<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN"
"http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head><meta http-equiv="content-type" content="text/html; charset=utf-8" />
<title>[172293] trunk/Source/WebCore</title>
</head>
<body>
<style type="text/css"><!--
#msg dl.meta { border: 1px #006 solid; background: #369; padding: 6px; color: #fff; }
#msg dl.meta dt { float: left; width: 6em; font-weight: bold; }
#msg dt:after { content:':';}
#msg dl, #msg dt, #msg ul, #msg li, #header, #footer, #logmsg { font-family: verdana,arial,helvetica,sans-serif; font-size: 10pt; }
#msg dl a { font-weight: bold}
#msg dl a:link { color:#fc3; }
#msg dl a:active { color:#ff0; }
#msg dl a:visited { color:#cc6; }
h3 { font-family: verdana,arial,helvetica,sans-serif; font-size: 10pt; font-weight: bold; }
#msg pre { overflow: auto; background: #ffc; border: 1px #fa0 solid; padding: 6px; }
#logmsg { background: #ffc; border: 1px #fa0 solid; padding: 1em 1em 0 1em; }
#logmsg p, #logmsg pre, #logmsg blockquote { margin: 0 0 1em 0; }
#logmsg p, #logmsg li, #logmsg dt, #logmsg dd { line-height: 14pt; }
#logmsg h1, #logmsg h2, #logmsg h3, #logmsg h4, #logmsg h5, #logmsg h6 { margin: .5em 0; }
#logmsg h1:first-child, #logmsg h2:first-child, #logmsg h3:first-child, #logmsg h4:first-child, #logmsg h5:first-child, #logmsg h6:first-child { margin-top: 0; }
#logmsg ul, #logmsg ol { padding: 0; list-style-position: inside; margin: 0 0 0 1em; }
#logmsg ul { text-indent: -1em; padding-left: 1em; }#logmsg ol { text-indent: -1.5em; padding-left: 1.5em; }
#logmsg > ul, #logmsg > ol { margin: 0 0 1em 0; }
#logmsg pre { background: #eee; padding: 1em; }
#logmsg blockquote { border: 1px solid #fa0; border-left-width: 10px; padding: 1em 1em 0 1em; background: white;}
#logmsg dl { margin: 0; }
#logmsg dt { font-weight: bold; }
#logmsg dd { margin: 0; padding: 0 0 0.5em 0; }
#logmsg dd:before { content:'\00bb';}
#logmsg table { border-spacing: 0px; border-collapse: collapse; border-top: 4px solid #fa0; border-bottom: 1px solid #fa0; background: #fff; }
#logmsg table th { text-align: left; font-weight: normal; padding: 0.2em 0.5em; border-top: 1px dotted #fa0; }
#logmsg table td { text-align: right; border-top: 1px dotted #fa0; padding: 0.2em 0.5em; }
#logmsg table thead th { text-align: center; border-bottom: 1px solid #fa0; }
#logmsg table th.Corner { text-align: left; }
#logmsg hr { border: none 0; border-top: 2px dashed #fa0; height: 1px; }
#header, #footer { color: #fff; background: #636; border: 1px #300 solid; padding: 6px; }
#patch { width: 100%; }
#patch h4 {font-family: verdana,arial,helvetica,sans-serif;font-size:10pt;padding:8px;background:#369;color:#fff;margin:0;}
#patch .propset h4, #patch .binary h4 {margin:0;}
#patch pre {padding:0;line-height:1.2em;margin:0;}
#patch .diff {width:100%;background:#eee;padding: 0 0 10px 0;overflow:auto;}
#patch .propset .diff, #patch .binary .diff {padding:10px 0;}
#patch span {display:block;padding:0 10px;}
#patch .modfile, #patch .addfile, #patch .delfile, #patch .propset, #patch .binary, #patch .copfile {border:1px solid #ccc;margin:10px 0;}
#patch ins {background:#dfd;text-decoration:none;display:block;padding:0 10px;}
#patch del {background:#fdd;text-decoration:none;display:block;padding:0 10px;}
#patch .lines, .info {color:#888;background:#fff;}
--></style>
<div id="msg">
<dl class="meta">
<dt>Revision</dt> <dd><a href="http://trac.webkit.org/projects/webkit/changeset/172293">172293</a></dd>
<dt>Author</dt> <dd>aestes@apple.com</dd>
<dt>Date</dt> <dd>2014-08-07 15:27:18 -0700 (Thu, 07 Aug 2014)</dd>
</dl>
<h3>Log Message</h3>
<pre>[Mac] Parental Controls content filter is mistakenly enabled for HTTP responses
https://bugs.webkit.org/show_bug.cgi?id=135730
Reviewed by Brady Eidson.
On the Mac, the WebFilterEvaluator (Parental Controls) content filter should only be enabled for HTTPS
responses. During iOS upstreaming we mistakenly enabled it for HTTP responses as well, and this causes HTTP
responses to be filtered twice -- once by the Parental Controls HTTP proxy and once by WebCore. Revert to the
pre-upstreaming behavior and only enable the content filter for HTTPS responses.
No new tests. Content filtering is not testable from WebKit.
* loader/DocumentLoader.cpp:
(WebCore::DocumentLoader::responseReceived): Passed the response to ContentFilter::canHandleResponse().
* platform/ContentFilter.h:
* platform/mac/ContentFilterMac.mm:
(WebCore::ContentFilter::canHandleResponse): Renamed from isEnabled(). Checks the response's scheme on Mac to
determine whether WebFilterEvaluator should be used.
(WebCore::ContentFilter::isEnabled): Deleted.</pre>
<h3>Modified Paths</h3>
<ul>
<li><a href="#trunkSourceWebCoreChangeLog">trunk/Source/WebCore/ChangeLog</a></li>
<li><a href="#trunkSourceWebCoreloaderDocumentLoadercpp">trunk/Source/WebCore/loader/DocumentLoader.cpp</a></li>
<li><a href="#trunkSourceWebCoreplatformContentFilterh">trunk/Source/WebCore/platform/ContentFilter.h</a></li>
<li><a href="#trunkSourceWebCoreplatformmacContentFilterMacmm">trunk/Source/WebCore/platform/mac/ContentFilterMac.mm</a></li>
</ul>
</div>
<div id="patch">
<h3>Diff</h3>
<a id="trunkSourceWebCoreChangeLog"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/ChangeLog (172292 => 172293)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/ChangeLog 2014-08-07 22:26:02 UTC (rev 172292)
+++ trunk/Source/WebCore/ChangeLog 2014-08-07 22:27:18 UTC (rev 172293)
</span><span class="lines">@@ -1,3 +1,25 @@
</span><ins>+2014-08-07 Andy Estes <aestes@apple.com>
+
+ [Mac] Parental Controls content filter is mistakenly enabled for HTTP responses
+ https://bugs.webkit.org/show_bug.cgi?id=135730
+
+ Reviewed by Brady Eidson.
+
+ On the Mac, the WebFilterEvaluator (Parental Controls) content filter should only be enabled for HTTPS
+ responses. During iOS upstreaming we mistakenly enabled it for HTTP responses as well, and this causes HTTP
+ responses to be filtered twice -- once by the Parental Controls HTTP proxy and once by WebCore. Revert to the
+ pre-upstreaming behavior and only enable the content filter for HTTPS responses.
+
+ No new tests. Content filtering is not testable from WebKit.
+
+ * loader/DocumentLoader.cpp:
+ (WebCore::DocumentLoader::responseReceived): Passed the response to ContentFilter::canHandleResponse().
+ * platform/ContentFilter.h:
+ * platform/mac/ContentFilterMac.mm:
+ (WebCore::ContentFilter::canHandleResponse): Renamed from isEnabled(). Checks the response's scheme on Mac to
+ determine whether WebFilterEvaluator should be used.
+ (WebCore::ContentFilter::isEnabled): Deleted.
+
</ins><span class="cx"> 2014-08-07 Beth Dakin <bdakin@apple.com>
</span><span class="cx">
</span><span class="cx"> Fixed backgrounds don't paint in blurred inset areas
</span></span></pre></div>
<a id="trunkSourceWebCoreloaderDocumentLoadercpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/loader/DocumentLoader.cpp (172292 => 172293)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/loader/DocumentLoader.cpp 2014-08-07 22:26:02 UTC (rev 172292)
+++ trunk/Source/WebCore/loader/DocumentLoader.cpp 2014-08-07 22:27:18 UTC (rev 172293)
</span><span class="lines">@@ -663,7 +663,7 @@
</span><span class="cx"> #endif
</span><span class="cx">
</span><span class="cx"> #if ENABLE(CONTENT_FILTERING)
</span><del>- if (response.url().protocolIsInHTTPFamily() && ContentFilter::isEnabled())
</del><ins>+ if (ContentFilter::canHandleResponse(response))
</ins><span class="cx"> m_contentFilter = std::make_unique<ContentFilter>(response);
</span><span class="cx"> #endif
</span><span class="cx">
</span></span></pre></div>
<a id="trunkSourceWebCoreplatformContentFilterh"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/platform/ContentFilter.h (172292 => 172293)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/platform/ContentFilter.h 2014-08-07 22:26:02 UTC (rev 172292)
+++ trunk/Source/WebCore/platform/ContentFilter.h 2014-08-07 22:27:18 UTC (rev 172293)
</span><span class="lines">@@ -57,7 +57,7 @@
</span><span class="cx">
</span><span class="cx"> class ContentFilter {
</span><span class="cx"> public:
</span><del>- static bool isEnabled();
</del><ins>+ static bool canHandleResponse(const ResourceResponse&);
</ins><span class="cx">
</span><span class="cx"> explicit ContentFilter(const ResourceResponse&);
</span><span class="cx"> ~ContentFilter();
</span></span></pre></div>
<a id="trunkSourceWebCoreplatformmacContentFilterMacmm"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/platform/mac/ContentFilterMac.mm (172292 => 172293)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/platform/mac/ContentFilterMac.mm 2014-08-07 22:26:02 UTC (rev 172292)
+++ trunk/Source/WebCore/platform/mac/ContentFilterMac.mm 2014-08-07 22:27:18 UTC (rev 172293)
</span><span class="lines">@@ -124,13 +124,23 @@
</span><span class="cx"> #endif
</span><span class="cx"> }
</span><span class="cx">
</span><del>-bool ContentFilter::isEnabled()
</del><ins>+bool ContentFilter::canHandleResponse(const ResourceResponse& response)
</ins><span class="cx"> {
</span><del>- return [getWebFilterEvaluatorClass() isManagedSession]
</del><ins>+ if (!response.url().protocolIsInHTTPFamily())
+ return false;
+
+ if ([getWebFilterEvaluatorClass() isManagedSession]) {
+#if PLATFORM(MAC)
+ if (response.url().protocolIs("https"))
+#endif
+ return true;
+ }
+
</ins><span class="cx"> #if HAVE(NE_FILTER_SOURCE)
</span><del>- || [getNEFilterSourceClass() filterRequired]
</del><ins>+ return [getNEFilterSourceClass() filterRequired];
+#else
+ return false;
</ins><span class="cx"> #endif
</span><del>- ;
</del><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> void ContentFilter::addData(const char* data, int length)
</span></span></pre>
</div>
</div>
</body>
</html>