Title: [188070] branches/safari-601.1.46-branch/Source/WebCore
- Revision
- 188070
- Author
- bshaf...@apple.com
- Date
- 2015-08-06 15:40:11 -0700 (Thu, 06 Aug 2015)
Log Message
Merged r188062. rdar://problem/22028179
Modified Paths
Diff
Modified: branches/safari-601.1.46-branch/Source/WebCore/ChangeLog (188069 => 188070)
--- branches/safari-601.1.46-branch/Source/WebCore/ChangeLog 2015-08-06 22:38:18 UTC (rev 188069)
+++ branches/safari-601.1.46-branch/Source/WebCore/ChangeLog 2015-08-06 22:40:11 UTC (rev 188070)
@@ -1,5 +1,28 @@
2015-08-06 Babak Shafiei <bshaf...@apple.com>
+ Merge r188062.
+
+ 2015-08-06 Eric Carlson <eric.carl...@apple.com>
+
+ Do not enforce "content-disposition: attachment" sandbox restrictions on a MediaDocument
+ https://bugs.webkit.org/show_bug.cgi?id=147734
+ rdar://problem/22028179
+
+ Reviewed by Andy Estes.
+
+ Test to follow, see https://bugs.webkit.org/show_bug.cgi?id=147735
+
+ * dom/Document.cpp:
+ (WebCore::Document::initSecurityContext): Use applyContentDispositionAttachmentSandbox
+ instead of setting sandbox flags directly.
+ (WebCore::Document::shouldEnforceContentDispositionAttachmentSandbox): Don't special
+ case MediaDocument.
+ (WebCore::Document::applyContentDispositionAttachmentSandbox): Apply sandbox flags
+ according to document type.
+ * dom/Document.h:
+
+2015-08-06 Babak Shafiei <bshaf...@apple.com>
+
Merge r188051.
2015-08-06 Eric Carlson <eric.carl...@apple.com>
Modified: branches/safari-601.1.46-branch/Source/WebCore/dom/Document.cpp (188069 => 188070)
--- branches/safari-601.1.46-branch/Source/WebCore/dom/Document.cpp 2015-08-06 22:38:18 UTC (rev 188069)
+++ branches/safari-601.1.46-branch/Source/WebCore/dom/Document.cpp 2015-08-06 22:40:11 UTC (rev 188070)
@@ -4931,7 +4931,7 @@
enforceSandboxFlags(m_frame->loader().effectiveSandboxFlags());
if (shouldEnforceContentDispositionAttachmentSandbox())
- enforceSandboxFlags(SandboxAll);
+ applyContentDispositionAttachmentSandbox();
setSecurityOriginPolicy(SecurityOriginPolicy::create(isSandboxed(SandboxOrigin) ? SecurityOrigin::createUnique() : SecurityOrigin::create(m_url)));
setContentSecurityPolicy(std::make_unique<ContentSecurityPolicy>(this));
@@ -6717,9 +6717,6 @@
if (m_isSynthesized)
return false;
- if (isMediaDocument())
- return false;
-
bool contentDispositionAttachmentSandboxEnabled = settings() && settings()->contentDispositionAttachmentSandboxEnabled();
bool responseIsAttachment = false;
if (DocumentLoader* documentLoader = m_frame ? m_frame->loader().activeDocumentLoader() : nullptr)
@@ -6728,4 +6725,14 @@
return contentDispositionAttachmentSandboxEnabled && responseIsAttachment;
}
+void Document::applyContentDispositionAttachmentSandbox()
+{
+ ASSERT(shouldEnforceContentDispositionAttachmentSandbox());
+
+ if (!isMediaDocument())
+ enforceSandboxFlags(SandboxAll);
+ else
+ enforceSandboxFlags(SandboxOrigin);
+}
+
} // namespace WebCore
Modified: branches/safari-601.1.46-branch/Source/WebCore/dom/Document.h (188069 => 188070)
--- branches/safari-601.1.46-branch/Source/WebCore/dom/Document.h 2015-08-06 22:38:18 UTC (rev 188069)
+++ branches/safari-601.1.46-branch/Source/WebCore/dom/Document.h 2015-08-06 22:40:11 UTC (rev 188070)
@@ -1278,6 +1278,7 @@
ShouldOpenExternalURLsPolicy shouldOpenExternalURLsPolicyToPropagate() const;
bool shouldEnforceContentDispositionAttachmentSandbox() const;
+ void applyContentDispositionAttachmentSandbox();
protected:
enum ConstructionFlags { Synthesized = 1, NonRenderedPlaceholder = 1 << 1 };
_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes
