Rename cookieURL to inheritedURL and add inheritedURL() to WebDocument

Source/core/dom/Document.h

 /*
  * Copyright (C) 1999 Lars Knoll (knoll@kde.org)
  *           (C) 1999 Antti Koivisto (koivisto@kde.org)
  *           (C) 2001 Dirk Mueller (mueller@kde.org)
  *           (C) 2006 Alexey Proskuryakov (ap@webkit.org)
  * Copyright (C) 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2012 Apple Inc. All rights reserved.
  * Copyright (C) 2008, 2009 Torch Mobile Inc. All rights reserved. (http://www.torchmobile.com/)
  * Copyright (C) 2010 Nokia Corporation and/or its subsidiary(-ies)
  * Copyright (C) 2011 Google Inc. All rights reserved.
  *
@@ skipping 738 matching lines @@
     String cookie(ExceptionState&) const;
     void setCookie(const String&, ExceptionState&);
 
     const AtomicString& referrer() const;
 
     String domain() const;
     void setDomain(const String& newDomain, ExceptionState&);
 
     String lastModified() const;
 
-    // The cookieURL is used to query the cookie database for this document's
+    // inheritedURL is used to make (security) decisions based on the document's
+    // (inherited) URL, e.g. querying the cookie database for the document's

[abarth-chromium, 2014/04/22 17:36:21]

You shouldn't be making security decisions based on this URL.  You should be
making security decisions based on the Document's SecurityOrigin.

[robwu, 2014/04/22 19:05:50]

I have just weakened the statement in the comment. Could you take another look?

The method is used to determine whether or not to insert an extension's content
script in an about:-frames, which requires knowledge about the frame's inherited
URL:

"matches": ["http://example.com/blank/*"],
"match_about_blank": true

     // cookies. For example, if the cookie URL is http://example.com, we'll
     // use the non-Secure cookies for example.com when computing
     // document.cookie.
     //
-    // Q: How is the cookieURL different from the document's URL?
+    // Q: How is the inheritedURL different from the document's URL?
     // A: The two URLs are the same almost all the time.  However, if one
     //    document inherits the security context of another document, it
-    //    inherits its cookieURL but not its URL.
+    //    inherits its inheritedURL but not its URL.
     //
-    const KURL& cookieURL() const { return m_cookieURL; }
-    void setCookieURL(const KURL& url) { m_cookieURL = url; }
+    const KURL& inheritedURL() const { return m_inheritedURL; }
+    void setInheritedURL(const KURL& url) { m_inheritedURL = url; }
 
     const KURL& firstPartyForCookies() const;
 
     // The following implements the rule from HTML 4 for what valid names are.
     // To get this right for all the XML cases, we probably have to improve this or move it
     // and make it sensitive to the type of document.
     static bool isValidName(const String&);
 
     // The following breaks a qualified name into a prefix and a local name.
     // It also does a validity check, and returns false if the qualified name
@@ skipping 399 matching lines @@
     unsigned m_activeParserCount;
     RefPtr<ContextFeatures> m_contextFeatures;
 
     bool m_wellFormed;
 
     // Document URLs.
     KURL m_url; // Document.URL: The URL from which this document was retrieved.
     KURL m_baseURL; // Node.baseURI: The URL to use when resolving relative URLs.
     KURL m_baseURLOverride; // An alternative base URL that takes precedence over m_baseURL (but not m_baseElementURL).
     KURL m_baseElementURL; // The URL set by the <base> element.
-    KURL m_cookieURL; // The URL to use for cookie access.
+    KURL m_inheritedURL; // Same as m_url, unless the document inherits its security context from another document.
 
     AtomicString m_baseTarget;
 
     // Mime-type of the document in case it was cloned or created by XHR.
     AtomicString m_mimeType;
 
     RefPtr<DocumentType> m_docType;
     OwnPtr<DOMImplementation> m_implementation;
 
     RefPtrWillBePersistent<CSSStyleSheet> m_elemSheet;
@@ skipping 223 matching lines @@
 inline bool Node::isDocumentNode() const
 {
     return this == document();
 }
 
 Node* eventTargetNodeForDocument(Document*);
 
 } // namespace WebCore
 
 #endif // Document_h