Introduce WebKit::WebSecurityOrigin as a wrapper around

WebCore::SecurityOrigin.

This provides us a little wiggle room in the future in
case we ever want to provide more details about a
security origin beyond just its stringified value.
This was done on recommendation from Adam Barth.

R=jorlow
BUG=21967
TEST=none

Review URL: http://codereview.chromium.org/211013

git-svn-id: svn://svn.chromium.org/chrome/trunk/src@26554 0039d316-1c4b-4281-b951-d872f2087c98

13 files changed, 198 insertions, 15 deletions

diff --git a/webkit/api/public/WebFrame.h b/webkit/api/public/WebFrame.h
index b5840ba..07f5cf5 100644
--- a/webkit/api/public/WebFrame.h
+++ b/webkit/api/public/WebFrame.h
@@ -50,6 +50,7 @@ namespace WebKit {
     class WebForm;
     class WebHistoryItem;
     class WebRange;
+    class WebSecurityOrigin;
     class WebString;
     class WebURL;
     class WebURLRequest;
@@ -161,7 +162,7 @@ namespace WebKit {
         // Scripting ----------------------------------------------------------
 
         // Returns the security origin of the current document.
-        virtual WebString securityOrigin() const = 0;
+        virtual WebSecurityOrigin securityOrigin() const = 0;
 
         // This grants the currently loaded document access to all security
         // origins (including file URLs).  Use with care.  The access is
diff --git a/webkit/api/public/WebFrameClient.h b/webkit/api/public/WebFrameClient.h
index a126bb5..4d42965 100644
--- a/webkit/api/public/WebFrameClient.h
+++ b/webkit/api/public/WebFrameClient.h
@@ -42,6 +42,7 @@ namespace WebKit {
     class WebMediaPlayer;
     class WebMediaPlayerClient;
     class WebPlugin;
+    class WebSecurityOrigin;
     class WebString;
     class WebURL;
     class WebURLRequest;
@@ -205,8 +206,7 @@ namespace WebKit {
         // The indicated security origin has run active content (such as a
         // script) from an insecure source.  Note that the insecure content can
         // spread to other frames in the same origin.
-        virtual void didRunInsecureContent(
-            WebFrame*, const WebString& securityOrigin) = 0;
+        virtual void didRunInsecureContent(WebFrame*, const WebSecurityOrigin&) = 0;
 
 
         // Script notifications ------------------------------------------------
diff --git a/webkit/api/public/WebSecurityOrigin.h b/webkit/api/public/WebSecurityOrigin.h
new file mode 100644
index 0000000..1905643
--- /dev/null
+++ b/webkit/api/public/WebSecurityOrigin.h
@@ -0,0 +1,73 @@
+/*
+ * Copyright (C) 2009 Google Inc. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are
+ * met:
+ *
+ *     * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *     * Redistributions in binary form must reproduce the above
+ * copyright notice, this list of conditions and the following disclaimer
+ * in the documentation and/or other materials provided with the
+ * distribution.
+ *     * Neither the name of Google Inc. nor the names of its
+ * contributors may be used to endorse or promote products derived from
+ * this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#ifndef WebSecurityOrigin_h
+#define WebSecurityOrigin_h
+
+#include "WebCommon.h"
+
+#if WEBKIT_IMPLEMENTATION
+namespace WebCore { class SecurityOrigin; }
+namespace WTF { template <typename T> class PassRefPtr; }
+#endif
+
+namespace WebKit {
+    class WebSecurityOriginPrivate;
+    class WebString;
+
+    class WebSecurityOrigin {
+    public:
+        ~WebSecurityOrigin() { reset(); }
+
+        WebSecurityOrigin() : m_private(0) { }
+        WebSecurityOrigin(const WebSecurityOrigin& s) : m_private(0) { assign(s); }
+        WebSecurityOrigin& operator=(const WebSecurityOrigin& s) { assign(s); return *this; }
+
+        WEBKIT_API void reset();
+        WEBKIT_API void assign(const WebSecurityOrigin&);
+
+        bool isNull() const { return m_private == 0; }
+
+        WEBKIT_API WebString toString() const;
+
+#if WEBKIT_IMPLEMENTATION
+        WebSecurityOrigin(const WTF::PassRefPtr<WebCore::SecurityOrigin>&);
+        WebSecurityOrigin& operator=(const WTF::PassRefPtr<WebCore::SecurityOrigin>&);
+        operator WTF::PassRefPtr<WebCore::SecurityOrigin>() const;
+#endif
+
+    private:
+        void assign(WebSecurityOriginPrivate*);
+        WebSecurityOriginPrivate* m_private;
+    };
+
+} // namespace WebKit
+
+#endif
diff --git a/webkit/api/src/WebSecurityOrigin.cpp b/webkit/api/src/WebSecurityOrigin.cpp
new file mode 100644
index 0000000..f1641e3
--- /dev/null
+++ b/webkit/api/src/WebSecurityOrigin.cpp
@@ -0,0 +1,89 @@
+/*
+ * Copyright (C) 2009 Google Inc. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are
+ * met:
+ *
+ *     * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *     * Redistributions in binary form must reproduce the above
+ * copyright notice, this list of conditions and the following disclaimer
+ * in the documentation and/or other materials provided with the
+ * distribution.
+ *     * Neither the name of Google Inc. nor the names of its
+ * contributors may be used to endorse or promote products derived from
+ * this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include "config.h"
+#include "WebSecurityOrigin.h"
+
+#include "SecurityOrigin.h"
+#include "WebString.h"
+#include <wtf/PassRefPtr.h>
+
+using namespace WebCore;
+
+namespace WebKit {
+
+class WebSecurityOriginPrivate : public SecurityOrigin {
+};
+
+void WebSecurityOrigin::reset()
+{
+    assign(0);
+}
+
+void WebSecurityOrigin::assign(const WebSecurityOrigin& other)
+{
+    WebSecurityOriginPrivate* p = const_cast<WebSecurityOriginPrivate*>(other.m_private);
+    p->ref();
+    assign(p);
+}
+
+WebString WebSecurityOrigin::toString() const
+{
+    if (m_private)
+        return m_private->toString();
+
+    return WebString::fromUTF8("null");
+}
+
+WebSecurityOrigin::WebSecurityOrigin(const WTF::PassRefPtr<WebCore::SecurityOrigin>& origin)
+    : m_private(static_cast<WebSecurityOriginPrivate*>(origin.releaseRef()))
+{
+}
+
+WebSecurityOrigin& WebSecurityOrigin::operator=(const WTF::PassRefPtr<WebCore::SecurityOrigin>& origin)
+{
+    assign(static_cast<WebSecurityOriginPrivate*>(origin.releaseRef()));
+    return *this;
+}
+
+WebSecurityOrigin::operator WTF::PassRefPtr<WebCore::SecurityOrigin>() const
+{
+    return PassRefPtr<SecurityOrigin>(const_cast<WebSecurityOriginPrivate*>(m_private));
+}
+
+void WebSecurityOrigin::assign(WebSecurityOriginPrivate* p)
+{
+    // p is already ref'd for us by the caller
+    if (m_private)
+        m_private->deref();
+    m_private = p;
+}
+
+} // namespace WebKit
diff --git a/webkit/glue/empty_webframeclient.h b/webkit/glue/empty_webframeclient.h
index bc472fd..014ac8e 100644
--- a/webkit/glue/empty_webframeclient.h
+++ b/webkit/glue/empty_webframeclient.h
@@ -82,7 +82,7 @@ class EmptyWebFrameClient : public WebKit::WebFrameClient {
       const WebKit::WebURLResponse&) {}
   virtual void didDisplayInsecureContent(WebKit::WebFrame* frame) {}
   virtual void didRunInsecureContent(
-      WebKit::WebFrame* frame, const WebKit::WebString& security_origin) {}
+      WebKit::WebFrame* frame, const WebKit::WebSecurityOrigin& origin) {}
   virtual void didExhaustMemoryAvailableForScript(WebKit::WebFrame* frame) {}
   virtual void didChangeContentsSize(
       WebKit::WebFrame* frame, const WebKit::WebSize& size) {}
diff --git a/webkit/glue/glue_util.cc b/webkit/glue/glue_util.cc
index 306aaa0..1ae7ff6 100644
--- a/webkit/glue/glue_util.cc
+++ b/webkit/glue/glue_util.cc
@@ -26,6 +26,7 @@
 #include "PlatformString.h"
 #include "Range.h"
 #include "ResourceError.h"
+#include "SecurityOrigin.h"
 
 #undef LOG
 #include "base/compiler_specific.h"
@@ -42,6 +43,7 @@
 #include "webkit/api/public/WebPoint.h"
 #include "webkit/api/public/WebRange.h"
 #include "webkit/api/public/WebRect.h"
+#include "webkit/api/public/WebSecurityOrigin.h"
 #include "webkit/api/public/WebSize.h"
 #include "webkit/api/public/WebString.h"
 #include "webkit/api/public/WebURL.h"
@@ -297,6 +299,13 @@ WTF::PassRefPtr<WebCore::Range> WebRangeToRange(const WebKit::WebRange& range) {
   return range;
 }
 
+// WebSecurityOrigin conversions -----------------------------------------------
+
+WebKit::WebSecurityOrigin SecurityOriginToWebSecurityOrigin(
+    const WTF::PassRefPtr<WebCore::SecurityOrigin>& origin) {
+  return origin;
+}
+
 // WebURLError conversions -----------------------------------------------------
 
 WebKit::WebURLError ResourceErrorToWebURLError(
diff --git a/webkit/glue/glue_util.h b/webkit/glue/glue_util.h
index 8842d0e..99d3446 100644
--- a/webkit/glue/glue_util.h
+++ b/webkit/glue/glue_util.h
@@ -24,6 +24,7 @@ class Node;
 class Range;
 class ResourceError;
 class ResourceResponse;
+class SecurityOrigin;
 class SharedBuffer;
 class String;
 struct ResourceRequest;
@@ -37,6 +38,7 @@ class WebForm;
 class WebHistoryItem;
 class WebNode;
 class WebRange;
+class WebSecurityOrigin;
 class WebString;
 class WebURL;
 class WebURLRequest;
@@ -152,6 +154,10 @@ WebKit::WebRange RangeToWebRange(
 WTF::PassRefPtr<WebCore::Range> WebRangeToRange(
     const WebKit::WebRange&);
 
+// WebSecurityOrigin <-> SecurityOrigin
+WebKit::WebSecurityOrigin SecurityOriginToWebSecurityOrigin(
+    const WTF::PassRefPtr<WebCore::SecurityOrigin>&);
+
 // WebURLError <-> ResourceError
 WebKit::WebURLError ResourceErrorToWebURLError(
     const WebCore::ResourceError& error);
diff --git a/webkit/glue/webframe_impl.cc b/webkit/glue/webframe_impl.cc
index dfdb7b3..68c6882 100644
--- a/webkit/glue/webframe_impl.cc
+++ b/webkit/glue/webframe_impl.cc
@@ -152,6 +152,7 @@ MSVC_POP_WARNING();
 #include "webkit/api/public/WebRange.h"
 #include "webkit/api/public/WebRect.h"
 #include "webkit/api/public/WebScriptSource.h"
+#include "webkit/api/public/WebSecurityOrigin.h"
 #include "webkit/api/public/WebSize.h"
 #include "webkit/api/public/WebURLError.h"
 #include "webkit/api/public/WebVector.h"
@@ -224,6 +225,7 @@ using WebKit::WebForm;
 using WebKit::WebRange;
 using WebKit::WebRect;
 using WebKit::WebScriptSource;
+using WebKit::WebSecurityOrigin;
 using WebKit::WebSize;
 using WebKit::WebString;
 using WebKit::WebURL;
@@ -564,13 +566,12 @@ void WebFrameImpl::forms(WebVector<WebForm>& results) const {
   results.swap(temp);
 }
 
-WebString WebFrameImpl::securityOrigin() const {
-  if (frame_) {
-    if (frame_->document())
-      return webkit_glue::StringToWebString(
-          frame_->document()->securityOrigin()->toString());
-  }
-  return WebString::fromUTF8("null");
+WebSecurityOrigin WebFrameImpl::securityOrigin() const {
+  if (!frame_ || !frame_->document())
+    return WebSecurityOrigin();
+
+  return webkit_glue::SecurityOriginToWebSecurityOrigin(
+      frame_->document()->securityOrigin());
 }
 
 void WebFrameImpl::grantUniversalAccess() {
diff --git a/webkit/glue/webframe_impl.h b/webkit/glue/webframe_impl.h
index ea22900..773422c 100644
--- a/webkit/glue/webframe_impl.h
+++ b/webkit/glue/webframe_impl.h
@@ -90,7 +90,7 @@ class WebFrameImpl : public WebKit::WebFrame,
   virtual WebKit::WebFrame* findChildByExpression(
       const WebKit::WebString& xpath) const;
   virtual void forms(WebKit::WebVector<WebKit::WebForm>&) const;
-  virtual WebKit::WebString securityOrigin() const;
+  virtual WebKit::WebSecurityOrigin securityOrigin() const;
   virtual void grantUniversalAccess();
   virtual NPObject* windowObject() const;
   virtual void bindToWindowObject(
diff --git a/webkit/glue/webframeloaderclient_impl.cc b/webkit/glue/webframeloaderclient_impl.cc
index 92a4935..b2c91b8 100644
--- a/webkit/glue/webframeloaderclient_impl.cc
+++ b/webkit/glue/webframeloaderclient_impl.cc
@@ -35,6 +35,7 @@
 #include "webkit/api/public/WebFrameClient.h"
 #include "webkit/api/public/WebPlugin.h"
 #include "webkit/api/public/WebPluginParams.h"
+#include "webkit/api/public/WebSecurityOrigin.h"
 #include "webkit/api/public/WebURL.h"
 #include "webkit/api/public/WebURLError.h"
 #include "webkit/api/public/WebVector.h"
@@ -987,7 +988,7 @@ void WebFrameLoaderClient::didDisplayInsecureContent() {
 void WebFrameLoaderClient::didRunInsecureContent(SecurityOrigin* origin) {
   if (webframe_->client()) {
     webframe_->client()->didRunInsecureContent(webframe_,
-        webkit_glue::StringToWebString(origin->toString()));
+        webkit_glue::SecurityOriginToWebSecurityOrigin(origin));
   }
 }
 
diff --git a/webkit/tools/test_shell/test_webview_delegate.cc b/webkit/tools/test_shell/test_webview_delegate.cc
index 903e3d2..e8346dc 100644
--- a/webkit/tools/test_shell/test_webview_delegate.cc
+++ b/webkit/tools/test_shell/test_webview_delegate.cc
@@ -83,6 +83,7 @@ using WebKit::WebPopupMenu;
 using WebKit::WebRange;
 using WebKit::WebRect;
 using WebKit::WebScreenInfo;
+using WebKit::WebSecurityOrigin;
 using WebKit::WebSize;
 using WebKit::WebString;
 using WebKit::WebTextAffinity;
@@ -930,7 +931,7 @@ void TestWebViewDelegate::didDisplayInsecureContent(WebFrame* frame) {
 }
 
 void TestWebViewDelegate::didRunInsecureContent(
-    WebFrame* frame, const WebString& security_origin) {
+    WebFrame* frame, const WebSecurityOrigin& origin) {
   if (shell_->ShouldDumpFrameLoadCallbacks())
     printf("didRunInsecureContent\n");
 }
diff --git a/webkit/tools/test_shell/test_webview_delegate.h b/webkit/tools/test_shell/test_webview_delegate.h
index 90627ef..35c6ad9 100644
--- a/webkit/tools/test_shell/test_webview_delegate.h
+++ b/webkit/tools/test_shell/test_webview_delegate.h
@@ -218,7 +218,7 @@ class TestWebViewDelegate : public WebViewDelegate,
       const WebKit::WebURLResponse&);
   virtual void didDisplayInsecureContent(WebKit::WebFrame* frame);
   virtual void didRunInsecureContent(
-      WebKit::WebFrame* frame, const WebKit::WebString& security_origin);
+      WebKit::WebFrame* frame, const WebKit::WebSecurityOrigin& origin);
   virtual void didExhaustMemoryAvailableForScript(WebKit::WebFrame*);
   virtual void didChangeContentsSize(
       WebKit::WebFrame*, const WebKit::WebSize&);
diff --git a/webkit/webkit.gyp b/webkit/webkit.gyp
index 5f843e5..91b8b33 100644
--- a/webkit/webkit.gyp
+++ b/webkit/webkit.gyp
@@ -1009,6 +1009,7 @@
         'api/public/WebRect.h',
         'api/public/WebScreenInfo.h',
         'api/public/WebScriptSource.h',
+        'api/public/WebSecurityOrigin.h',
         'api/public/WebSettings.h',
         'api/public/WebSize.h',
         'api/public/WebStorageArea.h',
@@ -1085,6 +1086,7 @@
         'api/src/WebPluginLoadObserver.cpp',
         'api/src/WebPluginLoadObserver.h',
         'api/src/WebRange.cpp',
+        'api/src/WebSecurityOrigin.cpp',
         'api/src/WebSettingsImpl.cpp',
         'api/src/WebSettingsImpl.h',
         'api/src/WebStorageAreaImpl.cpp',