Added: trunk/LayoutTests/inspector/console/clients-ignored-in-privatebrowsing-expected.txt (0 => 137267)
--- trunk/LayoutTests/inspector/console/clients-ignored-in-privatebrowsing-expected.txt (rev 0)
+++ trunk/LayoutTests/inspector/console/clients-ignored-in-privatebrowsing-expected.txt 2012-12-11 09:17:59 UTC (rev 137267)
@@ -0,0 +1,4 @@
+In PrivateBrowsing mode, console messages are visible in the Console, but aren't sent to ChromeClients (or printf'd) in order to ensure they never end up in logs. Better safe than sorry.
+
+log: This should show up once console messages are dumped, but should _not_ show up as a "CONSOLE MESSAGE:" at the top of the output.
+
Added: trunk/LayoutTests/inspector/console/clients-ignored-in-privatebrowsing.html (0 => 137267)
--- trunk/LayoutTests/inspector/console/clients-ignored-in-privatebrowsing.html (rev 0)
+++ trunk/LayoutTests/inspector/console/clients-ignored-in-privatebrowsing.html 2012-12-11 09:17:59 UTC (rev 137267)
@@ -0,0 +1,30 @@
+<html>
+<head>
+<script src=""
+<script src=""
+<script>
+
+function test()
+{
+ if (window.testRunner)
+ testRunner.setPrivateBrowsingEnabled(true);
+
+ console.log('This should show up once console messages are dumped, but should _not_ show up as a "CONSOLE MESSAGE:" at the top of the output.');
+
+ InspectorTest.dumpConsoleMessages();
+
+ if (window.testRunner)
+ testRunner.setPrivateBrowsingEnabled(false);
+ InspectorTest.completeTest();
+}
+
+</script>
+</head>
+
+<body _onload_="runTest()">
+<p>In PrivateBrowsing mode, console messages are visible in the Console, but
+aren't sent to ChromeClients (or printf'd) in order to ensure they never end
+up in logs. Better safe than sorry.</p>
+
+</body>
+</html>
Modified: trunk/Source/WebCore/ChangeLog (137266 => 137267)
--- trunk/Source/WebCore/ChangeLog 2012-12-11 09:15:43 UTC (rev 137266)
+++ trunk/Source/WebCore/ChangeLog 2012-12-11 09:17:59 UTC (rev 137267)
@@ -1,3 +1,38 @@
+2012-12-11 Mike West <[email protected]>
+
+ Web Inspector: Evaluate private browsing mode's effect on console messages.
+ https://bugs.webkit.org/show_bug.cgi?id=104383
+
+ Reviewed by Pavel Feldman.
+
+ Two sets of console messages are currently gated on private browsing
+ mode being inactive. This patch centralizes the private browsing checks
+ in order to apply them equally to all console messages, and changes the
+ granularity at which they act.
+
+ The current checks block the console messages entirely. This patch
+ blocks only notifications to ChromeClient and ensures that messages
+ won't be passed to printf where they might end up in system logs.
+ Notifications to InspectorInstrumentation seem safe; so far as I can
+ tell, there's no compelling reason to prevent console-based debugging
+ in private browsing mode. This patch excludes those calls from the
+ private browsing check.
+
+ Test: inspector/console/clients-ignored-in-privatebrowsing.html
+
+ * loader/cache/CachedResourceLoader.cpp:
+ (WebCore::CachedResourceLoader::printAccessDeniedMessage):
+ Drop the private browsing check.
+ * page/Console.cpp:
+ (WebCore::Console::addMessage):
+ Add private browsing checks to the two ::addMessage variants that
+ do real work. Ensure that calls to printf and notifications to
+ ChromeClients are gated on these checks, but always allow
+ notifications to InspectorInstrumentation.
+ * page/DOMWindow.cpp:
+ (WebCore::DOMWindow::printErrorMessage):
+ Drop the private browsing check.
+
2012-12-10 Dan Winship <[email protected]>
[Soup] Fix spelling of "initiating" in API.
Modified: trunk/Source/WebCore/loader/cache/CachedResourceLoader.cpp (137266 => 137267)
--- trunk/Source/WebCore/loader/cache/CachedResourceLoader.cpp 2012-12-11 09:15:43 UTC (rev 137266)
+++ trunk/Source/WebCore/loader/cache/CachedResourceLoader.cpp 2012-12-11 09:17:59 UTC (rev 137267)
@@ -630,17 +630,12 @@
if (!frame())
return;
- Settings* settings = frame()->settings();
- if (!settings || settings->privateBrowsingEnabled())
- return;
-
String message;
if (!m_document || m_document->url().isNull())
message = "Unsafe attempt to load URL " + url.string() + '.';
else
message = "Unsafe attempt to load URL " + url.string() + " from frame with URL " + m_document->url().string() + ". Domains, protocols and ports must match.\n";
- // FIXME: provide line number and source URL.
frame()->document()->addConsoleMessage(OtherMessageSource, LogMessageType, ErrorMessageLevel, message);
}
Modified: trunk/Source/WebCore/page/Console.cpp (137266 => 137267)
--- trunk/Source/WebCore/page/Console.cpp 2012-12-11 09:15:43 UTC (rev 137266)
+++ trunk/Source/WebCore/page/Console.cpp 2012-12-11 09:17:59 UTC (rev 137267)
@@ -47,6 +47,7 @@
#include "ScriptProfiler.h"
#include "ScriptValue.h"
#include "ScriptableDocumentParser.h"
+#include "Settings.h"
#include <stdio.h>
#include <wtf/UnusedParam.h>
#include <wtf/text/CString.h>
@@ -163,16 +164,19 @@
if (!page)
return;
- page->chrome()->client()->addMessageToConsole(source, type, level, message, lineNumber, url);
-
if (callStack)
InspectorInstrumentation::addMessageToConsole(page, source, type, level, message, callStack, requestIdentifier);
else
InspectorInstrumentation::addMessageToConsole(page, source, type, level, message, url, lineNumber, state, requestIdentifier);
- if (!Console::shouldPrintExceptions())
+ if (!m_frame->settings() || m_frame->settings()->privateBrowsingEnabled())
return;
+ page->chrome()->client()->addMessageToConsole(source, type, level, message, lineNumber, url);
+
+ if (!shouldPrintExceptions())
+ return;
+
printSourceURLAndLine(url, lineNumber);
printMessageSourceAndLevelPrefix(source, level);
@@ -194,6 +198,16 @@
RefPtr<ScriptCallStack> callStack(createScriptCallStack(state, stackSize));
const ScriptCallFrame& lastCaller = callStack->at(0);
+ String message;
+ bool gotMessage = arguments->getFirstArgumentAsString(message);
+ InspectorInstrumentation::addMessageToConsole(page, ConsoleAPIMessageSource, type, level, message, state, arguments.release());
+
+ if (!m_frame->settings() || m_frame->settings()->privateBrowsingEnabled())
+ return;
+
+ if (gotMessage)
+ page->chrome()->client()->addMessageToConsole(ConsoleAPIMessageSource, type, level, message, lastCaller.lineNumber(), lastCaller.sourceURL());
+
if (shouldPrintExceptions()) {
printSourceURLAndLine(lastCaller.sourceURL(), 0);
printMessageSourceAndLevelPrefix(ConsoleAPIMessageSource, level);
@@ -213,12 +227,6 @@
printf("\t%s\n", functionName.utf8().data());
}
}
-
- String message;
- if (arguments->getFirstArgumentAsString(message))
- page->chrome()->client()->addMessageToConsole(ConsoleAPIMessageSource, type, level, message, lastCaller.lineNumber(), lastCaller.sourceURL());
-
- InspectorInstrumentation::addMessageToConsole(page, ConsoleAPIMessageSource, type, level, message, state, arguments.release());
}
void Console::debug(ScriptState* state, PassRefPtr<ScriptArguments> arguments)
Modified: trunk/Source/WebCore/page/DOMWindow.cpp (137266 => 137267)
--- trunk/Source/WebCore/page/DOMWindow.cpp 2012-12-11 09:15:43 UTC (rev 137266)
+++ trunk/Source/WebCore/page/DOMWindow.cpp 2012-12-11 09:17:59 UTC (rev 137267)
@@ -1756,12 +1756,6 @@
if (message.isEmpty())
return;
- Settings* settings = m_frame->settings();
- if (!settings)
- return;
- if (settings->privateBrowsingEnabled())
- return;
-
console()->addMessage(JSMessageSource, LogMessageType, ErrorMessageLevel, message);
}
