {
+            ASSERT(document->securityOrigin());
+            updateRequestForAccessControl(request.mutableResourceRequest(), *document->securityOrigin(), options.allowCredentials());
+        }
         if (CachedResourceHandle<CachedImage> cachedImage = loader.requestImage(request)) {
             detachPendingImage();
             m_imageSet = StyleCachedImageSet::create(cachedImage.get(), image.scaleFactor, this);
index f8adaf0..68131be 100644 (file)
@@ -82,9 +82,10 @@ StyleCachedImage* CSSImageValue::cachedImage(CachedResourceLoader& loader, const
         else
             request.setInitiator(m_initiatorName);
 
-        if (options.requestOriginPolicy() == PotentiallyCrossOriginEnabled)
-            updateRequestForAccessControl(request.mutableResourceRequest(), loader.document()->securityOrigin(), options.allowCredentials());
-
+        if (options.requestOriginPolicy() == PotentiallyCrossOriginEnabled) {
+            ASSERT(loader.document()->securityOrigin());
+            updateRequestForAccessControl(request.mutableResourceRequest(), *loader.document()->securityOrigin(), options.allowCredentials());
+        }
         if (CachedResourceHandle<CachedImage> cachedImage = loader.requestImage(request)) {
             detachPendingImage();
             m_image = StyleCachedImage::create(cachedImage.get());
index b1a4419..0355f6c 100644 (file)
@@ -271,7 +271,8 @@ bool ScriptElement::requestScript(const String& sourceUrl)
         if (!crossOriginMode.isNull()) {
             m_requestUsesAccessControl = true;
             StoredCredentials allowCredentials = equalLettersIgnoringASCIICase(crossOriginMode, "use-credentials") ? AllowStoredCredentials : DoNotAllowStoredCredentials;
-            updateRequestForAccessControl(request.mutableResourceRequest(), m_element.document().securityOrigin(), allowCredentials);
+            ASSERT(m_element.document().securityOrigin());
+            updateRequestForAccessControl(request.mutableResourceRequest(), *m_element.document().securityOrigin(), allowCredentials);
         }
         request.setCharset(scriptCharset());
         request.setInitiator(&element());
index ad0cf1d..dc7570a 100644 (file)
@@ -98,14 +98,14 @@ bool isOnAccessControlResponseHeaderWhitelist(const String& name)
     return allowedCrossOriginResponseHeaders.get().contains(name);
 }
 
-void updateRequestForAccessControl(ResourceRequest& request, SecurityOrigin* securityOrigin, StoredCredentials allowCredentials)
+void updateRequestForAccessControl(ResourceRequest& request, SecurityOrigin& securityOrigin, StoredCredentials allowCredentials)
 {
     request.removeCredentials();
     request.setAllowCookies(allowCredentials == AllowStoredCredentials);
-    request.setHTTPOrigin(securityOrigin->toString());
+    request.setHTTPOrigin(securityOrigin.toString());
 }
 
-ResourceRequest createAccessControlPreflightRequest(const ResourceRequest& request, SecurityOrigin* securityOrigin)
+ResourceRequest createAccessControlPreflightRequest(const ResourceRequest& request, SecurityOrigin& securityOrigin)
 {
     ResourceRequest preflightRequest(request.url());
     updateRequestForAccessControl(preflightRequest, securityOrigin, DoNotAllowStoredCredentials);
@@ -152,7 +152,7 @@ void cleanRedirectedRequestForAccessControl(ResourceRequest& request)
     request.clearHTTPAcceptEncoding();
 }
 
-bool passesAccessControlCheck(const ResourceResponse& response, StoredCredentials includeCredentials, SecurityOrigin* securityOrigin, String& errorDescription)
+bool passesAccessControlCheck(const ResourceResponse& response, StoredCredentials includeCredentials, SecurityOrigin& securityOrigin, String& errorDescription)
 {
     // A wildcard Access-Control-Allow-Origin can not be used if credentials are to be sent,
     // even with Access-Control-Allow-Credentials set to true.
@@ -161,11 +161,11 @@ bool passesAccessControlCheck(const ResourceResponse& response, StoredCredential
         return true;
 
     // FIXME: Access-Control-Allow-Origin can contain a list of origins.
-    if (accessControlOriginString != securityOrigin->toString()) {
+    if (accessControlOriginString != securityOrigin.toString()) {
         if (accessControlOriginString == "*")
             errorDescription = "Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.";
         else
-            errorDescription =  "Origin " + securityOrigin->toString() + " is not allowed by Access-Control-Allow-Origin.";
+            errorDescription =  "Origin " + securityOrigin.toString() + " is not allowed by Access-Control-Allow-Origin.";
         return false;
     }
 
index c5524b0..26c497d 100644 (file)
@@ -48,13 +48,13 @@ bool isOnAccessControlSimpleRequestMethodWhitelist(const String&);
 bool isOnAccessControlSimpleRequestHeaderWhitelist(HTTPHeaderName, const String& value);
 bool isOnAccessControlResponseHeaderWhitelist(const String&);
 
-void updateRequestForAccessControl(ResourceRequest&, SecurityOrigin*, StoredCredentials);
-ResourceRequest createAccessControlPreflightRequest(const ResourceRequest&, SecurityOrigin*);
+void updateRequestForAccessControl(ResourceRequest&, SecurityOrigin&, StoredCredentials);
+ResourceRequest createAccessControlPreflightRequest(const ResourceRequest&, SecurityOrigin&);
 
 bool isValidCrossOriginRedirectionURL(const URL&);
 void cleanRedirectedRequestForAccessControl(ResourceRequest&);
 
-bool passesAccessControlCheck(const ResourceResponse&, StoredCredentials, SecurityOrigin*, String& errorDescription);
+bool passesAccessControlCheck(const ResourceResponse&, StoredCredentials, SecurityOrigin&, String& errorDescription);
 void parseAccessControlExposeHeadersAllowList(const String& headerValue, HTTPHeaderSet&);
 
 } // namespace WebCore
index 1a33be9..b8f8c30 100644 (file)
@@ -82,7 +82,7 @@ void CrossOriginPreflightChecker::validatePreflightResponse(DocumentThreadableLo
         return;
     }
 
-    CrossOriginPreflightResultCache::singleton().appendEntry(loader.securityOrigin()->toString(), request.url(), WTFMove(result));
+    CrossOriginPreflightResultCache::singleton().appendEntry(loader.securityOrigin().toString(), request.url(), WTFMove(result));
     loader.preflightSuccess(WTFMove(request));
 }
 
index 6262aec..ce42365 100644 (file)
@@ -86,7 +86,7 @@ DocumentThreadableLoader::DocumentThreadableLoader(Document& document, Threadabl
     , m_document(document)
     , m_options(options)
     , m_origin(WTFMove(origin))
-    , m_sameOriginRequest(securityOrigin()->canRequest(request.url()))
+    , m_sameOriginRequest(securityOrigin().canRequest(request.url()))
     , m_simpleRequest(true)
     , m_async(blockingBehavior == LoadAsynchronously)
     , m_contentSecurityPolicy(WTFMove(contentSecurityPolicy))
@@ -120,7 +120,7 @@ void DocumentThreadableLoader::makeCrossOriginAccessRequest(const ResourceReques
         makeSimpleCrossOriginAccessRequest(crossOriginRequest);
     else {
         m_simpleRequest = false;
-        if (CrossOriginPreflightResultCache::singleton().canSkipPreflight(securityOrigin()->toString(), crossOriginRequest.url(), m_options.allowCredentials(), crossOriginRequest.httpMethod(), crossOriginRequest.httpHeaderFields()))
+        if (CrossOriginPreflightResultCache::singleton().canSkipPreflight(securityOrigin().toString(), crossOriginRequest.url(), m_options.allowCredentials(), crossOriginRequest.httpMethod(), crossOriginRequest.httpHeaderFields()))
             preflightSuccess(WTFMove(crossOriginRequest));
         else
             makeCrossOriginAccessRequestWithPreflight(WTFMove(crossOriginRequest));
@@ -327,7 +327,7 @@ void DocumentThreadableLoader::didFail(unsigned long, const ResourceError& error
 void DocumentThreadableLoader::preflightSuccess(ResourceRequest&& request)
 {
     ResourceRequest actualRequest(WTFMove(request));
-    actualRequest.setHTTPOrigin(securityOrigin()->toString());
+    actualRequest.setHTTPOrigin(securityOrigin().toString());
 
     m_preflightChecker = Nullopt;
 
@@ -435,7 +435,7 @@ bool DocumentThreadableLoader::isAllowedRedirect(const URL& url)
     if (m_options.crossOriginRequestPolicy == AllowCrossOriginRequests)
         return true;
 
-    return m_sameOriginRequest && securityOrigin()->canRequest(url);
+    return m_sameOriginRequest && securityOrigin().canRequest(url);
 }
 
 bool DocumentThreadableLoader::isXMLHttpRequest() const
@@ -443,9 +443,10 @@ bool DocumentThreadableLoader::isXMLHttpRequest() const
     return m_options.initiator == cachedResourceRequestInitiators().xmlhttprequest;
 }
 
-SecurityOrigin* DocumentThreadableLoader::securityOrigin() const
+SecurityOrigin& DocumentThreadableLoader::securityOrigin() const
 {
-    return m_origin ? m_origin.get() : m_document.securityOrigin();
+    ASSERT(m_document.securityOrigin());
+    return m_origin ? *m_origin : *m_document.securityOrigin();
 }
 
 const ContentSecurityPolicy& DocumentThreadableLoader::contentSecurityPolicy() const
index 6cc6b0e..87c8a8b 100644 (file)
@@ -97,7 +97,7 @@ namespace WebCore {
 
         bool isXMLHttpRequest() const final;
 
-        SecurityOrigin* securityOrigin() const;
+        SecurityOrigin& securityOrigin() const;
         const ContentSecurityPolicy& contentSecurityPolicy() const;
 
         Document& document() { return m_document; }
index 0f2b7d5..4cd5ec3 100644 (file)
@@ -182,7 +182,8 @@ void ImageLoader::updateFromElement()
         String crossOriginMode = element().fastGetAttribute(HTMLNames::crossoriginAttr);
         if (!crossOriginMode.isNull()) {
             StoredCredentials allowCredentials = equalLettersIgnoringASCIICase(crossOriginMode, "use-credentials") ? AllowStoredCredentials : DoNotAllowStoredCredentials;
-            updateRequestForAccessControl(request.mutableResourceRequest(), document.securityOrigin(), allowCredentials);
+            ASSERT(document.securityOrigin());
+            updateRequestForAccessControl(request.mutableResourceRequest(), *document.securityOrigin(), allowCredentials);
         }
 
         if (m_loadManually) {
index be4031e..84818eb 100644 (file)
@@ -128,8 +128,9 @@ static void preloadIfNeeded(const LinkRelAttribute& relAttribute, const URL& hre
     linkRequest.setInitiator("link");
 
     if (!crossOriginMode.isNull()) {
+        ASSERT(document.securityOrigin());
         StoredCredentials allowCredentials = equalLettersIgnoringASCIICase(crossOriginMode, "use-credentials") ? AllowStoredCredentials : DoNotAllowStoredCredentials;
-        updateRequestForAccessControl(linkRequest.mutableResourceRequest(), document.securityOrigin(), allowCredentials);
+        updateRequestForAccessControl(linkRequest.mutableResourceRequest(), *document.securityOrigin(), allowCredentials);
     }
     linkRequest.setForPreload(true);
     document.cachedResourceLoader().preload(type.value(), linkRequest, emptyString());
index 23b4faf..ec5fc4b 100644 (file)
@@ -80,9 +80,10 @@ RefPtr<PlatformMediaResource> MediaResourceLoader::requestResource(const Resourc
     // is in a user-agent shadow tree. See <https://bugs.webkit.org/show_bug.cgi?id=155505>.
     CachedResourceRequest cacheRequest(updatedRequest, ResourceLoaderOptions(SendCallbacks, DoNotSniffContent, bufferingPolicy, allowCredentials, AskClientForAllCredentials, ClientDidNotRequestCredentials, DoSecurityCheck, corsPolicy, DoNotIncludeCertificateInfo, ContentSecurityPolicyImposition::DoPolicyCheck, DefersLoadingPolicy::AllowDefersLoading, cachingPolicy));
 
-    if (!m_crossOriginMode.isNull())
-        updateRequestForAccessControl(cacheRequest.mutableResourceRequest(), m_document->securityOrigin(), allowCredentials);
-
+    if (!m_crossOriginMode.isNull()) {
+        ASSERT(m_document->securityOrigin());
+        updateRequestForAccessControl(cacheRequest.mutableResourceRequest(), *m_document->securityOrigin(), allowCredentials);
+    }
     CachedResourceHandle<CachedRawResource> resource = m_document->cachedResourceLoader().requestMedia(cacheRequest);
     if (!resource)
         return nullptr;
index 386ec07..d4f7ee0 100644 (file)
@@ -403,7 +403,7 @@ bool SubresourceLoader::checkCrossOriginAccessControl(const ResourceRequest& pre
 
     String errorDescription;
     bool responsePassesCORS = m_origin->canRequest(previousRequest.url())
-        || passesAccessControlCheck(redirectResponse, options().allowCredentials(), m_origin.get(), errorDescription);
+        || passesAccessControlCheck(redirectResponse, options().allowCredentials(), *m_origin, errorDescription);
     if (!responsePassesCORS || !isValidCrossOriginRedirectionURL(newRequest.url())) {
         if (m_frame && m_frame->document()) {
             String errorMessage = "Cross-origin redirection denied by Cross-Origin Resource Sharing policy: " +
@@ -416,7 +416,7 @@ bool SubresourceLoader::checkCrossOriginAccessControl(const ResourceRequest& pre
     // If the request URL origin is not the same as the original origin, the request origin should be set to a globally unique identifier.
     m_origin = SecurityOrigin::createUnique();
     cleanRedirectedRequestForAccessControl(newRequest);
-    updateRequestForAccessControl(newRequest, m_origin.get(), options().allowCredentials());
+    updateRequestForAccessControl(newRequest, *m_origin, options().allowCredentials());
 
     return true;
 }
index e30cae2..6c0e59f 100644 (file)
@@ -160,7 +160,7 @@ bool TextTrackLoader::load(const URL& url, const String& crossOriginMode, bool i
     if (!crossOriginMode.isNull()) {
         m_crossOriginMode = crossOriginMode;
         StoredCredentials allowCredentials = equalLettersIgnoringASCIICase(crossOriginMode, "use-credentials") ? AllowStoredCredentials : DoNotAllowStoredCredentials;
-        updateRequestForAccessControl(cueRequest.mutableResourceRequest(), document->securityOrigin(), allowCredentials);
+        updateRequestForAccessControl(cueRequest.mutableResourceRequest(), *document->securityOrigin(), allowCredentials);
     } else {
         // Cross-origin resources that are not suitably CORS-enabled may not load.
         if (!document->securityOrigin()->canRequest(url)) {
index 21ea814..8df7d5e 100644 (file)
@@ -352,7 +352,7 @@ void CachedResource::finish()
 bool CachedResource::passesAccessControlCheck(SecurityOrigin& securityOrigin)
 {
     String errorDescription;
-    return WebCore::passesAccessControlCheck(response(), resourceRequest().allowCookies() ? AllowStoredCredentials : DoNotAllowStoredCredentials, &securityOrigin, errorDescription);
+    return WebCore::passesAccessControlCheck(response(), resourceRequest().allowCookies() ? AllowStoredCredentials : DoNotAllowStoredCredentials, securityOrigin, errorDescription);
 }
 
 bool CachedResource::passesSameOriginPolicyCheck(SecurityOrigin& securityOrigin)
index 2458865..1d255bc 100644 (file)
@@ -100,7 +100,8 @@ void CachedResourceRequest::setAsPotentiallyCrossOrigin(const String& mode, Docu
     m_options.setRequestOriginPolicy(PotentiallyCrossOriginEnabled);
     m_options.setAllowCredentials(equalLettersIgnoringASCIICase(mode, "use-credentials") ? AllowStoredCredentials : DoNotAllowStoredCredentials);
 
-    updateRequestForAccessControl(m_resourceRequest, document.securityOrigin(), m_options.allowCredentials());
+    ASSERT(document.securityOrigin());
+    updateRequestForAccessControl(m_resourceRequest, *document.securityOrigin(), m_options.allowCredentials());
 }
 
 } // namespace WebCore