[webkit-reviews] review denied: [Bug 24853] Provide a way for WebKit clients to specify a more granular policy for cross-origin XHR access : [Attachment 35151] New patch
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Wed Aug 19 16:05:01 PDT 2009
Darin Adler <darin at apple.com> has denied Aaron Boodman <aa at chromium.org>'s
request for review:
Bug 24853: Provide a way for WebKit clients to specify a more granular policy
for cross-origin XHR access
https://bugs.webkit.org/show_bug.cgi?id=24853
Attachment 35151: New patch
https://bugs.webkit.org/attachment.cgi?id=35151&action=review
------- Additional Comments from Darin Adler <darin at apple.com>
> +OriginAccessEntry::OriginAccessEntry(const String& protocol, const String&
host, SubdomainSetting subdomainSetting) : m_protocol(protocol), m_host(host),
m_allowSubdomains(subdomainSetting) {
We normally use a vertical format that puts each of these onto a separate line.
> + ASSERT(protocol == "http" || protocol == "https");
A while back I had a patch that added a protocolIsInHTTPFamily() function for
strings to KURL.h. Looking, though, it seems I did not land it.
> + UChar last = m_host[m_host.length() - 1];
Can host be an empty string? Does this work properly in that case? I guess it
does.
> + m_hostIsIPAddress = last >= '0' && last <= '9';
CType.h's isASCIIDigit is the normal way we'd do this.
> + if (m_protocol != origin.protocol())
Are these made canonically lowercase?
> + if (m_host == origin.host())
Same question again.
> + // FIXME: This hasn't actually been tested as I can't figure out a way
to test it with the layout test system.
This is good to note, but maybe not with a comment in the source code.
> +#include "CString.h"
You should be including PlatformString.h here in CrossOriginAccess.h, not
CString.h.
> + OriginAccessEntry(const String& protocol, const String& host,
SubdomainSetting subdomainSetting);
Normally we would omit the subdomainSetting argument name.
> + bool matchesOrigin(const SecurityOrigin& origin);
Normally we would omit the origin argument name. And make this a const member
function.
> +// static
> +void SecurityOrigin::whiteListAccessFromOrigin(const SecurityOrigin&
sourceOrigin, const String& destinationProtocol, const String&
destinationDomains, bool allowDestinationSubdomains)
We don't normally include that "// static" comment, and while it's nice to
know, it's not that useful to have it for this one function and not for the
many other static member functions.
> + String sourceString = sourceOrigin.toString();
> + OriginAccessWhiteList* list = originAccessMap().get(sourceString);
Applies to other call sites too. If the sourceString is empty or null then this
will crash. So we either need to know it's not empty or have a check for empty
string. Inelegant, I know.
> + list = new OriginAccessWhiteList();
No need for the parentheses here.
> + for (OriginAccessMap::iterator iter = map.begin(); iter != map.end();
++iter) {
> + OriginAccessWhiteList* list = iter->second;
> + delete list;
> + }
There's a function template that does this. It's called deleteAllValues.
> ++ (void)_whiteListAccessFromOrigin:(NSString*)sourceOrigin
destinationProtocol:(NSString*)destinationProtocol
destinationHost:(NSString*)destinationHost
allowDestinationSubdomains:(BOOL)allowDestinationSubdomains;
The semicolon at the end of this line is incorrect, albeit tolerated by the
compiler.
The confusing WebKit style rule is that for Objective-C types such as NSString,
we put the * after a space. I know, it's strange, but it's how we do it.
> +2009-08-19 Aaron Boodman <aa at chromium.org>
> +
> + Reviewed by NOBODY (OOPS!).
> +
> + https://bugs.webkit.org/show_bug.cgi?id=24853: Provide a way for
WebKit clients to
> + specify a more granular policy for cross-origin XHR access.
> +
> + * DumpRenderTree/LayoutTestController.cpp: Expose
whiteListAccessFromOrigin() to layout tests.
> + (whiteListAccessFromOriginCallback): Ditto.
> + (LayoutTestController::staticFunctions): Ditto.
> + * DumpRenderTree/LayoutTestController.h: Ditto.
> + * DumpRenderTree/gtk/LayoutTestControllerGtk.cpp: Ditto.
> + (LayoutTestController::whiteListAccessToOrigin): Ditto.
> + * DumpRenderTree/mac/LayoutTestControllerMac.mm: Ditto.
> + (LayoutTestController::whiteListAccessFromOrigin): Ditto.
> + * DumpRenderTree/qt/jsobjects.cpp: Ditto.
> + (LayoutTestController::whiteListAccessFromOrigin): Ditto.
> + * DumpRenderTree/win/LayoutTestControllerWin.cpp: Stub out
whiteListAccessFromOrigin().
> + (LayoutTestController::whiteListAccessFromOrigin): Ditto.
> + * DumpRenderTree/gtk/DumpRenderTree.cpp: Reset origin access lists
before each test.
> + (resetWebViewToConsistentStateBeforeTesting): Ditto.
> + * DumpRenderTree/mac/DumpRenderTree.mm: Ditto.
> + (resetWebViewToConsistentStateBeforeTesting): Ditto.
> + * DumpRenderTree/qt/DumpRenderTree.cpp: Ditto.
> + (WebCore::DumpRenderTree::resetToConsistentStateBeforeTesting):
Ditto.
> +
> +2009-08-18 Aaron Boodman <aa at chromium.org>
> +
> + Reviewed by NOBODY (OOPS!).
> +
> + https://bugs.webkit.org/show_bug.cgi?id=24853: Provide a way for
WebKit clients to
> + specify a more granular policy for cross-origin XHR access.
> +
> + * DumpRenderTree/LayoutTestController.cpp: Add plumbing to be able
to manipulate
> + origin access whitelists from layout tests.
> + (whiteListAccessToOriginCallback): Ditto.
> + (resetOriginAccessWhiteListsCallback): Ditto.
> + (LayoutTestController::staticFunctions): Ditto.
> + * DumpRenderTree/LayoutTestController.h: Ditto.
> + * DumpRenderTree/mac/LayoutTestControllerMac.mm: Ditto.
> + (LayoutTestController::whiteListAccessToOrigin): Ditto.
> + (LayoutTestController::resetOriginAccessWhiteLists): Ditto.
> +
Double change log.
Looks good.
review- because of the comments above
More information about the webkit-reviews
mailing list