<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN"
"http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head><meta http-equiv="content-type" content="text/html; charset=utf-8" />
<title>[204834] releases/WebKitGTK/webkit-2.12/Source/WebCore</title>
</head>
<body>
<style type="text/css"><!--
#msg dl.meta { border: 1px #006 solid; background: #369; padding: 6px; color: #fff; }
#msg dl.meta dt { float: left; width: 6em; font-weight: bold; }
#msg dt:after { content:':';}
#msg dl, #msg dt, #msg ul, #msg li, #header, #footer, #logmsg { font-family: verdana,arial,helvetica,sans-serif; font-size: 10pt; }
#msg dl a { font-weight: bold}
#msg dl a:link { color:#fc3; }
#msg dl a:active { color:#ff0; }
#msg dl a:visited { color:#cc6; }
h3 { font-family: verdana,arial,helvetica,sans-serif; font-size: 10pt; font-weight: bold; }
#msg pre { overflow: auto; background: #ffc; border: 1px #fa0 solid; padding: 6px; }
#logmsg { background: #ffc; border: 1px #fa0 solid; padding: 1em 1em 0 1em; }
#logmsg p, #logmsg pre, #logmsg blockquote { margin: 0 0 1em 0; }
#logmsg p, #logmsg li, #logmsg dt, #logmsg dd { line-height: 14pt; }
#logmsg h1, #logmsg h2, #logmsg h3, #logmsg h4, #logmsg h5, #logmsg h6 { margin: .5em 0; }
#logmsg h1:first-child, #logmsg h2:first-child, #logmsg h3:first-child, #logmsg h4:first-child, #logmsg h5:first-child, #logmsg h6:first-child { margin-top: 0; }
#logmsg ul, #logmsg ol { padding: 0; list-style-position: inside; margin: 0 0 0 1em; }
#logmsg ul { text-indent: -1em; padding-left: 1em; }#logmsg ol { text-indent: -1.5em; padding-left: 1.5em; }
#logmsg > ul, #logmsg > ol { margin: 0 0 1em 0; }
#logmsg pre { background: #eee; padding: 1em; }
#logmsg blockquote { border: 1px solid #fa0; border-left-width: 10px; padding: 1em 1em 0 1em; background: white;}
#logmsg dl { margin: 0; }
#logmsg dt { font-weight: bold; }
#logmsg dd { margin: 0; padding: 0 0 0.5em 0; }
#logmsg dd:before { content:'\00bb';}
#logmsg table { border-spacing: 0px; border-collapse: collapse; border-top: 4px solid #fa0; border-bottom: 1px solid #fa0; background: #fff; }
#logmsg table th { text-align: left; font-weight: normal; padding: 0.2em 0.5em; border-top: 1px dotted #fa0; }
#logmsg table td { text-align: right; border-top: 1px dotted #fa0; padding: 0.2em 0.5em; }
#logmsg table thead th { text-align: center; border-bottom: 1px solid #fa0; }
#logmsg table th.Corner { text-align: left; }
#logmsg hr { border: none 0; border-top: 2px dashed #fa0; height: 1px; }
#header, #footer { color: #fff; background: #636; border: 1px #300 solid; padding: 6px; }
#patch { width: 100%; }
#patch h4 {font-family: verdana,arial,helvetica,sans-serif;font-size:10pt;padding:8px;background:#369;color:#fff;margin:0;}
#patch .propset h4, #patch .binary h4 {margin:0;}
#patch pre {padding:0;line-height:1.2em;margin:0;}
#patch .diff {width:100%;background:#eee;padding: 0 0 10px 0;overflow:auto;}
#patch .propset .diff, #patch .binary .diff {padding:10px 0;}
#patch span {display:block;padding:0 10px;}
#patch .modfile, #patch .addfile, #patch .delfile, #patch .propset, #patch .binary, #patch .copfile {border:1px solid #ccc;margin:10px 0;}
#patch ins {background:#dfd;text-decoration:none;display:block;padding:0 10px;}
#patch del {background:#fdd;text-decoration:none;display:block;padding:0 10px;}
#patch .lines, .info {color:#888;background:#fff;}
--></style>
<div id="msg">
<dl class="meta">
<dt>Revision</dt> <dd><a href="http://trac.webkit.org/projects/webkit/changeset/204834">204834</a></dd>
<dt>Author</dt> <dd>carlosgc@webkit.org</dd>
<dt>Date</dt> <dd>2016-08-23 06:43:58 -0700 (Tue, 23 Aug 2016)</dd>
</dl>
<h3>Log Message</h3>
<pre>Merge <a href="http://trac.webkit.org/projects/webkit/changeset/203013">r203013</a> - Move shouldInheritSecurityOriginFromOwner() from URL to Document
https://bugs.webkit.org/show_bug.cgi?id=158987
Reviewed by Alex Christensen.
The URL class should not have knowledge of the concept of an origin or the semantics of origin
inheritance as these are higher level concepts. We should make URL::shouldInheritSecurityOriginFromOwner()
a static non-member, non-friend function of Document because its implements the origin semantics
for a Document object as described in section Origin of the HTML5 spec., <https://html.spec.whatwg.org/multipage/browsers.html#origin> (8 July 2016).
These semantics only apply to Documents.
No functionality changed. So, no new tests.
* dom/Document.cpp:
(WebCore::shouldInheritSecurityOriginFromOwner): Added.
(WebCore::Document::initSecurityContext): Modified to call WebCore::shouldInheritSecurityOriginFromOwner().
(WebCore::Document::initContentSecurityPolicy): Ditto.
* platform/URL.cpp:
(WebCore::URL::shouldInheritSecurityOriginFromOwner): Deleted.
* platform/URL.h:</pre>
<h3>Modified Paths</h3>
<ul>
<li><a href="#releasesWebKitGTKwebkit212SourceWebCoreChangeLog">releases/WebKitGTK/webkit-2.12/Source/WebCore/ChangeLog</a></li>
<li><a href="#releasesWebKitGTKwebkit212SourceWebCoredomDocumentcpp">releases/WebKitGTK/webkit-2.12/Source/WebCore/dom/Document.cpp</a></li>
<li><a href="#releasesWebKitGTKwebkit212SourceWebCoreplatformURLcpp">releases/WebKitGTK/webkit-2.12/Source/WebCore/platform/URL.cpp</a></li>
<li><a href="#releasesWebKitGTKwebkit212SourceWebCoreplatformURLh">releases/WebKitGTK/webkit-2.12/Source/WebCore/platform/URL.h</a></li>
</ul>
</div>
<div id="patch">
<h3>Diff</h3>
<a id="releasesWebKitGTKwebkit212SourceWebCoreChangeLog"></a>
<div class="modfile"><h4>Modified: releases/WebKitGTK/webkit-2.12/Source/WebCore/ChangeLog (204833 => 204834)</h4>
<pre class="diff"><span>
<span class="info">--- releases/WebKitGTK/webkit-2.12/Source/WebCore/ChangeLog 2016-08-23 13:43:50 UTC (rev 204833)
+++ releases/WebKitGTK/webkit-2.12/Source/WebCore/ChangeLog 2016-08-23 13:43:58 UTC (rev 204834)
</span><span class="lines">@@ -1,3 +1,26 @@
</span><ins>+2016-07-08 Daniel Bates <dabates@apple.com>
+
+ Move shouldInheritSecurityOriginFromOwner() from URL to Document
+ https://bugs.webkit.org/show_bug.cgi?id=158987
+
+ Reviewed by Alex Christensen.
+
+ The URL class should not have knowledge of the concept of an origin or the semantics of origin
+ inheritance as these are higher level concepts. We should make URL::shouldInheritSecurityOriginFromOwner()
+ a static non-member, non-friend function of Document because its implements the origin semantics
+ for a Document object as described in section Origin of the HTML5 spec., <https://html.spec.whatwg.org/multipage/browsers.html#origin> (8 July 2016).
+ These semantics only apply to Documents.
+
+ No functionality changed. So, no new tests.
+
+ * dom/Document.cpp:
+ (WebCore::shouldInheritSecurityOriginFromOwner): Added.
+ (WebCore::Document::initSecurityContext): Modified to call WebCore::shouldInheritSecurityOriginFromOwner().
+ (WebCore::Document::initContentSecurityPolicy): Ditto.
+ * platform/URL.cpp:
+ (WebCore::URL::shouldInheritSecurityOriginFromOwner): Deleted.
+ * platform/URL.h:
+
</ins><span class="cx"> 2016-06-17 John Wilander <wilander@apple.com>
</span><span class="cx">
</span><span class="cx"> Ignore case in the check for security origin inheritance
</span></span></pre></div>
<a id="releasesWebKitGTKwebkit212SourceWebCoredomDocumentcpp"></a>
<div class="modfile"><h4>Modified: releases/WebKitGTK/webkit-2.12/Source/WebCore/dom/Document.cpp (204833 => 204834)</h4>
<pre class="diff"><span>
<span class="info">--- releases/WebKitGTK/webkit-2.12/Source/WebCore/dom/Document.cpp 2016-08-23 13:43:50 UTC (rev 204833)
+++ releases/WebKitGTK/webkit-2.12/Source/WebCore/dom/Document.cpp 2016-08-23 13:43:58 UTC (rev 204834)
</span><span class="lines">@@ -5066,6 +5066,20 @@
</span><span class="cx"> return m_xpathEvaluator->evaluate(expression, contextNode, resolver, type, result, ec);
</span><span class="cx"> }
</span><span class="cx">
</span><ins>+static bool shouldInheritSecurityOriginFromOwner(const URL& url)
+{
+ // Paraphrased from <https://html.spec.whatwg.org/multipage/browsers.html#origin> (8 July 2016)
+ //
+ // If a Document has the address "about:blank"
+ // The origin of the document is the origin it was assigned when its browsing context was created.
+ // If a Document has the address "about:srcdoc"
+ // The origin of the document is the origin of its parent document.
+ //
+ // Note: We generalize this to invalid URLs because we treat such URLs as about:blank.
+ //
+ return url.isEmpty() || equalIgnoringASCIICase(url.string(), blankURL()) || equalLettersIgnoringASCIICase(url.string(), "about:srcdoc");
+}
+
</ins><span class="cx"> void Document::initSecurityContext()
</span><span class="cx"> {
</span><span class="cx"> if (haveInitializedSecurityOrigin()) {
</span><span class="lines">@@ -5118,7 +5132,7 @@
</span><span class="cx"> setBaseURLOverride(parentDocument->baseURL());
</span><span class="cx"> }
</span><span class="cx">
</span><del>- if (!m_url.shouldInheritSecurityOriginFromOwner())
</del><ins>+ if (!shouldInheritSecurityOriginFromOwner(m_url))
</ins><span class="cx"> return;
</span><span class="cx">
</span><span class="cx"> // If we do not obtain a meaningful origin from the URL, then we try to
</span><span class="lines">@@ -5151,7 +5165,7 @@
</span><span class="cx">
</span><span class="cx"> void Document::initContentSecurityPolicy()
</span><span class="cx"> {
</span><del>- if (!m_frame->tree().parent() || (!m_url.shouldInheritSecurityOriginFromOwner() && !isPluginDocument()))
</del><ins>+ if (!m_frame->tree().parent() || (!shouldInheritSecurityOriginFromOwner(m_url) && !isPluginDocument()))
</ins><span class="cx"> return;
</span><span class="cx">
</span><span class="cx"> contentSecurityPolicy()->copyStateFrom(m_frame->tree().parent()->document()->contentSecurityPolicy());
</span></span></pre></div>
<a id="releasesWebKitGTKwebkit212SourceWebCoreplatformURLcpp"></a>
<div class="modfile"><h4>Modified: releases/WebKitGTK/webkit-2.12/Source/WebCore/platform/URL.cpp (204833 => 204834)</h4>
<pre class="diff"><span>
<span class="info">--- releases/WebKitGTK/webkit-2.12/Source/WebCore/platform/URL.cpp 2016-08-23 13:43:50 UTC (rev 204833)
+++ releases/WebKitGTK/webkit-2.12/Source/WebCore/platform/URL.cpp 2016-08-23 13:43:58 UTC (rev 204834)
</span><span class="lines">@@ -2022,13 +2022,6 @@
</span><span class="cx"> return protocolIs("about");
</span><span class="cx"> }
</span><span class="cx">
</span><del>-bool URL::shouldInheritSecurityOriginFromOwner() const
-{
- return isEmpty()
- || equalIgnoringASCIICase(m_string, blankURL().string())
- || equalLettersIgnoringASCIICase(m_string, "about:srcdoc");
-}
-
</del><span class="cx"> typedef HashMap<String, unsigned short, ASCIICaseInsensitiveHash> DefaultPortsMap;
</span><span class="cx"> static const DefaultPortsMap& defaultPortsMap()
</span><span class="cx"> {
</span></span></pre></div>
<a id="releasesWebKitGTKwebkit212SourceWebCoreplatformURLh"></a>
<div class="modfile"><h4>Modified: releases/WebKitGTK/webkit-2.12/Source/WebCore/platform/URL.h (204833 => 204834)</h4>
<pre class="diff"><span>
<span class="info">--- releases/WebKitGTK/webkit-2.12/Source/WebCore/platform/URL.h 2016-08-23 13:43:50 UTC (rev 204833)
+++ releases/WebKitGTK/webkit-2.12/Source/WebCore/platform/URL.h 2016-08-23 13:43:58 UTC (rev 204834)
</span><span class="lines">@@ -134,7 +134,6 @@
</span><span class="cx"> bool protocolIsInHTTPFamily() const;
</span><span class="cx"> WEBCORE_EXPORT bool isLocalFile() const;
</span><span class="cx"> bool isBlankURL() const;
</span><del>- bool shouldInheritSecurityOriginFromOwner() const;
</del><span class="cx">
</span><span class="cx"> WEBCORE_EXPORT bool setProtocol(const String&);
</span><span class="cx"> void setHost(const String&);
</span></span></pre>
</div>
</div>
</body>
</html>