1 files changed, 19 insertions, 2 deletions

diff --git a/src/3rdparty/webkit/WebCore/page/SecurityOrigin.h b/src/3rdparty/webkit/WebCore/page/SecurityOrigin.h
index 732afa8..46e6fad 100644
--- a/src/3rdparty/webkit/WebCore/page/SecurityOrigin.h
+++ b/src/3rdparty/webkit/WebCore/page/SecurityOrigin.h
@@ -40,7 +40,8 @@
 namespace WebCore {
 
     typedef HashSet<String, CaseFoldingHash> URLSchemesMap;
-    
+
+    class Document;
     class KURL;
     
     class SecurityOrigin : public ThreadSafeShared<SecurityOrigin> {
@@ -52,7 +53,7 @@ namespace WebCore {
 
         // Create a deep copy of this SecurityOrigin.  This method is useful
         // when marshalling a SecurityOrigin to another thread.
-        PassRefPtr<SecurityOrigin> copy();
+        PassRefPtr<SecurityOrigin> threadsafeCopy();
 
         // Set the domain property of this security origin to newDomain.  This
         // function does not check whether newDomain is a suffix of the current
@@ -81,6 +82,11 @@ namespace WebCore {
         // drawing an image onto an HTML canvas element with the drawImage API.
         bool taintsCanvas(const KURL&) const;
 
+        // Returns true for any non-local URL. If document parameter is supplied,
+        // its local load policy dictates, otherwise if referrer is non-empty and
+        // represents a local file, then the local load is allowed.
+        static bool canLoad(const KURL&, const String& referrer, Document* document);
+
         // Returns true if this SecurityOrigin can load local resources, such
         // as images, iframes, and style sheets, and can link to local URLs.
         // For example, call this function before creating an iframe to a
@@ -143,6 +149,17 @@ namespace WebCore {
         static bool shouldTreatURLAsLocal(const String&);
         static bool shouldTreatURLSchemeAsLocal(const String&);
 
+        static bool shouldHideReferrer(const KURL&, const String& referrer);
+
+        enum LocalLoadPolicy {
+            AllowLocalLoadsForAll,  // No restriction on local loads.
+            AllowLocalLoadsForLocalAndSubstituteData,
+            AllowLocalLoadsForLocalOnly,
+        };
+        static void setLocalLoadPolicy(LocalLoadPolicy);
+        static bool restrictAccessToLocal();
+        static bool allowSubstituteDataAccessToLocal();
+
         static void registerURLSchemeAsNoAccess(const String&);
         static bool shouldTreatURLSchemeAsNoAccess(const String&);