Source/WebCore: Don't grant local content permissions for appcache loads.
authorjaphet@chromium.org <japhet@chromium.org@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Thu, 28 Mar 2013 21:58:19 +0000 (21:58 +0000)
committerjaphet@chromium.org <japhet@chromium.org@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Thu, 28 Mar 2013 21:58:19 +0000 (21:58 +0000)
https://bugs.webkit.org/show_bug.cgi?id=112542

Reviewed by Antti Koivisto.

No new tests, fixing http/tests/appcache/local-content.html

* loader/DocumentLoader.cpp:
(WebCore::DocumentLoader::DocumentLoader):
(WebCore::DocumentLoader::commitData): Don't grant local load permissions
    to all SubstituteData loads, only give them to loads that were SubstituteData
    loads at the time of DocumentLoader construction. This constitutes all
    SubstituteData loads except those triggered by appcache.
* loader/DocumentLoader.h:
* loader/FrameLoader.cpp:
(WebCore::FrameLoader::didBeginDocument): Move granting local load
    permissions for SubstituteData loads to DocumentLoader::commitData().

LayoutTests: Remove expected failure for https://bugs.webkit.org/show_bug.cgi?id=112542

Reviewed by Antti Koivisto.

* platform/qt-5.0-wk1/TestExpectations:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@147165 268f45cc-cd09-0410-ab3c-d52691b4dbfc

LayoutTests/ChangeLog
LayoutTests/platform/qt-5.0-wk1/TestExpectations
Source/WebCore/ChangeLog
Source/WebCore/loader/DocumentLoader.cpp
Source/WebCore/loader/DocumentLoader.h
Source/WebCore/loader/FrameLoader.cpp

index 560f5bb..f8fe1d4 100644 (file)
@@ -1,3 +1,11 @@
+2013-03-28  Nate Chapin  <japhet@chromium.org>
+
+        Remove expected failure for https://bugs.webkit.org/show_bug.cgi?id=112542
+
+        Reviewed by Antti Koivisto.
+
+        * platform/qt-5.0-wk1/TestExpectations:
+
 2013-03-28  Mike West  <mkwst@chromium.org>
 
         X-Frame-Options: Blocked resources should fire load events.
index 15bfa80..d93df22 100644 (file)
@@ -160,6 +160,3 @@ webkit.org/b/112333 css3/compositing/blend-mode-property-parsing.html  [ Skip ]
 webkit.org/b/112333 css3/compositing/blend-mode-property.html [ Skip ]
 webkit.org/b/112333 css3/compositing/should-have-compositing-layer.html [ Skip ]
 webkit.org/b/112333 transitions/blendmode-transitions.html  [ Skip ]
-
-# [Qt][WK1] REGRESSION(r145973): http/tests/appcache/local-content.html fails
-webkit.org/b/112542 http/tests/appcache/local-content.html [ Skip ]
index 40e474d..4eced12 100644 (file)
@@ -1,3 +1,23 @@
+2013-03-28  Nate Chapin  <japhet@chromium.org>
+
+        Don't grant local content permissions for appcache loads.
+        https://bugs.webkit.org/show_bug.cgi?id=112542
+
+        Reviewed by Antti Koivisto.
+
+        No new tests, fixing http/tests/appcache/local-content.html
+
+        * loader/DocumentLoader.cpp:
+        (WebCore::DocumentLoader::DocumentLoader):
+        (WebCore::DocumentLoader::commitData): Don't grant local load permissions
+            to all SubstituteData loads, only give them to loads that were SubstituteData
+            loads at the time of DocumentLoader construction. This constitutes all
+            SubstituteData loads except those triggered by appcache.
+        * loader/DocumentLoader.h:
+        * loader/FrameLoader.cpp:
+        (WebCore::FrameLoader::didBeginDocument): Move granting local load
+            permissions for SubstituteData loads to DocumentLoader::commitData().
+
 2013-03-28  Mike West  <mkwst@chromium.org>
 
         X-Frame-Options: Blocked resources should fire load events.
index 010b066..0eaa107 100644 (file)
@@ -54,6 +54,7 @@
 #include "ProgressTracker.h"
 #include "ResourceBuffer.h"
 #include "SchemeRegistry.h"
+#include "SecurityPolicy.h"
 #include "Settings.h"
 #include "SubresourceLoader.h"
 #include "TextResourceDecoder.h"
@@ -103,6 +104,7 @@ DocumentLoader::DocumentLoader(const ResourceRequest& req, const SubstituteData&
     , m_substituteData(substituteData)
     , m_originalRequestCopy(req)
     , m_request(req)
+    , m_originalSubstituteDataWasValid(substituteData.isValid())
     , m_committed(false)
     , m_isStopping(false)
     , m_gotFirstByte(false)
@@ -760,6 +762,14 @@ void DocumentLoader::commitData(const char* bytes, size_t length)
         m_writer.begin(documentURL(), false);
         m_writer.setDocumentWasLoadedAsPartOfNavigation();
 
+        if (SecurityPolicy::allowSubstituteDataAccessToLocal() && m_originalSubstituteDataWasValid) {
+            // If this document was loaded with substituteData, then the document can
+            // load local resources. See https://bugs.webkit.org/show_bug.cgi?id=16756
+            // and https://bugs.webkit.org/show_bug.cgi?id=19760 for further
+            // discussion.
+            m_frame->document()->securityOrigin()->grantLoadLocalResources();
+        }
+
         if (frameLoader()->stateMachine()->creatingInitialEmptyDocument())
             return;
         
index 47e7359..c4b99af 100644 (file)
@@ -343,6 +343,7 @@ namespace WebCore {
     
         ResourceError m_mainDocumentError;    
 
+        bool m_originalSubstituteDataWasValid;
         bool m_committed;
         bool m_isStopping;
         bool m_gotFirstByte;
index e3516d5..c3719d0 100644 (file)
@@ -683,14 +683,6 @@ void FrameLoader::didBeginDocument(bool dispatch)
             if (!headerContentLanguage.isEmpty())
                 m_frame->document()->setContentLanguage(headerContentLanguage);
         }
-
-        if (SecurityPolicy::allowSubstituteDataAccessToLocal() && m_documentLoader->substituteData().isValid()) {
-            // If this document was loaded with substituteData, then the document can
-            // load local resources. See https://bugs.webkit.org/show_bug.cgi?id=16756
-            // and https://bugs.webkit.org/show_bug.cgi?id=19760 for further
-            // discussion.
-            m_frame->document()->securityOrigin()->grantLoadLocalResources();
-        }
     }
 
     history()->restoreDocumentState();