Diff
Modified: branches/safari-605-branch/LayoutTests/ChangeLog (227116 => 227117)
--- branches/safari-605-branch/LayoutTests/ChangeLog 2018-01-18 05:47:47 UTC (rev 227116)
+++ branches/safari-605-branch/LayoutTests/ChangeLog 2018-01-18 05:47:52 UTC (rev 227117)
@@ -1,5 +1,23 @@
2018-01-17 Jason Marcell <[email protected]>
+ Cherry-pick r227075. rdar://problem/36598185
+
+ 2018-01-17 Daniel Bates <[email protected]>
+
+ REGRESSION (r222795): Cardiogram never signs in
+ https://bugs.webkit.org/show_bug.cgi?id=181693
+ <rdar://problem/36286293>
+
+ Reviewed by Ryosuke Niwa.
+
+ Adds a test to ensure that a file URL can set forbidden XHR headers when the setting
+ allowSettingAnyXHRHeaderFromFileURLs is enabled.
+
+ * fast/xmlhttprequest/set-dangerous-headers-from-file-when-setting-enabled-expected.txt: Added.
+ * fast/xmlhttprequest/set-dangerous-headers-from-file-when-setting-enabled.html: Added.
+
+2018-01-17 Jason Marcell <[email protected]>
+
Cherry-pick r227074. rdar://problem/36598123
2018-01-17 Daniel Bates <[email protected]>
Added: branches/safari-605-branch/LayoutTests/fast/xmlhttprequest/set-dangerous-headers-from-file-when-setting-enabled-expected.txt (0 => 227117)
--- branches/safari-605-branch/LayoutTests/fast/xmlhttprequest/set-dangerous-headers-from-file-when-setting-enabled-expected.txt (rev 0)
+++ branches/safari-605-branch/LayoutTests/fast/xmlhttprequest/set-dangerous-headers-from-file-when-setting-enabled-expected.txt 2018-01-18 05:47:52 UTC (rev 227117)
@@ -0,0 +1 @@
+Test that setRequestHeader() can be used to alter security-sensitive headers when the setting allowSettingAnyXHRHeaderFromFileURLs is enabled. This test PASSED if you do not see any console warnings.
Added: branches/safari-605-branch/LayoutTests/fast/xmlhttprequest/set-dangerous-headers-from-file-when-setting-enabled.html (0 => 227117)
--- branches/safari-605-branch/LayoutTests/fast/xmlhttprequest/set-dangerous-headers-from-file-when-setting-enabled.html (rev 0)
+++ branches/safari-605-branch/LayoutTests/fast/xmlhttprequest/set-dangerous-headers-from-file-when-setting-enabled.html 2018-01-18 05:47:52 UTC (rev 227117)
@@ -0,0 +1,49 @@
+<!DOCTYPE html>
+<html>
+<body>
+<p>Test that setRequestHeader() can be used to alter security-sensitive headers when the setting allowSettingAnyXHRHeaderFromFileURLs is enabled. This test PASSED if you do not see any console warnings.</p>
+<script>
+ if (window.testRunner)
+ testRunner.dumpAsText();
+ if (window.internals.settings)
+ internals.settings.setAllowSettingAnyXHRHeaderFromFileURLs(true);
+
+ req = new XMLHttpRequest;
+ req.open("GET", "resources/non-existent-file.txt", false);
+
+ req.setRequestHeader("ACCEPT-CHARSET", "foobar");
+ req.setRequestHeader("ACCEPT-ENCODING", "foobar");
+ req.setRequestHeader("ACCESS-CONTROL-REQUEST-HEADERS", "foobar");
+ req.setRequestHeader("ACCESS-CONTROL-REQUEST-METHOD", "foobar");
+ // AUTHORIZATION is no longer forbidden. See
+ // https://bugs.webkit.org/show_bug.cgi?id=24957 for more details. Set to
+ // a value other than the foobar since some http servers (lighttp) do not
+ // strip this out (Apache does).
+ req.setRequestHeader("AUTHORIZATION", "baz");
+ req.setRequestHeader("CONNECTION", "foobar");
+ req.setRequestHeader("CONTENT-LENGTH", "123456");
+ req.setRequestHeader("COOKIE", "foobar");
+ req.setRequestHeader("COOKIE2", "foobar");
+ req.setRequestHeader("DATE", "foobar");
+ req.setRequestHeader("DNT", "foobar");
+ req.setRequestHeader("EXPECT", "100-continue");
+ req.setRequestHeader("HOST", "foobar");
+ req.setRequestHeader("KEEP-ALIVE", "foobar");
+ req.setRequestHeader("ORIGIN", "foobar");
+ req.setRequestHeader("REFERER", "foobar");
+ req.setRequestHeader("TE", "foobar");
+ req.setRequestHeader("TRAILER", "foobar");
+ req.setRequestHeader("TRANSFER-ENCODING", "foobar");
+ req.setRequestHeader("UPGRADE", "foobar");
+ req.setRequestHeader("VIA", "foobar");
+
+ req.setRequestHeader("Proxy-", "foobar");
+ req.setRequestHeader("Proxy-test", "foobar");
+ req.setRequestHeader("PROXY-FOO", "foobar");
+
+ req.setRequestHeader("Sec-", "foobar");
+ req.setRequestHeader("Sec-test", "foobar");
+ req.setRequestHeader("SEC-FOO", "foobar");
+</script>
+</body>
+</html>
Modified: branches/safari-605-branch/Source/WTF/ChangeLog (227116 => 227117)
--- branches/safari-605-branch/Source/WTF/ChangeLog 2018-01-18 05:47:47 UTC (rev 227116)
+++ branches/safari-605-branch/Source/WTF/ChangeLog 2018-01-18 05:47:52 UTC (rev 227117)
@@ -1,5 +1,21 @@
2018-01-17 Jason Marcell <[email protected]>
+ Cherry-pick r227075. rdar://problem/36598185
+
+ 2018-01-17 Daniel Bates <[email protected]>
+
+ REGRESSION (r222795): Cardiogram never signs in
+ https://bugs.webkit.org/show_bug.cgi?id=181693
+ <rdar://problem/36286293>
+
+ Reviewed by Ryosuke Niwa.
+
+ Add macro define for future iOS.
+
+ * wtf/spi/darwin/dyldSPI.h:
+
+2018-01-17 Jason Marcell <[email protected]>
+
Cherry-pick r227071. rdar://problem/36598125
2018-01-17 Per Arne Vollan <[email protected]>
Modified: branches/safari-605-branch/Source/WTF/wtf/spi/darwin/dyldSPI.h (227116 => 227117)
--- branches/safari-605-branch/Source/WTF/wtf/spi/darwin/dyldSPI.h 2018-01-18 05:47:47 UTC (rev 227116)
+++ branches/safari-605-branch/Source/WTF/wtf/spi/darwin/dyldSPI.h 2018-01-18 05:47:52 UTC (rev 227117)
@@ -37,6 +37,10 @@
#define DYLD_IOS_VERSION_11_0 0x000B0000
#endif
+#ifndef DYLD_IOS_VERSION_11_3
+#define DYLD_IOS_VERSION_11_3 0x000B0300
+#endif
+
#ifndef DYLD_MACOSX_VERSION_10_13
#define DYLD_MACOSX_VERSION_10_13 0x000A0D00
#endif
@@ -51,6 +55,7 @@
#define DYLD_IOS_VERSION_9_0 0x00090000
#define DYLD_IOS_VERSION_10_0 0x000A0000
#define DYLD_IOS_VERSION_11_0 0x000B0000
+#define DYLD_IOS_VERSION_11_3 0x000B0300
#define DYLD_MACOSX_VERSION_10_11 0x000A0B00
#define DYLD_MACOSX_VERSION_10_12 0x000A0C00
Modified: branches/safari-605-branch/Source/WebCore/ChangeLog (227116 => 227117)
--- branches/safari-605-branch/Source/WebCore/ChangeLog 2018-01-18 05:47:47 UTC (rev 227116)
+++ branches/safari-605-branch/Source/WebCore/ChangeLog 2018-01-18 05:47:52 UTC (rev 227117)
@@ -1,5 +1,31 @@
2018-01-17 Jason Marcell <[email protected]>
+ Cherry-pick r227075. rdar://problem/36598185
+
+ 2018-01-17 Daniel Bates <[email protected]>
+
+ REGRESSION (r222795): Cardiogram never signs in
+ https://bugs.webkit.org/show_bug.cgi?id=181693
+ <rdar://problem/36286293>
+
+ Reviewed by Ryosuke Niwa.
+
+ Exempt Cardiogram from the XHR header restrictions in r222795.
+
+ Following r222795 only Dashboard widgets are allowed to set arbitrary XHR headers.
+ However Cardiogram also depends on such functionality.
+
+ Test: fast/xmlhttprequest/set-dangerous-headers-from-file-when-setting-enabled.html
+
+ * page/Settings.yaml:
+ * platform/RuntimeApplicationChecks.h:
+ * platform/cocoa/RuntimeApplicationChecksCocoa.mm:
+ (WebCore::IOSApplication::isCardiogram):
+ * xml/XMLHttpRequest.cpp:
+ (WebCore::XMLHttpRequest::setRequestHeader):
+
+2018-01-17 Jason Marcell <[email protected]>
+
Cherry-pick r227074. rdar://problem/36598123
2018-01-17 Daniel Bates <[email protected]>
Modified: branches/safari-605-branch/Source/WebCore/page/Settings.yaml (227116 => 227117)
--- branches/safari-605-branch/Source/WebCore/page/Settings.yaml 2018-01-18 05:47:47 UTC (rev 227116)
+++ branches/safari-605-branch/Source/WebCore/page/Settings.yaml 2018-01-18 05:47:52 UTC (rev 227117)
@@ -99,6 +99,8 @@
initial: true
allowFileAccessFromFileURLs:
initial: true
+allowSettingAnyXHRHeaderFromFileURLs:
+ initial: false
needsStorageAccessFromFileURLsQuirk:
initial: true
_javascript_CanOpenWindowsAutomatically:
Modified: branches/safari-605-branch/Source/WebCore/platform/RuntimeApplicationChecks.h (227116 => 227117)
--- branches/safari-605-branch/Source/WebCore/platform/RuntimeApplicationChecks.h 2018-01-18 05:47:47 UTC (rev 227116)
+++ branches/safari-605-branch/Source/WebCore/platform/RuntimeApplicationChecks.h 2018-01-18 05:47:52 UTC (rev 227117)
@@ -83,6 +83,7 @@
bool isIBooks();
bool isIBooksStorytime();
WEBCORE_EXPORT bool isTheSecretSocietyHiddenMystery();
+WEBCORE_EXPORT bool isCardiogram();
} // IOSApplication
Modified: branches/safari-605-branch/Source/WebCore/platform/cocoa/RuntimeApplicationChecksCocoa.mm (227116 => 227117)
--- branches/safari-605-branch/Source/WebCore/platform/cocoa/RuntimeApplicationChecksCocoa.mm 2018-01-18 05:47:47 UTC (rev 227116)
+++ branches/safari-605-branch/Source/WebCore/platform/cocoa/RuntimeApplicationChecksCocoa.mm 2018-01-18 05:47:52 UTC (rev 227117)
@@ -236,6 +236,12 @@
return isTheSecretSocietyHiddenMystery;
}
+bool IOSApplication::isCardiogram()
+{
+ static bool isCardiogram = applicationBundleIsEqualTo("com.cardiogram.ios.heart");
+ return isCardiogram;
+}
+
#endif
} // namespace WebCore
Modified: branches/safari-605-branch/Source/WebCore/xml/XMLHttpRequest.cpp (227116 => 227117)
--- branches/safari-605-branch/Source/WebCore/xml/XMLHttpRequest.cpp 2018-01-18 05:47:47 UTC (rev 227116)
+++ branches/safari-605-branch/Source/WebCore/xml/XMLHttpRequest.cpp 2018-01-18 05:47:52 UTC (rev 227117)
@@ -44,6 +44,7 @@
#include "ParsedContentType.h"
#include "ResourceError.h"
#include "ResourceRequest.h"
+#include "RuntimeApplicationChecks.h"
#include "SecurityOriginPolicy.h"
#include "Settings.h"
#include "SharedBuffer.h"
@@ -805,6 +806,8 @@
#if ENABLE(DASHBOARD_SUPPORT)
allowUnsafeHeaderField = usesDashboardBackwardCompatibilityMode();
#endif
+ if (securityOrigin()->canLoadLocalResources() && document()->settings().allowSettingAnyXHRHeaderFromFileURLs())
+ allowUnsafeHeaderField = true;
if (!allowUnsafeHeaderField && isForbiddenHeaderName(name)) {
logConsoleError(scriptExecutionContext(), "Refused to set unsafe header \"" + name + "\"");
return { };
Modified: branches/safari-605-branch/Source/WebKit/ChangeLog (227116 => 227117)
--- branches/safari-605-branch/Source/WebKit/ChangeLog 2018-01-18 05:47:47 UTC (rev 227116)
+++ branches/safari-605-branch/Source/WebKit/ChangeLog 2018-01-18 05:47:52 UTC (rev 227117)
@@ -1,3 +1,26 @@
+2018-01-17 Jason Marcell <[email protected]>
+
+ Cherry-pick r227075. rdar://problem/36598185
+
+ 2018-01-17 Daniel Bates <[email protected]>
+
+ REGRESSION (r222795): Cardiogram never signs in
+ https://bugs.webkit.org/show_bug.cgi?id=181693
+ <rdar://problem/36286293>
+
+ Reviewed by Ryosuke Niwa.
+
+ Exempt Cardiogram from the XHR header restrictions in r222795.
+
+ Following r222795 only Dashboard widgets are allowed to set arbitrary XHR headers.
+ However Cardiogram also depends on such functionality.
+
+ * Shared/WebPreferences.yaml:
+ * UIProcess/API/Cocoa/WKWebView.mm:
+ (shouldAllowSettingAnyXHRHeaderFromFileURLs):
+ (-[WKWebView _initializeWithConfiguration:]):
+ * UIProcess/Cocoa/VersionChecks.h:
+
2018-01-16 Jason Marcell <[email protected]>
Cherry-pick r226990. rdar://problem/36568066
Modified: branches/safari-605-branch/Source/WebKit/Shared/WebPreferences.yaml (227116 => 227117)
--- branches/safari-605-branch/Source/WebKit/Shared/WebPreferences.yaml 2018-01-18 05:47:47 UTC (rev 227116)
+++ branches/safari-605-branch/Source/WebKit/Shared/WebPreferences.yaml 2018-01-18 05:47:52 UTC (rev 227117)
@@ -179,6 +179,10 @@
type: bool
defaultValue: false
+AllowSettingAnyXHRHeaderFromFileURLs:
+ type: bool
+ defaultValue: false
+
AVFoundationEnabled:
type: bool
defaultValue: true
Modified: branches/safari-605-branch/Source/WebKit/UIProcess/API/Cocoa/WKWebView.mm (227116 => 227117)
--- branches/safari-605-branch/Source/WebKit/UIProcess/API/Cocoa/WKWebView.mm 2018-01-18 05:47:47 UTC (rev 227116)
+++ branches/safari-605-branch/Source/WebKit/UIProcess/API/Cocoa/WKWebView.mm 2018-01-18 05:47:52 UTC (rev 227117)
@@ -423,6 +423,12 @@
return shouldAllowPictureInPictureMediaPlayback;
}
+static bool shouldAllowSettingAnyXHRHeaderFromFileURLs()
+{
+ static bool shouldAllowSettingAnyXHRHeaderFromFileURLs = WebCore::IOSApplication::isCardiogram() && !linkedOnOrAfter(WebKit::SDKVersion::FirstThatDisallowsSettingAnyXHRHeaderFromFileURLs);
+ return shouldAllowSettingAnyXHRHeaderFromFileURLs;
+}
+
#endif
static bool shouldRequireUserGestureToLoadVideo()
@@ -570,6 +576,7 @@
pageConfiguration->preferenceValues().set(WebKit::WebPreferencesKey::allowsPictureInPictureMediaPlaybackKey(), WebKit::WebPreferencesStore::Value(!![_configuration allowsPictureInPictureMediaPlayback] && shouldAllowPictureInPictureMediaPlayback()));
pageConfiguration->preferenceValues().set(WebKit::WebPreferencesKey::userInterfaceDirectionPolicyKey(), WebKit::WebPreferencesStore::Value(static_cast<uint32_t>(WebCore::UserInterfaceDirectionPolicy::Content)));
pageConfiguration->preferenceValues().set(WebKit::WebPreferencesKey::systemLayoutDirectionKey(), WebKit::WebPreferencesStore::Value(static_cast<uint32_t>(WebCore::LTR)));
+ pageConfiguration->preferenceValues().set(WebKit::WebPreferencesKey::allowSettingAnyXHRHeaderFromFileURLsKey(), WebKit::WebPreferencesStore::Value(shouldAllowSettingAnyXHRHeaderFromFileURLs()));
#endif
WKAudiovisualMediaTypes mediaTypesRequiringUserGesture = [_configuration mediaTypesRequiringUserActionForPlayback];
Modified: branches/safari-605-branch/Source/WebKit/UIProcess/Cocoa/VersionChecks.h (227116 => 227117)
--- branches/safari-605-branch/Source/WebKit/UIProcess/Cocoa/VersionChecks.h 2018-01-18 05:47:47 UTC (rev 227116)
+++ branches/safari-605-branch/Source/WebKit/UIProcess/Cocoa/VersionChecks.h 2018-01-18 05:47:52 UTC (rev 227117)
@@ -36,6 +36,7 @@
FirstWithExceptionsForDuplicateCompletionHandlerCalls = DYLD_IOS_VERSION_11_0,
FirstToExcludeLocalStorageFromBackup = DYLD_IOS_VERSION_11_0,
FirstWithExpiredOnlyReloadBehavior = DYLD_IOS_VERSION_11_0,
+ FirstThatDisallowsSettingAnyXHRHeaderFromFileURLs = DYLD_IOS_VERSION_11_3,
#elif PLATFORM(MAC)
FirstWithNetworkCache = DYLD_MACOSX_VERSION_10_11,
FirstWithExceptionsForDuplicateCompletionHandlerCalls = DYLD_MACOSX_VERSION_10_13,
