Diff
Modified: trunk/LayoutTests/ChangeLog (200690 => 200691)
--- trunk/LayoutTests/ChangeLog 2016-05-11 16:25:53 UTC (rev 200690)
+++ trunk/LayoutTests/ChangeLog 2016-05-11 17:28:33 UTC (rev 200691)
@@ -1,3 +1,16 @@
+2016-05-11 Chris Dumez <cdu...@apple.com>
+
+ Unreviewed, rolling out r200686.
+
+ Caused a lot of layout test failures
+
+ Reverted changeset:
+
+ "Sites served over insecure connections should not be allowed
+ to use geolocation."
+ https://bugs.webkit.org/show_bug.cgi?id=157423
+ http://trac.webkit.org/changeset/200686
+
2016-05-11 Jer Noble <jer.no...@apple.com>
Videos allowed to play through the Main Content restriction should not pause when scrolled off-screen.
Deleted: trunk/LayoutTests/http/tests/security/geolocation-over-insecure-content.html (200690 => 200691)
--- trunk/LayoutTests/http/tests/security/geolocation-over-insecure-content.html 2016-05-11 16:25:53 UTC (rev 200690)
+++ trunk/LayoutTests/http/tests/security/geolocation-over-insecure-content.html 2016-05-11 17:28:33 UTC (rev 200691)
@@ -1,14 +0,0 @@
-<body _onload_="loaded()">
-<script>
-if (navigator.geolocation) {
- navigator.geolocation.getCurrentPosition(showPosition);
-}
-function showPosition(position) {
- console.log("Latitude: " + position.coords.latitude + "Longitude: " + position.coords.longitude);
-}
-function loaded() {
- if (window.opener)
- window.opener.postMessage('done', '*');
-}
-</script>
-</body>
Deleted: trunk/LayoutTests/http/tests/security/geolocation-over-mixed-content-block.html (200690 => 200691)
--- trunk/LayoutTests/http/tests/security/geolocation-over-mixed-content-block.html 2016-05-11 16:25:53 UTC (rev 200690)
+++ trunk/LayoutTests/http/tests/security/geolocation-over-mixed-content-block.html 2016-05-11 17:28:33 UTC (rev 200691)
@@ -1,15 +0,0 @@
-<body _onload_="loaded()">
-<script>
-if (navigator.geolocation) {
- navigator.geolocation.getCurrentPosition(showPosition);
-}
-function showPosition(position) {
- console.log("Latitude: " + position.coords.latitude + "Longitude: " + position.coords.longitude);
-}
-function loaded() {
- if (window.opener)
- window.opener.postMessage('done', '*');
-}
-</script>
-<img src=""
-</body>
Deleted: trunk/LayoutTests/http/tests/security/geolocation-over-mixed-content.html (200690 => 200691)
--- trunk/LayoutTests/http/tests/security/geolocation-over-mixed-content.html 2016-05-11 16:25:53 UTC (rev 200690)
+++ trunk/LayoutTests/http/tests/security/geolocation-over-mixed-content.html 2016-05-11 17:28:33 UTC (rev 200691)
@@ -1,15 +0,0 @@
-<body _onload_="loaded()">
-<img src=""
-<script>
-if (navigator.geolocation) {
- navigator.geolocation.getCurrentPosition(showPosition);
-}
-function showPosition(position) {
- console.log("Latitude: " + position.coords.latitude + "Longitude: " + position.coords.longitude);
-}
-function loaded() {
- if (window.opener)
- window.opener.postMessage('done', '*');
-}
-</script>
-</body>
Deleted: trunk/LayoutTests/http/tests/security/insecure-geolocation-expected.txt (200690 => 200691)
--- trunk/LayoutTests/http/tests/security/insecure-geolocation-expected.txt 2016-05-11 16:25:53 UTC (rev 200690)
+++ trunk/LayoutTests/http/tests/security/insecure-geolocation-expected.txt 2016-05-11 17:28:33 UTC (rev 200691)
@@ -1,3 +0,0 @@
-CONSOLE MESSAGE: line 4: [blocked] Access to geolocation was blocked over insecure connection to http://127.0.0.1:8080.
-
-This test loads an insecure frame that tries to access geolocation. Access to geolocation is blocked over insecure connections.
Deleted: trunk/LayoutTests/http/tests/security/insecure-geolocation.html (200690 => 200691)
--- trunk/LayoutTests/http/tests/security/insecure-geolocation.html 2016-05-11 16:25:53 UTC (rev 200690)
+++ trunk/LayoutTests/http/tests/security/insecure-geolocation.html 2016-05-11 17:28:33 UTC (rev 200691)
@@ -1,22 +0,0 @@
-<html>
-<body>
-<script>
-if (window.testRunner) {
- testRunner.waitUntilDone();
- testRunner.dumpAsText();
- testRunner.setCanOpenWindows();
- testRunner.setCloseRemainingWindowsWhenComplete(true);
-}
-window.addEventListener("message", function (e) {
- if (window.testRunner)
- testRunner.notifyDone();
-}, false);
-</script>
-<p>This test loads an insecure frame that tries to access geolocation. Access to geolocation is blocked over insecure connections.</p>
-<script>
-_onload_ = function() {
- window.open("http://127.0.0.1:8080/security/geolocation-over-insecure-content.html");
-}
-</script>
-</body>
-</html>
Deleted: trunk/LayoutTests/http/tests/security/mixedcontent-geolocation-block-insecure-content-expected.txt (200690 => 200691)
--- trunk/LayoutTests/http/tests/security/mixedcontent-geolocation-block-insecure-content-expected.txt 2016-05-11 16:25:53 UTC (rev 200690)
+++ trunk/LayoutTests/http/tests/security/mixedcontent-geolocation-block-insecure-content-expected.txt 2016-05-11 17:28:33 UTC (rev 200691)
@@ -1,3 +0,0 @@
-CONSOLE MESSAGE: line 14: [blocked] The page at https://127.0.0.1:8443/security/geolocation-over-mixed-content-block.html was not allowed to display insecure content from http://127.0.0.1:8080/security/resources/compass.jpg.
-
-This test loads a secure frame with insecure content that tries to access geolocation before loading insecure content. Access to insecure content is blocked over secure connections when geolocation is accessed.
Deleted: trunk/LayoutTests/http/tests/security/mixedcontent-geolocation-block-insecure-content.html (200690 => 200691)
--- trunk/LayoutTests/http/tests/security/mixedcontent-geolocation-block-insecure-content.html 2016-05-11 16:25:53 UTC (rev 200690)
+++ trunk/LayoutTests/http/tests/security/mixedcontent-geolocation-block-insecure-content.html 2016-05-11 17:28:33 UTC (rev 200691)
@@ -1,22 +0,0 @@
-<html>
-<body>
-<script>
-if (window.testRunner) {
- testRunner.waitUntilDone();
- testRunner.dumpAsText();
- testRunner.setCanOpenWindows();
- testRunner.setCloseRemainingWindowsWhenComplete(true);
-}
-window.addEventListener("message", function (e) {
- if (window.testRunner)
- testRunner.notifyDone();
-}, false);
-</script>
-<p>This test loads a secure frame with insecure content that tries to access geolocation before loading insecure content. Access to insecure content is blocked over secure connections when geolocation is accessed.</p>
-<script>
-_onload_ = function() {
- window.open("https://127.0.0.1:8443/security/geolocation-over-mixed-content-block.html");
-}
-</script>
-</body>
-</html>
Deleted: trunk/LayoutTests/http/tests/security/mixedcontent-geolocation-expected.txt (200690 => 200691)
--- trunk/LayoutTests/http/tests/security/mixedcontent-geolocation-expected.txt 2016-05-11 16:25:53 UTC (rev 200690)
+++ trunk/LayoutTests/http/tests/security/mixedcontent-geolocation-expected.txt 2016-05-11 17:28:33 UTC (rev 200691)
@@ -1,5 +0,0 @@
-CONSOLE MESSAGE: line 2: The page at https://127.0.0.1:8443/security/geolocation-over-mixed-content.html was allowed to display insecure content from http://127.0.0.1:8080/security/resources/compass.jpg.
-
-CONSOLE MESSAGE: line 5: [blocked] Access to geolocation was blocked over secure connection with mixed content to https://127.0.0.1:8443.
-
-This test loads a secure frame with mixed content that tries to access geolocation. Access to geolocation is blocked over secure connections with mixed content.
Deleted: trunk/LayoutTests/http/tests/security/mixedcontent-geolocation.html (200690 => 200691)
--- trunk/LayoutTests/http/tests/security/mixedcontent-geolocation.html 2016-05-11 16:25:53 UTC (rev 200690)
+++ trunk/LayoutTests/http/tests/security/mixedcontent-geolocation.html 2016-05-11 17:28:33 UTC (rev 200691)
@@ -1,22 +0,0 @@
-<html>
-<body>
-<script>
-if (window.testRunner) {
- testRunner.waitUntilDone();
- testRunner.dumpAsText();
- testRunner.setCanOpenWindows();
- testRunner.setCloseRemainingWindowsWhenComplete(true);
-}
-window.addEventListener("message", function (e) {
- if (window.testRunner)
- testRunner.notifyDone();
-}, false);
-</script>
-<p>This test loads a secure frame with mixed content that tries to access geolocation. Access to geolocation is blocked over secure connections with mixed content.</p>
-<script>
-_onload_ = function() {
- window.open("https://127.0.0.1:8443/security/geolocation-over-mixed-content.html");
-}
-</script>
-</body>
-</html>
Modified: trunk/Source/WebCore/ChangeLog (200690 => 200691)
--- trunk/Source/WebCore/ChangeLog 2016-05-11 16:25:53 UTC (rev 200690)
+++ trunk/Source/WebCore/ChangeLog 2016-05-11 17:28:33 UTC (rev 200691)
@@ -1,5 +1,18 @@
2016-05-11 Chris Dumez <cdu...@apple.com>
+ Unreviewed, rolling out r200686.
+
+ Caused a lot of layout test failures
+
+ Reverted changeset:
+
+ "Sites served over insecure connections should not be allowed
+ to use geolocation."
+ https://bugs.webkit.org/show_bug.cgi?id=157423
+ http://trac.webkit.org/changeset/200686
+
+2016-05-11 Chris Dumez <cdu...@apple.com>
+
Optimize DataDetection's searchForLinkRemovingExistingDDLinks()
https://bugs.webkit.org/show_bug.cgi?id=157561
Modified: trunk/Source/WebCore/Modules/geolocation/Geolocation.cpp (200690 => 200691)
--- trunk/Source/WebCore/Modules/geolocation/Geolocation.cpp 2016-05-11 16:25:53 UTC (rev 200690)
+++ trunk/Source/WebCore/Modules/geolocation/Geolocation.cpp 2016-05-11 17:28:33 UTC (rev 200691)
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2008-2016 Apple Inc. All Rights Reserved.
+ * Copyright (C) 2008, 2009, 2010, 2011 Apple Inc. All Rights Reserved.
* Copyright (C) 2009 Torch Mobile, Inc.
* Copyright 2010, The Android Open Source Project
*
@@ -43,7 +43,6 @@
#include "SecurityOrigin.h"
#include <wtf/CurrentTime.h>
#include <wtf/Ref.h>
-#include <wtf/text/StringBuilder.h>
namespace WebCore {
@@ -173,23 +172,6 @@
{
return true;
}
-
-static void logError(const String& target, const bool isSecure, const bool isMixedContent, Document* document)
-{
- StringBuilder message;
- message.append("[blocked] Access to geolocation was blocked over");
-
- if (!isSecure)
- message.append(" insecure connection to ");
- else if (isMixedContent)
- message.append(" secure connection with mixed content to ");
- else
- return;
-
- message.append(target);
- message.append(".\n");
- document->addConsoleMessage(MessageSource::Security, MessageLevel::Error, message.toString());
-}
void Geolocation::suspend(ReasonForSuspension reason)
{
@@ -355,24 +337,12 @@
return watchID;
}
-bool Geolocation::shouldBlockGeolocationRequests()
-{
- bool isSecure = SecurityOrigin::isSecure(document()->url());
- bool hasMixedContent = document()->foundMixedContent();
- if (securityOrigin()->canRequestGeolocation() && isSecure && !hasMixedContent)
- return false;
-
- logError(securityOrigin()->toString(), isSecure, hasMixedContent, document());
- return true;
-}
-
void Geolocation::startRequest(GeoNotifier* notifier)
{
- if (shouldBlockGeolocationRequests()) {
+ if (!securityOrigin()->canRequestGeolocation()) {
notifier->setFatalError(PositionError::create(PositionError::POSITION_UNAVAILABLE, ASCIILiteral(originCannotRequestGeolocationErrorMessage)));
return;
}
- document()->setGeolocationAccessed();
// Check whether permissions have already been denied. Note that if this is the case,
// the permission state can not change again in the lifetime of this page.
Modified: trunk/Source/WebCore/Modules/geolocation/Geolocation.h (200690 => 200691)
--- trunk/Source/WebCore/Modules/geolocation/Geolocation.h 2016-05-11 16:25:53 UTC (rev 200690)
+++ trunk/Source/WebCore/Modules/geolocation/Geolocation.h 2016-05-11 17:28:33 UTC (rev 200691)
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2008-2016 Apple Inc. All Rights Reserved.
+ * Copyright (C) 2008, 2009, 2010, 2011 Apple Inc. All Rights Reserved.
* Copyright 2010, The Android Open Source Project
*
* Redistribution and use in source and binary forms, with or without
@@ -72,7 +72,6 @@
void positionChanged();
void setError(GeolocationError*);
- bool shouldBlockGeolocationRequests();
private:
explicit Geolocation(ScriptExecutionContext*);
Modified: trunk/Source/WebCore/dom/SecurityContext.h (200690 => 200691)
--- trunk/Source/WebCore/dom/SecurityContext.h 2016-05-11 16:25:53 UTC (rev 200690)
+++ trunk/Source/WebCore/dom/SecurityContext.h 2016-05-11 17:28:33 UTC (rev 200691)
@@ -75,10 +75,6 @@
WEBCORE_EXPORT SecurityOrigin* securityOrigin() const;
static SandboxFlags parseSandboxPolicy(const String& policy, String& invalidTokensErrorMessage);
- bool foundMixedContent() const { return m_foundMixedContent; }
- void setFoundMixedContent() { m_foundMixedContent = true; }
- bool geolocationAccessed() const { return m_geolocationAccessed; }
- void setGeolocationAccessed() { m_geolocationAccessed = true; }
protected:
SecurityContext();
@@ -94,8 +90,6 @@
SandboxFlags m_sandboxFlags;
RefPtr<SecurityOriginPolicy> m_securityOriginPolicy;
std::unique_ptr<ContentSecurityPolicy> m_contentSecurityPolicy;
- bool m_foundMixedContent { false };
- bool m_geolocationAccessed { false };
};
} // namespace WebCore
Modified: trunk/Source/WebCore/loader/MixedContentChecker.cpp (200690 => 200691)
--- trunk/Source/WebCore/loader/MixedContentChecker.cpp 2016-05-11 16:25:53 UTC (rev 200690)
+++ trunk/Source/WebCore/loader/MixedContentChecker.cpp 2016-05-11 17:28:33 UTC (rev 200691)
@@ -65,13 +65,11 @@
if (!isMixedContent(securityOrigin, url))
return true;
- bool allowed = (m_frame.settings().allowDisplayOfInsecureContent() || type == ContentType::ActiveCanWarn) && !m_frame.document()->geolocationAccessed();
+ bool allowed = m_frame.settings().allowDisplayOfInsecureContent() || type == ContentType::ActiveCanWarn;
logWarning(allowed, "display", url);
- if (allowed) {
- m_frame.document()->setFoundMixedContent();
+ if (allowed)
client().didDisplayInsecureContent();
- }
return allowed;
}
@@ -81,13 +79,11 @@
if (!isMixedContent(securityOrigin, url))
return true;
- bool allowed = m_frame.settings().allowRunningOfInsecureContent() && !m_frame.document()->geolocationAccessed();
+ bool allowed = m_frame.settings().allowRunningOfInsecureContent();
logWarning(allowed, "run", url);
- if (allowed) {
- m_frame.document()->setFoundMixedContent();
+ if (allowed)
client().didRunInsecureContent(securityOrigin, url);
- }
return allowed;
}
