WebCore:
Reviewed by Darin.
<rdar://problem/
4005575> Arbitrary file disclosure vulnerability due to ability to load local html from remote content
* khtml/ecma/kjs_html.cpp:
(KJS::HTMLDocument::putValue):
* khtml/ecma/kjs_window.cpp:
(Window::put):
(WindowFunc::tryCall):
(Location::put):
(LocationFunc::tryCall):
* khtml/khtml_part.cpp:
(KHTMLPart::begin):
(KHTMLPart::scheduleLocationChange):
(KHTMLPart::slotRedirect):
(KHTMLPart::processObjectRequest):
* khtml/khtml_part.h:
* khtml/khtmlpart_p.h:
* kwq/KWQKHTMLPart.mm:
(KWQKHTMLPart::openURLRequest):
(KWQKHTMLPart::urlSelected):
(KWQKHTMLPart::createPart):
* kwq/KWQKHTMLPartBrowserExtension.mm:
(KHTMLPartBrowserExtension::createNewWindow):
* kwq/WebCoreBridge.h:
* kwq/WebCoreBridge.mm:
(hasCaseInsensitivePrefix):
(-[WebCoreBridge didNotOpenURL:pageCache:]):
(-[WebCoreBridge canLoadURL:fromReferrer:hideReferrer:]):
WebKit:
Reviewed by Darin.
<rdar://problem/
4005575> Arbitrary file disclosure vulnerability due to ability to load local html from remote content
* Plugins.subproj/WebBaseNetscapePluginView.m:
(-[WebBaseNetscapePluginView requestWithURLCString:]):
* Plugins.subproj/WebNetscapePluginEmbeddedView.m:
(-[WebNetscapePluginEmbeddedView didStart]):
* Plugins.subproj/WebNetscapePluginStream.m:
(-[WebNetscapePluginStream initWithRequest:pluginPointer:notifyData:sendNotification:]):
* WebCoreSupport.subproj/WebBridge.m:
(-[WebBridge createWindowWithURL:frameName:]):
(-[WebBridge startLoadingResource:withURL:customHeaders:]):
(-[WebBridge startLoadingResource:withURL:customHeaders:postData:]):
(-[WebBridge syncLoadResourceWithURL:customHeaders:postData:finalURL:responseHeaders:statusCode:]):
(-[WebBridge loadURL:referrer:reload:userGesture:target:triggeringEvent:form:formValues:]):
(-[WebBridge postWithURL:referrer:target:data:contentType:triggeringEvent:form:formValues:]):
(-[WebBridge createChildFrameNamed:withURL:referrer:renderPart:allowsScrolling:marginWidth:marginHeight:]):
(-[WebBridge viewForPluginWithURL:attributeNames:attributeValues:MIMEType:]):
* WebView.subproj/WebFrame.m:
(-[WebFrame _loadURL:referrer:intoChild:]):
* WebView.subproj/WebFramePrivate.h:
git-svn-id: https://svn.webkit.org/repository/webkit/trunk@8837
268f45cc-cd09-0410-ab3c-
d52691b4dbfc