Diff
Modified: trunk/LayoutTests/ChangeLog (221016 => 221017)
--- trunk/LayoutTests/ChangeLog 2017-08-22 16:13:22 UTC (rev 221016)
+++ trunk/LayoutTests/ChangeLog 2017-08-22 16:22:22 UTC (rev 221017)
@@ -1,3 +1,36 @@
+2017-08-22 Brent Fulgham <[email protected]> and Pranjal Jumde <[email protected]>
+
+ Disable access to secure cookies if an HTTPS site loads mixed content
+ https://bugs.webkit.org/show_bug.cgi?id=157053
+ <rdar://problem/11290808>
+
+ Reviewed by Dan Bates.
+
+ * http/tests/security/mixedContent/insecure-css-with-secure-cookies-expected.txt: Added.
+ * http/tests/security/mixedContent/insecure-css-with-secure-cookies.html: Added.
+ * http/tests/security/mixedContent/insecure-executable-css-with-secure-cookies.html: Added.
+ * http/tests/security/mixedContent/insecure-executable-css-with-secure-cookies-expected.txt: Added.
+ * http/tests/security/mixedContent/insecure-image-with-securecookie-block-expected.txt: Added.
+ * http/tests/security/mixedContent/insecure-image-with-securecookie-block.html: Added.
+ * http/tests/security/mixedContent/insecure-image-with-securecookie-expected.txt: Added.
+ * http/tests/security/mixedContent/insecure-image-with-securecookie.html: Added.
+ * http/tests/security/mixedContent/insecure-script-with-secure-cookies-expected.txt: Added.
+ * http/tests/security/mixedContent/insecure-script-with-secure-cookies.html: Added.
+ * http/tests/security/mixedContent/redirect-https-to-http-image-secure-cookies-block-expected.txt: Added.
+ * http/tests/security/mixedContent/redirect-https-to-http-image-secure-cookies-block.html: Added.
+ * http/tests/security/mixedContent/redirect-https-to-http-image-secure-cookies-expected.txt: Added.
+ * http/tests/security/mixedContent/redirect-https-to-http-image-secure-cookies.html: Added.
+ * http/tests/security/mixedContent/resources/frame-with-insecure-css-secure-cookies.html: Added.
+ * http/tests/security/mixedContent/resources/frame-with-insecure-executable-css-with-secure-cookies.html: Added.
+ * http/tests/security/mixedContent/resources/frame-with-insecure-image-secure-cookie-block.html: Added.
+ * http/tests/security/mixedContent/resources/frame-with-insecure-image-secure-cookie.html: Added.
+ * http/tests/security/mixedContent/resources/frame-with-insecure-script-secure-cookies.html: Added.
+ * http/tests/security/mixedContent/resources/frame-with-redirect-https-to-http-image-secure-cookie-block.html: Added.
+ * http/tests/security/mixedContent/resources/frame-with-redirect-https-to-http-image-secure-cookie.html: Added.
+ * http/tests/security/mixedContent/resources/insecure-executable.css: Added.
+ * http/tests/security/mixedContent/resources/insecure.css: Added.
+ * http/tests/security/resources/greenbox-hotspot5-4.cur: Added.
+
2017-08-22 Jer Noble <[email protected]>
Autoplay Muted Videos Don't Play When Outside Viewport
Added: trunk/LayoutTests/http/tests/security/mixedContent/insecure-css-with-secure-cookies-expected.txt (0 => 221017)
--- trunk/LayoutTests/http/tests/security/mixedContent/insecure-css-with-secure-cookies-expected.txt (rev 0)
+++ trunk/LayoutTests/http/tests/security/mixedContent/insecure-css-with-secure-cookies-expected.txt 2017-08-22 16:22:22 UTC (rev 221017)
@@ -0,0 +1,11 @@
+main frame - didFinishDocumentLoadForFrame
+main frame - didStartProvisionalLoadForFrame
+main frame - didHandleOnloadEventsForFrame
+main frame - didFinishLoadForFrame
+main frame - didCommitLoadForFrame
+CONSOLE MESSAGE: line 6: secureCookie=yes
+CONSOLE MESSAGE: The page at https://127.0.0.1:8443/security/mixedContent/resources/frame-with-insecure-css-secure-cookies.html was allowed to display insecure content from http://127.0.0.1:8080/security/resources/greenbox-hotspot5-4.cur.
+
+didDisplayInsecureContent
+main frame - didFinishDocumentLoadForFrame
+This test opens a window that loads a secure style sheet with insecure cursor content after reading secure cookies. This should be allowed because loading of the insecure cursor does not pose a security risk since it can only affect the display.
Added: trunk/LayoutTests/http/tests/security/mixedContent/insecure-css-with-secure-cookies.html (0 => 221017)
--- trunk/LayoutTests/http/tests/security/mixedContent/insecure-css-with-secure-cookies.html (rev 0)
+++ trunk/LayoutTests/http/tests/security/mixedContent/insecure-css-with-secure-cookies.html 2017-08-22 16:22:22 UTC (rev 221017)
@@ -0,0 +1,26 @@
+<!DOCTYPE html>
+<html>
+<body>
+<script>
+if (window.testRunner) {
+ testRunner.waitUntilDone();
+ testRunner.dumpAsText();
+ testRunner.dumpFrameLoadCallbacks();
+ testRunner.setCanOpenWindows();
+ testRunner.setCloseRemainingWindowsWhenComplete(true);
+}
+
+window.addEventListener("message", function (e) {
+ if (window.testRunner)
+ testRunner.notifyDone();
+}, false);
+
+</script>
+<p>This test opens a window that loads a secure style sheet with insecure cursor content after reading secure cookies. This should be allowed because loading of the insecure cursor does not pose a security risk since it can only affect the display.</p>
+<script>
+_onload_ = function() {
+ window.open("https://127.0.0.1:8443/security/mixedContent/resources/frame-with-insecure-css-secure-cookies.html");
+}
+</script>
+</body>
+</html>
Added: trunk/LayoutTests/http/tests/security/mixedContent/insecure-executable-css-with-secure-cookies.html (0 => 221017)
--- trunk/LayoutTests/http/tests/security/mixedContent/insecure-executable-css-with-secure-cookies.html (rev 0)
+++ trunk/LayoutTests/http/tests/security/mixedContent/insecure-executable-css-with-secure-cookies.html 2017-08-22 16:22:22 UTC (rev 221017)
@@ -0,0 +1,26 @@
+<!DOCTYPE html>
+<html>
+<body>
+<script>
+if (window.testRunner) {
+ testRunner.waitUntilDone();
+ testRunner.dumpAsText();
+ testRunner.dumpFrameLoadCallbacks();
+ testRunner.setCanOpenWindows();
+ testRunner.setCloseRemainingWindowsWhenComplete(true);
+}
+
+window.addEventListener("message", function (e) {
+ if (window.testRunner)
+ testRunner.notifyDone();
+}, false);
+
+</script>
+<p>This test opens a window that loads a secure style sheet with insecure content after reading secure cookies. This should block loading of the insecure content since secure cookie was read.</p>
+<script>
+_onload_ = function() {
+ window.open("https://127.0.0.1:8443/security/mixedContent/resources/frame-with-insecure-executable-css-with-secure-cookies.html");
+}
+</script>
+</body>
+</html>
Added: trunk/LayoutTests/http/tests/security/mixedContent/insecure-image-with-securecookie-block-expected.txt (0 => 221017)
--- trunk/LayoutTests/http/tests/security/mixedContent/insecure-image-with-securecookie-block-expected.txt (rev 0)
+++ trunk/LayoutTests/http/tests/security/mixedContent/insecure-image-with-securecookie-block-expected.txt 2017-08-22 16:22:22 UTC (rev 221017)
@@ -0,0 +1,4 @@
+CONSOLE MESSAGE: line 4: The page at https://127.0.0.1:8443/security/mixedContent/resources/frame-with-insecure-image-secure-cookie-block.html was allowed to display insecure content from http://127.0.0.1:8080/security/resources/compass.jpg.
+
+CONSOLE MESSAGE: line 6:
+This test opens a window that tries to read a secure cookie after an insecure image has been loaded. This should block reading of the secure cookie since insecure content was loaded on this page.
Added: trunk/LayoutTests/http/tests/security/mixedContent/insecure-image-with-securecookie-block.html (0 => 221017)
--- trunk/LayoutTests/http/tests/security/mixedContent/insecure-image-with-securecookie-block.html (rev 0)
+++ trunk/LayoutTests/http/tests/security/mixedContent/insecure-image-with-securecookie-block.html 2017-08-22 16:22:22 UTC (rev 221017)
@@ -0,0 +1,25 @@
+<!DOCTYPE html>
+<html>
+<body>
+<script>
+if (window.testRunner) {
+ testRunner.waitUntilDone();
+ testRunner.dumpAsText();
+ testRunner.setCanOpenWindows();
+ testRunner.setCloseRemainingWindowsWhenComplete(true);
+}
+
+window.addEventListener("message", function (e) {
+ if (window.testRunner)
+ testRunner.notifyDone();
+}, false);
+
+</script>
+<p>This test opens a window that tries to read a secure cookie after an insecure image has been loaded. This should block reading of the secure cookie since insecure content was loaded on this page.</p>
+<script>
+_onload_ = function() {
+ window.open("https://127.0.0.1:8443/security/mixedContent/resources/frame-with-insecure-image-secure-cookie-block.html");
+}
+</script>
+</body>
+</html>
Added: trunk/LayoutTests/http/tests/security/mixedContent/insecure-image-with-securecookie-expected.txt (0 => 221017)
--- trunk/LayoutTests/http/tests/security/mixedContent/insecure-image-with-securecookie-expected.txt (rev 0)
+++ trunk/LayoutTests/http/tests/security/mixedContent/insecure-image-with-securecookie-expected.txt 2017-08-22 16:22:22 UTC (rev 221017)
@@ -0,0 +1,4 @@
+CONSOLE MESSAGE: line 3: secureCookie=yes
+CONSOLE MESSAGE: line 5: The page at https://127.0.0.1:8443/security/mixedContent/resources/frame-with-insecure-image-secure-cookie.html was allowed to display insecure content from http://127.0.0.1:8080/security/resources/compass.jpg.
+
+This test opens a window that tries to read a secure cookie and then load an insecure image. This should not block loading of the insecure image, even though a secure cookie was accessed on this page, because insecure images can only affect pixels on the screen, not expose private data.
Added: trunk/LayoutTests/http/tests/security/mixedContent/insecure-image-with-securecookie.html (0 => 221017)
--- trunk/LayoutTests/http/tests/security/mixedContent/insecure-image-with-securecookie.html (rev 0)
+++ trunk/LayoutTests/http/tests/security/mixedContent/insecure-image-with-securecookie.html 2017-08-22 16:22:22 UTC (rev 221017)
@@ -0,0 +1,24 @@
+<!DOCTYPE html>
+<html>
+<body>
+<script>
+if (window.testRunner) {
+ testRunner.waitUntilDone();
+ testRunner.dumpAsText();
+ testRunner.setCanOpenWindows();
+ testRunner.setCloseRemainingWindowsWhenComplete(true);
+}
+
+window.addEventListener("message", function (e) {
+ if (window.testRunner)
+ testRunner.notifyDone();
+}, false);
+</script>
+<p>This test opens a window that tries to read a secure cookie and then load an insecure image. This should not block loading of the insecure image, even though a secure cookie was accessed on this page, because insecure images can only affect pixels on the screen, not expose private data.</p>
+<script>
+_onload_ = function() {
+ window.open("https://127.0.0.1:8443/security/mixedContent/resources/frame-with-insecure-image-secure-cookie.html");
+}
+</script>
+</body>
+</html>
Added: trunk/LayoutTests/http/tests/security/mixedContent/insecure-script-with-secure-cookies-expected.txt (0 => 221017)
--- trunk/LayoutTests/http/tests/security/mixedContent/insecure-script-with-secure-cookies-expected.txt (rev 0)
+++ trunk/LayoutTests/http/tests/security/mixedContent/insecure-script-with-secure-cookies-expected.txt 2017-08-22 16:22:22 UTC (rev 221017)
@@ -0,0 +1,6 @@
+CONSOLE MESSAGE: line 3: secureCookie=yes
+CONSOLE MESSAGE: [blocked] The page at https://127.0.0.1:8443/security/mixedContent/resources/frame-with-insecure-script-secure-cookies.html was not allowed to run insecure content from http://127.0.0.1:8080/security/mixedContent/resources/script.js.
+
+This test loads a secure iframe that reads secure cookies and then tries to load an insecure script. This should block the insecure script since secure cookies were read.
+
+
Added: trunk/LayoutTests/http/tests/security/mixedContent/insecure-script-with-secure-cookies.html (0 => 221017)
--- trunk/LayoutTests/http/tests/security/mixedContent/insecure-script-with-secure-cookies.html (rev 0)
+++ trunk/LayoutTests/http/tests/security/mixedContent/insecure-script-with-secure-cookies.html 2017-08-22 16:22:22 UTC (rev 221017)
@@ -0,0 +1,11 @@
+<!DOCTYPE html>
+<html>
+<body>
+<script>
+if (window.testRunner)
+ testRunner.dumpAsText();
+</script>
+<p>This test loads a secure iframe that reads secure cookies and then tries to load an insecure script. This should block the insecure script since secure cookies were read.</p>
+<iframe src=""
+</body>
+</html>
Added: trunk/LayoutTests/http/tests/security/mixedContent/redirect-https-to-http-image-secure-cookies-block-expected.txt (0 => 221017)
--- trunk/LayoutTests/http/tests/security/mixedContent/redirect-https-to-http-image-secure-cookies-block-expected.txt (rev 0)
+++ trunk/LayoutTests/http/tests/security/mixedContent/redirect-https-to-http-image-secure-cookies-block-expected.txt 2017-08-22 16:22:22 UTC (rev 221017)
@@ -0,0 +1,13 @@
+main frame - didFinishDocumentLoadForFrame
+main frame - didStartProvisionalLoadForFrame
+main frame - didHandleOnloadEventsForFrame
+main frame - didFinishLoadForFrame
+main frame - didCommitLoadForFrame
+main frame - didFinishDocumentLoadForFrame
+CONSOLE MESSAGE: The page at https://127.0.0.1:8443/security/mixedContent/resources/frame-with-redirect-https-to-http-image-secure-cookie-block.html was allowed to display insecure content from http://127.0.0.1:8080/security/resources/compass.jpg.
+
+didDisplayInsecureContent
+CONSOLE MESSAGE: line 8:
+main frame - didHandleOnloadEventsForFrame
+main frame - didFinishLoadForFrame
+This test opens a window that loads an insecure image (via a tricky redirect) and then tries to read a secure cookie. This should block the secure cookie from being read because insecure content was loaded while loading a main frame.
Added: trunk/LayoutTests/http/tests/security/mixedContent/redirect-https-to-http-image-secure-cookies-block.html (0 => 221017)
--- trunk/LayoutTests/http/tests/security/mixedContent/redirect-https-to-http-image-secure-cookies-block.html (rev 0)
+++ trunk/LayoutTests/http/tests/security/mixedContent/redirect-https-to-http-image-secure-cookies-block.html 2017-08-22 16:22:22 UTC (rev 221017)
@@ -0,0 +1,24 @@
+<!DOCTYPE html>
+<html>
+<body>
+<script>
+if (window.testRunner) {
+ testRunner.waitUntilDone();
+ testRunner.dumpAsText();
+ testRunner.dumpFrameLoadCallbacks();
+ testRunner.setCanOpenWindows();
+ testRunner.setCloseRemainingWindowsWhenComplete(true);
+}
+window.addEventListener("message", function (e) {
+ if (window.testRunner)
+ testRunner.notifyDone()
+}, false);
+</script>
+<p>This test opens a window that loads an insecure image (via a tricky redirect) and then tries to read a secure cookie. This should block the secure cookie from being read because insecure content was loaded while loading a main frame.</p>
+<script>
+_onload_ = function() {
+ window.open("https://127.0.0.1:8443/security/mixedContent/resources/frame-with-redirect-https-to-http-image-secure-cookie-block.html");
+}
+</script>
+</body>
+</html>
Added: trunk/LayoutTests/http/tests/security/mixedContent/redirect-https-to-http-image-secure-cookies-expected.txt (0 => 221017)
--- trunk/LayoutTests/http/tests/security/mixedContent/redirect-https-to-http-image-secure-cookies-expected.txt (rev 0)
+++ trunk/LayoutTests/http/tests/security/mixedContent/redirect-https-to-http-image-secure-cookies-expected.txt 2017-08-22 16:22:22 UTC (rev 221017)
@@ -0,0 +1,13 @@
+main frame - didFinishDocumentLoadForFrame
+main frame - didStartProvisionalLoadForFrame
+main frame - didHandleOnloadEventsForFrame
+main frame - didFinishLoadForFrame
+main frame - didCommitLoadForFrame
+CONSOLE MESSAGE: line 4: secureCookie=yes
+main frame - didFinishDocumentLoadForFrame
+CONSOLE MESSAGE: The page at https://127.0.0.1:8443/security/mixedContent/resources/frame-with-redirect-https-to-http-image-secure-cookie.html was allowed to display insecure content from http://127.0.0.1:8080/security/resources/compass.jpg.
+
+didDisplayInsecureContent
+main frame - didHandleOnloadEventsForFrame
+main frame - didFinishLoadForFrame
+This test opens a window that reads a secure cookie and then loads an insecure image (via a tricky redirect). This should not block the insecure image from loading even though a secure cookie was accessed, because an insecure image can only affect pixels on screen, not expose private data.
Added: trunk/LayoutTests/http/tests/security/mixedContent/redirect-https-to-http-image-secure-cookies.html (0 => 221017)
--- trunk/LayoutTests/http/tests/security/mixedContent/redirect-https-to-http-image-secure-cookies.html (rev 0)
+++ trunk/LayoutTests/http/tests/security/mixedContent/redirect-https-to-http-image-secure-cookies.html 2017-08-22 16:22:22 UTC (rev 221017)
@@ -0,0 +1,26 @@
+<!DOCTYPE html>
+<html>
+<body>
+<script>
+if (window.testRunner) {
+ testRunner.waitUntilDone();
+ testRunner.dumpAsText();
+ testRunner.dumpFrameLoadCallbacks();
+ testRunner.setCanOpenWindows();
+ testRunner.setCloseRemainingWindowsWhenComplete(true);
+}
+window.addEventListener("message", function (e) {
+ if (e.data != "done")
+ alert("should have loaded the insecure content");
+ if (window.testRunner)
+ testRunner.notifyDone()
+}, false);
+</script>
+<p>This test opens a window that reads a secure cookie and then loads an insecure image (via a tricky redirect). This should not block the insecure image from loading even though a secure cookie was accessed, because an insecure image can only affect pixels on screen, not expose private data.</p>
+<script>
+_onload_ = function() {
+ window.open("https://127.0.0.1:8443/security/mixedContent/resources/frame-with-redirect-https-to-http-image-secure-cookie.html");
+}
+</script>
+</body>
+</html>
Added: trunk/LayoutTests/http/tests/security/mixedContent/resources/frame-with-insecure-css-secure-cookies.html (0 => 221017)
--- trunk/LayoutTests/http/tests/security/mixedContent/resources/frame-with-insecure-css-secure-cookies.html (rev 0)
+++ trunk/LayoutTests/http/tests/security/mixedContent/resources/frame-with-insecure-css-secure-cookies.html 2017-08-22 16:22:22 UTC (rev 221017)
@@ -0,0 +1,18 @@
+<!DOCTYPE html>
+<html>
+<head>
+<script>
+ document.cookie = "secureCookie=yes;secure";
+ console.log(document.cookie);
+</script>
+<link rel="stylesheet" href=""
+</head>
+<body>
+Loading css cursor from insecure source.
+<script>
+if (window.opener)
+ window.opener.postMessage('done', '*');
+</script>
+</body>
+</html>
+
Added: trunk/LayoutTests/http/tests/security/mixedContent/resources/frame-with-insecure-executable-css-with-secure-cookies.html (0 => 221017)
--- trunk/LayoutTests/http/tests/security/mixedContent/resources/frame-with-insecure-executable-css-with-secure-cookies.html (rev 0)
+++ trunk/LayoutTests/http/tests/security/mixedContent/resources/frame-with-insecure-executable-css-with-secure-cookies.html 2017-08-22 16:22:22 UTC (rev 221017)
@@ -0,0 +1,18 @@
+<!DOCTYPE html>
+<html>
+<head>
+<script>
+ document.cookie = "secureCookie=yes;secure";
+ console.log(document.cookie);
+</script>
+<link rel="stylesheet" href=""
+</head>
+<body id="test">
+Loading css document from insecure source.
+<script>
+if (window.opener)
+ window.opener.postMessage('done', '*');
+</script>
+</body>
+</html>
+
Added: trunk/LayoutTests/http/tests/security/mixedContent/resources/frame-with-insecure-image-secure-cookie-block.html (0 => 221017)
--- trunk/LayoutTests/http/tests/security/mixedContent/resources/frame-with-insecure-image-secure-cookie-block.html (rev 0)
+++ trunk/LayoutTests/http/tests/security/mixedContent/resources/frame-with-insecure-image-secure-cookie-block.html 2017-08-22 16:22:22 UTC (rev 221017)
@@ -0,0 +1,11 @@
+<script>
+ document.cookie = "secureCookie=yes;secure";
+</script>
+<img src=""
+<script>
+console.log(document.cookie);
+window._onload_ = function() {
+ if (window.opener)
+ window.opener.postMessage('done', '*');
+};
+</script>
Added: trunk/LayoutTests/http/tests/security/mixedContent/resources/frame-with-insecure-image-secure-cookie.html (0 => 221017)
--- trunk/LayoutTests/http/tests/security/mixedContent/resources/frame-with-insecure-image-secure-cookie.html (rev 0)
+++ trunk/LayoutTests/http/tests/security/mixedContent/resources/frame-with-insecure-image-secure-cookie.html 2017-08-22 16:22:22 UTC (rev 221017)
@@ -0,0 +1,11 @@
+<script>
+ document.cookie = "secureCookie=yes;secure";
+ console.log(document.cookie);
+</script>
+<img src=""
+<script>
+window._onload_ = function() {
+ if (window.opener)
+ window.opener.postMessage('done', '*');
+};
+</script>
Added: trunk/LayoutTests/http/tests/security/mixedContent/resources/frame-with-insecure-script-secure-cookies.html (0 => 221017)
--- trunk/LayoutTests/http/tests/security/mixedContent/resources/frame-with-insecure-script-secure-cookies.html (rev 0)
+++ trunk/LayoutTests/http/tests/security/mixedContent/resources/frame-with-insecure-script-secure-cookies.html 2017-08-22 16:22:22 UTC (rev 221017)
@@ -0,0 +1,11 @@
+<script>
+document.cookie = "secureCookie=yes;secure";
+console.log(document.cookie);
+</script>
+<script src=""
+<script>
+window._onload_ = function() {
+ if (window.opener)
+ window.opener.postMessage('done', '*');
+};
+</script>
Added: trunk/LayoutTests/http/tests/security/mixedContent/resources/frame-with-redirect-https-to-http-image-secure-cookie-block.html (0 => 221017)
--- trunk/LayoutTests/http/tests/security/mixedContent/resources/frame-with-redirect-https-to-http-image-secure-cookie-block.html (rev 0)
+++ trunk/LayoutTests/http/tests/security/mixedContent/resources/frame-with-redirect-https-to-http-image-secure-cookie-block.html 2017-08-22 16:22:22 UTC (rev 221017)
@@ -0,0 +1,13 @@
+<script>
+var frameDidLoad = false;
+document.cookie = "secureCookie=yes;secure";
+if (window.testRunner)
+ internals.settings.setAllowRunningOfInsecureContent(true);
+_onload_ = function()
+{
+ console.log(document.cookie);
+ if (window.opener)
+ window.opener.postMessage(frameDidLoad ? 'done' : 'blocked', '*');
+}
+</script>
+<img _onload_="window.frameDidLoad = true" src=""
Added: trunk/LayoutTests/http/tests/security/mixedContent/resources/frame-with-redirect-https-to-http-image-secure-cookie.html (0 => 221017)
--- trunk/LayoutTests/http/tests/security/mixedContent/resources/frame-with-redirect-https-to-http-image-secure-cookie.html (rev 0)
+++ trunk/LayoutTests/http/tests/security/mixedContent/resources/frame-with-redirect-https-to-http-image-secure-cookie.html 2017-08-22 16:22:22 UTC (rev 221017)
@@ -0,0 +1,11 @@
+<script>
+var frameDidLoad = false;
+document.cookie = "secureCookie=yes;secure";
+console.log(document.cookie);
+_onload_ = function()
+{
+ if (window.opener)
+ window.opener.postMessage(frameDidLoad ? 'done' : 'blocked', '*');
+}
+</script>
+<img _onload_="window.frameDidLoad = true" src=""
Added: trunk/LayoutTests/http/tests/security/mixedContent/resources/insecure-executable.css (0 => 221017)
--- trunk/LayoutTests/http/tests/security/mixedContent/resources/insecure-executable.css (rev 0)
+++ trunk/LayoutTests/http/tests/security/mixedContent/resources/insecure-executable.css 2017-08-22 16:22:22 UTC (rev 221017)
@@ -0,0 +1,4 @@
+@import url(http://127.0.0.1:8080/security/resources/insecure.css);
+body {
+ background-color: yellow, default;
+}
Added: trunk/LayoutTests/http/tests/security/mixedContent/resources/insecure.css (0 => 221017)
--- trunk/LayoutTests/http/tests/security/mixedContent/resources/insecure.css (rev 0)
+++ trunk/LayoutTests/http/tests/security/mixedContent/resources/insecure.css 2017-08-22 16:22:22 UTC (rev 221017)
@@ -0,0 +1,3 @@
+html {
+ cursor: url(http://127.0.0.1:8080/security/resources/greenbox-hotspot5-4.cur), default;
+}
Added: trunk/LayoutTests/http/tests/security/resources/greenbox-hotspot5-4.cur
(Binary files differ)
--- trunk/LayoutTests/http/tests/security/resources/greenbox-hotspot5-4.cur 2017-08-22 16:13:22 UTC (rev 221016)
+++ trunk/LayoutTests/http/tests/security/resources/greenbox-hotspot5-4.cur 2017-08-22 16:22:22 UTC (rev 221017)
Property changes on: trunk/LayoutTests/http/tests/security/resources/greenbox-hotspot5-4.cur
___________________________________________________________________
Added: svn:mime-type
+application/octet-stream
\ No newline at end of property
Modified: trunk/Source/WebCore/ChangeLog (221016 => 221017)
--- trunk/Source/WebCore/ChangeLog 2017-08-22 16:13:22 UTC (rev 221016)
+++ trunk/Source/WebCore/ChangeLog 2017-08-22 16:22:22 UTC (rev 221017)
@@ -1,3 +1,42 @@
+2017-08-22 Brent Fulgham <[email protected]> and Pranjal Jumde <[email protected]>
+
+ Disable access to secure cookies if an HTTPS site loads mixed content
+ https://bugs.webkit.org/show_bug.cgi?id=157053
+ <rdar://problem/11290808>
+
+ Reviewed by Dan Bates.
+
+ Tests: http/tests/security/mixedContent/insecure-css-with-secure-cookies.html
+ http/tests/security/mixedContent/insecure-image-with-securecookie-block.html
+ http/tests/security/mixedContent/insecure-image-with-securecookie.html
+ http/tests/security/mixedContent/insecure-script-with-secure-cookies.html
+ http/tests/security/mixedContent/redirect-https-to-http-image-secure-cookies-block.html
+ http/tests/security/mixedContent/redirect-https-to-http-image-secure-cookies.html
+
+ * dom/SecurityContext.h:
+ (WebCore::SecurityContext::secureCookiesAccessed): Added.
+ (WebCore::SecurityContext::setSecureCookiesAccessed): Added.
+ * loader/CookieJar.cpp:
+ (WebCore::cookies): Pass Document as non-const so we can call 'setSecureCookiesAccessed' if necessary.
+ * loader/CookieJar.h:
+ * loader/MixedContentChecker.cpp:
+ (WebCore::MixedContentChecker::canRunInsecureContent): Updated checks to avoid running insecure content
+ if secure cookies were accessed.
+ * platform/CookiesStrategy.h:
+ (WebCore::CookiesStrategy::cookiesForDOM): Pass new argument indicating whether secure cookies should be included in the response.
+ * platform/network/PlatformCookieJar.h:
+ * platform/network/cf/CookieJarCFNet.cpp:
+ (copyCookiesForURLWithFirstPartyURL): Revise to accept new 'IncludeSecureCookiesOrNot' argument.
+ (WebCore::cookiesForSession): Updated to accept new 'IncludeSecureCookiesOrNot' argument. Also determine if secure cookies were
+ included in the response, and return this to the caller.
+ (WebCore::cookieRequestHeaderFieldValue): Revise for new 'copyCookiesForURLWithFirstPartyURL' signature.
+ (WebCore::getRawCookies): Ditto.
+ * platform/network/mac/CookieJarMac.mm:
+ (WebCore::cookiesForSession): Updated checks to keep track of secure cookies and filter out secure cookies if insecure content
+ was accessed.
+ (WebCore::cookiesForDOM): Update for new arguments and to return a pair.
+ (WebCore::cookieRequestHeaderFieldValue): Ditto.
+
2017-08-22 Jer Noble <[email protected]>
Autoplay Muted Videos Don't Play When Outside Viewport
Modified: trunk/Source/WebCore/dom/SecurityContext.h (221016 => 221017)
--- trunk/Source/WebCore/dom/SecurityContext.h 2017-08-22 16:13:22 UTC (rev 221016)
+++ trunk/Source/WebCore/dom/SecurityContext.h 2017-08-22 16:22:22 UTC (rev 221017)
@@ -1,5 +1,6 @@
/*
* Copyright (C) 2011 Google Inc. All Rights Reserved.
+ * Copyright (C) 2017 Apple Inc. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -83,6 +84,8 @@
void setFoundMixedContent() { m_foundMixedContent = true; }
bool geolocationAccessed() const { return m_geolocationAccessed; }
void setGeolocationAccessed() { m_geolocationAccessed = true; }
+ bool secureCookiesAccessed() const { return m_secureCookiesAccessed; }
+ void setSecureCookiesAccessed() { m_secureCookiesAccessed = true; }
bool isStrictMixedContentMode() const { return m_isStrictMixedContentMode; }
void setStrictMixedContentMode(bool strictMixedContentMode) { m_isStrictMixedContentMode = strictMixedContentMode; }
@@ -111,6 +114,7 @@
bool m_haveInitializedSecurityOrigin { false };
bool m_foundMixedContent { false };
bool m_geolocationAccessed { false };
+ bool m_secureCookiesAccessed { false };
bool m_isStrictMixedContentMode { false };
};
Modified: trunk/Source/WebCore/loader/CookieJar.cpp (221016 => 221017)
--- trunk/Source/WebCore/loader/CookieJar.cpp 2017-08-22 16:13:22 UTC (rev 221016)
+++ trunk/Source/WebCore/loader/CookieJar.cpp 2017-08-22 16:22:22 UTC (rev 221017)
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2012, 2016 Apple Inc. All rights reserved.
+ * Copyright (C) 2012-2017 Apple Inc. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -54,11 +54,16 @@
return context ? context->storageSession() : NetworkStorageSession::defaultStorageSession();
}
-String cookies(const Document& document, const URL& url)
+String cookies(Document& document, const URL& url)
{
TraceScope scope(FetchCookiesStart, FetchCookiesEnd);
- return platformStrategies()->cookiesStrategy()->cookiesForDOM(storageSession(document), document.firstPartyForCookies(), url);
+ auto includeSecureCookiesOrNot = (url.protocolIs("https") && !document.foundMixedContent()) ? IncludeSecureCookies::Yes : IncludeSecureCookies::No;
+ auto result = platformStrategies()->cookiesStrategy()->cookiesForDOM(storageSession(document), document.firstPartyForCookies(), url, includeSecureCookiesOrNot);
+ if (result.second)
+ document.setSecureCookiesAccessed();
+
+ return result.first;
}
void setCookies(Document& document, const URL& url, const String& cookieString)
Modified: trunk/Source/WebCore/loader/CookieJar.h (221016 => 221017)
--- trunk/Source/WebCore/loader/CookieJar.h 2017-08-22 16:13:22 UTC (rev 221016)
+++ trunk/Source/WebCore/loader/CookieJar.h 2017-08-22 16:22:22 UTC (rev 221017)
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2003, 2006, 2008, 2012, 2016 Apple Inc. All rights reserved.
+ * Copyright (C) 2003-2017 Apple Inc. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -38,7 +38,7 @@
// Functions in this file take a Document pointer to determine which cookie storage to use. We should merge that into call sites, and use PlatformCookieJar directly.
// These two functions implement document.cookie API, with special rules for HttpOnly cookies.
-WEBCORE_EXPORT String cookies(const Document&, const URL&);
+WEBCORE_EXPORT String cookies(Document&, const URL&);
WEBCORE_EXPORT void setCookies(Document&, const URL&, const String& cookieString);
WEBCORE_EXPORT bool cookiesEnabled(const Document&);
Modified: trunk/Source/WebCore/loader/MixedContentChecker.cpp (221016 => 221017)
--- trunk/Source/WebCore/loader/MixedContentChecker.cpp 2017-08-22 16:13:22 UTC (rev 221016)
+++ trunk/Source/WebCore/loader/MixedContentChecker.cpp 2017-08-22 16:22:22 UTC (rev 221017)
@@ -1,5 +1,6 @@
/*
* Copyright (C) 2012 Google Inc. All rights reserved.
+ * Copyright (C) 2013-2017 Apple Inc. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -92,7 +93,7 @@
if (!m_frame.document()->contentSecurityPolicy()->allowRunningOrDisplayingInsecureContent(url))
return false;
- bool allowed = !m_frame.document()->isStrictMixedContentMode() && m_frame.settings().allowRunningOfInsecureContent() && !m_frame.document()->geolocationAccessed();
+ bool allowed = !m_frame.document()->isStrictMixedContentMode() && m_frame.settings().allowRunningOfInsecureContent() && !m_frame.document()->geolocationAccessed() && !m_frame.document()->secureCookiesAccessed();
logWarning(allowed, "run", url);
if (allowed) {
Modified: trunk/Source/WebCore/platform/CookiesStrategy.h (221016 => 221017)
--- trunk/Source/WebCore/platform/CookiesStrategy.h 2017-08-22 16:13:22 UTC (rev 221016)
+++ trunk/Source/WebCore/platform/CookiesStrategy.h 2017-08-22 16:22:22 UTC (rev 221017)
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2011, 2016 Apple Inc. All rights reserved.
+ * Copyright (C) 2011-2017 Apple Inc. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -23,22 +23,25 @@
* THE POSSIBILITY OF SUCH DAMAGE.
*/
-#ifndef CookiesStrategy_h
-#define CookiesStrategy_h
+#pragma once
#include <pal/SessionID.h>
+#include <wtf/EnumTraits.h>
#include <wtf/Vector.h>
#include <wtf/text/WTFString.h>
namespace WebCore {
+class NetworkStorageSession;
class URL;
-class NetworkStorageSession;
+
struct Cookie;
+enum class IncludeSecureCookies { No, Yes };
+
class CookiesStrategy {
public:
- virtual String cookiesForDOM(const NetworkStorageSession&, const URL& firstParty, const URL&) = 0;
+ virtual std::pair<String, bool> cookiesForDOM(const NetworkStorageSession&, const URL& firstParty, const URL&, IncludeSecureCookies) = 0;
virtual void setCookiesFromDOM(const NetworkStorageSession&, const URL& firstParty, const URL&, const String& cookieString) = 0;
virtual bool cookiesEnabled(const NetworkStorageSession&, const URL& firstParty, const URL&) = 0;
virtual String cookieRequestHeaderFieldValue(const NetworkStorageSession&, const URL& firstParty, const URL&) = 0;
@@ -52,4 +55,15 @@
} // namespace WebCore
-#endif // CookiesStrategy_h
+namespace WTF {
+
+template<> struct EnumTraits<WebCore::IncludeSecureCookies> {
+ using values = EnumValues<
+ WebCore::IncludeSecureCookies,
+ WebCore::IncludeSecureCookies::No,
+ WebCore::IncludeSecureCookies::Yes
+ >;
+};
+
+} // namespace WTF
+
Modified: trunk/Source/WebCore/platform/network/PlatformCookieJar.h (221016 => 221017)
--- trunk/Source/WebCore/platform/network/PlatformCookieJar.h 2017-08-22 16:13:22 UTC (rev 221016)
+++ trunk/Source/WebCore/platform/network/PlatformCookieJar.h 2017-08-22 16:22:22 UTC (rev 221017)
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2003, 2006, 2008, 2012, 2016 Apple Inc. All rights reserved.
+ * Copyright (C) 2003-2017 Apple Inc. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -35,11 +35,14 @@
class URL;
class NetworkStorageSession;
+
struct Cookie;
+enum class IncludeSecureCookies;
+
// FIXME: These should probably be NetworkStorageSession member functions.
-WEBCORE_EXPORT String cookiesForDOM(const NetworkStorageSession&, const URL& firstParty, const URL&);
+WEBCORE_EXPORT std::pair<String, bool> cookiesForDOM(const NetworkStorageSession&, const URL& firstParty, const URL&, IncludeSecureCookies);
WEBCORE_EXPORT void setCookiesFromDOM(const NetworkStorageSession&, const URL& firstParty, const URL&, const String&);
WEBCORE_EXPORT bool cookiesEnabled(const NetworkStorageSession&, const URL& firstParty, const URL&);
WEBCORE_EXPORT String cookieRequestHeaderFieldValue(const NetworkStorageSession&, const URL& firstParty, const URL&);
Modified: trunk/Source/WebCore/platform/network/cf/CookieJarCFNet.cpp (221016 => 221017)
--- trunk/Source/WebCore/platform/network/cf/CookieJarCFNet.cpp 2017-08-22 16:13:22 UTC (rev 221016)
+++ trunk/Source/WebCore/platform/network/cf/CookieJarCFNet.cpp 2017-08-22 16:22:22 UTC (rev 221017)
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2006, 2007, 2008, 2012, 2016 Apple Inc. All rights reserved.
+ * Copyright (C) 2006-2017 Apple Inc. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -36,6 +36,7 @@
#include <CoreFoundation/CoreFoundation.h>
#include <pal/spi/cf/CFNetworkSPI.h>
#include <wtf/SoftLinking.h>
+#include <wtf/TypeCastsCF.h>
#include <wtf/text/WTFString.h>
#if PLATFORM(WIN)
@@ -49,6 +50,19 @@
};
#endif
+namespace WTF {
+
+#define DECLARE_CF_TYPE_TRAIT(ClassName) \
+template <> \
+struct CFTypeTrait<ClassName##Ref> { \
+static inline CFTypeID typeID() { return ClassName##GetTypeID(); } \
+};
+
+DECLARE_CF_TYPE_TRAIT(CFHTTPCookieRef);
+
+#undef DECLARE_CF_TYPE_TRAIT
+} // namespace WTF
+
namespace WebCore {
static const CFStringRef s_setCookieKeyCF = CFSTR("Set-Cookie");
@@ -102,10 +116,12 @@
return filteredCookies;
}
-static RetainPtr<CFArrayRef> copyCookiesForURLWithFirstPartyURL(const NetworkStorageSession& session, const URL& firstParty, const URL& url)
+static RetainPtr<CFArrayRef> copyCookiesForURLWithFirstPartyURL(const NetworkStorageSession& session, const URL& firstParty, const URL& url, IncludeSecureCookies includeSecureCookies)
{
- bool secure = url.protocolIs("https");
+ bool secure = includeSecureCookies == IncludeSecureCookies::Yes;
+ ASSERT(!secure || (secure && url.protocolIs("https")));
+
#if PLATFORM(COCOA)
return adoptCF(_CFHTTPCookieStorageCopyCookiesForURLWithMainDocumentURL(session.cookieStorage().get(), url.createCFURL().get(), firstParty.createCFURL().get(), secure));
#else
@@ -151,18 +167,34 @@
CFHTTPCookieStorageSetCookies(session.cookieStorage().get(), filterCookies(unfilteredCookies.get()).get(), urlCF.get(), firstPartyForCookiesCF.get());
}
-String cookiesForDOM(const NetworkStorageSession& session, const URL& firstParty, const URL& url)
+std::pair<String, bool> cookiesForDOM(const NetworkStorageSession& session, const URL& firstParty, const URL& url, IncludeSecureCookies includeSecureCookies)
{
- RetainPtr<CFArrayRef> cookiesCF = copyCookiesForURLWithFirstPartyURL(session, firstParty, url);
- RetainPtr<CFDictionaryRef> headerCF = adoptCF(CFHTTPCookieCopyRequestHeaderFields(kCFAllocatorDefault, filterCookies(cookiesCF.get()).get()));
- return (CFStringRef)CFDictionaryGetValue(headerCF.get(), s_cookieCF);
+ RetainPtr<CFArrayRef> cookiesCF = copyCookiesForURLWithFirstPartyURL(session, firstParty, url, includeSecureCookies);
+
+ auto filteredCookies = filterCookies(cookiesCF.get());
+
+ bool didAccessSecureCookies = false;
+
+ CFIndex cookieCount = CFArrayGetCount(filteredCookies.get());
+ while (cookieCount--) {
+ if (CFHTTPCookieIsSecure(checked_cf_cast<CFHTTPCookieRef>(CFArrayGetValueAtIndex(filteredCookies.get(), cookieCount)))) {
+ didAccessSecureCookies = true;
+ break;
+ }
+ }
+
+ RetainPtr<CFDictionaryRef> headerCF = adoptCF(CFHTTPCookieCopyRequestHeaderFields(kCFAllocatorDefault, filteredCookies.get()));
+ String cookieString = checked_cf_cast<CFStringRef>(CFDictionaryGetValue(headerCF.get(), s_cookieCF));
+ return { cookieString, didAccessSecureCookies };
}
String cookieRequestHeaderFieldValue(const NetworkStorageSession& session, const URL& firstParty, const URL& url)
{
- RetainPtr<CFArrayRef> cookiesCF = copyCookiesForURLWithFirstPartyURL(session, firstParty, url);
+ auto includeSecureCookies = url.protocolIs("https") ? IncludeSecureCookies::Yes : IncludeSecureCookies::No;
+
+ RetainPtr<CFArrayRef> cookiesCF = copyCookiesForURLWithFirstPartyURL(session, firstParty, url, includeSecureCookies);
RetainPtr<CFDictionaryRef> headerCF = adoptCF(CFHTTPCookieCopyRequestHeaderFields(kCFAllocatorDefault, cookiesCF.get()));
- return (CFStringRef)CFDictionaryGetValue(headerCF.get(), s_cookieCF);
+ return checked_cf_cast<CFStringRef>(CFDictionaryGetValue(headerCF.get(), s_cookieCF));
}
bool cookiesEnabled(const NetworkStorageSession& session, const URL& /*firstParty*/, const URL& /*url*/)
@@ -175,13 +207,15 @@
{
rawCookies.clear();
- RetainPtr<CFArrayRef> cookiesCF = copyCookiesForURLWithFirstPartyURL(session, firstParty, url);
+ auto includeSecureCookies = url.protocolIs("https") ? IncludeSecureCookies::Yes : IncludeSecureCookies::No;
+ RetainPtr<CFArrayRef> cookiesCF = copyCookiesForURLWithFirstPartyURL(session, firstParty, url, includeSecureCookies);
+
CFIndex count = CFArrayGetCount(cookiesCF.get());
rawCookies.reserveCapacity(count);
for (CFIndex i = 0; i < count; i++) {
- CFHTTPCookieRef cookie = (CFHTTPCookieRef)CFArrayGetValueAtIndex(cookiesCF.get(), i);
+ CFHTTPCookieRef cookie = checked_cf_cast<CFHTTPCookieRef>(CFArrayGetValueAtIndex(cookiesCF.get(), i));
String name = cookieName(cookie).get();
String value = cookieValue(cookie).get();
String domain = cookieDomain(cookie).get();
@@ -214,7 +248,7 @@
CFIndex count = CFArrayGetCount(cookiesCF.get());
for (CFIndex i = 0; i < count; i++) {
- CFHTTPCookieRef cookie = (CFHTTPCookieRef)CFArrayGetValueAtIndex(cookiesCF.get(), i);
+ CFHTTPCookieRef cookie = checked_cf_cast<CFHTTPCookieRef>(CFArrayGetValueAtIndex(cookiesCF.get(), i));
if (String(cookieName(cookie).get()) == name) {
CFHTTPCookieStorageDeleteCookie(cookieStorage.get(), cookie);
break;
@@ -230,7 +264,7 @@
CFIndex count = CFArrayGetCount(cookiesCF.get());
for (CFIndex i = 0; i < count; ++i) {
- CFHTTPCookieRef cookie = static_cast<CFHTTPCookieRef>(const_cast<void *>(CFArrayGetValueAtIndex(cookiesCF.get(), i)));
+ CFHTTPCookieRef cookie = checked_cf_cast<CFHTTPCookieRef>(CFArrayGetValueAtIndex(cookiesCF.get(), i));
RetainPtr<CFStringRef> domain = cookieDomain(cookie);
hostnames.add(domain.get());
}
Modified: trunk/Source/WebCore/platform/network/mac/CookieJarMac.mm (221016 => 221017)
--- trunk/Source/WebCore/platform/network/mac/CookieJarMac.mm 2017-08-22 16:13:22 UTC (rev 221016)
+++ trunk/Source/WebCore/platform/network/mac/CookieJarMac.mm 2017-08-22 16:22:22 UTC (rev 221017)
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2003, 2006, 2008, 2012 Apple Inc. All rights reserved.
+ * Copyright (C) 2003-2017 Apple Inc. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -26,6 +26,7 @@
#import "config.h"
#import "PlatformCookieJar.h"
+#import "CookiesStrategy.h"
#import "NetworkStorageSession.h"
#import "WebCoreSystemInterface.h"
#import <pal/spi/cf/CFNetworkSPI.h>
@@ -132,7 +133,7 @@
}
enum IncludeHTTPOnlyOrNot { DoNotIncludeHTTPOnly, IncludeHTTPOnly };
-static String cookiesForSession(const NetworkStorageSession& session, const URL& firstParty, const URL& url, IncludeHTTPOnlyOrNot includeHTTPOnly)
+static String cookiesForSession(const NetworkStorageSession& session, const URL& firstParty, const URL& url, IncludeHTTPOnlyOrNot includeHTTPOnly, IncludeSecureCookies includeSecureCookies, bool& didAccessSecureCookies)
{
BEGIN_BLOCK_OBJC_EXCEPTIONS;
@@ -148,6 +149,12 @@
if (!includeHTTPOnly && [cookie isHTTPOnly])
continue;
+ if ([cookie isSecure]) {
+ didAccessSecureCookies = true;
+ if (includeSecureCookies == IncludeSecureCookies::No)
+ continue;
+ }
+
if (!cookiesBuilder.isEmpty())
cookiesBuilder.appendLiteral("; ");
@@ -161,14 +168,17 @@
return String();
}
-String cookiesForDOM(const NetworkStorageSession& session, const URL& firstParty, const URL& url)
+std::pair<String, bool> cookiesForDOM(const NetworkStorageSession& session, const URL& firstParty, const URL& url, IncludeSecureCookies includeSecureCookies)
{
- return cookiesForSession(session, firstParty, url, DoNotIncludeHTTPOnly);
+ bool didAccessSecureCookies = false;
+ auto cookieString = cookiesForSession(session, firstParty, url, DoNotIncludeHTTPOnly, includeSecureCookies, didAccessSecureCookies);
+ return { cookieString, didAccessSecureCookies };
}
String cookieRequestHeaderFieldValue(const NetworkStorageSession& session, const URL& firstParty, const URL& url)
{
- return cookiesForSession(session, firstParty, url, IncludeHTTPOnly);
+ bool ignore = false;
+ return cookiesForSession(session, firstParty, url, IncludeHTTPOnly, IncludeSecureCookies::No, ignore);
}
void setCookiesFromDOM(const NetworkStorageSession& session, const URL& firstParty, const URL& url, const String& cookieStr)
Modified: trunk/Source/WebKit/ChangeLog (221016 => 221017)
--- trunk/Source/WebKit/ChangeLog 2017-08-22 16:13:22 UTC (rev 221016)
+++ trunk/Source/WebKit/ChangeLog 2017-08-22 16:22:22 UTC (rev 221017)
@@ -1,3 +1,23 @@
+2017-08-22 Brent Fulgham <[email protected]> and Pranjal Jumde <[email protected]>
+
+ Disable access to secure cookies if an HTTPS site loads mixed content
+ https://bugs.webkit.org/show_bug.cgi?id=157053
+ <rdar://problem/11290808>
+
+ Reviewed by Dan Bates.
+
+ * NetworkProcess/NetworkConnectionToWebProcess.cpp:
+ (WebKit::NetworkConnectionToWebProcess::cookiesForDOM): Pass new arguments needed by WebCore.
+ * NetworkProcess/NetworkConnectionToWebProcess.h:
+ * NetworkProcess/NetworkConnectionToWebProcess.messages.in: Updated the CookiesForDOM message with the new foundMixedContent
+ argument and the new didAccessSecureCookies reply.
+ * Shared/mac/CookieStorageShim.mm:
+ (WebKit::webKitCookieStorageCopyRequestHeaderFieldsForURL): Drive-by fix to use the right message.
+ * WebProcess/WebCoreSupport/WebPlatformStrategies.cpp:
+ (WebKit::WebPlatformStrategies::cookiesForDOM): Check and return whether secure cookies were accessed. Accept a new argument
+ indicating whether secure cookies should be included in the response.
+ * WebProcess/WebCoreSupport/WebPlatformStrategies.h:
+
2017-08-22 Zan Dobersek <[email protected]>
[GTK][WPE] Rename StorageProcessMainGtk.cpp to StorageProcessMainGLib.cpp
Modified: trunk/Source/WebKit/NetworkProcess/NetworkConnectionToWebProcess.cpp (221016 => 221017)
--- trunk/Source/WebKit/NetworkProcess/NetworkConnectionToWebProcess.cpp 2017-08-22 16:13:22 UTC (rev 221016)
+++ trunk/Source/WebKit/NetworkProcess/NetworkConnectionToWebProcess.cpp 2017-08-22 16:22:22 UTC (rev 221017)
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2012-2016 Apple Inc. All rights reserved.
+ * Copyright (C) 2012-2017 Apple Inc. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -323,9 +323,9 @@
loader->convertToDownload(downloadID, request, response);
}
-void NetworkConnectionToWebProcess::cookiesForDOM(PAL::SessionID sessionID, const URL& firstParty, const URL& url, String& result)
+void NetworkConnectionToWebProcess::cookiesForDOM(PAL::SessionID sessionID, const URL& firstParty, const URL& url, IncludeSecureCookies includeSecureCookies, String& result, bool& secureCookiesAccessed)
{
- result = WebCore::cookiesForDOM(storageSession(sessionID), firstParty, url);
+ std::tie(result, secureCookiesAccessed) = WebCore::cookiesForDOM(storageSession(sessionID), firstParty, url, includeSecureCookies);
}
void NetworkConnectionToWebProcess::setCookiesFromDOM(PAL::SessionID sessionID, const URL& firstParty, const URL& url, const String& cookieString)
Modified: trunk/Source/WebKit/NetworkProcess/NetworkConnectionToWebProcess.h (221016 => 221017)
--- trunk/Source/WebKit/NetworkProcess/NetworkConnectionToWebProcess.h 2017-08-22 16:13:22 UTC (rev 221016)
+++ trunk/Source/WebKit/NetworkProcess/NetworkConnectionToWebProcess.h 2017-08-22 16:22:22 UTC (rev 221017)
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2012-2016 Apple Inc. All rights reserved.
+ * Copyright (C) 2012-2017 Apple Inc. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -40,6 +40,8 @@
class HTTPHeaderMap;
class ResourceError;
class ResourceRequest;
+
+enum class IncludeSecureCookies;
}
namespace WebKit {
@@ -95,7 +97,7 @@
void startDownload(PAL::SessionID, DownloadID, const WebCore::ResourceRequest&, const String& suggestedName = { });
void convertMainResourceLoadToDownload(PAL::SessionID, uint64_t mainResourceLoadIdentifier, DownloadID, const WebCore::ResourceRequest&, const WebCore::ResourceResponse&);
- void cookiesForDOM(PAL::SessionID, const WebCore::URL& firstParty, const WebCore::URL&, String& result);
+ void cookiesForDOM(PAL::SessionID, const WebCore::URL& firstParty, const WebCore::URL&, WebCore::IncludeSecureCookies, String& result, bool& secureCookiesAccessed);
void setCookiesFromDOM(PAL::SessionID, const WebCore::URL& firstParty, const WebCore::URL&, const String&);
void cookiesEnabled(PAL::SessionID, const WebCore::URL& firstParty, const WebCore::URL&, bool& result);
void cookieRequestHeaderFieldValue(PAL::SessionID, const WebCore::URL& firstParty, const WebCore::URL&, String& result);
Modified: trunk/Source/WebKit/NetworkProcess/NetworkConnectionToWebProcess.messages.in (221016 => 221017)
--- trunk/Source/WebKit/NetworkProcess/NetworkConnectionToWebProcess.messages.in 2017-08-22 16:13:22 UTC (rev 221016)
+++ trunk/Source/WebKit/NetworkProcess/NetworkConnectionToWebProcess.messages.in 2017-08-22 16:22:22 UTC (rev 221017)
@@ -1,4 +1,4 @@
-# Copyright (C) 2012 Apple Inc. All rights reserved.
+# Copyright (C) 2012-2017 Apple Inc. All rights reserved.
#
# Redistribution and use in source and binary forms, with or without
# modification, are permitted provided that the following conditions
@@ -32,7 +32,7 @@
StartDownload(PAL::SessionID sessionID, WebKit::DownloadID downloadID, WebCore::ResourceRequest request, String suggestedName)
ConvertMainResourceLoadToDownload(PAL::SessionID sessionID, uint64_t mainResourceLoadIdentifier, WebKit::DownloadID downloadID, WebCore::ResourceRequest request, WebCore::ResourceResponse response)
- CookiesForDOM(PAL::SessionID sessionID, WebCore::URL firstParty, WebCore::URL url) -> (String result)
+ CookiesForDOM(PAL::SessionID sessionID, WebCore::URL firstParty, WebCore::URL url, enum WebCore::IncludeSecureCookies includeSecureCookies) -> (String result, bool didAccessSecureCookies)
SetCookiesFromDOM(PAL::SessionID sessionID, WebCore::URL firstParty, WebCore::URL url, String cookieString)
CookiesEnabled(PAL::SessionID sessionID, WebCore::URL firstParty, WebCore::URL url) -> (bool enabled)
CookieRequestHeaderFieldValue(PAL::SessionID sessionID, WebCore::URL firstParty, WebCore::URL url) -> (String result)
Modified: trunk/Source/WebKit/Scripts/webkit/messages.py (221016 => 221017)
--- trunk/Source/WebKit/Scripts/webkit/messages.py 2017-08-22 16:13:22 UTC (rev 221016)
+++ trunk/Source/WebKit/Scripts/webkit/messages.py 2017-08-22 16:22:22 UTC (rev 221017)
@@ -359,6 +359,7 @@
'WebCore::GrammarDetail': ['<WebCore/TextCheckerClient.h>'],
'WebCore::HasInsecureContent': ['<WebCore/FrameLoaderTypes.h>'],
'WebCore::Highlight': ['<WebCore/InspectorOverlay.h>'],
+ 'WebCore::IncludeSecureCookies': ['<WebCore/CookiesStrategy.h>'],
'WebCore::KeyframeValueList': ['<WebCore/GraphicsLayer.h>'],
'WebCore::KeypressCommand': ['<WebCore/KeyboardEvent.h>'],
'WebCore::MediaConstraints': ['<WebCore/MediaConstraints.h>'],
@@ -390,7 +391,6 @@
'struct WebKit::WebUserStyleSheetData': ['"WebUserContentControllerDataTypes.h"'],
'struct WebKit::WebScriptMessageHandlerData': ['"WebUserContentControllerDataTypes.h"'],
'std::chrono::system_clock::time_point': ['<chrono>'],
- 'WebKit::LayerHostingMode': ['"LayerTreeContext.h"'],
}
headers = []
Modified: trunk/Source/WebKit/Shared/mac/CookieStorageShim.mm (221016 => 221017)
--- trunk/Source/WebKit/Shared/mac/CookieStorageShim.mm 2017-08-22 16:13:22 UTC (rev 221016)
+++ trunk/Source/WebKit/Shared/mac/CookieStorageShim.mm 2017-08-22 16:22:22 UTC (rev 221017)
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2013 Apple Inc. All rights reserved.
+ * Copyright (C) 2013-2017 Apple Inc. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -57,7 +57,7 @@
{
String cookies;
URL firstPartyForCookiesURL;
- if (!WebProcess::singleton().networkConnection().connection().sendSync(Messages::NetworkConnectionToWebProcess::CookieRequestHeaderFieldValue(PAL::SessionID::defaultSessionID(), firstPartyForCookiesURL, inRequestURL), Messages::NetworkConnectionToWebProcess::CookiesForDOM::Reply(cookies), 0))
+ if (!WebProcess::singleton().networkConnection().connection().sendSync(Messages::NetworkConnectionToWebProcess::CookieRequestHeaderFieldValue(PAL::SessionID::defaultSessionID(), firstPartyForCookiesURL, inRequestURL), Messages::NetworkConnectionToWebProcess::CookieRequestHeaderFieldValue::Reply(cookies), 0))
return 0;
if (cookies.isNull())
Modified: trunk/Source/WebKit/WebProcess/WebCoreSupport/WebPlatformStrategies.cpp (221016 => 221017)
--- trunk/Source/WebKit/WebProcess/WebCoreSupport/WebPlatformStrategies.cpp 2017-08-22 16:13:22 UTC (rev 221016)
+++ trunk/Source/WebKit/WebProcess/WebCoreSupport/WebPlatformStrategies.cpp 2017-08-22 16:22:22 UTC (rev 221017)
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2010, 2011, 2012, 2015, 2016 Apple Inc. All rights reserved.
+ * Copyright (C) 2010-2017 Apple Inc. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -109,12 +109,14 @@
// CookiesStrategy
-String WebPlatformStrategies::cookiesForDOM(const NetworkStorageSession& session, const URL& firstParty, const URL& url)
+std::pair<String, bool> WebPlatformStrategies::cookiesForDOM(const NetworkStorageSession& session, const URL& firstParty, const URL& url, IncludeSecureCookies includeSecureCookies)
{
- String result;
- if (!WebProcess::singleton().networkConnection().connection().sendSync(Messages::NetworkConnectionToWebProcess::CookiesForDOM(session.sessionID(), firstParty, url), Messages::NetworkConnectionToWebProcess::CookiesForDOM::Reply(result), 0))
- return String();
- return result;
+ String cookieString;
+ bool secureCookiesAccessed = false;
+ if (!WebProcess::singleton().networkConnection().connection().sendSync(Messages::NetworkConnectionToWebProcess::CookiesForDOM(session.sessionID(), firstParty, url, includeSecureCookies), Messages::NetworkConnectionToWebProcess::CookiesForDOM::Reply(cookieString, secureCookiesAccessed), 0))
+ return { String(), false };
+
+ return { cookieString, secureCookiesAccessed };
}
void WebPlatformStrategies::setCookiesFromDOM(const NetworkStorageSession& session, const URL& firstParty, const URL& url, const String& cookieString)
Modified: trunk/Source/WebKit/WebProcess/WebCoreSupport/WebPlatformStrategies.h (221016 => 221017)
--- trunk/Source/WebKit/WebProcess/WebCoreSupport/WebPlatformStrategies.h 2017-08-22 16:13:22 UTC (rev 221016)
+++ trunk/Source/WebKit/WebProcess/WebCoreSupport/WebPlatformStrategies.h 2017-08-22 16:22:22 UTC (rev 221017)
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2010, 2012, 2016 Apple Inc. All rights reserved.
+ * Copyright (C) 2010-2017 Apple Inc. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -47,7 +47,7 @@
WebCore::BlobRegistry* createBlobRegistry() override;
// WebCore::CookiesStrategy
- String cookiesForDOM(const WebCore::NetworkStorageSession&, const WebCore::URL& firstParty, const WebCore::URL&) override;
+ std::pair<String, bool> cookiesForDOM(const WebCore::NetworkStorageSession&, const WebCore::URL& firstParty, const WebCore::URL&, WebCore::IncludeSecureCookies) override;
void setCookiesFromDOM(const WebCore::NetworkStorageSession&, const WebCore::URL& firstParty, const WebCore::URL&, const String&) override;
bool cookiesEnabled(const WebCore::NetworkStorageSession&, const WebCore::URL& firstParty, const WebCore::URL&) override;
String cookieRequestHeaderFieldValue(const WebCore::NetworkStorageSession&, const WebCore::URL& firstParty, const WebCore::URL&) override;
Modified: trunk/Source/WebKitLegacy/mac/ChangeLog (221016 => 221017)
--- trunk/Source/WebKitLegacy/mac/ChangeLog 2017-08-22 16:13:22 UTC (rev 221016)
+++ trunk/Source/WebKitLegacy/mac/ChangeLog 2017-08-22 16:22:22 UTC (rev 221017)
@@ -1,3 +1,16 @@
+2017-08-22 Brent Fulgham <[email protected]> and Pranjal Jumde <[email protected]>
+
+ Disable access to secure cookies if an HTTPS site loads mixed content
+ https://bugs.webkit.org/show_bug.cgi?id=157053
+ <rdar://problem/11290808>
+
+ Reviewed by Dan Bates.
+
+ * WebCoreSupport/WebPlatformStrategies.h:
+ * WebCoreSupport/WebPlatformStrategies.mm:
+ (WebPlatformStrategies::cookiesForDOM): Check and return whether secure cookies were accessed. Accept a new argument
+ indicating whether secure cookies should be included in the response.
+
2017-08-21 Yoshiaki Jitsukawa <[email protected]>
[PAL] Move spi/mac directory into PAL
Modified: trunk/Source/WebKitLegacy/mac/WebCoreSupport/WebPlatformStrategies.h (221016 => 221017)
--- trunk/Source/WebKitLegacy/mac/WebCoreSupport/WebPlatformStrategies.h 2017-08-22 16:13:22 UTC (rev 221016)
+++ trunk/Source/WebKitLegacy/mac/WebCoreSupport/WebPlatformStrategies.h 2017-08-22 16:22:22 UTC (rev 221017)
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2010, 2016 Apple Inc. All rights reserved.
+ * Copyright (C) 2010-2017 Apple Inc. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -23,8 +23,7 @@
* THE POSSIBILITY OF SUCH DAMAGE.
*/
-#ifndef WebPlatformStrategies_h
-#define WebPlatformStrategies_h
+#pragma once
#include <WebCore/CookiesStrategy.h>
#include <WebCore/LoaderStrategy.h>
@@ -48,7 +47,7 @@
WebCore::BlobRegistry* createBlobRegistry() override;
// WebCore::CookiesStrategy
- String cookiesForDOM(const WebCore::NetworkStorageSession&, const WebCore::URL& firstParty, const WebCore::URL&) override;
+ std::pair<String, bool> cookiesForDOM(const WebCore::NetworkStorageSession&, const WebCore::URL& firstParty, const WebCore::URL&, WebCore::IncludeSecureCookies) override;
void setCookiesFromDOM(const WebCore::NetworkStorageSession&, const WebCore::URL& firstParty, const WebCore::URL&, const String&) override;
bool cookiesEnabled(const WebCore::NetworkStorageSession&, const WebCore::URL& firstParty, const WebCore::URL&) override;
String cookieRequestHeaderFieldValue(const WebCore::NetworkStorageSession&, const WebCore::URL& firstParty, const WebCore::URL&) override;
@@ -88,4 +87,3 @@
long setStringForType(const String&, const String& pasteboardType, const String& pasteboardName) override;
};
-#endif // WebPlatformStrategies_h
Modified: trunk/Source/WebKitLegacy/mac/WebCoreSupport/WebPlatformStrategies.mm (221016 => 221017)
--- trunk/Source/WebKitLegacy/mac/WebCoreSupport/WebPlatformStrategies.mm 2017-08-22 16:13:22 UTC (rev 221016)
+++ trunk/Source/WebKitLegacy/mac/WebCoreSupport/WebPlatformStrategies.mm 2017-08-22 16:22:22 UTC (rev 221017)
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2010 Apple Inc. All rights reserved.
+ * Copyright (C) 2010-2017 Apple Inc. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -73,9 +73,9 @@
return new WebCore::BlobRegistryImpl;
}
-String WebPlatformStrategies::cookiesForDOM(const NetworkStorageSession& session, const URL& firstParty, const URL& url)
+std::pair<String, bool> WebPlatformStrategies::cookiesForDOM(const NetworkStorageSession& session, const URL& firstParty, const URL& url, IncludeSecureCookies includeSecureCookies)
{
- return WebCore::cookiesForDOM(session, firstParty, url);
+ return WebCore::cookiesForDOM(session, firstParty, url, includeSecureCookies);
}
void WebPlatformStrategies::setCookiesFromDOM(const NetworkStorageSession& session, const URL& firstParty, const URL& url, const String& cookieString)
