Bug 33806

Summary: Would like API to disallow setting of document.domain for pages with certain URL schemes
Product: WebKit Reporter: Adam Roben (:aroben) <aroben>
Component: WebKit APIAssignee: Nobody <webkit-unassigned>
Status: RESOLVED FIXED    
Severity: Normal CC: abarth, sam
Priority: P2 Keywords: InRadar
Version: 528+ (Nightly build)   
Hardware: All   
OS: All   
Attachments:
Description Flags
Add WebKit SPI to disallow setting document.domain from certain URL schemes sam: review+

Description Adam Roben (:aroben) 2010-01-18 12:40:04 PST
It would be useful to have an API to tell WebKit to disallow setting document.domain on pages with certain URL schemes.
Comment 1 Adam Roben (:aroben) 2010-01-18 12:40:40 PST
<rdar://problem/7552837>
Comment 2 Adam Roben (:aroben) 2010-01-18 13:02:50 PST
Created attachment 46839 [details]
Add WebKit SPI to disallow setting document.domain from certain URL schemes
Comment 3 Sam Weinig 2010-01-18 13:09:57 PST
Comment on attachment 46839 [details]
Add WebKit SPI to disallow setting document.domain from certain URL schemes

r=me
Comment 4 Adam Roben (:aroben) 2010-01-18 13:27:01 PST
Committed r53423: <http://trac.webkit.org/changeset/53423>
Comment 5 Adam Barth 2010-01-18 14:31:10 PST
+ if (SecurityOrigin::isDomainRelaxationForbiddenForURLScheme(securityOrigin()->protocol())) {

That line looks overly convoluted.  Why not just

if (securityOrigin()->canSetDomainFromDOM()) {

?
Comment 6 Adam Roben (:aroben) 2010-01-18 14:39:35 PST
(In reply to comment #5)
> + if
> (SecurityOrigin::isDomainRelaxationForbiddenForURLScheme(securityOrigin()->protocol()))
> {
> 
> That line looks overly convoluted.  Why not just
> 
> if (securityOrigin()->canSetDomainFromDOM()) {
> 
> ?

That seems OK to me. isDomainRelaxationForbiddenForURLScheme seemed more symmetric with setDomainRelaxationForbiddenForURLScheme, which is why I did it this way. Also, adding canSetDomainFromDOM() seems strange when all the other "can set" checks are in Document::setDomain.

But if you really think it would be better, I'm happy to change it.
Comment 7 Adam Barth 2010-01-18 14:49:34 PST
That's a good point.  We probably should really move that whole function into SecurityOrigin because it's operating on SecurityOrigin's member variable.  It should return a bool that document can then uses to decide whether to call m_frame->script()->updateSecurityOrigin().  As an added benefit, that would make the code less redundant.