Document::securityOrigin() should return a reference.
<https://webkit.org/b/167124>
Reviewed by Sam Weinig.
Source/WebCore:
The security origin is always initialized by the Document constructor
through Document::initSecurityContext(), so it's effectively always present.
Make it return a reference and remove unnecessary null checks exposed by this.
* Modules/applepay/ApplePaySession.cpp:
(WebCore::canCallApplePaySessionAPIs):
* Modules/encryptedmedia/CDM.cpp:
(WebCore::CDM::getSupportedConfiguration):
(WebCore::CDM::getConsentStatus):
* Modules/encryptedmedia/legacy/WebKitMediaKeySession.cpp:
(WebCore::WebKitMediaKeySession::mediaKeysStorageDirectory):
* Modules/mediastream/UserMediaRequest.cpp:
(WebCore::canCallGetUserMedia):
* Modules/webdatabase/DOMWindowWebDatabase.cpp:
(WebCore::DOMWindowWebDatabase::openDatabase):
* Modules/webdatabase/DatabaseContext.cpp:
(WebCore::DatabaseContext::allowDatabaseAccess):
* Modules/websockets/WebSocketHandshake.cpp:
(WebCore::WebSocketHandshake::clientOrigin):
* bindings/js/JSDOMBinding.cpp:
(WebCore::canAccessDocument):
* bindings/js/ScriptController.cpp:
(WebCore::ScriptController::collectIsolatedContexts):
* css/CSSStyleSheet.cpp:
(WebCore::CSSStyleSheet::canAccessRules):
* css/RuleSet.cpp:
(WebCore::RuleSet::addRulesFromSheet):
* css/StyleRuleImport.cpp:
(WebCore::StyleRuleImport::setCSSStyleSheet):
* dom/Document.cpp:
(WebCore::canAccessAncestor):
(WebCore::Document::findUnsafeParentScrollPropagationBoundary):
(WebCore::Document::cookie):
(WebCore::Document::setCookie):
(WebCore::Document::origin):
(WebCore::Document::domain):
(WebCore::Document::setDomain):
(WebCore::Document::storageBlockingStateDidChange):
(WebCore::Document::initSecurityContext):
(WebCore::Document::initDNSPrefetch):
(WebCore::Document::topOrigin):
* dom/Document.h:
(WebCore::Document::securityOrigin):
* dom/SecurityContext.cpp:
(WebCore::SecurityContext::isSecureTransitionTo):
* html/HTMLAnchorElement.cpp:
(WebCore::HTMLAnchorElement::handleClick):
* html/HTMLAppletElement.cpp:
(WebCore::HTMLAppletElement::canEmbedJava):
* html/HTMLCanvasElement.cpp:
(WebCore::HTMLCanvasElement::securityOrigin):
* html/HTMLLinkElement.cpp:
(WebCore::HTMLLinkElement::setCSSStyleSheet):
* html/HTMLMediaElement.cpp:
(WebCore::HTMLMediaElement::isSafeToLoadURL):
(WebCore::HTMLMediaElement::mediaPlayerMediaKeysStorageDirectory):
* html/HTMLPlugInImageElement.cpp:
(WebCore::HTMLPlugInImageElement::allowedToLoadFrameURL):
* inspector/InspectorDOMStorageAgent.cpp:
(WebCore::InspectorDOMStorageAgent::storageId):
(WebCore::InspectorDOMStorageAgent::findStorageArea):
* inspector/InspectorIndexedDBAgent.cpp:
(WebCore::InspectorIndexedDBAgent::requestDatabaseNames):
(WebCore::InspectorIndexedDBAgent::requestDatabase):
(WebCore::InspectorIndexedDBAgent::requestData):
(WebCore::InspectorIndexedDBAgent::clearObjectStore):
* inspector/InspectorPageAgent.cpp:
(WebCore::InspectorPageAgent::findFrameWithSecurityOrigin):
(WebCore::InspectorPageAgent::buildObjectForFrame):
* loader/DocumentLoader.cpp:
(WebCore::DocumentLoader::commitData):
* loader/DocumentThreadableLoader.cpp:
(WebCore::DocumentThreadableLoader::loadRequest):
(WebCore::DocumentThreadableLoader::securityOrigin):
* loader/DocumentWriter.cpp:
(WebCore::canReferToParentFrameEncoding):
* loader/EmptyClients.cpp:
* loader/FrameLoadRequest.cpp:
(WebCore::FrameLoadRequest::FrameLoadRequest):
* loader/FrameLoadRequest.h:
(WebCore::FrameLoadRequest::FrameLoadRequest):
* loader/FrameLoader.cpp:
(WebCore::shouldClearWindowName):
(WebCore::FrameLoader::outgoingOrigin):
(WebCore::FrameLoader::loadURL):
(WebCore::FrameLoader::dispatchBeforeUnloadEvent):
* loader/FrameLoaderClient.h:
* loader/MixedContentChecker.cpp:
(WebCore::MixedContentChecker::isMixedContent):
(WebCore::MixedContentChecker::canDisplayInsecureContent):
(WebCore::MixedContentChecker::canRunInsecureContent):
(WebCore::MixedContentChecker::checkFormForMixedContent):
* loader/MixedContentChecker.h:
* loader/NavigationScheduler.cpp:
(WebCore::NavigationScheduler::scheduleRedirect):
(WebCore::NavigationScheduler::scheduleLocationChange):
(WebCore::NavigationScheduler::scheduleRefresh):
* loader/NavigationScheduler.h:
* loader/PingLoader.cpp:
(WebCore::PingLoader::loadImage):
(WebCore::PingLoader::sendPing):
(WebCore::PingLoader::sendViolationReport):
* loader/ResourceLoadInfo.cpp:
(WebCore::ResourceLoadInfo::isThirdParty):
* loader/ResourceLoader.cpp:
(WebCore::ResourceLoader::init):
(WebCore::ResourceLoader::isAllowedToAskUserForCredentials):
* loader/SubframeLoader.cpp:
(WebCore::SubframeLoader::pluginIsLoadable):
(WebCore::SubframeLoader::createJavaAppletWidget):
(WebCore::SubframeLoader::loadSubframe):
* loader/appcache/ApplicationCacheGroup.cpp:
(WebCore::ApplicationCacheGroup::selectCache):
(WebCore::ApplicationCacheGroup::selectCacheWithoutManifestURL):
(WebCore::ApplicationCacheGroup::update):
* loader/cache/CachedResourceLoader.cpp:
(WebCore::CachedResourceLoader::canRequest):
(WebCore::CachedResourceLoader::canRequestAfterRedirection):
(WebCore::CachedResourceLoader::canRequestInContentDispositionAttachmentSandbox):
* loader/cache/CachedResourceRequest.cpp:
(WebCore::CachedResourceRequest::setAsPotentiallyCrossOrigin):
(WebCore::CachedResourceRequest::updateForAccessControl):
* loader/cache/CachedResourceRequest.h:
(WebCore::CachedResourceRequest::setOrigin):
* page/DOMWindow.cpp:
(WebCore::DOMWindow::sessionStorage):
(WebCore::DOMWindow::localStorage):
(WebCore::DOMWindow::postMessage):
(WebCore::DOMWindow::dispatchMessageEventWithOriginCheck):
(WebCore::DOMWindow::isSameSecurityOriginAsMainFrame):
(WebCore::DOMWindow::crossDomainAccessErrorMessage):
(WebCore::DOMWindow::isInsecureScriptAccess):
* page/DragController.cpp:
(WebCore::DragController::dragExited):
(WebCore::DragController::tryDocumentDrag):
(WebCore::DragController::tryDHTMLDrag):
(WebCore::DragController::startDrag):
* page/History.cpp:
(WebCore::History::stateObjectAdded):
* page/Location.cpp:
(WebCore::Location::ancestorOrigins):
(WebCore::Location::reload):
* page/Navigator.cpp:
(WebCore::Navigator::javaEnabled):
* page/Page.cpp:
(WebCore::Page::showAllPlugins):
* page/PerformanceResourceTiming.cpp:
(WebCore::passesTimingAllowCheck):
* page/SecurityOrigin.cpp:
(WebCore::SecurityOrigin::canAccess):
(WebCore::SecurityOrigin::canRequest):
(WebCore::SecurityOrigin::canReceiveDragData):
(WebCore::SecurityOrigin::canAccessStorage):
(WebCore::SecurityOrigin::isSameOriginAs):
(WebCore::SecurityOrigin::equal):
(WebCore::SecurityOrigin::isSameSchemeHostPort):
* page/SecurityOrigin.h:
* page/SecurityOriginData.cpp:
(WebCore::SecurityOriginData::fromFrame):
* page/SecurityOriginHash.h:
(WebCore::SecurityOriginHash::equal):
* page/csp/ContentSecurityPolicy.cpp:
(WebCore::stripURLForUseInReport):
* platform/graphics/avfoundation/cf/MediaPlayerPrivateAVFoundationCF.cpp:
(WebCore::MediaPlayerPrivateAVFoundationCF::hasSingleSecurityOrigin):
* platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
(WebCore::MediaPlayerPrivateAVFoundationObjC::hasSingleSecurityOrigin):
* platform/graphics/mac/MediaPlayerPrivateQTKit.mm:
(WebCore::MediaPlayerPrivateQTKit::hasSingleSecurityOrigin):
* rendering/shapes/ShapeOutsideInfo.cpp:
(WebCore::checkShapeImageOrigin):
* replay/ReplayInputCreationMethods.cpp:
(WebCore::InitialNavigation::createFromPage):
* replay/ReplayInputDispatchMethods.cpp:
(WebCore::InitialNavigation::dispatch):
* storage/Storage.cpp:
(WebCore::Storage::isDisabledByPrivateBrowsing):
* storage/StorageEventDispatcher.cpp:
(WebCore::StorageEventDispatcher::dispatchSessionStorageEvents):
(WebCore::StorageEventDispatcher::dispatchLocalStorageEvents):
* storage/StorageNamespaceProvider.cpp:
(WebCore::StorageNamespaceProvider::localStorageArea):
* testing/Internals.cpp:
(WebCore::Internals::setApplicationCacheOriginQuota):
* xml/XSLTProcessorLibxslt.cpp:
(WebCore::docLoaderFunc):
* xml/parser/XMLDocumentParserLibxml2.cpp:
(WebCore::shouldAllowExternalLoad):
Source/WebKit/mac:
* Plugins/Hosted/NetscapePluginInstanceProxy.mm:
(WebKit::NetscapePluginInstanceProxy::loadRequest):
* Plugins/WebNetscapePluginStream.mm:
(WebNetscapePluginStream::WebNetscapePluginStream):
* Plugins/WebNetscapePluginView.mm:
(-[WebNetscapePluginView loadRequest:inTarget:withNotifyData:sendNotification:]):
* Plugins/WebPluginContainerCheck.mm:
(-[WebPluginContainerCheck _isForbiddenFileLoad]):
* WebCoreSupport/WebChromeClient.mm:
(WebChromeClient::exceededDatabaseQuota):
* WebCoreSupport/WebFrameLoaderClient.h:
* WebCoreSupport/WebFrameLoaderClient.mm:
(WebFrameLoaderClient::didRunInsecureContent):
* WebCoreSupport/WebGeolocationClient.mm:
(WebGeolocationClient::requestPermission):
(-[WebGeolocationProviderInitializationListener initializationAllowedWebView:]):
* WebView/WebFrame.mm:
(-[WebFrame _allowsFollowingLink:]):
Source/WebKit/win:
* Plugins/PluginView.cpp:
(WebCore::PluginView::load):
* WebCoreSupport/WebChromeClient.cpp:
(WebChromeClient::exceededDatabaseQuota):
* WebCoreSupport/WebFrameLoaderClient.cpp:
(WebFrameLoaderClient::didRunInsecureContent):
* WebCoreSupport/WebFrameLoaderClient.h:
* WebCoreSupport/WebGeolocationClient.cpp:
(WebGeolocationClient::requestPermission):
* WebFrame.cpp:
(WebFrame::allowsFollowingLink):
Source/WebKit2:
* UIProcess/Storage/StorageManager.cpp:
(WebKit::StorageManager::createTransientLocalStorageMap):
* WebProcess/Geolocation/GeolocationPermissionRequestManager.cpp:
(WebKit::GeolocationPermissionRequestManager::startRequestForGeolocation):
* WebProcess/InjectedBundle/API/c/WKBundleFrame.cpp:
(WKBundleFrameCopySecurityOrigin):
* WebProcess/Plugins/PluginView.cpp:
(WebKit::PluginView::storageBlockingStateChanged):
(WebKit::PluginView::performFrameLoadURLRequest):
(WebKit::PluginView::isPrivateBrowsingEnabled):
* WebProcess/Plugins/WebPluginInfoProvider.cpp:
(WebKit::WebPluginInfoProvider::getWebVisiblePluginInfo):
* WebProcess/Storage/StorageAreaMap.cpp:
(WebKit::StorageAreaMap::dispatchSessionStorageEvent):
(WebKit::StorageAreaMap::dispatchLocalStorageEvent):
* WebProcess/WebCoreSupport/WebChromeClient.cpp:
(WebKit::WebChromeClient::exceededDatabaseQuota):
* WebProcess/WebCoreSupport/WebFrameLoaderClient.cpp:
(WebKit::WebFrameLoaderClient::didRunInsecureContent):
* WebProcess/WebCoreSupport/WebFrameLoaderClient.h:
* WebProcess/WebPage/WebFrame.cpp:
(WebKit::WebFrame::allowsFollowingLink):
Tools:
* TestWebKitAPI/Tests/WebCore/SecurityOrigin.cpp:
(TestWebKitAPI::TEST_F):
git-svn-id: http://svn.webkit.org/repository/webkit/trunk@210859 268f45cc-cd09-0410-ab3c-d52691b4dbfc
diff --git a/Source/WebCore/ChangeLog b/Source/WebCore/ChangeLog
index 2b3083b..9f7ee99 100644
--- a/Source/WebCore/ChangeLog
+++ b/Source/WebCore/ChangeLog
@@ -1,3 +1,199 @@
+2017-01-18 Andreas Kling <akling@apple.com>
+
+ Document::securityOrigin() should return a reference.
+ <https://webkit.org/b/167124>
+
+ Reviewed by Sam Weinig.
+
+ The security origin is always initialized by the Document constructor
+ through Document::initSecurityContext(), so it's effectively always present.
+ Make it return a reference and remove unnecessary null checks exposed by this.
+
+ * Modules/applepay/ApplePaySession.cpp:
+ (WebCore::canCallApplePaySessionAPIs):
+ * Modules/encryptedmedia/CDM.cpp:
+ (WebCore::CDM::getSupportedConfiguration):
+ (WebCore::CDM::getConsentStatus):
+ * Modules/encryptedmedia/legacy/WebKitMediaKeySession.cpp:
+ (WebCore::WebKitMediaKeySession::mediaKeysStorageDirectory):
+ * Modules/mediastream/UserMediaRequest.cpp:
+ (WebCore::canCallGetUserMedia):
+ * Modules/webdatabase/DOMWindowWebDatabase.cpp:
+ (WebCore::DOMWindowWebDatabase::openDatabase):
+ * Modules/webdatabase/DatabaseContext.cpp:
+ (WebCore::DatabaseContext::allowDatabaseAccess):
+ * Modules/websockets/WebSocketHandshake.cpp:
+ (WebCore::WebSocketHandshake::clientOrigin):
+ * bindings/js/JSDOMBinding.cpp:
+ (WebCore::canAccessDocument):
+ * bindings/js/ScriptController.cpp:
+ (WebCore::ScriptController::collectIsolatedContexts):
+ * css/CSSStyleSheet.cpp:
+ (WebCore::CSSStyleSheet::canAccessRules):
+ * css/RuleSet.cpp:
+ (WebCore::RuleSet::addRulesFromSheet):
+ * css/StyleRuleImport.cpp:
+ (WebCore::StyleRuleImport::setCSSStyleSheet):
+ * dom/Document.cpp:
+ (WebCore::canAccessAncestor):
+ (WebCore::Document::findUnsafeParentScrollPropagationBoundary):
+ (WebCore::Document::cookie):
+ (WebCore::Document::setCookie):
+ (WebCore::Document::origin):
+ (WebCore::Document::domain):
+ (WebCore::Document::setDomain):
+ (WebCore::Document::storageBlockingStateDidChange):
+ (WebCore::Document::initSecurityContext):
+ (WebCore::Document::initDNSPrefetch):
+ (WebCore::Document::topOrigin):
+ * dom/Document.h:
+ (WebCore::Document::securityOrigin):
+ * dom/SecurityContext.cpp:
+ (WebCore::SecurityContext::isSecureTransitionTo):
+ * html/HTMLAnchorElement.cpp:
+ (WebCore::HTMLAnchorElement::handleClick):
+ * html/HTMLAppletElement.cpp:
+ (WebCore::HTMLAppletElement::canEmbedJava):
+ * html/HTMLCanvasElement.cpp:
+ (WebCore::HTMLCanvasElement::securityOrigin):
+ * html/HTMLLinkElement.cpp:
+ (WebCore::HTMLLinkElement::setCSSStyleSheet):
+ * html/HTMLMediaElement.cpp:
+ (WebCore::HTMLMediaElement::isSafeToLoadURL):
+ (WebCore::HTMLMediaElement::mediaPlayerMediaKeysStorageDirectory):
+ * html/HTMLPlugInImageElement.cpp:
+ (WebCore::HTMLPlugInImageElement::allowedToLoadFrameURL):
+ * inspector/InspectorDOMStorageAgent.cpp:
+ (WebCore::InspectorDOMStorageAgent::storageId):
+ (WebCore::InspectorDOMStorageAgent::findStorageArea):
+ * inspector/InspectorIndexedDBAgent.cpp:
+ (WebCore::InspectorIndexedDBAgent::requestDatabaseNames):
+ (WebCore::InspectorIndexedDBAgent::requestDatabase):
+ (WebCore::InspectorIndexedDBAgent::requestData):
+ (WebCore::InspectorIndexedDBAgent::clearObjectStore):
+ * inspector/InspectorPageAgent.cpp:
+ (WebCore::InspectorPageAgent::findFrameWithSecurityOrigin):
+ (WebCore::InspectorPageAgent::buildObjectForFrame):
+ * loader/DocumentLoader.cpp:
+ (WebCore::DocumentLoader::commitData):
+ * loader/DocumentThreadableLoader.cpp:
+ (WebCore::DocumentThreadableLoader::loadRequest):
+ (WebCore::DocumentThreadableLoader::securityOrigin):
+ * loader/DocumentWriter.cpp:
+ (WebCore::canReferToParentFrameEncoding):
+ * loader/EmptyClients.cpp:
+ * loader/FrameLoadRequest.cpp:
+ (WebCore::FrameLoadRequest::FrameLoadRequest):
+ * loader/FrameLoadRequest.h:
+ (WebCore::FrameLoadRequest::FrameLoadRequest):
+ * loader/FrameLoader.cpp:
+ (WebCore::shouldClearWindowName):
+ (WebCore::FrameLoader::outgoingOrigin):
+ (WebCore::FrameLoader::loadURL):
+ (WebCore::FrameLoader::dispatchBeforeUnloadEvent):
+ * loader/FrameLoaderClient.h:
+ * loader/MixedContentChecker.cpp:
+ (WebCore::MixedContentChecker::isMixedContent):
+ (WebCore::MixedContentChecker::canDisplayInsecureContent):
+ (WebCore::MixedContentChecker::canRunInsecureContent):
+ (WebCore::MixedContentChecker::checkFormForMixedContent):
+ * loader/MixedContentChecker.h:
+ * loader/NavigationScheduler.cpp:
+ (WebCore::NavigationScheduler::scheduleRedirect):
+ (WebCore::NavigationScheduler::scheduleLocationChange):
+ (WebCore::NavigationScheduler::scheduleRefresh):
+ * loader/NavigationScheduler.h:
+ * loader/PingLoader.cpp:
+ (WebCore::PingLoader::loadImage):
+ (WebCore::PingLoader::sendPing):
+ (WebCore::PingLoader::sendViolationReport):
+ * loader/ResourceLoadInfo.cpp:
+ (WebCore::ResourceLoadInfo::isThirdParty):
+ * loader/ResourceLoader.cpp:
+ (WebCore::ResourceLoader::init):
+ (WebCore::ResourceLoader::isAllowedToAskUserForCredentials):
+ * loader/SubframeLoader.cpp:
+ (WebCore::SubframeLoader::pluginIsLoadable):
+ (WebCore::SubframeLoader::createJavaAppletWidget):
+ (WebCore::SubframeLoader::loadSubframe):
+ * loader/appcache/ApplicationCacheGroup.cpp:
+ (WebCore::ApplicationCacheGroup::selectCache):
+ (WebCore::ApplicationCacheGroup::selectCacheWithoutManifestURL):
+ (WebCore::ApplicationCacheGroup::update):
+ * loader/cache/CachedResourceLoader.cpp:
+ (WebCore::CachedResourceLoader::canRequest):
+ (WebCore::CachedResourceLoader::canRequestAfterRedirection):
+ (WebCore::CachedResourceLoader::canRequestInContentDispositionAttachmentSandbox):
+ * loader/cache/CachedResourceRequest.cpp:
+ (WebCore::CachedResourceRequest::setAsPotentiallyCrossOrigin):
+ (WebCore::CachedResourceRequest::updateForAccessControl):
+ * loader/cache/CachedResourceRequest.h:
+ (WebCore::CachedResourceRequest::setOrigin):
+ * page/DOMWindow.cpp:
+ (WebCore::DOMWindow::sessionStorage):
+ (WebCore::DOMWindow::localStorage):
+ (WebCore::DOMWindow::postMessage):
+ (WebCore::DOMWindow::dispatchMessageEventWithOriginCheck):
+ (WebCore::DOMWindow::isSameSecurityOriginAsMainFrame):
+ (WebCore::DOMWindow::crossDomainAccessErrorMessage):
+ (WebCore::DOMWindow::isInsecureScriptAccess):
+ * page/DragController.cpp:
+ (WebCore::DragController::dragExited):
+ (WebCore::DragController::tryDocumentDrag):
+ (WebCore::DragController::tryDHTMLDrag):
+ (WebCore::DragController::startDrag):
+ * page/History.cpp:
+ (WebCore::History::stateObjectAdded):
+ * page/Location.cpp:
+ (WebCore::Location::ancestorOrigins):
+ (WebCore::Location::reload):
+ * page/Navigator.cpp:
+ (WebCore::Navigator::javaEnabled):
+ * page/Page.cpp:
+ (WebCore::Page::showAllPlugins):
+ * page/PerformanceResourceTiming.cpp:
+ (WebCore::passesTimingAllowCheck):
+ * page/SecurityOrigin.cpp:
+ (WebCore::SecurityOrigin::canAccess):
+ (WebCore::SecurityOrigin::canRequest):
+ (WebCore::SecurityOrigin::canReceiveDragData):
+ (WebCore::SecurityOrigin::canAccessStorage):
+ (WebCore::SecurityOrigin::isSameOriginAs):
+ (WebCore::SecurityOrigin::equal):
+ (WebCore::SecurityOrigin::isSameSchemeHostPort):
+ * page/SecurityOrigin.h:
+ * page/SecurityOriginData.cpp:
+ (WebCore::SecurityOriginData::fromFrame):
+ * page/SecurityOriginHash.h:
+ (WebCore::SecurityOriginHash::equal):
+ * page/csp/ContentSecurityPolicy.cpp:
+ (WebCore::stripURLForUseInReport):
+ * platform/graphics/avfoundation/cf/MediaPlayerPrivateAVFoundationCF.cpp:
+ (WebCore::MediaPlayerPrivateAVFoundationCF::hasSingleSecurityOrigin):
+ * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
+ (WebCore::MediaPlayerPrivateAVFoundationObjC::hasSingleSecurityOrigin):
+ * platform/graphics/mac/MediaPlayerPrivateQTKit.mm:
+ (WebCore::MediaPlayerPrivateQTKit::hasSingleSecurityOrigin):
+ * rendering/shapes/ShapeOutsideInfo.cpp:
+ (WebCore::checkShapeImageOrigin):
+ * replay/ReplayInputCreationMethods.cpp:
+ (WebCore::InitialNavigation::createFromPage):
+ * replay/ReplayInputDispatchMethods.cpp:
+ (WebCore::InitialNavigation::dispatch):
+ * storage/Storage.cpp:
+ (WebCore::Storage::isDisabledByPrivateBrowsing):
+ * storage/StorageEventDispatcher.cpp:
+ (WebCore::StorageEventDispatcher::dispatchSessionStorageEvents):
+ (WebCore::StorageEventDispatcher::dispatchLocalStorageEvents):
+ * storage/StorageNamespaceProvider.cpp:
+ (WebCore::StorageNamespaceProvider::localStorageArea):
+ * testing/Internals.cpp:
+ (WebCore::Internals::setApplicationCacheOriginQuota):
+ * xml/XSLTProcessorLibxslt.cpp:
+ (WebCore::docLoaderFunc):
+ * xml/parser/XMLDocumentParserLibxml2.cpp:
+ (WebCore::shouldAllowExternalLoad):
+
2017-01-18 Ryan Haddad <ryanhaddad@apple.com>
Remove WEBCORE_EXPORT from newly inlined functions after r210845.
diff --git a/Source/WebCore/Modules/applepay/ApplePaySession.cpp b/Source/WebCore/Modules/applepay/ApplePaySession.cpp
index 3179dc3..d66995a 100644
--- a/Source/WebCore/Modules/applepay/ApplePaySession.cpp
+++ b/Source/WebCore/Modules/applepay/ApplePaySession.cpp
@@ -380,14 +380,14 @@
if (&document != &topDocument) {
auto& topOrigin = *topDocument.topOrigin();
- if (!document.securityOrigin()->isSameSchemeHostPort(&topOrigin))
+ if (!document.securityOrigin().isSameSchemeHostPort(topOrigin))
return Exception { INVALID_ACCESS_ERR, "Trying to call an ApplePaySession API from a document with an different security origin than its top-level frame." };
for (auto* ancestorDocument = document.parentDocument(); ancestorDocument != &topDocument; ancestorDocument = ancestorDocument->parentDocument()) {
if (!isSecure(*ancestorDocument->loader()))
return Exception { INVALID_ACCESS_ERR, "Trying to call an ApplePaySession API from a document with an insecure parent frame." };
- if (!ancestorDocument->securityOrigin()->isSameSchemeHostPort(&topOrigin))
+ if (!ancestorDocument->securityOrigin().isSameSchemeHostPort(topOrigin))
return Exception { INVALID_ACCESS_ERR, "Trying to call an ApplePaySession API from a document with an different security origin than its top-level frame." };
}
}
diff --git a/Source/WebCore/Modules/encryptedmedia/CDM.cpp b/Source/WebCore/Modules/encryptedmedia/CDM.cpp
index 3310459..f80e7d4 100644
--- a/Source/WebCore/Modules/encryptedmedia/CDM.cpp
+++ b/Source/WebCore/Modules/encryptedmedia/CDM.cpp
@@ -412,12 +412,12 @@
if (!document)
return std::nullopt;
- SecurityOrigin* origin = document->securityOrigin();
+ SecurityOrigin& origin = document->securityOrigin();
SecurityOrigin* topOrigin = document->topOrigin();
- if (!origin || !topOrigin)
+ if (!topOrigin)
return std::nullopt;
- if ((accumulatedConfiguration.distinctiveIdentifier == MediaKeysRequirement::Required || accumulatedConfiguration.persistentState == MediaKeysRequirement::Required) && !origin->canAccessLocalStorage(topOrigin))
+ if ((accumulatedConfiguration.distinctiveIdentifier == MediaKeysRequirement::Required || accumulatedConfiguration.persistentState == MediaKeysRequirement::Required) && !origin.canAccessLocalStorage(topOrigin))
return std::nullopt;
return WTFMove(accumulatedConfiguration);
@@ -547,9 +547,9 @@
return;
}
- SecurityOrigin* origin = document->securityOrigin();
+ SecurityOrigin& origin = document->securityOrigin();
SecurityOrigin* topOrigin = document->topOrigin();
- if (!origin || !topOrigin) {
+ if (!topOrigin) {
callback(ConsentStatus::ConsentDenied, WTFMove(accumulatedConfiguration), WTFMove(restrictions));
return;
}
@@ -592,7 +592,7 @@
// 3.2.1. Update restrictions to reflect the configurations for which consent was denied.
// 3.2.1. Return ConsentDenied and restrictions.
// NOTE: assume implied consent if the combination of origin and topOrigin allows it.
- if (accumulatedConfiguration.distinctiveIdentifier == MediaKeysRequirement::Required && !origin->canAccessLocalStorage(topOrigin)) {
+ if (accumulatedConfiguration.distinctiveIdentifier == MediaKeysRequirement::Required && !origin.canAccessLocalStorage(topOrigin)) {
restrictions.distinctiveIdentifierDenied = true;
callback(ConsentStatus::ConsentDenied, WTFMove(accumulatedConfiguration), WTFMove(restrictions));
return;
diff --git a/Source/WebCore/Modules/encryptedmedia/legacy/WebKitMediaKeySession.cpp b/Source/WebCore/Modules/encryptedmedia/legacy/WebKitMediaKeySession.cpp
index 0faf212..48ae886 100644
--- a/Source/WebCore/Modules/encryptedmedia/legacy/WebKitMediaKeySession.cpp
+++ b/Source/WebCore/Modules/encryptedmedia/legacy/WebKitMediaKeySession.cpp
@@ -231,11 +231,7 @@
if (storageDirectory.isEmpty())
return emptyString();
- auto* origin = document->securityOrigin();
- if (!origin)
- return emptyString();
-
- return pathByAppendingComponent(storageDirectory, SecurityOriginData::fromSecurityOrigin(*origin).databaseIdentifier());
+ return pathByAppendingComponent(storageDirectory, SecurityOriginData::fromSecurityOrigin(document->securityOrigin()).databaseIdentifier());
}
bool WebKitMediaKeySession::hasPendingActivity() const
diff --git a/Source/WebCore/Modules/mediastream/UserMediaRequest.cpp b/Source/WebCore/Modules/mediastream/UserMediaRequest.cpp
index 2ca9507..e40357c2 100644
--- a/Source/WebCore/Modules/mediastream/UserMediaRequest.cpp
+++ b/Source/WebCore/Modules/mediastream/UserMediaRequest.cpp
@@ -111,7 +111,7 @@
if (&document != &topDocument) {
auto& topOrigin = *topDocument.topOrigin();
- if (!document.securityOrigin()->isSameSchemeHostPort(&topOrigin)) {
+ if (!document.securityOrigin().isSameSchemeHostPort(topOrigin)) {
errorMessage = "Trying to call getUserMedia from a document with a different security origin than its top-level frame.";
return false;
}
@@ -122,7 +122,7 @@
return false;
}
- if (!ancestorDocument->securityOrigin()->isSameSchemeHostPort(&topOrigin)) {
+ if (!ancestorDocument->securityOrigin().isSameSchemeHostPort(topOrigin)) {
errorMessage = "Trying to call getUserMedia from a document with a different security origin than its top-level frame.";
return false;
}
diff --git a/Source/WebCore/Modules/webdatabase/DOMWindowWebDatabase.cpp b/Source/WebCore/Modules/webdatabase/DOMWindowWebDatabase.cpp
index b419803..641281e 100644
--- a/Source/WebCore/Modules/webdatabase/DOMWindowWebDatabase.cpp
+++ b/Source/WebCore/Modules/webdatabase/DOMWindowWebDatabase.cpp
@@ -46,10 +46,8 @@
auto* document = window.document();
if (!document)
return Exception { SECURITY_ERR };
- auto* securityOrigin = document->securityOrigin();
- if (!securityOrigin)
- return Exception { SECURITY_ERR };
- if (!securityOrigin->canAccessDatabase(document->topOrigin()))
+ auto& securityOrigin = document->securityOrigin();
+ if (!securityOrigin.canAccessDatabase(document->topOrigin()))
return Exception { SECURITY_ERR };
auto result = manager.openDatabase(*window.document(), name, version, displayName, estimatedSize, WTFMove(creationCallback));
if (result.hasException()) {
diff --git a/Source/WebCore/Modules/webdatabase/DatabaseContext.cpp b/Source/WebCore/Modules/webdatabase/DatabaseContext.cpp
index e1340de..e5489fc 100644
--- a/Source/WebCore/Modules/webdatabase/DatabaseContext.cpp
+++ b/Source/WebCore/Modules/webdatabase/DatabaseContext.cpp
@@ -190,7 +190,7 @@
{
if (is<Document>(*m_scriptExecutionContext)) {
Document& document = downcast<Document>(*m_scriptExecutionContext);
- if (!document.page() || (document.page()->usesEphemeralSession() && !SchemeRegistry::allowsDatabaseAccessInPrivateBrowsing(document.securityOrigin()->protocol())))
+ if (!document.page() || (document.page()->usesEphemeralSession() && !SchemeRegistry::allowsDatabaseAccessInPrivateBrowsing(document.securityOrigin().protocol())))
return false;
return true;
}
diff --git a/Source/WebCore/Modules/websockets/WebSocketHandshake.cpp b/Source/WebCore/Modules/websockets/WebSocketHandshake.cpp
index 2c1d808..dd3b9a4 100644
--- a/Source/WebCore/Modules/websockets/WebSocketHandshake.cpp
+++ b/Source/WebCore/Modules/websockets/WebSocketHandshake.cpp
@@ -169,7 +169,7 @@
String WebSocketHandshake::clientOrigin() const
{
- return m_document->securityOrigin()->toString();
+ return m_document->securityOrigin().toString();
}
String WebSocketHandshake::clientLocation() const
diff --git a/Source/WebCore/bindings/js/JSDOMBinding.cpp b/Source/WebCore/bindings/js/JSDOMBinding.cpp
index 1ac0f19..30b05f6 100644
--- a/Source/WebCore/bindings/js/JSDOMBinding.cpp
+++ b/Source/WebCore/bindings/js/JSDOMBinding.cpp
@@ -773,7 +773,7 @@
DOMWindow& active = activeDOMWindow(state);
- if (active.document()->securityOrigin()->canAccess(targetDocument->securityOrigin()))
+ if (active.document()->securityOrigin().canAccess(targetDocument->securityOrigin()))
return true;
switch (reportingOption) {
diff --git a/Source/WebCore/bindings/js/ScriptController.cpp b/Source/WebCore/bindings/js/ScriptController.cpp
index 1eb64f1..574f33b 100644
--- a/Source/WebCore/bindings/js/ScriptController.cpp
+++ b/Source/WebCore/bindings/js/ScriptController.cpp
@@ -541,7 +541,7 @@
{
for (ShellMap::iterator iter = m_windowShells.begin(); iter != m_windowShells.end(); ++iter) {
JSC::ExecState* exec = iter->value->window()->globalExec();
- SecurityOrigin* origin = iter->value->window()->wrapped().document()->securityOrigin();
+ SecurityOrigin* origin = &iter->value->window()->wrapped().document()->securityOrigin();
result.append(std::pair<JSC::ExecState*, SecurityOrigin*>(exec, origin));
}
}
diff --git a/Source/WebCore/css/CSSStyleSheet.cpp b/Source/WebCore/css/CSSStyleSheet.cpp
index 28c2a83..462b2f4 100644
--- a/Source/WebCore/css/CSSStyleSheet.cpp
+++ b/Source/WebCore/css/CSSStyleSheet.cpp
@@ -257,7 +257,7 @@
Document* document = ownerDocument();
if (!document)
return true;
- return document->securityOrigin()->canRequest(baseURL);
+ return document->securityOrigin().canRequest(baseURL);
}
RefPtr<CSSRuleList> CSSStyleSheet::rules()
diff --git a/Source/WebCore/css/RuleSet.cpp b/Source/WebCore/css/RuleSet.cpp
index 272f685..246087a 100644
--- a/Source/WebCore/css/RuleSet.cpp
+++ b/Source/WebCore/css/RuleSet.cpp
@@ -411,7 +411,7 @@
addRulesFromSheet(*rule->styleSheet(), medium, resolver);
}
- bool hasDocumentSecurityOrigin = resolver && resolver->document().securityOrigin()->canRequest(sheet.baseURL());
+ bool hasDocumentSecurityOrigin = resolver && resolver->document().securityOrigin().canRequest(sheet.baseURL());
AddRuleFlags addRuleFlags = static_cast<AddRuleFlags>((hasDocumentSecurityOrigin ? RuleHasDocumentSecurityOrigin : 0));
// FIXME: Skip Content Security Policy check when stylesheet is in a user agent shadow tree.
diff --git a/Source/WebCore/css/StyleRuleImport.cpp b/Source/WebCore/css/StyleRuleImport.cpp
index 0797beb..00a9e34 100644
--- a/Source/WebCore/css/StyleRuleImport.cpp
+++ b/Source/WebCore/css/StyleRuleImport.cpp
@@ -73,7 +73,7 @@
Document* document = m_parentStyleSheet ? m_parentStyleSheet->singleOwnerDocument() : nullptr;
m_styleSheet = StyleSheetContents::create(this, href, context);
- m_styleSheet->parseAuthorStyleSheet(cachedStyleSheet, document ? document->securityOrigin() : nullptr);
+ m_styleSheet->parseAuthorStyleSheet(cachedStyleSheet, document ? &document->securityOrigin() : nullptr);
m_loading = false;
diff --git a/Source/WebCore/dom/Document.cpp b/Source/WebCore/dom/Document.cpp
index 5e8edbe..792edf2 100644
--- a/Source/WebCore/dom/Document.cpp
+++ b/Source/WebCore/dom/Document.cpp
@@ -373,28 +373,28 @@
return frame->editor().shouldBeginEditing(rangeOfContents(*root).ptr());
}
-static bool canAccessAncestor(const SecurityOrigin* activeSecurityOrigin, Frame* targetFrame)
+static bool canAccessAncestor(const SecurityOrigin& activeSecurityOrigin, Frame* targetFrame)
{
// targetFrame can be 0 when we're trying to navigate a top-level frame
// that has a 0 opener.
if (!targetFrame)
return false;
- const bool isLocalActiveOrigin = activeSecurityOrigin->isLocal();
+ const bool isLocalActiveOrigin = activeSecurityOrigin.isLocal();
for (Frame* ancestorFrame = targetFrame; ancestorFrame; ancestorFrame = ancestorFrame->tree().parent()) {
Document* ancestorDocument = ancestorFrame->document();
// FIXME: Should be an ASSERT? Frames should alway have documents.
if (!ancestorDocument)
return true;
- const SecurityOrigin* ancestorSecurityOrigin = ancestorDocument->securityOrigin();
- if (activeSecurityOrigin->canAccess(ancestorSecurityOrigin))
+ const SecurityOrigin& ancestorSecurityOrigin = ancestorDocument->securityOrigin();
+ if (activeSecurityOrigin.canAccess(ancestorSecurityOrigin))
return true;
// Allow file URL descendant navigation even when allowFileAccessFromFileURLs is false.
// FIXME: It's a bit strange to special-case local origins here. Should we be doing
// something more general instead?
- if (isLocalActiveOrigin && ancestorSecurityOrigin->isLocal())
+ if (isLocalActiveOrigin && ancestorSecurityOrigin.isLocal())
return true;
}
@@ -3041,7 +3041,7 @@
Frame* ancestorFrame = currentFrame->tree().parent();
while (ancestorFrame) {
- if (!ancestorFrame->document()->securityOrigin()->canAccess(securityOrigin()))
+ if (!ancestorFrame->document()->securityOrigin().canAccess(securityOrigin()))
return currentFrame;
currentFrame = ancestorFrame;
ancestorFrame = ancestorFrame->tree().parent();
@@ -4230,7 +4230,7 @@
// INVALID_STATE_ERR exception on getting if the Document has no
// browsing context.
- if (!securityOrigin()->canAccessCookies())
+ if (!securityOrigin().canAccessCookies())
return Exception { SECURITY_ERR };
URL cookieURL = this->cookieURL();
@@ -4252,7 +4252,7 @@
// INVALID_STATE_ERR exception on setting if the Document has no
// browsing context.
- if (!securityOrigin()->canAccessCookies())
+ if (!securityOrigin().canAccessCookies())
return Exception { SECURITY_ERR };
URL cookieURL = this->cookieURL();
@@ -4273,17 +4273,17 @@
String Document::origin() const
{
- return SecurityOriginData::fromSecurityOrigin(*securityOrigin()).databaseIdentifier();
+ return SecurityOriginData::fromSecurityOrigin(securityOrigin()).databaseIdentifier();
}
String Document::domain() const
{
- return securityOrigin()->domain();
+ return securityOrigin().domain();
}
ExceptionOr<void> Document::setDomain(const String& newDomain)
{
- if (SchemeRegistry::isDomainRelaxationForbiddenForURLScheme(securityOrigin()->protocol()))
+ if (SchemeRegistry::isDomainRelaxationForbiddenForURLScheme(securityOrigin().protocol()))
return Exception { SECURITY_ERR };
// Both NS and IE specify that changing the domain is only allowed when
@@ -4294,13 +4294,13 @@
String oldDomain = domain();
// If the new domain is the same as the old domain, still call
- // securityOrigin()->setDomainForDOM. This will change the
+ // securityOrigin().setDomainForDOM. This will change the
// security check behavior. For example, if a page loaded on port 8000
// assigns its current domain using document.domain, the page will
// allow other pages loaded on different ports in the same domain that
// have also assigned to access this page.
if (equalIgnoringASCIICase(oldDomain, newDomain)) {
- securityOrigin()->setDomainFromDOM(newDomain);
+ securityOrigin().setDomainFromDOM(newDomain);
return { };
}
@@ -4311,8 +4311,8 @@
return Exception { SECURITY_ERR };
auto ipAddressSetting = settings() && settings()->treatIPAddressAsDomain() ? OriginAccessEntry::TreatIPAddressAsDomain : OriginAccessEntry::TreatIPAddressAsIPAddress;
- OriginAccessEntry accessEntry { securityOrigin()->protocol(), newDomain, OriginAccessEntry::AllowSubdomains, ipAddressSetting };
- if (!accessEntry.matchesOrigin(*securityOrigin()))
+ OriginAccessEntry accessEntry { securityOrigin().protocol(), newDomain, OriginAccessEntry::AllowSubdomains, ipAddressSetting };
+ if (!accessEntry.matchesOrigin(securityOrigin()))
return Exception { SECURITY_ERR };
if (oldDomain[oldLength - newLength - 1] != '.')
@@ -4320,7 +4320,7 @@
if (StringView { oldDomain }.substring(oldLength - newLength) != newDomain)
return Exception { SECURITY_ERR };
- securityOrigin()->setDomainFromDOM(newDomain);
+ securityOrigin().setDomainFromDOM(newDomain);
return { };
}
@@ -4646,7 +4646,7 @@
void Document::storageBlockingStateDidChange()
{
if (Settings* settings = this->settings())
- securityOrigin()->setStorageBlockingPolicy(settings->storageBlockingPolicy());
+ securityOrigin().setStorageBlockingPolicy(settings->storageBlockingPolicy());
}
void Document::privateBrowsingStateDidChange()
@@ -5084,7 +5084,7 @@
void Document::initSecurityContext()
{
if (haveInitializedSecurityOrigin()) {
- ASSERT(securityOrigin());
+ ASSERT(SecurityContext::securityOrigin());
return;
}
@@ -5121,23 +5121,23 @@
if (Settings* settings = this->settings()) {
if (settings->needsStorageAccessFromFileURLsQuirk())
- securityOrigin()->grantStorageAccessFromFileURLsQuirk();
+ securityOrigin().grantStorageAccessFromFileURLsQuirk();
if (!settings->webSecurityEnabled()) {
// Web security is turned off. We should let this document access every other document. This is used primary by testing
// harnesses for web sites.
- securityOrigin()->grantUniversalAccess();
- } else if (securityOrigin()->isLocal()) {
+ securityOrigin().grantUniversalAccess();
+ } else if (securityOrigin().isLocal()) {
if (settings->allowUniversalAccessFromFileURLs() || m_frame->loader().client().shouldForceUniversalAccessFromLocalURL(m_url)) {
// Some clients want local URLs to have universal access, but that setting is dangerous for other clients.
- securityOrigin()->grantUniversalAccess();
+ securityOrigin().grantUniversalAccess();
} else if (!settings->allowFileAccessFromFileURLs()) {
// Some clients want local URLs to have even tighter restrictions by default, and not be able to access other local files.
// FIXME 81578: The naming of this is confusing. Files with restricted access to other local files
// still can have other privileges that can be remembered, thereby not making them unique origins.
- securityOrigin()->enforceFilePathSeparation();
+ securityOrigin().enforceFilePathSeparation();
}
}
- securityOrigin()->setStorageBlockingPolicy(settings->storageBlockingPolicy());
+ securityOrigin().setStorageBlockingPolicy(settings->storageBlockingPolicy());
}
Document* parentDocument = ownerElement() ? &ownerElement()->document() : nullptr;
@@ -5178,8 +5178,8 @@
// but we're also sandboxed, the only thing we inherit is the ability
// to load local resources. This lets about:blank iframes in file://
// URL documents load images and other resources from the file system.
- if (ownerFrame->document()->securityOrigin()->canLoadLocalResources())
- securityOrigin()->grantLoadLocalResources();
+ if (ownerFrame->document()->securityOrigin().canLoadLocalResources())
+ securityOrigin().grantLoadLocalResources();
return;
}
@@ -5320,7 +5320,7 @@
Settings* settings = this->settings();
m_haveExplicitlyDisabledDNSPrefetch = false;
- m_isDNSPrefetchEnabled = settings && settings->dnsPrefetchingEnabled() && securityOrigin()->protocol() == "http";
+ m_isDNSPrefetchEnabled = settings && settings->dnsPrefetchingEnabled() && securityOrigin().protocol() == "http";
// Inherit DNS prefetch opt-out from parent frame
if (Document* parent = parentDocument()) {
@@ -5364,7 +5364,7 @@
SecurityOrigin* Document::topOrigin() const
{
- return topDocument().securityOrigin();
+ return &topDocument().securityOrigin();
}
void Document::postTask(Task&& task)
diff --git a/Source/WebCore/dom/Document.h b/Source/WebCore/dom/Document.h
index 11cb577..950b3a6 100644
--- a/Source/WebCore/dom/Document.h
+++ b/Source/WebCore/dom/Document.h
@@ -1222,6 +1222,8 @@
WEBCORE_EXPORT void addConsoleMessage(MessageSource, MessageLevel, const String& message, unsigned long requestIdentifier = 0) final;
+ SecurityOrigin& securityOrigin() const { return *SecurityContext::securityOrigin(); }
+
WEBCORE_EXPORT SecurityOrigin* topOrigin() const final;
Ref<FontFaceSet> fonts();
diff --git a/Source/WebCore/dom/SecurityContext.cpp b/Source/WebCore/dom/SecurityContext.cpp
index 23420a0..af29a16 100644
--- a/Source/WebCore/dom/SecurityContext.cpp
+++ b/Source/WebCore/dom/SecurityContext.cpp
@@ -73,7 +73,7 @@
if (!haveInitializedSecurityOrigin())
return true;
- return securityOriginPolicy()->origin().canAccess(SecurityOrigin::create(url).ptr());
+ return securityOriginPolicy()->origin().canAccess(SecurityOrigin::create(url).get());
}
void SecurityContext::enforceSandboxFlags(SandboxFlags mask)
diff --git a/Source/WebCore/html/HTMLAnchorElement.cpp b/Source/WebCore/html/HTMLAnchorElement.cpp
index 7e24beb..811eb0d 100644
--- a/Source/WebCore/html/HTMLAnchorElement.cpp
+++ b/Source/WebCore/html/HTMLAnchorElement.cpp
@@ -381,7 +381,7 @@
#if ENABLE(DOWNLOAD_ATTRIBUTE)
if (RuntimeEnabledFeatures::sharedFeatures().downloadAttributeEnabled()) {
// Ignore the download attribute completely if the href URL is cross origin.
- bool isSameOrigin = completedURL.protocolIsData() || document().securityOrigin()->canRequest(completedURL);
+ bool isSameOrigin = completedURL.protocolIsData() || document().securityOrigin().canRequest(completedURL);
if (isSameOrigin)
downloadAttribute = attributeWithoutSynchronization(downloadAttr);
else if (hasAttributeWithoutSynchronization(downloadAttr))
diff --git a/Source/WebCore/html/HTMLAppletElement.cpp b/Source/WebCore/html/HTMLAppletElement.cpp
index 248b295..646b333 100644
--- a/Source/WebCore/html/HTMLAppletElement.cpp
+++ b/Source/WebCore/html/HTMLAppletElement.cpp
@@ -188,7 +188,7 @@
if (!settings->isJavaEnabled())
return false;
- if (document().securityOrigin()->isLocal() && !settings->isJavaEnabledForLocalFiles())
+ if (document().securityOrigin().isLocal() && !settings->isJavaEnabledForLocalFiles())
return false;
return true;
diff --git a/Source/WebCore/html/HTMLCanvasElement.cpp b/Source/WebCore/html/HTMLCanvasElement.cpp
index b9af111..18883bc 100644
--- a/Source/WebCore/html/HTMLCanvasElement.cpp
+++ b/Source/WebCore/html/HTMLCanvasElement.cpp
@@ -535,7 +535,7 @@
SecurityOrigin* HTMLCanvasElement::securityOrigin() const
{
- return document().securityOrigin();
+ return &document().securityOrigin();
}
bool HTMLCanvasElement::shouldAccelerate(const IntSize& size) const
diff --git a/Source/WebCore/html/HTMLLinkElement.cpp b/Source/WebCore/html/HTMLLinkElement.cpp
index 496aed6..b1781e4 100644
--- a/Source/WebCore/html/HTMLLinkElement.cpp
+++ b/Source/WebCore/html/HTMLLinkElement.cpp
@@ -381,7 +381,7 @@
auto styleSheet = StyleSheetContents::create(href, parserContext);
initializeStyleSheet(styleSheet.copyRef(), *cachedStyleSheet);
- styleSheet.get().parseAuthorStyleSheet(cachedStyleSheet, document().securityOrigin());
+ styleSheet.get().parseAuthorStyleSheet(cachedStyleSheet, &document().securityOrigin());
m_loading = false;
styleSheet.get().notifyLoadedSheet(cachedStyleSheet);
diff --git a/Source/WebCore/html/HTMLMediaElement.cpp b/Source/WebCore/html/HTMLMediaElement.cpp
index 3fc0c59..45d0500 100644
--- a/Source/WebCore/html/HTMLMediaElement.cpp
+++ b/Source/WebCore/html/HTMLMediaElement.cpp
@@ -1966,7 +1966,7 @@
}
Frame* frame = document().frame();
- if (!frame || !document().securityOrigin()->canDisplay(url)) {
+ if (!frame || !document().securityOrigin().canDisplay(url)) {
if (actionIfInvalid == Complain)
FrameLoader::reportLocalLoadFailed(frame, url.stringCenterEllipsizedToLength());
LOG(Media, "HTMLMediaElement::isSafeToLoadURL(%p) - %s -> FALSE rejected by SecurityOrigin", this, urlForLoggingMedia(url).utf8().data());
@@ -2432,11 +2432,7 @@
if (storageDirectory.isEmpty())
return emptyString();
- SecurityOrigin* origin = document().securityOrigin();
- if (!origin)
- return emptyString();
-
- return pathByAppendingComponent(storageDirectory, SecurityOriginData::fromSecurityOrigin(*origin).databaseIdentifier());
+ return pathByAppendingComponent(storageDirectory, SecurityOriginData::fromSecurityOrigin(document().securityOrigin()).databaseIdentifier());
}
void HTMLMediaElement::webkitSetMediaKeys(WebKitMediaKeys* mediaKeys)
diff --git a/Source/WebCore/html/HTMLPlugInImageElement.cpp b/Source/WebCore/html/HTMLPlugInImageElement.cpp
index 2a7628a..02274e3 100644
--- a/Source/WebCore/html/HTMLPlugInImageElement.cpp
+++ b/Source/WebCore/html/HTMLPlugInImageElement.cpp
@@ -139,7 +139,7 @@
bool HTMLPlugInImageElement::allowedToLoadFrameURL(const String& url)
{
URL completeURL = document().completeURL(url);
- if (contentFrame() && protocolIsJavaScript(completeURL) && !document().securityOrigin()->canAccess(contentDocument()->securityOrigin()))
+ if (contentFrame() && protocolIsJavaScript(completeURL) && !document().securityOrigin().canAccess(contentDocument()->securityOrigin()))
return false;
return document().frame()->isURLAllowed(completeURL);
}
diff --git a/Source/WebCore/inspector/InspectorDOMStorageAgent.cpp b/Source/WebCore/inspector/InspectorDOMStorageAgent.cpp
index 3c36c45..fa01ec5 100644
--- a/Source/WebCore/inspector/InspectorDOMStorageAgent.cpp
+++ b/Source/WebCore/inspector/InspectorDOMStorageAgent.cpp
@@ -145,9 +145,9 @@
ASSERT(document);
DOMWindow* window = document->domWindow();
ASSERT(window);
- RefPtr<SecurityOrigin> securityOrigin = document->securityOrigin();
+ Ref<SecurityOrigin> securityOrigin = document->securityOrigin();
bool isLocalStorage = window->optionalLocalStorage() == storage;
- return storageId(securityOrigin.get(), isLocalStorage)->toJSONString();
+ return storageId(securityOrigin.ptr(), isLocalStorage)->toJSONString();
}
RefPtr<Inspector::Protocol::DOMStorage::StorageId> InspectorDOMStorageAgent::storageId(SecurityOrigin* securityOrigin, bool isLocalStorage)
@@ -195,7 +195,7 @@
}
if (!isLocalStorage)
- return m_pageAgent->page().sessionStorage()->storageArea(SecurityOriginData::fromSecurityOrigin(*targetFrame->document()->securityOrigin()));
+ return m_pageAgent->page().sessionStorage()->storageArea(SecurityOriginData::fromSecurityOrigin(targetFrame->document()->securityOrigin()));
return m_pageAgent->page().storageNamespaceProvider().localStorageArea(*targetFrame->document());
}
diff --git a/Source/WebCore/inspector/InspectorIndexedDBAgent.cpp b/Source/WebCore/inspector/InspectorIndexedDBAgent.cpp
index d3fa41a..8403ca8 100644
--- a/Source/WebCore/inspector/InspectorIndexedDBAgent.cpp
+++ b/Source/WebCore/inspector/InspectorIndexedDBAgent.cpp
@@ -573,9 +573,7 @@
if (!document)
return;
- auto* openingOrigin = document->securityOrigin();
- if (!openingOrigin)
- return;
+ auto& openingOrigin = document->securityOrigin();
auto* topOrigin = document->topOrigin();
if (!topOrigin)
@@ -586,7 +584,7 @@
return;
RefPtr<RequestDatabaseNamesCallback> callback = WTFMove(requestCallback);
- idbFactory->getAllDatabaseNames(*topOrigin, *openingOrigin, [callback](auto& databaseNames) {
+ idbFactory->getAllDatabaseNames(*topOrigin, openingOrigin, [callback](auto& databaseNames) {
if (!callback->isActive())
return;
@@ -610,7 +608,7 @@
return;
Ref<DatabaseLoader> databaseLoader = DatabaseLoader::create(document, WTFMove(requestCallback));
- databaseLoader->start(idbFactory, document->securityOrigin(), databaseName);
+ databaseLoader->start(idbFactory, &document->securityOrigin(), databaseName);
}
void InspectorIndexedDBAgent::requestData(ErrorString& errorString, const String& securityOrigin, const String& databaseName, const String& objectStoreName, const String& indexName, int skipCount, int pageSize, const InspectorObject* keyRange, Ref<RequestDataCallback>&& requestCallback)
@@ -633,7 +631,7 @@
}
Ref<DataLoader> dataLoader = DataLoader::create(document, WTFMove(requestCallback), injectedScript, objectStoreName, indexName, WTFMove(idbKeyRange), skipCount, pageSize);
- dataLoader->start(idbFactory, document->securityOrigin(), databaseName);
+ dataLoader->start(idbFactory, &document->securityOrigin(), databaseName);
}
class ClearObjectStoreListener final : public EventListener {
@@ -735,7 +733,7 @@
return;
Ref<ClearObjectStore> clearObjectStore = ClearObjectStore::create(document, objectStoreName, WTFMove(requestCallback));
- clearObjectStore->start(idbFactory, document->securityOrigin(), databaseName);
+ clearObjectStore->start(idbFactory, &document->securityOrigin(), databaseName);
}
} // namespace WebCore
diff --git a/Source/WebCore/inspector/InspectorPageAgent.cpp b/Source/WebCore/inspector/InspectorPageAgent.cpp
index c46c8b8..f69a0ba 100644
--- a/Source/WebCore/inspector/InspectorPageAgent.cpp
+++ b/Source/WebCore/inspector/InspectorPageAgent.cpp
@@ -765,7 +765,7 @@
Frame* InspectorPageAgent::findFrameWithSecurityOrigin(const String& originRawString)
{
for (Frame* frame = &m_page.mainFrame(); frame; frame = frame->tree().traverseNext()) {
- RefPtr<SecurityOrigin> documentOrigin = frame->document()->securityOrigin();
+ Ref<SecurityOrigin> documentOrigin = frame->document()->securityOrigin();
if (documentOrigin->toRawString() == originRawString)
return frame;
}
@@ -869,7 +869,7 @@
.setLoaderId(loaderId(frame->loader().documentLoader()))
.setUrl(frame->document()->url().string())
.setMimeType(frame->loader().documentLoader()->responseMIMEType())
- .setSecurityOrigin(frame->document()->securityOrigin()->toRawString())
+ .setSecurityOrigin(frame->document()->securityOrigin().toRawString())
.release();
if (frame->tree().parent())
frameObject->setParentId(frameId(frame->tree().parent()));
diff --git a/Source/WebCore/loader/DocumentLoader.cpp b/Source/WebCore/loader/DocumentLoader.cpp
index ee659cb..1046f20 100644
--- a/Source/WebCore/loader/DocumentLoader.cpp
+++ b/Source/WebCore/loader/DocumentLoader.cpp
@@ -857,7 +857,7 @@
// load local resources. See https://bugs.webkit.org/show_bug.cgi?id=16756
// and https://bugs.webkit.org/show_bug.cgi?id=19760 for further
// discussion.
- m_frame->document()->securityOrigin()->grantLoadLocalResources();
+ m_frame->document()->securityOrigin().grantLoadLocalResources();
}
if (frameLoader()->stateMachine().creatingInitialEmptyDocument())
diff --git a/Source/WebCore/loader/DocumentThreadableLoader.cpp b/Source/WebCore/loader/DocumentThreadableLoader.cpp
index b193733..0c970a1 100644
--- a/Source/WebCore/loader/DocumentThreadableLoader.cpp
+++ b/Source/WebCore/loader/DocumentThreadableLoader.cpp
@@ -379,7 +379,7 @@
CachedResourceRequest newRequest(WTFMove(request), options);
if (RuntimeEnabledFeatures::sharedFeatures().resourceTimingEnabled())
newRequest.setInitiator(m_options.initiator);
- newRequest.setOrigin(&securityOrigin());
+ newRequest.setOrigin(securityOrigin());
ASSERT(!m_resource);
// We create an URL here as the request will be moved in requestRawResource
@@ -488,8 +488,7 @@
SecurityOrigin& DocumentThreadableLoader::securityOrigin() const
{
- ASSERT(m_document.securityOrigin());
- return m_origin ? *m_origin : *m_document.securityOrigin();
+ return m_origin ? *m_origin : m_document.securityOrigin();
}
const ContentSecurityPolicy& DocumentThreadableLoader::contentSecurityPolicy() const
diff --git a/Source/WebCore/loader/DocumentWriter.cpp b/Source/WebCore/loader/DocumentWriter.cpp
index a585573..4e27000 100644
--- a/Source/WebCore/loader/DocumentWriter.cpp
+++ b/Source/WebCore/loader/DocumentWriter.cpp
@@ -56,7 +56,7 @@
static inline bool canReferToParentFrameEncoding(const Frame* frame, const Frame* parentFrame)
{
- return parentFrame && parentFrame->document()->securityOrigin()->canAccess(frame->document()->securityOrigin());
+ return parentFrame && parentFrame->document()->securityOrigin().canAccess(frame->document()->securityOrigin());
}
DocumentWriter::DocumentWriter(Frame* frame)
diff --git a/Source/WebCore/loader/EmptyClients.cpp b/Source/WebCore/loader/EmptyClients.cpp
index eefc4aa..e75495f 100644
--- a/Source/WebCore/loader/EmptyClients.cpp
+++ b/Source/WebCore/loader/EmptyClients.cpp
@@ -409,7 +409,7 @@
void saveViewStateToItem(HistoryItem&) final { }
bool canCachePage() const final { return false; }
void didDisplayInsecureContent() final { }
- void didRunInsecureContent(SecurityOrigin*, const URL&) final { }
+ void didRunInsecureContent(SecurityOrigin&, const URL&) final { }
void didDetectXSS(const URL&, bool) final { }
RefPtr<Frame> createFrame(const URL&, const String&, HTMLFrameOwnerElement&, const String&, bool, int, int) final;
RefPtr<Widget> createPlugin(const IntSize&, HTMLPlugInElement&, const URL&, const Vector<String>&, const Vector<String>&, const String&, bool) final;
diff --git a/Source/WebCore/loader/FrameLoadRequest.cpp b/Source/WebCore/loader/FrameLoadRequest.cpp
index 5d9926f..8a1e751 100644
--- a/Source/WebCore/loader/FrameLoadRequest.cpp
+++ b/Source/WebCore/loader/FrameLoadRequest.cpp
@@ -37,7 +37,7 @@
namespace WebCore {
FrameLoadRequest::FrameLoadRequest(Frame* frame, const ResourceRequest& resourceRequest, ShouldOpenExternalURLsPolicy shouldOpenExternalURLsPolicy, const SubstituteData& substituteData)
- : m_requester(frame->document()->securityOrigin())
+ : m_requester(&frame->document()->securityOrigin())
, m_resourceRequest(resourceRequest)
, m_shouldCheckNewWindowPolicy(false)
, m_substituteData(substituteData)
diff --git a/Source/WebCore/loader/FrameLoadRequest.h b/Source/WebCore/loader/FrameLoadRequest.h
index be27223..1cbebbb 100644
--- a/Source/WebCore/loader/FrameLoadRequest.h
+++ b/Source/WebCore/loader/FrameLoadRequest.h
@@ -35,8 +35,8 @@
struct FrameLoadRequest {
public:
- FrameLoadRequest(SecurityOrigin* requester, LockHistory lockHistory, LockBackForwardList lockBackForwardList, ShouldSendReferrer shouldSendReferrer, AllowNavigationToInvalidURL allowNavigationToInvalidURL, NewFrameOpenerPolicy newFrameOpenerPolicy, ShouldOpenExternalURLsPolicy shouldOpenExternalURLsPolicy)
- : m_requester(requester)
+ FrameLoadRequest(SecurityOrigin& requester, LockHistory lockHistory, LockBackForwardList lockBackForwardList, ShouldSendReferrer shouldSendReferrer, AllowNavigationToInvalidURL allowNavigationToInvalidURL, NewFrameOpenerPolicy newFrameOpenerPolicy, ShouldOpenExternalURLsPolicy shouldOpenExternalURLsPolicy)
+ : m_requester(&requester)
, m_lockHistory(lockHistory)
, m_lockBackForwardList(lockBackForwardList)
, m_shouldSendReferrer(shouldSendReferrer)
@@ -47,8 +47,8 @@
{
}
- FrameLoadRequest(SecurityOrigin* requester, const ResourceRequest& resourceRequest, LockHistory lockHistory, LockBackForwardList lockBackForwardList, ShouldSendReferrer shouldSendReferrer, AllowNavigationToInvalidURL allowNavigationToInvalidURL, NewFrameOpenerPolicy newFrameOpenerPolicy, ShouldOpenExternalURLsPolicy shouldOpenExternalURLsPolicy)
- : m_requester(requester)
+ FrameLoadRequest(SecurityOrigin& requester, const ResourceRequest& resourceRequest, LockHistory lockHistory, LockBackForwardList lockBackForwardList, ShouldSendReferrer shouldSendReferrer, AllowNavigationToInvalidURL allowNavigationToInvalidURL, NewFrameOpenerPolicy newFrameOpenerPolicy, ShouldOpenExternalURLsPolicy shouldOpenExternalURLsPolicy)
+ : m_requester(&requester)
, m_resourceRequest(resourceRequest)
, m_lockHistory(lockHistory)
, m_lockBackForwardList(lockBackForwardList)
@@ -60,8 +60,8 @@
{
}
- FrameLoadRequest(SecurityOrigin* requester, const ResourceRequest& resourceRequest, const String& frameName, LockHistory lockHistory, LockBackForwardList lockBackForwardList, ShouldSendReferrer shouldSendReferrer, AllowNavigationToInvalidURL allowNavigationToInvalidURL, NewFrameOpenerPolicy newFrameOpenerPolicy, ShouldOpenExternalURLsPolicy shouldOpenExternalURLsPolicy)
- : m_requester(requester)
+ FrameLoadRequest(SecurityOrigin& requester, const ResourceRequest& resourceRequest, const String& frameName, LockHistory lockHistory, LockBackForwardList lockBackForwardList, ShouldSendReferrer shouldSendReferrer, AllowNavigationToInvalidURL allowNavigationToInvalidURL, NewFrameOpenerPolicy newFrameOpenerPolicy, ShouldOpenExternalURLsPolicy shouldOpenExternalURLsPolicy)
+ : m_requester(&requester)
, m_resourceRequest(resourceRequest)
, m_frameName(frameName)
, m_lockHistory(lockHistory)
@@ -74,8 +74,8 @@
{
}
- FrameLoadRequest(SecurityOrigin* requester, const ResourceRequest& resourceRequest, const String& frameName, LockHistory lockHistory, LockBackForwardList lockBackForwardList, ShouldSendReferrer shouldSendReferrer, AllowNavigationToInvalidURL allowNavigationToInvalidURL, NewFrameOpenerPolicy newFrameOpenerPolicy, ShouldReplaceDocumentIfJavaScriptURL shouldReplaceDocumentIfJavaScriptURL, ShouldOpenExternalURLsPolicy shouldOpenExternalURLsPolicy)
- : m_requester(requester)
+ FrameLoadRequest(SecurityOrigin& requester, const ResourceRequest& resourceRequest, const String& frameName, LockHistory lockHistory, LockBackForwardList lockBackForwardList, ShouldSendReferrer shouldSendReferrer, AllowNavigationToInvalidURL allowNavigationToInvalidURL, NewFrameOpenerPolicy newFrameOpenerPolicy, ShouldReplaceDocumentIfJavaScriptURL shouldReplaceDocumentIfJavaScriptURL, ShouldOpenExternalURLsPolicy shouldOpenExternalURLsPolicy)
+ : m_requester(&requester)
, m_resourceRequest(resourceRequest)
, m_frameName(frameName)
, m_lockHistory(lockHistory)
@@ -88,8 +88,8 @@
{
}
- FrameLoadRequest(SecurityOrigin* requester, const ResourceRequest& resourceRequest, const String& frameName, LockHistory lockHistory, LockBackForwardList lockBackForwardList, ShouldSendReferrer shouldSendReferrer, AllowNavigationToInvalidURL allowNavigationToInvalidURL, NewFrameOpenerPolicy newFrameOpenerPolicy, ShouldReplaceDocumentIfJavaScriptURL shouldReplaceDocumentIfJavaScriptURL, ShouldOpenExternalURLsPolicy shouldOpenExternalURLsPolicy, const AtomicString& downloadAttribute)
- : m_requester(requester)
+ FrameLoadRequest(SecurityOrigin& requester, const ResourceRequest& resourceRequest, const String& frameName, LockHistory lockHistory, LockBackForwardList lockBackForwardList, ShouldSendReferrer shouldSendReferrer, AllowNavigationToInvalidURL allowNavigationToInvalidURL, NewFrameOpenerPolicy newFrameOpenerPolicy, ShouldReplaceDocumentIfJavaScriptURL shouldReplaceDocumentIfJavaScriptURL, ShouldOpenExternalURLsPolicy shouldOpenExternalURLsPolicy, const AtomicString& downloadAttribute)
+ : m_requester(&requester)
, m_resourceRequest(resourceRequest)
, m_frameName(frameName)
, m_lockHistory(lockHistory)
diff --git a/Source/WebCore/loader/FrameLoader.cpp b/Source/WebCore/loader/FrameLoader.cpp
index 496e72d..f4c961e 100644
--- a/Source/WebCore/loader/FrameLoader.cpp
+++ b/Source/WebCore/loader/FrameLoader.cpp
@@ -578,7 +578,7 @@
if (frame.loader().opener())
return false;
- return !newDocument.securityOrigin()->isSameOriginAs(frame.document()->securityOrigin());
+ return !newDocument.securityOrigin().isSameOriginAs(frame.document()->securityOrigin());
}
void FrameLoader::clear(Document* newDocument, bool clearWindowProperties, bool clearScriptObjects, bool clearFrameView)
@@ -938,7 +938,7 @@
String FrameLoader::outgoingOrigin() const
{
- return m_frame.document()->securityOrigin()->toString();
+ return m_frame.document()->securityOrigin().toString();
}
bool FrameLoader::checkIfFormActionAllowedByCSP(const URL& url, bool didReceiveRedirectResponse) const
@@ -1207,7 +1207,7 @@
}
#if ENABLE(CACHE_PARTITIONING)
if (&m_frame.tree().top() != &m_frame)
- request.setDomainForCachePartition(m_frame.tree().top().document()->securityOrigin()->domainForCachePartition());
+ request.setDomainForCachePartition(m_frame.tree().top().document()->securityOrigin().domainForCachePartition());
#endif
addExtraFieldsToRequest(request, newLoadType, true);
if (newLoadType == FrameLoadType::Reload || newLoadType == FrameLoadType::ReloadFromOrigin)
@@ -3009,7 +3009,7 @@
Document* parentDocument = parentFrame->document();
if (!parentDocument)
return true;
- if (!m_frame.document() || !m_frame.document()->securityOrigin()->canAccess(parentDocument->securityOrigin())) {
+ if (!m_frame.document() || !m_frame.document()->securityOrigin().canAccess(parentDocument->securityOrigin())) {
document->addConsoleMessage(MessageSource::JS, MessageLevel::Error, ASCIILiteral("Blocked attempt to show beforeunload confirmation dialog on behalf of a frame with different security origin. Protocols, domains, and ports must match."));
return true;
}
diff --git a/Source/WebCore/loader/FrameLoaderClient.h b/Source/WebCore/loader/FrameLoaderClient.h
index a80947b..7ba15d6 100644
--- a/Source/WebCore/loader/FrameLoaderClient.h
+++ b/Source/WebCore/loader/FrameLoaderClient.h
@@ -220,7 +220,7 @@
// The indicated security origin has run active content (such as a
// script) from an insecure source. Note that the insecure content can
// spread to other frames in the same origin.
- virtual void didRunInsecureContent(SecurityOrigin*, const URL&) = 0;
+ virtual void didRunInsecureContent(SecurityOrigin&, const URL&) = 0;
virtual void didDetectXSS(const URL&, bool didBlockEntirePage) = 0;
virtual ResourceError cancelledError(const ResourceRequest&) = 0;
diff --git a/Source/WebCore/loader/MixedContentChecker.cpp b/Source/WebCore/loader/MixedContentChecker.cpp
index e29613f..46081a7 100644
--- a/Source/WebCore/loader/MixedContentChecker.cpp
+++ b/Source/WebCore/loader/MixedContentChecker.cpp
@@ -52,16 +52,16 @@
}
// static
-bool MixedContentChecker::isMixedContent(SecurityOrigin* securityOrigin, const URL& url)
+bool MixedContentChecker::isMixedContent(SecurityOrigin& securityOrigin, const URL& url)
{
- if (securityOrigin->protocol() != "https")
+ if (securityOrigin.protocol() != "https")
return false; // We only care about HTTPS security origins.
// We're in a secure context, so |url| is mixed content if it's insecure.
return !SecurityOrigin::isSecure(url);
}
-bool MixedContentChecker::canDisplayInsecureContent(SecurityOrigin* securityOrigin, ContentType type, const URL& url, AlwaysDisplayInNonStrictMode alwaysDisplayInNonStrictMode) const
+bool MixedContentChecker::canDisplayInsecureContent(SecurityOrigin& securityOrigin, ContentType type, const URL& url, AlwaysDisplayInNonStrictMode alwaysDisplayInNonStrictMode) const
{
if (!isMixedContent(securityOrigin, url))
return true;
@@ -84,7 +84,7 @@
return allowed;
}
-bool MixedContentChecker::canRunInsecureContent(SecurityOrigin* securityOrigin, const URL& url) const
+bool MixedContentChecker::canRunInsecureContent(SecurityOrigin& securityOrigin, const URL& url) const
{
if (!isMixedContent(securityOrigin, url))
return true;
@@ -103,7 +103,7 @@
return allowed;
}
-void MixedContentChecker::checkFormForMixedContent(SecurityOrigin* securityOrigin, const URL& url) const
+void MixedContentChecker::checkFormForMixedContent(SecurityOrigin& securityOrigin, const URL& url) const
{
// Unconditionally allow javascript: URLs as form actions as some pages do this and it does not introduce
// a mixed content issue.
diff --git a/Source/WebCore/loader/MixedContentChecker.h b/Source/WebCore/loader/MixedContentChecker.h
index 38fcf8c..a26a857 100644
--- a/Source/WebCore/loader/MixedContentChecker.h
+++ b/Source/WebCore/loader/MixedContentChecker.h
@@ -55,10 +55,10 @@
Yes,
};
- bool canDisplayInsecureContent(SecurityOrigin*, ContentType, const URL&, AlwaysDisplayInNonStrictMode = AlwaysDisplayInNonStrictMode::No) const;
- bool canRunInsecureContent(SecurityOrigin*, const URL&) const;
- void checkFormForMixedContent(SecurityOrigin*, const URL&) const;
- static bool isMixedContent(SecurityOrigin*, const URL&);
+ bool canDisplayInsecureContent(SecurityOrigin&, ContentType, const URL&, AlwaysDisplayInNonStrictMode = AlwaysDisplayInNonStrictMode::No) const;
+ bool canRunInsecureContent(SecurityOrigin&, const URL&) const;
+ void checkFormForMixedContent(SecurityOrigin&, const URL&) const;
+ static bool isMixedContent(SecurityOrigin&, const URL&);
private:
// FIXME: This should probably have a separate client from FrameLoader.
diff --git a/Source/WebCore/loader/NavigationScheduler.cpp b/Source/WebCore/loader/NavigationScheduler.cpp
index 5697753..0e5b64d 100644
--- a/Source/WebCore/loader/NavigationScheduler.cpp
+++ b/Source/WebCore/loader/NavigationScheduler.cpp
@@ -122,7 +122,7 @@
UserGestureIndicator gestureIndicator(userGestureToForward());
ResourceRequest resourceRequest(m_url, m_referrer, UseProtocolCachePolicy);
- FrameLoadRequest frameRequest(m_securityOrigin.get(), resourceRequest, "_self", lockHistory(), lockBackForwardList(), MaybeSendReferrer, AllowNavigationToInvalidURL::Yes, NewFrameOpenerPolicy::Allow, shouldOpenExternalURLs());
+ FrameLoadRequest frameRequest(*m_securityOrigin, resourceRequest, "_self", lockHistory(), lockBackForwardList(), MaybeSendReferrer, AllowNavigationToInvalidURL::Yes, NewFrameOpenerPolicy::Allow, shouldOpenExternalURLs());
frame.loader().changeLocation(frameRequest);
}
@@ -180,7 +180,7 @@
UserGestureIndicator gestureIndicator(userGestureToForward());
bool refresh = equalIgnoringFragmentIdentifier(frame.document()->url(), url());
ResourceRequest resourceRequest(url(), referrer(), refresh ? ReloadIgnoringCacheData : UseProtocolCachePolicy);
- FrameLoadRequest frameRequest(securityOrigin(), resourceRequest, "_self", lockHistory(), lockBackForwardList(), MaybeSendReferrer, AllowNavigationToInvalidURL::No, NewFrameOpenerPolicy::Allow, shouldOpenExternalURLs());
+ FrameLoadRequest frameRequest(*securityOrigin(), resourceRequest, "_self", lockHistory(), lockBackForwardList(), MaybeSendReferrer, AllowNavigationToInvalidURL::No, NewFrameOpenerPolicy::Allow, shouldOpenExternalURLs());
frame.loader().changeLocation(frameRequest);
}
@@ -196,7 +196,7 @@
UserGestureIndicator gestureIndicator(userGestureToForward());
ResourceRequest resourceRequest(url(), referrer(), UseProtocolCachePolicy);
- FrameLoadRequest frameRequest(securityOrigin(), resourceRequest, "_self", lockHistory(), lockBackForwardList(), MaybeSendReferrer, AllowNavigationToInvalidURL::No, NewFrameOpenerPolicy::Allow, shouldOpenExternalURLs());
+ FrameLoadRequest frameRequest(*securityOrigin(), resourceRequest, "_self", lockHistory(), lockBackForwardList(), MaybeSendReferrer, AllowNavigationToInvalidURL::No, NewFrameOpenerPolicy::Allow, shouldOpenExternalURLs());
frame.loader().changeLocation(frameRequest);
}
};
@@ -213,7 +213,7 @@
UserGestureIndicator gestureIndicator(userGestureToForward());
ResourceRequest resourceRequest(url(), referrer(), ReloadIgnoringCacheData);
- FrameLoadRequest frameRequest(securityOrigin(), resourceRequest, "_self", lockHistory(), lockBackForwardList(), MaybeSendReferrer, AllowNavigationToInvalidURL::Yes, NewFrameOpenerPolicy::Allow, shouldOpenExternalURLs());
+ FrameLoadRequest frameRequest(*securityOrigin(), resourceRequest, "_self", lockHistory(), lockBackForwardList(), MaybeSendReferrer, AllowNavigationToInvalidURL::Yes, NewFrameOpenerPolicy::Allow, shouldOpenExternalURLs());
frame.loader().changeLocation(frameRequest);
}
};
@@ -378,7 +378,7 @@
// We want a new back/forward list item if the refresh timeout is > 1 second.
if (!m_redirect || delay <= m_redirect->delay()) {
auto lockBackForwardList = delay <= 1 ? LockBackForwardList::Yes : LockBackForwardList::No;
- schedule(std::make_unique<ScheduledRedirect>(initiatingDocument, delay, m_frame.document()->securityOrigin(), url, LockHistory::Yes, lockBackForwardList));
+ schedule(std::make_unique<ScheduledRedirect>(initiatingDocument, delay, &m_frame.document()->securityOrigin(), url, LockHistory::Yes, lockBackForwardList));
}
}
@@ -400,7 +400,7 @@
return LockBackForwardList::No;
}
-void NavigationScheduler::scheduleLocationChange(Document& initiatingDocument, SecurityOrigin* securityOrigin, const URL& url, const String& referrer, LockHistory lockHistory, LockBackForwardList lockBackForwardList)
+void NavigationScheduler::scheduleLocationChange(Document& initiatingDocument, SecurityOrigin& securityOrigin, const URL& url, const String& referrer, LockHistory lockHistory, LockBackForwardList lockBackForwardList)
{
if (!shouldScheduleNavigation(url))
return;
@@ -423,7 +423,7 @@
// This may happen when a frame changes the location of another frame.
bool duringLoad = !loader.stateMachine().committedFirstRealDocumentLoad();
- schedule(std::make_unique<ScheduledLocationChange>(initiatingDocument, securityOrigin, url, referrer, lockHistory, lockBackForwardList, duringLoad));
+ schedule(std::make_unique<ScheduledLocationChange>(initiatingDocument, &securityOrigin, url, referrer, lockHistory, lockBackForwardList, duringLoad));
}
void NavigationScheduler::scheduleFormSubmission(Ref<FormSubmission>&& submission)
@@ -457,7 +457,7 @@
if (url.isEmpty())
return;
- schedule(std::make_unique<ScheduledRefresh>(initiatingDocument, m_frame.document()->securityOrigin(), url, m_frame.loader().outgoingReferrer()));
+ schedule(std::make_unique<ScheduledRefresh>(initiatingDocument, &m_frame.document()->securityOrigin(), url, m_frame.loader().outgoingReferrer()));
}
void NavigationScheduler::scheduleHistoryNavigation(int steps)
diff --git a/Source/WebCore/loader/NavigationScheduler.h b/Source/WebCore/loader/NavigationScheduler.h
index 0ae1711..0942f54 100644
--- a/Source/WebCore/loader/NavigationScheduler.h
+++ b/Source/WebCore/loader/NavigationScheduler.h
@@ -69,7 +69,7 @@
bool locationChangePending();
void scheduleRedirect(Document& initiatingDocument, double delay, const URL&);
- void scheduleLocationChange(Document& initiatingDocument, SecurityOrigin*, const URL&, const String& referrer, LockHistory = LockHistory::Yes, LockBackForwardList = LockBackForwardList::Yes);
+ void scheduleLocationChange(Document& initiatingDocument, SecurityOrigin&, const URL&, const String& referrer, LockHistory = LockHistory::Yes, LockBackForwardList = LockBackForwardList::Yes);
void scheduleFormSubmission(Ref<FormSubmission>&&);
void scheduleRefresh(Document& initiatingDocument);
void scheduleHistoryNavigation(int steps);
diff --git a/Source/WebCore/loader/PingLoader.cpp b/Source/WebCore/loader/PingLoader.cpp
index 4732a92..d5fff79 100644
--- a/Source/WebCore/loader/PingLoader.cpp
+++ b/Source/WebCore/loader/PingLoader.cpp
@@ -88,7 +88,7 @@
ASSERT(frame.document());
auto& document = *frame.document();
- if (!document.securityOrigin()->canDisplay(url)) {
+ if (!document.securityOrigin().canDisplay(url)) {
FrameLoader::reportLocalLoadFailed(&frame, url);
return;
}
@@ -129,13 +129,12 @@
request.setHTTPHeaderField(HTTPHeaderName::CacheControl, "max-age=0");
frame.loader().addExtraFieldsToSubresourceRequest(request);
- ASSERT(document.securityOrigin());
- auto& sourceOrigin = *document.securityOrigin();
+ auto& sourceOrigin = document.securityOrigin();
FrameLoader::addHTTPOriginIfNeeded(request, sourceOrigin.toString());
request.setHTTPHeaderField(HTTPHeaderName::PingTo, destinationURL);
if (!SecurityPolicy::shouldHideReferrer(pingURL, frame.loader().outgoingReferrer())) {
request.setHTTPHeaderField(HTTPHeaderName::PingFrom, document.url());
- if (!sourceOrigin.isSameSchemeHostPort(SecurityOrigin::create(pingURL).ptr())) {
+ if (!sourceOrigin.isSameSchemeHostPort(SecurityOrigin::create(pingURL).get())) {
String referrer = SecurityPolicy::generateReferrerHeader(document.referrerPolicy(), pingURL, frame.loader().outgoingReferrer());
if (!referrer.isEmpty())
request.setHTTPReferrer(referrer);
@@ -168,10 +167,8 @@
}
bool removeCookies = true;
- if (auto* securityOrigin = document.securityOrigin()) {
- if (securityOrigin->isSameSchemeHostPort(SecurityOrigin::create(reportURL).ptr()))
- removeCookies = false;
- }
+ if (document.securityOrigin().isSameSchemeHostPort(SecurityOrigin::create(reportURL).get()))
+ removeCookies = false;
if (removeCookies)
request.setAllowCookies(false);
diff --git a/Source/WebCore/loader/ResourceLoadInfo.cpp b/Source/WebCore/loader/ResourceLoadInfo.cpp
index a8beca5..d8e4d15 100644
--- a/Source/WebCore/loader/ResourceLoadInfo.cpp
+++ b/Source/WebCore/loader/ResourceLoadInfo.cpp
@@ -108,7 +108,7 @@
Ref<SecurityOrigin> mainDocumentSecurityOrigin = SecurityOrigin::create(mainDocumentURL);
Ref<SecurityOrigin> resourceSecurityOrigin = SecurityOrigin::create(resourceURL);
- return !mainDocumentSecurityOrigin->canAccess(&resourceSecurityOrigin.get());
+ return !mainDocumentSecurityOrigin->canAccess(resourceSecurityOrigin.get());
}
ResourceFlags ResourceLoadInfo::getResourceFlags() const
diff --git a/Source/WebCore/loader/ResourceLoader.cpp b/Source/WebCore/loader/ResourceLoader.cpp
index cecd157..4a48894 100644
--- a/Source/WebCore/loader/ResourceLoader.cpp
+++ b/Source/WebCore/loader/ResourceLoader.cpp
@@ -128,7 +128,7 @@
m_defersLoading = m_options.defersLoadingPolicy == DefersLoadingPolicy::AllowDefersLoading && m_frame->page()->defersLoading();
- if (m_options.securityCheck == DoSecurityCheck && !m_frame->document()->securityOrigin()->canDisplay(clientRequest.url())) {
+ if (m_options.securityCheck == DoSecurityCheck && !m_frame->document()->securityOrigin().canDisplay(clientRequest.url())) {
FrameLoader::reportLocalLoadFailed(m_frame.get(), clientRequest.url().string());
releaseResources();
return false;
@@ -670,7 +670,7 @@
{
if (m_options.clientCredentialPolicy == ClientCredentialPolicy::CannotAskClientForCredentials)
return false;
- return m_options.credentials == FetchOptions::Credentials::Include || (m_options.credentials == FetchOptions::Credentials::SameOrigin && m_frame->document()->securityOrigin()->canRequest(originalRequest().url()));
+ return m_options.credentials == FetchOptions::Credentials::Include || (m_options.credentials == FetchOptions::Credentials::SameOrigin && m_frame->document()->securityOrigin().canRequest(originalRequest().url()));
}
void ResourceLoader::didReceiveAuthenticationChallenge(const AuthenticationChallenge& challenge)
diff --git a/Source/WebCore/loader/SubframeLoader.cpp b/Source/WebCore/loader/SubframeLoader.cpp
index 30591bd..7a97d1a 100644
--- a/Source/WebCore/loader/SubframeLoader.cpp
+++ b/Source/WebCore/loader/SubframeLoader.cpp
@@ -112,7 +112,7 @@
if (MIMETypeRegistry::isJavaAppletMIMEType(mimeType)) {
if (!m_frame.settings().isJavaEnabled())
return false;
- if (document && document->securityOrigin()->isLocal() && !m_frame.settings().isJavaEnabledForLocalFiles())
+ if (document && document->securityOrigin().isLocal() && !m_frame.settings().isJavaEnabledForLocalFiles())
return false;
}
@@ -120,7 +120,7 @@
if (document->isSandboxed(SandboxPlugins))
return false;
- if (!document->securityOrigin()->canDisplay(url)) {
+ if (!document->securityOrigin().canDisplay(url)) {
FrameLoader::reportLocalLoadFailed(&m_frame, url.string());
return false;
}
@@ -243,7 +243,7 @@
if (!codeBaseURLString.isEmpty()) {
URL codeBaseURL = completeURL(codeBaseURLString);
- if (!element.document().securityOrigin()->canDisplay(codeBaseURL)) {
+ if (!element.document().securityOrigin().canDisplay(codeBaseURL)) {
FrameLoader::reportLocalLoadFailed(&m_frame, codeBaseURL.string());
return nullptr;
}
@@ -315,7 +315,7 @@
auto document = makeRef(ownerElement.document());
- if (!document->securityOrigin()->canDisplay(url)) {
+ if (!document->securityOrigin().canDisplay(url)) {
FrameLoader::reportLocalLoadFailed(&m_frame, url.string());
return nullptr;
}
diff --git a/Source/WebCore/loader/appcache/ApplicationCacheGroup.cpp b/Source/WebCore/loader/appcache/ApplicationCacheGroup.cpp
index 9881b25..75a4996 100644
--- a/Source/WebCore/loader/appcache/ApplicationCacheGroup.cpp
+++ b/Source/WebCore/loader/appcache/ApplicationCacheGroup.cpp
@@ -135,7 +135,7 @@
}
// Don't access anything on disk if private browsing is enabled.
- if (frame.page()->usesEphemeralSession() || !frame.document()->securityOrigin()->canAccessApplicationCache(frame.tree().top().document()->securityOrigin())) {
+ if (frame.page()->usesEphemeralSession() || !frame.document()->securityOrigin().canAccessApplicationCache(&frame.tree().top().document()->securityOrigin())) {
postListenerTask(eventNames().checkingEvent, documentLoader);
postListenerTask(eventNames().errorEvent, documentLoader);
return;
@@ -207,7 +207,7 @@
ASSERT(!documentLoader.applicationCacheHost().applicationCache());
// Don't access anything on disk if private browsing is enabled.
- if (frame.page()->usesEphemeralSession() || !frame.document()->securityOrigin()->canAccessApplicationCache(frame.tree().top().document()->securityOrigin())) {
+ if (frame.page()->usesEphemeralSession() || !frame.document()->securityOrigin().canAccessApplicationCache(&frame.tree().top().document()->securityOrigin())) {
postListenerTask(eventNames().checkingEvent, documentLoader);
postListenerTask(eventNames().errorEvent, documentLoader);
return;
@@ -413,7 +413,7 @@
}
// Don't access anything on disk if private browsing is enabled.
- if (frame.page()->usesEphemeralSession() || !frame.document()->securityOrigin()->canAccessApplicationCache(frame.tree().top().document()->securityOrigin())) {
+ if (frame.page()->usesEphemeralSession() || !frame.document()->securityOrigin().canAccessApplicationCache(&frame.tree().top().document()->securityOrigin())) {
ASSERT(m_pendingMasterResourceLoaders.isEmpty());
ASSERT(m_pendingEntries.isEmpty());
ASSERT(!m_cacheBeingUpdated);
diff --git a/Source/WebCore/loader/cache/CachedResourceLoader.cpp b/Source/WebCore/loader/cache/CachedResourceLoader.cpp
index beb7da0..ad10569 100644
--- a/Source/WebCore/loader/cache/CachedResourceLoader.cpp
+++ b/Source/WebCore/loader/cache/CachedResourceLoader.cpp
@@ -440,14 +440,14 @@
{
auto& options = request.options();
- if (document() && !document()->securityOrigin()->canDisplay(url)) {
+ if (document() && !document()->securityOrigin().canDisplay(url)) {
if (forPreload == ForPreload::No)
FrameLoader::reportLocalLoadFailed(frame(), url.stringCenterEllipsizedToLength());
LOG(ResourceLoading, "CachedResourceLoader::requestResource URL was not allowed by SecurityOrigin::canDisplay");
return false;
}
- if (options.mode == FetchOptions::Mode::SameOrigin && !m_document->securityOrigin()->canRequest(url) && !isSameOriginDataURL(url, options)) {
+ if (options.mode == FetchOptions::Mode::SameOrigin && !m_document->securityOrigin().canRequest(url) && !isSameOriginDataURL(url, options)) {
printAccessDeniedMessage(url);
return false;
}
@@ -474,7 +474,7 @@
// FIXME: Should we find a way to know whether the redirection is for a preload request like we do for CachedResourceLoader::canRequest?
bool CachedResourceLoader::canRequestAfterRedirection(CachedResource::Type type, const URL& url, const ResourceLoaderOptions& options) const
{
- if (document() && !document()->securityOrigin()->canDisplay(url)) {
+ if (document() && !document()->securityOrigin().canDisplay(url)) {
FrameLoader::reportLocalLoadFailed(frame(), url.stringCenterEllipsizedToLength());
LOG(ResourceLoading, "CachedResourceLoader::requestResource URL was not allowed by SecurityOrigin::canDisplay");
return false;
@@ -483,7 +483,7 @@
// FIXME: According to https://fetch.spec.whatwg.org/#http-redirect-fetch, we should check that the URL is HTTP(s) except if in navigation mode.
// But we currently allow at least data URLs to be loaded.
- if (options.mode == FetchOptions::Mode::SameOrigin && !m_document->securityOrigin()->canRequest(url)) {
+ if (options.mode == FetchOptions::Mode::SameOrigin && !m_document->securityOrigin().canRequest(url)) {
printAccessDeniedMessage(url);
return false;
}
@@ -529,7 +529,7 @@
return true;
}
- if (!document->shouldEnforceContentDispositionAttachmentSandbox() || document->securityOrigin()->canRequest(url))
+ if (!document->shouldEnforceContentDispositionAttachmentSandbox() || document->securityOrigin().canRequest(url))
return true;
String message = "Unsafe attempt to load URL " + url.stringCenterEllipsizedToLength() + " from document with Content-Disposition: attachment at URL " + document->url().stringCenterEllipsizedToLength() + ".";
diff --git a/Source/WebCore/loader/cache/CachedResourceRequest.cpp b/Source/WebCore/loader/cache/CachedResourceRequest.cpp
index 6d0c221..db726b7 100644
--- a/Source/WebCore/loader/cache/CachedResourceRequest.cpp
+++ b/Source/WebCore/loader/cache/CachedResourceRequest.cpp
@@ -87,9 +87,8 @@
void CachedResourceRequest::setAsPotentiallyCrossOrigin(const String& mode, Document& document)
{
ASSERT(m_options.mode == FetchOptions::Mode::NoCors);
- ASSERT(document.securityOrigin());
- m_origin = document.securityOrigin();
+ m_origin = &document.securityOrigin();
if (mode.isNull())
return;
@@ -101,15 +100,14 @@
? FetchOptions::Credentials::Include : FetchOptions::Credentials::SameOrigin;
m_options.credentials = credentials;
m_options.allowCredentials = credentials == FetchOptions::Credentials::Include ? AllowStoredCredentials : DoNotAllowStoredCredentials;
- WebCore::updateRequestForAccessControl(m_resourceRequest, *document.securityOrigin(), m_options.allowCredentials);
+ WebCore::updateRequestForAccessControl(m_resourceRequest, document.securityOrigin(), m_options.allowCredentials);
}
void CachedResourceRequest::updateForAccessControl(Document& document)
{
ASSERT(m_options.mode == FetchOptions::Mode::Cors);
- ASSERT(document.securityOrigin());
- m_origin = document.securityOrigin();
+ m_origin = &document.securityOrigin();
WebCore::updateRequestForAccessControl(m_resourceRequest, *m_origin, m_options.allowCredentials);
}
diff --git a/Source/WebCore/loader/cache/CachedResourceRequest.h b/Source/WebCore/loader/cache/CachedResourceRequest.h
index eeed1a1..6555d5d 100644
--- a/Source/WebCore/loader/cache/CachedResourceRequest.h
+++ b/Source/WebCore/loader/cache/CachedResourceRequest.h
@@ -79,7 +79,7 @@
void setDomainForCachePartition(Document&);
#endif
- void setOrigin(RefPtr<SecurityOrigin>&& origin) { m_origin = WTFMove(origin); }
+ void setOrigin(Ref<SecurityOrigin>&& origin) { m_origin = WTFMove(origin); }
RefPtr<SecurityOrigin> releaseOrigin() { return WTFMove(m_origin); }
SecurityOrigin* origin() const { return m_origin.get(); }
diff --git a/Source/WebCore/page/DOMWindow.cpp b/Source/WebCore/page/DOMWindow.cpp
index f137a3b..4f002f9 100644
--- a/Source/WebCore/page/DOMWindow.cpp
+++ b/Source/WebCore/page/DOMWindow.cpp
@@ -858,7 +858,7 @@
if (!document)
return nullptr;
- if (!document->securityOrigin()->canAccessSessionStorage(document->topOrigin()))
+ if (!document->securityOrigin().canAccessSessionStorage(document->topOrigin()))
return Exception { SECURITY_ERR };
if (m_sessionStorage) {
@@ -871,7 +871,7 @@
if (!page)
return nullptr;
- auto storageArea = page->sessionStorage()->storageArea(SecurityOriginData::fromSecurityOrigin(*document->securityOrigin()));
+ auto storageArea = page->sessionStorage()->storageArea(SecurityOriginData::fromSecurityOrigin(document->securityOrigin()));
if (!storageArea->canAccessStorage(m_frame))
return Exception { SECURITY_ERR };
@@ -888,7 +888,7 @@
if (!document)
return nullptr;
- if (!document->securityOrigin()->canAccessLocalStorage(nullptr))
+ if (!document->securityOrigin().canAccessLocalStorage(nullptr))
return Exception { SECURITY_ERR };
auto* page = document->page();
@@ -933,7 +933,7 @@
if (targetOrigin == "/") {
if (!sourceDocument)
return { };
- target = sourceDocument->securityOrigin();
+ target = &sourceDocument->securityOrigin();
} else if (targetOrigin != "*") {
target = SecurityOrigin::createFromString(targetOrigin);
// It doesn't make sense target a postMessage at a unique origin
@@ -955,7 +955,7 @@
// in order to capture the source of the message correctly.
if (!sourceDocument)
return { };
- auto sourceOrigin = sourceDocument->securityOrigin()->toString();
+ auto sourceOrigin = sourceDocument->securityOrigin().toString();
// Capture stack trace only when inspector front-end is loaded as it may be time consuming.
RefPtr<ScriptCallStack> stackTrace;
@@ -983,7 +983,7 @@
// Check target origin now since the target document may have changed since the timer was scheduled.
if (!intendedTargetOrigin->isSameSchemeHostPort(document()->securityOrigin())) {
if (PageConsoleClient* pageConsole = console()) {
- String message = makeString("Unable to post message to ", intendedTargetOrigin->toString(), ". Recipient has origin ", document()->securityOrigin()->toString(), ".\n");
+ String message = makeString("Unable to post message to ", intendedTargetOrigin->toString(), ". Recipient has origin ", document()->securityOrigin().toString(), ".\n");
pageConsole->addMessage(MessageSource::Security, MessageLevel::Error, message, stackTrace);
}
return;
@@ -1755,7 +1755,7 @@
Document* mainFrameDocument = m_frame->mainFrame().document();
- if (mainFrameDocument && document()->securityOrigin()->canAccess(mainFrameDocument->securityOrigin()))
+ if (mainFrameDocument && document()->securityOrigin().canAccess(mainFrameDocument->securityOrigin()))
return true;
return false;
@@ -2100,12 +2100,12 @@
if (activeWindowURL.isNull())
return String();
- ASSERT(!activeWindow.document()->securityOrigin()->canAccess(document()->securityOrigin()));
+ ASSERT(!activeWindow.document()->securityOrigin().canAccess(document()->securityOrigin()));
// FIXME: This message, and other console messages, have extra newlines. Should remove them.
- SecurityOrigin* activeOrigin = activeWindow.document()->securityOrigin();
- SecurityOrigin* targetOrigin = document()->securityOrigin();
- String message = "Blocked a frame with origin \"" + activeOrigin->toString() + "\" from accessing a frame with origin \"" + targetOrigin->toString() + "\". ";
+ SecurityOrigin& activeOrigin = activeWindow.document()->securityOrigin();
+ SecurityOrigin& targetOrigin = document()->securityOrigin();
+ String message = "Blocked a frame with origin \"" + activeOrigin.toString() + "\" from accessing a frame with origin \"" + targetOrigin.toString() + "\". ";
// Sandbox errors: Use the origin of the frames' location, rather than their actual origin (since we know that at least one will be "null").
URL activeURL = activeWindow.document()->url();
@@ -2120,16 +2120,16 @@
}
// Protocol errors: Use the URL's protocol rather than the origin's protocol so that we get a useful message for non-heirarchal URLs like 'data:'.
- if (targetOrigin->protocol() != activeOrigin->protocol())
+ if (targetOrigin.protocol() != activeOrigin.protocol())
return message + " The frame requesting access has a protocol of \"" + activeURL.protocol() + "\", the frame being accessed has a protocol of \"" + targetURL.protocol() + "\". Protocols must match.\n";
// 'document.domain' errors.
- if (targetOrigin->domainWasSetInDOM() && activeOrigin->domainWasSetInDOM())
- return message + "The frame requesting access set \"document.domain\" to \"" + activeOrigin->domain() + "\", the frame being accessed set it to \"" + targetOrigin->domain() + "\". Both must set \"document.domain\" to the same value to allow access.";
- if (activeOrigin->domainWasSetInDOM())
- return message + "The frame requesting access set \"document.domain\" to \"" + activeOrigin->domain() + "\", but the frame being accessed did not. Both must set \"document.domain\" to the same value to allow access.";
- if (targetOrigin->domainWasSetInDOM())
- return message + "The frame being accessed set \"document.domain\" to \"" + targetOrigin->domain() + "\", but the frame requesting access did not. Both must set \"document.domain\" to the same value to allow access.";
+ if (targetOrigin.domainWasSetInDOM() && activeOrigin.domainWasSetInDOM())
+ return message + "The frame requesting access set \"document.domain\" to \"" + activeOrigin.domain() + "\", the frame being accessed set it to \"" + targetOrigin.domain() + "\". Both must set \"document.domain\" to the same value to allow access.";
+ if (activeOrigin.domainWasSetInDOM())
+ return message + "The frame requesting access set \"document.domain\" to \"" + activeOrigin.domain() + "\", but the frame being accessed did not. Both must set \"document.domain\" to the same value to allow access.";
+ if (targetOrigin.domainWasSetInDOM())
+ return message + "The frame being accessed set \"document.domain\" to \"" + targetOrigin.domain() + "\", but the frame requesting access did not. Both must set \"document.domain\" to the same value to allow access.";
// Default.
return message + "Protocols, domains, and ports must match.";
@@ -2151,7 +2151,7 @@
// FIXME: The name canAccess seems to be a roundabout way to ask "can execute script".
// Can we name the SecurityOrigin function better to make this more clear?
- if (activeWindow.document()->securityOrigin()->canAccess(document()->securityOrigin()))
+ if (activeWindow.document()->securityOrigin().canAccess(document()->securityOrigin()))
return false;
}
diff --git a/Source/WebCore/page/DragController.cpp b/Source/WebCore/page/DragController.cpp
index e3790ad..f2318a0 100644
--- a/Source/WebCore/page/DragController.cpp
+++ b/Source/WebCore/page/DragController.cpp
@@ -190,7 +190,7 @@
{
if (RefPtr<FrameView> v = m_page.mainFrame().view()) {
#if ENABLE(DASHBOARD_SUPPORT)
- DataTransferAccessPolicy policy = (m_page.mainFrame().settings().usesDashboardBackwardCompatibilityMode() && (!m_documentUnderMouse || m_documentUnderMouse->securityOrigin()->isLocal()))
+ DataTransferAccessPolicy policy = (m_page.mainFrame().settings().usesDashboardBackwardCompatibilityMode() && (!m_documentUnderMouse || m_documentUnderMouse->securityOrigin().isLocal()))
? DataTransferAccessPolicy::Readable : DataTransferAccessPolicy::TypesReadable;
#else
DataTransferAccessPolicy policy = DataTransferAccessPolicy::TypesReadable;
@@ -320,7 +320,7 @@
if (!m_documentUnderMouse)
return false;
- if (m_dragInitiator && !m_documentUnderMouse->securityOrigin()->canReceiveDragData(m_dragInitiator->securityOrigin()))
+ if (m_dragInitiator && !m_documentUnderMouse->securityOrigin().canReceiveDragData(m_dragInitiator->securityOrigin()))
return false;
bool isHandlingDrag = false;
@@ -611,7 +611,7 @@
return false;
#if ENABLE(DASHBOARD_SUPPORT)
- DataTransferAccessPolicy policy = (mainFrame->settings().usesDashboardBackwardCompatibilityMode() && m_documentUnderMouse->securityOrigin()->isLocal()) ?
+ DataTransferAccessPolicy policy = (mainFrame->settings().usesDashboardBackwardCompatibilityMode() && m_documentUnderMouse->securityOrigin().isLocal()) ?
DataTransferAccessPolicy::Readable : DataTransferAccessPolicy::TypesReadable;
#else
DataTransferAccessPolicy policy = DataTransferAccessPolicy::TypesReadable;
@@ -844,7 +844,7 @@
return false;
doSystemDrag(dragImage, dragLoc, dragOrigin, dataTransfer, src, false);
- } else if (!src.document()->securityOrigin()->canDisplay(linkURL)) {
+ } else if (!src.document()->securityOrigin().canDisplay(linkURL)) {
src.document()->addConsoleMessage(MessageSource::Security, MessageLevel::Error, "Not allowed to drag local resource: " + linkURL.stringCenterEllipsizedToLength());
startedDrag = false;
} else if (!imageURL.isEmpty() && image && !image->isNull() && (m_dragSourceAction & DragSourceActionImage)) {
diff --git a/Source/WebCore/page/History.cpp b/Source/WebCore/page/History.cpp
index 63ed3d0..0daedd4 100644
--- a/Source/WebCore/page/History.cpp
+++ b/Source/WebCore/page/History.cpp
@@ -145,7 +145,7 @@
return { };
URL fullURL = urlForState(urlString);
- if (!fullURL.isValid() || !m_frame->document()->securityOrigin()->canRequest(fullURL))
+ if (!fullURL.isValid() || !m_frame->document()->securityOrigin().canRequest(fullURL))
return Exception { SECURITY_ERR };
if (fullURL.hasUsername() || fullURL.hasPassword()) {
diff --git a/Source/WebCore/page/Location.cpp b/Source/WebCore/page/Location.cpp
index bdb548b..8eeedda 100644
--- a/Source/WebCore/page/Location.cpp
+++ b/Source/WebCore/page/Location.cpp
@@ -137,7 +137,7 @@
if (!m_frame)
return origins;
for (Frame* frame = m_frame->tree().parent(); frame; frame = frame->tree().parent())
- origins->append(frame->document()->securityOrigin()->toString());
+ origins->append(frame->document()->securityOrigin().toString());
return origins;
}
@@ -268,7 +268,7 @@
// FIXME: It's not clear this cross-origin security check is valuable.
// We allow one page to change the location of another. Why block attempts to reload?
// Other location operations simply block use of JavaScript URLs cross origin.
- if (!activeDocument.securityOrigin()->canAccess(targetDocument.securityOrigin())) {
+ if (!activeDocument.securityOrigin().canAccess(targetDocument.securityOrigin())) {
auto& targetWindow = *targetDocument.domWindow();
targetWindow.printErrorMessage(targetWindow.crossDomainAccessErrorMessage(activeWindow));
return;
diff --git a/Source/WebCore/page/Navigator.cpp b/Source/WebCore/page/Navigator.cpp
index d0d3564..ff60fca 100644
--- a/Source/WebCore/page/Navigator.cpp
+++ b/Source/WebCore/page/Navigator.cpp
@@ -125,7 +125,7 @@
if (!m_frame->settings().isJavaEnabled())
return false;
- if (m_frame->document()->securityOrigin()->isLocal() && !m_frame->settings().isJavaEnabledForLocalFiles())
+ if (m_frame->document()->securityOrigin().isLocal() && !m_frame->settings().isJavaEnabledForLocalFiles())
return false;
return true;
diff --git a/Source/WebCore/page/Page.cpp b/Source/WebCore/page/Page.cpp
index 86c0467..951e274 100644
--- a/Source/WebCore/page/Page.cpp
+++ b/Source/WebCore/page/Page.cpp
@@ -566,10 +566,8 @@
if (m_showAllPlugins)
return true;
- if (Document* document = mainFrame().document()) {
- if (SecurityOrigin* securityOrigin = document->securityOrigin())
- return securityOrigin->isLocal();
- }
+ if (Document* document = mainFrame().document())
+ return document->securityOrigin().isLocal();
return false;
}
diff --git a/Source/WebCore/page/PerformanceResourceTiming.cpp b/Source/WebCore/page/PerformanceResourceTiming.cpp
index a82f7f6..5ad4612 100644
--- a/Source/WebCore/page/PerformanceResourceTiming.cpp
+++ b/Source/WebCore/page/PerformanceResourceTiming.cpp
@@ -54,7 +54,7 @@
static bool passesTimingAllowCheck(const ResourceResponse& response, Document* requestingDocument)
{
- RefPtr<SecurityOrigin> resourceOrigin = SecurityOrigin::create(response.url());
+ Ref<SecurityOrigin> resourceOrigin = SecurityOrigin::create(response.url());
if (resourceOrigin->isSameSchemeHostPort(requestingDocument->securityOrigin()))
return true;
@@ -65,7 +65,7 @@
if (timingAllowOriginString == "*")
return true;
- const String& securityOrigin = requestingDocument->securityOrigin()->toString();
+ const String& securityOrigin = requestingDocument->securityOrigin().toString();
Vector<String> timingAllowOrigins;
timingAllowOriginString.split(' ', timingAllowOrigins);
for (auto& origin : timingAllowOrigins) {
diff --git a/Source/WebCore/page/SecurityOrigin.cpp b/Source/WebCore/page/SecurityOrigin.cpp
index f596640..2c7aff8 100644
--- a/Source/WebCore/page/SecurityOrigin.cpp
+++ b/Source/WebCore/page/SecurityOrigin.cpp
@@ -186,15 +186,15 @@
return false;
}
-bool SecurityOrigin::canAccess(const SecurityOrigin* other) const
+bool SecurityOrigin::canAccess(const SecurityOrigin& other) const
{
if (m_universalAccess)
return true;
- if (this == other)
+ if (this == &other)
return true;
- if (isUnique() || other->isUnique())
+ if (isUnique() || other.isUnique())
return false;
// Here are two cases where we should permit access:
@@ -218,18 +218,18 @@
// this is a security vulnerability.
bool canAccess = false;
- if (m_protocol == other->m_protocol) {
- if (!m_domainWasSetInDOM && !other->m_domainWasSetInDOM) {
- if (m_host == other->m_host && m_port == other->m_port)
+ if (m_protocol == other.m_protocol) {
+ if (!m_domainWasSetInDOM && !other.m_domainWasSetInDOM) {
+ if (m_host == other.m_host && m_port == other.m_port)
canAccess = true;
- } else if (m_domainWasSetInDOM && other->m_domainWasSetInDOM) {
- if (m_domain == other->m_domain)
+ } else if (m_domainWasSetInDOM && other.m_domainWasSetInDOM) {
+ if (m_domain == other.m_domain)
canAccess = true;
}
}
if (canAccess && isLocal())
- canAccess = passesFileCheck(*other);
+ canAccess = passesFileCheck(other);
return canAccess;
}
@@ -262,7 +262,7 @@
// We call isSameSchemeHostPort here instead of canAccess because we want
// to ignore document.domain effects.
- if (isSameSchemeHostPort(&targetOrigin.get()))
+ if (isSameSchemeHostPort(targetOrigin.get()))
return true;
if (SecurityPolicy::isAccessWhiteListed(this, &targetOrigin.get()))
@@ -271,9 +271,9 @@
return false;
}
-bool SecurityOrigin::canReceiveDragData(const SecurityOrigin* dragInitiator) const
+bool SecurityOrigin::canReceiveDragData(const SecurityOrigin& dragInitiator) const
{
- if (this == dragInitiator)
+ if (this == &dragInitiator)
return true;
return canAccess(dragInitiator);
@@ -350,7 +350,7 @@
if (m_universalAccess)
return true;
- if ((m_storageBlockingPolicy == BlockThirdPartyStorage || topOrigin->m_storageBlockingPolicy == BlockThirdPartyStorage) && !topOrigin->isSameOriginAs(this))
+ if ((m_storageBlockingPolicy == BlockThirdPartyStorage || topOrigin->m_storageBlockingPolicy == BlockThirdPartyStorage) && !topOrigin->isSameOriginAs(*this))
return false;
return true;
@@ -365,12 +365,12 @@
return Ask;
}
-bool SecurityOrigin::isSameOriginAs(const SecurityOrigin* other) const
+bool SecurityOrigin::isSameOriginAs(const SecurityOrigin& other) const
{
- if (this == other)
+ if (this == &other)
return true;
- if (isUnique() || other->isUnique())
+ if (isUnique() || other.isUnique())
return false;
return isSameSchemeHostPort(other);
@@ -505,7 +505,7 @@
if (other == this)
return true;
- if (!isSameSchemeHostPort(other))
+ if (!isSameSchemeHostPort(*other))
return false;
if (m_domainWasSetInDOM != other->m_domainWasSetInDOM)
@@ -517,18 +517,18 @@
return true;
}
-bool SecurityOrigin::isSameSchemeHostPort(const SecurityOrigin* other) const
+bool SecurityOrigin::isSameSchemeHostPort(const SecurityOrigin& other) const
{
- if (m_host != other->m_host)
+ if (m_host != other.m_host)
return false;
- if (m_protocol != other->m_protocol)
+ if (m_protocol != other.m_protocol)
return false;
- if (m_port != other->m_port)
+ if (m_port != other.m_port)
return false;
- if (isLocal() && !passesFileCheck(*other))
+ if (isLocal() && !passesFileCheck(other))
return false;
return true;
diff --git a/Source/WebCore/page/SecurityOrigin.h b/Source/WebCore/page/SecurityOrigin.h
index 76fa5a2..278bc4d 100644
--- a/Source/WebCore/page/SecurityOrigin.h
+++ b/Source/WebCore/page/SecurityOrigin.h
@@ -92,7 +92,7 @@
// SecurityOrigin. For example, call this function before allowing
// script from one security origin to read or write objects from
// another SecurityOrigin.
- WEBCORE_EXPORT bool canAccess(const SecurityOrigin*) const;
+ WEBCORE_EXPORT bool canAccess(const SecurityOrigin&) const;
// Returns true if this SecurityOrigin can read content retrieved from
// the given URL. For example, call this function before issuing
@@ -102,7 +102,7 @@
// Returns true if this SecurityOrigin can receive drag content from the
// initiator. For example, call this function before allowing content to be
// dropped onto a target.
- bool canReceiveDragData(const SecurityOrigin* dragInitiator) const;
+ bool canReceiveDragData(const SecurityOrigin& dragInitiator) const;
// Returns true if |document| can display content from the given URL (e.g.,
// in an iframe or as an image). For example, web sites generally cannot
@@ -194,11 +194,11 @@
// This method checks for equality, ignoring the value of document.domain
// (and whether it was set) but considering the host. It is used for postMessage.
- WEBCORE_EXPORT bool isSameSchemeHostPort(const SecurityOrigin*) const;
+ WEBCORE_EXPORT bool isSameSchemeHostPort(const SecurityOrigin&) const;
// This method implements the "same origin" algorithm from the HTML Standard:
// https://html.spec.whatwg.org/multipage/browsers.html#same-origin
- WEBCORE_EXPORT bool isSameOriginAs(const SecurityOrigin*) const;
+ WEBCORE_EXPORT bool isSameOriginAs(const SecurityOrigin&) const;
static URL urlWithUniqueSecurityOrigin();
diff --git a/Source/WebCore/page/SecurityOriginData.cpp b/Source/WebCore/page/SecurityOriginData.cpp
index 24a9d43..e2e44f0 100644
--- a/Source/WebCore/page/SecurityOriginData.cpp
+++ b/Source/WebCore/page/SecurityOriginData.cpp
@@ -63,11 +63,7 @@
if (!document)
return SecurityOriginData();
- SecurityOrigin* origin = document->securityOrigin();
- if (!origin)
- return SecurityOriginData();
-
- return SecurityOriginData::fromSecurityOrigin(*origin);
+ return SecurityOriginData::fromSecurityOrigin(document->securityOrigin());
}
Ref<SecurityOrigin> SecurityOriginData::securityOrigin() const
diff --git a/Source/WebCore/page/SecurityOriginHash.h b/Source/WebCore/page/SecurityOriginHash.h
index b7a5aef..ee2572c 100644
--- a/Source/WebCore/page/SecurityOriginHash.h
+++ b/Source/WebCore/page/SecurityOriginHash.h
@@ -53,7 +53,7 @@
{
if (!a || !b)
return a == b;
- return a->isSameSchemeHostPort(b);
+ return a->isSameSchemeHostPort(*b);
}
static bool equal(SecurityOrigin* a, const RefPtr<SecurityOrigin>& b)
{
diff --git a/Source/WebCore/page/csp/ContentSecurityPolicy.cpp b/Source/WebCore/page/csp/ContentSecurityPolicy.cpp
index f059b60..53671e5 100644
--- a/Source/WebCore/page/csp/ContentSecurityPolicy.cpp
+++ b/Source/WebCore/page/csp/ContentSecurityPolicy.cpp
@@ -592,7 +592,7 @@
return String();
if (!url.isHierarchical() || url.protocolIs("file"))
return url.protocol().toString();
- return document.securityOrigin()->canRequest(url) ? url.strippedForUseAsReferrer() : SecurityOrigin::create(url).get().toString();
+ return document.securityOrigin().canRequest(url) ? url.strippedForUseAsReferrer() : SecurityOrigin::create(url).get().toString();
}
void ContentSecurityPolicy::reportViolation(const String& violatedDirective, const ContentSecurityPolicyDirective& effectiveViolatedDirective, const URL& blockedURL, const String& consoleMessage, JSC::ExecState* state) const
diff --git a/Source/WebCore/platform/graphics/avfoundation/cf/MediaPlayerPrivateAVFoundationCF.cpp b/Source/WebCore/platform/graphics/avfoundation/cf/MediaPlayerPrivateAVFoundationCF.cpp
index 49d3509..cbd0c3c 100644
--- a/Source/WebCore/platform/graphics/avfoundation/cf/MediaPlayerPrivateAVFoundationCF.cpp
+++ b/Source/WebCore/platform/graphics/avfoundation/cf/MediaPlayerPrivateAVFoundationCF.cpp
@@ -1359,7 +1359,7 @@
Ref<SecurityOrigin> resolvedOrigin(SecurityOrigin::create(resolvedURL()));
Ref<SecurityOrigin> requestedOrigin(SecurityOrigin::createFromString(assetURL()));
- return resolvedOrigin.get().isSameSchemeHostPort(&requestedOrigin.get());
+ return resolvedOrigin->isSameSchemeHostPort(requestedOrigin.get());
}
AVFWrapper::AVFWrapper(MediaPlayerPrivateAVFoundationCF* owner)
diff --git a/Source/WebCore/platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm b/Source/WebCore/platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm
index c5b5e37a..70e6221 100644
--- a/Source/WebCore/platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm
+++ b/Source/WebCore/platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm
@@ -2232,7 +2232,7 @@
Ref<SecurityOrigin> resolvedOrigin(SecurityOrigin::create(resolvedURL()));
Ref<SecurityOrigin> requestedOrigin(SecurityOrigin::createFromString(assetURL()));
- return resolvedOrigin.get().isSameSchemeHostPort(&requestedOrigin.get());
+ return resolvedOrigin->isSameSchemeHostPort(requestedOrigin.get());
}
bool MediaPlayerPrivateAVFoundationObjC::didPassCORSAccessCheck() const
diff --git a/Source/WebCore/platform/graphics/mac/MediaPlayerPrivateQTKit.mm b/Source/WebCore/platform/graphics/mac/MediaPlayerPrivateQTKit.mm
index 968a2d8..f886e6a 100644
--- a/Source/WebCore/platform/graphics/mac/MediaPlayerPrivateQTKit.mm
+++ b/Source/WebCore/platform/graphics/mac/MediaPlayerPrivateQTKit.mm
@@ -1480,8 +1480,8 @@
if (!m_qtMovie)
return false;
- RefPtr<SecurityOrigin> resolvedOrigin = SecurityOrigin::create(URL(wkQTMovieResolvedURL(m_qtMovie.get())));
- RefPtr<SecurityOrigin> requestedOrigin = SecurityOrigin::createFromString(m_movieURL);
+ Ref<SecurityOrigin> resolvedOrigin = SecurityOrigin::create(URL(wkQTMovieResolvedURL(m_qtMovie.get())));
+ Ref<SecurityOrigin> requestedOrigin = SecurityOrigin::createFromString(m_movieURL);
return resolvedOrigin->isSameSchemeHostPort(requestedOrigin.get());
}
diff --git a/Source/WebCore/rendering/shapes/ShapeOutsideInfo.cpp b/Source/WebCore/rendering/shapes/ShapeOutsideInfo.cpp
index 4861d34..9ce6515 100644
--- a/Source/WebCore/rendering/shapes/ShapeOutsideInfo.cpp
+++ b/Source/WebCore/rendering/shapes/ShapeOutsideInfo.cpp
@@ -125,7 +125,7 @@
ASSERT(styleImage.cachedImage());
CachedImage& cachedImage = *(styleImage.cachedImage());
- if (cachedImage.isOriginClean(document.securityOrigin()))
+ if (cachedImage.isOriginClean(&document.securityOrigin()))
return true;
const URL& url = cachedImage.url();
diff --git a/Source/WebCore/replay/ReplayInputCreationMethods.cpp b/Source/WebCore/replay/ReplayInputCreationMethods.cpp
index 70d9445..f0065c7 100644
--- a/Source/WebCore/replay/ReplayInputCreationMethods.cpp
+++ b/Source/WebCore/replay/ReplayInputCreationMethods.cpp
@@ -43,7 +43,7 @@
ASSERT(mainFrame.document());
// Make sure that this is in sync with ReplayController::beginCapturing().
- RefPtr<SecurityOrigin> originCopy = mainFrame.document()->securityOrigin()->isolatedCopy();
+ RefPtr<SecurityOrigin> originCopy = mainFrame.document()->securityOrigin().isolatedCopy();
URL url = mainFrame.document()->url();
String referrer = mainFrame.loader().referrer();
return std::make_unique<InitialNavigation>(WTFMove(originCopy), url, referrer);
diff --git a/Source/WebCore/replay/ReplayInputDispatchMethods.cpp b/Source/WebCore/replay/ReplayInputDispatchMethods.cpp
index 7f3c300..044264e 100644
--- a/Source/WebCore/replay/ReplayInputDispatchMethods.cpp
+++ b/Source/WebCore/replay/ReplayInputDispatchMethods.cpp
@@ -52,7 +52,7 @@
{
auto& frame = controller.page().mainFrame();
ASSERT(frame.document());
- frame.navigationScheduler().scheduleLocationChange(*frame.document(), m_securityOrigin.get(), m_url, m_referrer);
+ frame.navigationScheduler().scheduleLocationChange(*frame.document(), *m_securityOrigin, m_url, m_referrer);
}
void HandleKeyPress::dispatch(ReplayController& controller)
diff --git a/Source/WebCore/storage/Storage.cpp b/Source/WebCore/storage/Storage.cpp
index efce635..b3e202c 100644
--- a/Source/WebCore/storage/Storage.cpp
+++ b/Source/WebCore/storage/Storage.cpp
@@ -146,7 +146,7 @@
return false;
if (m_storageArea->storageType() == LocalStorage) {
- if (SchemeRegistry::allowsLocalStorageAccessInPrivateBrowsing(m_frame->document()->securityOrigin()->protocol()))
+ if (SchemeRegistry::allowsLocalStorageAccessInPrivateBrowsing(m_frame->document()->securityOrigin().protocol()))
return false;
}
diff --git a/Source/WebCore/storage/StorageEventDispatcher.cpp b/Source/WebCore/storage/StorageEventDispatcher.cpp
index 1ba51f7..6ab08eb 100644
--- a/Source/WebCore/storage/StorageEventDispatcher.cpp
+++ b/Source/WebCore/storage/StorageEventDispatcher.cpp
@@ -49,7 +49,7 @@
// Send events only to our page.
for (Frame* frame = &page->mainFrame(); frame; frame = frame->tree().traverseNext()) {
- if (sourceFrame != frame && frame->document()->securityOrigin()->equal(securityOrigin.securityOrigin().ptr()))
+ if (sourceFrame != frame && frame->document()->securityOrigin().equal(securityOrigin.securityOrigin().ptr()))
frames.append(frame);
}
@@ -67,7 +67,7 @@
// Send events to every page.
for (auto& pageInGroup : page->group().pages()) {
for (Frame* frame = &pageInGroup->mainFrame(); frame; frame = frame->tree().traverseNext()) {
- if (sourceFrame != frame && frame->document()->securityOrigin()->equal(securityOrigin.securityOrigin().ptr()))
+ if (sourceFrame != frame && frame->document()->securityOrigin().equal(securityOrigin.securityOrigin().ptr()))
frames.append(frame);
}
}
diff --git a/Source/WebCore/storage/StorageNamespaceProvider.cpp b/Source/WebCore/storage/StorageNamespaceProvider.cpp
index 3fa16ee..95ba340 100644
--- a/Source/WebCore/storage/StorageNamespaceProvider.cpp
+++ b/Source/WebCore/storage/StorageNamespaceProvider.cpp
@@ -61,9 +61,9 @@
RefPtr<StorageArea> StorageNamespaceProvider::localStorageArea(Document& document)
{
- auto& storageNamespace = document.securityOrigin()->canAccessLocalStorage(document.topOrigin()) ? localStorageNamespace() : transientLocalStorageNamespace(*document.topOrigin());
+ auto& storageNamespace = document.securityOrigin().canAccessLocalStorage(document.topOrigin()) ? localStorageNamespace() : transientLocalStorageNamespace(*document.topOrigin());
- return storageNamespace.storageArea(SecurityOriginData::fromSecurityOrigin(*document.securityOrigin()));
+ return storageNamespace.storageArea(SecurityOriginData::fromSecurityOrigin(document.securityOrigin()));
}
StorageNamespace& StorageNamespaceProvider::localStorageNamespace()
diff --git a/Source/WebCore/testing/Internals.cpp b/Source/WebCore/testing/Internals.cpp
index da93398..965272c 100644
--- a/Source/WebCore/testing/Internals.cpp
+++ b/Source/WebCore/testing/Internals.cpp
@@ -2371,7 +2371,7 @@
Document* document = contextDocument();
if (!document || !document->page())
return;
- document->page()->applicationCacheStorage().storeUpdatedQuotaForOrigin(document->securityOrigin(), quota);
+ document->page()->applicationCacheStorage().storeUpdatedQuotaForOrigin(&document->securityOrigin(), quota);
}
void Internals::registerURLSchemeAsBypassingContentSecurityPolicy(const String& scheme)
diff --git a/Source/WebCore/xml/XSLTProcessorLibxslt.cpp b/Source/WebCore/xml/XSLTProcessorLibxslt.cpp
index 88dce9b..9ced5d1 100644
--- a/Source/WebCore/xml/XSLTProcessorLibxslt.cpp
+++ b/Source/WebCore/xml/XSLTProcessorLibxslt.cpp
@@ -124,11 +124,11 @@
RefPtr<SharedBuffer> data;
- bool requestAllowed = globalCachedResourceLoader->frame() && globalCachedResourceLoader->document()->securityOrigin()->canRequest(url);
+ bool requestAllowed = globalCachedResourceLoader->frame() && globalCachedResourceLoader->document()->securityOrigin().canRequest(url);
if (requestAllowed) {
globalCachedResourceLoader->frame()->loader().loadResourceSynchronously(url, AllowStoredCredentials, ClientCredentialPolicy::MayAskClientForCredentials, error, response, data);
if (error.isNull())
- requestAllowed = globalCachedResourceLoader->document()->securityOrigin()->canRequest(response.url());
+ requestAllowed = globalCachedResourceLoader->document()->securityOrigin().canRequest(response.url());
else if (data)
data = nullptr;
}
diff --git a/Source/WebCore/xml/parser/XMLDocumentParserLibxml2.cpp b/Source/WebCore/xml/parser/XMLDocumentParserLibxml2.cpp
index af9fc20..29cd573 100644
--- a/Source/WebCore/xml/parser/XMLDocumentParserLibxml2.cpp
+++ b/Source/WebCore/xml/parser/XMLDocumentParserLibxml2.cpp
@@ -421,7 +421,7 @@
// retrieved content. If we had more context, we could potentially allow
// the parser to load a DTD. As things stand, we take the conservative
// route and allow same-origin requests only.
- if (!XMLDocumentParserScope::currentCachedResourceLoader->document()->securityOrigin()->canRequest(url)) {
+ if (!XMLDocumentParserScope::currentCachedResourceLoader->document()->securityOrigin().canRequest(url)) {
XMLDocumentParserScope::currentCachedResourceLoader->printAccessDeniedMessage(url);
return false;
}
