Title: [227680] trunk
- Revision
- 227680
- Author
- [email protected]
- Date
- 2018-01-26 09:36:47 -0800 (Fri, 26 Jan 2018)
Log Message
CSP post checks should be done for service worker responses
https://bugs.webkit.org/show_bug.cgi?id=182160
Patch by Youenn Fablet <[email protected]> on 2018-01-26
Reviewed by Daniel Bates.
LayoutTests/imported/w3c:
* web-platform-tests/service-workers/service-worker/fetch-csp.https-expected.txt:
Source/WebCore:
Covered by updated test.
Add security checks when receiving a service worker response.
* loader/SubresourceLoader.cpp:
(WebCore::SubresourceLoader::didReceiveResponse):
* loader/cache/CachedResourceLoader.h:
Modified Paths
Diff
Modified: trunk/LayoutTests/imported/w3c/ChangeLog (227679 => 227680)
--- trunk/LayoutTests/imported/w3c/ChangeLog 2018-01-26 16:53:49 UTC (rev 227679)
+++ trunk/LayoutTests/imported/w3c/ChangeLog 2018-01-26 17:36:47 UTC (rev 227680)
@@ -1,3 +1,12 @@
+2018-01-26 Youenn Fablet <[email protected]>
+
+ CSP post checks should be done for service worker responses
+ https://bugs.webkit.org/show_bug.cgi?id=182160
+
+ Reviewed by Daniel Bates.
+
+ * web-platform-tests/service-workers/service-worker/fetch-csp.https-expected.txt:
+
2018-01-26 Manuel Rego Casasnovas <[email protected]>
[css-multicol] Support percentages in column-gap
Modified: trunk/LayoutTests/imported/w3c/web-platform-tests/service-workers/service-worker/fetch-csp.https-expected.txt (227679 => 227680)
--- trunk/LayoutTests/imported/w3c/web-platform-tests/service-workers/service-worker/fetch-csp.https-expected.txt 2018-01-26 16:53:49 UTC (rev 227679)
+++ trunk/LayoutTests/imported/w3c/web-platform-tests/service-workers/service-worker/fetch-csp.https-expected.txt 2018-01-26 17:36:47 UTC (rev 227680)
@@ -1,6 +1,7 @@
CONSOLE MESSAGE: Refused to load https://127.0.0.1:9443/service-workers/service-worker/resources/fetch-access-control.py?PNGIMAGE because it does not appear in the img-src directive of the Content Security Policy.
CONSOLE MESSAGE: Refused to load https://127.0.0.1:9443/service-workers/service-worker/resources/fetch-access-control.py?PNGIMAGE because it does not appear in the img-src directive of the Content Security Policy.
+CONSOLE MESSAGE: Refused to load https://127.0.0.1:9443/service-workers/service-worker/resources/fetch-access-control.py?PNGIMAGE because it does not appear in the img-src directive of the Content Security Policy.
+CONSOLE MESSAGE: Refused to load https://127.0.0.1:9443/service-workers/service-worker/resources/fetch-access-control.py?PNGIMAGE because it does not appear in the img-src directive of the Content Security Policy.
+PASS Verify CSP control of fetch() in a Service Worker
-FAIL Verify CSP control of fetch() in a Service Worker promise_test: Unhandled rejection with value: object "Error: Disallowed scope image resource which was fetched via SW should not be loaded."
-
Modified: trunk/Source/WebCore/ChangeLog (227679 => 227680)
--- trunk/Source/WebCore/ChangeLog 2018-01-26 16:53:49 UTC (rev 227679)
+++ trunk/Source/WebCore/ChangeLog 2018-01-26 17:36:47 UTC (rev 227680)
@@ -1,3 +1,18 @@
+2018-01-26 Youenn Fablet <[email protected]>
+
+ CSP post checks should be done for service worker responses
+ https://bugs.webkit.org/show_bug.cgi?id=182160
+
+ Reviewed by Daniel Bates.
+
+ Covered by updated test.
+
+ Add security checks when receiving a service worker response.
+
+ * loader/SubresourceLoader.cpp:
+ (WebCore::SubresourceLoader::didReceiveResponse):
+ * loader/cache/CachedResourceLoader.h:
+
2018-01-26 Manuel Rego Casasnovas <[email protected]>
[css-multicol] Support percentages in column-gap
Modified: trunk/Source/WebCore/loader/SubresourceLoader.cpp (227679 => 227680)
--- trunk/Source/WebCore/loader/SubresourceLoader.cpp 2018-01-26 16:53:49 UTC (rev 227679)
+++ trunk/Source/WebCore/loader/SubresourceLoader.cpp 2018-01-26 17:36:47 UTC (rev 227680)
@@ -297,6 +297,16 @@
return;
}
#endif
+#if ENABLE(SERVICE_WORKER)
+ // Implementing step 10 of https://fetch.spec.whatwg.org/#main-fetch for service worker responses.
+ if (response.source() == ResourceResponse::Source::ServiceWorker && response.url() != request().url()) {
+ auto& loader = m_documentLoader->cachedResourceLoader();
+ if (!loader.allowedByContentSecurityPolicy(m_resource->type(), response.url(), options(), ContentSecurityPolicy::RedirectResponseReceived::Yes)) {
+ cancel(ResourceError({ }, 0, response.url(), { }, ResourceError::Type::General));
+ return;
+ }
+ }
+#endif
// We want redirect responses to be processed through willSendRequestInternal.
// The only exception is redirection with no Location headers. Or in rare circumstances,
Modified: trunk/Source/WebCore/loader/cache/CachedResourceLoader.h (227679 => 227680)
--- trunk/Source/WebCore/loader/cache/CachedResourceLoader.h 2018-01-26 16:53:49 UTC (rev 227679)
+++ trunk/Source/WebCore/loader/cache/CachedResourceLoader.h 2018-01-26 17:36:47 UTC (rev 227680)
@@ -148,6 +148,7 @@
void stopUnusedPreloadsTimer();
bool updateRequestAfterRedirection(CachedResource::Type, ResourceRequest&, const ResourceLoaderOptions&);
+ bool allowedByContentSecurityPolicy(CachedResource::Type, const URL&, const ResourceLoaderOptions&, ContentSecurityPolicy::RedirectResponseReceived) const;
static const ResourceLoaderOptions& defaultCachedResourceOptions();
@@ -182,7 +183,6 @@
bool shouldContinueAfterNotifyingLoadedFromMemoryCache(const CachedResourceRequest&, CachedResource&, ResourceError&);
bool checkInsecureContent(CachedResource::Type, const URL&) const;
- bool allowedByContentSecurityPolicy(CachedResource::Type, const URL&, const ResourceLoaderOptions&, ContentSecurityPolicy::RedirectResponseReceived) const;
void performPostLoadActions();
_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes
