Diff
Modified: trunk/LayoutTests/ChangeLog (218014 => 218015)
--- trunk/LayoutTests/ChangeLog 2017-06-09 20:10:59 UTC (rev 218014)
+++ trunk/LayoutTests/ChangeLog 2017-06-09 20:45:37 UTC (rev 218015)
@@ -1,3 +1,19 @@
+2017-06-09 Daniel Bates <[email protected]>
+
+ CSP: Apply img-src directive to favicon loads
+ https://bugs.webkit.org/show_bug.cgi?id=172733
+ <rdar://problem/32082654>
+
+ Reviewed by Brady Eidson.
+
+ Adds tests to ensure the CSP policy is applied to favicon loads.
+
+ * http/tests/security/contentSecurityPolicy/allow-favicon-expected.txt: Added.
+ * http/tests/security/contentSecurityPolicy/allow-favicon.html: Added.
+ * http/tests/security/contentSecurityPolicy/block-favicon-expected.txt: Added.
+ * http/tests/security/contentSecurityPolicy/block-favicon.html: Added.
+ * platform/wk2/TestExpectations: Skip the tests until we fix <https://bugs.webkit.org/show_bug.cgi?id=115809>.
+
2017-06-09 Ryan Haddad <[email protected]>
Add a result file for js/dom/prototype-chain-caching-with-impure-get-own-property-slot-traps-5-short.html.
Added: trunk/LayoutTests/http/tests/security/contentSecurityPolicy/allow-favicon-expected.txt (0 => 218015)
--- trunk/LayoutTests/http/tests/security/contentSecurityPolicy/allow-favicon-expected.txt (rev 0)
+++ trunk/LayoutTests/http/tests/security/contentSecurityPolicy/allow-favicon-expected.txt 2017-06-09 20:45:37 UTC (rev 218015)
@@ -0,0 +1,5 @@
+http://127.0.0.1:8000/security/contentSecurityPolicy/allow-favicon.html - didFinishLoading
+http://127.0.0.1:8000/security/contentSecurityPolicy/allow-favicon.html - willSendRequest <NSURLRequest URL http://127.0.0.1:8000/security/contentSecurityPolicy/allow-favicon.html, main document URL http://127.0.0.1:8000/security/contentSecurityPolicy/allow-favicon.html, http method GET> redirectResponse (null)
+http://127.0.0.1:8000/security/contentSecurityPolicy/allow-favicon.html - didReceiveResponse <NSURLResponse http://127.0.0.1:8000/security/contentSecurityPolicy/allow-favicon.html, http status code 200>
+http://127.0.0.1:8000/misc/resources/favicon.ico - willSendRequest <NSURLRequest URL http://127.0.0.1:8000/misc/resources/favicon.ico, main document URL http://127.0.0.1:8000/security/contentSecurityPolicy/allow-favicon.html, http method GET> redirectResponse (null)
+
Added: trunk/LayoutTests/http/tests/security/contentSecurityPolicy/allow-favicon.html (0 => 218015)
--- trunk/LayoutTests/http/tests/security/contentSecurityPolicy/allow-favicon.html (rev 0)
+++ trunk/LayoutTests/http/tests/security/contentSecurityPolicy/allow-favicon.html 2017-06-09 20:45:37 UTC (rev 218015)
@@ -0,0 +1,19 @@
+<!DOCTYPE html>
+<html>
+<head>
+<meta http-equiv="Content-Security-Policy" content="img-src 'self'">
+<script>
+function runTest() {
+ if (window.testRunner) {
+ testRunner.dumpAsText();
+ testRunner.dumpResourceLoadCallbacks();
+ testRunner.setIconDatabaseEnabled(true);
+ testRunner.queueReload();
+ }
+}
+
+window._onload_ = runTest;
+</script>
+<link rel="icon" href="" type="image/x-icon">
+</head>
+</html>
Added: trunk/LayoutTests/http/tests/security/contentSecurityPolicy/block-favicon-expected.txt (0 => 218015)
--- trunk/LayoutTests/http/tests/security/contentSecurityPolicy/block-favicon-expected.txt (rev 0)
+++ trunk/LayoutTests/http/tests/security/contentSecurityPolicy/block-favicon-expected.txt 2017-06-09 20:45:37 UTC (rev 218015)
@@ -0,0 +1,5 @@
+http://127.0.0.1:8000/security/contentSecurityPolicy/block-favicon.html - didFinishLoading
+http://127.0.0.1:8000/security/contentSecurityPolicy/block-favicon.html - willSendRequest <NSURLRequest URL http://127.0.0.1:8000/security/contentSecurityPolicy/block-favicon.html, main document URL http://127.0.0.1:8000/security/contentSecurityPolicy/block-favicon.html, http method GET> redirectResponse (null)
+http://127.0.0.1:8000/security/contentSecurityPolicy/block-favicon.html - didReceiveResponse <NSURLResponse http://127.0.0.1:8000/security/contentSecurityPolicy/block-favicon.html, http status code 200>
+CONSOLE MESSAGE: Refused to load http://127.0.0.1:8000/misc/resources/favicon.ico because it does not appear in the img-src directive of the Content Security Policy.
+
Added: trunk/LayoutTests/http/tests/security/contentSecurityPolicy/block-favicon.html (0 => 218015)
--- trunk/LayoutTests/http/tests/security/contentSecurityPolicy/block-favicon.html (rev 0)
+++ trunk/LayoutTests/http/tests/security/contentSecurityPolicy/block-favicon.html 2017-06-09 20:45:37 UTC (rev 218015)
@@ -0,0 +1,19 @@
+<!DOCTYPE html>
+<html>
+<head>
+<meta http-equiv="Content-Security-Policy" content="img-src 'none'">
+<script>
+function runTest() {
+ if (window.testRunner) {
+ testRunner.dumpAsText();
+ testRunner.dumpResourceLoadCallbacks();
+ testRunner.setIconDatabaseEnabled(true);
+ testRunner.queueReload();
+ }
+}
+
+window._onload_ = runTest;
+</script>
+<link rel="icon" href="" type="image/x-icon">
+</head>
+</html>
Modified: trunk/LayoutTests/platform/wk2/TestExpectations (218014 => 218015)
--- trunk/LayoutTests/platform/wk2/TestExpectations 2017-06-09 20:10:59 UTC (rev 218014)
+++ trunk/LayoutTests/platform/wk2/TestExpectations 2017-06-09 20:45:37 UTC (rev 218015)
@@ -252,10 +252,12 @@
webarchive/archive-empty-frame-source.html
# WebKitTestRunner needs testRunner.setIconDatabaseEnabled
-webarchive/test-link-rel-icon.html
-http/tests/misc/favicon-loads-with-images-disabled.html
-http/tests/misc/favicon-loads-with-icon-loading-override.html
-http/tests/misc/link-rel-icon-beforeload.html
+webkit.org/b/115809 webarchive/test-link-rel-icon.html
+webkit.org/b/115809 http/tests/misc/favicon-loads-with-images-disabled.html
+webkit.org/b/115809 http/tests/misc/favicon-loads-with-icon-loading-override.html
+webkit.org/b/115809 http/tests/misc/link-rel-icon-beforeload.html
+webkit.org/b/115809 http/tests/security/contentSecurityPolicy/allow-favicon.html
+webkit.org/b/115809 http/tests/security/contentSecurityPolicy/block-favicon.html
# WebKitTestRunner should dump text/plain content as text
http/tests/incremental/slow-utf8-text.pl
Modified: trunk/Source/WebCore/ChangeLog (218014 => 218015)
--- trunk/Source/WebCore/ChangeLog 2017-06-09 20:10:59 UTC (rev 218014)
+++ trunk/Source/WebCore/ChangeLog 2017-06-09 20:45:37 UTC (rev 218015)
@@ -1,3 +1,61 @@
+2017-06-09 Daniel Bates <[email protected]>
+
+ CSP: Apply img-src directive to favicon loads
+ https://bugs.webkit.org/show_bug.cgi?id=172733
+ <rdar://problem/32082654>
+
+ Reviewed by Brady Eidson.
+
+ Differentiate favicon requests from raw resources requests so that we can apply the Content
+ Security Policy to favicon requests.
+
+ Tests: http/tests/security/contentSecurityPolicy/allow-favicon.html
+ http/tests/security/contentSecurityPolicy/block-favicon.html
+
+ * inspector/InspectorPageAgent.cpp:
+ (WebCore::InspectorPageAgent::cachedResourceContent): Keep our current behavior and treat a
+ favicon resource analogous to a raw resource.
+ (WebCore::InspectorPageAgent::cachedResourceType): Ditto.
+ * loader/LinkLoader.cpp:
+ (WebCore::createLinkPreloadResourceClient): Now that we differentiate between a favicon
+ and a raw resource we add favicons to the list of unsupported <link as="..."> types. This
+ makes the list of handled request destination types more closely match the list of valid types
+ documented in <https://fetch.spec.whatwg.org/#concept-request-destination> (24 May 2017).
+ * loader/ResourceLoadInfo.cpp:
+ (WebCore::toResourceType): Keep our current behavior and treat a favicon resource analogous
+ to a raw resource.
+ * loader/SubresourceLoader.cpp:
+ (WebCore::logResourceLoaded): Ditto.
+ * loader/cache/CachedRawResource.cpp:
+ (WebCore::CachedRawResource::CachedRawResource): Update for renaming.
+ * loader/cache/CachedRawResource.h:
+ (isType): Ditto.
+ * loader/cache/CachedResource.cpp:
+ (WebCore::CachedResource::defaultPriorityForResourceType): Keep our current behavior and treat
+ a favicon resource analogous to a raw resource.
+ * loader/cache/CachedResource.h:
+ (WebCore::CachedResource::isMainOrMediaOrFaviconOrRawResource): Renamed; formerly named isMainOrMediaOrRawResource.
+ Also return true if the this resource is a favicon.
+ (WebCore::CachedResource::ignoreForRequestCount): Keep our current behavior and treat a
+ favicon resource analogous to a raw resource.
+ (WebCore::CachedResource::isMainOrMediaOrRawResource): Deleted; renamed to isMainOrMediaOrFaviconOrRawResource.
+ * loader/cache/CachedResourceLoader.cpp:
+ (WebCore::createResource): Keep our current behavior and treat a favicon resource analogous
+ to a raw resource.
+ (WebCore::CachedResourceLoader::requestFavicon): Added.
+ (WebCore::contentTypeFromResourceType): Keep our current behavior and treat a favicon
+ resource analogous to a raw resource.
+ (WebCore::CachedResourceLoader::checkInsecureContent): Ditto.
+ (WebCore::CachedResourceLoader::allowedByContentSecurityPolicy): Check if the favicon is
+ allowed by the CSP of the page.
+ (WebCore::CachedResourceLoader::determineRevalidationPolicy): Update for renaming.
+ * loader/cache/CachedResourceLoader.h:
+ * loader/icon/IconLoader.cpp:
+ (WebCore::IconLoader::startLoading): Substitute call CachedResourceLoader::requestFavicon() for CachedResourceLoader::requestRawResource()
+ and remove comment about ContentSecurityPolicyImposition::DoPolicyCheck being a placeholder. This is no longer the
+ case. This resource request option is now meaningful as we want to apply the CSP of the page with respect to the
+ request for the favicon.
+
2017-06-09 Wenson Hsieh <[email protected]>
[iOS DnD] Add a hook to perform two-step drops in editable content
Modified: trunk/Source/WebCore/inspector/InspectorPageAgent.cpp (218014 => 218015)
--- trunk/Source/WebCore/inspector/InspectorPageAgent.cpp 2017-06-09 20:10:59 UTC (rev 218014)
+++ trunk/Source/WebCore/inspector/InspectorPageAgent.cpp 2017-06-09 20:45:37 UTC (rev 218015)
@@ -140,6 +140,7 @@
*result = downcast<CachedScript>(*cachedResource).script().toString();
return true;
case CachedResource::MediaResource:
+ case CachedResource::Favicon:
case CachedResource::RawResource: {
auto* buffer = cachedResource->resourceBuffer();
if (!buffer)
@@ -291,6 +292,7 @@
case CachedResource::MainResource:
return InspectorPageAgent::DocumentResource;
case CachedResource::MediaResource:
+ case CachedResource::Favicon:
case CachedResource::RawResource: {
switch (cachedResource.resourceRequest().requester()) {
case ResourceRequest::Requester::Fetch:
Modified: trunk/Source/WebCore/loader/LinkLoader.cpp (218014 => 218015)
--- trunk/Source/WebCore/loader/LinkLoader.cpp 2017-06-09 20:10:59 UTC (rev 218014)
+++ trunk/Source/WebCore/loader/LinkLoader.cpp 2017-06-09 20:45:37 UTC (rev 218015)
@@ -153,6 +153,7 @@
case CachedResource::RawResource:
return LinkPreloadRawResourceClient::create(loader, static_cast<CachedRawResource&>(resource));
case CachedResource::MainResource:
+ case CachedResource::Favicon:
#if ENABLE(SVG_FONTS)
case CachedResource::SVGFontResource:
#endif
Modified: trunk/Source/WebCore/loader/ResourceLoadInfo.cpp (218014 => 218015)
--- trunk/Source/WebCore/loader/ResourceLoadInfo.cpp 2017-06-09 20:10:59 UTC (rev 218014)
+++ trunk/Source/WebCore/loader/ResourceLoadInfo.cpp 2017-06-09 20:45:37 UTC (rev 218015)
@@ -56,6 +56,7 @@
return ResourceType::Font;
case CachedResource::MediaResource:
+ case CachedResource::Favicon:
case CachedResource::RawResource:
return ResourceType::Raw;
Modified: trunk/Source/WebCore/loader/SubresourceLoader.cpp (218014 => 218015)
--- trunk/Source/WebCore/loader/SubresourceLoader.cpp 2017-06-09 20:10:59 UTC (rev 218014)
+++ trunk/Source/WebCore/loader/SubresourceLoader.cpp 2017-06-09 20:45:37 UTC (rev 218015)
@@ -448,6 +448,7 @@
resourceType = DiagnosticLoggingKeys::fontKey();
break;
case CachedResource::MediaResource:
+ case CachedResource::Favicon:
case CachedResource::RawResource:
resourceType = DiagnosticLoggingKeys::rawKey();
break;
Modified: trunk/Source/WebCore/loader/cache/CachedRawResource.cpp (218014 => 218015)
--- trunk/Source/WebCore/loader/cache/CachedRawResource.cpp 2017-06-09 20:10:59 UTC (rev 218014)
+++ trunk/Source/WebCore/loader/cache/CachedRawResource.cpp 2017-06-09 20:45:37 UTC (rev 218015)
@@ -41,7 +41,7 @@
, m_identifier(0)
, m_allowEncodedDataReplacement(true)
{
- ASSERT(isMainOrMediaOrRawResource());
+ ASSERT(isMainOrMediaOrFaviconOrRawResource());
}
std::optional<SharedBufferDataView> CachedRawResource::calculateIncrementalDataChunk(const SharedBuffer* data) const
Modified: trunk/Source/WebCore/loader/cache/CachedRawResource.h (218014 => 218015)
--- trunk/Source/WebCore/loader/cache/CachedRawResource.h 2017-06-09 20:10:59 UTC (rev 218014)
+++ trunk/Source/WebCore/loader/cache/CachedRawResource.h 2017-06-09 20:45:37 UTC (rev 218015)
@@ -98,5 +98,5 @@
} // namespace WebCore
SPECIALIZE_TYPE_TRAITS_BEGIN(WebCore::CachedRawResource)
- static bool isType(const WebCore::CachedResource& resource) { return resource.isMainOrMediaOrRawResource(); }
+ static bool isType(const WebCore::CachedResource& resource) { return resource.isMainOrMediaOrFaviconOrRawResource(); }
SPECIALIZE_TYPE_TRAITS_END()
Modified: trunk/Source/WebCore/loader/cache/CachedResource.cpp (218014 => 218015)
--- trunk/Source/WebCore/loader/cache/CachedResource.cpp 2017-06-09 20:10:59 UTC (rev 218014)
+++ trunk/Source/WebCore/loader/cache/CachedResource.cpp 2017-06-09 20:45:37 UTC (rev 218015)
@@ -78,6 +78,7 @@
case CachedResource::MediaResource:
case CachedResource::FontResource:
case CachedResource::RawResource:
+ case CachedResource::Favicon:
return ResourceLoadPriority::Medium;
case CachedResource::ImageResource:
return ResourceLoadPriority::Low;
Modified: trunk/Source/WebCore/loader/cache/CachedResource.h (218014 => 218015)
--- trunk/Source/WebCore/loader/cache/CachedResource.h 2017-06-09 20:10:59 UTC (rev 218014)
+++ trunk/Source/WebCore/loader/cache/CachedResource.h 2017-06-09 20:45:37 UTC (rev 218015)
@@ -71,6 +71,7 @@
#endif
MediaResource,
RawResource,
+ Favicon,
SVGDocumentResource
#if ENABLE(XSLT)
, XSLStyleSheet
@@ -161,7 +162,7 @@
bool isImage() const { return type() == ImageResource; }
// FIXME: CachedRawResource could be a main resource, an audio/video resource, or a raw XHR/icon resource.
- bool isMainOrMediaOrRawResource() const { return type() == MainResource || type() == MediaResource || type() == RawResource; }
+ bool isMainOrMediaOrFaviconOrRawResource() const { return type() == MainResource || type() == MediaResource || type() == Favicon || type() == RawResource; }
bool ignoreForRequestCount() const
{
return m_resourceRequest.ignoreForRequestCount()
@@ -170,6 +171,7 @@
|| type() == LinkPrefetch
|| type() == LinkSubresource
#endif
+ || type() == Favicon
|| type() == RawResource;
}
Modified: trunk/Source/WebCore/loader/cache/CachedResourceLoader.cpp (218014 => 218015)
--- trunk/Source/WebCore/loader/cache/CachedResourceLoader.cpp 2017-06-09 20:10:59 UTC (rev 218014)
+++ trunk/Source/WebCore/loader/cache/CachedResourceLoader.cpp 2017-06-09 20:45:37 UTC (rev 218015)
@@ -105,6 +105,7 @@
return new CachedFont(WTFMove(request), sessionID);
case CachedResource::MediaResource:
case CachedResource::RawResource:
+ case CachedResource::Favicon:
case CachedResource::MainResource:
return new CachedRawResource(WTFMove(request), type, sessionID);
#if ENABLE(XSLT)
@@ -276,6 +277,11 @@
return downcast<CachedRawResource>(requestResource(CachedResource::MediaResource, WTFMove(request)).get());
}
+CachedResourceHandle<CachedRawResource> CachedResourceLoader::requestFavicon(CachedResourceRequest&& request)
+{
+ return downcast<CachedRawResource>(requestResource(CachedResource::Favicon, WTFMove(request)).get());
+}
+
CachedResourceHandle<CachedRawResource> CachedResourceLoader::requestRawResource(CachedResourceRequest&& request)
{
return downcast<CachedRawResource>(requestResource(CachedResource::RawResource, WTFMove(request)).get());
@@ -307,6 +313,7 @@
#endif
case CachedResource::RawResource:
+ case CachedResource::Favicon:
case CachedResource::SVGDocumentResource:
return MixedContentChecker::ContentType::Active;
#if ENABLE(XSLT)
@@ -357,6 +364,7 @@
#endif
case CachedResource::MediaResource:
case CachedResource::RawResource:
+ case CachedResource::Favicon:
case CachedResource::ImageResource:
#if ENABLE(SVG_FONTS)
case CachedResource::SVGFontResource:
@@ -404,6 +412,7 @@
return false;
break;
case CachedResource::SVGDocumentResource:
+ case CachedResource::Favicon:
case CachedResource::ImageResource:
if (!m_document->contentSecurityPolicy()->allowImageFromSource(url, redirectResponseReceived))
return false;
@@ -944,7 +953,7 @@
// FIXME: We should use the same cache policy for all resource types. The raw resource policy is overly strict
// while the normal subresource policy is too loose.
- if (existingResource->isMainOrMediaOrRawResource() && frame()) {
+ if (existingResource->isMainOrMediaOrFaviconOrRawResource() && frame()) {
bool strictPolicyDisabled = frame()->loader().isStrictRawResourceValidationPolicyDisabledForTesting();
bool canReuseRawResource = strictPolicyDisabled || downcast<CachedRawResource>(*existingResource).canReuse(request);
if (!canReuseRawResource)
Modified: trunk/Source/WebCore/loader/cache/CachedResourceLoader.h (218014 => 218015)
--- trunk/Source/WebCore/loader/cache/CachedResourceLoader.h 2017-06-09 20:10:59 UTC (rev 218014)
+++ trunk/Source/WebCore/loader/cache/CachedResourceLoader.h 2017-06-09 20:45:37 UTC (rev 218015)
@@ -79,6 +79,7 @@
CachedResourceHandle<CachedScript> requestScript(CachedResourceRequest&&);
CachedResourceHandle<CachedFont> requestFont(CachedResourceRequest&&, bool isSVG);
CachedResourceHandle<CachedRawResource> requestMedia(CachedResourceRequest&&);
+ CachedResourceHandle<CachedRawResource> requestFavicon(CachedResourceRequest&&);
CachedResourceHandle<CachedRawResource> requestRawResource(CachedResourceRequest&&);
CachedResourceHandle<CachedRawResource> requestMainResource(CachedResourceRequest&&);
CachedResourceHandle<CachedSVGDocument> requestSVGDocument(CachedResourceRequest&&);
Modified: trunk/Source/WebCore/loader/icon/IconLoader.cpp (218014 => 218015)
--- trunk/Source/WebCore/loader/icon/IconLoader.cpp 2017-06-09 20:10:59 UTC (rev 218014)
+++ trunk/Source/WebCore/loader/icon/IconLoader.cpp 2017-06-09 20:45:37 UTC (rev 218015)
@@ -83,13 +83,12 @@
auto resourceRequestURL = resourceRequest.url();
#endif
- // ContentSecurityPolicyImposition::DoPolicyCheck is a placeholder value. It does not affect the request since Content Security Policy does not apply to raw resources.
CachedResourceRequest request(WTFMove(resourceRequest), ResourceLoaderOptions(SendCallbacks, SniffContent, BufferData, DoNotAllowStoredCredentials, ClientCredentialPolicy::CannotAskClientForCredentials, FetchOptions::Credentials::Omit, DoSecurityCheck, FetchOptions::Mode::NoCors, DoNotIncludeCertificateInfo, ContentSecurityPolicyImposition::DoPolicyCheck, DefersLoadingPolicy::AllowDefersLoading, CachingPolicy::AllowCaching));
request.setInitiator(cachedResourceRequestInitiators().icon);
auto* frame = m_frame ? m_frame : m_documentLoader->frame();
- m_resource = frame->document()->cachedResourceLoader().requestRawResource(WTFMove(request));
+ m_resource = frame->document()->cachedResourceLoader().requestFavicon(WTFMove(request));
if (m_resource)
m_resource->addClient(*this);
else
Modified: trunk/Source/WebKit2/ChangeLog (218014 => 218015)
--- trunk/Source/WebKit2/ChangeLog 2017-06-09 20:10:59 UTC (rev 218014)
+++ trunk/Source/WebKit2/ChangeLog 2017-06-09 20:45:37 UTC (rev 218015)
@@ -1,3 +1,16 @@
+2017-06-09 Daniel Bates <[email protected]>
+
+ CSP: Apply img-src directive to favicon loads
+ https://bugs.webkit.org/show_bug.cgi?id=172733
+ <rdar://problem/32082654>
+
+ Reviewed by Brady Eidson.
+
+ Return 0 seconds for the maximum buffering time for favicons (no change in behavior).
+
+ * WebProcess/Network/WebLoaderStrategy.cpp:
+ (WebKit::maximumBufferingTime):
+
2017-06-09 Wenson Hsieh <[email protected]>
[iOS DnD] Add a hook to perform two-step drops in editable content
Modified: trunk/Source/WebKit2/WebProcess/Network/WebLoaderStrategy.cpp (218014 => 218015)
--- trunk/Source/WebKit2/WebProcess/Network/WebLoaderStrategy.cpp 2017-06-09 20:10:59 UTC (rev 218014)
+++ trunk/Source/WebKit2/WebProcess/Network/WebLoaderStrategy.cpp 2017-06-09 20:45:37 UTC (rev 218015)
@@ -117,6 +117,7 @@
case CachedResource::MediaResource:
return 50_ms;
case CachedResource::MainResource:
+ case CachedResource::Favicon:
case CachedResource::RawResource:
case CachedResource::SVGDocumentResource:
#if ENABLE(LINK_PREFETCH)
