WebKit1: Add a way to blacklist specific plug-ins/plug-in versions https://bugs.webkit.org/show_bug.cgi?id=86150 <rdar://problem/9551196> Reviewed by Sam Weinig. Source/WebCore: * English.lproj/Localizable.strings: Update. * loader/SubframeLoader.cpp: (WebCore::SubframeLoader::loadPlugin): It is possible that the client has already set the unavailability reason so don't try to set it twice. * platform/LocalizedStrings.cpp: (WebCore::insecurePluginVersionText): * platform/LocalizedStrings.h: Add insecure plug-in version text. * rendering/RenderEmbeddedObject.cpp: (WebCore::RenderEmbeddedObject::unavailablePluginReplacementText): * rendering/RenderEmbeddedObject.h: Add InsecurePluginVersion unavailability reason. Source/WebKit/mac: * Misc/WebKitErrors.h: Add WebKitErrorInsecurePlugInVersion enum. * Plugins/WebBasePluginPackage.h: * Plugins/WebBasePluginPackage.mm: (-[WebBasePluginPackage bundleIdentifier]): (-[WebBasePluginPackage bundleVersion]): Add bundleIdentifier and bundleVersion getters. * WebCoreSupport/WebFrameLoaderClient.mm: (WebFrameLoaderClient::createPlugin): Check if the plug-in is blocked. If it is, set the unavailability reason and the error code. WebKitLibraries: Add WKShouldBlockPlugin. * WebKitSystemInterface.h: * libWebKitSystemInterfaceLion.a: * libWebKitSystemInterfaceSnowLeopard.a: git-svn-id: http://svn.webkit.org/repository/webkit/trunk@116695 268f45cc-cd09-0410-ab3c-d52691b4dbfc

commit: 740bf7e47dd6743f44f7f3d036ae1ea9de762246 [log] [tgz]
author: andersca@apple.com <andersca@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc> Thu May 10 22:45:41 2012 +0000
committer: andersca@apple.com <andersca@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc> Thu May 10 22:45:41 2012 +0000
tree: f72f4df1c547da7862f136cdf9e79ab315448a5c
parent: 981501ea4e7f4a859e024fa03ad840c3fb3b4498 [diff]
diff --git a/Source/WebCore/ChangeLog b/Source/WebCore/ChangeLog
index d0a5aec..6ff81e2 100644
--- a/Source/WebCore/ChangeLog
+++ b/Source/WebCore/ChangeLog

@@ -1,3 +1,28 @@
+2012-05-10  Anders Carlsson  <andersca@apple.com>
+
+        WebKit1: Add a way to blacklist specific plug-ins/plug-in versions
+        https://bugs.webkit.org/show_bug.cgi?id=86150
+        <rdar://problem/9551196>
+
+        Reviewed by Sam Weinig.
+
+        * English.lproj/Localizable.strings:
+        Update.
+
+        * loader/SubframeLoader.cpp:
+        (WebCore::SubframeLoader::loadPlugin):
+        It is possible that the client has already set the unavailability reason so don't try to set it twice.
+
+        * platform/LocalizedStrings.cpp:
+        (WebCore::insecurePluginVersionText):
+        * platform/LocalizedStrings.h:
+        Add insecure plug-in version text.
+
+        * rendering/RenderEmbeddedObject.cpp:
+        (WebCore::RenderEmbeddedObject::unavailablePluginReplacementText):
+        * rendering/RenderEmbeddedObject.h:
+        Add InsecurePluginVersion unavailability reason.
+
 2012-05-10  Eric Seidel  <eric@webkit.org>
 
         Make IFRAME_SEAMLESS child documents inherit styles from their parent iframe element

diff --git a/Source/WebCore/English.lproj/Localizable.strings b/Source/WebCore/English.lproj/Localizable.strings
index ca3e1e9..6a3864a 100644
--- a/Source/WebCore/English.lproj/Localizable.strings
+++ b/Source/WebCore/English.lproj/Localizable.strings
Binary files differ

diff --git a/Source/WebCore/loader/SubframeLoader.cpp b/Source/WebCore/loader/SubframeLoader.cpp
index a23c462..5153f4e 100644
--- a/Source/WebCore/loader/SubframeLoader.cpp
+++ b/Source/WebCore/loader/SubframeLoader.cpp

@@ -376,7 +376,8 @@
         pluginElement, url, paramNames, paramValues, mimeType, loadManually);
 
     if (!widget) {
-        renderer->setPluginUnavailabilityReason(RenderEmbeddedObject::PluginMissing);
+        if (!renderer->showsUnavailablePluginIndicator())
+            renderer->setPluginUnavailabilityReason(RenderEmbeddedObject::PluginMissing);
         return false;
     }
 

diff --git a/Source/WebCore/platform/LocalizedStrings.cpp b/Source/WebCore/platform/LocalizedStrings.cpp
index 24c9aa4..3cb519c 100644
--- a/Source/WebCore/platform/LocalizedStrings.cpp
+++ b/Source/WebCore/platform/LocalizedStrings.cpp

@@ -673,6 +673,11 @@
     return WEB_UI_STRING("Plug-in Failure", "Label text to be used if plugin host process has crashed");
 }
 
+String insecurePluginVersionText()
+{
+    return WEB_UI_STRING("Insecure Plug-In Version", "Label text to be used when an insecure plug-in version was blocked from loading");
+}
+
 String multipleFileUploadText(unsigned numberOfFiles)
 {
     return formatLocalizedString(WEB_UI_STRING("%d files", "Label to describe the number of files selected in a file upload control that allows multiple files"), numberOfFiles);

diff --git a/Source/WebCore/platform/LocalizedStrings.h b/Source/WebCore/platform/LocalizedStrings.h
index cda8bd6..fe6686d 100644
--- a/Source/WebCore/platform/LocalizedStrings.h
+++ b/Source/WebCore/platform/LocalizedStrings.h

@@ -167,6 +167,7 @@
 
     String missingPluginText();
     String crashedPluginText();
+    String insecurePluginVersionText();
     String multipleFileUploadText(unsigned numberOfFiles);
     String unknownFileSizeText();
 

diff --git a/Source/WebCore/rendering/RenderEmbeddedObject.cpp b/Source/WebCore/rendering/RenderEmbeddedObject.cpp
index d0f14bd..55cfcfd 100644
--- a/Source/WebCore/rendering/RenderEmbeddedObject.cpp
+++ b/Source/WebCore/rendering/RenderEmbeddedObject.cpp

@@ -214,6 +214,8 @@
         return missingPluginText();
     case PluginCrashed:
         return crashedPluginText();
+    case InsecurePluginVersion:
+        return insecurePluginVersionText();
     }
 
     ASSERT_NOT_REACHED();

diff --git a/Source/WebCore/rendering/RenderEmbeddedObject.h b/Source/WebCore/rendering/RenderEmbeddedObject.h
index f7428f4..3564ff2 100644
--- a/Source/WebCore/rendering/RenderEmbeddedObject.h
+++ b/Source/WebCore/rendering/RenderEmbeddedObject.h

@@ -39,6 +39,7 @@
     enum PluginUnavailabilityReason {
         PluginMissing,
         PluginCrashed,
+        InsecurePluginVersion
     };
     void setPluginUnavailabilityReason(PluginUnavailabilityReason);
     bool showsUnavailablePluginIndicator() const;

diff --git a/Source/WebKit/mac/ChangeLog b/Source/WebKit/mac/ChangeLog
index cb19b0e..d234aded 100644
--- a/Source/WebKit/mac/ChangeLog
+++ b/Source/WebKit/mac/ChangeLog

@@ -1,5 +1,26 @@
 2012-05-10  Anders Carlsson  <andersca@apple.com>
 
+        WebKit1: Add a way to blacklist specific plug-ins/plug-in versions
+        https://bugs.webkit.org/show_bug.cgi?id=86150
+        <rdar://problem/9551196>
+
+        Reviewed by Sam Weinig.
+
+        * Misc/WebKitErrors.h:
+        Add WebKitErrorInsecurePlugInVersion enum.
+
+        * Plugins/WebBasePluginPackage.h:
+        * Plugins/WebBasePluginPackage.mm:
+        (-[WebBasePluginPackage bundleIdentifier]):
+        (-[WebBasePluginPackage bundleVersion]):
+        Add bundleIdentifier and bundleVersion getters.
+
+        * WebCoreSupport/WebFrameLoaderClient.mm:
+        (WebFrameLoaderClient::createPlugin):
+        Check if the plug-in is blocked. If it is, set the unavailability reason and the error code.
+
+2012-05-10  Anders Carlsson  <andersca@apple.com>
+
         Rename the missing plug-in indicator to the unavailable plug-in indicator
         https://bugs.webkit.org/show_bug.cgi?id=86136
 

diff --git a/Source/WebKit/mac/Misc/WebKitErrors.h b/Source/WebKit/mac/Misc/WebKitErrors.h
index e4cbdcc..ec47fe6 100644
--- a/Source/WebKit/mac/Misc/WebKitErrors.h
+++ b/Source/WebKit/mac/Misc/WebKitErrors.h

@@ -56,4 +56,5 @@
     WebKitErrorCannotFindPlugIn =                               200,
     WebKitErrorCannotLoadPlugIn =                               201,
     WebKitErrorJavaUnavailable =                                202,
+    WebKitErrorInsecurePlugInVersion =                          203,
 };

diff --git a/Source/WebKit/mac/Plugins/WebBasePluginPackage.h b/Source/WebKit/mac/Plugins/WebBasePluginPackage.h
index a42a82e..cf88464 100644
--- a/Source/WebKit/mac/Plugins/WebBasePluginPackage.h
+++ b/Source/WebKit/mac/Plugins/WebBasePluginPackage.h

@@ -77,7 +77,8 @@
 
 - (const WebCore::PluginInfo&)pluginInfo;
 
-- (WTF::String)bundleIdentifier;
+- (String)bundleIdentifier;
+- (String)bundleVersion;
 
 - (BOOL)supportsExtension:(const WTF::String&)extension;
 - (BOOL)supportsMIMEType:(const WTF::String&)MIMEType;

diff --git a/Source/WebKit/mac/Plugins/WebBasePluginPackage.mm b/Source/WebKit/mac/Plugins/WebBasePluginPackage.mm
index 1d1409e..e4cd858 100644
--- a/Source/WebKit/mac/Plugins/WebBasePluginPackage.mm
+++ b/Source/WebKit/mac/Plugins/WebBasePluginPackage.mm

@@ -463,11 +463,24 @@
     [pluginDatabases removeObject:database];
 }
 
-- (WTF::String)bundleIdentifier
+- (String)bundleIdentifier
 {
     return CFBundleGetIdentifier(cfBundle.get());
 }
 
+- (String)bundleVersion
+{
+    CFDictionaryRef infoDictionary = CFBundleGetInfoDictionary(cfBundle.get());
+    if (!infoDictionary)
+        return String();
+
+    CFTypeRef bundleVersionString = CFDictionaryGetValue(infoDictionary, kCFBundleVersionKey);
+    if (!bundleVersionString || CFGetTypeID(bundleVersionString) != CFStringGetTypeID())
+        return String();
+
+    return reinterpret_cast<CFStringRef>(bundleVersionString);
+}
+
 @end
 
 @implementation NSArray (WebPluginExtensions)

diff --git a/Source/WebKit/mac/WebCoreSupport/WebFrameLoaderClient.mm b/Source/WebKit/mac/WebCoreSupport/WebFrameLoaderClient.mm
index b8ac274..f787bfb 100644
--- a/Source/WebKit/mac/WebCoreSupport/WebFrameLoaderClient.mm
+++ b/Source/WebKit/mac/WebCoreSupport/WebFrameLoaderClient.mm

@@ -1665,25 +1665,31 @@
     NSView *view = nil;
 
     if (pluginPackage) {
-        if ([pluginPackage isKindOfClass:[WebPluginPackage class]])
-            view = pluginView(m_webFrame.get(), (WebPluginPackage *)pluginPackage, attributeKeys, kit(paramValues), baseURL, kit(element), loadManually);
-            
+        if (!WKShouldBlockPlugin([pluginPackage bundleIdentifier], [pluginPackage bundleVersion])) {
+            if ([pluginPackage isKindOfClass:[WebPluginPackage class]])
+                view = pluginView(m_webFrame.get(), (WebPluginPackage *)pluginPackage, attributeKeys, kit(paramValues), baseURL, kit(element), loadManually);
+
 #if ENABLE(NETSCAPE_PLUGIN_API)
-        else if ([pluginPackage isKindOfClass:[WebNetscapePluginPackage class]]) {
-            WebBaseNetscapePluginView *pluginView = [[[NETSCAPE_PLUGIN_VIEW alloc]
-                initWithFrame:NSMakeRect(0, 0, size.width(), size.height())
-                pluginPackage:(WebNetscapePluginPackage *)pluginPackage
-                URL:pluginURL
-                baseURL:baseURL
-                MIMEType:MIMEType
-                attributeKeys:attributeKeys
-                attributeValues:kit(paramValues)
-                loadManually:loadManually
-                element:element] autorelease];
-            
-            return adoptRef(new NetscapePluginWidget(pluginView));
-        } 
+            else if ([pluginPackage isKindOfClass:[WebNetscapePluginPackage class]]) {
+                WebBaseNetscapePluginView *pluginView = [[[NETSCAPE_PLUGIN_VIEW alloc]
+                    initWithFrame:NSMakeRect(0, 0, size.width(), size.height())
+                    pluginPackage:(WebNetscapePluginPackage *)pluginPackage
+                    URL:pluginURL
+                    baseURL:baseURL
+                    MIMEType:MIMEType
+                    attributeKeys:attributeKeys
+                    attributeValues:kit(paramValues)
+                    loadManually:loadManually
+                    element:element] autorelease];
+
+                return adoptRef(new NetscapePluginWidget(pluginView));
+            }
 #endif
+        } else {
+            errorCode = WebKitErrorInsecurePlugInVersion;
+            if (element->renderer()->isEmbeddedObject())
+                toRenderEmbeddedObject(element->renderer())->setPluginUnavailabilityReason(RenderEmbeddedObject::InsecurePluginVersion);
+        }
     } else
         errorCode = WebKitErrorCannotFindPlugIn;
 

diff --git a/WebKitLibraries/ChangeLog b/WebKitLibraries/ChangeLog
index 2f63236..e8f0584 100644
--- a/WebKitLibraries/ChangeLog
+++ b/WebKitLibraries/ChangeLog

@@ -1,3 +1,17 @@
+2012-05-10  Anders Carlsson  <andersca@apple.com>
+
+        WebKit1: Add a way to blacklist specific plug-ins/plug-in versions
+        https://bugs.webkit.org/show_bug.cgi?id=86150
+        <rdar://problem/9551196>
+
+        Reviewed by Sam Weinig.
+
+        Add WKShouldBlockPlugin.
+
+        * WebKitSystemInterface.h:
+        * libWebKitSystemInterfaceLion.a:
+        * libWebKitSystemInterfaceSnowLeopard.a:
+
 2012-05-08  Jon Lee  <jonlee@apple.com>
 
         Safari warns that it needs to resend the form in an iFrame when going back

diff --git a/WebKitLibraries/WebKitSystemInterface.h b/WebKitLibraries/WebKitSystemInterface.h
index f43b30d..0351a8e 100644
--- a/WebKitLibraries/WebKitSystemInterface.h
+++ b/WebKitLibraries/WebKitSystemInterface.h

@@ -92,6 +92,7 @@
 AXUIElementRef WKCreateAXUIElementRef(id element);
 void WKUnregisterUniqueIdForElement(id element);
 
+BOOL WKShouldBlockPlugin(NSString *bundleIdentifier, NSString *bundleVersionString);
 
 #if MAC_OS_X_VERSION_MIN_REQUIRED >= 1060
 // Remote Accessibility API.

diff --git a/WebKitLibraries/libWebKitSystemInterfaceLion.a b/WebKitLibraries/libWebKitSystemInterfaceLion.a
index 43cdad5..0252234 100644
--- a/WebKitLibraries/libWebKitSystemInterfaceLion.a
+++ b/WebKitLibraries/libWebKitSystemInterfaceLion.a
Binary files differ

diff --git a/WebKitLibraries/libWebKitSystemInterfaceSnowLeopard.a b/WebKitLibraries/libWebKitSystemInterfaceSnowLeopard.a
index baff54a..c59fc98 100644
--- a/WebKitLibraries/libWebKitSystemInterfaceSnowLeopard.a
+++ b/WebKitLibraries/libWebKitSystemInterfaceSnowLeopard.a
Binary files differ
commit	740bf7e47dd6743f44f7f3d036ae1ea9de762246	[log] [tgz]
author	andersca@apple.com <andersca@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>	Thu May 10 22:45:41 2012 +0000
committer	andersca@apple.com <andersca@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>	Thu May 10 22:45:41 2012 +0000
tree	f72f4df1c547da7862f136cdf9e79ab315448a5c
parent	981501ea4e7f4a859e024fa03ad840c3fb3b4498 [diff]