[SCM] WebKit Debian packaging branch, debian/unstable, updated. debian/1.1.15-1-40151-g37bb677
darin
darin at 268f45cc-cd09-0410-ab3c-d52691b4dbfc
Sat Sep 26 07:47:00 UTC 2009
The following commit has been merged in the debian/unstable branch:
commit 542b9a27f56480ed0aef9157b6553151913c8b29
Author: darin <darin at 268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Date: Fri Jul 11 22:38:03 2003 +0000
Reviewed by Ken.
- roll in change from KHTML to remove user and password from referrer
* khtml/khtml_part.cpp: (KHTMLPart::begin): Call setUser(""), setPass(""),
and setRef(""), then also set the referrer to "" if the protocol does not
start with http.
* kwq/WebCoreBridge.mm: (-[WebCoreBridge referrer]): Remove check to exclude
file URL referrers because KHTMLPart now excludes all non-http referrers.
* kwq/KWQKURL.h: Add setUser and setPass functions. Also sort by order within
the URL so it's clear no methods are omitted.
* kwq/KWQKURL.mm:
(KURL::setUser): Added. Adds or removes the username, adding or removing
delimiters as needed. For now only the remove part is compiled in.
(KURL::setPass): Added. Adds or removes a password, adding or removing
delimiters as needed. For now only the remove part is compiled in.
* kwq/KWQString.h: Add QSTRING_NULL macro to allow us to work around the fact
that there is no global QString::null object in KWQ without having to do a
relatively ineffecient conversion from a non-constant char * of 0 each time.
We can use this anywhere QString::null appears and perhaps get some small code
savings or performance boost.
- small cleanup
* kwq/KWQTextCodec.mm: (QTextCodec::fromUnicode): Remove unneeded checks that
repeat optimizations I already put in QString.
git-svn-id: http://svn.webkit.org/repository/webkit/trunk@4628 268f45cc-cd09-0410-ab3c-d52691b4dbfc
diff --git a/WebCore/ChangeLog-2003-10-25 b/WebCore/ChangeLog-2003-10-25
index 1cc3d1c..b24f461 100644
--- a/WebCore/ChangeLog-2003-10-25
+++ b/WebCore/ChangeLog-2003-10-25
@@ -1,5 +1,37 @@
2003-07-11 Darin Adler <darin at apple.com>
+ Reviewed by Ken.
+
+ - roll in change from KHTML to remove user and password from referrer
+
+ * khtml/khtml_part.cpp: (KHTMLPart::begin): Call setUser(""), setPass(""),
+ and setRef(""), then also set the referrer to "" if the protocol does not
+ start with http.
+
+ * kwq/WebCoreBridge.mm: (-[WebCoreBridge referrer]): Remove check to exclude
+ file URL referrers because KHTMLPart now excludes all non-http referrers.
+
+ * kwq/KWQKURL.h: Add setUser and setPass functions. Also sort by order within
+ the URL so it's clear no methods are omitted.
+ * kwq/KWQKURL.mm:
+ (KURL::setUser): Added. Adds or removes the username, adding or removing
+ delimiters as needed. For now only the remove part is compiled in.
+ (KURL::setPass): Added. Adds or removes a password, adding or removing
+ delimiters as needed. For now only the remove part is compiled in.
+
+ * kwq/KWQString.h: Add QSTRING_NULL macro to allow us to work around the fact
+ that there is no global QString::null object in KWQ without having to do a
+ relatively ineffecient conversion from a non-constant char * of 0 each time.
+ We can use this anywhere QString::null appears and perhaps get some small code
+ savings or performance boost.
+
+ - small cleanup
+
+ * kwq/KWQTextCodec.mm: (QTextCodec::fromUnicode): Remove unneeded checks that
+ repeat optimizations I already put in QString.
+
+2003-07-11 Darin Adler <darin at apple.com>
+
Reviewed by Dave.
- added a function Dave needs for various work he's doing that goes
diff --git a/WebCore/ChangeLog-2005-08-23 b/WebCore/ChangeLog-2005-08-23
index 1cc3d1c..b24f461 100644
--- a/WebCore/ChangeLog-2005-08-23
+++ b/WebCore/ChangeLog-2005-08-23
@@ -1,5 +1,37 @@
2003-07-11 Darin Adler <darin at apple.com>
+ Reviewed by Ken.
+
+ - roll in change from KHTML to remove user and password from referrer
+
+ * khtml/khtml_part.cpp: (KHTMLPart::begin): Call setUser(""), setPass(""),
+ and setRef(""), then also set the referrer to "" if the protocol does not
+ start with http.
+
+ * kwq/WebCoreBridge.mm: (-[WebCoreBridge referrer]): Remove check to exclude
+ file URL referrers because KHTMLPart now excludes all non-http referrers.
+
+ * kwq/KWQKURL.h: Add setUser and setPass functions. Also sort by order within
+ the URL so it's clear no methods are omitted.
+ * kwq/KWQKURL.mm:
+ (KURL::setUser): Added. Adds or removes the username, adding or removing
+ delimiters as needed. For now only the remove part is compiled in.
+ (KURL::setPass): Added. Adds or removes a password, adding or removing
+ delimiters as needed. For now only the remove part is compiled in.
+
+ * kwq/KWQString.h: Add QSTRING_NULL macro to allow us to work around the fact
+ that there is no global QString::null object in KWQ without having to do a
+ relatively ineffecient conversion from a non-constant char * of 0 each time.
+ We can use this anywhere QString::null appears and perhaps get some small code
+ savings or performance boost.
+
+ - small cleanup
+
+ * kwq/KWQTextCodec.mm: (QTextCodec::fromUnicode): Remove unneeded checks that
+ repeat optimizations I already put in QString.
+
+2003-07-11 Darin Adler <darin at apple.com>
+
Reviewed by Dave.
- added a function Dave needs for various work he's doing that goes
diff --git a/WebCore/khtml/khtml_part.cpp b/WebCore/khtml/khtml_part.cpp
index 29f06e5..1eddc7b 100644
--- a/WebCore/khtml/khtml_part.cpp
+++ b/WebCore/khtml/khtml_part.cpp
@@ -1407,7 +1407,11 @@ void KHTMLPart::begin( const KURL &url, int xOffset, int yOffset )
args.yOffset = yOffset;
d->m_extension->setURLArgs( args );
- d->m_referrer = url.url();
+ KURL ref(url);
+ ref.setUser(QSTRING_NULL);
+ ref.setPass(QSTRING_NULL);
+ ref.setRef(QSTRING_NULL);
+ d->m_referrer = ref.protocol().startsWith("http") ? ref.url() : "";
m_url = url;
KURL baseurl;
diff --git a/WebCore/kwq/KWQKURL.h b/WebCore/kwq/KWQKURL.h
index e1e08fe..c5b3826 100644
--- a/WebCore/kwq/KWQKURL.h
+++ b/WebCore/kwq/KWQKURL.h
@@ -46,24 +46,28 @@ public:
QString canonicalURL() const;
QString url() const { return urlString; }
+
QString protocol() const;
QString host() const;
unsigned short int port() const;
- QString pass() const;
QString user() const;
+ QString pass() const;
+ QString path() const;
+ QString query() const;
QString ref() const;
bool hasRef() const;
- QString query() const;
- QString path() const;
+
QString htmlRef() const;
QString encodedHtmlRef() const;
void setProtocol(const QString &);
void setHost(const QString &);
void setPort(unsigned short int);
- void setRef(const QString &);
- void setQuery(const QString &, int encoding_hint=0);
+ void setUser(const QString &);
+ void setPass(const QString &);
void setPath(const QString &);
+ void setQuery(const QString &, int encoding_hint=0);
+ void setRef(const QString &);
QString prettyURL() const;
diff --git a/WebCore/kwq/KWQKURL.mm b/WebCore/kwq/KWQKURL.mm
index 6ccf40c..6e17fb3 100644
--- a/WebCore/kwq/KWQKURL.mm
+++ b/WebCore/kwq/KWQKURL.mm
@@ -593,6 +593,64 @@ void KURL::setPort(unsigned short i)
}
}
+void KURL::setUser(const QString &user)
+{
+ if (m_isValid) {
+ QString u;
+ int end = userEndPos;
+ if (!user.isEmpty()) {
+ // Untested code, but this is never used.
+ ASSERT_NOT_REACHED();
+#if 0
+ u = user;
+ if (userStartPos == schemeEndPos + 1) {
+ u = "//" + u;
+ }
+ // Add '@' if we didn't have one before.
+ if (end == hostEndPos || (end == passwordEndPos && urlString[end] != '@')) {
+ u += '@';
+ }
+#endif
+ } else {
+ // Remove '@' if we now have neither user nor password.
+ if (userEndPos == passwordEndPos && end != hostEndPos && urlString[end] == '@') {
+ end += 1;
+ }
+ }
+ const QString newURL = urlString.left(userStartPos) + u + urlString.mid(end);
+ parse(newURL.ascii(), &newURL);
+ }
+}
+
+void KURL::setPass(const QString &password)
+{
+ if (m_isValid) {
+ QString p;
+ int end = passwordEndPos;
+ if (!password.isEmpty()) {
+ // Untested code, but this is never used.
+ ASSERT_NOT_REACHED();
+#if 0
+ p = ':' + password + '@';
+ if (userEndPos == schemeEndPos + 1) {
+ p = "//" + p;
+ }
+ // Eat the existing '@' since we are going to add our own.
+ if (end != hostEndPos && urlString[end] == '@') {
+ end += 1;
+ }
+#endif
+ } else {
+ // Remove '@' if we now have neither user nor password.
+ if (userStartPos == userEndPos && end != hostEndPos && urlString[end] == '@') {
+ end += 1;
+ }
+ }
+ const QString newURL = urlString.left(userEndPos) + p + urlString.mid(end);
+ parse(newURL.ascii(), &newURL);
+ }
+}
+
void KURL::setRef(const QString &s)
{
if (m_isValid) {
@@ -603,8 +661,8 @@ void KURL::setRef(const QString &s)
void KURL::setQuery(const QString &query, int encoding_hint)
{
- QString q;
if (m_isValid) {
+ QString q;
if (!query.isEmpty() && query[0] != '?') {
q = "?" + query;
} else {
diff --git a/WebCore/kwq/KWQString.h b/WebCore/kwq/KWQString.h
index 6fd7aa6..0566f2d 100644
--- a/WebCore/kwq/KWQString.h
+++ b/WebCore/kwq/KWQString.h
@@ -330,6 +330,8 @@ struct KWQStringData {
char _internalBuffer[QS_INTERNAL_BUFFER_SIZE]; // Pad out to a (((size + 1) & ~15) + 14) size
};
+#define QSTRING_NULL QString()
+
class QString {
public:
static const char * const null; // not a QString as in Qt (can't have static constructor), but close enough to be compatible in most cases
diff --git a/WebCore/kwq/KWQTextCodec.mm b/WebCore/kwq/KWQTextCodec.mm
index 089bcf5..0024f46 100644
--- a/WebCore/kwq/KWQTextCodec.mm
+++ b/WebCore/kwq/KWQTextCodec.mm
@@ -136,16 +136,9 @@ QCString QTextCodec::fromUnicode(const QString &qcs) const
// FIXME: Since there's no "force ASCII range" mode in CFString, we change the backslash into a yen sign.
// Encoding will change the yen sign back into a backslash.
- QString copy;
- bool usingCopy = false;
- QChar currencySymbol = backslashAsCurrencySymbol();
- if (currencySymbol != '\\' && qcs.find('\\') != -1) {
- usingCopy = true;
- copy = qcs;
- copy.replace('\\', currencySymbol);
- }
-
- CFStringRef cfs = usingCopy ? copy.getCFString() : qcs.getCFString();
+ QString copy = qcs;
+ copy.replace('\\', backslashAsCurrencySymbol());
+ CFStringRef cfs = copy.getCFString();
CFRange range = CFRangeMake(0, CFStringGetLength(cfs));
CFIndex bufferLength;
diff --git a/WebCore/kwq/WebCoreBridge.mm b/WebCore/kwq/WebCoreBridge.mm
index 360611a..20ed82a 100644
--- a/WebCore/kwq/WebCoreBridge.mm
+++ b/WebCore/kwq/WebCoreBridge.mm
@@ -903,10 +903,7 @@ static HTMLFormElementImpl *formElementFromDOMElement(id <WebDOMElement>element)
- (NSString *)referrer
{
- // Do not allow file URLs to be used as referrers as that is potentially a security issue
- NSString *referrer = _part->referrer().getNSString();
- BOOL isFileURL = [referrer rangeOfString:@"file:" options:(NSCaseInsensitiveSearch | NSAnchoredSearch)].location != NSNotFound;
- return isFileURL ? nil : referrer;
+ return _part->referrer().getNSString();
}
- (int)frameBorderStyle
--
WebKit Debian packaging
More information about the Pkg-webkit-commits
mailing list