[webkit-changes] [256680] branches/safari-609-branch/Source/WebKit

[repstein]

Title: [256680] branches/safari-609-branch/Source/WebKit

Revision

256680

Author

repst...@apple.com

Date

2020-02-14 19:02:02 -0800 (Fri, 14 Feb 2020)

Log Message

Cherry-pick r256578. rdar://problem/59447009

    Protect WebSWServerConnection::scheduleJobInServer from bad scopeURL
    https://bugs.webkit.org/show_bug.cgi?id=207722

    Reviewed by Chris Dumez.

    * NetworkProcess/ServiceWorker/WebSWServerConnection.cpp:
    (WebKit::WebSWServerConnection::scheduleJobInServer):
    In case of bad scope, fail the job early on.
    * WebProcess/Storage/WebSWClientConnection.cpp:
    (WebKit::WebSWClientConnection::scheduleJobInServer):
    Remove the RELEASE_ASSERT from now since we defend in Network process.
    We will add it back in ServiceWorkerRegistration::getOrCreate as a follow-up.

    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@256578 268f45cc-cd09-0410-ab3c-d52691b4dbfc

Modified Paths

• branches/safari-609-branch/Source/WebKit/ChangeLog
• branches/safari-609-branch/Source/WebKit/NetworkProcess/ServiceWorker/WebSWServerConnection.cpp
• branches/safari-609-branch/Source/WebKit/WebProcess/Storage/WebSWClientConnection.cpp

Diff

Modified: branches/safari-609-branch/Source/WebKit/ChangeLog (256679 => 256680)

--- branches/safari-609-branch/Source/WebKit/ChangeLog	2020-02-15 03:01:59 UTC (rev 256679)
+++ branches/safari-609-branch/Source/WebKit/ChangeLog	2020-02-15 03:02:02 UTC (rev 256680)
@@ -1,5 +1,40 @@
 2020-02-14  Russell Epstein  <repst...@apple.com>
 
+        Cherry-pick r256578. rdar://problem/59447009
+
+    Protect WebSWServerConnection::scheduleJobInServer from bad scopeURL
+    https://bugs.webkit.org/show_bug.cgi?id=207722
+    
+    Reviewed by Chris Dumez.
+    
+    * NetworkProcess/ServiceWorker/WebSWServerConnection.cpp:
+    (WebKit::WebSWServerConnection::scheduleJobInServer):
+    In case of bad scope, fail the job early on.
+    * WebProcess/Storage/WebSWClientConnection.cpp:
+    (WebKit::WebSWClientConnection::scheduleJobInServer):
+    Remove the RELEASE_ASSERT from now since we defend in Network process.
+    We will add it back in ServiceWorkerRegistration::getOrCreate as a follow-up.
+    
+    
+    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@256578 268f45cc-cd09-0410-ab3c-d52691b4dbfc
+
+    2020-02-13  Youenn Fablet  <you...@apple.com>
+
+            Protect WebSWServerConnection::scheduleJobInServer from bad scopeURL
+            https://bugs.webkit.org/show_bug.cgi?id=207722
+
+            Reviewed by Chris Dumez.
+
+            * NetworkProcess/ServiceWorker/WebSWServerConnection.cpp:
+            (WebKit::WebSWServerConnection::scheduleJobInServer):
+            In case of bad scope, fail the job early on.
+            * WebProcess/Storage/WebSWClientConnection.cpp:
+            (WebKit::WebSWClientConnection::scheduleJobInServer):
+            Remove the RELEASE_ASSERT from now since we defend in Network process.
+            We will add it back in ServiceWorkerRegistration::getOrCreate as a follow-up.
+
+2020-02-14  Russell Epstein  <repst...@apple.com>
+
         Cherry-pick r256452. rdar://problem/59446979
 
     Pages that trigger a redirect will sometimes be left blank

Modified: branches/safari-609-branch/Source/WebKit/NetworkProcess/ServiceWorker/WebSWServerConnection.cpp (256679 => 256680)

--- branches/safari-609-branch/Source/WebKit/NetworkProcess/ServiceWorker/WebSWServerConnection.cpp	2020-02-15 03:01:59 UTC (rev 256679)
+++ branches/safari-609-branch/Source/WebKit/NetworkProcess/ServiceWorker/WebSWServerConnection.cpp	2020-02-15 03:02:02 UTC (rev 256680)
@@ -272,6 +272,12 @@
 
 void WebSWServerConnection::scheduleJobInServer(ServiceWorkerJobData&& jobData)
 {
+    ASSERT(!jobData.scopeURL.isNull());
+    if (jobData.scopeURL.isNull()) {
+        rejectJobInClient(jobData.identifier().jobIdentifier, ExceptionData { InvalidStateError, "Scope URL is empty"_s });
+        return;
+    }
+
     SWSERVERCONNECTION_RELEASE_LOG_IF_ALLOWED("Scheduling ServiceWorker job %s in server", jobData.identifier().loggingString().utf8().data());
     ASSERT(identifier() == jobData.connectionIdentifier());
 

Modified: branches/safari-609-branch/Source/WebKit/WebProcess/Storage/WebSWClientConnection.cpp (256679 => 256680)

--- branches/safari-609-branch/Source/WebKit/WebProcess/Storage/WebSWClientConnection.cpp	2020-02-15 03:01:59 UTC (rev 256679)
+++ branches/safari-609-branch/Source/WebKit/WebProcess/Storage/WebSWClientConnection.cpp	2020-02-15 03:02:02 UTC (rev 256680)
@@ -73,7 +73,6 @@
 
 void WebSWClientConnection::scheduleJobInServer(const ServiceWorkerJobData& jobData)
 {
-    RELEASE_ASSERT(!jobData.scopeURL.isNull());
     runOrDelayTaskForImport([this, jobData] {
         send(Messages::WebSWServerConnection::ScheduleJobInServer { jobData });
     });

_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes