[webkit-changes] [247400] trunk/Source/WebKit

Fri, 12 Jul 2019 15:04:53 -0700

Title: [247400] trunk/Source/WebKit
Revision
247400
Author
cdu...@apple.com
Date
2019-07-12 15:03:27 -0700 (Fri, 12 Jul 2019)

Log Message

Regression(macOS Catalina): Cannot quick look html documents in Mail
https://bugs.webkit.org/show_bug.cgi?id=199754
<rdar://problem/51304961>

Reviewed by Geoff Garen.

If the client asks us to load a file URL but does not provide a resource path, WebKit
would fallback to issuing a sandbox extension for /. This no longer works on mac OS
Catalina and it would thus fail to load the file.

To address the issue, if the attempt to create a sandbox extension for / fails, we now
fall back to issuing one for the file's baseURL (path of containing folder).

* UIProcess/WebPageProxy.cpp:
(WebKit::WebPageProxy::maybeInitializeSandboxExtensionHandle):

Modified Paths

Diff

Modified: trunk/Source/WebKit/ChangeLog (247399 => 247400)


--- trunk/Source/WebKit/ChangeLog	2019-07-12 21:50:31 UTC (rev 247399)
+++ trunk/Source/WebKit/ChangeLog	2019-07-12 22:03:27 UTC (rev 247400)
@@ -1,3 +1,21 @@
+2019-07-12  Chris Dumez  <cdu...@apple.com>
+
+        Regression(macOS Catalina): Cannot quick look html documents in Mail
+        https://bugs.webkit.org/show_bug.cgi?id=199754
+        <rdar://problem/51304961>
+
+        Reviewed by Geoff Garen.
+
+        If the client asks us to load a file URL but does not provide a resource path, WebKit
+        would fallback to issuing a sandbox extension for /. This no longer works on mac OS
+        Catalina and it would thus fail to load the file.
+
+        To address the issue, if the attempt to create a sandbox extension for / fails, we now
+        fall back to issuing one for the file's baseURL (path of containing folder).
+
+        * UIProcess/WebPageProxy.cpp:
+        (WebKit::WebPageProxy::maybeInitializeSandboxExtensionHandle):
+
 2019-07-12  Michael Catanzaro  <mcatanz...@igalia.com>
 
         WebBackForwardListItem::setPageState should receive pageState by rvalue reference

Modified: trunk/Source/WebKit/UIProcess/WebPageProxy.cpp (247399 => 247400)


--- trunk/Source/WebKit/UIProcess/WebPageProxy.cpp	2019-07-12 21:50:31 UTC (rev 247399)
+++ trunk/Source/WebKit/UIProcess/WebPageProxy.cpp	2019-07-12 22:03:27 UTC (rev 247400)
@@ -1058,9 +1058,16 @@
     // Inspector resources are in a directory with assumed access.
     ASSERT_WITH_SECURITY_IMPLICATION(!WebKit::isInspectorPage(*this));
 
-    // FIXME: universal file read access should be set if the sandbox extension is successfully created: rdar://problem/52357508.
-    SandboxExtension::createHandle("/", SandboxExtension::Type::ReadOnly, sandboxExtensionHandle);
-    willAcquireUniversalFileReadSandboxExtension(process);
+    if (SandboxExtension::createHandle("/", SandboxExtension::Type::ReadOnly, sandboxExtensionHandle)) {
+        willAcquireUniversalFileReadSandboxExtension(process);
+        return;
+    }
+
+    // We failed to issue an universal file read access sandbox, fall back to issuing one for the base URL instead.
+    auto baseURL = URL(URL(), url.baseAsString());
+    auto basePath = baseURL.fileSystemPath();
+    if (!basePath.isNull() && SandboxExtension::createHandle(basePath, SandboxExtension::Type::ReadOnly, sandboxExtensionHandle))
+        m_process->assumeReadAccessToBaseURL(*this, baseURL);
 }
 
 #if !PLATFORM(COCOA)

_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes

Reply via email to