WebCore:
authormjs <mjs@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Thu, 10 Mar 2005 01:00:28 +0000 (01:00 +0000)
committermjs <mjs@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Thu, 10 Mar 2005 01:00:28 +0000 (01:00 +0000)
commit95c0c0b4b0f3d10b878d535af4675ee43ef4e46e
tree2e11a583bca0cb6db424f9d39a6252655c101f0a
parentd5fd163495c2d8597f7c1d56e6b5026c2015c4db
WebCore:

        Reviewed by Darin.

<rdar://problem/4005575> Arbitrary file disclosure vulnerability due to ability to load local html from remote content

        * khtml/ecma/kjs_html.cpp:
        (KJS::HTMLDocument::putValue):
        * khtml/ecma/kjs_window.cpp:
        (Window::put):
        (WindowFunc::tryCall):
        (Location::put):
        (LocationFunc::tryCall):
        * khtml/khtml_part.cpp:
        (KHTMLPart::begin):
        (KHTMLPart::scheduleLocationChange):
        (KHTMLPart::slotRedirect):
        (KHTMLPart::processObjectRequest):
        * khtml/khtml_part.h:
        * khtml/khtmlpart_p.h:
        * kwq/KWQKHTMLPart.mm:
        (KWQKHTMLPart::openURLRequest):
        (KWQKHTMLPart::urlSelected):
        (KWQKHTMLPart::createPart):
        * kwq/KWQKHTMLPartBrowserExtension.mm:
        (KHTMLPartBrowserExtension::createNewWindow):
        * kwq/WebCoreBridge.h:
        * kwq/WebCoreBridge.mm:
        (hasCaseInsensitivePrefix):
        (-[WebCoreBridge didNotOpenURL:pageCache:]):
        (-[WebCoreBridge canLoadURL:fromReferrer:hideReferrer:]):

WebKit:

        Reviewed by Darin.

<rdar://problem/4005575> Arbitrary file disclosure vulnerability due to ability to load local html from remote content

* Plugins.subproj/WebBaseNetscapePluginView.m:
        (-[WebBaseNetscapePluginView requestWithURLCString:]):
        * Plugins.subproj/WebNetscapePluginEmbeddedView.m:
        (-[WebNetscapePluginEmbeddedView didStart]):
        * Plugins.subproj/WebNetscapePluginStream.m:
        (-[WebNetscapePluginStream initWithRequest:pluginPointer:notifyData:sendNotification:]):
        * WebCoreSupport.subproj/WebBridge.m:
        (-[WebBridge createWindowWithURL:frameName:]):
        (-[WebBridge startLoadingResource:withURL:customHeaders:]):
        (-[WebBridge startLoadingResource:withURL:customHeaders:postData:]):
        (-[WebBridge syncLoadResourceWithURL:customHeaders:postData:finalURL:responseHeaders:statusCode:]):
        (-[WebBridge loadURL:referrer:reload:userGesture:target:triggeringEvent:form:formValues:]):
        (-[WebBridge postWithURL:referrer:target:data:contentType:triggeringEvent:form:formValues:]):
        (-[WebBridge createChildFrameNamed:withURL:referrer:renderPart:allowsScrolling:marginWidth:marginHeight:]):
        (-[WebBridge viewForPluginWithURL:attributeNames:attributeValues:MIMEType:]):
        * WebView.subproj/WebFrame.m:
        (-[WebFrame _loadURL:referrer:intoChild:]):
        * WebView.subproj/WebFramePrivate.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@8837 268f45cc-cd09-0410-ab3c-d52691b4dbfc
17 files changed:
WebCore/ChangeLog-2005-08-23
WebCore/khtml/ecma/kjs_html.cpp
WebCore/khtml/ecma/kjs_window.cpp
WebCore/khtml/khtml_part.cpp
WebCore/khtml/khtml_part.h
WebCore/khtml/khtmlpart_p.h
WebCore/kwq/KWQKHTMLPart.mm
WebCore/kwq/KWQKHTMLPartBrowserExtension.mm
WebCore/kwq/WebCoreBridge.h
WebCore/kwq/WebCoreBridge.mm
WebKit/ChangeLog
WebKit/Plugins.subproj/WebBaseNetscapePluginView.m
WebKit/Plugins.subproj/WebNetscapePluginEmbeddedView.m
WebKit/Plugins.subproj/WebNetscapePluginStream.m
WebKit/WebCoreSupport.subproj/WebBridge.m
WebKit/WebView.subproj/WebFrame.m
WebKit/WebView.subproj/WebFramePrivate.h