Title: [228919] trunk/Source
- Revision
- 228919
- Author
- cdu...@apple.com
- Date
- 2018-02-22 08:55:53 -0800 (Thu, 22 Feb 2018)
Log Message
Add release asserts for service worker fetch and postMessage events
https://bugs.webkit.org/show_bug.cgi?id=183025
rdar://problem/37765052
Patch by Youenn Fablet <you...@apple.com> on 2018-02-22
Reviewed by Daniel Bates.
Source/WebCore:
Add release assertion so that a service worker will only dispatch a message event
for clients and service workers with the same origin.
No change of behavior.
* platform/network/ResourceRequestBase.h:
* workers/service/context/ServiceWorkerThread.cpp:
(WebCore::ServiceWorkerThread::postMessageToServiceWorker):
* workers/service/context/ServiceWorkerThreadProxy.h:
Source/WebKit:
Add assertion to protect interception of a fetch load by a service worker with
a different origin from the page.
* WebProcess/Storage/WebSWContextManagerConnection.cpp:
(WebKit::WebSWContextManagerConnection::startFetch):
Modified Paths
Diff
Modified: trunk/Source/WebCore/ChangeLog (228918 => 228919)
--- trunk/Source/WebCore/ChangeLog 2018-02-22 16:43:45 UTC (rev 228918)
+++ trunk/Source/WebCore/ChangeLog 2018-02-22 16:55:53 UTC (rev 228919)
@@ -1,3 +1,20 @@
+2018-02-22 Youenn Fablet <you...@apple.com>
+
+ Add release asserts for service worker fetch and postMessage events
+ https://bugs.webkit.org/show_bug.cgi?id=183025
+ rdar://problem/37765052
+
+ Reviewed by Daniel Bates.
+
+ Add release assertion so that a service worker will only dispatch a message event
+ for clients and service workers with the same origin.
+ No change of behavior.
+
+ * platform/network/ResourceRequestBase.h:
+ * workers/service/context/ServiceWorkerThread.cpp:
+ (WebCore::ServiceWorkerThread::postMessageToServiceWorker):
+ * workers/service/context/ServiceWorkerThreadProxy.h:
+
2018-02-22 Miguel Gomez <mago...@igalia.com>
including both gl3.h and gl2.h when USE_OPENGL_ES is enabled
Modified: trunk/Source/WebCore/platform/network/ResourceRequestBase.h (228918 => 228919)
--- trunk/Source/WebCore/platform/network/ResourceRequestBase.h 2018-02-22 16:43:45 UTC (rev 228918)
+++ trunk/Source/WebCore/platform/network/ResourceRequestBase.h 2018-02-22 16:55:53 UTC (rev 228919)
@@ -113,7 +113,7 @@
WEBCORE_EXPORT void setExistingHTTPReferrerToOriginString();
WEBCORE_EXPORT void clearHTTPReferrer();
- String httpOrigin() const;
+ WEBCORE_EXPORT String httpOrigin() const;
bool hasHTTPOrigin() const;
void setHTTPOrigin(const String&);
WEBCORE_EXPORT void clearHTTPOrigin();
Modified: trunk/Source/WebCore/workers/service/context/ServiceWorkerThread.cpp (228918 => 228919)
--- trunk/Source/WebCore/workers/service/context/ServiceWorkerThread.cpp 2018-02-22 16:43:45 UTC (rev 228918)
+++ trunk/Source/WebCore/workers/service/context/ServiceWorkerThread.cpp 2018-02-22 16:55:53 UTC (rev 228919)
@@ -119,10 +119,16 @@
ExtendableMessageEventSource source;
if (WTF::holds_alternative<ServiceWorkerClientData>(sourceData)) {
RefPtr<ServiceWorkerClient> sourceClient = ServiceWorkerClient::getOrCreate(serviceWorkerGlobalScope, WTFMove(WTF::get<ServiceWorkerClientData>(sourceData)));
+
+ RELEASE_ASSERT(!sourceClient->url().protocolIsInHTTPFamily() || !serviceWorkerGlobalScope.url().protocolIsInHTTPFamily() || protocolHostAndPortAreEqual(serviceWorkerGlobalScope.url(), sourceClient->url()));
+
sourceOrigin = SecurityOrigin::create(sourceClient->url());
source = WTFMove(sourceClient);
} else {
RefPtr<ServiceWorker> sourceWorker = ServiceWorker::getOrCreate(serviceWorkerGlobalScope, WTFMove(WTF::get<ServiceWorkerData>(sourceData)));
+
+ RELEASE_ASSERT(!sourceWorker->scriptURL().protocolIsInHTTPFamily() || !serviceWorkerGlobalScope.url().protocolIsInHTTPFamily() || protocolHostAndPortAreEqual(serviceWorkerGlobalScope.url(), sourceWorker->scriptURL()));
+
sourceOrigin = SecurityOrigin::create(sourceWorker->scriptURL());
source = WTFMove(sourceWorker);
}
Modified: trunk/Source/WebCore/workers/service/context/ServiceWorkerThreadProxy.h (228918 => 228919)
--- trunk/Source/WebCore/workers/service/context/ServiceWorkerThreadProxy.h 2018-02-22 16:43:45 UTC (rev 228918)
+++ trunk/Source/WebCore/workers/service/context/ServiceWorkerThreadProxy.h 2018-02-22 16:55:53 UTC (rev 228919)
@@ -65,6 +65,8 @@
WEBCORE_EXPORT std::unique_ptr<FetchLoader> createBlobLoader(FetchLoaderClient&, const URL&);
+ const URL& scriptURL() const { return m_document->url(); }
+
// Public only for testing purposes.
WEBCORE_TESTSUPPORT_EXPORT void notifyNetworkStateChange(bool isOnline);
Modified: trunk/Source/WebKit/ChangeLog (228918 => 228919)
--- trunk/Source/WebKit/ChangeLog 2018-02-22 16:43:45 UTC (rev 228918)
+++ trunk/Source/WebKit/ChangeLog 2018-02-22 16:55:53 UTC (rev 228919)
@@ -1,3 +1,17 @@
+2018-02-22 Youenn Fablet <you...@apple.com>
+
+ Add release asserts for service worker fetch and postMessage events
+ https://bugs.webkit.org/show_bug.cgi?id=183025
+ rdar://problem/37765052
+
+ Reviewed by Daniel Bates.
+
+ Add assertion to protect interception of a fetch load by a service worker with
+ a different origin from the page.
+
+ * WebProcess/Storage/WebSWContextManagerConnection.cpp:
+ (WebKit::WebSWContextManagerConnection::startFetch):
+
2018-02-22 Ms2ger <ms2...@igalia.com>
[GTK][WPE] Fix some build errors in service workers code
Modified: trunk/Source/WebKit/WebProcess/Storage/WebSWContextManagerConnection.cpp (228918 => 228919)
--- trunk/Source/WebKit/WebProcess/Storage/WebSWContextManagerConnection.cpp 2018-02-22 16:43:45 UTC (rev 228918)
+++ trunk/Source/WebKit/WebProcess/Storage/WebSWContextManagerConnection.cpp 2018-02-22 16:55:53 UTC (rev 228919)
@@ -188,6 +188,11 @@
return;
}
+ String origin = request.httpOrigin();
+ URL url { URL(), origin.isEmpty() ? referrer : origin };
+ URL serviceWorkerURL = serviceWorkerThreadProxy->scriptURL();
+ RELEASE_ASSERT(!url.protocolIsInHTTPFamily() || !serviceWorkerURL.protocolIsInHTTPFamily() || protocolHostAndPortAreEqual(url, serviceWorkerURL));
+
auto client = WebServiceWorkerFetchTaskClient::create(m_connectionToStorageProcess.copyRef(), serviceWorkerIdentifier, serverConnectionIdentifier, fetchIdentifier);
std::optional<ServiceWorkerClientIdentifier> clientId;
if (options.clientIdentifier)
_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes