<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN"
"http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head><meta http-equiv="content-type" content="text/html; charset=utf-8" /><style type="text/css"><!--
#msg dl { border: 1px #006 solid; background: #369; padding: 6px; color: #fff; }
#msg dt { float: left; width: 6em; font-weight: bold; }
#msg dt:after { content:':';}
#msg dl, #msg dt, #msg ul, #msg li, #header, #footer { font-family: verdana,arial,helvetica,sans-serif; font-size: 10pt; }
#msg dl a { font-weight: bold}
#msg dl a:link { color:#fc3; }
#msg dl a:active { color:#ff0; }
#msg dl a:visited { color:#cc6; }
h3 { font-family: verdana,arial,helvetica,sans-serif; font-size: 10pt; font-weight: bold; }
#msg pre { overflow: auto; background: #ffc; border: 1px #fc0 solid; padding: 6px; }
#msg ul, pre { overflow: auto; }
#header, #footer { color: #fff; background: #636; border: 1px #300 solid; padding: 6px; }
#patch { width: 100%; }
#patch h4 {font-family: verdana,arial,helvetica,sans-serif;font-size:10pt;padding:8px;background:#369;color:#fff;margin:0;}
#patch .propset h4, #patch .binary h4 {margin:0;}
#patch pre {padding:0;line-height:1.2em;margin:0;}
#patch .diff {width:100%;background:#eee;padding: 0 0 10px 0;overflow:auto;}
#patch .propset .diff, #patch .binary .diff {padding:10px 0;}
#patch span {display:block;padding:0 10px;}
#patch .modfile, #patch .addfile, #patch .delfile, #patch .propset, #patch .binary, #patch .copfile {border:1px solid #ccc;margin:10px 0;}
#patch ins {background:#dfd;text-decoration:none;display:block;padding:0 10px;}
#patch del {background:#fdd;text-decoration:none;display:block;padding:0 10px;}
#patch .lines, .info {color:#888;background:#fff;}
--></style>
<title>[20011] tags/Safari-5522.3/WebCore</title>
</head>
<body>
<div id="msg">
<dl>
<dt>Revision</dt> <dd><a href="http://trac.webkit.org/projects/webkit/changeset/20011">20011</a></dd>
<dt>Author</dt> <dd>bdash</dd>
<dt>Date</dt> <dd>2007-03-07 00:40:07 -0800 (Wed, 07 Mar 2007)</dd>
</dl>
<h3>Log Message</h3>
<pre>Merge in r19977.
2007-03-05 Kevin McCullough <kmccullough@apple.com>
Reviewed by Mark and Dave H.
- rdar://problem/5038491
An oversite of the security fix that prevented remote from loading local is that it
prevents user style sheets when the site is remote. This fixes that.
* loader/Cache.cpp: Propogate and check user style sheet flag.
(WebCore::createResource):
(WebCore::Cache::requestResource):
* loader/Cache.h: Propogate user style sheet flag.
* loader/CachedCSSStyleSheet.cpp: Propogate user style sheet flag.
(WebCore::CachedCSSStyleSheet::CachedCSSStyleSheet):
* loader/CachedCSSStyleSheet.h: Propogate user style sheet flag.
* loader/DocLoader.cpp: Propogate user style sheet flag.
(WebCore::DocLoader::requestResource):
* loader/SubresourceLoader.cpp: Propogate and check user style sheet flag.
(WebCore::SubresourceLoader::create):
* loader/SubresourceLoader.h: Add check for user style sheet flag.
* loader/loader.cpp: Propogate user style sheet flag.
(WebCore::Loader::load):
(WebCore::Loader::servePendingRequests):
* loader/loader.h: Propogate user style sheet flag.</pre>
<h3>Modified Paths</h3>
<ul>
<li><a href="#tagsSafari55223WebCoreChangeLog">tags/Safari-5522.3/WebCore/ChangeLog</a></li>
<li><a href="#tagsSafari55223WebCoreloaderCachecpp">tags/Safari-5522.3/WebCore/loader/Cache.cpp</a></li>
<li><a href="#tagsSafari55223WebCoreloaderCacheh">tags/Safari-5522.3/WebCore/loader/Cache.h</a></li>
<li><a href="#tagsSafari55223WebCoreloaderCachedCSSStyleSheetcpp">tags/Safari-5522.3/WebCore/loader/CachedCSSStyleSheet.cpp</a></li>
<li><a href="#tagsSafari55223WebCoreloaderCachedCSSStyleSheeth">tags/Safari-5522.3/WebCore/loader/CachedCSSStyleSheet.h</a></li>
<li><a href="#tagsSafari55223WebCoreloaderDocLoadercpp">tags/Safari-5522.3/WebCore/loader/DocLoader.cpp</a></li>
<li><a href="#tagsSafari55223WebCoreloaderSubresourceLoadercpp">tags/Safari-5522.3/WebCore/loader/SubresourceLoader.cpp</a></li>
<li><a href="#tagsSafari55223WebCoreloaderSubresourceLoaderh">tags/Safari-5522.3/WebCore/loader/SubresourceLoader.h</a></li>
<li><a href="#tagsSafari55223WebCoreloaderloadercpp">tags/Safari-5522.3/WebCore/loader/loader.cpp</a></li>
<li><a href="#tagsSafari55223WebCoreloaderloaderh">tags/Safari-5522.3/WebCore/loader/loader.h</a></li>
</ul>
</div>
<div id="patch">
<h3>Diff</h3>
<a id="tagsSafari55223WebCoreChangeLog"></a>
<div class="modfile"><h4>Modified: tags/Safari-5522.3/WebCore/ChangeLog (20010 => 20011)</h4>
<pre class="diff"><span>
<span class="info">--- tags/Safari-5522.3/WebCore/ChangeLog 2007-03-07 08:34:50 UTC (rev 20010)
+++ tags/Safari-5522.3/WebCore/ChangeLog 2007-03-07 08:40:07 UTC (rev 20011)
</span><span class="lines">@@ -1,3 +1,28 @@
</span><ins>+2007-03-05 Kevin McCullough <kmccullough@apple.com>
+
+ Reviewed by Mark and Dave H.
+
+ - rdar://problem/5038491
+ An oversite of the security fix that prevented remote from loading local is that it
+ prevents user style sheets when the site is remote. This fixes that.
+
+ * loader/Cache.cpp: Propogate and check user style sheet flag.
+ (WebCore::createResource):
+ (WebCore::Cache::requestResource):
+ * loader/Cache.h: Propogate user style sheet flag.
+ * loader/CachedCSSStyleSheet.cpp: Propogate user style sheet flag.
+ (WebCore::CachedCSSStyleSheet::CachedCSSStyleSheet):
+ * loader/CachedCSSStyleSheet.h: Propogate user style sheet flag.
+ * loader/DocLoader.cpp: Propogate user style sheet flag.
+ (WebCore::DocLoader::requestResource):
+ * loader/SubresourceLoader.cpp: Propogate and check user style sheet flag.
+ (WebCore::SubresourceLoader::create):
+ * loader/SubresourceLoader.h: Add check for user style sheet flag.
+ * loader/loader.cpp: Propogate user style sheet flag.
+ (WebCore::Loader::load):
+ (WebCore::Loader::servePendingRequests):
+ * loader/loader.h: Propogate user style sheet flag.
+
</ins><span class="cx"> 2007-03-05 Alexey Proskuryakov <ap@webkit.org>
</span><span class="cx">
</span><span class="cx"> Reviewed by Darin.
</span></span></pre></div>
<a id="tagsSafari55223WebCoreloaderCachecpp"></a>
<div class="modfile"><h4>Modified: tags/Safari-5522.3/WebCore/loader/Cache.cpp (20010 => 20011)</h4>
<pre class="diff"><span>
<span class="info">--- tags/Safari-5522.3/WebCore/loader/Cache.cpp 2007-03-07 08:34:50 UTC (rev 20010)
+++ tags/Safari-5522.3/WebCore/loader/Cache.cpp 2007-03-07 08:40:07 UTC (rev 20011)
</span><span class="lines">@@ -58,14 +58,14 @@
</span><span class="cx"> {
</span><span class="cx"> }
</span><span class="cx">
</span><del>-static CachedResource* createResource(CachedResource::Type type, DocLoader* docLoader, const KURL& url, time_t expireDate, const String* charset)
</del><ins>+static CachedResource* createResource(CachedResource::Type type, DocLoader* docLoader, const KURL& url, time_t expireDate, const String* charset, bool skipCanLoadCheck = false)
</ins><span class="cx"> {
</span><span class="cx"> switch (type) {
</span><span class="cx"> case CachedResource::ImageResource:
</span><span class="cx"> // User agent images need to null check the docloader. No other resources need to.
</span><span class="cx"> return new CachedImage(docLoader, url.url(), docLoader ? docLoader->cachePolicy() : CachePolicyCache, expireDate);
</span><span class="cx"> case CachedResource::CSSStyleSheet:
</span><del>- return new CachedCSSStyleSheet(docLoader, url.url(), docLoader->cachePolicy(), expireDate, *charset);
</del><ins>+ return new CachedCSSStyleSheet(docLoader, url.url(), docLoader->cachePolicy(), expireDate, *charset, skipCanLoadCheck);
</ins><span class="cx"> case CachedResource::Script:
</span><span class="cx"> return new CachedScript(docLoader, url.url(), docLoader->cachePolicy(), expireDate, *charset);
</span><span class="cx"> #if ENABLE(XSLT)
</span><span class="lines">@@ -83,22 +83,24 @@
</span><span class="cx"> return 0;
</span><span class="cx"> }
</span><span class="cx">
</span><del>-CachedResource* Cache::requestResource(DocLoader* docLoader, CachedResource::Type type, const KURL& url, time_t expireDate, const String* charset)
</del><ins>+CachedResource* Cache::requestResource(DocLoader* docLoader, CachedResource::Type type, const KURL& url, time_t expireDate, const String* charset, bool skipCanLoadCheck)
</ins><span class="cx"> {
</span><span class="cx"> // Look up the resource in our map.
</span><span class="cx"> CachedResource* resource = m_resources.get(url.url());
</span><span class="cx">
</span><span class="cx"> if (resource) {
</span><del>- if (FrameLoader::restrictAccessToLocal()
</del><ins>+ if (!skipCanLoadCheck
+ && FrameLoader::restrictAccessToLocal()
</ins><span class="cx"> && !FrameLoader::canLoad(*resource, docLoader->doc()))
</span><span class="cx"> return 0;
</span><span class="cx"> } else {
</span><del>- if (FrameLoader::restrictAccessToLocal()
</del><ins>+ if (!skipCanLoadCheck
+ && FrameLoader::restrictAccessToLocal()
</ins><span class="cx"> && !FrameLoader::canLoad(url, docLoader->doc()))
</span><span class="cx"> return 0;
</span><span class="cx">
</span><span class="cx"> // The resource does not exist. Create it.
</span><del>- resource = createResource(type, docLoader, url, expireDate, charset);
</del><ins>+ resource = createResource(type, docLoader, url, expireDate, charset, skipCanLoadCheck);
</ins><span class="cx"> ASSERT(resource);
</span><span class="cx"> resource->setInCache(!disabled());
</span><span class="cx"> if (!disabled())
</span></span></pre></div>
<a id="tagsSafari55223WebCoreloaderCacheh"></a>
<div class="modfile"><h4>Modified: tags/Safari-5522.3/WebCore/loader/Cache.h (20010 => 20011)</h4>
<pre class="diff"><span>
<span class="info">--- tags/Safari-5522.3/WebCore/loader/Cache.h 2007-03-07 08:34:50 UTC (rev 20010)
+++ tags/Safari-5522.3/WebCore/loader/Cache.h 2007-03-07 08:40:07 UTC (rev 20011)
</span><span class="lines">@@ -65,7 +65,7 @@
</span><span class="cx">
</span><span class="cx"> // Request resources from the cache. A load will be initiated and a cache object created if the object is not
</span><span class="cx"> // found in the cache.
</span><del>- CachedResource* requestResource(DocLoader*, CachedResource::Type, const KURL& url, time_t expireDate = 0, const String* charset = 0);
</del><ins>+ CachedResource* requestResource(DocLoader*, CachedResource::Type, const KURL& url, time_t expireDate = 0, const String* charset = 0, bool skipCanLoadCheck = false);
</ins><span class="cx">
</span><span class="cx"> // Set/retreive the size of the cache. This will only hold approximately, since the size some
</span><span class="cx"> // cached objects (like stylesheets) take up in memory is not exactly known.
</span></span></pre></div>
<a id="tagsSafari55223WebCoreloaderCachedCSSStyleSheetcpp"></a>
<div class="modfile"><h4>Modified: tags/Safari-5522.3/WebCore/loader/CachedCSSStyleSheet.cpp (20010 => 20011)</h4>
<pre class="diff"><span>
<span class="info">--- tags/Safari-5522.3/WebCore/loader/CachedCSSStyleSheet.cpp 2007-03-07 08:34:50 UTC (rev 20010)
+++ tags/Safari-5522.3/WebCore/loader/CachedCSSStyleSheet.cpp 2007-03-07 08:40:07 UTC (rev 20011)
</span><span class="lines">@@ -39,14 +39,14 @@
</span><span class="cx">
</span><span class="cx"> namespace WebCore {
</span><span class="cx">
</span><del>-CachedCSSStyleSheet::CachedCSSStyleSheet(DocLoader* dl, const String& url, CachePolicy cachePolicy, time_t _expireDate, const String& charset)
</del><ins>+CachedCSSStyleSheet::CachedCSSStyleSheet(DocLoader* dl, const String& url, CachePolicy cachePolicy, time_t _expireDate, const String& charset, bool skipCanLoadCheck)
</ins><span class="cx"> : CachedResource(url, CSSStyleSheet, cachePolicy, _expireDate)
</span><span class="cx"> , m_decoder(new TextResourceDecoder("text/css", charset))
</span><span class="cx"> {
</span><span class="cx"> // Prefer text/css but accept any type (dell.com serves a stylesheet
</span><span class="cx"> // as text/html; see <http://bugs.webkit.org/show_bug.cgi?id=11451>).
</span><span class="cx"> setAccept("text/css,*/*;q=0.1");
</span><del>- cache()->loader()->load(dl, this, false);
</del><ins>+ cache()->loader()->load(dl, this, false, skipCanLoadCheck);
</ins><span class="cx"> m_loading = true;
</span><span class="cx"> }
</span><span class="cx">
</span></span></pre></div>
<a id="tagsSafari55223WebCoreloaderCachedCSSStyleSheeth"></a>
<div class="modfile"><h4>Modified: tags/Safari-5522.3/WebCore/loader/CachedCSSStyleSheet.h (20010 => 20011)</h4>
<pre class="diff"><span>
<span class="info">--- tags/Safari-5522.3/WebCore/loader/CachedCSSStyleSheet.h 2007-03-07 08:34:50 UTC (rev 20010)
+++ tags/Safari-5522.3/WebCore/loader/CachedCSSStyleSheet.h 2007-03-07 08:40:07 UTC (rev 20011)
</span><span class="lines">@@ -39,7 +39,7 @@
</span><span class="cx">
</span><span class="cx"> class CachedCSSStyleSheet : public CachedResource {
</span><span class="cx"> public:
</span><del>- CachedCSSStyleSheet(DocLoader*, const String& URL, CachePolicy, time_t expireDate, const String& charset);
</del><ins>+ CachedCSSStyleSheet(DocLoader*, const String& URL, CachePolicy, time_t expireDate, const String& charset, bool skipCanLoadCheck = false);
</ins><span class="cx"> virtual ~CachedCSSStyleSheet();
</span><span class="cx">
</span><span class="cx"> const String& sheet() const { return m_sheet; }
</span></span></pre></div>
<a id="tagsSafari55223WebCoreloaderDocLoadercpp"></a>
<div class="modfile"><h4>Modified: tags/Safari-5522.3/WebCore/loader/DocLoader.cpp (20010 => 20011)</h4>
<pre class="diff"><span>
<span class="info">--- tags/Safari-5522.3/WebCore/loader/DocLoader.cpp 2007-03-07 08:34:50 UTC (rev 20010)
+++ tags/Safari-5522.3/WebCore/loader/DocLoader.cpp 2007-03-07 08:40:07 UTC (rev 20011)
</span><span class="lines">@@ -131,7 +131,7 @@
</span><span class="cx">
</span><span class="cx"> checkForReload(fullURL);
</span><span class="cx">
</span><del>- CachedResource* resource = cache()->requestResource(this, type, fullURL, m_expireDate, charset);
</del><ins>+ CachedResource* resource = cache()->requestResource(this, type, fullURL, m_expireDate, charset, skipCanLoadCheck);
</ins><span class="cx"> if (resource) {
</span><span class="cx"> m_docResources.set(resource->url(), resource);
</span><span class="cx"> checkCacheObjectStatus(resource);
</span></span></pre></div>
<a id="tagsSafari55223WebCoreloaderSubresourceLoadercpp"></a>
<div class="modfile"><h4>Modified: tags/Safari-5522.3/WebCore/loader/SubresourceLoader.cpp (20010 => 20011)</h4>
<pre class="diff"><span>
<span class="info">--- tags/Safari-5522.3/WebCore/loader/SubresourceLoader.cpp 2007-03-07 08:34:50 UTC (rev 20010)
+++ tags/Safari-5522.3/WebCore/loader/SubresourceLoader.cpp 2007-03-07 08:40:07 UTC (rev 20011)
</span><span class="lines">@@ -81,7 +81,7 @@
</span><span class="cx"> return ResourceLoader::load(r);
</span><span class="cx"> }
</span><span class="cx">
</span><del>-PassRefPtr<SubresourceLoader> SubresourceLoader::create(Frame* frame, SubresourceLoaderClient* client, const ResourceRequest& request)
</del><ins>+PassRefPtr<SubresourceLoader> SubresourceLoader::create(Frame* frame, SubresourceLoaderClient* client, const ResourceRequest& request, bool skipCanLoadCheck)
</ins><span class="cx"> {
</span><span class="cx"> if (!frame)
</span><span class="cx"> return 0;
</span><span class="lines">@@ -92,8 +92,8 @@
</span><span class="cx">
</span><span class="cx"> ResourceRequest newRequest = request;
</span><span class="cx">
</span><del>- // If linked-on-or-after check canLoad
- if (FrameLoader::restrictAccessToLocal()
</del><ins>+ if (!skipCanLoadCheck
+ && FrameLoader::restrictAccessToLocal()
</ins><span class="cx"> && !FrameLoader::canLoad(request.url(), frame->document()))
</span><span class="cx"> return 0;
</span><span class="cx">
</span></span></pre></div>
<a id="tagsSafari55223WebCoreloaderSubresourceLoaderh"></a>
<div class="modfile"><h4>Modified: tags/Safari-5522.3/WebCore/loader/SubresourceLoader.h (20010 => 20011)</h4>
<pre class="diff"><span>
<span class="info">--- tags/Safari-5522.3/WebCore/loader/SubresourceLoader.h 2007-03-07 08:34:50 UTC (rev 20010)
+++ tags/Safari-5522.3/WebCore/loader/SubresourceLoader.h 2007-03-07 08:40:07 UTC (rev 20011)
</span><span class="lines">@@ -49,7 +49,7 @@
</span><span class="cx">
</span><span class="cx"> class SubresourceLoader : public ResourceLoader {
</span><span class="cx"> public:
</span><del>- static PassRefPtr<SubresourceLoader> create(Frame*, SubresourceLoaderClient*, const ResourceRequest&);
</del><ins>+ static PassRefPtr<SubresourceLoader> create(Frame*, SubresourceLoaderClient*, const ResourceRequest&, bool skipCanLoadCheck = false);
</ins><span class="cx">
</span><span class="cx"> virtual ~SubresourceLoader();
</span><span class="cx">
</span></span></pre></div>
<a id="tagsSafari55223WebCoreloaderloadercpp"></a>
<div class="modfile"><h4>Modified: tags/Safari-5522.3/WebCore/loader/loader.cpp (20010 => 20011)</h4>
<pre class="diff"><span>
<span class="info">--- tags/Safari-5522.3/WebCore/loader/loader.cpp 2007-03-07 08:34:50 UTC (rev 20010)
+++ tags/Safari-5522.3/WebCore/loader/loader.cpp 2007-03-07 08:40:07 UTC (rev 20011)
</span><span class="lines">@@ -56,14 +56,14 @@
</span><span class="cx"> deleteAllValues(m_requestsLoading);
</span><span class="cx"> }
</span><span class="cx">
</span><del>-void Loader::load(DocLoader* dl, CachedResource* object, bool incremental)
</del><ins>+void Loader::load(DocLoader* dl, CachedResource* object, bool incremental, bool skipCanLoadCheck)
</ins><span class="cx"> {
</span><span class="cx"> Request* req = new Request(dl, object, incremental);
</span><span class="cx"> m_requestsPending.append(req);
</span><del>- servePendingRequests();
</del><ins>+ servePendingRequests(skipCanLoadCheck);
</ins><span class="cx"> }
</span><span class="cx">
</span><del>-void Loader::servePendingRequests()
</del><ins>+void Loader::servePendingRequests(bool skipCanLoadCheck)
</ins><span class="cx"> {
</span><span class="cx"> if (m_requestsPending.count() == 0)
</span><span class="cx"> return;
</span><span class="lines">@@ -85,7 +85,7 @@
</span><span class="cx"> domain = static_cast<HTMLDocument*>(req->docLoader()->doc())->domain().deprecatedString();
</span><span class="cx"> }
</span><span class="cx">
</span><del>- RefPtr<SubresourceLoader> loader = SubresourceLoader::create(req->docLoader()->doc()->frame(), this, request);
</del><ins>+ RefPtr<SubresourceLoader> loader = SubresourceLoader::create(req->docLoader()->doc()->frame(), this, request, skipCanLoadCheck);
</ins><span class="cx">
</span><span class="cx"> if (loader)
</span><span class="cx"> m_requestsLoading.add(loader.release(), req);
</span></span></pre></div>
<a id="tagsSafari55223WebCoreloaderloaderh"></a>
<div class="modfile"><h4>Modified: tags/Safari-5522.3/WebCore/loader/loader.h (20010 => 20011)</h4>
<pre class="diff"><span>
<span class="info">--- tags/Safari-5522.3/WebCore/loader/loader.h 2007-03-07 08:34:50 UTC (rev 20010)
+++ tags/Safari-5522.3/WebCore/loader/loader.h 2007-03-07 08:40:07 UTC (rev 20011)
</span><span class="lines">@@ -49,7 +49,7 @@
</span><span class="cx"> Loader();
</span><span class="cx"> ~Loader();
</span><span class="cx">
</span><del>- void load(DocLoader*, CachedResource*, bool incremental = true);
</del><ins>+ void load(DocLoader*, CachedResource*, bool incremental = true, bool skipCanLoadCheck = false);
</ins><span class="cx">
</span><span class="cx"> int numRequests(DocLoader*) const;
</span><span class="cx"> void cancelRequests(DocLoader*);
</span><span class="lines">@@ -60,7 +60,7 @@
</span><span class="cx"> virtual void didFinishLoading(SubresourceLoader*);
</span><span class="cx"> virtual void didFail(SubresourceLoader*, const ResourceError&);
</span><span class="cx">
</span><del>- void servePendingRequests();
</del><ins>+ void servePendingRequests(bool skipCanLoadCheck = false);
</ins><span class="cx">
</span><span class="cx"> DeprecatedPtrList<Request> m_requestsPending;
</span><span class="cx"> typedef HashMap<RefPtr<SubresourceLoader>, Request*> RequestMap;
</span></span></pre>
</div>
</div>
</body>
</html>