Diff
Modified: branches/safari-605-branch/LayoutTests/imported/w3c/ChangeLog (227816 => 227817)
--- branches/safari-605-branch/LayoutTests/imported/w3c/ChangeLog 2018-01-30 18:50:49 UTC (rev 227816)
+++ branches/safari-605-branch/LayoutTests/imported/w3c/ChangeLog 2018-01-30 18:50:54 UTC (rev 227817)
@@ -1,5 +1,18 @@
2018-01-30 Jason Marcell <[email protected]>
+ Cherry-pick r227680. rdar://problem/37019528
+
+ 2018-01-26 Youenn Fablet <[email protected]>
+
+ CSP post checks should be done for service worker responses
+ https://bugs.webkit.org/show_bug.cgi?id=182160
+
+ Reviewed by Daniel Bates.
+
+ * web-platform-tests/service-workers/service-worker/fetch-csp.https-expected.txt:
+
+2018-01-30 Jason Marcell <[email protected]>
+
Cherry-pick r227639. rdar://problem/37019431
2018-01-25 Chris Dumez <[email protected]>
Modified: branches/safari-605-branch/LayoutTests/imported/w3c/web-platform-tests/service-workers/service-worker/fetch-csp.https-expected.txt (227816 => 227817)
--- branches/safari-605-branch/LayoutTests/imported/w3c/web-platform-tests/service-workers/service-worker/fetch-csp.https-expected.txt 2018-01-30 18:50:49 UTC (rev 227816)
+++ branches/safari-605-branch/LayoutTests/imported/w3c/web-platform-tests/service-workers/service-worker/fetch-csp.https-expected.txt 2018-01-30 18:50:54 UTC (rev 227817)
@@ -1,6 +1,7 @@
CONSOLE MESSAGE: Refused to load https://127.0.0.1:9443/service-workers/service-worker/resources/fetch-access-control.py?PNGIMAGE because it does not appear in the img-src directive of the Content Security Policy.
CONSOLE MESSAGE: Refused to load https://127.0.0.1:9443/service-workers/service-worker/resources/fetch-access-control.py?PNGIMAGE because it does not appear in the img-src directive of the Content Security Policy.
+CONSOLE MESSAGE: Refused to load https://127.0.0.1:9443/service-workers/service-worker/resources/fetch-access-control.py?PNGIMAGE because it does not appear in the img-src directive of the Content Security Policy.
+CONSOLE MESSAGE: Refused to load https://127.0.0.1:9443/service-workers/service-worker/resources/fetch-access-control.py?PNGIMAGE because it does not appear in the img-src directive of the Content Security Policy.
+PASS Verify CSP control of fetch() in a Service Worker
-FAIL Verify CSP control of fetch() in a Service Worker promise_test: Unhandled rejection with value: object "Error: Disallowed scope image resource which was fetched via SW should not be loaded."
-
Modified: branches/safari-605-branch/Source/WebCore/ChangeLog (227816 => 227817)
--- branches/safari-605-branch/Source/WebCore/ChangeLog 2018-01-30 18:50:49 UTC (rev 227816)
+++ branches/safari-605-branch/Source/WebCore/ChangeLog 2018-01-30 18:50:54 UTC (rev 227817)
@@ -1,5 +1,24 @@
2018-01-30 Jason Marcell <[email protected]>
+ Cherry-pick r227680. rdar://problem/37019528
+
+ 2018-01-26 Youenn Fablet <[email protected]>
+
+ CSP post checks should be done for service worker responses
+ https://bugs.webkit.org/show_bug.cgi?id=182160
+
+ Reviewed by Daniel Bates.
+
+ Covered by updated test.
+
+ Add security checks when receiving a service worker response.
+
+ * loader/SubresourceLoader.cpp:
+ (WebCore::SubresourceLoader::didReceiveResponse):
+ * loader/cache/CachedResourceLoader.h:
+
+2018-01-30 Jason Marcell <[email protected]>
+
Cherry-pick r227651. rdar://problem/37019465
2018-01-25 Said Abou-Hallawa <[email protected]>
Modified: branches/safari-605-branch/Source/WebCore/loader/SubresourceLoader.cpp (227816 => 227817)
--- branches/safari-605-branch/Source/WebCore/loader/SubresourceLoader.cpp 2018-01-30 18:50:49 UTC (rev 227816)
+++ branches/safari-605-branch/Source/WebCore/loader/SubresourceLoader.cpp 2018-01-30 18:50:54 UTC (rev 227817)
@@ -297,6 +297,16 @@
return;
}
#endif
+#if ENABLE(SERVICE_WORKER)
+ // Implementing step 10 of https://fetch.spec.whatwg.org/#main-fetch for service worker responses.
+ if (response.source() == ResourceResponse::Source::ServiceWorker && response.url() != request().url()) {
+ auto& loader = m_documentLoader->cachedResourceLoader();
+ if (!loader.allowedByContentSecurityPolicy(m_resource->type(), response.url(), options(), ContentSecurityPolicy::RedirectResponseReceived::Yes)) {
+ cancel(ResourceError({ }, 0, response.url(), { }, ResourceError::Type::General));
+ return;
+ }
+ }
+#endif
// We want redirect responses to be processed through willSendRequestInternal.
// The only exception is redirection with no Location headers. Or in rare circumstances,
Modified: branches/safari-605-branch/Source/WebCore/loader/cache/CachedResourceLoader.h (227816 => 227817)
--- branches/safari-605-branch/Source/WebCore/loader/cache/CachedResourceLoader.h 2018-01-30 18:50:49 UTC (rev 227816)
+++ branches/safari-605-branch/Source/WebCore/loader/cache/CachedResourceLoader.h 2018-01-30 18:50:54 UTC (rev 227817)
@@ -148,6 +148,7 @@
void stopUnusedPreloadsTimer();
bool updateRequestAfterRedirection(CachedResource::Type, ResourceRequest&, const ResourceLoaderOptions&);
+ bool allowedByContentSecurityPolicy(CachedResource::Type, const URL&, const ResourceLoaderOptions&, ContentSecurityPolicy::RedirectResponseReceived) const;
static const ResourceLoaderOptions& defaultCachedResourceOptions();
@@ -182,7 +183,6 @@
bool shouldContinueAfterNotifyingLoadedFromMemoryCache(const CachedResourceRequest&, CachedResource&, ResourceError&);
bool checkInsecureContent(CachedResource::Type, const URL&) const;
- bool allowedByContentSecurityPolicy(CachedResource::Type, const URL&, const ResourceLoaderOptions&, ContentSecurityPolicy::RedirectResponseReceived) const;
void performPostLoadActions();
