+2005-03-12 Maciej Stachowiak <mjs@apple.com>
+
+ Reviewed by Adele.
+
+ <rdar://problem/4046144> RSS pages leave a hole in local file security policy (need to revert feed: exemption)
+
+ * kwq/WebCoreBridge.mm:
+ (-[WebCoreBridge canLoadURL:fromReferrer:hideReferrer:]): Revert
+ emergency workaround for Safari RSS, now that a new Syndication
+ has been submitted.
+
2005-03-11 Maciej Stachowiak <mjs@apple.com>
Reviewed by Kevin.
*hideReferrer = !hasCaseInsensitivePrefix(referrer,@"http:") && !hasCaseInsensitivePrefix(referrer, @"https:");
BOOL referrerIsFileURL = hasCaseInsensitivePrefix(referrer, @"file:");
- // FIXME: temporarily let Safari RSS load local file resources, this is a
- // hole in the security check but can be fixed later.
- BOOL referrerIsFeedURL = hasCaseInsensitivePrefix(referrer, @"feed:") || hasCaseInsensitivePrefix(referrer, @"feeds:");
-
BOOL URLIsFileURL = [[URL scheme] compare:@"file" options:(NSCaseInsensitiveSearch|NSLiteralSearch)] == NSOrderedSame;
- return referrerIsFileURL || !URLIsFileURL || referrerIsFeedURL;
+ return !URLIsFileURL || referrerIsFileURL;
}
- (void)saveDocumentState