<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN"
"http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head><meta http-equiv="content-type" content="text/html; charset=utf-8" />
<title>[210859] trunk</title>
</head>
<body>
<style type="text/css"><!--
#msg dl.meta { border: 1px #006 solid; background: #369; padding: 6px; color: #fff; }
#msg dl.meta dt { float: left; width: 6em; font-weight: bold; }
#msg dt:after { content:':';}
#msg dl, #msg dt, #msg ul, #msg li, #header, #footer, #logmsg { font-family: verdana,arial,helvetica,sans-serif; font-size: 10pt; }
#msg dl a { font-weight: bold}
#msg dl a:link { color:#fc3; }
#msg dl a:active { color:#ff0; }
#msg dl a:visited { color:#cc6; }
h3 { font-family: verdana,arial,helvetica,sans-serif; font-size: 10pt; font-weight: bold; }
#msg pre { overflow: auto; background: #ffc; border: 1px #fa0 solid; padding: 6px; }
#logmsg { background: #ffc; border: 1px #fa0 solid; padding: 1em 1em 0 1em; }
#logmsg p, #logmsg pre, #logmsg blockquote { margin: 0 0 1em 0; }
#logmsg p, #logmsg li, #logmsg dt, #logmsg dd { line-height: 14pt; }
#logmsg h1, #logmsg h2, #logmsg h3, #logmsg h4, #logmsg h5, #logmsg h6 { margin: .5em 0; }
#logmsg h1:first-child, #logmsg h2:first-child, #logmsg h3:first-child, #logmsg h4:first-child, #logmsg h5:first-child, #logmsg h6:first-child { margin-top: 0; }
#logmsg ul, #logmsg ol { padding: 0; list-style-position: inside; margin: 0 0 0 1em; }
#logmsg ul { text-indent: -1em; padding-left: 1em; }#logmsg ol { text-indent: -1.5em; padding-left: 1.5em; }
#logmsg > ul, #logmsg > ol { margin: 0 0 1em 0; }
#logmsg pre { background: #eee; padding: 1em; }
#logmsg blockquote { border: 1px solid #fa0; border-left-width: 10px; padding: 1em 1em 0 1em; background: white;}
#logmsg dl { margin: 0; }
#logmsg dt { font-weight: bold; }
#logmsg dd { margin: 0; padding: 0 0 0.5em 0; }
#logmsg dd:before { content:'\00bb';}
#logmsg table { border-spacing: 0px; border-collapse: collapse; border-top: 4px solid #fa0; border-bottom: 1px solid #fa0; background: #fff; }
#logmsg table th { text-align: left; font-weight: normal; padding: 0.2em 0.5em; border-top: 1px dotted #fa0; }
#logmsg table td { text-align: right; border-top: 1px dotted #fa0; padding: 0.2em 0.5em; }
#logmsg table thead th { text-align: center; border-bottom: 1px solid #fa0; }
#logmsg table th.Corner { text-align: left; }
#logmsg hr { border: none 0; border-top: 2px dashed #fa0; height: 1px; }
#header, #footer { color: #fff; background: #636; border: 1px #300 solid; padding: 6px; }
#patch { width: 100%; }
#patch h4 {font-family: verdana,arial,helvetica,sans-serif;font-size:10pt;padding:8px;background:#369;color:#fff;margin:0;}
#patch .propset h4, #patch .binary h4 {margin:0;}
#patch pre {padding:0;line-height:1.2em;margin:0;}
#patch .diff {width:100%;background:#eee;padding: 0 0 10px 0;overflow:auto;}
#patch .propset .diff, #patch .binary .diff {padding:10px 0;}
#patch span {display:block;padding:0 10px;}
#patch .modfile, #patch .addfile, #patch .delfile, #patch .propset, #patch .binary, #patch .copfile {border:1px solid #ccc;margin:10px 0;}
#patch ins {background:#dfd;text-decoration:none;display:block;padding:0 10px;}
#patch del {background:#fdd;text-decoration:none;display:block;padding:0 10px;}
#patch .lines, .info {color:#888;background:#fff;}
--></style>
<div id="msg">
<dl class="meta">
<dt>Revision</dt> <dd><a href="http://trac.webkit.org/projects/webkit/changeset/210859">210859</a></dd>
<dt>Author</dt> <dd>akling@apple.com</dd>
<dt>Date</dt> <dd>2017-01-18 11:35:49 -0800 (Wed, 18 Jan 2017)</dd>
</dl>
<h3>Log Message</h3>
<pre>Document::securityOrigin() should return a reference.
<https://webkit.org/b/167124>
Reviewed by Sam Weinig.
Source/WebCore:
The security origin is always initialized by the Document constructor
through Document::initSecurityContext(), so it's effectively always present.
Make it return a reference and remove unnecessary null checks exposed by this.
* Modules/applepay/ApplePaySession.cpp:
(WebCore::canCallApplePaySessionAPIs):
* Modules/encryptedmedia/CDM.cpp:
(WebCore::CDM::getSupportedConfiguration):
(WebCore::CDM::getConsentStatus):
* Modules/encryptedmedia/legacy/WebKitMediaKeySession.cpp:
(WebCore::WebKitMediaKeySession::mediaKeysStorageDirectory):
* Modules/mediastream/UserMediaRequest.cpp:
(WebCore::canCallGetUserMedia):
* Modules/webdatabase/DOMWindowWebDatabase.cpp:
(WebCore::DOMWindowWebDatabase::openDatabase):
* Modules/webdatabase/DatabaseContext.cpp:
(WebCore::DatabaseContext::allowDatabaseAccess):
* Modules/websockets/WebSocketHandshake.cpp:
(WebCore::WebSocketHandshake::clientOrigin):
* bindings/js/JSDOMBinding.cpp:
(WebCore::canAccessDocument):
* bindings/js/ScriptController.cpp:
(WebCore::ScriptController::collectIsolatedContexts):
* css/CSSStyleSheet.cpp:
(WebCore::CSSStyleSheet::canAccessRules):
* css/RuleSet.cpp:
(WebCore::RuleSet::addRulesFromSheet):
* css/StyleRuleImport.cpp:
(WebCore::StyleRuleImport::setCSSStyleSheet):
* dom/Document.cpp:
(WebCore::canAccessAncestor):
(WebCore::Document::findUnsafeParentScrollPropagationBoundary):
(WebCore::Document::cookie):
(WebCore::Document::setCookie):
(WebCore::Document::origin):
(WebCore::Document::domain):
(WebCore::Document::setDomain):
(WebCore::Document::storageBlockingStateDidChange):
(WebCore::Document::initSecurityContext):
(WebCore::Document::initDNSPrefetch):
(WebCore::Document::topOrigin):
* dom/Document.h:
(WebCore::Document::securityOrigin):
* dom/SecurityContext.cpp:
(WebCore::SecurityContext::isSecureTransitionTo):
* html/HTMLAnchorElement.cpp:
(WebCore::HTMLAnchorElement::handleClick):
* html/HTMLAppletElement.cpp:
(WebCore::HTMLAppletElement::canEmbedJava):
* html/HTMLCanvasElement.cpp:
(WebCore::HTMLCanvasElement::securityOrigin):
* html/HTMLLinkElement.cpp:
(WebCore::HTMLLinkElement::setCSSStyleSheet):
* html/HTMLMediaElement.cpp:
(WebCore::HTMLMediaElement::isSafeToLoadURL):
(WebCore::HTMLMediaElement::mediaPlayerMediaKeysStorageDirectory):
* html/HTMLPlugInImageElement.cpp:
(WebCore::HTMLPlugInImageElement::allowedToLoadFrameURL):
* inspector/InspectorDOMStorageAgent.cpp:
(WebCore::InspectorDOMStorageAgent::storageId):
(WebCore::InspectorDOMStorageAgent::findStorageArea):
* inspector/InspectorIndexedDBAgent.cpp:
(WebCore::InspectorIndexedDBAgent::requestDatabaseNames):
(WebCore::InspectorIndexedDBAgent::requestDatabase):
(WebCore::InspectorIndexedDBAgent::requestData):
(WebCore::InspectorIndexedDBAgent::clearObjectStore):
* inspector/InspectorPageAgent.cpp:
(WebCore::InspectorPageAgent::findFrameWithSecurityOrigin):
(WebCore::InspectorPageAgent::buildObjectForFrame):
* loader/DocumentLoader.cpp:
(WebCore::DocumentLoader::commitData):
* loader/DocumentThreadableLoader.cpp:
(WebCore::DocumentThreadableLoader::loadRequest):
(WebCore::DocumentThreadableLoader::securityOrigin):
* loader/DocumentWriter.cpp:
(WebCore::canReferToParentFrameEncoding):
* loader/EmptyClients.cpp:
* loader/FrameLoadRequest.cpp:
(WebCore::FrameLoadRequest::FrameLoadRequest):
* loader/FrameLoadRequest.h:
(WebCore::FrameLoadRequest::FrameLoadRequest):
* loader/FrameLoader.cpp:
(WebCore::shouldClearWindowName):
(WebCore::FrameLoader::outgoingOrigin):
(WebCore::FrameLoader::loadURL):
(WebCore::FrameLoader::dispatchBeforeUnloadEvent):
* loader/FrameLoaderClient.h:
* loader/MixedContentChecker.cpp:
(WebCore::MixedContentChecker::isMixedContent):
(WebCore::MixedContentChecker::canDisplayInsecureContent):
(WebCore::MixedContentChecker::canRunInsecureContent):
(WebCore::MixedContentChecker::checkFormForMixedContent):
* loader/MixedContentChecker.h:
* loader/NavigationScheduler.cpp:
(WebCore::NavigationScheduler::scheduleRedirect):
(WebCore::NavigationScheduler::scheduleLocationChange):
(WebCore::NavigationScheduler::scheduleRefresh):
* loader/NavigationScheduler.h:
* loader/PingLoader.cpp:
(WebCore::PingLoader::loadImage):
(WebCore::PingLoader::sendPing):
(WebCore::PingLoader::sendViolationReport):
* loader/ResourceLoadInfo.cpp:
(WebCore::ResourceLoadInfo::isThirdParty):
* loader/ResourceLoader.cpp:
(WebCore::ResourceLoader::init):
(WebCore::ResourceLoader::isAllowedToAskUserForCredentials):
* loader/SubframeLoader.cpp:
(WebCore::SubframeLoader::pluginIsLoadable):
(WebCore::SubframeLoader::createJavaAppletWidget):
(WebCore::SubframeLoader::loadSubframe):
* loader/appcache/ApplicationCacheGroup.cpp:
(WebCore::ApplicationCacheGroup::selectCache):
(WebCore::ApplicationCacheGroup::selectCacheWithoutManifestURL):
(WebCore::ApplicationCacheGroup::update):
* loader/cache/CachedResourceLoader.cpp:
(WebCore::CachedResourceLoader::canRequest):
(WebCore::CachedResourceLoader::canRequestAfterRedirection):
(WebCore::CachedResourceLoader::canRequestInContentDispositionAttachmentSandbox):
* loader/cache/CachedResourceRequest.cpp:
(WebCore::CachedResourceRequest::setAsPotentiallyCrossOrigin):
(WebCore::CachedResourceRequest::updateForAccessControl):
* loader/cache/CachedResourceRequest.h:
(WebCore::CachedResourceRequest::setOrigin):
* page/DOMWindow.cpp:
(WebCore::DOMWindow::sessionStorage):
(WebCore::DOMWindow::localStorage):
(WebCore::DOMWindow::postMessage):
(WebCore::DOMWindow::dispatchMessageEventWithOriginCheck):
(WebCore::DOMWindow::isSameSecurityOriginAsMainFrame):
(WebCore::DOMWindow::crossDomainAccessErrorMessage):
(WebCore::DOMWindow::isInsecureScriptAccess):
* page/DragController.cpp:
(WebCore::DragController::dragExited):
(WebCore::DragController::tryDocumentDrag):
(WebCore::DragController::tryDHTMLDrag):
(WebCore::DragController::startDrag):
* page/History.cpp:
(WebCore::History::stateObjectAdded):
* page/Location.cpp:
(WebCore::Location::ancestorOrigins):
(WebCore::Location::reload):
* page/Navigator.cpp:
(WebCore::Navigator::javaEnabled):
* page/Page.cpp:
(WebCore::Page::showAllPlugins):
* page/PerformanceResourceTiming.cpp:
(WebCore::passesTimingAllowCheck):
* page/SecurityOrigin.cpp:
(WebCore::SecurityOrigin::canAccess):
(WebCore::SecurityOrigin::canRequest):
(WebCore::SecurityOrigin::canReceiveDragData):
(WebCore::SecurityOrigin::canAccessStorage):
(WebCore::SecurityOrigin::isSameOriginAs):
(WebCore::SecurityOrigin::equal):
(WebCore::SecurityOrigin::isSameSchemeHostPort):
* page/SecurityOrigin.h:
* page/SecurityOriginData.cpp:
(WebCore::SecurityOriginData::fromFrame):
* page/SecurityOriginHash.h:
(WebCore::SecurityOriginHash::equal):
* page/csp/ContentSecurityPolicy.cpp:
(WebCore::stripURLForUseInReport):
* platform/graphics/avfoundation/cf/MediaPlayerPrivateAVFoundationCF.cpp:
(WebCore::MediaPlayerPrivateAVFoundationCF::hasSingleSecurityOrigin):
* platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
(WebCore::MediaPlayerPrivateAVFoundationObjC::hasSingleSecurityOrigin):
* platform/graphics/mac/MediaPlayerPrivateQTKit.mm:
(WebCore::MediaPlayerPrivateQTKit::hasSingleSecurityOrigin):
* rendering/shapes/ShapeOutsideInfo.cpp:
(WebCore::checkShapeImageOrigin):
* replay/ReplayInputCreationMethods.cpp:
(WebCore::InitialNavigation::createFromPage):
* replay/ReplayInputDispatchMethods.cpp:
(WebCore::InitialNavigation::dispatch):
* storage/Storage.cpp:
(WebCore::Storage::isDisabledByPrivateBrowsing):
* storage/StorageEventDispatcher.cpp:
(WebCore::StorageEventDispatcher::dispatchSessionStorageEvents):
(WebCore::StorageEventDispatcher::dispatchLocalStorageEvents):
* storage/StorageNamespaceProvider.cpp:
(WebCore::StorageNamespaceProvider::localStorageArea):
* testing/Internals.cpp:
(WebCore::Internals::setApplicationCacheOriginQuota):
* xml/XSLTProcessorLibxslt.cpp:
(WebCore::docLoaderFunc):
* xml/parser/XMLDocumentParserLibxml2.cpp:
(WebCore::shouldAllowExternalLoad):
Source/WebKit/mac:
* Plugins/Hosted/NetscapePluginInstanceProxy.mm:
(WebKit::NetscapePluginInstanceProxy::loadRequest):
* Plugins/WebNetscapePluginStream.mm:
(WebNetscapePluginStream::WebNetscapePluginStream):
* Plugins/WebNetscapePluginView.mm:
(-[WebNetscapePluginView loadRequest:inTarget:withNotifyData:sendNotification:]):
* Plugins/WebPluginContainerCheck.mm:
(-[WebPluginContainerCheck _isForbiddenFileLoad]):
* WebCoreSupport/WebChromeClient.mm:
(WebChromeClient::exceededDatabaseQuota):
* WebCoreSupport/WebFrameLoaderClient.h:
* WebCoreSupport/WebFrameLoaderClient.mm:
(WebFrameLoaderClient::didRunInsecureContent):
* WebCoreSupport/WebGeolocationClient.mm:
(WebGeolocationClient::requestPermission):
(-[WebGeolocationProviderInitializationListener initializationAllowedWebView:]):
* WebView/WebFrame.mm:
(-[WebFrame _allowsFollowingLink:]):
Source/WebKit/win:
* Plugins/PluginView.cpp:
(WebCore::PluginView::load):
* WebCoreSupport/WebChromeClient.cpp:
(WebChromeClient::exceededDatabaseQuota):
* WebCoreSupport/WebFrameLoaderClient.cpp:
(WebFrameLoaderClient::didRunInsecureContent):
* WebCoreSupport/WebFrameLoaderClient.h:
* WebCoreSupport/WebGeolocationClient.cpp:
(WebGeolocationClient::requestPermission):
* WebFrame.cpp:
(WebFrame::allowsFollowingLink):
Source/WebKit2:
* UIProcess/Storage/StorageManager.cpp:
(WebKit::StorageManager::createTransientLocalStorageMap):
* WebProcess/Geolocation/GeolocationPermissionRequestManager.cpp:
(WebKit::GeolocationPermissionRequestManager::startRequestForGeolocation):
* WebProcess/InjectedBundle/API/c/WKBundleFrame.cpp:
(WKBundleFrameCopySecurityOrigin):
* WebProcess/Plugins/PluginView.cpp:
(WebKit::PluginView::storageBlockingStateChanged):
(WebKit::PluginView::performFrameLoadURLRequest):
(WebKit::PluginView::isPrivateBrowsingEnabled):
* WebProcess/Plugins/WebPluginInfoProvider.cpp:
(WebKit::WebPluginInfoProvider::getWebVisiblePluginInfo):
* WebProcess/Storage/StorageAreaMap.cpp:
(WebKit::StorageAreaMap::dispatchSessionStorageEvent):
(WebKit::StorageAreaMap::dispatchLocalStorageEvent):
* WebProcess/WebCoreSupport/WebChromeClient.cpp:
(WebKit::WebChromeClient::exceededDatabaseQuota):
* WebProcess/WebCoreSupport/WebFrameLoaderClient.cpp:
(WebKit::WebFrameLoaderClient::didRunInsecureContent):
* WebProcess/WebCoreSupport/WebFrameLoaderClient.h:
* WebProcess/WebPage/WebFrame.cpp:
(WebKit::WebFrame::allowsFollowingLink):
Tools:
* TestWebKitAPI/Tests/WebCore/SecurityOrigin.cpp:
(TestWebKitAPI::TEST_F):</pre>
<h3>Modified Paths</h3>
<ul>
<li><a href="#trunkSourceWebCoreChangeLog">trunk/Source/WebCore/ChangeLog</a></li>
<li><a href="#trunkSourceWebCoreModulesapplepayApplePaySessioncpp">trunk/Source/WebCore/Modules/applepay/ApplePaySession.cpp</a></li>
<li><a href="#trunkSourceWebCoreModulesencryptedmediaCDMcpp">trunk/Source/WebCore/Modules/encryptedmedia/CDM.cpp</a></li>
<li><a href="#trunkSourceWebCoreModulesencryptedmedialegacyWebKitMediaKeySessioncpp">trunk/Source/WebCore/Modules/encryptedmedia/legacy/WebKitMediaKeySession.cpp</a></li>
<li><a href="#trunkSourceWebCoreModulesmediastreamUserMediaRequestcpp">trunk/Source/WebCore/Modules/mediastream/UserMediaRequest.cpp</a></li>
<li><a href="#trunkSourceWebCoreModuleswebdatabaseDOMWindowWebDatabasecpp">trunk/Source/WebCore/Modules/webdatabase/DOMWindowWebDatabase.cpp</a></li>
<li><a href="#trunkSourceWebCoreModuleswebdatabaseDatabaseContextcpp">trunk/Source/WebCore/Modules/webdatabase/DatabaseContext.cpp</a></li>
<li><a href="#trunkSourceWebCoreModuleswebsocketsWebSocketHandshakecpp">trunk/Source/WebCore/Modules/websockets/WebSocketHandshake.cpp</a></li>
<li><a href="#trunkSourceWebCorebindingsjsJSDOMBindingcpp">trunk/Source/WebCore/bindings/js/JSDOMBinding.cpp</a></li>
<li><a href="#trunkSourceWebCorebindingsjsScriptControllercpp">trunk/Source/WebCore/bindings/js/ScriptController.cpp</a></li>
<li><a href="#trunkSourceWebCorecssCSSStyleSheetcpp">trunk/Source/WebCore/css/CSSStyleSheet.cpp</a></li>
<li><a href="#trunkSourceWebCorecssRuleSetcpp">trunk/Source/WebCore/css/RuleSet.cpp</a></li>
<li><a href="#trunkSourceWebCorecssStyleRuleImportcpp">trunk/Source/WebCore/css/StyleRuleImport.cpp</a></li>
<li><a href="#trunkSourceWebCoredomDocumentcpp">trunk/Source/WebCore/dom/Document.cpp</a></li>
<li><a href="#trunkSourceWebCoredomDocumenth">trunk/Source/WebCore/dom/Document.h</a></li>
<li><a href="#trunkSourceWebCoredomSecurityContextcpp">trunk/Source/WebCore/dom/SecurityContext.cpp</a></li>
<li><a href="#trunkSourceWebCorehtmlHTMLAnchorElementcpp">trunk/Source/WebCore/html/HTMLAnchorElement.cpp</a></li>
<li><a href="#trunkSourceWebCorehtmlHTMLAppletElementcpp">trunk/Source/WebCore/html/HTMLAppletElement.cpp</a></li>
<li><a href="#trunkSourceWebCorehtmlHTMLCanvasElementcpp">trunk/Source/WebCore/html/HTMLCanvasElement.cpp</a></li>
<li><a href="#trunkSourceWebCorehtmlHTMLLinkElementcpp">trunk/Source/WebCore/html/HTMLLinkElement.cpp</a></li>
<li><a href="#trunkSourceWebCorehtmlHTMLMediaElementcpp">trunk/Source/WebCore/html/HTMLMediaElement.cpp</a></li>
<li><a href="#trunkSourceWebCorehtmlHTMLPlugInImageElementcpp">trunk/Source/WebCore/html/HTMLPlugInImageElement.cpp</a></li>
<li><a href="#trunkSourceWebCoreinspectorInspectorDOMStorageAgentcpp">trunk/Source/WebCore/inspector/InspectorDOMStorageAgent.cpp</a></li>
<li><a href="#trunkSourceWebCoreinspectorInspectorIndexedDBAgentcpp">trunk/Source/WebCore/inspector/InspectorIndexedDBAgent.cpp</a></li>
<li><a href="#trunkSourceWebCoreinspectorInspectorPageAgentcpp">trunk/Source/WebCore/inspector/InspectorPageAgent.cpp</a></li>
<li><a href="#trunkSourceWebCoreloaderDocumentLoadercpp">trunk/Source/WebCore/loader/DocumentLoader.cpp</a></li>
<li><a href="#trunkSourceWebCoreloaderDocumentThreadableLoadercpp">trunk/Source/WebCore/loader/DocumentThreadableLoader.cpp</a></li>
<li><a href="#trunkSourceWebCoreloaderDocumentWritercpp">trunk/Source/WebCore/loader/DocumentWriter.cpp</a></li>
<li><a href="#trunkSourceWebCoreloaderEmptyClientscpp">trunk/Source/WebCore/loader/EmptyClients.cpp</a></li>
<li><a href="#trunkSourceWebCoreloaderFrameLoadRequestcpp">trunk/Source/WebCore/loader/FrameLoadRequest.cpp</a></li>
<li><a href="#trunkSourceWebCoreloaderFrameLoadRequesth">trunk/Source/WebCore/loader/FrameLoadRequest.h</a></li>
<li><a href="#trunkSourceWebCoreloaderFrameLoadercpp">trunk/Source/WebCore/loader/FrameLoader.cpp</a></li>
<li><a href="#trunkSourceWebCoreloaderFrameLoaderClienth">trunk/Source/WebCore/loader/FrameLoaderClient.h</a></li>
<li><a href="#trunkSourceWebCoreloaderMixedContentCheckercpp">trunk/Source/WebCore/loader/MixedContentChecker.cpp</a></li>
<li><a href="#trunkSourceWebCoreloaderMixedContentCheckerh">trunk/Source/WebCore/loader/MixedContentChecker.h</a></li>
<li><a href="#trunkSourceWebCoreloaderNavigationSchedulercpp">trunk/Source/WebCore/loader/NavigationScheduler.cpp</a></li>
<li><a href="#trunkSourceWebCoreloaderNavigationSchedulerh">trunk/Source/WebCore/loader/NavigationScheduler.h</a></li>
<li><a href="#trunkSourceWebCoreloaderPingLoadercpp">trunk/Source/WebCore/loader/PingLoader.cpp</a></li>
<li><a href="#trunkSourceWebCoreloaderResourceLoadInfocpp">trunk/Source/WebCore/loader/ResourceLoadInfo.cpp</a></li>
<li><a href="#trunkSourceWebCoreloaderResourceLoadercpp">trunk/Source/WebCore/loader/ResourceLoader.cpp</a></li>
<li><a href="#trunkSourceWebCoreloaderSubframeLoadercpp">trunk/Source/WebCore/loader/SubframeLoader.cpp</a></li>
<li><a href="#trunkSourceWebCoreloaderappcacheApplicationCacheGroupcpp">trunk/Source/WebCore/loader/appcache/ApplicationCacheGroup.cpp</a></li>
<li><a href="#trunkSourceWebCoreloadercacheCachedResourceLoadercpp">trunk/Source/WebCore/loader/cache/CachedResourceLoader.cpp</a></li>
<li><a href="#trunkSourceWebCoreloadercacheCachedResourceRequestcpp">trunk/Source/WebCore/loader/cache/CachedResourceRequest.cpp</a></li>
<li><a href="#trunkSourceWebCoreloadercacheCachedResourceRequesth">trunk/Source/WebCore/loader/cache/CachedResourceRequest.h</a></li>
<li><a href="#trunkSourceWebCorepageDOMWindowcpp">trunk/Source/WebCore/page/DOMWindow.cpp</a></li>
<li><a href="#trunkSourceWebCorepageDragControllercpp">trunk/Source/WebCore/page/DragController.cpp</a></li>
<li><a href="#trunkSourceWebCorepageHistorycpp">trunk/Source/WebCore/page/History.cpp</a></li>
<li><a href="#trunkSourceWebCorepageLocationcpp">trunk/Source/WebCore/page/Location.cpp</a></li>
<li><a href="#trunkSourceWebCorepageNavigatorcpp">trunk/Source/WebCore/page/Navigator.cpp</a></li>
<li><a href="#trunkSourceWebCorepagePagecpp">trunk/Source/WebCore/page/Page.cpp</a></li>
<li><a href="#trunkSourceWebCorepagePerformanceResourceTimingcpp">trunk/Source/WebCore/page/PerformanceResourceTiming.cpp</a></li>
<li><a href="#trunkSourceWebCorepageSecurityOrigincpp">trunk/Source/WebCore/page/SecurityOrigin.cpp</a></li>
<li><a href="#trunkSourceWebCorepageSecurityOriginh">trunk/Source/WebCore/page/SecurityOrigin.h</a></li>
<li><a href="#trunkSourceWebCorepageSecurityOriginDatacpp">trunk/Source/WebCore/page/SecurityOriginData.cpp</a></li>
<li><a href="#trunkSourceWebCorepageSecurityOriginHashh">trunk/Source/WebCore/page/SecurityOriginHash.h</a></li>
<li><a href="#trunkSourceWebCorepagecspContentSecurityPolicycpp">trunk/Source/WebCore/page/csp/ContentSecurityPolicy.cpp</a></li>
<li><a href="#trunkSourceWebCoreplatformgraphicsavfoundationcfMediaPlayerPrivateAVFoundationCFcpp">trunk/Source/WebCore/platform/graphics/avfoundation/cf/MediaPlayerPrivateAVFoundationCF.cpp</a></li>
<li><a href="#trunkSourceWebCoreplatformgraphicsavfoundationobjcMediaPlayerPrivateAVFoundationObjCmm">trunk/Source/WebCore/platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm</a></li>
<li><a href="#trunkSourceWebCoreplatformgraphicsmacMediaPlayerPrivateQTKitmm">trunk/Source/WebCore/platform/graphics/mac/MediaPlayerPrivateQTKit.mm</a></li>
<li><a href="#trunkSourceWebCorerenderingshapesShapeOutsideInfocpp">trunk/Source/WebCore/rendering/shapes/ShapeOutsideInfo.cpp</a></li>
<li><a href="#trunkSourceWebCorereplayReplayInputCreationMethodscpp">trunk/Source/WebCore/replay/ReplayInputCreationMethods.cpp</a></li>
<li><a href="#trunkSourceWebCorereplayReplayInputDispatchMethodscpp">trunk/Source/WebCore/replay/ReplayInputDispatchMethods.cpp</a></li>
<li><a href="#trunkSourceWebCorestorageStoragecpp">trunk/Source/WebCore/storage/Storage.cpp</a></li>
<li><a href="#trunkSourceWebCorestorageStorageEventDispatchercpp">trunk/Source/WebCore/storage/StorageEventDispatcher.cpp</a></li>
<li><a href="#trunkSourceWebCorestorageStorageNamespaceProvidercpp">trunk/Source/WebCore/storage/StorageNamespaceProvider.cpp</a></li>
<li><a href="#trunkSourceWebCoretestingInternalscpp">trunk/Source/WebCore/testing/Internals.cpp</a></li>
<li><a href="#trunkSourceWebCorexmlXSLTProcessorLibxsltcpp">trunk/Source/WebCore/xml/XSLTProcessorLibxslt.cpp</a></li>
<li><a href="#trunkSourceWebCorexmlparserXMLDocumentParserLibxml2cpp">trunk/Source/WebCore/xml/parser/XMLDocumentParserLibxml2.cpp</a></li>
<li><a href="#trunkSourceWebKitmacChangeLog">trunk/Source/WebKit/mac/ChangeLog</a></li>
<li><a href="#trunkSourceWebKitmacPluginsHostedNetscapePluginInstanceProxymm">trunk/Source/WebKit/mac/Plugins/Hosted/NetscapePluginInstanceProxy.mm</a></li>
<li><a href="#trunkSourceWebKitmacPluginsWebNetscapePluginStreammm">trunk/Source/WebKit/mac/Plugins/WebNetscapePluginStream.mm</a></li>
<li><a href="#trunkSourceWebKitmacPluginsWebNetscapePluginViewmm">trunk/Source/WebKit/mac/Plugins/WebNetscapePluginView.mm</a></li>
<li><a href="#trunkSourceWebKitmacPluginsWebPluginContainerCheckmm">trunk/Source/WebKit/mac/Plugins/WebPluginContainerCheck.mm</a></li>
<li><a href="#trunkSourceWebKitmacWebCoreSupportWebChromeClientmm">trunk/Source/WebKit/mac/WebCoreSupport/WebChromeClient.mm</a></li>
<li><a href="#trunkSourceWebKitmacWebCoreSupportWebFrameLoaderClienth">trunk/Source/WebKit/mac/WebCoreSupport/WebFrameLoaderClient.h</a></li>
<li><a href="#trunkSourceWebKitmacWebCoreSupportWebFrameLoaderClientmm">trunk/Source/WebKit/mac/WebCoreSupport/WebFrameLoaderClient.mm</a></li>
<li><a href="#trunkSourceWebKitmacWebCoreSupportWebGeolocationClientmm">trunk/Source/WebKit/mac/WebCoreSupport/WebGeolocationClient.mm</a></li>
<li><a href="#trunkSourceWebKitmacWebViewWebFramemm">trunk/Source/WebKit/mac/WebView/WebFrame.mm</a></li>
<li><a href="#trunkSourceWebKitwinChangeLog">trunk/Source/WebKit/win/ChangeLog</a></li>
<li><a href="#trunkSourceWebKitwinPluginsPluginViewcpp">trunk/Source/WebKit/win/Plugins/PluginView.cpp</a></li>
<li><a href="#trunkSourceWebKitwinWebCoreSupportWebChromeClientcpp">trunk/Source/WebKit/win/WebCoreSupport/WebChromeClient.cpp</a></li>
<li><a href="#trunkSourceWebKitwinWebCoreSupportWebFrameLoaderClientcpp">trunk/Source/WebKit/win/WebCoreSupport/WebFrameLoaderClient.cpp</a></li>
<li><a href="#trunkSourceWebKitwinWebCoreSupportWebFrameLoaderClienth">trunk/Source/WebKit/win/WebCoreSupport/WebFrameLoaderClient.h</a></li>
<li><a href="#trunkSourceWebKitwinWebCoreSupportWebGeolocationClientcpp">trunk/Source/WebKit/win/WebCoreSupport/WebGeolocationClient.cpp</a></li>
<li><a href="#trunkSourceWebKitwinWebFramecpp">trunk/Source/WebKit/win/WebFrame.cpp</a></li>
<li><a href="#trunkSourceWebKit2ChangeLog">trunk/Source/WebKit2/ChangeLog</a></li>
<li><a href="#trunkSourceWebKit2UIProcessStorageStorageManagercpp">trunk/Source/WebKit2/UIProcess/Storage/StorageManager.cpp</a></li>
<li><a href="#trunkSourceWebKit2WebProcessGeolocationGeolocationPermissionRequestManagercpp">trunk/Source/WebKit2/WebProcess/Geolocation/GeolocationPermissionRequestManager.cpp</a></li>
<li><a href="#trunkSourceWebKit2WebProcessInjectedBundleAPIcWKBundleFramecpp">trunk/Source/WebKit2/WebProcess/InjectedBundle/API/c/WKBundleFrame.cpp</a></li>
<li><a href="#trunkSourceWebKit2WebProcessPluginsPluginViewcpp">trunk/Source/WebKit2/WebProcess/Plugins/PluginView.cpp</a></li>
<li><a href="#trunkSourceWebKit2WebProcessPluginsWebPluginInfoProvidercpp">trunk/Source/WebKit2/WebProcess/Plugins/WebPluginInfoProvider.cpp</a></li>
<li><a href="#trunkSourceWebKit2WebProcessStorageStorageAreaMapcpp">trunk/Source/WebKit2/WebProcess/Storage/StorageAreaMap.cpp</a></li>
<li><a href="#trunkSourceWebKit2WebProcessWebCoreSupportWebChromeClientcpp">trunk/Source/WebKit2/WebProcess/WebCoreSupport/WebChromeClient.cpp</a></li>
<li><a href="#trunkSourceWebKit2WebProcessWebCoreSupportWebFrameLoaderClientcpp">trunk/Source/WebKit2/WebProcess/WebCoreSupport/WebFrameLoaderClient.cpp</a></li>
<li><a href="#trunkSourceWebKit2WebProcessWebCoreSupportWebFrameLoaderClienth">trunk/Source/WebKit2/WebProcess/WebCoreSupport/WebFrameLoaderClient.h</a></li>
<li><a href="#trunkSourceWebKit2WebProcessWebPageWebFramecpp">trunk/Source/WebKit2/WebProcess/WebPage/WebFrame.cpp</a></li>
<li><a href="#trunkToolsChangeLog">trunk/Tools/ChangeLog</a></li>
<li><a href="#trunkToolsTestWebKitAPITestsWebCoreSecurityOrigincpp">trunk/Tools/TestWebKitAPI/Tests/WebCore/SecurityOrigin.cpp</a></li>
</ul>
</div>
<div id="patch">
<h3>Diff</h3>
<a id="trunkSourceWebCoreChangeLog"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/ChangeLog (210858 => 210859)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/ChangeLog 2017-01-18 19:30:50 UTC (rev 210858)
+++ trunk/Source/WebCore/ChangeLog 2017-01-18 19:35:49 UTC (rev 210859)
</span><span class="lines">@@ -1,3 +1,199 @@
</span><ins>+2017-01-18 Andreas Kling <akling@apple.com>
+
+ Document::securityOrigin() should return a reference.
+ <https://webkit.org/b/167124>
+
+ Reviewed by Sam Weinig.
+
+ The security origin is always initialized by the Document constructor
+ through Document::initSecurityContext(), so it's effectively always present.
+ Make it return a reference and remove unnecessary null checks exposed by this.
+
+ * Modules/applepay/ApplePaySession.cpp:
+ (WebCore::canCallApplePaySessionAPIs):
+ * Modules/encryptedmedia/CDM.cpp:
+ (WebCore::CDM::getSupportedConfiguration):
+ (WebCore::CDM::getConsentStatus):
+ * Modules/encryptedmedia/legacy/WebKitMediaKeySession.cpp:
+ (WebCore::WebKitMediaKeySession::mediaKeysStorageDirectory):
+ * Modules/mediastream/UserMediaRequest.cpp:
+ (WebCore::canCallGetUserMedia):
+ * Modules/webdatabase/DOMWindowWebDatabase.cpp:
+ (WebCore::DOMWindowWebDatabase::openDatabase):
+ * Modules/webdatabase/DatabaseContext.cpp:
+ (WebCore::DatabaseContext::allowDatabaseAccess):
+ * Modules/websockets/WebSocketHandshake.cpp:
+ (WebCore::WebSocketHandshake::clientOrigin):
+ * bindings/js/JSDOMBinding.cpp:
+ (WebCore::canAccessDocument):
+ * bindings/js/ScriptController.cpp:
+ (WebCore::ScriptController::collectIsolatedContexts):
+ * css/CSSStyleSheet.cpp:
+ (WebCore::CSSStyleSheet::canAccessRules):
+ * css/RuleSet.cpp:
+ (WebCore::RuleSet::addRulesFromSheet):
+ * css/StyleRuleImport.cpp:
+ (WebCore::StyleRuleImport::setCSSStyleSheet):
+ * dom/Document.cpp:
+ (WebCore::canAccessAncestor):
+ (WebCore::Document::findUnsafeParentScrollPropagationBoundary):
+ (WebCore::Document::cookie):
+ (WebCore::Document::setCookie):
+ (WebCore::Document::origin):
+ (WebCore::Document::domain):
+ (WebCore::Document::setDomain):
+ (WebCore::Document::storageBlockingStateDidChange):
+ (WebCore::Document::initSecurityContext):
+ (WebCore::Document::initDNSPrefetch):
+ (WebCore::Document::topOrigin):
+ * dom/Document.h:
+ (WebCore::Document::securityOrigin):
+ * dom/SecurityContext.cpp:
+ (WebCore::SecurityContext::isSecureTransitionTo):
+ * html/HTMLAnchorElement.cpp:
+ (WebCore::HTMLAnchorElement::handleClick):
+ * html/HTMLAppletElement.cpp:
+ (WebCore::HTMLAppletElement::canEmbedJava):
+ * html/HTMLCanvasElement.cpp:
+ (WebCore::HTMLCanvasElement::securityOrigin):
+ * html/HTMLLinkElement.cpp:
+ (WebCore::HTMLLinkElement::setCSSStyleSheet):
+ * html/HTMLMediaElement.cpp:
+ (WebCore::HTMLMediaElement::isSafeToLoadURL):
+ (WebCore::HTMLMediaElement::mediaPlayerMediaKeysStorageDirectory):
+ * html/HTMLPlugInImageElement.cpp:
+ (WebCore::HTMLPlugInImageElement::allowedToLoadFrameURL):
+ * inspector/InspectorDOMStorageAgent.cpp:
+ (WebCore::InspectorDOMStorageAgent::storageId):
+ (WebCore::InspectorDOMStorageAgent::findStorageArea):
+ * inspector/InspectorIndexedDBAgent.cpp:
+ (WebCore::InspectorIndexedDBAgent::requestDatabaseNames):
+ (WebCore::InspectorIndexedDBAgent::requestDatabase):
+ (WebCore::InspectorIndexedDBAgent::requestData):
+ (WebCore::InspectorIndexedDBAgent::clearObjectStore):
+ * inspector/InspectorPageAgent.cpp:
+ (WebCore::InspectorPageAgent::findFrameWithSecurityOrigin):
+ (WebCore::InspectorPageAgent::buildObjectForFrame):
+ * loader/DocumentLoader.cpp:
+ (WebCore::DocumentLoader::commitData):
+ * loader/DocumentThreadableLoader.cpp:
+ (WebCore::DocumentThreadableLoader::loadRequest):
+ (WebCore::DocumentThreadableLoader::securityOrigin):
+ * loader/DocumentWriter.cpp:
+ (WebCore::canReferToParentFrameEncoding):
+ * loader/EmptyClients.cpp:
+ * loader/FrameLoadRequest.cpp:
+ (WebCore::FrameLoadRequest::FrameLoadRequest):
+ * loader/FrameLoadRequest.h:
+ (WebCore::FrameLoadRequest::FrameLoadRequest):
+ * loader/FrameLoader.cpp:
+ (WebCore::shouldClearWindowName):
+ (WebCore::FrameLoader::outgoingOrigin):
+ (WebCore::FrameLoader::loadURL):
+ (WebCore::FrameLoader::dispatchBeforeUnloadEvent):
+ * loader/FrameLoaderClient.h:
+ * loader/MixedContentChecker.cpp:
+ (WebCore::MixedContentChecker::isMixedContent):
+ (WebCore::MixedContentChecker::canDisplayInsecureContent):
+ (WebCore::MixedContentChecker::canRunInsecureContent):
+ (WebCore::MixedContentChecker::checkFormForMixedContent):
+ * loader/MixedContentChecker.h:
+ * loader/NavigationScheduler.cpp:
+ (WebCore::NavigationScheduler::scheduleRedirect):
+ (WebCore::NavigationScheduler::scheduleLocationChange):
+ (WebCore::NavigationScheduler::scheduleRefresh):
+ * loader/NavigationScheduler.h:
+ * loader/PingLoader.cpp:
+ (WebCore::PingLoader::loadImage):
+ (WebCore::PingLoader::sendPing):
+ (WebCore::PingLoader::sendViolationReport):
+ * loader/ResourceLoadInfo.cpp:
+ (WebCore::ResourceLoadInfo::isThirdParty):
+ * loader/ResourceLoader.cpp:
+ (WebCore::ResourceLoader::init):
+ (WebCore::ResourceLoader::isAllowedToAskUserForCredentials):
+ * loader/SubframeLoader.cpp:
+ (WebCore::SubframeLoader::pluginIsLoadable):
+ (WebCore::SubframeLoader::createJavaAppletWidget):
+ (WebCore::SubframeLoader::loadSubframe):
+ * loader/appcache/ApplicationCacheGroup.cpp:
+ (WebCore::ApplicationCacheGroup::selectCache):
+ (WebCore::ApplicationCacheGroup::selectCacheWithoutManifestURL):
+ (WebCore::ApplicationCacheGroup::update):
+ * loader/cache/CachedResourceLoader.cpp:
+ (WebCore::CachedResourceLoader::canRequest):
+ (WebCore::CachedResourceLoader::canRequestAfterRedirection):
+ (WebCore::CachedResourceLoader::canRequestInContentDispositionAttachmentSandbox):
+ * loader/cache/CachedResourceRequest.cpp:
+ (WebCore::CachedResourceRequest::setAsPotentiallyCrossOrigin):
+ (WebCore::CachedResourceRequest::updateForAccessControl):
+ * loader/cache/CachedResourceRequest.h:
+ (WebCore::CachedResourceRequest::setOrigin):
+ * page/DOMWindow.cpp:
+ (WebCore::DOMWindow::sessionStorage):
+ (WebCore::DOMWindow::localStorage):
+ (WebCore::DOMWindow::postMessage):
+ (WebCore::DOMWindow::dispatchMessageEventWithOriginCheck):
+ (WebCore::DOMWindow::isSameSecurityOriginAsMainFrame):
+ (WebCore::DOMWindow::crossDomainAccessErrorMessage):
+ (WebCore::DOMWindow::isInsecureScriptAccess):
+ * page/DragController.cpp:
+ (WebCore::DragController::dragExited):
+ (WebCore::DragController::tryDocumentDrag):
+ (WebCore::DragController::tryDHTMLDrag):
+ (WebCore::DragController::startDrag):
+ * page/History.cpp:
+ (WebCore::History::stateObjectAdded):
+ * page/Location.cpp:
+ (WebCore::Location::ancestorOrigins):
+ (WebCore::Location::reload):
+ * page/Navigator.cpp:
+ (WebCore::Navigator::javaEnabled):
+ * page/Page.cpp:
+ (WebCore::Page::showAllPlugins):
+ * page/PerformanceResourceTiming.cpp:
+ (WebCore::passesTimingAllowCheck):
+ * page/SecurityOrigin.cpp:
+ (WebCore::SecurityOrigin::canAccess):
+ (WebCore::SecurityOrigin::canRequest):
+ (WebCore::SecurityOrigin::canReceiveDragData):
+ (WebCore::SecurityOrigin::canAccessStorage):
+ (WebCore::SecurityOrigin::isSameOriginAs):
+ (WebCore::SecurityOrigin::equal):
+ (WebCore::SecurityOrigin::isSameSchemeHostPort):
+ * page/SecurityOrigin.h:
+ * page/SecurityOriginData.cpp:
+ (WebCore::SecurityOriginData::fromFrame):
+ * page/SecurityOriginHash.h:
+ (WebCore::SecurityOriginHash::equal):
+ * page/csp/ContentSecurityPolicy.cpp:
+ (WebCore::stripURLForUseInReport):
+ * platform/graphics/avfoundation/cf/MediaPlayerPrivateAVFoundationCF.cpp:
+ (WebCore::MediaPlayerPrivateAVFoundationCF::hasSingleSecurityOrigin):
+ * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
+ (WebCore::MediaPlayerPrivateAVFoundationObjC::hasSingleSecurityOrigin):
+ * platform/graphics/mac/MediaPlayerPrivateQTKit.mm:
+ (WebCore::MediaPlayerPrivateQTKit::hasSingleSecurityOrigin):
+ * rendering/shapes/ShapeOutsideInfo.cpp:
+ (WebCore::checkShapeImageOrigin):
+ * replay/ReplayInputCreationMethods.cpp:
+ (WebCore::InitialNavigation::createFromPage):
+ * replay/ReplayInputDispatchMethods.cpp:
+ (WebCore::InitialNavigation::dispatch):
+ * storage/Storage.cpp:
+ (WebCore::Storage::isDisabledByPrivateBrowsing):
+ * storage/StorageEventDispatcher.cpp:
+ (WebCore::StorageEventDispatcher::dispatchSessionStorageEvents):
+ (WebCore::StorageEventDispatcher::dispatchLocalStorageEvents):
+ * storage/StorageNamespaceProvider.cpp:
+ (WebCore::StorageNamespaceProvider::localStorageArea):
+ * testing/Internals.cpp:
+ (WebCore::Internals::setApplicationCacheOriginQuota):
+ * xml/XSLTProcessorLibxslt.cpp:
+ (WebCore::docLoaderFunc):
+ * xml/parser/XMLDocumentParserLibxml2.cpp:
+ (WebCore::shouldAllowExternalLoad):
+
</ins><span class="cx"> 2017-01-18 Ryan Haddad <ryanhaddad@apple.com>
</span><span class="cx">
</span><span class="cx"> Remove WEBCORE_EXPORT from newly inlined functions after r210845.
</span></span></pre></div>
<a id="trunkSourceWebCoreModulesapplepayApplePaySessioncpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/Modules/applepay/ApplePaySession.cpp (210858 => 210859)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/Modules/applepay/ApplePaySession.cpp 2017-01-18 19:30:50 UTC (rev 210858)
+++ trunk/Source/WebCore/Modules/applepay/ApplePaySession.cpp 2017-01-18 19:35:49 UTC (rev 210859)
</span><span class="lines">@@ -380,7 +380,7 @@
</span><span class="cx"> if (&document != &topDocument) {
</span><span class="cx"> auto& topOrigin = *topDocument.topOrigin();
</span><span class="cx">
</span><del>- if (!document.securityOrigin()->isSameSchemeHostPort(&topOrigin))
</del><ins>+ if (!document.securityOrigin().isSameSchemeHostPort(topOrigin))
</ins><span class="cx"> return Exception { INVALID_ACCESS_ERR, "Trying to call an ApplePaySession API from a document with an different security origin than its top-level frame." };
</span><span class="cx">
</span><span class="cx"> for (auto* ancestorDocument = document.parentDocument(); ancestorDocument != &topDocument; ancestorDocument = ancestorDocument->parentDocument()) {
</span><span class="lines">@@ -387,7 +387,7 @@
</span><span class="cx"> if (!isSecure(*ancestorDocument->loader()))
</span><span class="cx"> return Exception { INVALID_ACCESS_ERR, "Trying to call an ApplePaySession API from a document with an insecure parent frame." };
</span><span class="cx">
</span><del>- if (!ancestorDocument->securityOrigin()->isSameSchemeHostPort(&topOrigin))
</del><ins>+ if (!ancestorDocument->securityOrigin().isSameSchemeHostPort(topOrigin))
</ins><span class="cx"> return Exception { INVALID_ACCESS_ERR, "Trying to call an ApplePaySession API from a document with an different security origin than its top-level frame." };
</span><span class="cx"> }
</span><span class="cx"> }
</span></span></pre></div>
<a id="trunkSourceWebCoreModulesencryptedmediaCDMcpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/Modules/encryptedmedia/CDM.cpp (210858 => 210859)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/Modules/encryptedmedia/CDM.cpp 2017-01-18 19:30:50 UTC (rev 210858)
+++ trunk/Source/WebCore/Modules/encryptedmedia/CDM.cpp 2017-01-18 19:35:49 UTC (rev 210859)
</span><span class="lines">@@ -412,12 +412,12 @@
</span><span class="cx"> if (!document)
</span><span class="cx"> return std::nullopt;
</span><span class="cx">
</span><del>- SecurityOrigin* origin = document->securityOrigin();
</del><ins>+ SecurityOrigin& origin = document->securityOrigin();
</ins><span class="cx"> SecurityOrigin* topOrigin = document->topOrigin();
</span><del>- if (!origin || !topOrigin)
</del><ins>+ if (!topOrigin)
</ins><span class="cx"> return std::nullopt;
</span><span class="cx">
</span><del>- if ((accumulatedConfiguration.distinctiveIdentifier == MediaKeysRequirement::Required || accumulatedConfiguration.persistentState == MediaKeysRequirement::Required) && !origin->canAccessLocalStorage(topOrigin))
</del><ins>+ if ((accumulatedConfiguration.distinctiveIdentifier == MediaKeysRequirement::Required || accumulatedConfiguration.persistentState == MediaKeysRequirement::Required) && !origin.canAccessLocalStorage(topOrigin))
</ins><span class="cx"> return std::nullopt;
</span><span class="cx">
</span><span class="cx"> return WTFMove(accumulatedConfiguration);
</span><span class="lines">@@ -547,9 +547,9 @@
</span><span class="cx"> return;
</span><span class="cx"> }
</span><span class="cx">
</span><del>- SecurityOrigin* origin = document->securityOrigin();
</del><ins>+ SecurityOrigin& origin = document->securityOrigin();
</ins><span class="cx"> SecurityOrigin* topOrigin = document->topOrigin();
</span><del>- if (!origin || !topOrigin) {
</del><ins>+ if (!topOrigin) {
</ins><span class="cx"> callback(ConsentStatus::ConsentDenied, WTFMove(accumulatedConfiguration), WTFMove(restrictions));
</span><span class="cx"> return;
</span><span class="cx"> }
</span><span class="lines">@@ -592,7 +592,7 @@
</span><span class="cx"> // 3.2.1. Update restrictions to reflect the configurations for which consent was denied.
</span><span class="cx"> // 3.2.1. Return ConsentDenied and restrictions.
</span><span class="cx"> // NOTE: assume implied consent if the combination of origin and topOrigin allows it.
</span><del>- if (accumulatedConfiguration.distinctiveIdentifier == MediaKeysRequirement::Required && !origin->canAccessLocalStorage(topOrigin)) {
</del><ins>+ if (accumulatedConfiguration.distinctiveIdentifier == MediaKeysRequirement::Required && !origin.canAccessLocalStorage(topOrigin)) {
</ins><span class="cx"> restrictions.distinctiveIdentifierDenied = true;
</span><span class="cx"> callback(ConsentStatus::ConsentDenied, WTFMove(accumulatedConfiguration), WTFMove(restrictions));
</span><span class="cx"> return;
</span></span></pre></div>
<a id="trunkSourceWebCoreModulesencryptedmedialegacyWebKitMediaKeySessioncpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/Modules/encryptedmedia/legacy/WebKitMediaKeySession.cpp (210858 => 210859)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/Modules/encryptedmedia/legacy/WebKitMediaKeySession.cpp 2017-01-18 19:30:50 UTC (rev 210858)
+++ trunk/Source/WebCore/Modules/encryptedmedia/legacy/WebKitMediaKeySession.cpp 2017-01-18 19:35:49 UTC (rev 210859)
</span><span class="lines">@@ -231,11 +231,7 @@
</span><span class="cx"> if (storageDirectory.isEmpty())
</span><span class="cx"> return emptyString();
</span><span class="cx">
</span><del>- auto* origin = document->securityOrigin();
- if (!origin)
- return emptyString();
-
- return pathByAppendingComponent(storageDirectory, SecurityOriginData::fromSecurityOrigin(*origin).databaseIdentifier());
</del><ins>+ return pathByAppendingComponent(storageDirectory, SecurityOriginData::fromSecurityOrigin(document->securityOrigin()).databaseIdentifier());
</ins><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> bool WebKitMediaKeySession::hasPendingActivity() const
</span></span></pre></div>
<a id="trunkSourceWebCoreModulesmediastreamUserMediaRequestcpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/Modules/mediastream/UserMediaRequest.cpp (210858 => 210859)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/Modules/mediastream/UserMediaRequest.cpp 2017-01-18 19:30:50 UTC (rev 210858)
+++ trunk/Source/WebCore/Modules/mediastream/UserMediaRequest.cpp 2017-01-18 19:35:49 UTC (rev 210859)
</span><span class="lines">@@ -111,7 +111,7 @@
</span><span class="cx"> if (&document != &topDocument) {
</span><span class="cx"> auto& topOrigin = *topDocument.topOrigin();
</span><span class="cx">
</span><del>- if (!document.securityOrigin()->isSameSchemeHostPort(&topOrigin)) {
</del><ins>+ if (!document.securityOrigin().isSameSchemeHostPort(topOrigin)) {
</ins><span class="cx"> errorMessage = "Trying to call getUserMedia from a document with a different security origin than its top-level frame.";
</span><span class="cx"> return false;
</span><span class="cx"> }
</span><span class="lines">@@ -122,7 +122,7 @@
</span><span class="cx"> return false;
</span><span class="cx"> }
</span><span class="cx">
</span><del>- if (!ancestorDocument->securityOrigin()->isSameSchemeHostPort(&topOrigin)) {
</del><ins>+ if (!ancestorDocument->securityOrigin().isSameSchemeHostPort(topOrigin)) {
</ins><span class="cx"> errorMessage = "Trying to call getUserMedia from a document with a different security origin than its top-level frame.";
</span><span class="cx"> return false;
</span><span class="cx"> }
</span></span></pre></div>
<a id="trunkSourceWebCoreModuleswebdatabaseDOMWindowWebDatabasecpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/Modules/webdatabase/DOMWindowWebDatabase.cpp (210858 => 210859)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/Modules/webdatabase/DOMWindowWebDatabase.cpp 2017-01-18 19:30:50 UTC (rev 210858)
+++ trunk/Source/WebCore/Modules/webdatabase/DOMWindowWebDatabase.cpp 2017-01-18 19:35:49 UTC (rev 210859)
</span><span class="lines">@@ -46,11 +46,9 @@
</span><span class="cx"> auto* document = window.document();
</span><span class="cx"> if (!document)
</span><span class="cx"> return Exception { SECURITY_ERR };
</span><del>- auto* securityOrigin = document->securityOrigin();
- if (!securityOrigin)
</del><ins>+ auto& securityOrigin = document->securityOrigin();
+ if (!securityOrigin.canAccessDatabase(document->topOrigin()))
</ins><span class="cx"> return Exception { SECURITY_ERR };
</span><del>- if (!securityOrigin->canAccessDatabase(document->topOrigin()))
- return Exception { SECURITY_ERR };
</del><span class="cx"> auto result = manager.openDatabase(*window.document(), name, version, displayName, estimatedSize, WTFMove(creationCallback));
</span><span class="cx"> if (result.hasException()) {
</span><span class="cx"> // FIXME: To preserve our past behavior, this discards the error string in the exception.
</span></span></pre></div>
<a id="trunkSourceWebCoreModuleswebdatabaseDatabaseContextcpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/Modules/webdatabase/DatabaseContext.cpp (210858 => 210859)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/Modules/webdatabase/DatabaseContext.cpp 2017-01-18 19:30:50 UTC (rev 210858)
+++ trunk/Source/WebCore/Modules/webdatabase/DatabaseContext.cpp 2017-01-18 19:35:49 UTC (rev 210859)
</span><span class="lines">@@ -190,7 +190,7 @@
</span><span class="cx"> {
</span><span class="cx"> if (is<Document>(*m_scriptExecutionContext)) {
</span><span class="cx"> Document& document = downcast<Document>(*m_scriptExecutionContext);
</span><del>- if (!document.page() || (document.page()->usesEphemeralSession() && !SchemeRegistry::allowsDatabaseAccessInPrivateBrowsing(document.securityOrigin()->protocol())))
</del><ins>+ if (!document.page() || (document.page()->usesEphemeralSession() && !SchemeRegistry::allowsDatabaseAccessInPrivateBrowsing(document.securityOrigin().protocol())))
</ins><span class="cx"> return false;
</span><span class="cx"> return true;
</span><span class="cx"> }
</span></span></pre></div>
<a id="trunkSourceWebCoreModuleswebsocketsWebSocketHandshakecpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/Modules/websockets/WebSocketHandshake.cpp (210858 => 210859)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/Modules/websockets/WebSocketHandshake.cpp 2017-01-18 19:30:50 UTC (rev 210858)
+++ trunk/Source/WebCore/Modules/websockets/WebSocketHandshake.cpp 2017-01-18 19:35:49 UTC (rev 210859)
</span><span class="lines">@@ -169,7 +169,7 @@
</span><span class="cx">
</span><span class="cx"> String WebSocketHandshake::clientOrigin() const
</span><span class="cx"> {
</span><del>- return m_document->securityOrigin()->toString();
</del><ins>+ return m_document->securityOrigin().toString();
</ins><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> String WebSocketHandshake::clientLocation() const
</span></span></pre></div>
<a id="trunkSourceWebCorebindingsjsJSDOMBindingcpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/bindings/js/JSDOMBinding.cpp (210858 => 210859)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/bindings/js/JSDOMBinding.cpp 2017-01-18 19:30:50 UTC (rev 210858)
+++ trunk/Source/WebCore/bindings/js/JSDOMBinding.cpp 2017-01-18 19:35:49 UTC (rev 210859)
</span><span class="lines">@@ -773,7 +773,7 @@
</span><span class="cx">
</span><span class="cx"> DOMWindow& active = activeDOMWindow(state);
</span><span class="cx">
</span><del>- if (active.document()->securityOrigin()->canAccess(targetDocument->securityOrigin()))
</del><ins>+ if (active.document()->securityOrigin().canAccess(targetDocument->securityOrigin()))
</ins><span class="cx"> return true;
</span><span class="cx">
</span><span class="cx"> switch (reportingOption) {
</span></span></pre></div>
<a id="trunkSourceWebCorebindingsjsScriptControllercpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/bindings/js/ScriptController.cpp (210858 => 210859)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/bindings/js/ScriptController.cpp 2017-01-18 19:30:50 UTC (rev 210858)
+++ trunk/Source/WebCore/bindings/js/ScriptController.cpp 2017-01-18 19:35:49 UTC (rev 210859)
</span><span class="lines">@@ -541,7 +541,7 @@
</span><span class="cx"> {
</span><span class="cx"> for (ShellMap::iterator iter = m_windowShells.begin(); iter != m_windowShells.end(); ++iter) {
</span><span class="cx"> JSC::ExecState* exec = iter->value->window()->globalExec();
</span><del>- SecurityOrigin* origin = iter->value->window()->wrapped().document()->securityOrigin();
</del><ins>+ SecurityOrigin* origin = &iter->value->window()->wrapped().document()->securityOrigin();
</ins><span class="cx"> result.append(std::pair<JSC::ExecState*, SecurityOrigin*>(exec, origin));
</span><span class="cx"> }
</span><span class="cx"> }
</span></span></pre></div>
<a id="trunkSourceWebCorecssCSSStyleSheetcpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/css/CSSStyleSheet.cpp (210858 => 210859)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/css/CSSStyleSheet.cpp 2017-01-18 19:30:50 UTC (rev 210858)
+++ trunk/Source/WebCore/css/CSSStyleSheet.cpp 2017-01-18 19:35:49 UTC (rev 210859)
</span><span class="lines">@@ -257,7 +257,7 @@
</span><span class="cx"> Document* document = ownerDocument();
</span><span class="cx"> if (!document)
</span><span class="cx"> return true;
</span><del>- return document->securityOrigin()->canRequest(baseURL);
</del><ins>+ return document->securityOrigin().canRequest(baseURL);
</ins><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> RefPtr<CSSRuleList> CSSStyleSheet::rules()
</span></span></pre></div>
<a id="trunkSourceWebCorecssRuleSetcpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/css/RuleSet.cpp (210858 => 210859)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/css/RuleSet.cpp 2017-01-18 19:30:50 UTC (rev 210858)
+++ trunk/Source/WebCore/css/RuleSet.cpp 2017-01-18 19:35:49 UTC (rev 210859)
</span><span class="lines">@@ -411,7 +411,7 @@
</span><span class="cx"> addRulesFromSheet(*rule->styleSheet(), medium, resolver);
</span><span class="cx"> }
</span><span class="cx">
</span><del>- bool hasDocumentSecurityOrigin = resolver && resolver->document().securityOrigin()->canRequest(sheet.baseURL());
</del><ins>+ bool hasDocumentSecurityOrigin = resolver && resolver->document().securityOrigin().canRequest(sheet.baseURL());
</ins><span class="cx"> AddRuleFlags addRuleFlags = static_cast<AddRuleFlags>((hasDocumentSecurityOrigin ? RuleHasDocumentSecurityOrigin : 0));
</span><span class="cx">
</span><span class="cx"> // FIXME: Skip Content Security Policy check when stylesheet is in a user agent shadow tree.
</span></span></pre></div>
<a id="trunkSourceWebCorecssStyleRuleImportcpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/css/StyleRuleImport.cpp (210858 => 210859)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/css/StyleRuleImport.cpp 2017-01-18 19:30:50 UTC (rev 210858)
+++ trunk/Source/WebCore/css/StyleRuleImport.cpp 2017-01-18 19:35:49 UTC (rev 210859)
</span><span class="lines">@@ -73,7 +73,7 @@
</span><span class="cx">
</span><span class="cx"> Document* document = m_parentStyleSheet ? m_parentStyleSheet->singleOwnerDocument() : nullptr;
</span><span class="cx"> m_styleSheet = StyleSheetContents::create(this, href, context);
</span><del>- m_styleSheet->parseAuthorStyleSheet(cachedStyleSheet, document ? document->securityOrigin() : nullptr);
</del><ins>+ m_styleSheet->parseAuthorStyleSheet(cachedStyleSheet, document ? &document->securityOrigin() : nullptr);
</ins><span class="cx">
</span><span class="cx"> m_loading = false;
</span><span class="cx">
</span></span></pre></div>
<a id="trunkSourceWebCoredomDocumentcpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/dom/Document.cpp (210858 => 210859)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/dom/Document.cpp 2017-01-18 19:30:50 UTC (rev 210858)
+++ trunk/Source/WebCore/dom/Document.cpp 2017-01-18 19:35:49 UTC (rev 210859)
</span><span class="lines">@@ -373,7 +373,7 @@
</span><span class="cx"> return frame->editor().shouldBeginEditing(rangeOfContents(*root).ptr());
</span><span class="cx"> }
</span><span class="cx">
</span><del>-static bool canAccessAncestor(const SecurityOrigin* activeSecurityOrigin, Frame* targetFrame)
</del><ins>+static bool canAccessAncestor(const SecurityOrigin& activeSecurityOrigin, Frame* targetFrame)
</ins><span class="cx"> {
</span><span class="cx"> // targetFrame can be 0 when we're trying to navigate a top-level frame
</span><span class="cx"> // that has a 0 opener.
</span><span class="lines">@@ -380,7 +380,7 @@
</span><span class="cx"> if (!targetFrame)
</span><span class="cx"> return false;
</span><span class="cx">
</span><del>- const bool isLocalActiveOrigin = activeSecurityOrigin->isLocal();
</del><ins>+ const bool isLocalActiveOrigin = activeSecurityOrigin.isLocal();
</ins><span class="cx"> for (Frame* ancestorFrame = targetFrame; ancestorFrame; ancestorFrame = ancestorFrame->tree().parent()) {
</span><span class="cx"> Document* ancestorDocument = ancestorFrame->document();
</span><span class="cx"> // FIXME: Should be an ASSERT? Frames should alway have documents.
</span><span class="lines">@@ -387,14 +387,14 @@
</span><span class="cx"> if (!ancestorDocument)
</span><span class="cx"> return true;
</span><span class="cx">
</span><del>- const SecurityOrigin* ancestorSecurityOrigin = ancestorDocument->securityOrigin();
- if (activeSecurityOrigin->canAccess(ancestorSecurityOrigin))
</del><ins>+ const SecurityOrigin& ancestorSecurityOrigin = ancestorDocument->securityOrigin();
+ if (activeSecurityOrigin.canAccess(ancestorSecurityOrigin))
</ins><span class="cx"> return true;
</span><span class="cx">
</span><span class="cx"> // Allow file URL descendant navigation even when allowFileAccessFromFileURLs is false.
</span><span class="cx"> // FIXME: It's a bit strange to special-case local origins here. Should we be doing
</span><span class="cx"> // something more general instead?
</span><del>- if (isLocalActiveOrigin && ancestorSecurityOrigin->isLocal())
</del><ins>+ if (isLocalActiveOrigin && ancestorSecurityOrigin.isLocal())
</ins><span class="cx"> return true;
</span><span class="cx"> }
</span><span class="cx">
</span><span class="lines">@@ -3041,7 +3041,7 @@
</span><span class="cx"> Frame* ancestorFrame = currentFrame->tree().parent();
</span><span class="cx">
</span><span class="cx"> while (ancestorFrame) {
</span><del>- if (!ancestorFrame->document()->securityOrigin()->canAccess(securityOrigin()))
</del><ins>+ if (!ancestorFrame->document()->securityOrigin().canAccess(securityOrigin()))
</ins><span class="cx"> return currentFrame;
</span><span class="cx"> currentFrame = ancestorFrame;
</span><span class="cx"> ancestorFrame = ancestorFrame->tree().parent();
</span><span class="lines">@@ -4230,7 +4230,7 @@
</span><span class="cx"> // INVALID_STATE_ERR exception on getting if the Document has no
</span><span class="cx"> // browsing context.
</span><span class="cx">
</span><del>- if (!securityOrigin()->canAccessCookies())
</del><ins>+ if (!securityOrigin().canAccessCookies())
</ins><span class="cx"> return Exception { SECURITY_ERR };
</span><span class="cx">
</span><span class="cx"> URL cookieURL = this->cookieURL();
</span><span class="lines">@@ -4252,7 +4252,7 @@
</span><span class="cx"> // INVALID_STATE_ERR exception on setting if the Document has no
</span><span class="cx"> // browsing context.
</span><span class="cx">
</span><del>- if (!securityOrigin()->canAccessCookies())
</del><ins>+ if (!securityOrigin().canAccessCookies())
</ins><span class="cx"> return Exception { SECURITY_ERR };
</span><span class="cx">
</span><span class="cx"> URL cookieURL = this->cookieURL();
</span><span class="lines">@@ -4273,17 +4273,17 @@
</span><span class="cx">
</span><span class="cx"> String Document::origin() const
</span><span class="cx"> {
</span><del>- return SecurityOriginData::fromSecurityOrigin(*securityOrigin()).databaseIdentifier();
</del><ins>+ return SecurityOriginData::fromSecurityOrigin(securityOrigin()).databaseIdentifier();
</ins><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> String Document::domain() const
</span><span class="cx"> {
</span><del>- return securityOrigin()->domain();
</del><ins>+ return securityOrigin().domain();
</ins><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> ExceptionOr<void> Document::setDomain(const String& newDomain)
</span><span class="cx"> {
</span><del>- if (SchemeRegistry::isDomainRelaxationForbiddenForURLScheme(securityOrigin()->protocol()))
</del><ins>+ if (SchemeRegistry::isDomainRelaxationForbiddenForURLScheme(securityOrigin().protocol()))
</ins><span class="cx"> return Exception { SECURITY_ERR };
</span><span class="cx">
</span><span class="cx"> // Both NS and IE specify that changing the domain is only allowed when
</span><span class="lines">@@ -4294,13 +4294,13 @@
</span><span class="cx"> String oldDomain = domain();
</span><span class="cx">
</span><span class="cx"> // If the new domain is the same as the old domain, still call
</span><del>- // securityOrigin()->setDomainForDOM. This will change the
</del><ins>+ // securityOrigin().setDomainForDOM. This will change the
</ins><span class="cx"> // security check behavior. For example, if a page loaded on port 8000
</span><span class="cx"> // assigns its current domain using document.domain, the page will
</span><span class="cx"> // allow other pages loaded on different ports in the same domain that
</span><span class="cx"> // have also assigned to access this page.
</span><span class="cx"> if (equalIgnoringASCIICase(oldDomain, newDomain)) {
</span><del>- securityOrigin()->setDomainFromDOM(newDomain);
</del><ins>+ securityOrigin().setDomainFromDOM(newDomain);
</ins><span class="cx"> return { };
</span><span class="cx"> }
</span><span class="cx">
</span><span class="lines">@@ -4311,8 +4311,8 @@
</span><span class="cx"> return Exception { SECURITY_ERR };
</span><span class="cx">
</span><span class="cx"> auto ipAddressSetting = settings() && settings()->treatIPAddressAsDomain() ? OriginAccessEntry::TreatIPAddressAsDomain : OriginAccessEntry::TreatIPAddressAsIPAddress;
</span><del>- OriginAccessEntry accessEntry { securityOrigin()->protocol(), newDomain, OriginAccessEntry::AllowSubdomains, ipAddressSetting };
- if (!accessEntry.matchesOrigin(*securityOrigin()))
</del><ins>+ OriginAccessEntry accessEntry { securityOrigin().protocol(), newDomain, OriginAccessEntry::AllowSubdomains, ipAddressSetting };
+ if (!accessEntry.matchesOrigin(securityOrigin()))
</ins><span class="cx"> return Exception { SECURITY_ERR };
</span><span class="cx">
</span><span class="cx"> if (oldDomain[oldLength - newLength - 1] != '.')
</span><span class="lines">@@ -4320,7 +4320,7 @@
</span><span class="cx"> if (StringView { oldDomain }.substring(oldLength - newLength) != newDomain)
</span><span class="cx"> return Exception { SECURITY_ERR };
</span><span class="cx">
</span><del>- securityOrigin()->setDomainFromDOM(newDomain);
</del><ins>+ securityOrigin().setDomainFromDOM(newDomain);
</ins><span class="cx"> return { };
</span><span class="cx"> }
</span><span class="cx">
</span><span class="lines">@@ -4646,7 +4646,7 @@
</span><span class="cx"> void Document::storageBlockingStateDidChange()
</span><span class="cx"> {
</span><span class="cx"> if (Settings* settings = this->settings())
</span><del>- securityOrigin()->setStorageBlockingPolicy(settings->storageBlockingPolicy());
</del><ins>+ securityOrigin().setStorageBlockingPolicy(settings->storageBlockingPolicy());
</ins><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> void Document::privateBrowsingStateDidChange()
</span><span class="lines">@@ -5084,7 +5084,7 @@
</span><span class="cx"> void Document::initSecurityContext()
</span><span class="cx"> {
</span><span class="cx"> if (haveInitializedSecurityOrigin()) {
</span><del>- ASSERT(securityOrigin());
</del><ins>+ ASSERT(SecurityContext::securityOrigin());
</ins><span class="cx"> return;
</span><span class="cx"> }
</span><span class="cx">
</span><span class="lines">@@ -5121,23 +5121,23 @@
</span><span class="cx">
</span><span class="cx"> if (Settings* settings = this->settings()) {
</span><span class="cx"> if (settings->needsStorageAccessFromFileURLsQuirk())
</span><del>- securityOrigin()->grantStorageAccessFromFileURLsQuirk();
</del><ins>+ securityOrigin().grantStorageAccessFromFileURLsQuirk();
</ins><span class="cx"> if (!settings->webSecurityEnabled()) {
</span><span class="cx"> // Web security is turned off. We should let this document access every other document. This is used primary by testing
</span><span class="cx"> // harnesses for web sites.
</span><del>- securityOrigin()->grantUniversalAccess();
- } else if (securityOrigin()->isLocal()) {
</del><ins>+ securityOrigin().grantUniversalAccess();
+ } else if (securityOrigin().isLocal()) {
</ins><span class="cx"> if (settings->allowUniversalAccessFromFileURLs() || m_frame->loader().client().shouldForceUniversalAccessFromLocalURL(m_url)) {
</span><span class="cx"> // Some clients want local URLs to have universal access, but that setting is dangerous for other clients.
</span><del>- securityOrigin()->grantUniversalAccess();
</del><ins>+ securityOrigin().grantUniversalAccess();
</ins><span class="cx"> } else if (!settings->allowFileAccessFromFileURLs()) {
</span><span class="cx"> // Some clients want local URLs to have even tighter restrictions by default, and not be able to access other local files.
</span><span class="cx"> // FIXME 81578: The naming of this is confusing. Files with restricted access to other local files
</span><span class="cx"> // still can have other privileges that can be remembered, thereby not making them unique origins.
</span><del>- securityOrigin()->enforceFilePathSeparation();
</del><ins>+ securityOrigin().enforceFilePathSeparation();
</ins><span class="cx"> }
</span><span class="cx"> }
</span><del>- securityOrigin()->setStorageBlockingPolicy(settings->storageBlockingPolicy());
</del><ins>+ securityOrigin().setStorageBlockingPolicy(settings->storageBlockingPolicy());
</ins><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> Document* parentDocument = ownerElement() ? &ownerElement()->document() : nullptr;
</span><span class="lines">@@ -5178,8 +5178,8 @@
</span><span class="cx"> // but we're also sandboxed, the only thing we inherit is the ability
</span><span class="cx"> // to load local resources. This lets about:blank iframes in file://
</span><span class="cx"> // URL documents load images and other resources from the file system.
</span><del>- if (ownerFrame->document()->securityOrigin()->canLoadLocalResources())
- securityOrigin()->grantLoadLocalResources();
</del><ins>+ if (ownerFrame->document()->securityOrigin().canLoadLocalResources())
+ securityOrigin().grantLoadLocalResources();
</ins><span class="cx"> return;
</span><span class="cx"> }
</span><span class="cx">
</span><span class="lines">@@ -5320,7 +5320,7 @@
</span><span class="cx"> Settings* settings = this->settings();
</span><span class="cx">
</span><span class="cx"> m_haveExplicitlyDisabledDNSPrefetch = false;
</span><del>- m_isDNSPrefetchEnabled = settings && settings->dnsPrefetchingEnabled() && securityOrigin()->protocol() == "http";
</del><ins>+ m_isDNSPrefetchEnabled = settings && settings->dnsPrefetchingEnabled() && securityOrigin().protocol() == "http";
</ins><span class="cx">
</span><span class="cx"> // Inherit DNS prefetch opt-out from parent frame
</span><span class="cx"> if (Document* parent = parentDocument()) {
</span><span class="lines">@@ -5364,7 +5364,7 @@
</span><span class="cx">
</span><span class="cx"> SecurityOrigin* Document::topOrigin() const
</span><span class="cx"> {
</span><del>- return topDocument().securityOrigin();
</del><ins>+ return &topDocument().securityOrigin();
</ins><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> void Document::postTask(Task&& task)
</span></span></pre></div>
<a id="trunkSourceWebCoredomDocumenth"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/dom/Document.h (210858 => 210859)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/dom/Document.h 2017-01-18 19:30:50 UTC (rev 210858)
+++ trunk/Source/WebCore/dom/Document.h 2017-01-18 19:35:49 UTC (rev 210859)
</span><span class="lines">@@ -1222,6 +1222,8 @@
</span><span class="cx">
</span><span class="cx"> WEBCORE_EXPORT void addConsoleMessage(MessageSource, MessageLevel, const String& message, unsigned long requestIdentifier = 0) final;
</span><span class="cx">
</span><ins>+ SecurityOrigin& securityOrigin() const { return *SecurityContext::securityOrigin(); }
+
</ins><span class="cx"> WEBCORE_EXPORT SecurityOrigin* topOrigin() const final;
</span><span class="cx">
</span><span class="cx"> Ref<FontFaceSet> fonts();
</span></span></pre></div>
<a id="trunkSourceWebCoredomSecurityContextcpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/dom/SecurityContext.cpp (210858 => 210859)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/dom/SecurityContext.cpp 2017-01-18 19:30:50 UTC (rev 210858)
+++ trunk/Source/WebCore/dom/SecurityContext.cpp 2017-01-18 19:35:49 UTC (rev 210859)
</span><span class="lines">@@ -73,7 +73,7 @@
</span><span class="cx"> if (!haveInitializedSecurityOrigin())
</span><span class="cx"> return true;
</span><span class="cx">
</span><del>- return securityOriginPolicy()->origin().canAccess(SecurityOrigin::create(url).ptr());
</del><ins>+ return securityOriginPolicy()->origin().canAccess(SecurityOrigin::create(url).get());
</ins><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> void SecurityContext::enforceSandboxFlags(SandboxFlags mask)
</span></span></pre></div>
<a id="trunkSourceWebCorehtmlHTMLAnchorElementcpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/html/HTMLAnchorElement.cpp (210858 => 210859)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/html/HTMLAnchorElement.cpp 2017-01-18 19:30:50 UTC (rev 210858)
+++ trunk/Source/WebCore/html/HTMLAnchorElement.cpp 2017-01-18 19:35:49 UTC (rev 210859)
</span><span class="lines">@@ -381,7 +381,7 @@
</span><span class="cx"> #if ENABLE(DOWNLOAD_ATTRIBUTE)
</span><span class="cx"> if (RuntimeEnabledFeatures::sharedFeatures().downloadAttributeEnabled()) {
</span><span class="cx"> // Ignore the download attribute completely if the href URL is cross origin.
</span><del>- bool isSameOrigin = completedURL.protocolIsData() || document().securityOrigin()->canRequest(completedURL);
</del><ins>+ bool isSameOrigin = completedURL.protocolIsData() || document().securityOrigin().canRequest(completedURL);
</ins><span class="cx"> if (isSameOrigin)
</span><span class="cx"> downloadAttribute = attributeWithoutSynchronization(downloadAttr);
</span><span class="cx"> else if (hasAttributeWithoutSynchronization(downloadAttr))
</span></span></pre></div>
<a id="trunkSourceWebCorehtmlHTMLAppletElementcpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/html/HTMLAppletElement.cpp (210858 => 210859)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/html/HTMLAppletElement.cpp 2017-01-18 19:30:50 UTC (rev 210858)
+++ trunk/Source/WebCore/html/HTMLAppletElement.cpp 2017-01-18 19:35:49 UTC (rev 210859)
</span><span class="lines">@@ -188,7 +188,7 @@
</span><span class="cx"> if (!settings->isJavaEnabled())
</span><span class="cx"> return false;
</span><span class="cx">
</span><del>- if (document().securityOrigin()->isLocal() && !settings->isJavaEnabledForLocalFiles())
</del><ins>+ if (document().securityOrigin().isLocal() && !settings->isJavaEnabledForLocalFiles())
</ins><span class="cx"> return false;
</span><span class="cx">
</span><span class="cx"> return true;
</span></span></pre></div>
<a id="trunkSourceWebCorehtmlHTMLCanvasElementcpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/html/HTMLCanvasElement.cpp (210858 => 210859)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/html/HTMLCanvasElement.cpp 2017-01-18 19:30:50 UTC (rev 210858)
+++ trunk/Source/WebCore/html/HTMLCanvasElement.cpp 2017-01-18 19:35:49 UTC (rev 210859)
</span><span class="lines">@@ -535,7 +535,7 @@
</span><span class="cx">
</span><span class="cx"> SecurityOrigin* HTMLCanvasElement::securityOrigin() const
</span><span class="cx"> {
</span><del>- return document().securityOrigin();
</del><ins>+ return &document().securityOrigin();
</ins><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> bool HTMLCanvasElement::shouldAccelerate(const IntSize& size) const
</span></span></pre></div>
<a id="trunkSourceWebCorehtmlHTMLLinkElementcpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/html/HTMLLinkElement.cpp (210858 => 210859)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/html/HTMLLinkElement.cpp 2017-01-18 19:30:50 UTC (rev 210858)
+++ trunk/Source/WebCore/html/HTMLLinkElement.cpp 2017-01-18 19:35:49 UTC (rev 210859)
</span><span class="lines">@@ -381,7 +381,7 @@
</span><span class="cx"> auto styleSheet = StyleSheetContents::create(href, parserContext);
</span><span class="cx"> initializeStyleSheet(styleSheet.copyRef(), *cachedStyleSheet);
</span><span class="cx">
</span><del>- styleSheet.get().parseAuthorStyleSheet(cachedStyleSheet, document().securityOrigin());
</del><ins>+ styleSheet.get().parseAuthorStyleSheet(cachedStyleSheet, &document().securityOrigin());
</ins><span class="cx">
</span><span class="cx"> m_loading = false;
</span><span class="cx"> styleSheet.get().notifyLoadedSheet(cachedStyleSheet);
</span></span></pre></div>
<a id="trunkSourceWebCorehtmlHTMLMediaElementcpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/html/HTMLMediaElement.cpp (210858 => 210859)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/html/HTMLMediaElement.cpp 2017-01-18 19:30:50 UTC (rev 210858)
+++ trunk/Source/WebCore/html/HTMLMediaElement.cpp 2017-01-18 19:35:49 UTC (rev 210859)
</span><span class="lines">@@ -1966,7 +1966,7 @@
</span><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> Frame* frame = document().frame();
</span><del>- if (!frame || !document().securityOrigin()->canDisplay(url)) {
</del><ins>+ if (!frame || !document().securityOrigin().canDisplay(url)) {
</ins><span class="cx"> if (actionIfInvalid == Complain)
</span><span class="cx"> FrameLoader::reportLocalLoadFailed(frame, url.stringCenterEllipsizedToLength());
</span><span class="cx"> LOG(Media, "HTMLMediaElement::isSafeToLoadURL(%p) - %s -> FALSE rejected by SecurityOrigin", this, urlForLoggingMedia(url).utf8().data());
</span><span class="lines">@@ -2432,11 +2432,7 @@
</span><span class="cx"> if (storageDirectory.isEmpty())
</span><span class="cx"> return emptyString();
</span><span class="cx">
</span><del>- SecurityOrigin* origin = document().securityOrigin();
- if (!origin)
- return emptyString();
-
- return pathByAppendingComponent(storageDirectory, SecurityOriginData::fromSecurityOrigin(*origin).databaseIdentifier());
</del><ins>+ return pathByAppendingComponent(storageDirectory, SecurityOriginData::fromSecurityOrigin(document().securityOrigin()).databaseIdentifier());
</ins><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> void HTMLMediaElement::webkitSetMediaKeys(WebKitMediaKeys* mediaKeys)
</span></span></pre></div>
<a id="trunkSourceWebCorehtmlHTMLPlugInImageElementcpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/html/HTMLPlugInImageElement.cpp (210858 => 210859)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/html/HTMLPlugInImageElement.cpp 2017-01-18 19:30:50 UTC (rev 210858)
+++ trunk/Source/WebCore/html/HTMLPlugInImageElement.cpp 2017-01-18 19:35:49 UTC (rev 210859)
</span><span class="lines">@@ -139,7 +139,7 @@
</span><span class="cx"> bool HTMLPlugInImageElement::allowedToLoadFrameURL(const String& url)
</span><span class="cx"> {
</span><span class="cx"> URL completeURL = document().completeURL(url);
</span><del>- if (contentFrame() && protocolIsJavaScript(completeURL) && !document().securityOrigin()->canAccess(contentDocument()->securityOrigin()))
</del><ins>+ if (contentFrame() && protocolIsJavaScript(completeURL) && !document().securityOrigin().canAccess(contentDocument()->securityOrigin()))
</ins><span class="cx"> return false;
</span><span class="cx"> return document().frame()->isURLAllowed(completeURL);
</span><span class="cx"> }
</span></span></pre></div>
<a id="trunkSourceWebCoreinspectorInspectorDOMStorageAgentcpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/inspector/InspectorDOMStorageAgent.cpp (210858 => 210859)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/inspector/InspectorDOMStorageAgent.cpp 2017-01-18 19:30:50 UTC (rev 210858)
+++ trunk/Source/WebCore/inspector/InspectorDOMStorageAgent.cpp 2017-01-18 19:35:49 UTC (rev 210859)
</span><span class="lines">@@ -145,9 +145,9 @@
</span><span class="cx"> ASSERT(document);
</span><span class="cx"> DOMWindow* window = document->domWindow();
</span><span class="cx"> ASSERT(window);
</span><del>- RefPtr<SecurityOrigin> securityOrigin = document->securityOrigin();
</del><ins>+ Ref<SecurityOrigin> securityOrigin = document->securityOrigin();
</ins><span class="cx"> bool isLocalStorage = window->optionalLocalStorage() == storage;
</span><del>- return storageId(securityOrigin.get(), isLocalStorage)->toJSONString();
</del><ins>+ return storageId(securityOrigin.ptr(), isLocalStorage)->toJSONString();
</ins><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> RefPtr<Inspector::Protocol::DOMStorage::StorageId> InspectorDOMStorageAgent::storageId(SecurityOrigin* securityOrigin, bool isLocalStorage)
</span><span class="lines">@@ -195,7 +195,7 @@
</span><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> if (!isLocalStorage)
</span><del>- return m_pageAgent->page().sessionStorage()->storageArea(SecurityOriginData::fromSecurityOrigin(*targetFrame->document()->securityOrigin()));
</del><ins>+ return m_pageAgent->page().sessionStorage()->storageArea(SecurityOriginData::fromSecurityOrigin(targetFrame->document()->securityOrigin()));
</ins><span class="cx"> return m_pageAgent->page().storageNamespaceProvider().localStorageArea(*targetFrame->document());
</span><span class="cx"> }
</span><span class="cx">
</span></span></pre></div>
<a id="trunkSourceWebCoreinspectorInspectorIndexedDBAgentcpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/inspector/InspectorIndexedDBAgent.cpp (210858 => 210859)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/inspector/InspectorIndexedDBAgent.cpp 2017-01-18 19:30:50 UTC (rev 210858)
+++ trunk/Source/WebCore/inspector/InspectorIndexedDBAgent.cpp 2017-01-18 19:35:49 UTC (rev 210859)
</span><span class="lines">@@ -573,9 +573,7 @@
</span><span class="cx"> if (!document)
</span><span class="cx"> return;
</span><span class="cx">
</span><del>- auto* openingOrigin = document->securityOrigin();
- if (!openingOrigin)
- return;
</del><ins>+ auto& openingOrigin = document->securityOrigin();
</ins><span class="cx">
</span><span class="cx"> auto* topOrigin = document->topOrigin();
</span><span class="cx"> if (!topOrigin)
</span><span class="lines">@@ -586,7 +584,7 @@
</span><span class="cx"> return;
</span><span class="cx">
</span><span class="cx"> RefPtr<RequestDatabaseNamesCallback> callback = WTFMove(requestCallback);
</span><del>- idbFactory->getAllDatabaseNames(*topOrigin, *openingOrigin, [callback](auto& databaseNames) {
</del><ins>+ idbFactory->getAllDatabaseNames(*topOrigin, openingOrigin, [callback](auto& databaseNames) {
</ins><span class="cx"> if (!callback->isActive())
</span><span class="cx"> return;
</span><span class="cx">
</span><span class="lines">@@ -610,7 +608,7 @@
</span><span class="cx"> return;
</span><span class="cx">
</span><span class="cx"> Ref<DatabaseLoader> databaseLoader = DatabaseLoader::create(document, WTFMove(requestCallback));
</span><del>- databaseLoader->start(idbFactory, document->securityOrigin(), databaseName);
</del><ins>+ databaseLoader->start(idbFactory, &document->securityOrigin(), databaseName);
</ins><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> void InspectorIndexedDBAgent::requestData(ErrorString& errorString, const String& securityOrigin, const String& databaseName, const String& objectStoreName, const String& indexName, int skipCount, int pageSize, const InspectorObject* keyRange, Ref<RequestDataCallback>&& requestCallback)
</span><span class="lines">@@ -633,7 +631,7 @@
</span><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> Ref<DataLoader> dataLoader = DataLoader::create(document, WTFMove(requestCallback), injectedScript, objectStoreName, indexName, WTFMove(idbKeyRange), skipCount, pageSize);
</span><del>- dataLoader->start(idbFactory, document->securityOrigin(), databaseName);
</del><ins>+ dataLoader->start(idbFactory, &document->securityOrigin(), databaseName);
</ins><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> class ClearObjectStoreListener final : public EventListener {
</span><span class="lines">@@ -735,7 +733,7 @@
</span><span class="cx"> return;
</span><span class="cx">
</span><span class="cx"> Ref<ClearObjectStore> clearObjectStore = ClearObjectStore::create(document, objectStoreName, WTFMove(requestCallback));
</span><del>- clearObjectStore->start(idbFactory, document->securityOrigin(), databaseName);
</del><ins>+ clearObjectStore->start(idbFactory, &document->securityOrigin(), databaseName);
</ins><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> } // namespace WebCore
</span></span></pre></div>
<a id="trunkSourceWebCoreinspectorInspectorPageAgentcpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/inspector/InspectorPageAgent.cpp (210858 => 210859)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/inspector/InspectorPageAgent.cpp 2017-01-18 19:30:50 UTC (rev 210858)
+++ trunk/Source/WebCore/inspector/InspectorPageAgent.cpp 2017-01-18 19:35:49 UTC (rev 210859)
</span><span class="lines">@@ -765,7 +765,7 @@
</span><span class="cx"> Frame* InspectorPageAgent::findFrameWithSecurityOrigin(const String& originRawString)
</span><span class="cx"> {
</span><span class="cx"> for (Frame* frame = &m_page.mainFrame(); frame; frame = frame->tree().traverseNext()) {
</span><del>- RefPtr<SecurityOrigin> documentOrigin = frame->document()->securityOrigin();
</del><ins>+ Ref<SecurityOrigin> documentOrigin = frame->document()->securityOrigin();
</ins><span class="cx"> if (documentOrigin->toRawString() == originRawString)
</span><span class="cx"> return frame;
</span><span class="cx"> }
</span><span class="lines">@@ -869,7 +869,7 @@
</span><span class="cx"> .setLoaderId(loaderId(frame->loader().documentLoader()))
</span><span class="cx"> .setUrl(frame->document()->url().string())
</span><span class="cx"> .setMimeType(frame->loader().documentLoader()->responseMIMEType())
</span><del>- .setSecurityOrigin(frame->document()->securityOrigin()->toRawString())
</del><ins>+ .setSecurityOrigin(frame->document()->securityOrigin().toRawString())
</ins><span class="cx"> .release();
</span><span class="cx"> if (frame->tree().parent())
</span><span class="cx"> frameObject->setParentId(frameId(frame->tree().parent()));
</span></span></pre></div>
<a id="trunkSourceWebCoreloaderDocumentLoadercpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/loader/DocumentLoader.cpp (210858 => 210859)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/loader/DocumentLoader.cpp 2017-01-18 19:30:50 UTC (rev 210858)
+++ trunk/Source/WebCore/loader/DocumentLoader.cpp 2017-01-18 19:35:49 UTC (rev 210859)
</span><span class="lines">@@ -857,7 +857,7 @@
</span><span class="cx"> // load local resources. See https://bugs.webkit.org/show_bug.cgi?id=16756
</span><span class="cx"> // and https://bugs.webkit.org/show_bug.cgi?id=19760 for further
</span><span class="cx"> // discussion.
</span><del>- m_frame->document()->securityOrigin()->grantLoadLocalResources();
</del><ins>+ m_frame->document()->securityOrigin().grantLoadLocalResources();
</ins><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> if (frameLoader()->stateMachine().creatingInitialEmptyDocument())
</span></span></pre></div>
<a id="trunkSourceWebCoreloaderDocumentThreadableLoadercpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/loader/DocumentThreadableLoader.cpp (210858 => 210859)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/loader/DocumentThreadableLoader.cpp 2017-01-18 19:30:50 UTC (rev 210858)
+++ trunk/Source/WebCore/loader/DocumentThreadableLoader.cpp 2017-01-18 19:35:49 UTC (rev 210859)
</span><span class="lines">@@ -379,7 +379,7 @@
</span><span class="cx"> CachedResourceRequest newRequest(WTFMove(request), options);
</span><span class="cx"> if (RuntimeEnabledFeatures::sharedFeatures().resourceTimingEnabled())
</span><span class="cx"> newRequest.setInitiator(m_options.initiator);
</span><del>- newRequest.setOrigin(&securityOrigin());
</del><ins>+ newRequest.setOrigin(securityOrigin());
</ins><span class="cx">
</span><span class="cx"> ASSERT(!m_resource);
</span><span class="cx"> // We create an URL here as the request will be moved in requestRawResource
</span><span class="lines">@@ -488,8 +488,7 @@
</span><span class="cx">
</span><span class="cx"> SecurityOrigin& DocumentThreadableLoader::securityOrigin() const
</span><span class="cx"> {
</span><del>- ASSERT(m_document.securityOrigin());
- return m_origin ? *m_origin : *m_document.securityOrigin();
</del><ins>+ return m_origin ? *m_origin : m_document.securityOrigin();
</ins><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> const ContentSecurityPolicy& DocumentThreadableLoader::contentSecurityPolicy() const
</span></span></pre></div>
<a id="trunkSourceWebCoreloaderDocumentWritercpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/loader/DocumentWriter.cpp (210858 => 210859)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/loader/DocumentWriter.cpp 2017-01-18 19:30:50 UTC (rev 210858)
+++ trunk/Source/WebCore/loader/DocumentWriter.cpp 2017-01-18 19:35:49 UTC (rev 210859)
</span><span class="lines">@@ -56,7 +56,7 @@
</span><span class="cx">
</span><span class="cx"> static inline bool canReferToParentFrameEncoding(const Frame* frame, const Frame* parentFrame)
</span><span class="cx"> {
</span><del>- return parentFrame && parentFrame->document()->securityOrigin()->canAccess(frame->document()->securityOrigin());
</del><ins>+ return parentFrame && parentFrame->document()->securityOrigin().canAccess(frame->document()->securityOrigin());
</ins><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> DocumentWriter::DocumentWriter(Frame* frame)
</span></span></pre></div>
<a id="trunkSourceWebCoreloaderEmptyClientscpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/loader/EmptyClients.cpp (210858 => 210859)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/loader/EmptyClients.cpp 2017-01-18 19:30:50 UTC (rev 210858)
+++ trunk/Source/WebCore/loader/EmptyClients.cpp 2017-01-18 19:35:49 UTC (rev 210859)
</span><span class="lines">@@ -409,7 +409,7 @@
</span><span class="cx"> void saveViewStateToItem(HistoryItem&) final { }
</span><span class="cx"> bool canCachePage() const final { return false; }
</span><span class="cx"> void didDisplayInsecureContent() final { }
</span><del>- void didRunInsecureContent(SecurityOrigin*, const URL&) final { }
</del><ins>+ void didRunInsecureContent(SecurityOrigin&, const URL&) final { }
</ins><span class="cx"> void didDetectXSS(const URL&, bool) final { }
</span><span class="cx"> RefPtr<Frame> createFrame(const URL&, const String&, HTMLFrameOwnerElement&, const String&, bool, int, int) final;
</span><span class="cx"> RefPtr<Widget> createPlugin(const IntSize&, HTMLPlugInElement&, const URL&, const Vector<String>&, const Vector<String>&, const String&, bool) final;
</span></span></pre></div>
<a id="trunkSourceWebCoreloaderFrameLoadRequestcpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/loader/FrameLoadRequest.cpp (210858 => 210859)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/loader/FrameLoadRequest.cpp 2017-01-18 19:30:50 UTC (rev 210858)
+++ trunk/Source/WebCore/loader/FrameLoadRequest.cpp 2017-01-18 19:35:49 UTC (rev 210859)
</span><span class="lines">@@ -37,7 +37,7 @@
</span><span class="cx"> namespace WebCore {
</span><span class="cx">
</span><span class="cx"> FrameLoadRequest::FrameLoadRequest(Frame* frame, const ResourceRequest& resourceRequest, ShouldOpenExternalURLsPolicy shouldOpenExternalURLsPolicy, const SubstituteData& substituteData)
</span><del>- : m_requester(frame->document()->securityOrigin())
</del><ins>+ : m_requester(&frame->document()->securityOrigin())
</ins><span class="cx"> , m_resourceRequest(resourceRequest)
</span><span class="cx"> , m_shouldCheckNewWindowPolicy(false)
</span><span class="cx"> , m_substituteData(substituteData)
</span></span></pre></div>
<a id="trunkSourceWebCoreloaderFrameLoadRequesth"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/loader/FrameLoadRequest.h (210858 => 210859)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/loader/FrameLoadRequest.h 2017-01-18 19:30:50 UTC (rev 210858)
+++ trunk/Source/WebCore/loader/FrameLoadRequest.h 2017-01-18 19:35:49 UTC (rev 210859)
</span><span class="lines">@@ -35,8 +35,8 @@
</span><span class="cx">
</span><span class="cx"> struct FrameLoadRequest {
</span><span class="cx"> public:
</span><del>- FrameLoadRequest(SecurityOrigin* requester, LockHistory lockHistory, LockBackForwardList lockBackForwardList, ShouldSendReferrer shouldSendReferrer, AllowNavigationToInvalidURL allowNavigationToInvalidURL, NewFrameOpenerPolicy newFrameOpenerPolicy, ShouldOpenExternalURLsPolicy shouldOpenExternalURLsPolicy)
- : m_requester(requester)
</del><ins>+ FrameLoadRequest(SecurityOrigin& requester, LockHistory lockHistory, LockBackForwardList lockBackForwardList, ShouldSendReferrer shouldSendReferrer, AllowNavigationToInvalidURL allowNavigationToInvalidURL, NewFrameOpenerPolicy newFrameOpenerPolicy, ShouldOpenExternalURLsPolicy shouldOpenExternalURLsPolicy)
+ : m_requester(&requester)
</ins><span class="cx"> , m_lockHistory(lockHistory)
</span><span class="cx"> , m_lockBackForwardList(lockBackForwardList)
</span><span class="cx"> , m_shouldSendReferrer(shouldSendReferrer)
</span><span class="lines">@@ -47,8 +47,8 @@
</span><span class="cx"> {
</span><span class="cx"> }
</span><span class="cx">
</span><del>- FrameLoadRequest(SecurityOrigin* requester, const ResourceRequest& resourceRequest, LockHistory lockHistory, LockBackForwardList lockBackForwardList, ShouldSendReferrer shouldSendReferrer, AllowNavigationToInvalidURL allowNavigationToInvalidURL, NewFrameOpenerPolicy newFrameOpenerPolicy, ShouldOpenExternalURLsPolicy shouldOpenExternalURLsPolicy)
- : m_requester(requester)
</del><ins>+ FrameLoadRequest(SecurityOrigin& requester, const ResourceRequest& resourceRequest, LockHistory lockHistory, LockBackForwardList lockBackForwardList, ShouldSendReferrer shouldSendReferrer, AllowNavigationToInvalidURL allowNavigationToInvalidURL, NewFrameOpenerPolicy newFrameOpenerPolicy, ShouldOpenExternalURLsPolicy shouldOpenExternalURLsPolicy)
+ : m_requester(&requester)
</ins><span class="cx"> , m_resourceRequest(resourceRequest)
</span><span class="cx"> , m_lockHistory(lockHistory)
</span><span class="cx"> , m_lockBackForwardList(lockBackForwardList)
</span><span class="lines">@@ -60,8 +60,8 @@
</span><span class="cx"> {
</span><span class="cx"> }
</span><span class="cx">
</span><del>- FrameLoadRequest(SecurityOrigin* requester, const ResourceRequest& resourceRequest, const String& frameName, LockHistory lockHistory, LockBackForwardList lockBackForwardList, ShouldSendReferrer shouldSendReferrer, AllowNavigationToInvalidURL allowNavigationToInvalidURL, NewFrameOpenerPolicy newFrameOpenerPolicy, ShouldOpenExternalURLsPolicy shouldOpenExternalURLsPolicy)
- : m_requester(requester)
</del><ins>+ FrameLoadRequest(SecurityOrigin& requester, const ResourceRequest& resourceRequest, const String& frameName, LockHistory lockHistory, LockBackForwardList lockBackForwardList, ShouldSendReferrer shouldSendReferrer, AllowNavigationToInvalidURL allowNavigationToInvalidURL, NewFrameOpenerPolicy newFrameOpenerPolicy, ShouldOpenExternalURLsPolicy shouldOpenExternalURLsPolicy)
+ : m_requester(&requester)
</ins><span class="cx"> , m_resourceRequest(resourceRequest)
</span><span class="cx"> , m_frameName(frameName)
</span><span class="cx"> , m_lockHistory(lockHistory)
</span><span class="lines">@@ -74,8 +74,8 @@
</span><span class="cx"> {
</span><span class="cx"> }
</span><span class="cx">
</span><del>- FrameLoadRequest(SecurityOrigin* requester, const ResourceRequest& resourceRequest, const String& frameName, LockHistory lockHistory, LockBackForwardList lockBackForwardList, ShouldSendReferrer shouldSendReferrer, AllowNavigationToInvalidURL allowNavigationToInvalidURL, NewFrameOpenerPolicy newFrameOpenerPolicy, ShouldReplaceDocumentIfJavaScriptURL shouldReplaceDocumentIfJavaScriptURL, ShouldOpenExternalURLsPolicy shouldOpenExternalURLsPolicy)
- : m_requester(requester)
</del><ins>+ FrameLoadRequest(SecurityOrigin& requester, const ResourceRequest& resourceRequest, const String& frameName, LockHistory lockHistory, LockBackForwardList lockBackForwardList, ShouldSendReferrer shouldSendReferrer, AllowNavigationToInvalidURL allowNavigationToInvalidURL, NewFrameOpenerPolicy newFrameOpenerPolicy, ShouldReplaceDocumentIfJavaScriptURL shouldReplaceDocumentIfJavaScriptURL, ShouldOpenExternalURLsPolicy shouldOpenExternalURLsPolicy)
+ : m_requester(&requester)
</ins><span class="cx"> , m_resourceRequest(resourceRequest)
</span><span class="cx"> , m_frameName(frameName)
</span><span class="cx"> , m_lockHistory(lockHistory)
</span><span class="lines">@@ -88,8 +88,8 @@
</span><span class="cx"> {
</span><span class="cx"> }
</span><span class="cx">
</span><del>- FrameLoadRequest(SecurityOrigin* requester, const ResourceRequest& resourceRequest, const String& frameName, LockHistory lockHistory, LockBackForwardList lockBackForwardList, ShouldSendReferrer shouldSendReferrer, AllowNavigationToInvalidURL allowNavigationToInvalidURL, NewFrameOpenerPolicy newFrameOpenerPolicy, ShouldReplaceDocumentIfJavaScriptURL shouldReplaceDocumentIfJavaScriptURL, ShouldOpenExternalURLsPolicy shouldOpenExternalURLsPolicy, const AtomicString& downloadAttribute)
- : m_requester(requester)
</del><ins>+ FrameLoadRequest(SecurityOrigin& requester, const ResourceRequest& resourceRequest, const String& frameName, LockHistory lockHistory, LockBackForwardList lockBackForwardList, ShouldSendReferrer shouldSendReferrer, AllowNavigationToInvalidURL allowNavigationToInvalidURL, NewFrameOpenerPolicy newFrameOpenerPolicy, ShouldReplaceDocumentIfJavaScriptURL shouldReplaceDocumentIfJavaScriptURL, ShouldOpenExternalURLsPolicy shouldOpenExternalURLsPolicy, const AtomicString& downloadAttribute)
+ : m_requester(&requester)
</ins><span class="cx"> , m_resourceRequest(resourceRequest)
</span><span class="cx"> , m_frameName(frameName)
</span><span class="cx"> , m_lockHistory(lockHistory)
</span></span></pre></div>
<a id="trunkSourceWebCoreloaderFrameLoadercpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/loader/FrameLoader.cpp (210858 => 210859)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/loader/FrameLoader.cpp 2017-01-18 19:30:50 UTC (rev 210858)
+++ trunk/Source/WebCore/loader/FrameLoader.cpp 2017-01-18 19:35:49 UTC (rev 210859)
</span><span class="lines">@@ -578,7 +578,7 @@
</span><span class="cx"> if (frame.loader().opener())
</span><span class="cx"> return false;
</span><span class="cx">
</span><del>- return !newDocument.securityOrigin()->isSameOriginAs(frame.document()->securityOrigin());
</del><ins>+ return !newDocument.securityOrigin().isSameOriginAs(frame.document()->securityOrigin());
</ins><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> void FrameLoader::clear(Document* newDocument, bool clearWindowProperties, bool clearScriptObjects, bool clearFrameView)
</span><span class="lines">@@ -938,7 +938,7 @@
</span><span class="cx">
</span><span class="cx"> String FrameLoader::outgoingOrigin() const
</span><span class="cx"> {
</span><del>- return m_frame.document()->securityOrigin()->toString();
</del><ins>+ return m_frame.document()->securityOrigin().toString();
</ins><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> bool FrameLoader::checkIfFormActionAllowedByCSP(const URL& url, bool didReceiveRedirectResponse) const
</span><span class="lines">@@ -1207,7 +1207,7 @@
</span><span class="cx"> }
</span><span class="cx"> #if ENABLE(CACHE_PARTITIONING)
</span><span class="cx"> if (&m_frame.tree().top() != &m_frame)
</span><del>- request.setDomainForCachePartition(m_frame.tree().top().document()->securityOrigin()->domainForCachePartition());
</del><ins>+ request.setDomainForCachePartition(m_frame.tree().top().document()->securityOrigin().domainForCachePartition());
</ins><span class="cx"> #endif
</span><span class="cx"> addExtraFieldsToRequest(request, newLoadType, true);
</span><span class="cx"> if (newLoadType == FrameLoadType::Reload || newLoadType == FrameLoadType::ReloadFromOrigin)
</span><span class="lines">@@ -3009,7 +3009,7 @@
</span><span class="cx"> Document* parentDocument = parentFrame->document();
</span><span class="cx"> if (!parentDocument)
</span><span class="cx"> return true;
</span><del>- if (!m_frame.document() || !m_frame.document()->securityOrigin()->canAccess(parentDocument->securityOrigin())) {
</del><ins>+ if (!m_frame.document() || !m_frame.document()->securityOrigin().canAccess(parentDocument->securityOrigin())) {
</ins><span class="cx"> document->addConsoleMessage(MessageSource::JS, MessageLevel::Error, ASCIILiteral("Blocked attempt to show beforeunload confirmation dialog on behalf of a frame with different security origin. Protocols, domains, and ports must match."));
</span><span class="cx"> return true;
</span><span class="cx"> }
</span></span></pre></div>
<a id="trunkSourceWebCoreloaderFrameLoaderClienth"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/loader/FrameLoaderClient.h (210858 => 210859)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/loader/FrameLoaderClient.h 2017-01-18 19:30:50 UTC (rev 210858)
+++ trunk/Source/WebCore/loader/FrameLoaderClient.h 2017-01-18 19:35:49 UTC (rev 210859)
</span><span class="lines">@@ -220,7 +220,7 @@
</span><span class="cx"> // The indicated security origin has run active content (such as a
</span><span class="cx"> // script) from an insecure source. Note that the insecure content can
</span><span class="cx"> // spread to other frames in the same origin.
</span><del>- virtual void didRunInsecureContent(SecurityOrigin*, const URL&) = 0;
</del><ins>+ virtual void didRunInsecureContent(SecurityOrigin&, const URL&) = 0;
</ins><span class="cx"> virtual void didDetectXSS(const URL&, bool didBlockEntirePage) = 0;
</span><span class="cx">
</span><span class="cx"> virtual ResourceError cancelledError(const ResourceRequest&) = 0;
</span></span></pre></div>
<a id="trunkSourceWebCoreloaderMixedContentCheckercpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/loader/MixedContentChecker.cpp (210858 => 210859)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/loader/MixedContentChecker.cpp 2017-01-18 19:30:50 UTC (rev 210858)
+++ trunk/Source/WebCore/loader/MixedContentChecker.cpp 2017-01-18 19:35:49 UTC (rev 210859)
</span><span class="lines">@@ -52,9 +52,9 @@
</span><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> // static
</span><del>-bool MixedContentChecker::isMixedContent(SecurityOrigin* securityOrigin, const URL& url)
</del><ins>+bool MixedContentChecker::isMixedContent(SecurityOrigin& securityOrigin, const URL& url)
</ins><span class="cx"> {
</span><del>- if (securityOrigin->protocol() != "https")
</del><ins>+ if (securityOrigin.protocol() != "https")
</ins><span class="cx"> return false; // We only care about HTTPS security origins.
</span><span class="cx">
</span><span class="cx"> // We're in a secure context, so |url| is mixed content if it's insecure.
</span><span class="lines">@@ -61,7 +61,7 @@
</span><span class="cx"> return !SecurityOrigin::isSecure(url);
</span><span class="cx"> }
</span><span class="cx">
</span><del>-bool MixedContentChecker::canDisplayInsecureContent(SecurityOrigin* securityOrigin, ContentType type, const URL& url, AlwaysDisplayInNonStrictMode alwaysDisplayInNonStrictMode) const
</del><ins>+bool MixedContentChecker::canDisplayInsecureContent(SecurityOrigin& securityOrigin, ContentType type, const URL& url, AlwaysDisplayInNonStrictMode alwaysDisplayInNonStrictMode) const
</ins><span class="cx"> {
</span><span class="cx"> if (!isMixedContent(securityOrigin, url))
</span><span class="cx"> return true;
</span><span class="lines">@@ -84,7 +84,7 @@
</span><span class="cx"> return allowed;
</span><span class="cx"> }
</span><span class="cx">
</span><del>-bool MixedContentChecker::canRunInsecureContent(SecurityOrigin* securityOrigin, const URL& url) const
</del><ins>+bool MixedContentChecker::canRunInsecureContent(SecurityOrigin& securityOrigin, const URL& url) const
</ins><span class="cx"> {
</span><span class="cx"> if (!isMixedContent(securityOrigin, url))
</span><span class="cx"> return true;
</span><span class="lines">@@ -103,7 +103,7 @@
</span><span class="cx"> return allowed;
</span><span class="cx"> }
</span><span class="cx">
</span><del>-void MixedContentChecker::checkFormForMixedContent(SecurityOrigin* securityOrigin, const URL& url) const
</del><ins>+void MixedContentChecker::checkFormForMixedContent(SecurityOrigin& securityOrigin, const URL& url) const
</ins><span class="cx"> {
</span><span class="cx"> // Unconditionally allow javascript: URLs as form actions as some pages do this and it does not introduce
</span><span class="cx"> // a mixed content issue.
</span></span></pre></div>
<a id="trunkSourceWebCoreloaderMixedContentCheckerh"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/loader/MixedContentChecker.h (210858 => 210859)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/loader/MixedContentChecker.h 2017-01-18 19:30:50 UTC (rev 210858)
+++ trunk/Source/WebCore/loader/MixedContentChecker.h 2017-01-18 19:35:49 UTC (rev 210859)
</span><span class="lines">@@ -55,10 +55,10 @@
</span><span class="cx"> Yes,
</span><span class="cx"> };
</span><span class="cx">
</span><del>- bool canDisplayInsecureContent(SecurityOrigin*, ContentType, const URL&, AlwaysDisplayInNonStrictMode = AlwaysDisplayInNonStrictMode::No) const;
- bool canRunInsecureContent(SecurityOrigin*, const URL&) const;
- void checkFormForMixedContent(SecurityOrigin*, const URL&) const;
- static bool isMixedContent(SecurityOrigin*, const URL&);
</del><ins>+ bool canDisplayInsecureContent(SecurityOrigin&, ContentType, const URL&, AlwaysDisplayInNonStrictMode = AlwaysDisplayInNonStrictMode::No) const;
+ bool canRunInsecureContent(SecurityOrigin&, const URL&) const;
+ void checkFormForMixedContent(SecurityOrigin&, const URL&) const;
+ static bool isMixedContent(SecurityOrigin&, const URL&);
</ins><span class="cx">
</span><span class="cx"> private:
</span><span class="cx"> // FIXME: This should probably have a separate client from FrameLoader.
</span></span></pre></div>
<a id="trunkSourceWebCoreloaderNavigationSchedulercpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/loader/NavigationScheduler.cpp (210858 => 210859)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/loader/NavigationScheduler.cpp 2017-01-18 19:30:50 UTC (rev 210858)
+++ trunk/Source/WebCore/loader/NavigationScheduler.cpp 2017-01-18 19:35:49 UTC (rev 210859)
</span><span class="lines">@@ -122,7 +122,7 @@
</span><span class="cx"> UserGestureIndicator gestureIndicator(userGestureToForward());
</span><span class="cx">
</span><span class="cx"> ResourceRequest resourceRequest(m_url, m_referrer, UseProtocolCachePolicy);
</span><del>- FrameLoadRequest frameRequest(m_securityOrigin.get(), resourceRequest, "_self", lockHistory(), lockBackForwardList(), MaybeSendReferrer, AllowNavigationToInvalidURL::Yes, NewFrameOpenerPolicy::Allow, shouldOpenExternalURLs());
</del><ins>+ FrameLoadRequest frameRequest(*m_securityOrigin, resourceRequest, "_self", lockHistory(), lockBackForwardList(), MaybeSendReferrer, AllowNavigationToInvalidURL::Yes, NewFrameOpenerPolicy::Allow, shouldOpenExternalURLs());
</ins><span class="cx">
</span><span class="cx"> frame.loader().changeLocation(frameRequest);
</span><span class="cx"> }
</span><span class="lines">@@ -180,7 +180,7 @@
</span><span class="cx"> UserGestureIndicator gestureIndicator(userGestureToForward());
</span><span class="cx"> bool refresh = equalIgnoringFragmentIdentifier(frame.document()->url(), url());
</span><span class="cx"> ResourceRequest resourceRequest(url(), referrer(), refresh ? ReloadIgnoringCacheData : UseProtocolCachePolicy);
</span><del>- FrameLoadRequest frameRequest(securityOrigin(), resourceRequest, "_self", lockHistory(), lockBackForwardList(), MaybeSendReferrer, AllowNavigationToInvalidURL::No, NewFrameOpenerPolicy::Allow, shouldOpenExternalURLs());
</del><ins>+ FrameLoadRequest frameRequest(*securityOrigin(), resourceRequest, "_self", lockHistory(), lockBackForwardList(), MaybeSendReferrer, AllowNavigationToInvalidURL::No, NewFrameOpenerPolicy::Allow, shouldOpenExternalURLs());
</ins><span class="cx">
</span><span class="cx"> frame.loader().changeLocation(frameRequest);
</span><span class="cx"> }
</span><span class="lines">@@ -196,7 +196,7 @@
</span><span class="cx"> UserGestureIndicator gestureIndicator(userGestureToForward());
</span><span class="cx">
</span><span class="cx"> ResourceRequest resourceRequest(url(), referrer(), UseProtocolCachePolicy);
</span><del>- FrameLoadRequest frameRequest(securityOrigin(), resourceRequest, "_self", lockHistory(), lockBackForwardList(), MaybeSendReferrer, AllowNavigationToInvalidURL::No, NewFrameOpenerPolicy::Allow, shouldOpenExternalURLs());
</del><ins>+ FrameLoadRequest frameRequest(*securityOrigin(), resourceRequest, "_self", lockHistory(), lockBackForwardList(), MaybeSendReferrer, AllowNavigationToInvalidURL::No, NewFrameOpenerPolicy::Allow, shouldOpenExternalURLs());
</ins><span class="cx"> frame.loader().changeLocation(frameRequest);
</span><span class="cx"> }
</span><span class="cx"> };
</span><span class="lines">@@ -213,7 +213,7 @@
</span><span class="cx"> UserGestureIndicator gestureIndicator(userGestureToForward());
</span><span class="cx">
</span><span class="cx"> ResourceRequest resourceRequest(url(), referrer(), ReloadIgnoringCacheData);
</span><del>- FrameLoadRequest frameRequest(securityOrigin(), resourceRequest, "_self", lockHistory(), lockBackForwardList(), MaybeSendReferrer, AllowNavigationToInvalidURL::Yes, NewFrameOpenerPolicy::Allow, shouldOpenExternalURLs());
</del><ins>+ FrameLoadRequest frameRequest(*securityOrigin(), resourceRequest, "_self", lockHistory(), lockBackForwardList(), MaybeSendReferrer, AllowNavigationToInvalidURL::Yes, NewFrameOpenerPolicy::Allow, shouldOpenExternalURLs());
</ins><span class="cx"> frame.loader().changeLocation(frameRequest);
</span><span class="cx"> }
</span><span class="cx"> };
</span><span class="lines">@@ -378,7 +378,7 @@
</span><span class="cx"> // We want a new back/forward list item if the refresh timeout is > 1 second.
</span><span class="cx"> if (!m_redirect || delay <= m_redirect->delay()) {
</span><span class="cx"> auto lockBackForwardList = delay <= 1 ? LockBackForwardList::Yes : LockBackForwardList::No;
</span><del>- schedule(std::make_unique<ScheduledRedirect>(initiatingDocument, delay, m_frame.document()->securityOrigin(), url, LockHistory::Yes, lockBackForwardList));
</del><ins>+ schedule(std::make_unique<ScheduledRedirect>(initiatingDocument, delay, &m_frame.document()->securityOrigin(), url, LockHistory::Yes, lockBackForwardList));
</ins><span class="cx"> }
</span><span class="cx"> }
</span><span class="cx">
</span><span class="lines">@@ -400,7 +400,7 @@
</span><span class="cx"> return LockBackForwardList::No;
</span><span class="cx"> }
</span><span class="cx">
</span><del>-void NavigationScheduler::scheduleLocationChange(Document& initiatingDocument, SecurityOrigin* securityOrigin, const URL& url, const String& referrer, LockHistory lockHistory, LockBackForwardList lockBackForwardList)
</del><ins>+void NavigationScheduler::scheduleLocationChange(Document& initiatingDocument, SecurityOrigin& securityOrigin, const URL& url, const String& referrer, LockHistory lockHistory, LockBackForwardList lockBackForwardList)
</ins><span class="cx"> {
</span><span class="cx"> if (!shouldScheduleNavigation(url))
</span><span class="cx"> return;
</span><span class="lines">@@ -423,7 +423,7 @@
</span><span class="cx"> // This may happen when a frame changes the location of another frame.
</span><span class="cx"> bool duringLoad = !loader.stateMachine().committedFirstRealDocumentLoad();
</span><span class="cx">
</span><del>- schedule(std::make_unique<ScheduledLocationChange>(initiatingDocument, securityOrigin, url, referrer, lockHistory, lockBackForwardList, duringLoad));
</del><ins>+ schedule(std::make_unique<ScheduledLocationChange>(initiatingDocument, &securityOrigin, url, referrer, lockHistory, lockBackForwardList, duringLoad));
</ins><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> void NavigationScheduler::scheduleFormSubmission(Ref<FormSubmission>&& submission)
</span><span class="lines">@@ -457,7 +457,7 @@
</span><span class="cx"> if (url.isEmpty())
</span><span class="cx"> return;
</span><span class="cx">
</span><del>- schedule(std::make_unique<ScheduledRefresh>(initiatingDocument, m_frame.document()->securityOrigin(), url, m_frame.loader().outgoingReferrer()));
</del><ins>+ schedule(std::make_unique<ScheduledRefresh>(initiatingDocument, &m_frame.document()->securityOrigin(), url, m_frame.loader().outgoingReferrer()));
</ins><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> void NavigationScheduler::scheduleHistoryNavigation(int steps)
</span></span></pre></div>
<a id="trunkSourceWebCoreloaderNavigationSchedulerh"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/loader/NavigationScheduler.h (210858 => 210859)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/loader/NavigationScheduler.h 2017-01-18 19:30:50 UTC (rev 210858)
+++ trunk/Source/WebCore/loader/NavigationScheduler.h 2017-01-18 19:35:49 UTC (rev 210859)
</span><span class="lines">@@ -69,7 +69,7 @@
</span><span class="cx"> bool locationChangePending();
</span><span class="cx">
</span><span class="cx"> void scheduleRedirect(Document& initiatingDocument, double delay, const URL&);
</span><del>- void scheduleLocationChange(Document& initiatingDocument, SecurityOrigin*, const URL&, const String& referrer, LockHistory = LockHistory::Yes, LockBackForwardList = LockBackForwardList::Yes);
</del><ins>+ void scheduleLocationChange(Document& initiatingDocument, SecurityOrigin&, const URL&, const String& referrer, LockHistory = LockHistory::Yes, LockBackForwardList = LockBackForwardList::Yes);
</ins><span class="cx"> void scheduleFormSubmission(Ref<FormSubmission>&&);
</span><span class="cx"> void scheduleRefresh(Document& initiatingDocument);
</span><span class="cx"> void scheduleHistoryNavigation(int steps);
</span></span></pre></div>
<a id="trunkSourceWebCoreloaderPingLoadercpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/loader/PingLoader.cpp (210858 => 210859)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/loader/PingLoader.cpp 2017-01-18 19:30:50 UTC (rev 210858)
+++ trunk/Source/WebCore/loader/PingLoader.cpp 2017-01-18 19:35:49 UTC (rev 210859)
</span><span class="lines">@@ -88,7 +88,7 @@
</span><span class="cx"> ASSERT(frame.document());
</span><span class="cx"> auto& document = *frame.document();
</span><span class="cx">
</span><del>- if (!document.securityOrigin()->canDisplay(url)) {
</del><ins>+ if (!document.securityOrigin().canDisplay(url)) {
</ins><span class="cx"> FrameLoader::reportLocalLoadFailed(&frame, url);
</span><span class="cx"> return;
</span><span class="cx"> }
</span><span class="lines">@@ -129,13 +129,12 @@
</span><span class="cx"> request.setHTTPHeaderField(HTTPHeaderName::CacheControl, "max-age=0");
</span><span class="cx"> frame.loader().addExtraFieldsToSubresourceRequest(request);
</span><span class="cx">
</span><del>- ASSERT(document.securityOrigin());
- auto& sourceOrigin = *document.securityOrigin();
</del><ins>+ auto& sourceOrigin = document.securityOrigin();
</ins><span class="cx"> FrameLoader::addHTTPOriginIfNeeded(request, sourceOrigin.toString());
</span><span class="cx"> request.setHTTPHeaderField(HTTPHeaderName::PingTo, destinationURL);
</span><span class="cx"> if (!SecurityPolicy::shouldHideReferrer(pingURL, frame.loader().outgoingReferrer())) {
</span><span class="cx"> request.setHTTPHeaderField(HTTPHeaderName::PingFrom, document.url());
</span><del>- if (!sourceOrigin.isSameSchemeHostPort(SecurityOrigin::create(pingURL).ptr())) {
</del><ins>+ if (!sourceOrigin.isSameSchemeHostPort(SecurityOrigin::create(pingURL).get())) {
</ins><span class="cx"> String referrer = SecurityPolicy::generateReferrerHeader(document.referrerPolicy(), pingURL, frame.loader().outgoingReferrer());
</span><span class="cx"> if (!referrer.isEmpty())
</span><span class="cx"> request.setHTTPReferrer(referrer);
</span><span class="lines">@@ -168,10 +167,8 @@
</span><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> bool removeCookies = true;
</span><del>- if (auto* securityOrigin = document.securityOrigin()) {
- if (securityOrigin->isSameSchemeHostPort(SecurityOrigin::create(reportURL).ptr()))
- removeCookies = false;
- }
</del><ins>+ if (document.securityOrigin().isSameSchemeHostPort(SecurityOrigin::create(reportURL).get()))
+ removeCookies = false;
</ins><span class="cx"> if (removeCookies)
</span><span class="cx"> request.setAllowCookies(false);
</span><span class="cx">
</span></span></pre></div>
<a id="trunkSourceWebCoreloaderResourceLoadInfocpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/loader/ResourceLoadInfo.cpp (210858 => 210859)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/loader/ResourceLoadInfo.cpp 2017-01-18 19:30:50 UTC (rev 210858)
+++ trunk/Source/WebCore/loader/ResourceLoadInfo.cpp 2017-01-18 19:35:49 UTC (rev 210859)
</span><span class="lines">@@ -108,7 +108,7 @@
</span><span class="cx"> Ref<SecurityOrigin> mainDocumentSecurityOrigin = SecurityOrigin::create(mainDocumentURL);
</span><span class="cx"> Ref<SecurityOrigin> resourceSecurityOrigin = SecurityOrigin::create(resourceURL);
</span><span class="cx">
</span><del>- return !mainDocumentSecurityOrigin->canAccess(&resourceSecurityOrigin.get());
</del><ins>+ return !mainDocumentSecurityOrigin->canAccess(resourceSecurityOrigin.get());
</ins><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> ResourceFlags ResourceLoadInfo::getResourceFlags() const
</span></span></pre></div>
<a id="trunkSourceWebCoreloaderResourceLoadercpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/loader/ResourceLoader.cpp (210858 => 210859)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/loader/ResourceLoader.cpp 2017-01-18 19:30:50 UTC (rev 210858)
+++ trunk/Source/WebCore/loader/ResourceLoader.cpp 2017-01-18 19:35:49 UTC (rev 210859)
</span><span class="lines">@@ -128,7 +128,7 @@
</span><span class="cx">
</span><span class="cx"> m_defersLoading = m_options.defersLoadingPolicy == DefersLoadingPolicy::AllowDefersLoading && m_frame->page()->defersLoading();
</span><span class="cx">
</span><del>- if (m_options.securityCheck == DoSecurityCheck && !m_frame->document()->securityOrigin()->canDisplay(clientRequest.url())) {
</del><ins>+ if (m_options.securityCheck == DoSecurityCheck && !m_frame->document()->securityOrigin().canDisplay(clientRequest.url())) {
</ins><span class="cx"> FrameLoader::reportLocalLoadFailed(m_frame.get(), clientRequest.url().string());
</span><span class="cx"> releaseResources();
</span><span class="cx"> return false;
</span><span class="lines">@@ -670,7 +670,7 @@
</span><span class="cx"> {
</span><span class="cx"> if (m_options.clientCredentialPolicy == ClientCredentialPolicy::CannotAskClientForCredentials)
</span><span class="cx"> return false;
</span><del>- return m_options.credentials == FetchOptions::Credentials::Include || (m_options.credentials == FetchOptions::Credentials::SameOrigin && m_frame->document()->securityOrigin()->canRequest(originalRequest().url()));
</del><ins>+ return m_options.credentials == FetchOptions::Credentials::Include || (m_options.credentials == FetchOptions::Credentials::SameOrigin && m_frame->document()->securityOrigin().canRequest(originalRequest().url()));
</ins><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> void ResourceLoader::didReceiveAuthenticationChallenge(const AuthenticationChallenge& challenge)
</span></span></pre></div>
<a id="trunkSourceWebCoreloaderSubframeLoadercpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/loader/SubframeLoader.cpp (210858 => 210859)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/loader/SubframeLoader.cpp 2017-01-18 19:30:50 UTC (rev 210858)
+++ trunk/Source/WebCore/loader/SubframeLoader.cpp 2017-01-18 19:35:49 UTC (rev 210859)
</span><span class="lines">@@ -112,7 +112,7 @@
</span><span class="cx"> if (MIMETypeRegistry::isJavaAppletMIMEType(mimeType)) {
</span><span class="cx"> if (!m_frame.settings().isJavaEnabled())
</span><span class="cx"> return false;
</span><del>- if (document && document->securityOrigin()->isLocal() && !m_frame.settings().isJavaEnabledForLocalFiles())
</del><ins>+ if (document && document->securityOrigin().isLocal() && !m_frame.settings().isJavaEnabledForLocalFiles())
</ins><span class="cx"> return false;
</span><span class="cx"> }
</span><span class="cx">
</span><span class="lines">@@ -120,7 +120,7 @@
</span><span class="cx"> if (document->isSandboxed(SandboxPlugins))
</span><span class="cx"> return false;
</span><span class="cx">
</span><del>- if (!document->securityOrigin()->canDisplay(url)) {
</del><ins>+ if (!document->securityOrigin().canDisplay(url)) {
</ins><span class="cx"> FrameLoader::reportLocalLoadFailed(&m_frame, url.string());
</span><span class="cx"> return false;
</span><span class="cx"> }
</span><span class="lines">@@ -243,7 +243,7 @@
</span><span class="cx">
</span><span class="cx"> if (!codeBaseURLString.isEmpty()) {
</span><span class="cx"> URL codeBaseURL = completeURL(codeBaseURLString);
</span><del>- if (!element.document().securityOrigin()->canDisplay(codeBaseURL)) {
</del><ins>+ if (!element.document().securityOrigin().canDisplay(codeBaseURL)) {
</ins><span class="cx"> FrameLoader::reportLocalLoadFailed(&m_frame, codeBaseURL.string());
</span><span class="cx"> return nullptr;
</span><span class="cx"> }
</span><span class="lines">@@ -315,7 +315,7 @@
</span><span class="cx">
</span><span class="cx"> auto document = makeRef(ownerElement.document());
</span><span class="cx">
</span><del>- if (!document->securityOrigin()->canDisplay(url)) {
</del><ins>+ if (!document->securityOrigin().canDisplay(url)) {
</ins><span class="cx"> FrameLoader::reportLocalLoadFailed(&m_frame, url.string());
</span><span class="cx"> return nullptr;
</span><span class="cx"> }
</span></span></pre></div>
<a id="trunkSourceWebCoreloaderappcacheApplicationCacheGroupcpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/loader/appcache/ApplicationCacheGroup.cpp (210858 => 210859)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/loader/appcache/ApplicationCacheGroup.cpp 2017-01-18 19:30:50 UTC (rev 210858)
+++ trunk/Source/WebCore/loader/appcache/ApplicationCacheGroup.cpp 2017-01-18 19:35:49 UTC (rev 210859)
</span><span class="lines">@@ -135,7 +135,7 @@
</span><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> // Don't access anything on disk if private browsing is enabled.
</span><del>- if (frame.page()->usesEphemeralSession() || !frame.document()->securityOrigin()->canAccessApplicationCache(frame.tree().top().document()->securityOrigin())) {
</del><ins>+ if (frame.page()->usesEphemeralSession() || !frame.document()->securityOrigin().canAccessApplicationCache(&frame.tree().top().document()->securityOrigin())) {
</ins><span class="cx"> postListenerTask(eventNames().checkingEvent, documentLoader);
</span><span class="cx"> postListenerTask(eventNames().errorEvent, documentLoader);
</span><span class="cx"> return;
</span><span class="lines">@@ -207,7 +207,7 @@
</span><span class="cx"> ASSERT(!documentLoader.applicationCacheHost().applicationCache());
</span><span class="cx">
</span><span class="cx"> // Don't access anything on disk if private browsing is enabled.
</span><del>- if (frame.page()->usesEphemeralSession() || !frame.document()->securityOrigin()->canAccessApplicationCache(frame.tree().top().document()->securityOrigin())) {
</del><ins>+ if (frame.page()->usesEphemeralSession() || !frame.document()->securityOrigin().canAccessApplicationCache(&frame.tree().top().document()->securityOrigin())) {
</ins><span class="cx"> postListenerTask(eventNames().checkingEvent, documentLoader);
</span><span class="cx"> postListenerTask(eventNames().errorEvent, documentLoader);
</span><span class="cx"> return;
</span><span class="lines">@@ -413,7 +413,7 @@
</span><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> // Don't access anything on disk if private browsing is enabled.
</span><del>- if (frame.page()->usesEphemeralSession() || !frame.document()->securityOrigin()->canAccessApplicationCache(frame.tree().top().document()->securityOrigin())) {
</del><ins>+ if (frame.page()->usesEphemeralSession() || !frame.document()->securityOrigin().canAccessApplicationCache(&frame.tree().top().document()->securityOrigin())) {
</ins><span class="cx"> ASSERT(m_pendingMasterResourceLoaders.isEmpty());
</span><span class="cx"> ASSERT(m_pendingEntries.isEmpty());
</span><span class="cx"> ASSERT(!m_cacheBeingUpdated);
</span></span></pre></div>
<a id="trunkSourceWebCoreloadercacheCachedResourceLoadercpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/loader/cache/CachedResourceLoader.cpp (210858 => 210859)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/loader/cache/CachedResourceLoader.cpp 2017-01-18 19:30:50 UTC (rev 210858)
+++ trunk/Source/WebCore/loader/cache/CachedResourceLoader.cpp 2017-01-18 19:35:49 UTC (rev 210859)
</span><span class="lines">@@ -440,7 +440,7 @@
</span><span class="cx"> {
</span><span class="cx"> auto& options = request.options();
</span><span class="cx">
</span><del>- if (document() && !document()->securityOrigin()->canDisplay(url)) {
</del><ins>+ if (document() && !document()->securityOrigin().canDisplay(url)) {
</ins><span class="cx"> if (forPreload == ForPreload::No)
</span><span class="cx"> FrameLoader::reportLocalLoadFailed(frame(), url.stringCenterEllipsizedToLength());
</span><span class="cx"> LOG(ResourceLoading, "CachedResourceLoader::requestResource URL was not allowed by SecurityOrigin::canDisplay");
</span><span class="lines">@@ -447,7 +447,7 @@
</span><span class="cx"> return false;
</span><span class="cx"> }
</span><span class="cx">
</span><del>- if (options.mode == FetchOptions::Mode::SameOrigin && !m_document->securityOrigin()->canRequest(url) && !isSameOriginDataURL(url, options)) {
</del><ins>+ if (options.mode == FetchOptions::Mode::SameOrigin && !m_document->securityOrigin().canRequest(url) && !isSameOriginDataURL(url, options)) {
</ins><span class="cx"> printAccessDeniedMessage(url);
</span><span class="cx"> return false;
</span><span class="cx"> }
</span><span class="lines">@@ -474,7 +474,7 @@
</span><span class="cx"> // FIXME: Should we find a way to know whether the redirection is for a preload request like we do for CachedResourceLoader::canRequest?
</span><span class="cx"> bool CachedResourceLoader::canRequestAfterRedirection(CachedResource::Type type, const URL& url, const ResourceLoaderOptions& options) const
</span><span class="cx"> {
</span><del>- if (document() && !document()->securityOrigin()->canDisplay(url)) {
</del><ins>+ if (document() && !document()->securityOrigin().canDisplay(url)) {
</ins><span class="cx"> FrameLoader::reportLocalLoadFailed(frame(), url.stringCenterEllipsizedToLength());
</span><span class="cx"> LOG(ResourceLoading, "CachedResourceLoader::requestResource URL was not allowed by SecurityOrigin::canDisplay");
</span><span class="cx"> return false;
</span><span class="lines">@@ -483,7 +483,7 @@
</span><span class="cx"> // FIXME: According to https://fetch.spec.whatwg.org/#http-redirect-fetch, we should check that the URL is HTTP(s) except if in navigation mode.
</span><span class="cx"> // But we currently allow at least data URLs to be loaded.
</span><span class="cx">
</span><del>- if (options.mode == FetchOptions::Mode::SameOrigin && !m_document->securityOrigin()->canRequest(url)) {
</del><ins>+ if (options.mode == FetchOptions::Mode::SameOrigin && !m_document->securityOrigin().canRequest(url)) {
</ins><span class="cx"> printAccessDeniedMessage(url);
</span><span class="cx"> return false;
</span><span class="cx"> }
</span><span class="lines">@@ -529,7 +529,7 @@
</span><span class="cx"> return true;
</span><span class="cx"> }
</span><span class="cx">
</span><del>- if (!document->shouldEnforceContentDispositionAttachmentSandbox() || document->securityOrigin()->canRequest(url))
</del><ins>+ if (!document->shouldEnforceContentDispositionAttachmentSandbox() || document->securityOrigin().canRequest(url))
</ins><span class="cx"> return true;
</span><span class="cx">
</span><span class="cx"> String message = "Unsafe attempt to load URL " + url.stringCenterEllipsizedToLength() + " from document with Content-Disposition: attachment at URL " + document->url().stringCenterEllipsizedToLength() + ".";
</span></span></pre></div>
<a id="trunkSourceWebCoreloadercacheCachedResourceRequestcpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/loader/cache/CachedResourceRequest.cpp (210858 => 210859)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/loader/cache/CachedResourceRequest.cpp 2017-01-18 19:30:50 UTC (rev 210858)
+++ trunk/Source/WebCore/loader/cache/CachedResourceRequest.cpp 2017-01-18 19:35:49 UTC (rev 210859)
</span><span class="lines">@@ -87,9 +87,8 @@
</span><span class="cx"> void CachedResourceRequest::setAsPotentiallyCrossOrigin(const String& mode, Document& document)
</span><span class="cx"> {
</span><span class="cx"> ASSERT(m_options.mode == FetchOptions::Mode::NoCors);
</span><del>- ASSERT(document.securityOrigin());
</del><span class="cx">
</span><del>- m_origin = document.securityOrigin();
</del><ins>+ m_origin = &document.securityOrigin();
</ins><span class="cx">
</span><span class="cx"> if (mode.isNull())
</span><span class="cx"> return;
</span><span class="lines">@@ -101,15 +100,14 @@
</span><span class="cx"> ? FetchOptions::Credentials::Include : FetchOptions::Credentials::SameOrigin;
</span><span class="cx"> m_options.credentials = credentials;
</span><span class="cx"> m_options.allowCredentials = credentials == FetchOptions::Credentials::Include ? AllowStoredCredentials : DoNotAllowStoredCredentials;
</span><del>- WebCore::updateRequestForAccessControl(m_resourceRequest, *document.securityOrigin(), m_options.allowCredentials);
</del><ins>+ WebCore::updateRequestForAccessControl(m_resourceRequest, document.securityOrigin(), m_options.allowCredentials);
</ins><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> void CachedResourceRequest::updateForAccessControl(Document& document)
</span><span class="cx"> {
</span><span class="cx"> ASSERT(m_options.mode == FetchOptions::Mode::Cors);
</span><del>- ASSERT(document.securityOrigin());
</del><span class="cx">
</span><del>- m_origin = document.securityOrigin();
</del><ins>+ m_origin = &document.securityOrigin();
</ins><span class="cx"> WebCore::updateRequestForAccessControl(m_resourceRequest, *m_origin, m_options.allowCredentials);
</span><span class="cx"> }
</span><span class="cx">
</span></span></pre></div>
<a id="trunkSourceWebCoreloadercacheCachedResourceRequesth"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/loader/cache/CachedResourceRequest.h (210858 => 210859)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/loader/cache/CachedResourceRequest.h 2017-01-18 19:30:50 UTC (rev 210858)
+++ trunk/Source/WebCore/loader/cache/CachedResourceRequest.h 2017-01-18 19:35:49 UTC (rev 210859)
</span><span class="lines">@@ -79,7 +79,7 @@
</span><span class="cx"> void setDomainForCachePartition(Document&);
</span><span class="cx"> #endif
</span><span class="cx">
</span><del>- void setOrigin(RefPtr<SecurityOrigin>&& origin) { m_origin = WTFMove(origin); }
</del><ins>+ void setOrigin(Ref<SecurityOrigin>&& origin) { m_origin = WTFMove(origin); }
</ins><span class="cx"> RefPtr<SecurityOrigin> releaseOrigin() { return WTFMove(m_origin); }
</span><span class="cx"> SecurityOrigin* origin() const { return m_origin.get(); }
</span><span class="cx">
</span></span></pre></div>
<a id="trunkSourceWebCorepageDOMWindowcpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/page/DOMWindow.cpp (210858 => 210859)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/page/DOMWindow.cpp 2017-01-18 19:30:50 UTC (rev 210858)
+++ trunk/Source/WebCore/page/DOMWindow.cpp 2017-01-18 19:35:49 UTC (rev 210859)
</span><span class="lines">@@ -858,7 +858,7 @@
</span><span class="cx"> if (!document)
</span><span class="cx"> return nullptr;
</span><span class="cx">
</span><del>- if (!document->securityOrigin()->canAccessSessionStorage(document->topOrigin()))
</del><ins>+ if (!document->securityOrigin().canAccessSessionStorage(document->topOrigin()))
</ins><span class="cx"> return Exception { SECURITY_ERR };
</span><span class="cx">
</span><span class="cx"> if (m_sessionStorage) {
</span><span class="lines">@@ -871,7 +871,7 @@
</span><span class="cx"> if (!page)
</span><span class="cx"> return nullptr;
</span><span class="cx">
</span><del>- auto storageArea = page->sessionStorage()->storageArea(SecurityOriginData::fromSecurityOrigin(*document->securityOrigin()));
</del><ins>+ auto storageArea = page->sessionStorage()->storageArea(SecurityOriginData::fromSecurityOrigin(document->securityOrigin()));
</ins><span class="cx"> if (!storageArea->canAccessStorage(m_frame))
</span><span class="cx"> return Exception { SECURITY_ERR };
</span><span class="cx">
</span><span class="lines">@@ -888,7 +888,7 @@
</span><span class="cx"> if (!document)
</span><span class="cx"> return nullptr;
</span><span class="cx">
</span><del>- if (!document->securityOrigin()->canAccessLocalStorage(nullptr))
</del><ins>+ if (!document->securityOrigin().canAccessLocalStorage(nullptr))
</ins><span class="cx"> return Exception { SECURITY_ERR };
</span><span class="cx">
</span><span class="cx"> auto* page = document->page();
</span><span class="lines">@@ -933,7 +933,7 @@
</span><span class="cx"> if (targetOrigin == "/") {
</span><span class="cx"> if (!sourceDocument)
</span><span class="cx"> return { };
</span><del>- target = sourceDocument->securityOrigin();
</del><ins>+ target = &sourceDocument->securityOrigin();
</ins><span class="cx"> } else if (targetOrigin != "*") {
</span><span class="cx"> target = SecurityOrigin::createFromString(targetOrigin);
</span><span class="cx"> // It doesn't make sense target a postMessage at a unique origin
</span><span class="lines">@@ -955,7 +955,7 @@
</span><span class="cx"> // in order to capture the source of the message correctly.
</span><span class="cx"> if (!sourceDocument)
</span><span class="cx"> return { };
</span><del>- auto sourceOrigin = sourceDocument->securityOrigin()->toString();
</del><ins>+ auto sourceOrigin = sourceDocument->securityOrigin().toString();
</ins><span class="cx">
</span><span class="cx"> // Capture stack trace only when inspector front-end is loaded as it may be time consuming.
</span><span class="cx"> RefPtr<ScriptCallStack> stackTrace;
</span><span class="lines">@@ -983,7 +983,7 @@
</span><span class="cx"> // Check target origin now since the target document may have changed since the timer was scheduled.
</span><span class="cx"> if (!intendedTargetOrigin->isSameSchemeHostPort(document()->securityOrigin())) {
</span><span class="cx"> if (PageConsoleClient* pageConsole = console()) {
</span><del>- String message = makeString("Unable to post message to ", intendedTargetOrigin->toString(), ". Recipient has origin ", document()->securityOrigin()->toString(), ".\n");
</del><ins>+ String message = makeString("Unable to post message to ", intendedTargetOrigin->toString(), ". Recipient has origin ", document()->securityOrigin().toString(), ".\n");
</ins><span class="cx"> pageConsole->addMessage(MessageSource::Security, MessageLevel::Error, message, stackTrace);
</span><span class="cx"> }
</span><span class="cx"> return;
</span><span class="lines">@@ -1755,7 +1755,7 @@
</span><span class="cx">
</span><span class="cx"> Document* mainFrameDocument = m_frame->mainFrame().document();
</span><span class="cx">
</span><del>- if (mainFrameDocument && document()->securityOrigin()->canAccess(mainFrameDocument->securityOrigin()))
</del><ins>+ if (mainFrameDocument && document()->securityOrigin().canAccess(mainFrameDocument->securityOrigin()))
</ins><span class="cx"> return true;
</span><span class="cx">
</span><span class="cx"> return false;
</span><span class="lines">@@ -2100,12 +2100,12 @@
</span><span class="cx"> if (activeWindowURL.isNull())
</span><span class="cx"> return String();
</span><span class="cx">
</span><del>- ASSERT(!activeWindow.document()->securityOrigin()->canAccess(document()->securityOrigin()));
</del><ins>+ ASSERT(!activeWindow.document()->securityOrigin().canAccess(document()->securityOrigin()));
</ins><span class="cx">
</span><span class="cx"> // FIXME: This message, and other console messages, have extra newlines. Should remove them.
</span><del>- SecurityOrigin* activeOrigin = activeWindow.document()->securityOrigin();
- SecurityOrigin* targetOrigin = document()->securityOrigin();
- String message = "Blocked a frame with origin \"" + activeOrigin->toString() + "\" from accessing a frame with origin \"" + targetOrigin->toString() + "\". ";
</del><ins>+ SecurityOrigin& activeOrigin = activeWindow.document()->securityOrigin();
+ SecurityOrigin& targetOrigin = document()->securityOrigin();
+ String message = "Blocked a frame with origin \"" + activeOrigin.toString() + "\" from accessing a frame with origin \"" + targetOrigin.toString() + "\". ";
</ins><span class="cx">
</span><span class="cx"> // Sandbox errors: Use the origin of the frames' location, rather than their actual origin (since we know that at least one will be "null").
</span><span class="cx"> URL activeURL = activeWindow.document()->url();
</span><span class="lines">@@ -2120,16 +2120,16 @@
</span><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> // Protocol errors: Use the URL's protocol rather than the origin's protocol so that we get a useful message for non-heirarchal URLs like 'data:'.
</span><del>- if (targetOrigin->protocol() != activeOrigin->protocol())
</del><ins>+ if (targetOrigin.protocol() != activeOrigin.protocol())
</ins><span class="cx"> return message + " The frame requesting access has a protocol of \"" + activeURL.protocol() + "\", the frame being accessed has a protocol of \"" + targetURL.protocol() + "\". Protocols must match.\n";
</span><span class="cx">
</span><span class="cx"> // 'document.domain' errors.
</span><del>- if (targetOrigin->domainWasSetInDOM() && activeOrigin->domainWasSetInDOM())
- return message + "The frame requesting access set \"document.domain\" to \"" + activeOrigin->domain() + "\", the frame being accessed set it to \"" + targetOrigin->domain() + "\". Both must set \"document.domain\" to the same value to allow access.";
- if (activeOrigin->domainWasSetInDOM())
- return message + "The frame requesting access set \"document.domain\" to \"" + activeOrigin->domain() + "\", but the frame being accessed did not. Both must set \"document.domain\" to the same value to allow access.";
- if (targetOrigin->domainWasSetInDOM())
- return message + "The frame being accessed set \"document.domain\" to \"" + targetOrigin->domain() + "\", but the frame requesting access did not. Both must set \"document.domain\" to the same value to allow access.";
</del><ins>+ if (targetOrigin.domainWasSetInDOM() && activeOrigin.domainWasSetInDOM())
+ return message + "The frame requesting access set \"document.domain\" to \"" + activeOrigin.domain() + "\", the frame being accessed set it to \"" + targetOrigin.domain() + "\". Both must set \"document.domain\" to the same value to allow access.";
+ if (activeOrigin.domainWasSetInDOM())
+ return message + "The frame requesting access set \"document.domain\" to \"" + activeOrigin.domain() + "\", but the frame being accessed did not. Both must set \"document.domain\" to the same value to allow access.";
+ if (targetOrigin.domainWasSetInDOM())
+ return message + "The frame being accessed set \"document.domain\" to \"" + targetOrigin.domain() + "\", but the frame requesting access did not. Both must set \"document.domain\" to the same value to allow access.";
</ins><span class="cx">
</span><span class="cx"> // Default.
</span><span class="cx"> return message + "Protocols, domains, and ports must match.";
</span><span class="lines">@@ -2151,7 +2151,7 @@
</span><span class="cx">
</span><span class="cx"> // FIXME: The name canAccess seems to be a roundabout way to ask "can execute script".
</span><span class="cx"> // Can we name the SecurityOrigin function better to make this more clear?
</span><del>- if (activeWindow.document()->securityOrigin()->canAccess(document()->securityOrigin()))
</del><ins>+ if (activeWindow.document()->securityOrigin().canAccess(document()->securityOrigin()))
</ins><span class="cx"> return false;
</span><span class="cx"> }
</span><span class="cx">
</span></span></pre></div>
<a id="trunkSourceWebCorepageDragControllercpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/page/DragController.cpp (210858 => 210859)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/page/DragController.cpp 2017-01-18 19:30:50 UTC (rev 210858)
+++ trunk/Source/WebCore/page/DragController.cpp 2017-01-18 19:35:49 UTC (rev 210859)
</span><span class="lines">@@ -190,7 +190,7 @@
</span><span class="cx"> {
</span><span class="cx"> if (RefPtr<FrameView> v = m_page.mainFrame().view()) {
</span><span class="cx"> #if ENABLE(DASHBOARD_SUPPORT)
</span><del>- DataTransferAccessPolicy policy = (m_page.mainFrame().settings().usesDashboardBackwardCompatibilityMode() && (!m_documentUnderMouse || m_documentUnderMouse->securityOrigin()->isLocal()))
</del><ins>+ DataTransferAccessPolicy policy = (m_page.mainFrame().settings().usesDashboardBackwardCompatibilityMode() && (!m_documentUnderMouse || m_documentUnderMouse->securityOrigin().isLocal()))
</ins><span class="cx"> ? DataTransferAccessPolicy::Readable : DataTransferAccessPolicy::TypesReadable;
</span><span class="cx"> #else
</span><span class="cx"> DataTransferAccessPolicy policy = DataTransferAccessPolicy::TypesReadable;
</span><span class="lines">@@ -320,7 +320,7 @@
</span><span class="cx"> if (!m_documentUnderMouse)
</span><span class="cx"> return false;
</span><span class="cx">
</span><del>- if (m_dragInitiator && !m_documentUnderMouse->securityOrigin()->canReceiveDragData(m_dragInitiator->securityOrigin()))
</del><ins>+ if (m_dragInitiator && !m_documentUnderMouse->securityOrigin().canReceiveDragData(m_dragInitiator->securityOrigin()))
</ins><span class="cx"> return false;
</span><span class="cx">
</span><span class="cx"> bool isHandlingDrag = false;
</span><span class="lines">@@ -611,7 +611,7 @@
</span><span class="cx"> return false;
</span><span class="cx">
</span><span class="cx"> #if ENABLE(DASHBOARD_SUPPORT)
</span><del>- DataTransferAccessPolicy policy = (mainFrame->settings().usesDashboardBackwardCompatibilityMode() && m_documentUnderMouse->securityOrigin()->isLocal()) ?
</del><ins>+ DataTransferAccessPolicy policy = (mainFrame->settings().usesDashboardBackwardCompatibilityMode() && m_documentUnderMouse->securityOrigin().isLocal()) ?
</ins><span class="cx"> DataTransferAccessPolicy::Readable : DataTransferAccessPolicy::TypesReadable;
</span><span class="cx"> #else
</span><span class="cx"> DataTransferAccessPolicy policy = DataTransferAccessPolicy::TypesReadable;
</span><span class="lines">@@ -844,7 +844,7 @@
</span><span class="cx"> return false;
</span><span class="cx">
</span><span class="cx"> doSystemDrag(dragImage, dragLoc, dragOrigin, dataTransfer, src, false);
</span><del>- } else if (!src.document()->securityOrigin()->canDisplay(linkURL)) {
</del><ins>+ } else if (!src.document()->securityOrigin().canDisplay(linkURL)) {
</ins><span class="cx"> src.document()->addConsoleMessage(MessageSource::Security, MessageLevel::Error, "Not allowed to drag local resource: " + linkURL.stringCenterEllipsizedToLength());
</span><span class="cx"> startedDrag = false;
</span><span class="cx"> } else if (!imageURL.isEmpty() && image && !image->isNull() && (m_dragSourceAction & DragSourceActionImage)) {
</span></span></pre></div>
<a id="trunkSourceWebCorepageHistorycpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/page/History.cpp (210858 => 210859)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/page/History.cpp 2017-01-18 19:30:50 UTC (rev 210858)
+++ trunk/Source/WebCore/page/History.cpp 2017-01-18 19:35:49 UTC (rev 210859)
</span><span class="lines">@@ -145,7 +145,7 @@
</span><span class="cx"> return { };
</span><span class="cx">
</span><span class="cx"> URL fullURL = urlForState(urlString);
</span><del>- if (!fullURL.isValid() || !m_frame->document()->securityOrigin()->canRequest(fullURL))
</del><ins>+ if (!fullURL.isValid() || !m_frame->document()->securityOrigin().canRequest(fullURL))
</ins><span class="cx"> return Exception { SECURITY_ERR };
</span><span class="cx">
</span><span class="cx"> if (fullURL.hasUsername() || fullURL.hasPassword()) {
</span></span></pre></div>
<a id="trunkSourceWebCorepageLocationcpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/page/Location.cpp (210858 => 210859)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/page/Location.cpp 2017-01-18 19:30:50 UTC (rev 210858)
+++ trunk/Source/WebCore/page/Location.cpp 2017-01-18 19:35:49 UTC (rev 210859)
</span><span class="lines">@@ -137,7 +137,7 @@
</span><span class="cx"> if (!m_frame)
</span><span class="cx"> return origins;
</span><span class="cx"> for (Frame* frame = m_frame->tree().parent(); frame; frame = frame->tree().parent())
</span><del>- origins->append(frame->document()->securityOrigin()->toString());
</del><ins>+ origins->append(frame->document()->securityOrigin().toString());
</ins><span class="cx"> return origins;
</span><span class="cx"> }
</span><span class="cx">
</span><span class="lines">@@ -268,7 +268,7 @@
</span><span class="cx"> // FIXME: It's not clear this cross-origin security check is valuable.
</span><span class="cx"> // We allow one page to change the location of another. Why block attempts to reload?
</span><span class="cx"> // Other location operations simply block use of JavaScript URLs cross origin.
</span><del>- if (!activeDocument.securityOrigin()->canAccess(targetDocument.securityOrigin())) {
</del><ins>+ if (!activeDocument.securityOrigin().canAccess(targetDocument.securityOrigin())) {
</ins><span class="cx"> auto& targetWindow = *targetDocument.domWindow();
</span><span class="cx"> targetWindow.printErrorMessage(targetWindow.crossDomainAccessErrorMessage(activeWindow));
</span><span class="cx"> return;
</span></span></pre></div>
<a id="trunkSourceWebCorepageNavigatorcpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/page/Navigator.cpp (210858 => 210859)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/page/Navigator.cpp 2017-01-18 19:30:50 UTC (rev 210858)
+++ trunk/Source/WebCore/page/Navigator.cpp 2017-01-18 19:35:49 UTC (rev 210859)
</span><span class="lines">@@ -125,7 +125,7 @@
</span><span class="cx">
</span><span class="cx"> if (!m_frame->settings().isJavaEnabled())
</span><span class="cx"> return false;
</span><del>- if (m_frame->document()->securityOrigin()->isLocal() && !m_frame->settings().isJavaEnabledForLocalFiles())
</del><ins>+ if (m_frame->document()->securityOrigin().isLocal() && !m_frame->settings().isJavaEnabledForLocalFiles())
</ins><span class="cx"> return false;
</span><span class="cx">
</span><span class="cx"> return true;
</span></span></pre></div>
<a id="trunkSourceWebCorepagePagecpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/page/Page.cpp (210858 => 210859)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/page/Page.cpp 2017-01-18 19:30:50 UTC (rev 210858)
+++ trunk/Source/WebCore/page/Page.cpp 2017-01-18 19:35:49 UTC (rev 210859)
</span><span class="lines">@@ -566,10 +566,8 @@
</span><span class="cx"> if (m_showAllPlugins)
</span><span class="cx"> return true;
</span><span class="cx">
</span><del>- if (Document* document = mainFrame().document()) {
- if (SecurityOrigin* securityOrigin = document->securityOrigin())
- return securityOrigin->isLocal();
- }
</del><ins>+ if (Document* document = mainFrame().document())
+ return document->securityOrigin().isLocal();
</ins><span class="cx">
</span><span class="cx"> return false;
</span><span class="cx"> }
</span></span></pre></div>
<a id="trunkSourceWebCorepagePerformanceResourceTimingcpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/page/PerformanceResourceTiming.cpp (210858 => 210859)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/page/PerformanceResourceTiming.cpp 2017-01-18 19:30:50 UTC (rev 210858)
+++ trunk/Source/WebCore/page/PerformanceResourceTiming.cpp 2017-01-18 19:35:49 UTC (rev 210859)
</span><span class="lines">@@ -54,7 +54,7 @@
</span><span class="cx">
</span><span class="cx"> static bool passesTimingAllowCheck(const ResourceResponse& response, Document* requestingDocument)
</span><span class="cx"> {
</span><del>- RefPtr<SecurityOrigin> resourceOrigin = SecurityOrigin::create(response.url());
</del><ins>+ Ref<SecurityOrigin> resourceOrigin = SecurityOrigin::create(response.url());
</ins><span class="cx"> if (resourceOrigin->isSameSchemeHostPort(requestingDocument->securityOrigin()))
</span><span class="cx"> return true;
</span><span class="cx">
</span><span class="lines">@@ -65,7 +65,7 @@
</span><span class="cx"> if (timingAllowOriginString == "*")
</span><span class="cx"> return true;
</span><span class="cx">
</span><del>- const String& securityOrigin = requestingDocument->securityOrigin()->toString();
</del><ins>+ const String& securityOrigin = requestingDocument->securityOrigin().toString();
</ins><span class="cx"> Vector<String> timingAllowOrigins;
</span><span class="cx"> timingAllowOriginString.split(' ', timingAllowOrigins);
</span><span class="cx"> for (auto& origin : timingAllowOrigins) {
</span></span></pre></div>
<a id="trunkSourceWebCorepageSecurityOrigincpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/page/SecurityOrigin.cpp (210858 => 210859)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/page/SecurityOrigin.cpp 2017-01-18 19:30:50 UTC (rev 210858)
+++ trunk/Source/WebCore/page/SecurityOrigin.cpp 2017-01-18 19:35:49 UTC (rev 210859)
</span><span class="lines">@@ -186,15 +186,15 @@
</span><span class="cx"> return false;
</span><span class="cx"> }
</span><span class="cx">
</span><del>-bool SecurityOrigin::canAccess(const SecurityOrigin* other) const
</del><ins>+bool SecurityOrigin::canAccess(const SecurityOrigin& other) const
</ins><span class="cx"> {
</span><span class="cx"> if (m_universalAccess)
</span><span class="cx"> return true;
</span><span class="cx">
</span><del>- if (this == other)
</del><ins>+ if (this == &other)
</ins><span class="cx"> return true;
</span><span class="cx">
</span><del>- if (isUnique() || other->isUnique())
</del><ins>+ if (isUnique() || other.isUnique())
</ins><span class="cx"> return false;
</span><span class="cx">
</span><span class="cx"> // Here are two cases where we should permit access:
</span><span class="lines">@@ -218,18 +218,18 @@
</span><span class="cx"> // this is a security vulnerability.
</span><span class="cx">
</span><span class="cx"> bool canAccess = false;
</span><del>- if (m_protocol == other->m_protocol) {
- if (!m_domainWasSetInDOM && !other->m_domainWasSetInDOM) {
- if (m_host == other->m_host && m_port == other->m_port)
</del><ins>+ if (m_protocol == other.m_protocol) {
+ if (!m_domainWasSetInDOM && !other.m_domainWasSetInDOM) {
+ if (m_host == other.m_host && m_port == other.m_port)
</ins><span class="cx"> canAccess = true;
</span><del>- } else if (m_domainWasSetInDOM && other->m_domainWasSetInDOM) {
- if (m_domain == other->m_domain)
</del><ins>+ } else if (m_domainWasSetInDOM && other.m_domainWasSetInDOM) {
+ if (m_domain == other.m_domain)
</ins><span class="cx"> canAccess = true;
</span><span class="cx"> }
</span><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> if (canAccess && isLocal())
</span><del>- canAccess = passesFileCheck(*other);
</del><ins>+ canAccess = passesFileCheck(other);
</ins><span class="cx">
</span><span class="cx"> return canAccess;
</span><span class="cx"> }
</span><span class="lines">@@ -262,7 +262,7 @@
</span><span class="cx">
</span><span class="cx"> // We call isSameSchemeHostPort here instead of canAccess because we want
</span><span class="cx"> // to ignore document.domain effects.
</span><del>- if (isSameSchemeHostPort(&targetOrigin.get()))
</del><ins>+ if (isSameSchemeHostPort(targetOrigin.get()))
</ins><span class="cx"> return true;
</span><span class="cx">
</span><span class="cx"> if (SecurityPolicy::isAccessWhiteListed(this, &targetOrigin.get()))
</span><span class="lines">@@ -271,9 +271,9 @@
</span><span class="cx"> return false;
</span><span class="cx"> }
</span><span class="cx">
</span><del>-bool SecurityOrigin::canReceiveDragData(const SecurityOrigin* dragInitiator) const
</del><ins>+bool SecurityOrigin::canReceiveDragData(const SecurityOrigin& dragInitiator) const
</ins><span class="cx"> {
</span><del>- if (this == dragInitiator)
</del><ins>+ if (this == &dragInitiator)
</ins><span class="cx"> return true;
</span><span class="cx">
</span><span class="cx"> return canAccess(dragInitiator);
</span><span class="lines">@@ -350,7 +350,7 @@
</span><span class="cx"> if (m_universalAccess)
</span><span class="cx"> return true;
</span><span class="cx">
</span><del>- if ((m_storageBlockingPolicy == BlockThirdPartyStorage || topOrigin->m_storageBlockingPolicy == BlockThirdPartyStorage) && !topOrigin->isSameOriginAs(this))
</del><ins>+ if ((m_storageBlockingPolicy == BlockThirdPartyStorage || topOrigin->m_storageBlockingPolicy == BlockThirdPartyStorage) && !topOrigin->isSameOriginAs(*this))
</ins><span class="cx"> return false;
</span><span class="cx">
</span><span class="cx"> return true;
</span><span class="lines">@@ -365,12 +365,12 @@
</span><span class="cx"> return Ask;
</span><span class="cx"> }
</span><span class="cx">
</span><del>-bool SecurityOrigin::isSameOriginAs(const SecurityOrigin* other) const
</del><ins>+bool SecurityOrigin::isSameOriginAs(const SecurityOrigin& other) const
</ins><span class="cx"> {
</span><del>- if (this == other)
</del><ins>+ if (this == &other)
</ins><span class="cx"> return true;
</span><span class="cx">
</span><del>- if (isUnique() || other->isUnique())
</del><ins>+ if (isUnique() || other.isUnique())
</ins><span class="cx"> return false;
</span><span class="cx">
</span><span class="cx"> return isSameSchemeHostPort(other);
</span><span class="lines">@@ -505,7 +505,7 @@
</span><span class="cx"> if (other == this)
</span><span class="cx"> return true;
</span><span class="cx">
</span><del>- if (!isSameSchemeHostPort(other))
</del><ins>+ if (!isSameSchemeHostPort(*other))
</ins><span class="cx"> return false;
</span><span class="cx">
</span><span class="cx"> if (m_domainWasSetInDOM != other->m_domainWasSetInDOM)
</span><span class="lines">@@ -517,18 +517,18 @@
</span><span class="cx"> return true;
</span><span class="cx"> }
</span><span class="cx">
</span><del>-bool SecurityOrigin::isSameSchemeHostPort(const SecurityOrigin* other) const
</del><ins>+bool SecurityOrigin::isSameSchemeHostPort(const SecurityOrigin& other) const
</ins><span class="cx"> {
</span><del>- if (m_host != other->m_host)
</del><ins>+ if (m_host != other.m_host)
</ins><span class="cx"> return false;
</span><span class="cx">
</span><del>- if (m_protocol != other->m_protocol)
</del><ins>+ if (m_protocol != other.m_protocol)
</ins><span class="cx"> return false;
</span><span class="cx">
</span><del>- if (m_port != other->m_port)
</del><ins>+ if (m_port != other.m_port)
</ins><span class="cx"> return false;
</span><span class="cx">
</span><del>- if (isLocal() && !passesFileCheck(*other))
</del><ins>+ if (isLocal() && !passesFileCheck(other))
</ins><span class="cx"> return false;
</span><span class="cx">
</span><span class="cx"> return true;
</span></span></pre></div>
<a id="trunkSourceWebCorepageSecurityOriginh"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/page/SecurityOrigin.h (210858 => 210859)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/page/SecurityOrigin.h 2017-01-18 19:30:50 UTC (rev 210858)
+++ trunk/Source/WebCore/page/SecurityOrigin.h 2017-01-18 19:35:49 UTC (rev 210859)
</span><span class="lines">@@ -92,7 +92,7 @@
</span><span class="cx"> // SecurityOrigin. For example, call this function before allowing
</span><span class="cx"> // script from one security origin to read or write objects from
</span><span class="cx"> // another SecurityOrigin.
</span><del>- WEBCORE_EXPORT bool canAccess(const SecurityOrigin*) const;
</del><ins>+ WEBCORE_EXPORT bool canAccess(const SecurityOrigin&) const;
</ins><span class="cx">
</span><span class="cx"> // Returns true if this SecurityOrigin can read content retrieved from
</span><span class="cx"> // the given URL. For example, call this function before issuing
</span><span class="lines">@@ -102,7 +102,7 @@
</span><span class="cx"> // Returns true if this SecurityOrigin can receive drag content from the
</span><span class="cx"> // initiator. For example, call this function before allowing content to be
</span><span class="cx"> // dropped onto a target.
</span><del>- bool canReceiveDragData(const SecurityOrigin* dragInitiator) const;
</del><ins>+ bool canReceiveDragData(const SecurityOrigin& dragInitiator) const;
</ins><span class="cx">
</span><span class="cx"> // Returns true if |document| can display content from the given URL (e.g.,
</span><span class="cx"> // in an iframe or as an image). For example, web sites generally cannot
</span><span class="lines">@@ -194,11 +194,11 @@
</span><span class="cx">
</span><span class="cx"> // This method checks for equality, ignoring the value of document.domain
</span><span class="cx"> // (and whether it was set) but considering the host. It is used for postMessage.
</span><del>- WEBCORE_EXPORT bool isSameSchemeHostPort(const SecurityOrigin*) const;
</del><ins>+ WEBCORE_EXPORT bool isSameSchemeHostPort(const SecurityOrigin&) const;
</ins><span class="cx">
</span><span class="cx"> // This method implements the "same origin" algorithm from the HTML Standard:
</span><span class="cx"> // https://html.spec.whatwg.org/multipage/browsers.html#same-origin
</span><del>- WEBCORE_EXPORT bool isSameOriginAs(const SecurityOrigin*) const;
</del><ins>+ WEBCORE_EXPORT bool isSameOriginAs(const SecurityOrigin&) const;
</ins><span class="cx">
</span><span class="cx"> static URL urlWithUniqueSecurityOrigin();
</span><span class="cx">
</span></span></pre></div>
<a id="trunkSourceWebCorepageSecurityOriginDatacpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/page/SecurityOriginData.cpp (210858 => 210859)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/page/SecurityOriginData.cpp 2017-01-18 19:30:50 UTC (rev 210858)
+++ trunk/Source/WebCore/page/SecurityOriginData.cpp 2017-01-18 19:35:49 UTC (rev 210859)
</span><span class="lines">@@ -63,11 +63,7 @@
</span><span class="cx"> if (!document)
</span><span class="cx"> return SecurityOriginData();
</span><span class="cx">
</span><del>- SecurityOrigin* origin = document->securityOrigin();
- if (!origin)
- return SecurityOriginData();
-
- return SecurityOriginData::fromSecurityOrigin(*origin);
</del><ins>+ return SecurityOriginData::fromSecurityOrigin(document->securityOrigin());
</ins><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> Ref<SecurityOrigin> SecurityOriginData::securityOrigin() const
</span></span></pre></div>
<a id="trunkSourceWebCorepageSecurityOriginHashh"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/page/SecurityOriginHash.h (210858 => 210859)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/page/SecurityOriginHash.h 2017-01-18 19:30:50 UTC (rev 210858)
+++ trunk/Source/WebCore/page/SecurityOriginHash.h 2017-01-18 19:35:49 UTC (rev 210859)
</span><span class="lines">@@ -53,7 +53,7 @@
</span><span class="cx"> {
</span><span class="cx"> if (!a || !b)
</span><span class="cx"> return a == b;
</span><del>- return a->isSameSchemeHostPort(b);
</del><ins>+ return a->isSameSchemeHostPort(*b);
</ins><span class="cx"> }
</span><span class="cx"> static bool equal(SecurityOrigin* a, const RefPtr<SecurityOrigin>& b)
</span><span class="cx"> {
</span></span></pre></div>
<a id="trunkSourceWebCorepagecspContentSecurityPolicycpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/page/csp/ContentSecurityPolicy.cpp (210858 => 210859)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/page/csp/ContentSecurityPolicy.cpp 2017-01-18 19:30:50 UTC (rev 210858)
+++ trunk/Source/WebCore/page/csp/ContentSecurityPolicy.cpp 2017-01-18 19:35:49 UTC (rev 210859)
</span><span class="lines">@@ -592,7 +592,7 @@
</span><span class="cx"> return String();
</span><span class="cx"> if (!url.isHierarchical() || url.protocolIs("file"))
</span><span class="cx"> return url.protocol().toString();
</span><del>- return document.securityOrigin()->canRequest(url) ? url.strippedForUseAsReferrer() : SecurityOrigin::create(url).get().toString();
</del><ins>+ return document.securityOrigin().canRequest(url) ? url.strippedForUseAsReferrer() : SecurityOrigin::create(url).get().toString();
</ins><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> void ContentSecurityPolicy::reportViolation(const String& violatedDirective, const ContentSecurityPolicyDirective& effectiveViolatedDirective, const URL& blockedURL, const String& consoleMessage, JSC::ExecState* state) const
</span></span></pre></div>
<a id="trunkSourceWebCoreplatformgraphicsavfoundationcfMediaPlayerPrivateAVFoundationCFcpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/platform/graphics/avfoundation/cf/MediaPlayerPrivateAVFoundationCF.cpp (210858 => 210859)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/platform/graphics/avfoundation/cf/MediaPlayerPrivateAVFoundationCF.cpp 2017-01-18 19:30:50 UTC (rev 210858)
+++ trunk/Source/WebCore/platform/graphics/avfoundation/cf/MediaPlayerPrivateAVFoundationCF.cpp 2017-01-18 19:35:49 UTC (rev 210859)
</span><span class="lines">@@ -1359,7 +1359,7 @@
</span><span class="cx">
</span><span class="cx"> Ref<SecurityOrigin> resolvedOrigin(SecurityOrigin::create(resolvedURL()));
</span><span class="cx"> Ref<SecurityOrigin> requestedOrigin(SecurityOrigin::createFromString(assetURL()));
</span><del>- return resolvedOrigin.get().isSameSchemeHostPort(&requestedOrigin.get());
</del><ins>+ return resolvedOrigin->isSameSchemeHostPort(requestedOrigin.get());
</ins><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> AVFWrapper::AVFWrapper(MediaPlayerPrivateAVFoundationCF* owner)
</span></span></pre></div>
<a id="trunkSourceWebCoreplatformgraphicsavfoundationobjcMediaPlayerPrivateAVFoundationObjCmm"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm (210858 => 210859)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm 2017-01-18 19:30:50 UTC (rev 210858)
+++ trunk/Source/WebCore/platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm 2017-01-18 19:35:49 UTC (rev 210859)
</span><span class="lines">@@ -2232,7 +2232,7 @@
</span><span class="cx">
</span><span class="cx"> Ref<SecurityOrigin> resolvedOrigin(SecurityOrigin::create(resolvedURL()));
</span><span class="cx"> Ref<SecurityOrigin> requestedOrigin(SecurityOrigin::createFromString(assetURL()));
</span><del>- return resolvedOrigin.get().isSameSchemeHostPort(&requestedOrigin.get());
</del><ins>+ return resolvedOrigin->isSameSchemeHostPort(requestedOrigin.get());
</ins><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> bool MediaPlayerPrivateAVFoundationObjC::didPassCORSAccessCheck() const
</span></span></pre></div>
<a id="trunkSourceWebCoreplatformgraphicsmacMediaPlayerPrivateQTKitmm"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/platform/graphics/mac/MediaPlayerPrivateQTKit.mm (210858 => 210859)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/platform/graphics/mac/MediaPlayerPrivateQTKit.mm 2017-01-18 19:30:50 UTC (rev 210858)
+++ trunk/Source/WebCore/platform/graphics/mac/MediaPlayerPrivateQTKit.mm 2017-01-18 19:35:49 UTC (rev 210859)
</span><span class="lines">@@ -1480,8 +1480,8 @@
</span><span class="cx"> if (!m_qtMovie)
</span><span class="cx"> return false;
</span><span class="cx">
</span><del>- RefPtr<SecurityOrigin> resolvedOrigin = SecurityOrigin::create(URL(wkQTMovieResolvedURL(m_qtMovie.get())));
- RefPtr<SecurityOrigin> requestedOrigin = SecurityOrigin::createFromString(m_movieURL);
</del><ins>+ Ref<SecurityOrigin> resolvedOrigin = SecurityOrigin::create(URL(wkQTMovieResolvedURL(m_qtMovie.get())));
+ Ref<SecurityOrigin> requestedOrigin = SecurityOrigin::createFromString(m_movieURL);
</ins><span class="cx"> return resolvedOrigin->isSameSchemeHostPort(requestedOrigin.get());
</span><span class="cx"> }
</span><span class="cx">
</span></span></pre></div>
<a id="trunkSourceWebCorerenderingshapesShapeOutsideInfocpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/rendering/shapes/ShapeOutsideInfo.cpp (210858 => 210859)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/rendering/shapes/ShapeOutsideInfo.cpp 2017-01-18 19:30:50 UTC (rev 210858)
+++ trunk/Source/WebCore/rendering/shapes/ShapeOutsideInfo.cpp 2017-01-18 19:35:49 UTC (rev 210859)
</span><span class="lines">@@ -125,7 +125,7 @@
</span><span class="cx">
</span><span class="cx"> ASSERT(styleImage.cachedImage());
</span><span class="cx"> CachedImage& cachedImage = *(styleImage.cachedImage());
</span><del>- if (cachedImage.isOriginClean(document.securityOrigin()))
</del><ins>+ if (cachedImage.isOriginClean(&document.securityOrigin()))
</ins><span class="cx"> return true;
</span><span class="cx">
</span><span class="cx"> const URL& url = cachedImage.url();
</span></span></pre></div>
<a id="trunkSourceWebCorereplayReplayInputCreationMethodscpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/replay/ReplayInputCreationMethods.cpp (210858 => 210859)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/replay/ReplayInputCreationMethods.cpp 2017-01-18 19:30:50 UTC (rev 210858)
+++ trunk/Source/WebCore/replay/ReplayInputCreationMethods.cpp 2017-01-18 19:35:49 UTC (rev 210859)
</span><span class="lines">@@ -43,7 +43,7 @@
</span><span class="cx"> ASSERT(mainFrame.document());
</span><span class="cx">
</span><span class="cx"> // Make sure that this is in sync with ReplayController::beginCapturing().
</span><del>- RefPtr<SecurityOrigin> originCopy = mainFrame.document()->securityOrigin()->isolatedCopy();
</del><ins>+ RefPtr<SecurityOrigin> originCopy = mainFrame.document()->securityOrigin().isolatedCopy();
</ins><span class="cx"> URL url = mainFrame.document()->url();
</span><span class="cx"> String referrer = mainFrame.loader().referrer();
</span><span class="cx"> return std::make_unique<InitialNavigation>(WTFMove(originCopy), url, referrer);
</span></span></pre></div>
<a id="trunkSourceWebCorereplayReplayInputDispatchMethodscpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/replay/ReplayInputDispatchMethods.cpp (210858 => 210859)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/replay/ReplayInputDispatchMethods.cpp 2017-01-18 19:30:50 UTC (rev 210858)
+++ trunk/Source/WebCore/replay/ReplayInputDispatchMethods.cpp 2017-01-18 19:35:49 UTC (rev 210859)
</span><span class="lines">@@ -52,7 +52,7 @@
</span><span class="cx"> {
</span><span class="cx"> auto& frame = controller.page().mainFrame();
</span><span class="cx"> ASSERT(frame.document());
</span><del>- frame.navigationScheduler().scheduleLocationChange(*frame.document(), m_securityOrigin.get(), m_url, m_referrer);
</del><ins>+ frame.navigationScheduler().scheduleLocationChange(*frame.document(), *m_securityOrigin, m_url, m_referrer);
</ins><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> void HandleKeyPress::dispatch(ReplayController& controller)
</span></span></pre></div>
<a id="trunkSourceWebCorestorageStoragecpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/storage/Storage.cpp (210858 => 210859)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/storage/Storage.cpp 2017-01-18 19:30:50 UTC (rev 210858)
+++ trunk/Source/WebCore/storage/Storage.cpp 2017-01-18 19:35:49 UTC (rev 210859)
</span><span class="lines">@@ -146,7 +146,7 @@
</span><span class="cx"> return false;
</span><span class="cx">
</span><span class="cx"> if (m_storageArea->storageType() == LocalStorage) {
</span><del>- if (SchemeRegistry::allowsLocalStorageAccessInPrivateBrowsing(m_frame->document()->securityOrigin()->protocol()))
</del><ins>+ if (SchemeRegistry::allowsLocalStorageAccessInPrivateBrowsing(m_frame->document()->securityOrigin().protocol()))
</ins><span class="cx"> return false;
</span><span class="cx"> }
</span><span class="cx">
</span></span></pre></div>
<a id="trunkSourceWebCorestorageStorageEventDispatchercpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/storage/StorageEventDispatcher.cpp (210858 => 210859)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/storage/StorageEventDispatcher.cpp 2017-01-18 19:30:50 UTC (rev 210858)
+++ trunk/Source/WebCore/storage/StorageEventDispatcher.cpp 2017-01-18 19:35:49 UTC (rev 210859)
</span><span class="lines">@@ -49,7 +49,7 @@
</span><span class="cx">
</span><span class="cx"> // Send events only to our page.
</span><span class="cx"> for (Frame* frame = &page->mainFrame(); frame; frame = frame->tree().traverseNext()) {
</span><del>- if (sourceFrame != frame && frame->document()->securityOrigin()->equal(securityOrigin.securityOrigin().ptr()))
</del><ins>+ if (sourceFrame != frame && frame->document()->securityOrigin().equal(securityOrigin.securityOrigin().ptr()))
</ins><span class="cx"> frames.append(frame);
</span><span class="cx"> }
</span><span class="cx">
</span><span class="lines">@@ -67,7 +67,7 @@
</span><span class="cx"> // Send events to every page.
</span><span class="cx"> for (auto& pageInGroup : page->group().pages()) {
</span><span class="cx"> for (Frame* frame = &pageInGroup->mainFrame(); frame; frame = frame->tree().traverseNext()) {
</span><del>- if (sourceFrame != frame && frame->document()->securityOrigin()->equal(securityOrigin.securityOrigin().ptr()))
</del><ins>+ if (sourceFrame != frame && frame->document()->securityOrigin().equal(securityOrigin.securityOrigin().ptr()))
</ins><span class="cx"> frames.append(frame);
</span><span class="cx"> }
</span><span class="cx"> }
</span></span></pre></div>
<a id="trunkSourceWebCorestorageStorageNamespaceProvidercpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/storage/StorageNamespaceProvider.cpp (210858 => 210859)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/storage/StorageNamespaceProvider.cpp 2017-01-18 19:30:50 UTC (rev 210858)
+++ trunk/Source/WebCore/storage/StorageNamespaceProvider.cpp 2017-01-18 19:35:49 UTC (rev 210859)
</span><span class="lines">@@ -61,9 +61,9 @@
</span><span class="cx">
</span><span class="cx"> RefPtr<StorageArea> StorageNamespaceProvider::localStorageArea(Document& document)
</span><span class="cx"> {
</span><del>- auto& storageNamespace = document.securityOrigin()->canAccessLocalStorage(document.topOrigin()) ? localStorageNamespace() : transientLocalStorageNamespace(*document.topOrigin());
</del><ins>+ auto& storageNamespace = document.securityOrigin().canAccessLocalStorage(document.topOrigin()) ? localStorageNamespace() : transientLocalStorageNamespace(*document.topOrigin());
</ins><span class="cx">
</span><del>- return storageNamespace.storageArea(SecurityOriginData::fromSecurityOrigin(*document.securityOrigin()));
</del><ins>+ return storageNamespace.storageArea(SecurityOriginData::fromSecurityOrigin(document.securityOrigin()));
</ins><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> StorageNamespace& StorageNamespaceProvider::localStorageNamespace()
</span></span></pre></div>
<a id="trunkSourceWebCoretestingInternalscpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/testing/Internals.cpp (210858 => 210859)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/testing/Internals.cpp 2017-01-18 19:30:50 UTC (rev 210858)
+++ trunk/Source/WebCore/testing/Internals.cpp 2017-01-18 19:35:49 UTC (rev 210859)
</span><span class="lines">@@ -2371,7 +2371,7 @@
</span><span class="cx"> Document* document = contextDocument();
</span><span class="cx"> if (!document || !document->page())
</span><span class="cx"> return;
</span><del>- document->page()->applicationCacheStorage().storeUpdatedQuotaForOrigin(document->securityOrigin(), quota);
</del><ins>+ document->page()->applicationCacheStorage().storeUpdatedQuotaForOrigin(&document->securityOrigin(), quota);
</ins><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> void Internals::registerURLSchemeAsBypassingContentSecurityPolicy(const String& scheme)
</span></span></pre></div>
<a id="trunkSourceWebCorexmlXSLTProcessorLibxsltcpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/xml/XSLTProcessorLibxslt.cpp (210858 => 210859)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/xml/XSLTProcessorLibxslt.cpp 2017-01-18 19:30:50 UTC (rev 210858)
+++ trunk/Source/WebCore/xml/XSLTProcessorLibxslt.cpp 2017-01-18 19:35:49 UTC (rev 210859)
</span><span class="lines">@@ -124,11 +124,11 @@
</span><span class="cx">
</span><span class="cx"> RefPtr<SharedBuffer> data;
</span><span class="cx">
</span><del>- bool requestAllowed = globalCachedResourceLoader->frame() && globalCachedResourceLoader->document()->securityOrigin()->canRequest(url);
</del><ins>+ bool requestAllowed = globalCachedResourceLoader->frame() && globalCachedResourceLoader->document()->securityOrigin().canRequest(url);
</ins><span class="cx"> if (requestAllowed) {
</span><span class="cx"> globalCachedResourceLoader->frame()->loader().loadResourceSynchronously(url, AllowStoredCredentials, ClientCredentialPolicy::MayAskClientForCredentials, error, response, data);
</span><span class="cx"> if (error.isNull())
</span><del>- requestAllowed = globalCachedResourceLoader->document()->securityOrigin()->canRequest(response.url());
</del><ins>+ requestAllowed = globalCachedResourceLoader->document()->securityOrigin().canRequest(response.url());
</ins><span class="cx"> else if (data)
</span><span class="cx"> data = nullptr;
</span><span class="cx"> }
</span></span></pre></div>
<a id="trunkSourceWebCorexmlparserXMLDocumentParserLibxml2cpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/xml/parser/XMLDocumentParserLibxml2.cpp (210858 => 210859)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/xml/parser/XMLDocumentParserLibxml2.cpp 2017-01-18 19:30:50 UTC (rev 210858)
+++ trunk/Source/WebCore/xml/parser/XMLDocumentParserLibxml2.cpp 2017-01-18 19:35:49 UTC (rev 210859)
</span><span class="lines">@@ -421,7 +421,7 @@
</span><span class="cx"> // retrieved content. If we had more context, we could potentially allow
</span><span class="cx"> // the parser to load a DTD. As things stand, we take the conservative
</span><span class="cx"> // route and allow same-origin requests only.
</span><del>- if (!XMLDocumentParserScope::currentCachedResourceLoader->document()->securityOrigin()->canRequest(url)) {
</del><ins>+ if (!XMLDocumentParserScope::currentCachedResourceLoader->document()->securityOrigin().canRequest(url)) {
</ins><span class="cx"> XMLDocumentParserScope::currentCachedResourceLoader->printAccessDeniedMessage(url);
</span><span class="cx"> return false;
</span><span class="cx"> }
</span></span></pre></div>
<a id="trunkSourceWebKitmacChangeLog"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebKit/mac/ChangeLog (210858 => 210859)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebKit/mac/ChangeLog 2017-01-18 19:30:50 UTC (rev 210858)
+++ trunk/Source/WebKit/mac/ChangeLog 2017-01-18 19:35:49 UTC (rev 210859)
</span><span class="lines">@@ -1,3 +1,29 @@
</span><ins>+2017-01-18 Andreas Kling <akling@apple.com>
+
+ Document::securityOrigin() should return a reference.
+ <https://webkit.org/b/167124>
+
+ Reviewed by Sam Weinig.
+
+ * Plugins/Hosted/NetscapePluginInstanceProxy.mm:
+ (WebKit::NetscapePluginInstanceProxy::loadRequest):
+ * Plugins/WebNetscapePluginStream.mm:
+ (WebNetscapePluginStream::WebNetscapePluginStream):
+ * Plugins/WebNetscapePluginView.mm:
+ (-[WebNetscapePluginView loadRequest:inTarget:withNotifyData:sendNotification:]):
+ * Plugins/WebPluginContainerCheck.mm:
+ (-[WebPluginContainerCheck _isForbiddenFileLoad]):
+ * WebCoreSupport/WebChromeClient.mm:
+ (WebChromeClient::exceededDatabaseQuota):
+ * WebCoreSupport/WebFrameLoaderClient.h:
+ * WebCoreSupport/WebFrameLoaderClient.mm:
+ (WebFrameLoaderClient::didRunInsecureContent):
+ * WebCoreSupport/WebGeolocationClient.mm:
+ (WebGeolocationClient::requestPermission):
+ (-[WebGeolocationProviderInitializationListener initializationAllowedWebView:]):
+ * WebView/WebFrame.mm:
+ (-[WebFrame _allowsFollowingLink:]):
+
</ins><span class="cx"> 2017-01-18 Antoine Quint <graouts@apple.com>
</span><span class="cx">
</span><span class="cx"> [Modern Media Controls] Turn modern media controls on by default
</span></span></pre></div>
<a id="trunkSourceWebKitmacPluginsHostedNetscapePluginInstanceProxymm"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebKit/mac/Plugins/Hosted/NetscapePluginInstanceProxy.mm (210858 => 210859)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebKit/mac/Plugins/Hosted/NetscapePluginInstanceProxy.mm 2017-01-18 19:30:50 UTC (rev 210858)
+++ trunk/Source/WebKit/mac/Plugins/Hosted/NetscapePluginInstanceProxy.mm 2017-01-18 19:35:49 UTC (rev 210859)
</span><span class="lines">@@ -782,7 +782,7 @@
</span><span class="cx"> return NPERR_GENERIC_ERROR;
</span><span class="cx"> }
</span><span class="cx"> } else {
</span><del>- if (!core([m_pluginView webFrame])->document()->securityOrigin()->canDisplay(URL))
</del><ins>+ if (!core([m_pluginView webFrame])->document()->securityOrigin().canDisplay(URL))
</ins><span class="cx"> return NPERR_GENERIC_ERROR;
</span><span class="cx"> }
</span><span class="cx">
</span></span></pre></div>
<a id="trunkSourceWebKitmacPluginsWebNetscapePluginStreammm"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebKit/mac/Plugins/WebNetscapePluginStream.mm (210858 => 210859)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebKit/mac/Plugins/WebNetscapePluginStream.mm 2017-01-18 19:30:50 UTC (rev 210858)
+++ trunk/Source/WebKit/mac/Plugins/WebNetscapePluginStream.mm 2017-01-18 19:35:49 UTC (rev 210859)
</span><span class="lines">@@ -167,7 +167,7 @@
</span><span class="cx"> WebNetscapePluginView *view = (WebNetscapePluginView *)plugin->ndata;
</span><span class="cx">
</span><span class="cx"> // This check has already been done by the plug-in view.
</span><del>- ASSERT(core([view webFrame])->document()->securityOrigin()->canDisplay([request URL]));
</del><ins>+ ASSERT(core([view webFrame])->document()->securityOrigin().canDisplay([request URL]));
</ins><span class="cx">
</span><span class="cx"> ASSERT([request URL]);
</span><span class="cx"> ASSERT(plugin);
</span></span></pre></div>
<a id="trunkSourceWebKitmacPluginsWebNetscapePluginViewmm"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebKit/mac/Plugins/WebNetscapePluginView.mm (210858 => 210859)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebKit/mac/Plugins/WebNetscapePluginView.mm 2017-01-18 19:30:50 UTC (rev 210858)
+++ trunk/Source/WebKit/mac/Plugins/WebNetscapePluginView.mm 2017-01-18 19:35:49 UTC (rev 210859)
</span><span class="lines">@@ -1648,7 +1648,7 @@
</span><span class="cx"> return NPERR_INVALID_PARAM;
</span><span class="cx"> }
</span><span class="cx"> } else {
</span><del>- if (!core([self webFrame])->document()->securityOrigin()->canDisplay(URL))
</del><ins>+ if (!core([self webFrame])->document()->securityOrigin().canDisplay(URL))
</ins><span class="cx"> return NPERR_GENERIC_ERROR;
</span><span class="cx"> }
</span><span class="cx">
</span></span></pre></div>
<a id="trunkSourceWebKitmacPluginsWebPluginContainerCheckmm"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebKit/mac/Plugins/WebPluginContainerCheck.mm (210858 => 210859)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebKit/mac/Plugins/WebPluginContainerCheck.mm 2017-01-18 19:30:50 UTC (rev 210858)
+++ trunk/Source/WebKit/mac/Plugins/WebPluginContainerCheck.mm 2017-01-18 19:35:49 UTC (rev 210859)
</span><span class="lines">@@ -97,14 +97,14 @@
</span><span class="cx">
</span><span class="cx"> - (BOOL)_isForbiddenFileLoad
</span><span class="cx"> {
</span><del>- Frame* coreFrame = core([_controller webFrame]);
- ASSERT(coreFrame);
- if (!coreFrame->document()->securityOrigin()->canDisplay([_request URL])) {
- [self _continueWithPolicy:PolicyIgnore];
- return YES;
- }
</del><ins>+ Frame* coreFrame = core([_controller webFrame]);
+ ASSERT(coreFrame);
+ if (!coreFrame->document()->securityOrigin().canDisplay([_request URL])) {
+ [self _continueWithPolicy:PolicyIgnore];
+ return YES;
+ }
</ins><span class="cx">
</span><del>- return NO;
</del><ins>+ return NO;
</ins><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> - (NSDictionary *)_actionInformationWithURL:(NSURL *)URL
</span></span></pre></div>
<a id="trunkSourceWebKitmacWebCoreSupportWebChromeClientmm"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebKit/mac/WebCoreSupport/WebChromeClient.mm (210858 => 210859)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebKit/mac/WebCoreSupport/WebChromeClient.mm 2017-01-18 19:30:50 UTC (rev 210858)
+++ trunk/Source/WebKit/mac/WebCoreSupport/WebChromeClient.mm 2017-01-18 19:35:49 UTC (rev 210859)
</span><span class="lines">@@ -670,7 +670,7 @@
</span><span class="cx"> {
</span><span class="cx"> BEGIN_BLOCK_OBJC_EXCEPTIONS;
</span><span class="cx">
</span><del>- WebSecurityOrigin *webOrigin = [[WebSecurityOrigin alloc] _initWithWebCoreSecurityOrigin:frame->document()->securityOrigin()];
</del><ins>+ WebSecurityOrigin *webOrigin = [[WebSecurityOrigin alloc] _initWithWebCoreSecurityOrigin:&frame->document()->securityOrigin()];
</ins><span class="cx"> CallUIDelegate(m_webView, @selector(webView:frame:exceededDatabaseQuotaForSecurityOrigin:database:), kit(frame), webOrigin, (NSString *)databaseName);
</span><span class="cx"> [webOrigin release];
</span><span class="cx">
</span></span></pre></div>
<a id="trunkSourceWebKitmacWebCoreSupportWebFrameLoaderClienth"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebKit/mac/WebCoreSupport/WebFrameLoaderClient.h (210858 => 210859)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebKit/mac/WebCoreSupport/WebFrameLoaderClient.h 2017-01-18 19:30:50 UTC (rev 210858)
+++ trunk/Source/WebKit/mac/WebCoreSupport/WebFrameLoaderClient.h 2017-01-18 19:35:49 UTC (rev 210859)
</span><span class="lines">@@ -154,7 +154,7 @@
</span><span class="cx"> void updateGlobalHistoryItemForPage() final;
</span><span class="cx">
</span><span class="cx"> void didDisplayInsecureContent() final;
</span><del>- void didRunInsecureContent(WebCore::SecurityOrigin*, const WebCore::URL&) final;
</del><ins>+ void didRunInsecureContent(WebCore::SecurityOrigin&, const WebCore::URL&) final;
</ins><span class="cx"> void didDetectXSS(const WebCore::URL&, bool didBlockEntirePage) final;
</span><span class="cx">
</span><span class="cx"> WebCore::ResourceError cancelledError(const WebCore::ResourceRequest&) final;
</span></span></pre></div>
<a id="trunkSourceWebKitmacWebCoreSupportWebFrameLoaderClientmm"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebKit/mac/WebCoreSupport/WebFrameLoaderClient.mm (210858 => 210859)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebKit/mac/WebCoreSupport/WebFrameLoaderClient.mm 2017-01-18 19:30:50 UTC (rev 210858)
+++ trunk/Source/WebKit/mac/WebCoreSupport/WebFrameLoaderClient.mm 2017-01-18 19:35:49 UTC (rev 210859)
</span><span class="lines">@@ -1116,12 +1116,12 @@
</span><span class="cx"> CallFrameLoadDelegate(implementations->didDisplayInsecureContentFunc, webView, @selector(webViewDidDisplayInsecureContent:));
</span><span class="cx"> }
</span><span class="cx">
</span><del>-void WebFrameLoaderClient::didRunInsecureContent(SecurityOrigin* origin, const URL& insecureURL)
</del><ins>+void WebFrameLoaderClient::didRunInsecureContent(SecurityOrigin& origin, const URL& insecureURL)
</ins><span class="cx"> {
</span><span class="cx"> WebView *webView = getWebView(m_webFrame.get());
</span><span class="cx"> WebFrameLoadDelegateImplementationCache* implementations = WebViewGetFrameLoadDelegateImplementations(webView);
</span><span class="cx"> if (implementations->didRunInsecureContentFunc) {
</span><del>- RetainPtr<WebSecurityOrigin> webSecurityOrigin = adoptNS([[WebSecurityOrigin alloc] _initWithWebCoreSecurityOrigin:origin]);
</del><ins>+ RetainPtr<WebSecurityOrigin> webSecurityOrigin = adoptNS([[WebSecurityOrigin alloc] _initWithWebCoreSecurityOrigin:&origin]);
</ins><span class="cx"> CallFrameLoadDelegate(implementations->didRunInsecureContentFunc, webView, @selector(webView:didRunInsecureContent:), webSecurityOrigin.get());
</span><span class="cx"> }
</span><span class="cx"> }
</span></span></pre></div>
<a id="trunkSourceWebKitmacWebCoreSupportWebGeolocationClientmm"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebKit/mac/WebCoreSupport/WebGeolocationClient.mm (210858 => 210859)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebKit/mac/WebCoreSupport/WebGeolocationClient.mm 2017-01-18 19:30:50 UTC (rev 210858)
+++ trunk/Source/WebKit/mac/WebCoreSupport/WebGeolocationClient.mm 2017-01-18 19:35:49 UTC (rev 210859)
</span><span class="lines">@@ -118,7 +118,7 @@
</span><span class="cx"> return;
</span><span class="cx"> }
</span><span class="cx">
</span><del>- WebSecurityOrigin *webOrigin = [[WebSecurityOrigin alloc] _initWithWebCoreSecurityOrigin:frame->document()->securityOrigin()];
</del><ins>+ WebSecurityOrigin *webOrigin = [[WebSecurityOrigin alloc] _initWithWebCoreSecurityOrigin:&frame->document()->securityOrigin()];
</ins><span class="cx"> WebGeolocationPolicyListener* listener = [[WebGeolocationPolicyListener alloc] initWithGeolocation:geolocation];
</span><span class="cx">
</span><span class="cx"> CallUIDelegate(m_webView, selector, webOrigin, kit(frame), listener);
</span><span class="lines">@@ -221,7 +221,7 @@
</span><span class="cx"> Frame* frame = m_geolocation->frame();
</span><span class="cx"> if (!frame)
</span><span class="cx"> return;
</span><del>- WebSecurityOrigin *webOrigin = [[WebSecurityOrigin alloc] _initWithWebCoreSecurityOrigin:frame->document()->securityOrigin()];
</del><ins>+ WebSecurityOrigin *webOrigin = [[WebSecurityOrigin alloc] _initWithWebCoreSecurityOrigin:&frame->document()->securityOrigin()];
</ins><span class="cx"> WebGeolocationPolicyListener *listener = [[WebGeolocationPolicyListener alloc] initWithGeolocation:m_geolocation.get() forWebView:webView];
</span><span class="cx"> SEL selector = @selector(webView:decidePolicyForGeolocationRequestFromOrigin:frame:listener:);
</span><span class="cx"> CallUIDelegate(webView, selector, webOrigin, kit(frame), listener);
</span></span></pre></div>
<a id="trunkSourceWebKitmacWebViewWebFramemm"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebKit/mac/WebView/WebFrame.mm (210858 => 210859)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebKit/mac/WebView/WebFrame.mm 2017-01-18 19:30:50 UTC (rev 210858)
+++ trunk/Source/WebKit/mac/WebView/WebFrame.mm 2017-01-18 19:35:49 UTC (rev 210859)
</span><span class="lines">@@ -2053,7 +2053,7 @@
</span><span class="cx"> {
</span><span class="cx"> if (!_private->coreFrame)
</span><span class="cx"> return YES;
</span><del>- return _private->coreFrame->document()->securityOrigin()->canDisplay(URL);
</del><ins>+ return _private->coreFrame->document()->securityOrigin().canDisplay(URL);
</ins><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> - (NSString *)_stringByEvaluatingJavaScriptFromString:(NSString *)string withGlobalObject:(JSObjectRef)globalObjectRef inScriptWorld:(WebScriptWorld *)world
</span></span></pre></div>
<a id="trunkSourceWebKitwinChangeLog"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebKit/win/ChangeLog (210858 => 210859)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebKit/win/ChangeLog 2017-01-18 19:30:50 UTC (rev 210858)
+++ trunk/Source/WebKit/win/ChangeLog 2017-01-18 19:35:49 UTC (rev 210859)
</span><span class="lines">@@ -1,3 +1,22 @@
</span><ins>+2017-01-18 Andreas Kling <akling@apple.com>
+
+ Document::securityOrigin() should return a reference.
+ <https://webkit.org/b/167124>
+
+ Reviewed by Sam Weinig.
+
+ * Plugins/PluginView.cpp:
+ (WebCore::PluginView::load):
+ * WebCoreSupport/WebChromeClient.cpp:
+ (WebChromeClient::exceededDatabaseQuota):
+ * WebCoreSupport/WebFrameLoaderClient.cpp:
+ (WebFrameLoaderClient::didRunInsecureContent):
+ * WebCoreSupport/WebFrameLoaderClient.h:
+ * WebCoreSupport/WebGeolocationClient.cpp:
+ (WebGeolocationClient::requestPermission):
+ * WebFrame.cpp:
+ (WebFrame::allowsFollowingLink):
+
</ins><span class="cx"> 2017-01-15 Darin Adler <darin@apple.com>
</span><span class="cx">
</span><span class="cx"> Remove PassRefPtr from "loader" directory of WebCore
</span></span></pre></div>
<a id="trunkSourceWebKitwinPluginsPluginViewcpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebKit/win/Plugins/PluginView.cpp (210858 => 210859)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebKit/win/Plugins/PluginView.cpp 2017-01-18 19:30:50 UTC (rev 210858)
+++ trunk/Source/WebKit/win/Plugins/PluginView.cpp 2017-01-18 19:35:49 UTC (rev 210859)
</span><span class="lines">@@ -513,7 +513,7 @@
</span><span class="cx"> // For security reasons, only allow JS requests to be made on the frame that contains the plug-in.
</span><span class="cx"> if (!targetFrameName.isNull() && m_parentFrame->tree().find(targetFrameName) != m_parentFrame)
</span><span class="cx"> return NPERR_INVALID_PARAM;
</span><del>- } else if (!m_parentFrame->document()->securityOrigin()->canDisplay(url))
</del><ins>+ } else if (!m_parentFrame->document()->securityOrigin().canDisplay(url))
</ins><span class="cx"> return NPERR_GENERIC_ERROR;
</span><span class="cx">
</span><span class="cx"> scheduleRequest(std::make_unique<PluginRequest>(frameLoadRequest, sendNotification, notifyData, arePopupsAllowed()));
</span></span></pre></div>
<a id="trunkSourceWebKitwinWebCoreSupportWebChromeClientcpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebKit/win/WebCoreSupport/WebChromeClient.cpp (210858 => 210859)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebKit/win/WebCoreSupport/WebChromeClient.cpp 2017-01-18 19:30:50 UTC (rev 210858)
+++ trunk/Source/WebKit/win/WebCoreSupport/WebChromeClient.cpp 2017-01-18 19:35:49 UTC (rev 210859)
</span><span class="lines">@@ -570,7 +570,7 @@
</span><span class="cx">
</span><span class="cx"> void WebChromeClient::exceededDatabaseQuota(Frame* frame, const String& databaseIdentifier, DatabaseDetails)
</span><span class="cx"> {
</span><del>- COMPtr<WebSecurityOrigin> origin(AdoptCOM, WebSecurityOrigin::createInstance(frame->document()->securityOrigin()));
</del><ins>+ COMPtr<WebSecurityOrigin> origin(AdoptCOM, WebSecurityOrigin::createInstance(&frame->document()->securityOrigin()));
</ins><span class="cx"> COMPtr<IWebUIDelegate> uiDelegate;
</span><span class="cx"> if (SUCCEEDED(m_webView->uiDelegate(&uiDelegate))) {
</span><span class="cx"> COMPtr<IWebUIDelegatePrivate> uiDelegatePrivate(Query, uiDelegate);
</span></span></pre></div>
<a id="trunkSourceWebKitwinWebCoreSupportWebFrameLoaderClientcpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebKit/win/WebCoreSupport/WebFrameLoaderClient.cpp (210858 => 210859)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebKit/win/WebCoreSupport/WebFrameLoaderClient.cpp 2017-01-18 19:30:50 UTC (rev 210858)
+++ trunk/Source/WebKit/win/WebCoreSupport/WebFrameLoaderClient.cpp 2017-01-18 19:35:49 UTC (rev 210859)
</span><span class="lines">@@ -784,9 +784,9 @@
</span><span class="cx"> frameLoadDelegatePriv2->didDisplayInsecureContent(webView);
</span><span class="cx"> }
</span><span class="cx">
</span><del>-void WebFrameLoaderClient::didRunInsecureContent(SecurityOrigin* origin, const URL& insecureURL)
</del><ins>+void WebFrameLoaderClient::didRunInsecureContent(SecurityOrigin& origin, const URL& insecureURL)
</ins><span class="cx"> {
</span><del>- COMPtr<IWebSecurityOrigin> webSecurityOrigin = WebSecurityOrigin::createInstance(origin);
</del><ins>+ COMPtr<IWebSecurityOrigin> webSecurityOrigin = WebSecurityOrigin::createInstance(&origin);
</ins><span class="cx">
</span><span class="cx"> WebView* webView = m_webFrame->webView();
</span><span class="cx"> COMPtr<IWebFrameLoadDelegatePrivate> frameLoadDelegatePriv;
</span></span></pre></div>
<a id="trunkSourceWebKitwinWebCoreSupportWebFrameLoaderClienth"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebKit/win/WebCoreSupport/WebFrameLoaderClient.h (210858 => 210859)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebKit/win/WebCoreSupport/WebFrameLoaderClient.h 2017-01-18 19:30:50 UTC (rev 210858)
+++ trunk/Source/WebKit/win/WebCoreSupport/WebFrameLoaderClient.h 2017-01-18 19:35:49 UTC (rev 210859)
</span><span class="lines">@@ -135,7 +135,7 @@
</span><span class="cx"> void updateGlobalHistoryItemForPage() override;
</span><span class="cx">
</span><span class="cx"> void didDisplayInsecureContent() override;
</span><del>- void didRunInsecureContent(WebCore::SecurityOrigin*, const WebCore::URL&) override;
</del><ins>+ void didRunInsecureContent(WebCore::SecurityOrigin&, const WebCore::URL&) override;
</ins><span class="cx"> void didDetectXSS(const WebCore::URL&, bool didBlockEntirePage) override;
</span><span class="cx">
</span><span class="cx"> WebCore::ResourceError cancelledError(const WebCore::ResourceRequest&) override;
</span></span></pre></div>
<a id="trunkSourceWebKitwinWebCoreSupportWebGeolocationClientcpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebKit/win/WebCoreSupport/WebGeolocationClient.cpp (210858 => 210859)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebKit/win/WebCoreSupport/WebGeolocationClient.cpp 2017-01-18 19:30:50 UTC (rev 210858)
+++ trunk/Source/WebKit/win/WebCoreSupport/WebGeolocationClient.cpp 2017-01-18 19:35:49 UTC (rev 210859)
</span><span class="lines">@@ -90,7 +90,7 @@
</span><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> Frame* frame = geolocation->frame();
</span><del>- COMPtr<WebSecurityOrigin> origin(AdoptCOM, WebSecurityOrigin::createInstance(frame->document()->securityOrigin()));
</del><ins>+ COMPtr<WebSecurityOrigin> origin(AdoptCOM, WebSecurityOrigin::createInstance(&frame->document()->securityOrigin()));
</ins><span class="cx"> COMPtr<WebGeolocationPolicyListener> listener = WebGeolocationPolicyListener::createInstance(geolocation);
</span><span class="cx"> HRESULT hr = uiDelegatePrivate2->decidePolicyForGeolocationRequest(m_webView.get(), kit(frame), origin.get(), listener.get());
</span><span class="cx"> if (hr != E_NOTIMPL)
</span></span></pre></div>
<a id="trunkSourceWebKitwinWebFramecpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebKit/win/WebFrame.cpp (210858 => 210859)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebKit/win/WebFrame.cpp 2017-01-18 19:30:50 UTC (rev 210858)
+++ trunk/Source/WebKit/win/WebFrame.cpp 2017-01-18 19:35:49 UTC (rev 210859)
</span><span class="lines">@@ -1253,7 +1253,7 @@
</span><span class="cx"> if (!frame)
</span><span class="cx"> return E_UNEXPECTED;
</span><span class="cx">
</span><del>- *result = frame->document()->securityOrigin()->canDisplay(MarshallingHelpers::BSTRToKURL(url));
</del><ins>+ *result = frame->document()->securityOrigin().canDisplay(MarshallingHelpers::BSTRToKURL(url));
</ins><span class="cx"> return S_OK;
</span><span class="cx"> }
</span><span class="cx">
</span></span></pre></div>
<a id="trunkSourceWebKit2ChangeLog"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebKit2/ChangeLog (210858 => 210859)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebKit2/ChangeLog 2017-01-18 19:30:50 UTC (rev 210858)
+++ trunk/Source/WebKit2/ChangeLog 2017-01-18 19:35:49 UTC (rev 210859)
</span><span class="lines">@@ -1,3 +1,33 @@
</span><ins>+2017-01-18 Andreas Kling <akling@apple.com>
+
+ Document::securityOrigin() should return a reference.
+ <https://webkit.org/b/167124>
+
+ Reviewed by Sam Weinig.
+
+ * UIProcess/Storage/StorageManager.cpp:
+ (WebKit::StorageManager::createTransientLocalStorageMap):
+ * WebProcess/Geolocation/GeolocationPermissionRequestManager.cpp:
+ (WebKit::GeolocationPermissionRequestManager::startRequestForGeolocation):
+ * WebProcess/InjectedBundle/API/c/WKBundleFrame.cpp:
+ (WKBundleFrameCopySecurityOrigin):
+ * WebProcess/Plugins/PluginView.cpp:
+ (WebKit::PluginView::storageBlockingStateChanged):
+ (WebKit::PluginView::performFrameLoadURLRequest):
+ (WebKit::PluginView::isPrivateBrowsingEnabled):
+ * WebProcess/Plugins/WebPluginInfoProvider.cpp:
+ (WebKit::WebPluginInfoProvider::getWebVisiblePluginInfo):
+ * WebProcess/Storage/StorageAreaMap.cpp:
+ (WebKit::StorageAreaMap::dispatchSessionStorageEvent):
+ (WebKit::StorageAreaMap::dispatchLocalStorageEvent):
+ * WebProcess/WebCoreSupport/WebChromeClient.cpp:
+ (WebKit::WebChromeClient::exceededDatabaseQuota):
+ * WebProcess/WebCoreSupport/WebFrameLoaderClient.cpp:
+ (WebKit::WebFrameLoaderClient::didRunInsecureContent):
+ * WebProcess/WebCoreSupport/WebFrameLoaderClient.h:
+ * WebProcess/WebPage/WebFrame.cpp:
+ (WebKit::WebFrame::allowsFollowingLink):
+
</ins><span class="cx"> 2017-01-18 Antoine Quint <graouts@apple.com>
</span><span class="cx">
</span><span class="cx"> [Modern Media Controls] Turn modern media controls on by default
</span></span></pre></div>
<a id="trunkSourceWebKit2UIProcessStorageStorageManagercpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebKit2/UIProcess/Storage/StorageManager.cpp (210858 => 210859)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebKit2/UIProcess/Storage/StorageManager.cpp 2017-01-18 19:30:50 UTC (rev 210858)
+++ trunk/Source/WebKit2/UIProcess/Storage/StorageManager.cpp 2017-01-18 19:35:49 UTC (rev 210859)
</span><span class="lines">@@ -695,7 +695,7 @@
</span><span class="cx"> Ref<StorageArea> area = *it->value;
</span><span class="cx"> if (!area->isSessionStorage())
</span><span class="cx"> continue;
</span><del>- if (!origin.securityOrigin()->isSameSchemeHostPort(area->securityOrigin().securityOrigin().ptr()))
</del><ins>+ if (!origin.securityOrigin()->isSameSchemeHostPort(area->securityOrigin().securityOrigin().get()))
</ins><span class="cx"> continue;
</span><span class="cx"> area->addListener(connection, storageMapID);
</span><span class="cx"> m_storageAreasByConnection.remove(it);
</span></span></pre></div>
<a id="trunkSourceWebKit2WebProcessGeolocationGeolocationPermissionRequestManagercpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebKit2/WebProcess/Geolocation/GeolocationPermissionRequestManager.cpp (210858 => 210859)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebKit2/WebProcess/Geolocation/GeolocationPermissionRequestManager.cpp 2017-01-18 19:30:50 UTC (rev 210858)
+++ trunk/Source/WebKit2/WebProcess/Geolocation/GeolocationPermissionRequestManager.cpp 2017-01-18 19:35:49 UTC (rev 210859)
</span><span class="lines">@@ -72,9 +72,9 @@
</span><span class="cx"> WebFrame* webFrame = WebFrame::fromCoreFrame(*frame);
</span><span class="cx"> ASSERT(webFrame);
</span><span class="cx">
</span><del>- SecurityOrigin* origin = frame->document()->securityOrigin();
</del><ins>+ SecurityOrigin& origin = frame->document()->securityOrigin();
</ins><span class="cx">
</span><del>- m_page->send(Messages::WebPageProxy::RequestGeolocationPermissionForFrame(geolocationID, webFrame->frameID(), SecurityOriginData::fromSecurityOrigin(*origin).databaseIdentifier()));
</del><ins>+ m_page->send(Messages::WebPageProxy::RequestGeolocationPermissionForFrame(geolocationID, webFrame->frameID(), SecurityOriginData::fromSecurityOrigin(origin).databaseIdentifier()));
</ins><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> void GeolocationPermissionRequestManager::cancelRequestForGeolocation(Geolocation* geolocation)
</span></span></pre></div>
<a id="trunkSourceWebKit2WebProcessInjectedBundleAPIcWKBundleFramecpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebKit2/WebProcess/InjectedBundle/API/c/WKBundleFrame.cpp (210858 => 210859)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebKit2/WebProcess/InjectedBundle/API/c/WKBundleFrame.cpp 2017-01-18 19:30:50 UTC (rev 210858)
+++ trunk/Source/WebKit2/WebProcess/InjectedBundle/API/c/WKBundleFrame.cpp 2017-01-18 19:35:49 UTC (rev 210859)
</span><span class="lines">@@ -285,7 +285,7 @@
</span><span class="cx"> if (!coreFrame)
</span><span class="cx"> return 0;
</span><span class="cx">
</span><del>- return toCopiedAPI(coreFrame->document()->securityOrigin());
</del><ins>+ return toCopiedAPI(&coreFrame->document()->securityOrigin());
</ins><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> void WKBundleFrameFocus(WKBundleFrameRef frameRef)
</span></span></pre></div>
<a id="trunkSourceWebKit2WebProcessPluginsPluginViewcpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebKit2/WebProcess/Plugins/PluginView.cpp (210858 => 210859)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebKit2/WebProcess/Plugins/PluginView.cpp 2017-01-18 19:30:50 UTC (rev 210858)
+++ trunk/Source/WebKit2/WebProcess/Plugins/PluginView.cpp 2017-01-18 19:35:49 UTC (rev 210859)
</span><span class="lines">@@ -706,7 +706,7 @@
</span><span class="cx"> if (!m_isInitialized || !m_plugin)
</span><span class="cx"> return;
</span><span class="cx">
</span><del>- bool storageBlockingPolicy = !frame()->document()->securityOrigin()->canAccessPluginStorage(frame()->document()->topOrigin());
</del><ins>+ bool storageBlockingPolicy = !frame()->document()->securityOrigin().canAccessPluginStorage(frame()->document()->topOrigin());
</ins><span class="cx">
</span><span class="cx"> m_plugin->storageBlockingStateChanged(storageBlockingPolicy);
</span><span class="cx"> }
</span><span class="lines">@@ -1176,7 +1176,7 @@
</span><span class="cx"> if (!frame)
</span><span class="cx"> return;
</span><span class="cx">
</span><del>- if (!m_pluginElement->document().securityOrigin()->canDisplay(request->request().url())) {
</del><ins>+ if (!m_pluginElement->document().securityOrigin().canDisplay(request->request().url())) {
</ins><span class="cx"> // We can't load the request, send back a reply to the plug-in.
</span><span class="cx"> m_plugin->frameDidFail(request->requestID(), false);
</span><span class="cx"> return;
</span><span class="lines">@@ -1608,7 +1608,7 @@
</span><span class="cx"> if (!frame())
</span><span class="cx"> return true;
</span><span class="cx">
</span><del>- if (!frame()->document()->securityOrigin()->canAccessPluginStorage(frame()->document()->topOrigin()))
</del><ins>+ if (!frame()->document()->securityOrigin().canAccessPluginStorage(frame()->document()->topOrigin()))
</ins><span class="cx"> return true;
</span><span class="cx">
</span><span class="cx"> return frame()->page()->usesEphemeralSession();
</span></span></pre></div>
<a id="trunkSourceWebKit2WebProcessPluginsWebPluginInfoProvidercpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebKit2/WebProcess/Plugins/WebPluginInfoProvider.cpp (210858 => 210859)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebKit2/WebProcess/Plugins/WebPluginInfoProvider.cpp 2017-01-18 19:30:50 UTC (rev 210858)
+++ trunk/Source/WebKit2/WebProcess/Plugins/WebPluginInfoProvider.cpp 2017-01-18 19:35:49 UTC (rev 210859)
</span><span class="lines">@@ -119,10 +119,8 @@
</span><span class="cx">
</span><span class="cx"> #if PLATFORM(MAC)
</span><span class="cx"> if (auto* document = page.mainFrame().document()) {
</span><del>- if (auto* securityOrigin = document->securityOrigin()) {
- if (securityOrigin->isLocal())
- return;
- }
</del><ins>+ if (document->securityOrigin().isLocal())
+ return;
</ins><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> for (int32_t i = plugins.size() - 1; i >= 0; --i) {
</span></span></pre></div>
<a id="trunkSourceWebKit2WebProcessStorageStorageAreaMapcpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebKit2/WebProcess/Storage/StorageAreaMap.cpp (210858 => 210859)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebKit2/WebProcess/Storage/StorageAreaMap.cpp 2017-01-18 19:30:50 UTC (rev 210858)
+++ trunk/Source/WebKit2/WebProcess/Storage/StorageAreaMap.cpp 2017-01-18 19:35:49 UTC (rev 210859)
</span><span class="lines">@@ -328,7 +328,7 @@
</span><span class="cx"> Page* page = webPage->corePage();
</span><span class="cx"> for (Frame* frame = &page->mainFrame(); frame; frame = frame->tree().traverseNext()) {
</span><span class="cx"> Document* document = frame->document();
</span><del>- if (!document->securityOrigin()->equal(m_securityOrigin.ptr()))
</del><ins>+ if (!document->securityOrigin().equal(m_securityOrigin.ptr()))
</ins><span class="cx"> continue;
</span><span class="cx">
</span><span class="cx"> Storage* storage = document->domWindow()->optionalSessionStorage();
</span><span class="lines">@@ -358,7 +358,7 @@
</span><span class="cx"> for (HashSet<Page*>::const_iterator it = pages.begin(), end = pages.end(); it != end; ++it) {
</span><span class="cx"> for (Frame* frame = &(*it)->mainFrame(); frame; frame = frame->tree().traverseNext()) {
</span><span class="cx"> Document* document = frame->document();
</span><del>- if (!document->securityOrigin()->equal(m_securityOrigin.ptr()))
</del><ins>+ if (!document->securityOrigin().equal(m_securityOrigin.ptr()))
</ins><span class="cx"> continue;
</span><span class="cx">
</span><span class="cx"> Storage* storage = document->domWindow()->optionalLocalStorage();
</span></span></pre></div>
<a id="trunkSourceWebKit2WebProcessWebCoreSupportWebChromeClientcpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebKit2/WebProcess/WebCoreSupport/WebChromeClient.cpp (210858 => 210859)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebKit2/WebProcess/WebCoreSupport/WebChromeClient.cpp 2017-01-18 19:30:50 UTC (rev 210858)
+++ trunk/Source/WebKit2/WebProcess/WebCoreSupport/WebChromeClient.cpp 2017-01-18 19:35:49 UTC (rev 210859)
</span><span class="lines">@@ -687,21 +687,18 @@
</span><span class="cx"> WebFrame* webFrame = WebFrame::fromCoreFrame(*frame);
</span><span class="cx"> ASSERT(webFrame);
</span><span class="cx">
</span><del>- SecurityOrigin* origin = frame->document()->securityOrigin();
- if (!origin)
- return;
-
- auto originData = SecurityOriginData::fromSecurityOrigin(*origin);
</del><ins>+ auto& origin = frame->document()->securityOrigin();
+ auto originData = SecurityOriginData::fromSecurityOrigin(origin);
</ins><span class="cx"> auto& tracker = DatabaseTracker::singleton();
</span><span class="cx"> auto currentQuota = tracker.quota(originData);
</span><span class="cx"> auto currentOriginUsage = tracker.usage(originData);
</span><span class="cx"> uint64_t newQuota = 0;
</span><del>- RefPtr<API::SecurityOrigin> securityOrigin = API::SecurityOrigin::create(WebCore::SecurityOriginData::fromDatabaseIdentifier(WebCore::SecurityOriginData::fromSecurityOrigin(*origin).databaseIdentifier())->securityOrigin());
</del><ins>+ RefPtr<API::SecurityOrigin> securityOrigin = API::SecurityOrigin::create(WebCore::SecurityOriginData::fromDatabaseIdentifier(WebCore::SecurityOriginData::fromSecurityOrigin(origin).databaseIdentifier())->securityOrigin());
</ins><span class="cx"> newQuota = m_page.injectedBundleUIClient().didExceedDatabaseQuota(&m_page, securityOrigin.get(), databaseName, details.displayName(), currentQuota, currentOriginUsage, details.currentUsage(), details.expectedUsage());
</span><span class="cx">
</span><span class="cx"> if (!newQuota) {
</span><span class="cx"> WebProcess::singleton().parentProcessConnection()->sendSync(
</span><del>- Messages::WebPageProxy::ExceededDatabaseQuota(webFrame->frameID(), WebCore::SecurityOriginData::fromSecurityOrigin(*origin).databaseIdentifier(), databaseName, details.displayName(), currentQuota, currentOriginUsage, details.currentUsage(), details.expectedUsage()),
</del><ins>+ Messages::WebPageProxy::ExceededDatabaseQuota(webFrame->frameID(), WebCore::SecurityOriginData::fromSecurityOrigin(origin).databaseIdentifier(), databaseName, details.displayName(), currentQuota, currentOriginUsage, details.currentUsage(), details.expectedUsage()),
</ins><span class="cx"> Messages::WebPageProxy::ExceededDatabaseQuota::Reply(newQuota), m_page.pageID(), Seconds::infinity(), IPC::SendSyncOption::InformPlatformProcessWillSuspend);
</span><span class="cx"> }
</span><span class="cx">
</span></span></pre></div>
<a id="trunkSourceWebKit2WebProcessWebCoreSupportWebFrameLoaderClientcpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebKit2/WebProcess/WebCoreSupport/WebFrameLoaderClient.cpp (210858 => 210859)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebKit2/WebProcess/WebCoreSupport/WebFrameLoaderClient.cpp 2017-01-18 19:30:50 UTC (rev 210858)
+++ trunk/Source/WebKit2/WebProcess/WebCoreSupport/WebFrameLoaderClient.cpp 2017-01-18 19:35:49 UTC (rev 210859)
</span><span class="lines">@@ -1064,7 +1064,7 @@
</span><span class="cx"> webPage->send(Messages::WebPageProxy::DidDisplayInsecureContentForFrame(m_frame->frameID(), UserData(WebProcess::singleton().transformObjectsToHandles(userData.get()).get())));
</span><span class="cx"> }
</span><span class="cx">
</span><del>-void WebFrameLoaderClient::didRunInsecureContent(SecurityOrigin*, const URL&)
</del><ins>+void WebFrameLoaderClient::didRunInsecureContent(SecurityOrigin&, const URL&)
</ins><span class="cx"> {
</span><span class="cx"> WebPage* webPage = m_frame->page();
</span><span class="cx"> if (!webPage)
</span></span></pre></div>
<a id="trunkSourceWebKit2WebProcessWebCoreSupportWebFrameLoaderClienth"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebKit2/WebProcess/WebCoreSupport/WebFrameLoaderClient.h (210858 => 210859)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebKit2/WebProcess/WebCoreSupport/WebFrameLoaderClient.h 2017-01-18 19:30:50 UTC (rev 210858)
+++ trunk/Source/WebKit2/WebProcess/WebCoreSupport/WebFrameLoaderClient.h 2017-01-18 19:35:49 UTC (rev 210859)
</span><span class="lines">@@ -142,7 +142,7 @@
</span><span class="cx"> bool shouldGoToHistoryItem(WebCore::HistoryItem*) const final;
</span><span class="cx">
</span><span class="cx"> void didDisplayInsecureContent() final;
</span><del>- void didRunInsecureContent(WebCore::SecurityOrigin*, const WebCore::URL&) final;
</del><ins>+ void didRunInsecureContent(WebCore::SecurityOrigin&, const WebCore::URL&) final;
</ins><span class="cx"> void didDetectXSS(const WebCore::URL&, bool didBlockEntirePage) final;
</span><span class="cx">
</span><span class="cx"> WebCore::ResourceError cancelledError(const WebCore::ResourceRequest&) final;
</span></span></pre></div>
<a id="trunkSourceWebKit2WebProcessWebPageWebFramecpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebKit2/WebProcess/WebPage/WebFrame.cpp (210858 => 210859)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebKit2/WebProcess/WebPage/WebFrame.cpp 2017-01-18 19:30:50 UTC (rev 210858)
+++ trunk/Source/WebKit2/WebProcess/WebPage/WebFrame.cpp 2017-01-18 19:35:49 UTC (rev 210859)
</span><span class="lines">@@ -482,7 +482,7 @@
</span><span class="cx"> if (!m_coreFrame)
</span><span class="cx"> return true;
</span><span class="cx">
</span><del>- return m_coreFrame->document()->securityOrigin()->canDisplay(url);
</del><ins>+ return m_coreFrame->document()->securityOrigin().canDisplay(url);
</ins><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> JSGlobalContextRef WebFrame::jsContext()
</span></span></pre></div>
<a id="trunkToolsChangeLog"></a>
<div class="modfile"><h4>Modified: trunk/Tools/ChangeLog (210858 => 210859)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Tools/ChangeLog 2017-01-18 19:30:50 UTC (rev 210858)
+++ trunk/Tools/ChangeLog 2017-01-18 19:35:49 UTC (rev 210859)
</span><span class="lines">@@ -1,3 +1,13 @@
</span><ins>+2017-01-18 Andreas Kling <akling@apple.com>
+
+ Document::securityOrigin() should return a reference.
+ <https://webkit.org/b/167124>
+
+ Reviewed by Sam Weinig.
+
+ * TestWebKitAPI/Tests/WebCore/SecurityOrigin.cpp:
+ (TestWebKitAPI::TEST_F):
+
</ins><span class="cx"> 2017-01-18 Per Arne Vollan <pvollan@apple.com>
</span><span class="cx">
</span><span class="cx"> [Win] Clipboard tests are flaky.
</span></span></pre></div>
<a id="trunkToolsTestWebKitAPITestsWebCoreSecurityOrigincpp"></a>
<div class="modfile"><h4>Modified: trunk/Tools/TestWebKitAPI/Tests/WebCore/SecurityOrigin.cpp (210858 => 210859)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Tools/TestWebKitAPI/Tests/WebCore/SecurityOrigin.cpp 2017-01-18 19:30:50 UTC (rev 210858)
+++ trunk/Tools/TestWebKitAPI/Tests/WebCore/SecurityOrigin.cpp 2017-01-18 19:35:49 UTC (rev 210859)
</span><span class="lines">@@ -77,11 +77,11 @@
</span><span class="cx"> EXPECT_EQ("http://example.com", o5->toString());
</span><span class="cx"> EXPECT_EQ("http://example.com", o6->toString());
</span><span class="cx">
</span><del>- EXPECT_TRUE(o1->isSameOriginAs(o2.ptr()));
- EXPECT_TRUE(o1->isSameOriginAs(o3.ptr()));
- EXPECT_TRUE(o1->isSameOriginAs(o4.ptr()));
- EXPECT_TRUE(o1->isSameOriginAs(o5.ptr()));
- EXPECT_TRUE(o1->isSameOriginAs(o6.ptr()));
</del><ins>+ EXPECT_TRUE(o1->isSameOriginAs(o2.get()));
+ EXPECT_TRUE(o1->isSameOriginAs(o3.get()));
+ EXPECT_TRUE(o1->isSameOriginAs(o4.get()));
+ EXPECT_TRUE(o1->isSameOriginAs(o5.get()));
+ EXPECT_TRUE(o1->isSameOriginAs(o6.get()));
</ins><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> } // namespace TestWebKitAPI
</span></span></pre>
</div>
</div>
</body>
</html>