[epiphany/wip/security-origins: 3/8] Use security origins rather than hosts for permission requests
- From: Michael Catanzaro <mcatanzaro src gnome org>
- To: commits-list gnome org
- Cc:
- Subject: [epiphany/wip/security-origins: 3/8] Use security origins rather than hosts for permission requests
- Date: Fri, 30 Dec 2016 17:19:01 +0000 (UTC)
commit a78c4b672aac8a3a47087ba665a11135200d050d
Author: Michael Catanzaro <mcatanzaro gnome org>
Date: Thu Dec 29 15:23:10 2016 -0600
Use security origins rather than hosts for permission requests
They're still fed into a host manager that translates the security
origins into hosts, so there should be no real behavior change here.
Next step is to make the host manager aware of security origins.
embed/ephy-embed-shell.c | 6 ++--
embed/ephy-web-view.c | 39 +++++++++++++++--------------
embed/web-extension/ephy-web-extension.c | 39 +++++++++++++++++++++--------
3 files changed, 51 insertions(+), 33 deletions(-)
---
diff --git a/embed/ephy-embed-shell.c b/embed/ephy-embed-shell.c
index 2778773..af23969 100644
--- a/embed/ephy-embed-shell.c
+++ b/embed/ephy-embed-shell.c
@@ -146,7 +146,7 @@ web_extension_form_auth_data_message_received_cb (WebKitUserContentManager *mana
{
guint request_id;
guint64 page_id;
- const char *hostname;
+ const char *origin;
const char *username;
GVariant *variant;
gchar *message_str;
@@ -155,9 +155,9 @@ web_extension_form_auth_data_message_received_cb (WebKitUserContentManager *mana
variant = g_variant_parse (G_VARIANT_TYPE ("(utss)"), message_str, NULL, NULL, NULL);
g_free (message_str);
- g_variant_get (variant, "(ut&s&s)", &request_id, &page_id, &hostname, &username);
+ g_variant_get (variant, "(ut&s&s)", &request_id, &page_id, &origin, &username);
g_signal_emit (shell, signals[FORM_AUTH_DATA_SAVE_REQUESTED], 0,
- request_id, page_id, hostname, username);
+ request_id, page_id, origin, username);
g_variant_unref (variant);
}
diff --git a/embed/ephy-web-view.c b/embed/ephy-web-view.c
index 4cf7a72..37754fc 100644
--- a/embed/ephy-web-view.c
+++ b/embed/ephy-web-view.c
@@ -514,7 +514,7 @@ track_info_bar (GtkWidget *new_info_bar,
static GtkWidget *
ephy_web_view_create_form_auth_save_confirmation_info_bar (EphyWebView *web_view,
- const char *hostname,
+ const char *origin,
const char *username)
{
GtkWidget *info_bar;
@@ -538,8 +538,7 @@ ephy_web_view_create_form_auth_save_confirmation_info_bar (EphyWebView *web_view
/* Translators: The %s the hostname where this is happening.
* Example: mail.google.com.
*/
- message = g_markup_printf_escaped (_("Do you want to save your password for ā%sā?"),
- hostname);
+ message = g_markup_printf_escaped (_("Do you want to save your password for ā%sā?"), origin);
gtk_label_set_markup (GTK_LABEL (label), message);
gtk_label_set_line_wrap (GTK_LABEL (label), TRUE);
g_free (message);
@@ -683,7 +682,7 @@ icon_changed_cb (EphyWebView *view,
typedef struct {
EphyWebView *web_view;
guint request_id;
- char *host;
+ char *origin;
} FormAuthRequestData;
static void
@@ -705,11 +704,11 @@ form_auth_data_save_confirmation_response (GtkInfoBar *info_bar,
ephy_hosts_manager_set_permission_for_address (manager,
EPHY_HOST_PERMISSION_TYPE_SAVE_PASSWORD,
- data->host,
+ data->origin,
EPHY_HOST_PERMISSION_DENY);
}
- g_free (data->host);
+ g_free (data->origin);
g_slice_free (FormAuthRequestData, data);
}
@@ -717,7 +716,7 @@ static void
form_auth_data_save_requested (EphyEmbedShell *shell,
guint request_id,
guint64 page_id,
- const char *hostname,
+ const char *origin,
const char *username,
EphyWebView *web_view)
{
@@ -734,11 +733,11 @@ form_auth_data_save_requested (EphyEmbedShell *shell,
return;
}
- info_bar = ephy_web_view_create_form_auth_save_confirmation_info_bar (web_view, hostname, username);
+ info_bar = ephy_web_view_create_form_auth_save_confirmation_info_bar (web_view, origin, username);
data = g_slice_new (FormAuthRequestData);
data->web_view = web_view;
data->request_id = request_id;
- data->host = g_strdup (hostname);
+ data->origin = g_strdup (origin);
g_signal_connect (info_bar, "response",
G_CALLBACK (form_auth_data_save_confirmation_response),
data);
@@ -1275,7 +1274,7 @@ decide_policy_cb (WebKitWebView *web_view,
typedef struct {
EphyWebView *web_view;
WebKitPermissionRequest *request;
- char *host;
+ char *origin;
} PermissionRequestData;
static void
@@ -1319,14 +1318,14 @@ decide_on_permission_request (GtkWidget *info_bar,
ephy_hosts_manager_set_permission_for_address (hosts_manager,
permission_type,
- data->host,
+ data->origin,
response == GTK_RESPONSE_YES ? EPHY_HOST_PERMISSION_ALLOW
: EPHY_HOST_PERMISSION_DENY);
}
gtk_widget_destroy (info_bar);
g_object_unref (data->request);
- g_free (data->host);
+ g_free (data->origin);
g_slice_free (PermissionRequestData, data);
}
@@ -1341,7 +1340,7 @@ show_permission_request_info_bar (WebKitWebView *web_view,
GtkWidget *content_area;
GtkWidget *label;
char *message;
- char *host;
+ char *origin;
info_bar = gtk_info_bar_new_with_buttons (_("Deny"), GTK_RESPONSE_NO,
_("Allow"), GTK_RESPONSE_YES,
@@ -1352,28 +1351,30 @@ show_permission_request_info_bar (WebKitWebView *web_view,
GTK_ORIENTATION_HORIZONTAL);
/* Label */
- host = ephy_string_get_host_name (webkit_web_view_get_uri (web_view));
+ origin = ephy_uri_to_security_origin (webkit_web_view_get_uri (web_view));
+ if (origin == NULL)
+ return;
switch (permission_type) {
case EPHY_HOST_PERMISSION_TYPE_SHOW_NOTIFICATIONS:
/* Translators: Notification policy for a specific site. */
message = g_markup_printf_escaped (_("The page at <b>%s</b> wants to show desktop notifications."),
- host);
+ origin);
break;
case EPHY_HOST_PERMISSION_TYPE_ACCESS_LOCATION:
/* Translators: Geolocation policy for a specific site. */
message = g_markup_printf_escaped (_("The page at <b>%s</b> wants to know your location."),
- host);
+ origin);
break;
case EPHY_HOST_PERMISSION_TYPE_ACCESS_MICROPHONE:
/* Translators: Microphone policy for a specific site. */
message = g_markup_printf_escaped (_("The page at <b>%s</b> wants to use your microphone."),
- host);
+ origin);
break;
case EPHY_HOST_PERMISSION_TYPE_ACCESS_WEBCAM:
/* Translators: Webcam policy for a specific site. */
message = g_markup_printf_escaped (_("The page at <b>%s</b> wants to use your webcam."),
- host);
+ origin);
break;
case EPHY_HOST_PERMISSION_TYPE_SAVE_PASSWORD:
default:
@@ -1395,7 +1396,7 @@ show_permission_request_info_bar (WebKitWebView *web_view,
data = g_new (PermissionRequestData, 1);
data->web_view = EPHY_WEB_VIEW (web_view);
data->request = g_object_ref (decision);
- data->host = host;
+ data->origin = origin;
g_signal_connect (info_bar, "response",
G_CALLBACK (decide_on_permission_request),
diff --git a/embed/web-extension/ephy-web-extension.c b/embed/web-extension/ephy-web-extension.c
index 81ab6f3..d403f80 100644
--- a/embed/web-extension/ephy-web-extension.c
+++ b/embed/web-extension/ephy-web-extension.c
@@ -311,18 +311,27 @@ request_decision_on_storing (EphyEmbedFormAuth *form_auth)
guint request_id;
SoupURI *uri;
WebKitDOMNode *username_node;
- WebKitDOMDOMWindow *dom_window;
+ WebKitDOMDOMWindow *dom_window = NULL;
GVariant *variant;
- gchar *message;
+ char *message = NULL;
+ char *uri_string = NULL;
+ char *origin = NULL;
dom_window = webkit_dom_document_get_default_view (ephy_embed_form_auth_get_owner_document (form_auth));
- if (!dom_window) {
- g_object_unref (form_auth);
- return;
- }
+ if (dom_window == NULL)
+ goto out;
- request_id = form_auth_data_save_request_new_id ();
uri = ephy_embed_form_auth_get_uri (form_auth);
+ if (uri == NULL)
+ goto out;
+
+ uri_string = soup_uri_to_string (uri, FALSE);
+ origin = ephy_uri_to_security_origin (uri_string);
+ if (origin == NULL)
+ goto out;
+
+ request_id = form_auth_data_save_request_new_id ();
+
username_node = ephy_embed_form_auth_get_username_node (form_auth);
if (username_node)
g_object_get (username_node, "value", &username_field_value, NULL);
@@ -330,7 +339,7 @@ request_decision_on_storing (EphyEmbedFormAuth *form_auth)
variant = g_variant_new ("(utss)",
request_id,
ephy_embed_form_auth_get_page_id (form_auth),
- uri ? uri->host : "",
+ origin,
username_field_value ? username_field_value : "");
g_free (username_field_value);
@@ -345,9 +354,17 @@ request_decision_on_storing (EphyEmbedFormAuth *form_auth)
g_warning ("Error sending formAuthData message");
}
- g_object_unref (dom_window);
- g_free (message);
- g_object_unref (form_auth);
+out:
+ if (dom_window != NULL)
+ g_object_unref (dom_window);
+ if (form_auth != NULL)
+ g_object_unref (form_auth);
+ if (message != NULL)
+ g_free (message);
+ if (uri_string != NULL)
+ g_free (uri_string);
+ if (origin != NULL)
+ g_free (origin);
}
static void
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
