[webkit-changes] [WebKit/WebKit] e892b0: Use more smart pointers for ContentSecurityPolicy

Chris Dumez noreply at github.com
Tue Nov 7 16:16:13 PST 2023 

  Branch: refs/heads/main
  Home:   https://github.com/WebKit/WebKit
  Commit: e892b0c3f9bd2b95d77771979d17f56bfad1958c
      https://github.com/WebKit/WebKit/commit/e892b0c3f9bd2b95d77771979d17f56bfad1958c
  Author: Chris Dumez <cdumez at apple.com>
  Date:   2023-11-07 (Tue, 07 Nov 2023)

  Changed paths:
    M Source/WebCore/Modules/beacon/NavigatorBeacon.cpp
    M Source/WebCore/Modules/fetch/FetchLoader.cpp
    M Source/WebCore/Modules/websockets/WebSocket.cpp
    M Source/WebCore/bindings/js/CachedScriptFetcher.cpp
    M Source/WebCore/bindings/js/JSDOMWindowBase.cpp
    M Source/WebCore/bindings/js/JSEventListener.cpp
    M Source/WebCore/bindings/js/JSLazyEventListener.cpp
    M Source/WebCore/bindings/js/ScriptController.cpp
    M Source/WebCore/bindings/js/ScriptController.h
    M Source/WebCore/bindings/js/WorkerModuleScriptLoader.cpp
    M Source/WebCore/bindings/js/WorkerModuleScriptLoader.h
    M Source/WebCore/dom/Document.cpp
    M Source/WebCore/dom/Document.h
    M Source/WebCore/dom/DocumentInlines.h
    M Source/WebCore/dom/Element.cpp
    M Source/WebCore/dom/InlineStyleSheetOwner.cpp
    M Source/WebCore/dom/ScriptElement.cpp
    M Source/WebCore/dom/StyledElement.cpp
    M Source/WebCore/html/HTMLLinkElement.cpp
    M Source/WebCore/html/HTMLMediaElement.cpp
    M Source/WebCore/html/HTMLPlugInImageElement.cpp
    M Source/WebCore/html/HTMLTrackElement.cpp
    M Source/WebCore/html/parser/HTMLResourcePreloader.cpp
    M Source/WebCore/loader/DocumentThreadableLoader.cpp
    M Source/WebCore/loader/DocumentThreadableLoader.h
    M Source/WebCore/loader/FormSubmission.cpp
    M Source/WebCore/loader/FrameLoader.cpp
    M Source/WebCore/loader/MixedContentChecker.cpp
    M Source/WebCore/loader/PingLoader.cpp
    M Source/WebCore/loader/PolicyChecker.cpp
    M Source/WebCore/loader/SubframeLoader.cpp
    M Source/WebCore/loader/WorkerThreadableLoader.cpp
    M Source/WebCore/loader/appcache/ApplicationCacheHost.cpp
    M Source/WebCore/loader/cache/CachedResourceLoader.cpp
    M Source/WebCore/loader/cache/CachedResourceRequest.cpp
    M Source/WebCore/page/EventSource.cpp
    M Source/WebCore/page/LocalDOMWindow.cpp
    M Source/WebCore/workers/AbstractWorker.cpp
    M Source/WebCore/workers/Worker.cpp
    M Source/WebCore/workers/WorkerGlobalScope.cpp
    M Source/WebCore/workers/service/ServiceWorkerContainer.cpp
    M Source/WebCore/workers/service/background-fetch/BackgroundFetchManager.cpp
    M Source/WebCore/workers/shared/SharedWorker.cpp
    M Source/WebCore/worklets/Worklet.cpp
    M Source/WebCore/xml/XMLHttpRequest.cpp
    M Source/WebCore/xml/XSLTProcessor.cpp
    M Source/WebKit/NetworkProcess/NetworkLoadChecker.cpp

  Log Message:
  -----------
  Use more smart pointers for ContentSecurityPolicy
https://bugs.webkit.org/show_bug.cgi?id=264261

Reviewed by Brent Fulgham.

* Source/WebCore/Modules/beacon/NavigatorBeacon.cpp:
(WebCore::NavigatorBeacon::sendBeacon):
* Source/WebCore/Modules/fetch/FetchLoader.cpp:
(WebCore::FetchLoader::start):
* Source/WebCore/Modules/websockets/WebSocket.cpp:
(WebCore::WebSocket::connect):
* Source/WebCore/bindings/js/CachedScriptFetcher.cpp:
(WebCore::CachedScriptFetcher::requestScriptWithCache const):
* Source/WebCore/bindings/js/JSDOMWindowBase.cpp:
(WebCore::JSDOMWindowBase::reportViolationForUnsafeEval):
* Source/WebCore/bindings/js/JSEventListener.cpp:
(WebCore::JSEventListener::handleEvent):
* Source/WebCore/bindings/js/JSLazyEventListener.cpp:
(WebCore::JSLazyEventListener::initializeJSFunction const):
* Source/WebCore/bindings/js/ScriptController.cpp:
(WebCore::ScriptController::initScriptForWindowProxy):
(WebCore::ScriptController::protectedFrame const):
(WebCore::ScriptController::executeJavaScriptURL):
* Source/WebCore/bindings/js/ScriptController.h:
* Source/WebCore/bindings/js/WorkerModuleScriptLoader.cpp:
(WebCore::WorkerModuleScriptLoader::~WorkerModuleScriptLoader):
(WebCore::WorkerModuleScriptLoader::load):
(WebCore::WorkerModuleScriptLoader::protectedScriptLoader):
* Source/WebCore/bindings/js/WorkerModuleScriptLoader.h:
* Source/WebCore/dom/Document.cpp:
(WebCore::Document::processBaseElement):
(WebCore::Document::processMetaHttpEquiv):
(WebCore::Document::initSecurityContext):
(WebCore::Document::initContentSecurityPolicy):
(WebCore::Document::applyQuickLookSandbox):
* Source/WebCore/dom/Element.cpp:
(WebCore::Element::hideNonceSlow):
* Source/WebCore/dom/InlineStyleSheetOwner.cpp:
(WebCore::InlineStyleSheetOwner::createSheet):
* Source/WebCore/dom/ScriptElement.cpp:
(WebCore::ScriptElement::requestClassicScript):
(WebCore::ScriptElement::requestModuleScript):
(WebCore::ScriptElement::requestImportMap):
(WebCore::ScriptElement::executeClassicScript):
(WebCore::ScriptElement::registerImportMap):
* Source/WebCore/dom/StyledElement.cpp:
(WebCore::StyledElement::styleAttributeChanged):
* Source/WebCore/html/HTMLLinkElement.cpp:
(WebCore::HTMLLinkElement::process):
* Source/WebCore/html/HTMLMediaElement.cpp:
(WebCore::isAllowedToLoadMediaURL):
* Source/WebCore/html/HTMLPlugInImageElement.cpp:
(WebCore::HTMLPlugInImageElement::canLoadPlugInContent const):
* Source/WebCore/html/HTMLTrackElement.cpp:
(WebCore::HTMLTrackElement::canLoadURL):
* Source/WebCore/html/parser/HTMLResourcePreloader.cpp:
(WebCore::PreloadRequest::resourceRequest):
* Source/WebCore/loader/DocumentThreadableLoader.cpp:
(WebCore::DocumentThreadableLoader::DocumentThreadableLoader):
(WebCore::DocumentThreadableLoader::isAllowedByContentSecurityPolicy):
(WebCore::DocumentThreadableLoader::checkedContentSecurityPolicy const):
* Source/WebCore/loader/DocumentThreadableLoader.h:
* Source/WebCore/loader/FormSubmission.cpp:
(WebCore::FormSubmission::create):
* Source/WebCore/loader/FrameLoader.cpp:
(WebCore::FrameLoader::clear):
(WebCore::FrameLoader::didBeginDocument):
(WebCore::FrameLoader::checkIfFormActionAllowedByCSP const):
(WebCore::FrameLoader::loadPostRequest):
(WebCore::FrameLoader::loadResourceSynchronously):
(WebCore::FrameLoader::continueLoadAfterNewWindowPolicy):
(WebCore::createWindow):
* Source/WebCore/loader/MixedContentChecker.cpp:
(WebCore::MixedContentChecker::frameAndAncestorsCanDisplayInsecureContent):
(WebCore::MixedContentChecker::frameAndAncestorsCanRunInsecureContent):
* Source/WebCore/loader/PingLoader.cpp:
(WebCore::PingLoader::loadImage):
(WebCore::PingLoader::sendPing):
(WebCore::PingLoader::sendViolationReport):
* Source/WebCore/loader/PolicyChecker.cpp:
(WebCore::isAllowedByContentSecurityPolicy):
* Source/WebCore/loader/SubframeLoader.cpp:
(WebCore::canLoadJavaScriptURL):
(WebCore::FrameLoader::SubframeLoader::requestObject):
(WebCore::FrameLoader::SubframeLoader::loadOrRedirectSubframe):
* Source/WebCore/loader/WorkerThreadableLoader.cpp:
(WebCore::m_contextIdentifier):
* Source/WebCore/loader/appcache/ApplicationCacheHost.cpp:
(WebCore::ApplicationCacheHost::shouldLoadResourceFromApplicationCache):
* Source/WebCore/loader/cache/CachedResourceLoader.cpp:
(WebCore::CachedResourceLoader::allowedByContentSecurityPolicy const):
* Source/WebCore/loader/cache/CachedResourceRequest.cpp:
(WebCore::upgradeInsecureResourceRequestIfNeeded):
* Source/WebCore/page/EventSource.cpp:
(WebCore::EventSource::create):
* Source/WebCore/page/LocalDOMWindow.cpp:
(WebCore::LocalDOMWindow::setTimeout):
(WebCore::LocalDOMWindow::setInterval):
(WebCore::LocalDOMWindow::setLocation):
* Source/WebCore/workers/AbstractWorker.cpp:
(WebCore::AbstractWorker::resolveURL):
* Source/WebCore/workers/Worker.cpp:
(WebCore::Worker::notifyFinished):
* Source/WebCore/workers/WorkerGlobalScope.cpp:
(WebCore::WorkerGlobalScope::applyContentSecurityPolicyResponseHeaders):
(WebCore::WorkerGlobalScope::setTimeout):
(WebCore::WorkerGlobalScope::setInterval):
(WebCore::WorkerGlobalScope::importScripts):
* Source/WebCore/workers/service/ServiceWorkerContainer.cpp:
(WebCore::ServiceWorkerContainer::addRegistration):
* Source/WebCore/workers/service/background-fetch/BackgroundFetchManager.cpp:
(WebCore::BackgroundFetchManager::fetch):
* Source/WebCore/workers/shared/SharedWorker.cpp:
(WebCore::SharedWorker::create):
* Source/WebCore/worklets/Worklet.cpp:
(WebCore::Worklet::addModule):
* Source/WebCore/xml/XMLHttpRequest.cpp:
(WebCore::XMLHttpRequest::open):
(WebCore::XMLHttpRequest::prepareToSend):
* Source/WebCore/xml/XSLTProcessor.cpp:
(WebCore::XSLTProcessor::createDocumentFromSource):
* Source/WebKit/NetworkProcess/NetworkLoadChecker.cpp:
(WebKit::NetworkLoadChecker::checkRequest):
(WebKit::NetworkLoadChecker::isAllowedByContentSecurityPolicy):

Canonical link: https://commits.webkit.org/270359@main

More information about the webkit-changes mailing list