WebKit Bugzilla
Attachment 370716 Details for
Bug 185550
: Add referrerpolicy attribute support for <script> elements
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
Patch
bug-185550-20190528101517.patch (text/plain), 11.58 KB, created by
Rob Buis
on 2019-05-28 01:15:18 PDT
(
hide
)
Description:
Patch
Filename:
MIME Type:
Creator:
Rob Buis
Created:
2019-05-28 01:15:18 PDT
Size:
11.58 KB
patch
obsolete
>Subversion Revision: 245803 >diff --git a/Source/WebCore/ChangeLog b/Source/WebCore/ChangeLog >index bd93c7f731b34485699086b5562394b2d486f293..ba11cf96d8a8a551cd5d6fc5be1c0a9a23992760 100644 >--- a/Source/WebCore/ChangeLog >+++ b/Source/WebCore/ChangeLog >@@ -1,3 +1,29 @@ >+2019-05-28 Rob Buis <rbuis@igalia.com> >+ >+ Add referrerpolicy attribute support for <script> elements >+ https://bugs.webkit.org/show_bug.cgi?id=185550 >+ >+ Reviewed by NOBODY (OOPS!). >+ >+ * bindings/js/CachedScriptFetcher.cpp: >+ (WebCore::CachedScriptFetcher::requestScriptWithCache const): >+ * bindings/js/CachedScriptFetcher.h: >+ * dom/LoadableClassicScript.cpp: >+ (WebCore::LoadableClassicScript::load): >+ * dom/LoadableClassicScript.h: >+ * dom/ScriptElement.cpp: >+ (WebCore::ScriptElement::requestClassicScript): >+ * dom/ScriptElement.h: >+ * html/HTMLScriptElement.cpp: >+ (WebCore::HTMLScriptElement::setReferrerPolicyForBindings): >+ (WebCore::HTMLScriptElement::referrerPolicyForBindings const): >+ (WebCore::HTMLScriptElement::referrerPolicy const): >+ * html/HTMLScriptElement.h: >+ * html/HTMLScriptElement.idl: >+ * svg/SVGScriptElement.cpp: >+ (WebCore::SVGScriptElement::referrerPolicy const): >+ * svg/SVGScriptElement.h: >+ > 2019-05-27 Takashi Komori <Takashi.Komori@sony.com> > > [CURL] Fix crashing SocketStreamHandle. >diff --git a/Source/WebCore/bindings/js/CachedScriptFetcher.cpp b/Source/WebCore/bindings/js/CachedScriptFetcher.cpp >index 7c87b23938e433e508c0fb80be9c9e6fde382103..b41d4f34b7f72f0baf207273e85c7f003abfb686 100644 >--- a/Source/WebCore/bindings/js/CachedScriptFetcher.cpp >+++ b/Source/WebCore/bindings/js/CachedScriptFetcher.cpp >@@ -45,7 +45,7 @@ CachedResourceHandle<CachedScript> CachedScriptFetcher::requestModuleScript(Docu > return requestScriptWithCache(document, sourceURL, String { }, WTFMove(integrity)); > } > >-CachedResourceHandle<CachedScript> CachedScriptFetcher::requestScriptWithCache(Document& document, const URL& sourceURL, const String& crossOriginMode, String&& integrity) const >+CachedResourceHandle<CachedScript> CachedScriptFetcher::requestScriptWithCache(Document& document, const URL& sourceURL, const String& crossOriginMode, String&& integrity, const ReferrerPolicy& policy) const > { > if (!document.settings().isScriptEnabled()) > return nullptr; >@@ -60,6 +60,8 @@ CachedResourceHandle<CachedScript> CachedScriptFetcher::requestScriptWithCache(D > auto request = createPotentialAccessControlRequest(sourceURL, document, crossOriginMode, WTFMove(options)); > request.upgradeInsecureRequestIfNeeded(document); > request.setCharset(m_charset); >+ if (policy != ReferrerPolicy::EmptyString) >+ request.updateReferrerPolicy(policy); > if (!m_initiatorName.isNull()) > request.setInitiator(m_initiatorName); > return document.cachedResourceLoader().requestScript(WTFMove(request)).value_or(nullptr); >diff --git a/Source/WebCore/bindings/js/CachedScriptFetcher.h b/Source/WebCore/bindings/js/CachedScriptFetcher.h >index d5391c697d7cf4f6f5d4079ca272ef77ea9caba7..e6bf4e07333ea65699db5e180e1555a09d013de0 100644 >--- a/Source/WebCore/bindings/js/CachedScriptFetcher.h >+++ b/Source/WebCore/bindings/js/CachedScriptFetcher.h >@@ -26,6 +26,7 @@ > #pragma once > > #include "CachedResourceHandle.h" >+#include "ReferrerPolicy.h" > #include <JavaScriptCore/ScriptFetcher.h> > #include <wtf/text/WTFString.h> > >@@ -54,7 +55,7 @@ protected: > { > } > >- CachedResourceHandle<CachedScript> requestScriptWithCache(Document&, const URL& sourceURL, const String& crossOriginMode, String&& integrity) const; >+ CachedResourceHandle<CachedScript> requestScriptWithCache(Document&, const URL& sourceURL, const String& crossOriginMode, String&& integrity, const ReferrerPolicy& = ReferrerPolicy::EmptyString) const; > > private: > String m_nonce; >diff --git a/Source/WebCore/dom/LoadableClassicScript.cpp b/Source/WebCore/dom/LoadableClassicScript.cpp >index d927e95be269a25ae4336a74b00027c1758fe48a..fa185cc9345ec7752757ac4fadf8c2c4d5fac67b 100644 >--- a/Source/WebCore/dom/LoadableClassicScript.cpp >+++ b/Source/WebCore/dom/LoadableClassicScript.cpp >@@ -123,10 +123,10 @@ void LoadableClassicScript::execute(ScriptElement& scriptElement) > scriptElement.executeClassicScript(ScriptSourceCode(m_cachedScript.get(), JSC::SourceProviderSourceType::Program, *this)); > } > >-bool LoadableClassicScript::load(Document& document, const URL& sourceURL) >+bool LoadableClassicScript::load(Document& document, const URL& sourceURL, const ReferrerPolicy& referrerPolicy) > { > ASSERT(!m_cachedScript); >- m_cachedScript = requestScriptWithCache(document, sourceURL, crossOriginMode(), String { m_integrity }); >+ m_cachedScript = requestScriptWithCache(document, sourceURL, crossOriginMode(), String { m_integrity }, referrerPolicy); > if (!m_cachedScript) > return false; > m_cachedScript->addClient(*this); >diff --git a/Source/WebCore/dom/LoadableClassicScript.h b/Source/WebCore/dom/LoadableClassicScript.h >index 067644a47d1f9d902b4e196aaeffa8a6f95d4f0f..bf1abf65974cb1fb040dd6080ccd0aad7025a93b 100644 >--- a/Source/WebCore/dom/LoadableClassicScript.h >+++ b/Source/WebCore/dom/LoadableClassicScript.h >@@ -29,6 +29,7 @@ > #include "CachedResourceHandle.h" > #include "CachedScript.h" > #include "LoadableScript.h" >+#include "ReferrerPolicy.h" > #include <wtf/TypeCasts.h> > > namespace WebCore { >@@ -52,7 +53,7 @@ public: > > void execute(ScriptElement&) final; > >- bool load(Document&, const URL&); >+ bool load(Document&, const URL&, const ReferrerPolicy&); > > private: > LoadableClassicScript(const String& nonce, const String& integrity, const String& crossOriginMode, const String& charset, const AtomicString& initiatorName, bool isInUserAgentShadowTree) >diff --git a/Source/WebCore/dom/ScriptElement.cpp b/Source/WebCore/dom/ScriptElement.cpp >index 063d64d2518518d27580f2d2dafaeca6c6c93d9d..47d879aca89ed71c0952ca573eabdd25ac947866 100644 >--- a/Source/WebCore/dom/ScriptElement.cpp >+++ b/Source/WebCore/dom/ScriptElement.cpp >@@ -288,7 +288,7 @@ bool ScriptElement::requestClassicScript(const String& sourceURL) > scriptCharset(), > m_element.localName(), > m_element.isInUserAgentShadowTree()); >- if (script->load(m_element.document(), m_element.document().completeURL(sourceURL))) { >+ if (script->load(m_element.document(), m_element.document().completeURL(sourceURL), referrerPolicy())) { > m_loadableScript = WTFMove(script); > m_isExternalScript = true; > } >diff --git a/Source/WebCore/dom/ScriptElement.h b/Source/WebCore/dom/ScriptElement.h >index ac1d7d4dff880fb32ab641d1659b1d422f96ecca..4fed24ce775d8db34feb4403cf9c186fd2943162 100644 >--- a/Source/WebCore/dom/ScriptElement.h >+++ b/Source/WebCore/dom/ScriptElement.h >@@ -23,6 +23,7 @@ > > #include "ContainerNode.h" > #include "LoadableScript.h" >+#include "ReferrerPolicy.h" > #include "UserGestureIndicator.h" > #include <wtf/MonotonicTime.h> > #include <wtf/text/TextPosition.h> >@@ -113,6 +114,7 @@ private: > virtual bool hasDeferAttribute() const = 0; > virtual bool hasSourceAttribute() const = 0; > virtual bool hasNoModuleAttribute() const = 0; >+ virtual ReferrerPolicy referrerPolicy() const = 0; > > Element& m_element; > WTF::OrdinalNumber m_startLineNumber; >diff --git a/Source/WebCore/html/HTMLScriptElement.cpp b/Source/WebCore/html/HTMLScriptElement.cpp >index 60610984024c18dcceeb02a78c380d946feeaa74..be83843e3b30865653adf91a3e31d0acfeb63458 100644 >--- a/Source/WebCore/html/HTMLScriptElement.cpp >+++ b/Source/WebCore/html/HTMLScriptElement.cpp >@@ -184,4 +184,42 @@ Ref<Element> HTMLScriptElement::cloneElementWithoutAttributesAndChildren(Documen > return adoptRef(*new HTMLScriptElement(tagQName(), targetDocument, false, alreadyStarted())); > } > >+void HTMLScriptElement::setReferrerPolicyForBindings(const AtomicString& value) >+{ >+ setAttributeWithoutSynchronization(referrerpolicyAttr, value); >+} >+ >+String HTMLScriptElement::referrerPolicyForBindings() const >+{ >+ switch (referrerPolicy()) { >+ case ReferrerPolicy::NoReferrer: >+ return "no-referrer"_s; >+ case ReferrerPolicy::UnsafeUrl: >+ return "unsafe-url"_s; >+ case ReferrerPolicy::Origin: >+ return "origin"_s; >+ case ReferrerPolicy::OriginWhenCrossOrigin: >+ return "origin-when-cross-origin"_s; >+ case ReferrerPolicy::SameOrigin: >+ return "same-origin"_s; >+ case ReferrerPolicy::StrictOrigin: >+ return "strict-origin"_s; >+ case ReferrerPolicy::StrictOriginWhenCrossOrigin: >+ return "strict-origin-when-cross-origin"_s; >+ case ReferrerPolicy::NoReferrerWhenDowngrade: >+ return "no-referrer-when-downgrade"_s; >+ case ReferrerPolicy::EmptyString: >+ return { }; >+ } >+ ASSERT_NOT_REACHED(); >+ return { }; >+} >+ >+ReferrerPolicy HTMLScriptElement::referrerPolicy() const >+{ >+ if (RuntimeEnabledFeatures::sharedFeatures().referrerPolicyAttributeEnabled()) >+ return parseReferrerPolicy(attributeWithoutSynchronization(referrerpolicyAttr), ReferrerPolicySource::ReferrerPolicyAttribute).valueOr(ReferrerPolicy::EmptyString); >+ return ReferrerPolicy::EmptyString; >+} >+ > } >diff --git a/Source/WebCore/html/HTMLScriptElement.h b/Source/WebCore/html/HTMLScriptElement.h >index bd1e3ed2f25ede6d92398715d7914793fde0f516..4a0977f34292851a8d9bfa6cdabe683bb8970372 100644 >--- a/Source/WebCore/html/HTMLScriptElement.h >+++ b/Source/WebCore/html/HTMLScriptElement.h >@@ -44,6 +44,10 @@ public: > WEBCORE_EXPORT void setCrossOrigin(const AtomicString&); > WEBCORE_EXPORT String crossOrigin() const; > >+ void setReferrerPolicyForBindings(const AtomicString&); >+ String referrerPolicyForBindings() const; >+ ReferrerPolicy referrerPolicy() const final; >+ > using HTMLElement::ref; > using HTMLElement::deref; > >diff --git a/Source/WebCore/html/HTMLScriptElement.idl b/Source/WebCore/html/HTMLScriptElement.idl >index cb9e6b14e39eec153c3bc72aafb237555f3562a4..6a7fc601fcb7c23bd5a4af0538a530219498b7e8 100644 >--- a/Source/WebCore/html/HTMLScriptElement.idl >+++ b/Source/WebCore/html/HTMLScriptElement.idl >@@ -31,4 +31,5 @@ interface HTMLScriptElement : HTMLElement { > [Reflect] attribute DOMString nonce; > [CEReactions=NotNeeded, Reflect] attribute boolean noModule; > [CEReactions=NotNeeded, Reflect, EnabledBySetting=SubresourceIntegrity] attribute DOMString integrity; >+ [EnabledAtRuntime=ReferrerPolicyAttribute, ImplementedAs=referrerPolicyForBindings, CEReactions=NotNeeded] attribute DOMString referrerPolicy; > }; >diff --git a/Source/WebCore/svg/SVGScriptElement.cpp b/Source/WebCore/svg/SVGScriptElement.cpp >index 1e09454247ea1aa5e88fc75f790523b906fb3945..7d73f3a81e3bce07cf1d02fc48f5ed45266d7be2 100644 >--- a/Source/WebCore/svg/SVGScriptElement.cpp >+++ b/Source/WebCore/svg/SVGScriptElement.cpp >@@ -101,4 +101,9 @@ Ref<Element> SVGScriptElement::cloneElementWithoutAttributesAndChildren(Document > return adoptRef(*new SVGScriptElement(tagQName(), targetDocument, false, alreadyStarted())); > } > >+ReferrerPolicy SVGScriptElement::referrerPolicy() const >+{ >+ return ReferrerPolicy::EmptyString; >+} >+ > } >diff --git a/Source/WebCore/svg/SVGScriptElement.h b/Source/WebCore/svg/SVGScriptElement.h >index f15f3b7cf6f93af148d5032a10dd2b0167afabaf..8313a2d88d12b5f2f72517cac483bb4906b98dd2 100644 >--- a/Source/WebCore/svg/SVGScriptElement.h >+++ b/Source/WebCore/svg/SVGScriptElement.h >@@ -82,6 +82,8 @@ private: > bool filterOutAnimatableAttribute(const QualifiedName& name) const final { return name == SVGNames::typeAttr; } > #endif > >+ ReferrerPolicy referrerPolicy() const final; >+ > PropertyRegistry m_propertyRegistry { *this }; > Timer m_svgLoadEventTimer; > };
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=370716">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Formatted Diff
|
Diff
Attachments on
bug 185550
:
370716
|
370751
|
370759
|
370761
|
370765
|
370768
|
370772
|
370833
|
370835
|
370870
|
370878
|
370884
|
370886
|
370889
|
370892
|
370918
|
370926
|
370928
|
370931
|
370933
|
370936
|
370939
|
374201
|
374204