Diff
Modified: trunk/Source/WebCore/ChangeLog (231444 => 231445)
--- trunk/Source/WebCore/ChangeLog 2018-05-07 17:47:52 UTC (rev 231444)
+++ trunk/Source/WebCore/ChangeLog 2018-05-07 17:52:34 UTC (rev 231445)
@@ -1,5 +1,38 @@
2018-05-07 Daniel Bates <[email protected]>
+ CSP should be passed the referrer
+ https://bugs.webkit.org/show_bug.cgi?id=185367
+
+ Reviewed by Per Arne Vollan.
+
+ As a step towards formalizing a CSP delegate object and removing the dependencies
+ on ScriptExecutionContext and Frame, we should pass the document's referrer directly
+ instead of indirectly obtaining it from the ScriptExecutionContext or Frame used
+ to instantiate the ContentSecurityPolicy object.
+
+ * dom/Document.cpp:
+ (WebCore::Document::processHttpEquiv): Pass the document's referrer.
+ (WebCore::Document::initSecurityContext): Ditto.
+ (WebCore::Document::applyQuickLookSandbox): Ditto.
+ * loader/DocumentLoader.cpp:
+ (WebCore::DocumentLoader::responseReceived): Ditto.
+ * loader/FrameLoader.cpp:
+ (WebCore::FrameLoader::didBeginDocument): Ditto.
+ * page/csp/ContentSecurityPolicy.cpp:
+ (WebCore::ContentSecurityPolicy::copyStateFrom): We pass a null string for the referrer
+ to didReceiveHeader() as a placeholder since it requires the referrer be given to it. We
+ fix up the referrer (m_referrer) after copying all the policy headers.
+ (WebCore::ContentSecurityPolicy::didReceiveHeaders): Ditto.
+ (WebCore::ContentSecurityPolicy::didReceiveHeader): Modified to take a referrer and WTFMove()s
+ it into an instance variable (m_referrer).
+ (WebCore::ContentSecurityPolicy::reportViolation const): Modified to use the stored referrer.
+ * page/csp/ContentSecurityPolicy.h:
+ * workers/WorkerGlobalScope.cpp:
+ (WebCore::WorkerGlobalScope::applyContentSecurityPolicyResponseHeaders): Pass a null string
+ for the referrer as a worker does not have a referrer.
+
+2018-05-07 Daniel Bates <[email protected]>
+
CSP should only notify Inspector to pause the debugger on the first policy to violate a directive
https://bugs.webkit.org/show_bug.cgi?id=185364
Modified: trunk/Source/WebCore/dom/Document.cpp (231444 => 231445)
--- trunk/Source/WebCore/dom/Document.cpp 2018-05-07 17:47:52 UTC (rev 231444)
+++ trunk/Source/WebCore/dom/Document.cpp 2018-05-07 17:52:34 UTC (rev 231445)
@@ -3384,12 +3384,12 @@
case HTTPHeaderName::ContentSecurityPolicy:
if (isInDocumentHead)
- contentSecurityPolicy()->didReceiveHeader(content, ContentSecurityPolicyHeaderType::Enforce, ContentSecurityPolicy::PolicyFrom::HTTPEquivMeta);
+ contentSecurityPolicy()->didReceiveHeader(content, ContentSecurityPolicyHeaderType::Enforce, ContentSecurityPolicy::PolicyFrom::HTTPEquivMeta, referrer());
break;
case HTTPHeaderName::XWebKitCSP:
if (isInDocumentHead)
- contentSecurityPolicy()->didReceiveHeader(content, ContentSecurityPolicyHeaderType::PrefixedEnforce, ContentSecurityPolicy::PolicyFrom::HTTPEquivMeta);
+ contentSecurityPolicy()->didReceiveHeader(content, ContentSecurityPolicyHeaderType::PrefixedEnforce, ContentSecurityPolicy::PolicyFrom::HTTPEquivMeta, referrer());
break;
default:
@@ -5522,7 +5522,7 @@
String overrideContentSecurityPolicy = m_frame->loader().client().overrideContentSecurityPolicy();
if (!overrideContentSecurityPolicy.isNull())
- contentSecurityPolicy()->didReceiveHeader(overrideContentSecurityPolicy, ContentSecurityPolicyHeaderType::Enforce, ContentSecurityPolicy::PolicyFrom::API);
+ contentSecurityPolicy()->didReceiveHeader(overrideContentSecurityPolicy, ContentSecurityPolicyHeaderType::Enforce, ContentSecurityPolicy::PolicyFrom::API, referrer());
#if USE(QUICK_LOOK)
if (shouldEnforceQuickLookSandbox())
@@ -7277,7 +7277,7 @@
static NeverDestroyed<String> quickLookCSP = makeString("default-src ", QLPreviewProtocol(), ": 'unsafe-inline'; base-uri 'none'; sandbox allow-same-origin allow-scripts");
RELEASE_ASSERT(contentSecurityPolicy());
// The sandbox directive is only allowed if the policy is from an HTTP header.
- contentSecurityPolicy()->didReceiveHeader(quickLookCSP, ContentSecurityPolicyHeaderType::Enforce, ContentSecurityPolicy::PolicyFrom::HTTPHeader);
+ contentSecurityPolicy()->didReceiveHeader(quickLookCSP, ContentSecurityPolicyHeaderType::Enforce, ContentSecurityPolicy::PolicyFrom::HTTPHeader, referrer());
disableSandboxFlags(SandboxNavigation);
Modified: trunk/Source/WebCore/loader/DocumentLoader.cpp (231444 => 231445)
--- trunk/Source/WebCore/loader/DocumentLoader.cpp 2018-05-07 17:47:52 UTC (rev 231444)
+++ trunk/Source/WebCore/loader/DocumentLoader.cpp 2018-05-07 17:52:34 UTC (rev 231445)
@@ -768,7 +768,7 @@
auto url = ""
ContentSecurityPolicy contentSecurityPolicy(SecurityOrigin::create(url), m_frame);
- contentSecurityPolicy.didReceiveHeaders(ContentSecurityPolicyResponseHeaders(response));
+ contentSecurityPolicy.didReceiveHeaders(ContentSecurityPolicyResponseHeaders(response), m_frame->loader().referrer());
if (!contentSecurityPolicy.allowFrameAncestors(*m_frame, url)) {
stopLoadingAfterXFrameOptionsOrContentSecurityPolicyDenied(identifier, response);
return;
Modified: trunk/Source/WebCore/loader/FrameLoader.cpp (231444 => 231445)
--- trunk/Source/WebCore/loader/FrameLoader.cpp 2018-05-07 17:47:52 UTC (rev 231444)
+++ trunk/Source/WebCore/loader/FrameLoader.cpp 2018-05-07 17:52:34 UTC (rev 231445)
@@ -732,7 +732,7 @@
if (!dnsPrefetchControl.isEmpty())
m_frame.document()->parseDNSPrefetchControlHeader(dnsPrefetchControl);
- m_frame.document()->contentSecurityPolicy()->didReceiveHeaders(ContentSecurityPolicyResponseHeaders(m_documentLoader->response()), ContentSecurityPolicy::ReportParsingErrors::No);
+ m_frame.document()->contentSecurityPolicy()->didReceiveHeaders(ContentSecurityPolicyResponseHeaders(m_documentLoader->response()), referrer(), ContentSecurityPolicy::ReportParsingErrors::No);
String headerContentLanguage = m_documentLoader->response().httpHeaderField(HTTPHeaderName::ContentLanguage);
if (!headerContentLanguage.isEmpty()) {
Modified: trunk/Source/WebCore/page/csp/ContentSecurityPolicy.cpp (231444 => 231445)
--- trunk/Source/WebCore/page/csp/ContentSecurityPolicy.cpp 2018-05-07 17:47:52 UTC (rev 231444)
+++ trunk/Source/WebCore/page/csp/ContentSecurityPolicy.cpp 2018-05-07 17:52:34 UTC (rev 231445)
@@ -111,7 +111,8 @@
return;
ASSERT(m_policies.isEmpty());
for (auto& policy : other->m_policies)
- didReceiveHeader(policy->header(), policy->headerType(), ContentSecurityPolicy::PolicyFrom::Inherited);
+ didReceiveHeader(policy->header(), policy->headerType(), ContentSecurityPolicy::PolicyFrom::Inherited, String { });
+ m_referrer = other->m_referrer;
}
void ContentSecurityPolicy::copyUpgradeInsecureRequestStateFrom(const ContentSecurityPolicy& other)
@@ -171,18 +172,21 @@
return *m_cachedResponseHeaders;
}
-void ContentSecurityPolicy::didReceiveHeaders(const ContentSecurityPolicyResponseHeaders& headers, ReportParsingErrors reportParsingErrors)
+void ContentSecurityPolicy::didReceiveHeaders(const ContentSecurityPolicyResponseHeaders& headers, String&& referrer, ReportParsingErrors reportParsingErrors)
{
SetForScope<bool> isReportingEnabled(m_isReportingEnabled, reportParsingErrors == ReportParsingErrors::Yes);
for (auto& header : headers.m_headers)
- didReceiveHeader(header.first, header.second, ContentSecurityPolicy::PolicyFrom::HTTPHeader);
+ didReceiveHeader(header.first, header.second, ContentSecurityPolicy::PolicyFrom::HTTPHeader, String { });
+ m_referrer = WTFMove(referrer);
}
-void ContentSecurityPolicy::didReceiveHeader(const String& header, ContentSecurityPolicyHeaderType type, ContentSecurityPolicy::PolicyFrom policyFrom)
+void ContentSecurityPolicy::didReceiveHeader(const String& header, ContentSecurityPolicyHeaderType type, ContentSecurityPolicy::PolicyFrom policyFrom, String&& referrer)
{
if (m_hasAPIPolicy)
return;
+ m_referrer = WTFMove(referrer);
+
if (policyFrom == PolicyFrom::API) {
ASSERT(m_policies.isEmpty());
m_hasAPIPolicy = true;
@@ -664,7 +668,6 @@
}
String violatedDirectiveText = violatedDirective;
String originalPolicy = violatedDirectiveList.header();
- String referrer = document.referrer();
ASSERT(document.loader());
// FIXME: Is it policy to not use the status code for HTTPS, or is that a bug?
unsigned short statusCode = document.url().protocolIs("http") && document.loader() ? document.loader()->response().httpStatusCode() : 0;
@@ -683,7 +686,7 @@
// 1. Dispatch violation event.
bool canBubble = false;
bool cancelable = false;
- document.enqueueDocumentEvent(SecurityPolicyViolationEvent::create(eventNames().securitypolicyviolationEvent, canBubble, cancelable, documentURI, referrer, blockedURI, violatedDirectiveText, effectiveViolatedDirective, originalPolicy, sourceFile, statusCode, lineNumber, columnNumber));
+ document.enqueueDocumentEvent(SecurityPolicyViolationEvent::create(eventNames().securitypolicyviolationEvent, canBubble, cancelable, documentURI, m_referrer, blockedURI, violatedDirectiveText, effectiveViolatedDirective, originalPolicy, sourceFile, statusCode, lineNumber, columnNumber));
// 2. Send violation report (if applicable).
auto& reportURIs = violatedDirectiveList.reportURIs();
@@ -702,7 +705,7 @@
auto cspReport = JSON::Object::create();
cspReport->setString(ASCIILiteral("document-uri"), documentURI);
- cspReport->setString(ASCIILiteral("referrer"), referrer);
+ cspReport->setString(ASCIILiteral("referrer"), m_referrer);
cspReport->setString(ASCIILiteral("violated-directive"), violatedDirectiveText);
cspReport->setString(ASCIILiteral("effective-directive"), effectiveViolatedDirective);
cspReport->setString(ASCIILiteral("original-policy"), originalPolicy);
Modified: trunk/Source/WebCore/page/csp/ContentSecurityPolicy.h (231444 => 231445)
--- trunk/Source/WebCore/page/csp/ContentSecurityPolicy.h 2018-05-07 17:47:52 UTC (rev 231444)
+++ trunk/Source/WebCore/page/csp/ContentSecurityPolicy.h 2018-05-07 17:52:34 UTC (rev 231445)
@@ -81,8 +81,8 @@
};
WEBCORE_EXPORT ContentSecurityPolicyResponseHeaders responseHeaders() const;
enum ReportParsingErrors { No, Yes };
- WEBCORE_EXPORT void didReceiveHeaders(const ContentSecurityPolicyResponseHeaders&, ReportParsingErrors = ReportParsingErrors::Yes);
- void didReceiveHeader(const String&, ContentSecurityPolicyHeaderType, ContentSecurityPolicy::PolicyFrom);
+ WEBCORE_EXPORT void didReceiveHeaders(const ContentSecurityPolicyResponseHeaders&, String&& referrer, ReportParsingErrors = ReportParsingErrors::Yes);
+ void didReceiveHeader(const String&, ContentSecurityPolicyHeaderType, ContentSecurityPolicy::PolicyFrom, String&& referrer);
bool allowScriptWithNonce(const String& nonce, bool overrideContentSecurityPolicy = false) const;
bool allowStyleWithNonce(const String& nonce, bool overrideContentSecurityPolicy = false) const;
@@ -211,6 +211,7 @@
CSPDirectiveListVector m_policies;
String m_lastPolicyEvalDisabledErrorMessage;
String m_lastPolicyWebAssemblyDisabledErrorMessage;
+ String m_referrer;
SandboxFlags m_sandboxFlags;
bool m_overrideInlineStyleAllowed { false };
bool m_isReportingEnabled { true };
Modified: trunk/Source/WebCore/workers/WorkerGlobalScope.cpp (231444 => 231445)
--- trunk/Source/WebCore/workers/WorkerGlobalScope.cpp 2018-05-07 17:47:52 UTC (rev 231444)
+++ trunk/Source/WebCore/workers/WorkerGlobalScope.cpp 2018-05-07 17:52:34 UTC (rev 231445)
@@ -118,7 +118,7 @@
void WorkerGlobalScope::applyContentSecurityPolicyResponseHeaders(const ContentSecurityPolicyResponseHeaders& contentSecurityPolicyResponseHeaders)
{
- contentSecurityPolicy()->didReceiveHeaders(contentSecurityPolicyResponseHeaders);
+ contentSecurityPolicy()->didReceiveHeaders(contentSecurityPolicyResponseHeaders, String { });
}
URL WorkerGlobalScope::completeURL(const String& url) const
Modified: trunk/Source/WebKit/ChangeLog (231444 => 231445)
--- trunk/Source/WebKit/ChangeLog 2018-05-07 17:47:52 UTC (rev 231444)
+++ trunk/Source/WebKit/ChangeLog 2018-05-07 17:52:34 UTC (rev 231445)
@@ -1,5 +1,24 @@
2018-05-07 Daniel Bates <[email protected]>
+ CSP should be passed the referrer
+ https://bugs.webkit.org/show_bug.cgi?id=185367
+
+ Reviewed by Per Arne Vollan.
+
+ Pass the referrer through NetworkLoadChecker so that it can pass it to the ContentSecurityPolicy
+ object it instantiates.
+
+ * NetworkProcess/NetworkLoadChecker.cpp:
+ (WebKit::NetworkLoadChecker::NetworkLoadChecker):
+ (WebKit::NetworkLoadChecker::contentSecurityPolicy const):
+ * NetworkProcess/NetworkLoadChecker.h:
+ (WebKit::NetworkLoadChecker::create):
+ * NetworkProcess/NetworkResourceLoader.cpp:
+ * NetworkProcess/PingLoad.cpp:
+ (WebKit::PingLoad::PingLoad):
+
+2018-05-07 Daniel Bates <[email protected]>
+
Substitute CrossOriginPreflightResultCache::clear() for CrossOriginPreflightResultCache::empty()
https://bugs.webkit.org/show_bug.cgi?id=185170
Modified: trunk/Source/WebKit/NetworkProcess/NetworkLoadChecker.cpp (231444 => 231445)
--- trunk/Source/WebKit/NetworkProcess/NetworkLoadChecker.cpp 2018-05-07 17:47:52 UTC (rev 231444)
+++ trunk/Source/WebKit/NetworkProcess/NetworkLoadChecker.cpp 2018-05-07 17:52:34 UTC (rev 231445)
@@ -48,7 +48,7 @@
return url.protocolIsData() || url.protocolIsBlob() || !origin || origin->canRequest(url);
}
-NetworkLoadChecker::NetworkLoadChecker(FetchOptions&& options, PAL::SessionID sessionID, HTTPHeaderMap&& originalRequestHeaders, URL&& url, RefPtr<SecurityOrigin>&& sourceOrigin, PreflightPolicy preflightPolicy)
+NetworkLoadChecker::NetworkLoadChecker(FetchOptions&& options, PAL::SessionID sessionID, HTTPHeaderMap&& originalRequestHeaders, URL&& url, RefPtr<SecurityOrigin>&& sourceOrigin, PreflightPolicy preflightPolicy, String&& referrer)
: m_options(WTFMove(options))
, m_sessionID(sessionID)
, m_originalRequestHeaders(WTFMove(originalRequestHeaders))
@@ -55,6 +55,7 @@
, m_url(WTFMove(url))
, m_origin(WTFMove(sourceOrigin))
, m_preflightPolicy(preflightPolicy)
+ , m_referrer(WTFMove(referrer))
{
m_isSameOriginRequest = isSameOrigin(m_url, m_origin.get());
switch (options.credentials) {
@@ -314,7 +315,7 @@
{
if (!m_contentSecurityPolicy && m_cspResponseHeaders) {
m_contentSecurityPolicy = std::make_unique<ContentSecurityPolicy>(*m_origin);
- m_contentSecurityPolicy->didReceiveHeaders(*m_cspResponseHeaders, ContentSecurityPolicy::ReportParsingErrors::No);
+ m_contentSecurityPolicy->didReceiveHeaders(*m_cspResponseHeaders, String { m_referrer }, ContentSecurityPolicy::ReportParsingErrors::No);
}
return m_contentSecurityPolicy.get();
}
Modified: trunk/Source/WebKit/NetworkProcess/NetworkLoadChecker.h (231444 => 231445)
--- trunk/Source/WebKit/NetworkProcess/NetworkLoadChecker.h 2018-05-07 17:47:52 UTC (rev 231444)
+++ trunk/Source/WebKit/NetworkProcess/NetworkLoadChecker.h 2018-05-07 17:52:34 UTC (rev 231445)
@@ -42,9 +42,9 @@
class NetworkLoadChecker : public RefCounted<NetworkLoadChecker> {
public:
- static Ref<NetworkLoadChecker> create(WebCore::FetchOptions&& options, PAL::SessionID sessionID, WebCore::HTTPHeaderMap&& originalHeaders, WebCore::URL&& url, RefPtr<WebCore::SecurityOrigin>&& sourceOrigin, WebCore::PreflightPolicy preflightPolicy)
+ static Ref<NetworkLoadChecker> create(WebCore::FetchOptions&& options, PAL::SessionID sessionID, WebCore::HTTPHeaderMap&& originalHeaders, WebCore::URL&& url, RefPtr<WebCore::SecurityOrigin>&& sourceOrigin, WebCore::PreflightPolicy preflightPolicy, String&& referrer)
{
- return adoptRef(*new NetworkLoadChecker { WTFMove(options), sessionID, WTFMove(originalHeaders), WTFMove(url), WTFMove(sourceOrigin), preflightPolicy });
+ return adoptRef(*new NetworkLoadChecker { WTFMove(options), sessionID, WTFMove(originalHeaders), WTFMove(url), WTFMove(sourceOrigin), preflightPolicy, WTFMove(referrer) });
}
~NetworkLoadChecker();
@@ -69,7 +69,7 @@
WebCore::StoredCredentialsPolicy storedCredentialsPolicy() const { return m_storedCredentialsPolicy; }
private:
- NetworkLoadChecker(WebCore::FetchOptions&&, PAL::SessionID, WebCore::HTTPHeaderMap&&, WebCore::URL&&, RefPtr<WebCore::SecurityOrigin>&&, WebCore::PreflightPolicy);
+ NetworkLoadChecker(WebCore::FetchOptions&&, PAL::SessionID, WebCore::HTTPHeaderMap&&, WebCore::URL&&, RefPtr<WebCore::SecurityOrigin>&&, WebCore::PreflightPolicy, String&& referrer);
WebCore::ContentSecurityPolicy* contentSecurityPolicy() const;
bool isChecking() const { return !!m_corsPreflightChecker; }
@@ -111,6 +111,7 @@
WebCore::URL m_previousURL;
WebCore::PreflightPolicy m_preflightPolicy;
String m_dntHeaderValue;
+ String m_referrer;
};
}
Modified: trunk/Source/WebKit/NetworkProcess/NetworkResourceLoader.cpp (231444 => 231445)
--- trunk/Source/WebKit/NetworkProcess/NetworkResourceLoader.cpp 2018-05-07 17:47:52 UTC (rev 231444)
+++ trunk/Source/WebKit/NetworkProcess/NetworkResourceLoader.cpp 2018-05-07 17:52:34 UTC (rev 231445)
@@ -111,7 +111,7 @@
}
if (synchronousReply || parameters.shouldRestrictHTTPResponseAccess) {
- m_networkLoadChecker = NetworkLoadChecker::create(FetchOptions { m_parameters.options }, m_parameters.sessionID, HTTPHeaderMap { m_parameters.originalRequestHeaders }, URL { m_parameters.request.url() }, m_parameters.sourceOrigin.copyRef(), m_parameters.preflightPolicy);
+ m_networkLoadChecker = NetworkLoadChecker::create(FetchOptions { m_parameters.options }, m_parameters.sessionID, HTTPHeaderMap { m_parameters.originalRequestHeaders }, URL { m_parameters.request.url() }, m_parameters.sourceOrigin.copyRef(), m_parameters.preflightPolicy, originalRequest().httpReferrer());
if (m_parameters.cspResponseHeaders)
m_networkLoadChecker->setCSPResponseHeaders(ContentSecurityPolicyResponseHeaders { m_parameters.cspResponseHeaders.value() });
#if ENABLE(CONTENT_EXTENSIONS)
Modified: trunk/Source/WebKit/NetworkProcess/PingLoad.cpp (231444 => 231445)
--- trunk/Source/WebKit/NetworkProcess/PingLoad.cpp 2018-05-07 17:47:52 UTC (rev 231444)
+++ trunk/Source/WebKit/NetworkProcess/PingLoad.cpp 2018-05-07 17:52:34 UTC (rev 231445)
@@ -42,7 +42,7 @@
: m_parameters(WTFMove(parameters))
, m_completionHandler(WTFMove(completionHandler))
, m_timeoutTimer(*this, &PingLoad::timeoutTimerFired)
- , m_networkLoadChecker(NetworkLoadChecker::create(FetchOptions { m_parameters.options}, m_parameters.sessionID, WTFMove(m_parameters.originalRequestHeaders), URL { m_parameters.request.url() }, m_parameters.sourceOrigin.copyRef(), m_parameters.preflightPolicy))
+ , m_networkLoadChecker(NetworkLoadChecker::create(FetchOptions { m_parameters.options}, m_parameters.sessionID, WTFMove(m_parameters.originalRequestHeaders), URL { m_parameters.request.url() }, m_parameters.sourceOrigin.copyRef(), m_parameters.preflightPolicy, m_parameters.request.httpReferrer()))
{
if (m_parameters.cspResponseHeaders)
