Fix security issue on LocalFileSystem

[Title] Fix security issue on LocalFileSystem
[Issue#] WEB-814 WEB-816
[Problem]
  [WEB-814] WebKit handles "Same Origin Policy" incorrectly when providing HTML5 File & FileSystem support
  [WEB-816] WebKit maps PERSISTENT and TEMPORARY HTML5 FileSystem to the same physical directory
[Cause]
  [WEB-814] Currently webkit maps all FileSystem requests to the same directory regardless of the web page origin
  [WEB-816] Webkit allocates both Persistent and Temporary HTML5 FileSystem to the same physical directory
[Solution]
  [WEB-814] The Filesystem name containg the full web origin is used for creating a directory
  [WEB-816] Persistent and temporary file system are allocated on seperate directory

Change-Id: I0567c9682c22171b2145632bbffecf4d75fbb404

diff --git a/Source/WebCore/platform/efl/AsyncFileSystemEfl.cpp b/Source/WebCore/platform/efl/AsyncFileSystemEfl.cpp
index a98612e..18bcff4 100755 (executable)
--- a/Source/WebCore/platform/efl/AsyncFileSystemEfl.cpp
+++ b/Source/WebCore/platform/efl/AsyncFileSystemEfl.cpp
@@ -59,6 +59,10 @@ static void openFileSystem(ScriptExecutionContext* context, const String& basePa
     rootURL.append(basePath);
     if (!basePath.endsWith("/"))
         rootURL.append("/");
+    rootURL.append(typeString + "/" + identifier + "/");
+
+    if (create)
+        makeAllDirectories(rootURL.toString().substring(11));
 
     AsyncFileSystem::openFileSystem(rootURL.toString(), storageIdentifier, create, AsyncFileSystemCallbacksEfl::create(context, callbacks, synchronousType));
 }