Modified: trunk/Source/WebKit/gtk/ChangeLog (134338 => 134339)
--- trunk/Source/WebKit/gtk/ChangeLog 2012-11-13 02:28:56 UTC (rev 134338)
+++ trunk/Source/WebKit/gtk/ChangeLog 2012-11-13 02:47:43 UTC (rev 134339)
@@ -1,3 +1,19 @@
+2012-11-12 Josh Rickmar <jr...@devio.us>
+
+ Add WebCore::Setting to block displaying and/or running insecure content on secure pages
+ https://bugs.webkit.org/show_bug.cgi?id=58378
+
+ Reviewed by Martin Robinson.
+
+ * webkit/webkitwebsettings.cpp:
+ (webkit_web_settings_class_init):
+ (webkit_web_settings_set_property):
+ (webkit_web_settings_get_property):
+ (webkit_web_settings_copy):
+ * webkit/webkitwebview.cpp:
+ (webkit_web_view_update_settings):
+ (webkit_web_view_settings_notify):
+
2012-11-05 Simon Fraser <simon.fra...@apple.com>
Fix layer borders to cleaning appear and disappear on switching
Modified: trunk/Source/WebKit/gtk/webkit/webkitwebsettings.cpp (134338 => 134339)
--- trunk/Source/WebKit/gtk/webkit/webkitwebsettings.cpp 2012-11-13 02:28:56 UTC (rev 134338)
+++ trunk/Source/WebKit/gtk/webkit/webkitwebsettings.cpp 2012-11-13 02:47:43 UTC (rev 134339)
@@ -120,7 +120,9 @@
PROP_ENABLE_SMOOTH_SCROLLING,
PROP_MEDIA_PLAYBACK_REQUIRES_USER_GESTURE,
PROP_MEDIA_PLAYBACK_ALLOWS_INLINE,
- PROP_ENABLE_CSS_SHADERS
+ PROP_ENABLE_CSS_SHADERS,
+ PROP_ENABLE_RUNNING_OF_INSECURE_CONTENT,
+ PROP_ENABLE_DISPLAY_OF_INSECURE_CONTENT
};
static void webkit_web_settings_finalize(GObject* object);
@@ -981,6 +983,37 @@
FALSE,
flags));
+ /**
+ * WebKitWebSettings:enable-display-of-insecure-content
+ *
+ * Whether pages loaded via HTTPS should load subresources such as
+ * images and frames from non-HTTPS URLs.
+ *
+ * Since: 2.0
+ */
+ g_object_class_install_property(gobject_class,
+ PROP_ENABLE_DISPLAY_OF_INSECURE_CONTENT,
+ g_param_spec_boolean("enable-display-of-insecure-content",
+ _("Enable display of insecure content"),
+ _("Whether non-HTTPS resources can display on HTTPS pages."),
+ TRUE,
+ flags));
+
+ /**
+ * WebKitWebSettings:enable-running-of-insecure-content
+ *
+ * Whether pages loaded via HTTPS should run subresources such as
+ * CSS, scripts, and plugins from non-HTTPS URLs.
+ *
+ * Since: 2.0
+ */
+ g_object_class_install_property(gobject_class,
+ PROP_ENABLE_RUNNING_OF_INSECURE_CONTENT,
+ g_param_spec_boolean("enable-running-of-insecure-content",
+ _("Enable running of insecure content"),
+ _("Whether non-HTTPS resources can run on HTTPS pages."),
+ TRUE,
+ flags));
}
static void webkit_web_settings_init(WebKitWebSettings* web_settings)
@@ -1171,6 +1204,12 @@
case PROP_MEDIA_PLAYBACK_ALLOWS_INLINE:
priv->mediaPlaybackAllowsInline = g_value_get_boolean(value);
break;
+ case PROP_ENABLE_DISPLAY_OF_INSECURE_CONTENT:
+ priv->enableDisplayOfInsecureContent = g_value_get_boolean(value);
+ break;
+ case PROP_ENABLE_RUNNING_OF_INSECURE_CONTENT:
+ priv->enableRunningOfInsecureContent = g_value_get_boolean(value);
+ break;
default:
G_OBJECT_WARN_INVALID_PROPERTY_ID(object, prop_id, pspec);
break;
@@ -1351,6 +1390,12 @@
case PROP_MEDIA_PLAYBACK_ALLOWS_INLINE:
g_value_set_boolean(value, priv->mediaPlaybackAllowsInline);
break;
+ case PROP_ENABLE_DISPLAY_OF_INSECURE_CONTENT:
+ g_value_set_boolean(value, priv->enableDisplayOfInsecureContent);
+ break;
+ case PROP_ENABLE_RUNNING_OF_INSECURE_CONTENT:
+ g_value_set_boolean(value, priv->enableRunningOfInsecureContent);
+ break;
default:
G_OBJECT_WARN_INVALID_PROPERTY_ID(object, prop_id, pspec);
break;
Modified: trunk/Source/WebKit/gtk/webkit/webkitwebsettingsprivate.h (134338 => 134339)
--- trunk/Source/WebKit/gtk/webkit/webkitwebsettingsprivate.h 2012-11-13 02:28:56 UTC (rev 134338)
+++ trunk/Source/WebKit/gtk/webkit/webkitwebsettingsprivate.h 2012-11-13 02:47:43 UTC (rev 134339)
@@ -85,6 +85,8 @@
gboolean enableCSSShaders;
gboolean mediaPlaybackRequiresUserGesture;
gboolean mediaPlaybackAllowsInline;
+ gboolean enableDisplayOfInsecureContent;
+ gboolean enableRunningOfInsecureContent;
};
WEBKIT_API void webkit_web_settings_add_extra_plugin_directory(WebKitWebView*, const gchar* directory);
Modified: trunk/Source/WebKit/gtk/webkit/webkitwebview.cpp (134338 => 134339)
--- trunk/Source/WebKit/gtk/webkit/webkitwebview.cpp 2012-11-13 02:28:56 UTC (rev 134338)
+++ trunk/Source/WebKit/gtk/webkit/webkitwebview.cpp 2012-11-13 02:47:43 UTC (rev 134339)
@@ -3401,6 +3401,8 @@
coreSettings->setDNSPrefetchingEnabled(settingsPrivate->enableDNSPrefetching);
coreSettings->setMediaPlaybackRequiresUserGesture(settingsPrivate->mediaPlaybackRequiresUserGesture);
coreSettings->setMediaPlaybackAllowsInline(settingsPrivate->mediaPlaybackAllowsInline);
+ coreSettings->setAllowDisplayOfInsecureContent(settingsPrivate->enableDisplayOfInsecureContent);
+ coreSettings->setAllowRunningOfInsecureContent(settingsPrivate->enableRunningOfInsecureContent);
#if ENABLE(SQL_DATABASE)
AbstractDatabase::setIsAvailable(settingsPrivate->enableHTML5Database);