+2012-03-26 Adam Barth <abarth@webkit.org>
+
+ When <img crossorigin> fails the CORS check, we should fire the error event
+ https://bugs.webkit.org/show_bug.cgi?id=81998
+
+ Reviewed by Nate Chapin.
+
+ The spec says we're supposed to fire the error event when the CORS
+ check fails, but we haven't been. This patch is larger than it might
+ otherwise be because we're firing the event asynchronously, but that
+ seems like the right thing to do.
+
+ Tests: http/tests/security/img-with-failed-cors-check-fails-to-load.html
+
+ * dom/Document.cpp:
+ (WebCore::Document::implicitClose):
+ * loader/ImageLoader.cpp:
+ (WebCore::errorEventSender):
+ (WebCore):
+ (WebCore::ImageLoader::ImageLoader):
+ (WebCore::ImageLoader::~ImageLoader):
+ (WebCore::ImageLoader::setImage):
+ (WebCore::ImageLoader::updateFromElement):
+ (WebCore::ImageLoader::notifyFinished):
+ (WebCore::ImageLoader::dispatchPendingEvent):
+ (WebCore::ImageLoader::dispatchPendingErrorEvent):
+ (WebCore::ImageLoader::dispatchPendingErrorEvents):
+ * loader/ImageLoader.h:
+ (ImageLoader):
+
2012-03-26 Stephen White <senorblanco@chromium.org>
Make filters and the threaded compositor play well together.
return sender;
}
+static ImageEventSender& errorEventSender()
+{
+ DEFINE_STATIC_LOCAL(ImageEventSender, sender, (eventNames().errorEvent));
+ return sender;
+}
+
ImageLoader::ImageLoader(Element* element)
: m_element(element)
, m_image(0)
, m_firedBeforeLoad(true)
, m_firedLoad(true)
+ , m_firedError(true)
, m_imageComplete(true)
, m_loadManually(false)
{
ASSERT(!m_firedLoad || !loadEventSender().hasPendingEvents(this));
if (!m_firedLoad)
loadEventSender().cancelEvent(this);
+
+ ASSERT(!m_firedError || !errorEventSender().hasPendingEvents(this));
+ if (!m_firedError)
+ errorEventSender().cancelEvent(this);
}
void ImageLoader::setImage(CachedImage* newImage)
loadEventSender().cancelEvent(this);
m_firedLoad = true;
}
+ if (!m_firedError) {
+ errorEventSender().cancelEvent(this);
+ m_firedError = true;
+ }
m_imageComplete = true;
if (newImage)
newImage->addClient(this);
// If we do not have an image here, it means that a cross-site
// violation occurred.
m_failedLoadURL = !newImage ? attr : AtomicString();
- } else if (!attr.isNull()) // Fire an error event if the url is empty.
+ } else if (!attr.isNull()) {
+ // Fire an error event if the url is empty.
+ // FIXME: Should we fire this event asynchronoulsy via errorEventSender()?
m_element->dispatchEvent(Event::create(eventNames().errorEvent, false, false));
+ }
CachedImage* oldImage = m_image.get();
if (newImage != oldImage) {
beforeLoadEventSender().cancelEvent(this);
if (!m_firedLoad)
loadEventSender().cancelEvent(this);
+ if (!m_firedError)
+ errorEventSender().cancelEvent(this);
m_image = newImage;
m_firedBeforeLoad = !newImage;
setImage(0);
+ m_firedError = false;
+ errorEventSender().dispatchEventSoon(this);
+
DEFINE_STATIC_LOCAL(String, consoleMessage, ("Cross-origin image load denied by Cross-Origin Resource Sharing policy."));
m_element->document()->addConsoleMessage(JSMessageSource, LogMessageType, ErrorMessageLevel, consoleMessage);
void ImageLoader::dispatchPendingEvent(ImageEventSender* eventSender)
{
- ASSERT(eventSender == &beforeLoadEventSender() || eventSender == &loadEventSender());
+ ASSERT(eventSender == &beforeLoadEventSender() || eventSender == &loadEventSender() || eventSender == &errorEventSender());
const AtomicString& eventType = eventSender->eventType();
if (eventType == eventNames().beforeloadEvent)
dispatchPendingBeforeLoadEvent();
if (eventType == eventNames().loadEvent)
dispatchPendingLoadEvent();
+ if (eventType == eventNames().errorEvent)
+ dispatchPendingErrorEvent();
}
void ImageLoader::dispatchPendingBeforeLoadEvent()
dispatchLoadEvent();
}
+void ImageLoader::dispatchPendingErrorEvent()
+{
+ if (m_firedError)
+ return;
+ if (!m_element->document()->attached())
+ return;
+ m_firedError = true;
+ m_element->dispatchEvent(Event::create(eventNames().errorEvent, false, false));
+}
+
void ImageLoader::dispatchPendingBeforeLoadEvents()
{
beforeLoadEventSender().dispatchPendingEvents();
loadEventSender().dispatchPendingEvents();
}
+void ImageLoader::dispatchPendingErrorEvents()
+{
+ errorEventSender().dispatchPendingEvents();
+}
+
void ImageLoader::elementDidMoveToNewDocument()
{
setImage(0);
static void dispatchPendingBeforeLoadEvents();
static void dispatchPendingLoadEvents();
+ static void dispatchPendingErrorEvents();
protected:
virtual void notifyFinished(CachedResource*);
void dispatchPendingBeforeLoadEvent();
void dispatchPendingLoadEvent();
+ void dispatchPendingErrorEvent();
RenderImageResource* renderImageResource();
void updateRenderer();
AtomicString m_failedLoadURL;
bool m_firedBeforeLoad : 1;
bool m_firedLoad : 1;
+ bool m_firedError : 1;
bool m_imageComplete : 1;
bool m_loadManually : 1;
};
projects / profile / ivi / webkit-efl.git / commitdiff