Skip to content

GitLab

T
tangled
Switch branch/tag
  1. 28 Mar, 2011 3 commits
    • abarth@webkit.org's avatar
      2011-03-27 Adam Barth <abarth@webkit.org> · 1dd689c0
      abarth@webkit.org authored 
              Reviewed by Eric Seidel.

        Fix script-src redirect handling
        https://bugs.webkit.org/show_bug.cgi?id=57196

        Test both allow => disallow and disallow => allow redirect cases.
        Previously, we had incorrect expectations for one of the redirect
        cases.  Also, I've updated the policy syntax to match the default-src
        syntax.

        * http/tests/security/contentSecurityPolicy/script-src-redirect-expected.txt:
        * http/tests/security/contentSecurityPolicy/script-src-redirect.html:
2011-03-27  Adam Barth  <abarth@webkit.org>

        Reviewed by Eric Seidel.

        Fix script-src redirect handling
        https://bugs.webkit.org/show_bug.cgi?id=57196

        Resource-loading requirements in CSP apply to each hop in the redirect
        chain.  To make that work properly, we need to move enforcement into
        the loader.  Fortunately, we already have a choke-point in the loader
        for enforcing this kind of policy.

        * dom/ScriptElement.cpp:
        (WebCore::ScriptElement::requestScript):
        * html/parser/HTMLDocumentParser.cpp:
        * html/parser/HTMLDocumentParser.h:
        * html/parser/HTMLScriptRunnerHost.h:
        * loader/cache/CachedResourceLoader.cpp:
        (WebCore::CachedResourceLoader::canRequest):
        * page/ContentSecurityPolicy.cpp:
        (WebCore::ContentSecurityPolicy::allowScriptFromSource):
        * page/ContentSecurityPolicy.h:


git-svn-id: svn://svn.chromium.org/blink/trunk@82085 bbb929c8-8fbe-4397-9dbb-9b2b20218538
      1dd689c0
    • jer.noble@apple.com's avatar
      2011-03-27 Jer Noble <jer.noble@apple.com> · b13ab418
      jer.noble@apple.com authored 
              Reviewed by Maciej Stachowiak.

        Full Screen: disable keyboard access by default
        https://bugs.webkit.org/show_bug.cgi?id=56684

        Pass whether keyboard access was requested up to ChromeClient when asking
        if fullscreen mode is supported.

        * dom/Document.cpp:
        (WebCore::Document::webkitRequestFullScreenForElement):
        * page/ChromeClient.h:
        (WebCore::ChromeClient::supportsFullscreenForElement):
2011-03-27  Jer Noble  <jer.noble@apple.com>

        Reviewed by Maciej Stachowiak.

        Full Screen: disable keyboard access by default
        https://bugs.webkit.org/show_bug.cgi?id=56684

        Take into account whether keyboard access was requested when deciding whether full
        screen mode is supported.

        * WebCoreSupport/WebChromeClient.h:
        * WebCoreSupport/WebChromeClient.mm:
        (WebChromeClient::supportsFullScreenForElement):
        * WebView/WebView.mm:
        (-[WebView _supportsFullScreenForElement:WebCore::withKeyboard:]):
        * WebView/WebViewInternal.h:
2011-03-27  Jer Noble  <jer.noble@apple.com>

        Reviewed by Maciej Stachowiak.

        Full Screen: disable keyboard access by default
        https://bugs.webkit.org/show_bug.cgi?id=56684

        Take into account whether keyboard access was requested when deciding whether full
        screen mode is supported.

        * UIProcess/WebFullScreenManagerProxy.cpp:
        (WebKit::WebFullScreenManagerProxy::supportsFullScreen):
        * UIProcess/WebFullScreenManagerProxy.h:
        * UIProcess/WebFullScreenManagerProxy.messages.in:
        * WebProcess/FullScreen/WebFullScreenManager.cpp:
        (WebKit::WebFullScreenManager::supportsFullScreen):
        * WebProcess/FullScreen/WebFullScreenManager.h:
        * WebProcess/WebCoreSupport/WebChromeClient.cpp:
        (WebKit::WebChromeClient::supportsFullScreenForElement):
        * WebProcess/WebCoreSupport/WebChromeClient.h:
2011-03-27  Jer Noble  <jer.noble@apple.com>

        Reviewed by Maciej Stachowiak.

        Full Screen: disable keyboard access by default
        https://bugs.webkit.org/show_bug.cgi?id=56684

        Accept the withKeyboard parameter to supportsFullScreenForElement.

        * DumpRenderTree/mac/UIDelegate.mm:
        (-[UIDelegate webView:supportsFullScreenForElement:withKeyboard:]):

git-svn-id: svn://svn.chromium.org/blink/trunk@82084 bbb929c8-8fbe-4397-9dbb-9b2b20218538
      b13ab418
    • paroga@webkit.org's avatar
      2011-03-27 Patrick Gansterer <paroga@webkit.org> · 7ecd9f4b
      paroga@webkit.org authored 
              Reviewed by David Levin.

        check-webkit-style should check ChangeLog for a valid bug number
        https://bugs.webkit.org/show_bug.cgi?id=57184

        * Scripts/webkitpy/style/checker.py:
        * Scripts/webkitpy/style/checker_unittest.py:
        * Scripts/webkitpy/style/checkers/changelog.py: Added.
        * Scripts/webkitpy/style/checkers/changelog_unittest.py: Added.

git-svn-id: svn://svn.chromium.org/blink/trunk@82083 bbb929c8-8fbe-4397-9dbb-9b2b20218538
      7ecd9f4b
  3. 27 Mar, 2011 28 commits
  5. 26 Mar, 2011 9 commits
    • jer.noble@apple.com's avatar
      2011-03-26 Jer Noble <jer.noble@apple.com> · f071eb10
      jer.noble@apple.com authored 
              Reviewed by Dan Bernstein.

        RenderMedia should obey the view's flattening bit.
        https://bugs.webkit.org/show_bug.cgi?id=57156

        Paint the current frame in software when the associated FrameView
        has its flattening bit set.

        * rendering/RenderVideo.cpp:
        (WebCore::RenderVideo::paintReplaced):

git-svn-id: svn://svn.chromium.org/blink/trunk@82051 bbb929c8-8fbe-4397-9dbb-9b2b20218538
      f071eb10
    • paroga@webkit.org's avatar
      2011-03-26 Patrick Gansterer <paroga@webkit.org> · 1b5950b5
      paroga@webkit.org authored 
              Unreviewed build fix for !ENABLE(DOM_STORAGE).

        * storage/StorageTracker.cpp:
            Added #if ENABLE(DOM_STORAGE) like in the other storage files.

git-svn-id: svn://svn.chromium.org/blink/trunk@82050 bbb929c8-8fbe-4397-9dbb-9b2b20218538
      1b5950b5
    • jeffm@apple.com's avatar
      Add PlatformCertificateInfo::PlatformCertificateInfo(PCCERT_CONTEXT) constructor on Windows · 5ce21734
      jeffm@apple.com authored 
      https://bugs.webkit.org/show_bug.cgi?id=57152
        
Reviewed by Steve Falkenburg.

We're going to need to create a PlatformCertificateInfo with a single certificate on Windows to support client certificates.
Also, stop relying on the fact that the Win32 API CertDuplicateCertificateContext() currently returns the same PCCERT_CONTEXT that you pass to it, since that may change in the future.

* Shared/win/PlatformCertificateInfo.cpp:
(WebKit::PlatformCertificateInfo::PlatformCertificateInfo): Added PlatformCertificateInfo(PCCERT_CONTEXT) construtor. Use return value from CertDuplicateCertificateContext().
(WebKit::PlatformCertificateInfo::operator=): Use return value from CertDuplicateCertificateContext().
* Shared/win/PlatformCertificateInfo.h: Added PlatformCertificateInfo(PCCERT_CONTEXT) construtor.



git-svn-id: svn://svn.chromium.org/blink/trunk@82049 bbb929c8-8fbe-4397-9dbb-9b2b20218538
      5ce21734
    • andersca@apple.com's avatar
      2011-03-26 Anders Carlsson <andersca@apple.com> · a207da3a
      andersca@apple.com authored 
              Reviewed by Sam Weinig.

        Graphic corruption appeared with Silverlight contents while resizing window
        https://bugs.webkit.org/show_bug.cgi?id=57167
        <rdar://problem/9094052>

        Pass DispatchMessageEvenWhenWaitingForSyncReply when sending GeometryDidChange messages since that will guarantee
        that those messages will be handled before PaintEntirePlugin messages which prevents the PaintEntirePlugin handler from
        painting into the wrong backing store.

        * WebProcess/Plugins/PluginProxy.cpp:
        (WebKit::PluginProxy::geometryDidChange):


git-svn-id: svn://svn.chromium.org/blink/trunk@82048 bbb929c8-8fbe-4397-9dbb-9b2b20218538
      a207da3a
    • weinig@apple.com's avatar
      2011-03-26 Sam Weinig <sam@webkit.org> · d56a6098
      weinig@apple.com authored 
              Reviewed by Anders Carlsson.

        Web process considered unresponsive (SPOD shown) when displaying a JavaScript alert() as a result of a click
        <rdar://problem/9067557>
        https://bugs.webkit.org/show_bug.cgi?id=57166

        * UIProcess/WebPageProxy.cpp:
        (WebKit::WebPageProxy::runJavaScriptAlert):
        (WebKit::WebPageProxy::runJavaScriptConfirm):
        (WebKit::WebPageProxy::runJavaScriptPrompt):
        Invalidate the responsiveness timer before calling out to the client.


git-svn-id: svn://svn.chromium.org/blink/trunk@82047 bbb929c8-8fbe-4397-9dbb-9b2b20218538
      d56a6098
    • commit-queue@webkit.org's avatar
      2011-03-26 Andreas Kling <kling@webkit.org> · 657c6f79
      commit-queue@webkit.org authored 
              Reviewed by Kenneth Rohde Christiansen.

        [Qt] Show page icons (favicons) in QtTestBrowser location bar.
        https://bugs.webkit.org/show_bug.cgi?id=57162

        * QtTestBrowser/QtTestBrowser.qrc:
        * QtTestBrowser/favicon.png: Added.
        * QtTestBrowser/locationedit.cpp:
        (defaultPageIcon):
        (LocationEdit::LocationEdit):
        (LocationEdit::setPageIcon):
        (LocationEdit::resizeEvent):
        (LocationEdit::updateInternalGeometry):
        * QtTestBrowser/locationedit.h:
        * QtTestBrowser/mainwindow.cpp:
        (MainWindow::buildUI):
        (MainWindow::onIconChanged):
        (MainWindow::onLoadStarted):
        * QtTestBrowser/mainwindow.h:

git-svn-id: svn://svn.chromium.org/blink/trunk@82046 bbb929c8-8fbe-4397-9dbb-9b2b20218538
      657c6f79
    • andersca@apple.com's avatar
      2011-03-26 Anders Carlsson <andersca@apple.com> · ee63dac3
      andersca@apple.com authored 
              Reviewed by Sam Weinig.

        ASSERTION FAILED: m_operationInProgress == NoOperation loading nytimes.com
        https://bugs.webkit.org/show_bug.cgi?id=57165
        <rdar://problem/9024311>

        The assertion fired because during GC, the web process sends a synchronous NPObjectMessageReceiver::Deallocate
        message to the plug-in process. Since this is a synchronous message, the web process needs to process incoming synchronous
        messages. While waiting, we get an incoming PluginProxy::Evaluate message from the plug-in. This causes JavaScript to run
        during GC which is very bad.

        The fix for this is to add a flag on the connection that will cause synchronous messages sent by the connection (in this case the
        plug-in process) to not be processed while the other side (the web process) is waiting for a synchronous reply _unless_ the connection
        is actually processing a synchronous message. (The last part is to avoid deadlocks).

        Since the call to NPN_Evaluate by the plug-in (that ends up sending the PluginProxy::Evaluate message) comes from a run loop timer firing,
        it's OK to wait for it to be processed by the web process when it returns to the run loop.

        * Platform/CoreIPC/Connection.cpp:
        (CoreIPC::Connection::Connection):
        Initialize m_onlySendMessagesAsDispatchWhenWaitingForSyncReplyWhenProcessingSuchAMessage and m_inDispatchMessageMarkedDispatchWhenWaitingForSyncReplyCount.

        (CoreIPC::Connection::setOnlySendMessagesAsDispatchWhenWaitingForSyncReplyWhenProcessingSuchAMessage):
        Set m_onlySendMessagesAsDispatchWhenWaitingForSyncReplyWhenProcessingSuchAMessage.

        (CoreIPC::Connection::sendMessage):
        Don't add the MessageID::DispatchMessageWhenWaitingForSyncReply flag when the right flags has been set on the connection, and it's not processing a synchronous message.

        (CoreIPC::Connection::dispatchMessage):
        Increment and decrement m_inDispatchMessageMarkedDispatchWhenWaitingForSyncReplyCount accordingly.

        * PluginProcess/WebProcessConnection.cpp:
        (WebKit::WebProcessConnection::WebProcessConnection):
        Call setOnlySendMessagesAsDispatchWhenWaitingForSyncReplyWhenProcessingSuchAMessage on the connection.


git-svn-id: svn://svn.chromium.org/blink/trunk@82045 bbb929c8-8fbe-4397-9dbb-9b2b20218538
      ee63dac3
    • commit-queue@webkit.org's avatar
      2011-03-26 Kwang Yul Seo <skyul@company100.net> · 8fa9d46a
      commit-queue@webkit.org authored 
              Reviewed by Benjamin Poulain.

        [Qt] Remove GraphicsLayerTextureMapper::nativeLayer
        https://bugs.webkit.org/show_bug.cgi?id=57141

        GraphicsLayer::nativeLayer was removed in r73380.

        * platform/graphics/texmap/GraphicsLayerTextureMapper.cpp:
        * platform/graphics/texmap/GraphicsLayerTextureMapper.h:

git-svn-id: svn://svn.chromium.org/blink/trunk@82044 bbb929c8-8fbe-4397-9dbb-9b2b20218538
      8fa9d46a
    • weinig@apple.com's avatar
      Rollout r82042 (If a user doesn't have a Database/LocalStorage directory, it... · 829e1edb
      weinig@apple.com authored 
      Rollout r82042 (If a user doesn't have a Database/LocalStorage directory, it can't be created (sandbox violations))

-[NSString stringByResolvingSymlinksInPath] does not do what we needed for paths within /private.
This caused all SSL sites to stop working.

* WebProcess/mac/WebProcessMac.mm:
(WebKit::appendSandboxParameterPath):
(WebKit::initializeSandbox):



git-svn-id: svn://svn.chromium.org/blink/trunk@82043 bbb929c8-8fbe-4397-9dbb-9b2b20218538
      829e1edb