- fixed <rdar://problem/
4049040> REGRESSION (403-405): security check prevents user stylesheet from loading (Dictionary.app doesn't work at all!)
* Plugins.subproj/WebNetscapePluginStream.m: (-[WebNetscapePluginStream initWithRequest:pluginPointer:notifyData:sendNotification:]):
Allow plug-in subresource streams to load with any URL, ignoring the "canLoadURL" method's restriction (only
file URLs can load other file URLs), which now applies only to main resources, like web pages in frames or
object tags and plug-in main resources.
* WebCoreSupport.subproj/WebBridge.m:
(-[WebBridge startLoadingResource:withURL:customHeaders:]): Allow subresources to load with any URL, as above.
This allows things like images, stylesheets, and JavaScript to be loaded without the "canLoadURL" method's
restriction.
(-[WebBridge startLoadingResource:withURL:customHeaders:postData:]): Ditto.
(-[WebBridge syncLoadResourceWithURL:customHeaders:postData:finalURL:responseHeaders:statusCode:]): Ditto.
git-svn-id: https://svn.webkit.org/repository/webkit/trunk@8874
268f45cc-cd09-0410-ab3c-
d52691b4dbfc
+2005-03-13 Darin Adler <darin@apple.com>
+
+ Reviewed by Ken and Maciej.
+
+ - fixed <rdar://problem/4049040> REGRESSION (403-405): security check prevents user stylesheet from loading (Dictionary.app doesn't work at all!)
+
+ * Plugins.subproj/WebNetscapePluginStream.m: (-[WebNetscapePluginStream initWithRequest:pluginPointer:notifyData:sendNotification:]):
+ Allow plug-in subresource streams to load with any URL, ignoring the "canLoadURL" method's restriction (only
+ file URLs can load other file URLs), which now applies only to main resources, like web pages in frames or
+ object tags and plug-in main resources.
+
+ * WebCoreSupport.subproj/WebBridge.m:
+ (-[WebBridge startLoadingResource:withURL:customHeaders:]): Allow subresources to load with any URL, as above.
+ This allows things like images, stylesheets, and JavaScript to be loaded without the "canLoadURL" method's
+ restriction.
+ (-[WebBridge startLoadingResource:withURL:customHeaders:postData:]): Ditto.
+ (-[WebBridge syncLoadResourceWithURL:customHeaders:postData:finalURL:responseHeaders:statusCode:]): Ditto.
+
2005-03-10 Richard Williamson <rjw@apple.com>
Fixed <rdar://problem/4040321> Exception: Someone's trying to encode a WebDataRequestParameters instance
WebBaseNetscapePluginView *view = (WebBaseNetscapePluginView *)thePluginPointer->ndata;
WebBridge *bridge = [[view webFrame] _bridge];
+
+ // Since this is a subresource, we can load any URL (we ignore the return value).
+ // But we still want to know whether we should hide the referrer or not, so we call the canLoadURL method.
BOOL hideReferrer;
- if (![bridge canLoadURL:[theRequest URL] fromReferrer:[bridge referrer] hideReferrer:&hideReferrer])
- return nil;
+ [bridge canLoadURL:[theRequest URL] fromReferrer:[bridge referrer] hideReferrer:&hideReferrer];
if ([self initWithRequestURL:[theRequest URL]
pluginPointer:thePluginPointer
return nil;
}
+ // Since this is a subresource, we can load any URL (we ignore the return value).
+ // But we still want to know whether we should hide the referrer or not, so we call the canLoadURL method.
BOOL hideReferrer;
- if (![self canLoadURL:URL fromReferrer:[self referrer] hideReferrer:&hideReferrer])
- return nil;
+ [self canLoadURL:URL fromReferrer:[self referrer] hideReferrer:&hideReferrer];
return [WebSubresourceClient startLoadingResource:resourceLoader
withURL:URL
return nil;
}
+ // Since this is a subresource, we can load any URL (we ignore the return value).
+ // But we still want to know whether we should hide the referrer or not, so we call the canLoadURL method.
BOOL hideReferrer;
- if (![self canLoadURL:URL fromReferrer:[self referrer] hideReferrer:&hideReferrer])
- return nil;
+ [self canLoadURL:URL fromReferrer:[self referrer] hideReferrer:&hideReferrer];
return [WebSubresourceClient startLoadingResource:resourceLoader
withURL:URL
- (NSData *)syncLoadResourceWithURL:(NSURL *)URL customHeaders:(NSDictionary *)requestHeaders postData:(NSArray *)postData finalURL:(NSURL **)finalURL responseHeaders:(NSDictionary **)responseHeaderDict statusCode:(int *)statusCode
{
+ // Since this is a subresource, we can load any URL (we ignore the return value).
+ // But we still want to know whether we should hide the referrer or not, so we call the canLoadURL method.
BOOL hideReferrer;
- if (![self canLoadURL:URL fromReferrer:[self referrer] hideReferrer:&hideReferrer])
- return nil;
+ [self canLoadURL:URL fromReferrer:[self referrer] hideReferrer:&hideReferrer];
NSMutableURLRequest *newRequest = [[NSMutableURLRequest alloc] initWithURL:URL];