Title: [208550] trunk/Source/WebCore
- Revision
- 208550
- Author
- bfulg...@apple.com
- Date
- 2016-11-10 10:54:37 -0800 (Thu, 10 Nov 2016)
Log Message
Local file restrictions should not block sessionStorage access.
https://bugs.webkit.org/show_bug.cgi?id=155609
<rdar://problem/25229461>
Reviewed by Andy Estes.
Re-landing this fix that was lost when the localStorage change was rolled out.
Use of 'sessionStorage' is governed by SecurityOrigin with third party access
set to 'ShouldAllowFromThirdParty::AlwaysAllowFromThirdParty'. We should not
reject local files for this combination of arguments.
Tested by storage/domstorage/sessionstorage/blocked-file-access.html.
* page/SecurityOrigin.cpp:
(WebCore::SecurityOrigin::canAccessStorage): For the case of sessionStorage,
allow local file access.
Modified Paths
Diff
Modified: trunk/Source/WebCore/ChangeLog (208549 => 208550)
--- trunk/Source/WebCore/ChangeLog 2016-11-10 18:50:08 UTC (rev 208549)
+++ trunk/Source/WebCore/ChangeLog 2016-11-10 18:54:37 UTC (rev 208550)
@@ -1,3 +1,23 @@
+2016-11-10 Brent Fulgham <bfulg...@apple.com>
+
+ Local file restrictions should not block sessionStorage access.
+ https://bugs.webkit.org/show_bug.cgi?id=155609
+ <rdar://problem/25229461>
+
+ Reviewed by Andy Estes.
+
+ Re-landing this fix that was lost when the localStorage change was rolled out.
+
+ Use of 'sessionStorage' is governed by SecurityOrigin with third party access
+ set to 'ShouldAllowFromThirdParty::AlwaysAllowFromThirdParty'. We should not
+ reject local files for this combination of arguments.
+
+ Tested by storage/domstorage/sessionstorage/blocked-file-access.html.
+
+ * page/SecurityOrigin.cpp:
+ (WebCore::SecurityOrigin::canAccessStorage): For the case of sessionStorage,
+ allow local file access.
+
2016-11-10 Daniel Bates <daba...@apple.com>
REGRESSION (r195004): Scripts and plugins blocked for subsequent loads in same WebContent
Modified: trunk/Source/WebCore/page/SecurityOrigin.cpp (208549 => 208550)
--- trunk/Source/WebCore/page/SecurityOrigin.cpp 2016-11-10 18:50:08 UTC (rev 208549)
+++ trunk/Source/WebCore/page/SecurityOrigin.cpp 2016-11-10 18:54:37 UTC (rev 208550)
@@ -328,7 +328,7 @@
if (isUnique())
return false;
- if (isLocal() && !needsStorageAccessFromFileURLsQuirk() && !m_universalAccess)
+ if (isLocal() && !needsStorageAccessFromFileURLsQuirk() && !m_universalAccess && shouldAllowFromThirdParty != AlwaysAllowFromThirdParty)
return false;
if (m_storageBlockingPolicy == BlockAllStorage)
_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes