Title: [199900] trunk/Source/WebCore
- Revision
- 199900
- Author
- bfulg...@apple.com
- Date
- 2016-04-22 13:57:26 -0700 (Fri, 22 Apr 2016)
Log Message
Anchor element 'ping' property should only apply to http/https destinations
https://bugs.webkit.org/show_bug.cgi?id=156801
<rdar://problem/25834419>
Reviewed by Chris Dumez.
Take advantage of the hyperlink auditing language "UAs may either ignore the
ping attribute altogether, or selectively ignore URLs in the list (e.g. ignoring
any third-party URLs)" to restrict pings to http/https targets. For details, see
<https://html.spec.whatwg.org/multipage/semantics.html#hyperlink-auditing>.
Tested by http/tests/navigation/ping-attribute tests.
* loader/PingLoader.cpp:
(WebCore::PingLoader::sendPing): Ignore requests to ping anything outside the
family of HTTP protocols (http/https).
Modified Paths
Diff
Modified: trunk/Source/WebCore/ChangeLog (199899 => 199900)
--- trunk/Source/WebCore/ChangeLog 2016-04-22 20:28:44 UTC (rev 199899)
+++ trunk/Source/WebCore/ChangeLog 2016-04-22 20:57:26 UTC (rev 199900)
@@ -1,3 +1,22 @@
+2016-04-22 Brent Fulgham <bfulg...@apple.com>
+
+ Anchor element 'ping' property should only apply to http/https destinations
+ https://bugs.webkit.org/show_bug.cgi?id=156801
+ <rdar://problem/25834419>
+
+ Reviewed by Chris Dumez.
+
+ Take advantage of the hyperlink auditing language "UAs may either ignore the
+ ping attribute altogether, or selectively ignore URLs in the list (e.g. ignoring
+ any third-party URLs)" to restrict pings to http/https targets. For details, see
+ <https://html.spec.whatwg.org/multipage/semantics.html#hyperlink-auditing>.
+
+ Tested by http/tests/navigation/ping-attribute tests.
+
+ * loader/PingLoader.cpp:
+ (WebCore::PingLoader::sendPing): Ignore requests to ping anything outside the
+ family of HTTP protocols (http/https).
+
2016-04-22 Ryan Haddad <ryanhad...@apple.com>
Fix builds that do not support AVKit
Modified: trunk/Source/WebCore/loader/PingLoader.cpp (199899 => 199900)
--- trunk/Source/WebCore/loader/PingLoader.cpp 2016-04-22 20:28:44 UTC (rev 199899)
+++ trunk/Source/WebCore/loader/PingLoader.cpp 2016-04-22 20:57:26 UTC (rev 199900)
@@ -92,6 +92,9 @@
// http://www.whatwg.org/specs/web-apps/current-work/multipage/links.html#hyperlink-auditing
void PingLoader::sendPing(Frame& frame, const URL& pingURL, const URL& destinationURL)
{
+ if (!pingURL.protocolIsInHTTPFamily())
+ return;
+
ResourceRequest request(pingURL);
#if ENABLE(CONTENT_EXTENSIONS)
_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes
