From 3f958ec461e2f256ec9a01a7e3ceac0412da5f3c Mon Sep 17 00:00:00 2001
From: Jihoon Chung <jihoon.chung@samsung.com>
Date: Wed, 27 Mar 2013 17:38:24 +0900
Subject: [PATCH] Support app:// for w3c privilege

[Issue#] N/A
[Problem] N/A
[Cause] N/A
[Solution] "file://" scheme is deprecated
Tizen2.1 uses "app://<app-id>" instead of "file://"
This commit changed add security origin part when web application
define w3c privilege in the config.xml
[SCMRequest] N/A

Change-Id: I4c7dc4f2a5f6d61f120e7763b73ac7830b2737fc
---
 src/jobs/widget_install/task_database.cpp | 20 ++++++++++++++++++--
 1 file changed, 18 insertions(+), 2 deletions(-)
 mode change 100755 => 100644 src/jobs/widget_install/task_database.cpp

diff --git a/src/jobs/widget_install/task_database.cpp b/src/jobs/widget_install/task_database.cpp
old mode 100755
new mode 100644
index 775ddf8..d7f4646
--- a/src/jobs/widget_install/task_database.cpp
+++ b/src/jobs/widget_install/task_database.cpp
@@ -161,13 +161,29 @@ void TaskDatabase::StepSecurityOriginDBInsert()
     FOREACH(it, m_context.widgetConfig.configInfo.privilegeList) {
         std::map<std::string, Feature>::const_iterator result =
             g_W3CPrivilegeTextMap.find(DPL::ToUTF8String(it->name));
+        std::string tizenAppId = DPL::ToUTF8String(m_context.widgetConfig.tzAppid).c_str();
+        std::transform(tizenAppId.begin(), tizenAppId.end(), tizenAppId.begin(), tolower);
         if (result != g_W3CPrivilegeTextMap.end()) {
             if (result->second == FEATURE_USER_MEDIA) {
-                dao.setPrivilegeSecurityOriginData(result->second, false);
+                // In case of user media, webkit callback doesn't control origin data
+                // Checking code also useing blank("") scheme and origin
+                SecurityOriginData data(
+                    FEATURE_USER_MEDIA,
+                    Origin(DPL::FromUTF8String(""),
+                           DPL::FromUTF8String(""),
+                           0));
+                dao.setSecurityOriginData(data, RESULT_ALLOW_ALWAYS, true);
             } else if (result->second == FEATURE_FULLSCREEN_MODE) {
+                // In case of fullscreen mode, use case directly compare
+                // whether web application define privilege name or not
                 continue;
             } else {
-                dao.setPrivilegeSecurityOriginData(result->second);
+                SecurityOriginData data(
+                    result->second,
+                    Origin(DPL::FromUTF8String("app"),
+                           DPL::FromUTF8String(tizenAppId),
+                           0));
+                dao.setSecurityOriginData(data, RESULT_ALLOW_ALWAYS, true);
             }
         }
     }
-- 
2.7.4