[webkit-changes] cvs commit: WebKit/WebView.subproj WebFrame.m
WebFrameInternal.h
Adele
adele at opensource.apple.com
Tue Aug 2 09:58:02 PDT 2005
adele 05/08/02 09:58:01
Modified: . Tag: Safari-2-0-branch ChangeLog
WebCoreSupport.subproj Tag: Safari-2-0-branch WebBridge.m
WebView.subproj Tag: Safari-2-0-branch WebFrame.m
WebFrameInternal.h
Log:
Merged fix from TOT to Safari-2-0-branch
2005-05-20 Chris Blumenberg <cblu at apple.com>
Fixed: <rdar://problem/4098786> sync. XMLHttpRequest works w/o AllowNetworkAccess key because load delegate is not consulted
Synchronous loads did not cause the willSendRequest method on the resource load delegate to be called. This is the method that Dashboard uses to enforce AllowNetworkAccess and this must be called to avoid exploits.
Reviewed by sullivan.
* WebCoreSupport.subproj/WebBridge.m:
(-[WebBridge objectLoadedFromCacheWithURL:response:data:]): call [WebFrame _requestFromDelegateForRequest:identifier:error:] then
[WebFrame _saveResourceAndSendRemainingDelegateMessagesWithRequest:identifier:response:data:error:] so synthetic resource load delegate
methods are called and the data is saved as a WebResource for resources in the WebCore cache.
(-[WebBridge syncLoadResourceWithURL:customHeaders:postData:finalURL:responseHeaders:statusCode:]): call [WebFrame _requestFromDelegateForRequest:identifier:error:],
respect its result, do the load and then call [WebFrame _saveResourceAndSendRemainingDelegateMessagesWithRequest:identifier:response:data:error:]
for synchronous loads
* WebView.subproj/WebFrame.m:
(-[WebFrame _opened]): call [WebFrame _requestFromDelegateForRequest:identifier:error:] then
[WebFrame _sendRemainingDelegateMessagesWithIdentifier:response:length:error:] so synthetic resource load delegate methods are called
for subresrources in the page cache
(-[WebFrame _requestFromDelegateForRequest:identifier:error:]): new, was part of the removed _sendResourceLoadDelegateMessagesForURL:::
This method calls identifierForInitialRequest and willSendRequest.
(-[WebFrame _sendRemainingDelegateMessagesWithIdentifier:response:length:error:]): new, was part of the removed _sendResourceLoadDelegateMessagesForURL:::
This method calls the remaining resource load delegate messages.
(-[WebFrame _saveResourceAndSendRemainingDelegateMessagesWithRequest:identifier:response:data:error:]): new, saves the resource and calls
[WebFrame _sendRemainingDelegateMessagesWithIdentifier:response:length:error:]
* WebView.subproj/WebFrameInternal.h:
Revision Changes Path
No revision
No revision
1.3118.4.29 +37 -0 WebKit/ChangeLog
Index: ChangeLog
===================================================================
RCS file: /cvs/root/WebKit/ChangeLog,v
retrieving revision 1.3118.4.28
retrieving revision 1.3118.4.29
diff -u -r1.3118.4.28 -r1.3118.4.29
--- ChangeLog 26 Jul 2005 21:14:10 -0000 1.3118.4.28
+++ ChangeLog 2 Aug 2005 16:57:53 -0000 1.3118.4.29
@@ -1,3 +1,40 @@
+2005-08-02 Adele Peterson <adele at apple.com>
+
+ Merged fix from TOT to Safari-2-0-branch
+
+ 2005-05-20 Chris Blumenberg <cblu at apple.com>
+
+ Fixed: <rdar://problem/4098786> sync. XMLHttpRequest works w/o AllowNetworkAccess key because load delegate is not consulted
+
+ Synchronous loads did not cause the willSendRequest method on the resource load delegate to be called. This is the method that Dashboard uses to enforce AllowNetworkAccess and this must be called to avoid exploits.
+
+ Reviewed by sullivan.
+
+ * WebCoreSupport.subproj/WebBridge.m:
+ (-[WebBridge objectLoadedFromCacheWithURL:response:data:]): call [WebFrame _requestFromDelegateForRequest:identifier:error:] then
+ [WebFrame _saveResourceAndSendRemainingDelegateMessagesWithRequest:identifier:response:data:error:] so synthetic resource load delegate
+ methods are called and the data is saved as a WebResource for resources in the WebCore cache.
+
+ (-[WebBridge syncLoadResourceWithURL:customHeaders:postData:finalURL:responseHeaders:statusCode:]): call [WebFrame _requestFromDelegateForRequest:identifier:error:],
+ respect its result, do the load and then call [WebFrame _saveResourceAndSendRemainingDelegateMessagesWithRequest:identifier:response:data:error:]
+ for synchronous loads
+
+ * WebView.subproj/WebFrame.m:
+ (-[WebFrame _opened]): call [WebFrame _requestFromDelegateForRequest:identifier:error:] then
+ [WebFrame _sendRemainingDelegateMessagesWithIdentifier:response:length:error:] so synthetic resource load delegate methods are called
+ for subresrources in the page cache
+
+ (-[WebFrame _requestFromDelegateForRequest:identifier:error:]): new, was part of the removed _sendResourceLoadDelegateMessagesForURL:::
+ This method calls identifierForInitialRequest and willSendRequest.
+
+ (-[WebFrame _sendRemainingDelegateMessagesWithIdentifier:response:length:error:]): new, was part of the removed _sendResourceLoadDelegateMessagesForURL:::
+ This method calls the remaining resource load delegate messages.
+
+ (-[WebFrame _saveResourceAndSendRemainingDelegateMessagesWithRequest:identifier:response:data:error:]): new, saves the resource and calls
+ [WebFrame _sendRemainingDelegateMessagesWithIdentifier:response:length:error:]
+
+ * WebView.subproj/WebFrameInternal.h:
+
2005-07-26 Adele Peterson <adele at apple.com>
Merged fix from TOT to Safari-2-0-branch
No revision
No revision
1.340.8.6 +35 -24 WebKit/WebCoreSupport.subproj/WebBridge.m
Index: WebBridge.m
===================================================================
RCS file: /cvs/root/WebKit/WebCoreSupport.subproj/WebBridge.m,v
retrieving revision 1.340.8.5
retrieving revision 1.340.8.6
diff -u -r1.340.8.5 -r1.340.8.6
--- WebBridge.m 26 Jul 2005 21:14:14 -0000 1.340.8.5
+++ WebBridge.m 2 Aug 2005 16:57:59 -0000 1.340.8.6
@@ -458,12 +458,13 @@
- (void)objectLoadedFromCacheWithURL:(NSURL *)URL response:(NSURLResponse *)response data:(NSData *)data
{
- WebResource *resource = [[WebResource alloc] _initWithData:data URL:URL response:response];
- ASSERT(resource != nil);
- [[self dataSource] addSubresource:resource];
- [resource release];
-
- [_frame _sendResourceLoadDelegateMessagesForURL:URL response:response length:[data length]];
+ // FIXME: If the WebKit client changes or cancels the request, WebCore does not respect this and continues the load.
+ NSError *error;
+ NSString *identifier;
+ NSURLRequest *request = [[NSURLRequest alloc] initWithURL:URL];
+ [_frame _requestFromDelegateForRequest:request identifier:&identifier error:&error];
+ [_frame _saveResourceAndSendRemainingDelegateMessagesWithRequest:request identifier:identifier response:response data:data error:error];
+ [request release];
}
- (NSData *)syncLoadResourceWithURL:(NSURL *)URL customHeaders:(NSDictionary *)requestHeaders postData:(NSArray *)postData finalURL:(NSURL **)finalURL responseHeaders:(NSDictionary **)responseHeaderDict statusCode:(int *)statusCode
@@ -473,32 +474,39 @@
BOOL hideReferrer;
[self canLoadURL:URL fromReferrer:[self referrer] hideReferrer:&hideReferrer];
- NSMutableURLRequest *newRequest = [[NSMutableURLRequest alloc] initWithURL:URL];
+ NSMutableURLRequest *request = [[NSMutableURLRequest alloc] initWithURL:URL];
if (postData) {
- [newRequest setHTTPMethod:@"POST"];
- webSetHTTPBody(newRequest, postData);
+ [request setHTTPMethod:@"POST"];
+ webSetHTTPBody(request, postData);
}
NSEnumerator *e = [requestHeaders keyEnumerator];
NSString *key;
while ((key = (NSString *)[e nextObject]) != nil) {
- [newRequest addValue:[requestHeaders objectForKey:key] forHTTPHeaderField:key];
+ [request addValue:[requestHeaders objectForKey:key] forHTTPHeaderField:key];
}
// Never use cached data for these requests (xmlhttprequests).
- [newRequest setCachePolicy:[[[self dataSource] request] cachePolicy]];
+ [request setCachePolicy:[[[self dataSource] request] cachePolicy]];
if (!hideReferrer)
- [newRequest setHTTPReferrer:[self referrer]];
+ [request setHTTPReferrer:[self referrer]];
WebView *webView = [_frame webView];
- [newRequest setMainDocumentURL:[[[[webView mainFrame] dataSource] request] URL]];
- [newRequest setHTTPUserAgent:[webView userAgentForURL:[newRequest URL]]];
-
- NSURLResponse *response = nil;
+ [request setMainDocumentURL:[[[[webView mainFrame] dataSource] request] URL]];
+ [request setHTTPUserAgent:[webView userAgentForURL:[request URL]]];
+
NSError *error = nil;
- NSData *result = [NSURLConnection sendSynchronousRequest:newRequest returningResponse:&response error:&error];
-
+ NSString *identifier = nil;
+ NSURLRequest *newRequest = [_frame _requestFromDelegateForRequest:request identifier:&identifier error:&error];
+
+ NSURLResponse *response = nil;
+ NSData *result = nil;
+ if (error == nil) {
+ ASSERT(newRequest != nil);
+ result = [NSURLConnection sendSynchronousRequest:newRequest returningResponse:&response error:&error];
+ }
+
if (error == nil) {
*finalURL = [response URL];
if ([response isKindOfClass:[NSHTTPURLResponse class]]) {
@@ -509,16 +517,19 @@
*responseHeaderDict = [NSDictionary dictionary];
*statusCode = 200;
}
-
- // notify the delegates
- // FIXME: Bridge method name "loaded from cache" doesn't make any sense here.
- [self objectLoadedFromCacheWithURL:URL response:response data:result];
} else {
*finalURL = URL;
*responseHeaderDict = [NSDictionary dictionary];
- *statusCode = 404;
+ if ([error domain] == NSURLErrorDomain) {
+ *statusCode = [error code];
+ } else {
+ *statusCode = 404;
+ }
}
-
+
+ [_frame _saveResourceAndSendRemainingDelegateMessagesWithRequest:newRequest identifier:identifier response:response data:result error:error];
+ [request release];
+
return result;
}
No revision
No revision
1.223.8.6 +78 -27 WebKit/WebView.subproj/WebFrame.m
Index: WebFrame.m
===================================================================
RCS file: /cvs/root/WebKit/WebView.subproj/WebFrame.m,v
retrieving revision 1.223.8.5
retrieving revision 1.223.8.6
diff -u -r1.223.8.5 -r1.223.8.6
--- WebFrame.m 22 Jul 2005 01:18:48 -0000 1.223.8.5
+++ WebFrame.m 2 Aug 2005 16:58:00 -0000 1.223.8.6
@@ -1055,9 +1055,13 @@
int i, count = [responses count];
for (i = 0; i < count; i++){
response = [responses objectAtIndex: i];
- [self _sendResourceLoadDelegateMessagesForURL:[response URL]
- response:response
- length:[response expectedContentLength]];
+ // FIXME: If the WebKit client changes or cancels the request, this is not respected.
+ NSError *error;
+ NSString *identifier;
+ NSURLRequest *request = [[NSURLRequest alloc] initWithURL:[response URL]];
+ [self _requestFromDelegateForRequest:request identifier:&identifier error:&error];
+ [self _sendRemainingDelegateMessagesWithIdentifier:identifier response:response length:[response expectedContentLength] error:error];
+ [request release];
}
// Release the resources kept in the page cache. They will be
@@ -2567,42 +2571,89 @@
formValues:nil];
}
-- (void)_sendResourceLoadDelegateMessagesForURL:(NSURL *)URL response:(NSURLResponse *)response length:(unsigned)length
+- (NSURLRequest *)_requestFromDelegateForRequest:(NSURLRequest *)request identifier:(NSString **)identifier error:(NSError **)error
{
- ASSERT(response != nil);
+ ASSERT(request != nil);
- NSURLRequest *request = [[NSURLRequest alloc] initWithURL:URL];
WebView *wv = [self webView];
id delegate = [wv resourceLoadDelegate];
id sharedDelegate = [WebDefaultResourceLoadDelegate sharedResourceLoadDelegate];
- id identifier;
WebResourceDelegateImplementationCache implementations = [wv _resourceLoadDelegateImplementations];
WebDataSource *dataSource = [self dataSource];
- // No chance for delegate to modify request, so we don't send a willSendRequest:redirectResponse: message.
- if (implementations.delegateImplementsIdentifierForRequest)
- identifier = [delegate webView:wv identifierForInitialRequest: request fromDataSource:dataSource];
- else
- identifier = [sharedDelegate webView:wv identifierForInitialRequest:request fromDataSource:dataSource];
-
- if (implementations.delegateImplementsDidReceiveResponse)
- [delegate webView:wv resource: identifier didReceiveResponse: response fromDataSource:dataSource];
- else
- [sharedDelegate webView:wv resource: identifier didReceiveResponse: response fromDataSource:dataSource];
+ if (implementations.delegateImplementsIdentifierForRequest) {
+ *identifier = [delegate webView:wv identifierForInitialRequest:request fromDataSource:dataSource];
+ } else {
+ *identifier = [sharedDelegate webView:wv identifierForInitialRequest:request fromDataSource:dataSource];
+ }
+
+ NSURLRequest *newRequest;
+ if (implementations.delegateImplementsWillSendRequest) {
+ newRequest = [delegate webView:wv resource:*identifier willSendRequest:request redirectResponse:nil fromDataSource:dataSource];
+ } else {
+ newRequest = [sharedDelegate webView:wv resource:*identifier willSendRequest:request redirectResponse:nil fromDataSource:dataSource];
+ }
- if (implementations.delegateImplementsDidReceiveContentLength)
- [delegate webView:wv resource: identifier didReceiveContentLength:length fromDataSource:dataSource];
- else
- [sharedDelegate webView:wv resource: identifier didReceiveContentLength:length fromDataSource:dataSource];
+ if (newRequest == nil) {
+ *error = [NSError _webKitErrorWithDomain:NSURLErrorDomain code:NSURLErrorCancelled URL:[request URL]];
+ } else {
+ *error = nil;
+ }
- if (implementations.delegateImplementsDidFinishLoadingFromDataSource)
- [delegate webView:wv resource: identifier didFinishLoadingFromDataSource:dataSource];
- else
- [sharedDelegate webView:wv resource: identifier didFinishLoadingFromDataSource:dataSource];
+ return newRequest;
+}
+
+- (void)_sendRemainingDelegateMessagesWithIdentifier:(NSString *)identifier response:(NSURLResponse *)response length:(unsigned)length error:(NSError *)error
+{
+ WebView *wv = [self webView];
+ id delegate = [wv resourceLoadDelegate];
+ id sharedDelegate = [WebDefaultResourceLoadDelegate sharedResourceLoadDelegate];
+ WebResourceDelegateImplementationCache implementations = [wv _resourceLoadDelegateImplementations];
+ WebDataSource *dataSource = [self dataSource];
+
+ if (response != nil) {
+ if (implementations.delegateImplementsDidReceiveResponse) {
+ [delegate webView:wv resource:identifier didReceiveResponse:response fromDataSource:dataSource];
+ } else {
+ [sharedDelegate webView:wv resource:identifier didReceiveResponse:response fromDataSource:dataSource];
+ }
+ }
- [wv _finishedLoadingResourceFromDataSource:dataSource];
+ if (length > 0) {
+ if (implementations.delegateImplementsDidReceiveContentLength) {
+ [delegate webView:wv resource:identifier didReceiveContentLength:length fromDataSource:dataSource];
+ } else {
+ [sharedDelegate webView:wv resource:identifier didReceiveContentLength:length fromDataSource:dataSource];
+ }
+ }
- [request release];
+ if (error == nil) {
+ if (implementations.delegateImplementsDidFinishLoadingFromDataSource) {
+ [delegate webView:wv resource:identifier didFinishLoadingFromDataSource:dataSource];
+ } else {
+ [sharedDelegate webView:wv resource:identifier didFinishLoadingFromDataSource:dataSource];
+ }
+ [wv _finishedLoadingResourceFromDataSource:dataSource];
+ } else {
+ [[wv _resourceLoadDelegateForwarder] webView:wv resource:identifier didFailLoadingWithError:error fromDataSource:dataSource];
+ }
+}
+
+- (void)_saveResourceAndSendRemainingDelegateMessagesWithRequest:(NSURLRequest *)request
+ identifier:(NSString *)identifier
+ response:(NSURLResponse *)response
+ data:(NSData *)data
+ error:(NSError *)error
+{
+ unsigned length = [data length];
+ if (length > 0 && error == nil) {
+ ASSERT(request != nil);
+ WebResource *resource = [[WebResource alloc] _initWithData:data URL:[request URL] response:response];
+ ASSERT(resource != nil);
+ [[self dataSource] addSubresource:resource];
+ [resource release];
+ }
+ [self _sendRemainingDelegateMessagesWithIdentifier:identifier response:response length:length error:error];
}
- (void)_unmarkAllMisspellings
1.7.8.2 +7 -2 WebKit/WebView.subproj/WebFrameInternal.h
Index: WebFrameInternal.h
===================================================================
RCS file: /cvs/root/WebKit/WebView.subproj/WebFrameInternal.h,v
retrieving revision 1.7.8.1
retrieving revision 1.7.8.2
diff -u -r1.7.8.1 -r1.7.8.2
--- WebFrameInternal.h 15 Jul 2005 00:36:22 -0000 1.7.8.1
+++ WebFrameInternal.h 2 Aug 2005 16:58:01 -0000 1.7.8.2
@@ -8,9 +8,14 @@
- (void)_setInternalLoadDelegate:(id)internalLoadDelegate;
- (id)_internalLoadDelegate;
- (void)_safeLoadURL:(NSURL *)URL;
-- (void)_sendResourceLoadDelegateMessagesForURL:(NSURL *)URL response:(NSURLResponse *)response length:(unsigned)length;
- (void)_unmarkAllMisspellings;
-
+- (NSURLRequest *)_requestFromDelegateForRequest:(NSURLRequest *)request identifier:(NSString **)identifier error:(NSError **)error;
+- (void)_sendRemainingDelegateMessagesWithIdentifier:(NSString *)identifier response:(NSURLResponse *)response length:(unsigned)length error:(NSError *)error;
+- (void)_saveResourceAndSendRemainingDelegateMessagesWithRequest:(NSURLRequest *)request
+ identifier:(NSString *)identifier
+ response:(NSURLResponse *)response
+ data:(NSData *)data
+ error:(NSError *)error;
@end
@interface NSObject (WebInternalFrameLoadDelegate)
More information about the webkit-changes
mailing list