Diff
Modified: branches/safari-607-branch/Source/WebCore/ChangeLog (241105 => 241106)
--- branches/safari-607-branch/Source/WebCore/ChangeLog 2019-02-06 23:18:07 UTC (rev 241105)
+++ branches/safari-607-branch/Source/WebCore/ChangeLog 2019-02-07 00:02:53 UTC (rev 241106)
@@ -1,5 +1,62 @@
2019-02-06 Alan Coon <[email protected]>
+ Apply patch. rdar://problem/47822019
+
+ 2019-02-06 Ryosuke Niwa <[email protected]>
+
+ Validate navigation policy decisions to avoid crashes in continueLoadAfterNavigationPolicy
+ https://bugs.webkit.org/show_bug.cgi?id=194189
+
+ Reviewed by Geoffrey Garen.
+
+ Introduced PolicyCheckIdentifier to pair each navigation policy check request with a decision,
+ and deployed it in PolicyChecker. The identifier is passed from WebContent process to UI process
+ in WebKit2, and passed it back with the policy decision.
+
+ Because PolicyCheckIdentifier embeds the process identifier from which a navigation policy is checked,
+ we would be able to detect when UI process had sent the decision to a wrong WebContent process.
+
+ This patch also adds release assertions to make sure history().provisionalItem() is set whenever
+ we're requesting a navigation policy check.
+
+ These code changes should either:
+ 1. Fix crashes in FrameLoader::continueLoadAfterNavigationPolicy where isBackForwardLoadType would
+ return true yet history().provisionalItem() is null.
+ 2. Detect a bug that UI process can send a navigation policy decision to a wrong WebContent process.
+ 3. Rule out the possibility that (2) exists.
+
+ * loader/DocumentLoader.cpp:
+ (WebCore::DocumentLoader::willSendRequest):
+ (WebCore::DocumentLoader::responseReceived):
+ * loader/EmptyClients.cpp:
+ (WebCore::EmptyFrameLoaderClient::dispatchDecidePolicyForNewWindowAction):
+ (WebCore::EmptyFrameLoaderClient::dispatchDecidePolicyForNavigationAction):
+ * loader/EmptyFrameLoaderClient.h:
+ * loader/FrameLoader.cpp:
+ (WebCore::FrameLoader::checkContentPolicy):
+ (WebCore::FrameLoader::loadURL):
+ (WebCore::FrameLoader::load):
+ (WebCore::FrameLoader::loadWithDocumentLoader):
+ (WebCore::FrameLoader::loadPostRequest):
+ * loader/FrameLoader.h:
+ * loader/FrameLoaderClient.h:
+ * loader/FrameLoaderTypes.h:
+ (WebCore::PolicyCheckIdentifier): Added.
+ (WebCore::PolicyCheckIdentifier::operator== const): Added.
+ (WebCore::PolicyCheckIdentifier::PolicyCheckIdentifier): Added.
+ (WebCore::PolicyCheckIdentifier::encode const): Added.
+ (WebCore::PolicyCheckIdentifier::decode): Added.
+ * loader/PolicyChecker.cpp:
+ (WebCore::PolicyCheckIdentifier::generate):
+ (WebCore::PolicyCheckIdentifier::isValidFor): Returns true if the identifer matches. Also release asserts
+ that the process ID is same, and that m_check is always not zero (meaning it's a generated value).
+ The failure of these release assertions would indicate that there is a bug in UI process, which results in
+ a policy decision response being sent to a wrong Web process.
+ (WebCore::PolicyChecker::checkNavigationPolicy): Exit early if isValidFor fails.
+ (WebCore::PolicyChecker::checkNewWindowPolicy):
+
+2019-02-06 Alan Coon <[email protected]>
+
Cherry-pick r240804. rdar://problem/47774520
[Cocoa][EME] Modern EME uses a different path for SecureStop data than Legacy EME
Modified: branches/safari-607-branch/Source/WebCore/loader/DocumentLoader.cpp (241105 => 241106)
--- branches/safari-607-branch/Source/WebCore/loader/DocumentLoader.cpp 2019-02-06 23:18:07 UTC (rev 241105)
+++ branches/safari-607-branch/Source/WebCore/loader/DocumentLoader.cpp 2019-02-07 00:02:53 UTC (rev 241106)
@@ -56,6 +56,7 @@
#include "HTTPHeaderField.h"
#include "HTTPHeaderNames.h"
#include "HistoryItem.h"
+#include "HistoryController.h"
#include "IconLoader.h"
#include "InspectorInstrumentation.h"
#include "LinkIconCollector.h"
@@ -661,7 +662,10 @@
ASSERT(!m_waitingForNavigationPolicy);
m_waitingForNavigationPolicy = true;
- frameLoader()->policyChecker().checkNavigationPolicy(WTFMove(newRequest), redirectResponse, WTFMove(navigationPolicyCompletionHandler));
+ // FIXME: Add a load type check.
+ auto& policyChecker = frameLoader()->policyChecker();
+ RELEASE_ASSERT(!isBackForwardLoadType(policyChecker.loadType()) || frameLoader()->history().provisionalItem());
+ policyChecker.checkNavigationPolicy(WTFMove(newRequest), redirectResponse, WTFMove(navigationPolicyCompletionHandler));
}
bool DocumentLoader::tryLoadingRequestFromApplicationCache()
@@ -838,7 +842,10 @@
RefPtr<SubresourceLoader> mainResourceLoader = this->mainResourceLoader();
if (mainResourceLoader)
mainResourceLoader->markInAsyncResponsePolicyCheck();
- frameLoader()->checkContentPolicy(m_response, [this, protectedThis = makeRef(*this), mainResourceLoader = WTFMove(mainResourceLoader), completionHandler = completionHandlerCaller.release()] (PolicyAction policy) mutable {
+ auto requestIdentifier = PolicyCheckIdentifier::create();
+ frameLoader()->checkContentPolicy(m_response, requestIdentifier, [this, protectedThis = makeRef(*this), mainResourceLoader = WTFMove(mainResourceLoader),
+ completionHandler = completionHandlerCaller.release(), requestIdentifier] (PolicyAction policy, PolicyCheckIdentifier responseIdentifeir) mutable {
+ RELEASE_ASSERT(responseIdentifeir.isValidFor(requestIdentifier));
continueAfterContentPolicy(policy);
if (mainResourceLoader)
mainResourceLoader->didReceiveResponsePolicy();
Modified: branches/safari-607-branch/Source/WebCore/loader/EmptyClients.cpp (241105 => 241106)
--- branches/safari-607-branch/Source/WebCore/loader/EmptyClients.cpp 2019-02-06 23:18:07 UTC (rev 241105)
+++ branches/safari-607-branch/Source/WebCore/loader/EmptyClients.cpp 2019-02-07 00:02:53 UTC (rev 241106)
@@ -451,11 +451,11 @@
return PAL::SessionID::defaultSessionID();
}
-void EmptyFrameLoaderClient::dispatchDecidePolicyForNewWindowAction(const NavigationAction&, const ResourceRequest&, FormState*, const String&, FramePolicyFunction&&)
+void EmptyFrameLoaderClient::dispatchDecidePolicyForNewWindowAction(const NavigationAction&, const ResourceRequest&, FormState*, const String&, PolicyCheckIdentifier, FramePolicyFunction&&)
{
}
-void EmptyFrameLoaderClient::dispatchDecidePolicyForNavigationAction(const NavigationAction&, const ResourceRequest&, const ResourceResponse&, FormState*, PolicyDecisionMode, FramePolicyFunction&&)
+void EmptyFrameLoaderClient::dispatchDecidePolicyForNavigationAction(const NavigationAction&, const ResourceRequest&, const ResourceResponse&, FormState*, PolicyDecisionMode, PolicyCheckIdentifier, FramePolicyFunction&&)
{
}
Modified: branches/safari-607-branch/Source/WebCore/loader/EmptyFrameLoaderClient.h (241105 => 241106)
--- branches/safari-607-branch/Source/WebCore/loader/EmptyFrameLoaderClient.h 2019-02-06 23:18:07 UTC (rev 241105)
+++ branches/safari-607-branch/Source/WebCore/loader/EmptyFrameLoaderClient.h 2019-02-07 00:02:53 UTC (rev 241106)
@@ -93,9 +93,9 @@
Frame* dispatchCreatePage(const NavigationAction&) final { return nullptr; }
void dispatchShow() final { }
- void dispatchDecidePolicyForResponse(const ResourceResponse&, const ResourceRequest&, FramePolicyFunction&&) final { }
- void dispatchDecidePolicyForNewWindowAction(const NavigationAction&, const ResourceRequest&, FormState*, const String&, FramePolicyFunction&&) final;
- void dispatchDecidePolicyForNavigationAction(const NavigationAction&, const ResourceRequest&, const ResourceResponse& redirectResponse, FormState*, PolicyDecisionMode, FramePolicyFunction&&) final;
+ void dispatchDecidePolicyForResponse(const ResourceResponse&, const ResourceRequest&, PolicyCheckIdentifier, FramePolicyFunction&&) final { }
+ void dispatchDecidePolicyForNewWindowAction(const NavigationAction&, const ResourceRequest&, FormState*, const String&, PolicyCheckIdentifier, FramePolicyFunction&&) final;
+ void dispatchDecidePolicyForNavigationAction(const NavigationAction&, const ResourceRequest&, const ResourceResponse& redirectResponse, FormState*, PolicyDecisionMode, PolicyCheckIdentifier, FramePolicyFunction&&) final;
void cancelPolicyCheck() final { }
void dispatchUnableToImplementPolicy(const ResourceError&) final { }
Modified: branches/safari-607-branch/Source/WebCore/loader/FrameLoader.cpp (241105 => 241106)
--- branches/safari-607-branch/Source/WebCore/loader/FrameLoader.cpp 2019-02-06 23:18:07 UTC (rev 241105)
+++ branches/safari-607-branch/Source/WebCore/loader/FrameLoader.cpp 2019-02-07 00:02:53 UTC (rev 241106)
@@ -363,15 +363,16 @@
}
}
-void FrameLoader::checkContentPolicy(const ResourceResponse& response, ContentPolicyDecisionFunction&& function)
+void FrameLoader::checkContentPolicy(const ResourceResponse& response, PolicyCheckIdentifier identifier, ContentPolicyDecisionFunction&& function)
{
if (!activeDocumentLoader()) {
// Load was cancelled
- function(PolicyAction::Ignore);
+ function(PolicyAction::Ignore, identifier);
return;
}
- client().dispatchDecidePolicyForResponse(response, activeDocumentLoader()->request(), WTFMove(function));
+ // FIXME: Validate the policy check identifier.
+ client().dispatchDecidePolicyForResponse(response, activeDocumentLoader()->request(), identifier, WTFMove(function));
}
void FrameLoader::changeLocation(FrameLoadRequest&& request)
@@ -1379,6 +1380,7 @@
if (!targetFrame && !effectiveFrameName.isEmpty()) {
action = "" frameLoadRequest));
+ RELEASE_ASSERT(!isBackForwardLoadType(policyChecker().loadType()));
policyChecker().checkNewWindowPolicy(WTFMove(action), WTFMove(request), WTFMove(formState), effectiveFrameName, [this, allowNavigationToInvalidURL, openerPolicy, completionHandler = completionHandlerCaller.release()] (const ResourceRequest& request, WeakPtr<FormState>&& formState, const String& frameName, const NavigationAction& action, ShouldContinue shouldContinue) mutable {
continueLoadAfterNewWindowPolicy(request, formState.get(), frameName, action, shouldContinue, allowNavigationToInvalidURL, openerPolicy);
completionHandler();
@@ -1399,6 +1401,7 @@
oldDocumentLoader->setLastCheckedRequest(ResourceRequest());
policyChecker().stopCheck();
policyChecker().setLoadType(newLoadType);
+ RELEASE_ASSERT(!isBackForwardLoadType(newLoadType) || history().provisionalItem());
policyChecker().checkNavigationPolicy(WTFMove(request), ResourceResponse { } /* redirectResponse */, oldDocumentLoader.get(), WTFMove(formState), [this, protectedFrame = makeRef(m_frame)] (const ResourceRequest& request, WeakPtr<FormState>&&, NavigationPolicyDecision navigationPolicyDecision) {
continueFragmentScrollAfterNavigationPolicy(request, navigationPolicyDecision == NavigationPolicyDecision::ContinueLoad);
}, PolicyDecisionMode::Synchronous);
@@ -1462,6 +1465,7 @@
if (request.shouldCheckNewWindowPolicy()) {
NavigationAction action { request.requester(), request.resourceRequest(), InitiatedByMainFrame::Unknown, NavigationType::Other, request.shouldOpenExternalURLsPolicy() };
+ RELEASE_ASSERT(!isBackForwardLoadType(policyChecker().loadType()));
policyChecker().checkNewWindowPolicy(WTFMove(action), WTFMove(request.resourceRequest()), { }, request.frameName(), [this] (const ResourceRequest& request, WeakPtr<FormState>&& formState, const String& frameName, const NavigationAction& action, ShouldContinue shouldContinue) {
continueLoadAfterNewWindowPolicy(request, formState.get(), frameName, action, shouldContinue, AllowNavigationToInvalidURL::Yes, NewFrameOpenerPolicy::Suppress);
});
@@ -1585,6 +1589,7 @@
}
policyChecker().setLoadType(type);
+ RELEASE_ASSERT(!isBackForwardLoadType(type) || history().provisionalItem());
bool isFormSubmission = formState;
const String& httpMethod = loader->request().httpMethod();
@@ -1596,6 +1601,7 @@
oldDocumentLoader->setTriggeringAction(WTFMove(action));
oldDocumentLoader->setLastCheckedRequest(ResourceRequest());
policyChecker().stopCheck();
+ RELEASE_ASSERT(!isBackForwardLoadType(policyChecker().loadType()) || history().provisionalItem());
policyChecker().checkNavigationPolicy(ResourceRequest(loader->request()), ResourceResponse { } /* redirectResponse */, oldDocumentLoader.get(), WTFMove(formState), [this, protectedFrame = makeRef(m_frame)] (const ResourceRequest& request, WeakPtr<FormState>&&, NavigationPolicyDecision navigationPolicyDecision) {
continueFragmentScrollAfterNavigationPolicy(request, navigationPolicyDecision == NavigationPolicyDecision::ContinueLoad);
}, PolicyDecisionMode::Synchronous);
@@ -1630,6 +1636,7 @@
return;
}
+ RELEASE_ASSERT(!isBackForwardLoadType(policyChecker().loadType()) || history().provisionalItem());
policyChecker().checkNavigationPolicy(ResourceRequest(loader->request()), ResourceResponse { } /* redirectResponse */, loader, WTFMove(formState), [this, protectedFrame = makeRef(m_frame), allowNavigationToInvalidURL, completionHandler = completionHandlerCaller.release()] (const ResourceRequest& request, WeakPtr<FormState>&& formState, NavigationPolicyDecision navigationPolicyDecision) mutable {
continueLoadAfterNavigationPolicy(request, formState.get(), navigationPolicyDecision, allowNavigationToInvalidURL);
completionHandler();
@@ -2988,6 +2995,7 @@
return;
}
+ RELEASE_ASSERT(!isBackForwardLoadType(policyChecker().loadType()));
policyChecker().checkNewWindowPolicy(WTFMove(action), WTFMove(workingResourceRequest), WTFMove(formState), frameName, [this, allowNavigationToInvalidURL, openerPolicy, completionHandler = WTFMove(completionHandler)] (const ResourceRequest& request, WeakPtr<FormState>&& formState, const String& frameName, const NavigationAction& action, ShouldContinue shouldContinue) mutable {
continueLoadAfterNewWindowPolicy(request, formState.get(), frameName, action, shouldContinue, allowNavigationToInvalidURL, openerPolicy);
completionHandler();
Modified: branches/safari-607-branch/Source/WebCore/loader/FrameLoader.h (241105 => 241106)
--- branches/safari-607-branch/Source/WebCore/loader/FrameLoader.h 2019-02-06 23:18:07 UTC (rev 241105)
+++ branches/safari-607-branch/Source/WebCore/loader/FrameLoader.h 2019-02-07 00:02:53 UTC (rev 241106)
@@ -92,7 +92,7 @@
WEBCORE_EXPORT bool isBackForwardLoadType(FrameLoadType);
WEBCORE_EXPORT bool isReload(FrameLoadType);
-using ContentPolicyDecisionFunction = WTF::Function<void(PolicyAction)>;
+using ContentPolicyDecisionFunction = WTF::Function<void(PolicyAction, PolicyCheckIdentifier)>;
class FrameLoader {
WTF_MAKE_NONCOPYABLE(FrameLoader);
@@ -224,7 +224,7 @@
void setDefersLoading(bool);
- void checkContentPolicy(const ResourceResponse&, ContentPolicyDecisionFunction&&);
+ void checkContentPolicy(const ResourceResponse&, PolicyCheckIdentifier, ContentPolicyDecisionFunction&&);
void didExplicitOpen();
Modified: branches/safari-607-branch/Source/WebCore/loader/FrameLoaderClient.h (241105 => 241106)
--- branches/safari-607-branch/Source/WebCore/loader/FrameLoaderClient.h 2019-02-06 23:18:07 UTC (rev 241105)
+++ branches/safari-607-branch/Source/WebCore/loader/FrameLoaderClient.h 2019-02-07 00:02:53 UTC (rev 241106)
@@ -107,7 +107,7 @@
struct StringWithDirection;
-typedef WTF::Function<void (PolicyAction)> FramePolicyFunction;
+typedef WTF::Function<void (PolicyAction, PolicyCheckIdentifier)> FramePolicyFunction;
class WEBCORE_EXPORT FrameLoaderClient {
public:
@@ -190,9 +190,9 @@
virtual Frame* dispatchCreatePage(const NavigationAction&) = 0;
virtual void dispatchShow() = 0;
- virtual void dispatchDecidePolicyForResponse(const ResourceResponse&, const ResourceRequest&, FramePolicyFunction&&) = 0;
- virtual void dispatchDecidePolicyForNewWindowAction(const NavigationAction&, const ResourceRequest&, FormState*, const String& frameName, FramePolicyFunction&&) = 0;
- virtual void dispatchDecidePolicyForNavigationAction(const NavigationAction&, const ResourceRequest&, const ResourceResponse& redirectResponse, FormState*, PolicyDecisionMode, FramePolicyFunction&&) = 0;
+ virtual void dispatchDecidePolicyForResponse(const ResourceResponse&, const ResourceRequest&, PolicyCheckIdentifier, FramePolicyFunction&&) = 0;
+ virtual void dispatchDecidePolicyForNewWindowAction(const NavigationAction&, const ResourceRequest&, FormState*, const String& frameName, PolicyCheckIdentifier, FramePolicyFunction&&) = 0;
+ virtual void dispatchDecidePolicyForNavigationAction(const NavigationAction&, const ResourceRequest&, const ResourceResponse& redirectResponse, FormState*, PolicyDecisionMode, PolicyCheckIdentifier, FramePolicyFunction&&) = 0;
virtual void cancelPolicyCheck() = 0;
virtual void dispatchUnableToImplementPolicy(const ResourceError&) = 0;
Modified: branches/safari-607-branch/Source/WebCore/loader/FrameLoaderTypes.h (241105 => 241106)
--- branches/safari-607-branch/Source/WebCore/loader/FrameLoaderTypes.h 2019-02-06 23:18:07 UTC (rev 241105)
+++ branches/safari-607-branch/Source/WebCore/loader/FrameLoaderTypes.h 2019-02-07 00:02:53 UTC (rev 241106)
@@ -29,6 +29,7 @@
#pragma once
#include "IntRect.h"
+#include "ProcessIdentifier.h"
namespace WebCore {
@@ -66,6 +67,48 @@
ReloadExpiredOnly
};
+class PolicyCheckIdentifier {
+public:
+ PolicyCheckIdentifier() = default;
+
+ static PolicyCheckIdentifier create();
+
+ bool isValidFor(PolicyCheckIdentifier);
+ bool operator==(const PolicyCheckIdentifier& other) const { return m_process == other.m_process && m_policyCheck == other.m_policyCheck; }
+
+ template<class Encoder> void encode(Encoder&) const;
+ template<class Decoder> static Optional<PolicyCheckIdentifier> decode(Decoder&);
+
+private:
+ PolicyCheckIdentifier(ProcessIdentifier process, uint64_t policyCheck)
+ : m_process(process)
+ , m_policyCheck(policyCheck)
+ { }
+
+ ProcessIdentifier m_process;
+ uint64_t m_policyCheck { 0 };
+};
+
+template<class Encoder>
+void PolicyCheckIdentifier::encode(Encoder& encoder) const
+{
+ encoder << m_process << m_policyCheck;
+}
+
+template<class Decoder>
+Optional<PolicyCheckIdentifier> PolicyCheckIdentifier::decode(Decoder& decoder)
+{
+ auto process = ProcessIdentifier::decode(decoder);
+ if (!process)
+ return WTF::nullopt;
+
+ uint64_t policyCheck;
+ if (!decoder.decode(policyCheck))
+ return WTF::nullopt;
+
+ return PolicyCheckIdentifier { *process, policyCheck };
+}
+
enum class NewFrameOpenerPolicy : uint8_t {
Suppress,
Allow
Modified: branches/safari-607-branch/Source/WebCore/loader/PolicyChecker.cpp (241105 => 241106)
--- branches/safari-607-branch/Source/WebCore/loader/PolicyChecker.cpp 2019-02-06 23:18:07 UTC (rev 241105)
+++ branches/safari-607-branch/Source/WebCore/loader/PolicyChecker.cpp 2019-02-07 00:02:53 UTC (rev 241106)
@@ -71,6 +71,21 @@
return ownerElement->document().contentSecurityPolicy()->allowChildFrameFromSource(url, redirectResponseReceived);
}
+PolicyCheckIdentifier PolicyCheckIdentifier::create()
+{
+ static uint64_t identifier = 0;
+ identifier++;
+ return PolicyCheckIdentifier { Process::identifier(), identifier };
+}
+
+bool PolicyCheckIdentifier::isValidFor(PolicyCheckIdentifier expectedIdentifier)
+{
+ RELEASE_ASSERT_WITH_MESSAGE(m_process == expectedIdentifier.m_process, "Received a policy check response for a wrong process");
+ RELEASE_ASSERT_WITH_MESSAGE(m_policyCheck, "Received 0 as the policy check identifier");
+ RELEASE_ASSERT_WITH_MESSAGE(m_policyCheck <= expectedIdentifier.m_policyCheck, "Received a policy check response from the future");
+ return m_policyCheck == expectedIdentifier.m_policyCheck;
+}
+
PolicyChecker::PolicyChecker(Frame& frame)
: m_frame(frame)
, m_delegateIsDecidingNavigationPolicy(false)
@@ -170,9 +185,16 @@
auto blobURLLifetimeExtension = policyDecisionMode == PolicyDecisionMode::Asynchronous ? extendBlobURLLifetimeIfNecessary(request) : CompletionHandlerCallingScope { };
+ auto requestIdentifier = PolicyCheckIdentifier::create();
m_delegateIsDecidingNavigationPolicy = true;
String suggestedFilename = action.downloadAttribute().isEmpty() ? nullAtom() : action.downloadAttribute();
- m_frame.loader().client().dispatchDecidePolicyForNavigationAction(action, request, redirectResponse, formState.get(), policyDecisionMode, [this, function = WTFMove(function), request = ResourceRequest(request), formState = WTFMove(formState), suggestedFilename = WTFMove(suggestedFilename), blobURLLifetimeExtension = WTFMove(blobURLLifetimeExtension)](PolicyAction policyAction) mutable {
+ m_frame.loader().client().dispatchDecidePolicyForNavigationAction(action, request, redirectResponse, formState.get(), policyDecisionMode, requestIdentifier,
+ [this, function = WTFMove(function), request = ResourceRequest(request), formState = WTFMove(formState), suggestedFilename = WTFMove(suggestedFilename),
+ blobURLLifetimeExtension = WTFMove(blobURLLifetimeExtension), requestIdentifier] (PolicyAction policyAction, PolicyCheckIdentifier responseIdentifier) mutable {
+
+ if (!responseIdentifier.isValidFor(requestIdentifier))
+ return;
+
m_delegateIsDecidingNavigationPolicy = false;
switch (policyAction) {
@@ -206,7 +228,14 @@
auto blobURLLifetimeExtension = extendBlobURLLifetimeIfNecessary(request);
- m_frame.loader().client().dispatchDecidePolicyForNewWindowAction(navigationAction, request, formState.get(), frameName, [frame = makeRef(m_frame), request, formState = WTFMove(formState), frameName, navigationAction, function = WTFMove(function), blobURLLifetimeExtension = WTFMove(blobURLLifetimeExtension)](PolicyAction policyAction) mutable {
+ auto requestIdentifier = PolicyCheckIdentifier::create();
+ m_frame.loader().client().dispatchDecidePolicyForNewWindowAction(navigationAction, request, formState.get(), frameName, requestIdentifier, [frame = makeRef(m_frame), request,
+ formState = WTFMove(formState), frameName, navigationAction, function = WTFMove(function), blobURLLifetimeExtension = WTFMove(blobURLLifetimeExtension),
+ requestIdentifier] (PolicyAction policyAction, PolicyCheckIdentifier responseIdentifier) mutable {
+
+ if (!responseIdentifier.isValidFor(requestIdentifier))
+ return;
+
switch (policyAction) {
case PolicyAction::Download:
frame->loader().client().startDownload(request);
Modified: branches/safari-607-branch/Source/WebKit/ChangeLog (241105 => 241106)
--- branches/safari-607-branch/Source/WebKit/ChangeLog 2019-02-06 23:18:07 UTC (rev 241105)
+++ branches/safari-607-branch/Source/WebKit/ChangeLog 2019-02-07 00:02:53 UTC (rev 241106)
@@ -1,5 +1,57 @@
2019-02-06 Alan Coon <[email protected]>
+ Apply patch. rdar://problem/47822019
+
+ 2019-02-06 Ryosuke Niwa <[email protected]>
+
+ Validate navigation policy decisions to avoid crashes in continueLoadAfterNavigationPolicy
+ https://bugs.webkit.org/show_bug.cgi?id=194189
+
+ Reviewed by Geoffrey Garen.
+
+ Pass the policy check identifier around functions and store it in PolicyDecisionSender
+ so that we can send it back to WebCore with the navigation policy decision.
+
+ We also store it in WebFrame in the case the policy decision had to be invalidated
+ before the decision was received (via WebFrame::invalidatePolicyListener).
+
+ * Scripts/webkit/messages.py:
+ * UIProcess/ProvisionalPageProxy.cpp:
+ (WebKit::ProvisionalPageProxy::decidePolicyForNavigationActionAsync):
+ (WebKit::ProvisionalPageProxy::decidePolicyForResponse):
+ * UIProcess/ProvisionalPageProxy.h:
+ * UIProcess/WebPageProxy.cpp:
+ (WebKit::WebPageProxy::PolicyDecisionSender): Added PolicyCheckIdentifier as a member.
+ (WebKit::WebPageProxy::PolicyDecisionSender::create):
+ (WebKit::WebPageProxy::PolicyDecisionSender::send):
+ (WebKit::WebPageProxy::PolicyDecisionSender::PolicyDecisionSender):
+ (WebKit::WebPageProxy::receivedNavigationPolicyDecision):
+ (WebKit::WebPageProxy::decidePolicyForNavigationActionAsync):
+ (WebKit::WebPageProxy::decidePolicyForNavigationActionAsyncShared):
+ (WebKit::WebPageProxy::decidePolicyForNavigationAction):
+ (WebKit::WebPageProxy::decidePolicyForNavigationActionSync):
+ (WebKit::WebPageProxy::decidePolicyForNewWindowAction):
+ (WebKit::WebPageProxy::decidePolicyForResponse):
+ (WebKit::WebPageProxy::decidePolicyForResponseShared):
+ * UIProcess/WebPageProxy.h:
+ * UIProcess/WebPageProxy.messages.in:
+ * WebProcess/WebCoreSupport/WebFrameLoaderClient.cpp:
+ (WebKit::WebFrameLoaderClient::dispatchDecidePolicyForResponse):
+ (WebKit::WebFrameLoaderClient::dispatchDecidePolicyForNewWindowAction):
+ (WebKit::WebFrameLoaderClient::dispatchDecidePolicyForNavigationAction):
+ * WebProcess/WebCoreSupport/WebFrameLoaderClient.h:
+ * WebProcess/WebPage/WebFrame.cpp:
+ (WebKit::WebFrame::setUpPolicyListener):
+ (WebKit::WebFrame::invalidatePolicyListener):
+ (WebKit::WebFrame::didReceivePolicyDecision):
+ * WebProcess/WebPage/WebFrame.h:
+ * WebProcess/WebPage/WebPage.cpp:
+ (WebKit::WebPage::didReceivePolicyDecision):
+ * WebProcess/WebPage/WebPage.h:
+ * WebProcess/WebPage/WebPage.messages.in:
+
+2019-02-06 Alan Coon <[email protected]>
+
Cherry-pick r239845. rdar://problem/47776472
[macOS] Add name of IORegistry key in sandbox.
Modified: branches/safari-607-branch/Source/WebKit/Scripts/webkit/messages.py (241105 => 241106)
--- branches/safari-607-branch/Source/WebKit/Scripts/webkit/messages.py 2019-02-06 23:18:07 UTC (rev 241105)
+++ branches/safari-607-branch/Source/WebKit/Scripts/webkit/messages.py 2019-02-07 00:02:53 UTC (rev 241106)
@@ -419,6 +419,7 @@
'WebCore::PaymentMethodUpdate': ['<WebCore/ApplePaySessionPaymentRequest.h>'],
'WebCore::PluginInfo': ['<WebCore/PluginData.h>'],
'WebCore::PolicyAction': ['<WebCore/FrameLoaderTypes.h>'],
+ 'WebCore::PolicyCheckIdentifier': ['<WebCore/FrameLoaderTypes.h>'],
'WebCore::RecentSearch': ['<WebCore/SearchPopupMenu.h>'],
'WebCore::RouteSharingPolicy': ['<WebCore/AudioSession.h>'],
'WebCore::SWServerConnectionIdentifier': ['<WebCore/ServiceWorkerTypes.h>'],
Modified: branches/safari-607-branch/Source/WebKit/UIProcess/ProvisionalPageProxy.cpp (241105 => 241106)
--- branches/safari-607-branch/Source/WebKit/UIProcess/ProvisionalPageProxy.cpp 2019-02-06 23:18:07 UTC (rev 241105)
+++ branches/safari-607-branch/Source/WebKit/UIProcess/ProvisionalPageProxy.cpp 2019-02-07 00:02:53 UTC (rev 241106)
@@ -262,16 +262,20 @@
m_page.didChangeProvisionalURLForFrameShared(m_process.copyRef(), frameID, navigationID, WTFMove(url));
}
-void ProvisionalPageProxy::decidePolicyForNavigationActionAsync(uint64_t frameID, WebCore::SecurityOriginData&& frameSecurityOrigin, uint64_t navigationID, NavigationActionData&& navigationActionData, FrameInfoData&& frameInfoData, uint64_t originatingPageID, const WebCore::ResourceRequest& originalRequest, WebCore::ResourceRequest&& request, IPC::FormDataReference&& requestBody, WebCore::ResourceResponse&& redirectResponse, const UserData& userData, uint64_t listenerID)
+void ProvisionalPageProxy::decidePolicyForNavigationActionAsync(uint64_t frameID, WebCore::SecurityOriginData&& frameSecurityOrigin, WebCore::PolicyCheckIdentifier identifier,
+ uint64_t navigationID, NavigationActionData&& navigationActionData, FrameInfoData&& frameInfoData, uint64_t originatingPageID, const WebCore::ResourceRequest& originalRequest,
+ WebCore::ResourceRequest&& request, IPC::FormDataReference&& requestBody, WebCore::ResourceResponse&& redirectResponse, const UserData& userData, uint64_t listenerID)
{
ASSERT(m_mainFrame);
ASSERT(m_mainFrame->frameID() == frameID);
- m_page.decidePolicyForNavigationActionAsyncShared(m_process.copyRef(), frameID, WTFMove(frameSecurityOrigin), navigationID, WTFMove(navigationActionData), WTFMove(frameInfoData), originatingPageID, originalRequest, WTFMove(request), WTFMove(requestBody), WTFMove(redirectResponse), userData, listenerID);
+ m_page.decidePolicyForNavigationActionAsyncShared(m_process.copyRef(), frameID, WTFMove(frameSecurityOrigin), identifier, navigationID, WTFMove(navigationActionData),
+ WTFMove(frameInfoData), originatingPageID, originalRequest, WTFMove(request), WTFMove(requestBody), WTFMove(redirectResponse), userData, listenerID);
}
-void ProvisionalPageProxy::decidePolicyForResponse(uint64_t frameID, const WebCore::SecurityOriginData& frameSecurityOrigin, uint64_t navigationID, const WebCore::ResourceResponse& response, const WebCore::ResourceRequest& request, bool canShowMIMEType, uint64_t listenerID, const UserData& userData)
+void ProvisionalPageProxy::decidePolicyForResponse(uint64_t frameID, const WebCore::SecurityOriginData& frameSecurityOrigin, WebCore::PolicyCheckIdentifier identifier,
+ uint64_t navigationID, const WebCore::ResourceResponse& response, const WebCore::ResourceRequest& request, bool canShowMIMEType, uint64_t listenerID, const UserData& userData)
{
- m_page.decidePolicyForResponseShared(m_process.copyRef(), frameID, frameSecurityOrigin, navigationID, response, request, canShowMIMEType, listenerID, userData);
+ m_page.decidePolicyForResponseShared(m_process.copyRef(), frameID, frameSecurityOrigin, identifier, navigationID, response, request, canShowMIMEType, listenerID, userData);
}
void ProvisionalPageProxy::startURLSchemeTask(URLSchemeTaskParameters&& parameters)
Modified: branches/safari-607-branch/Source/WebKit/UIProcess/ProvisionalPageProxy.h (241105 => 241106)
--- branches/safari-607-branch/Source/WebKit/UIProcess/ProvisionalPageProxy.h 2019-02-06 23:18:07 UTC (rev 241105)
+++ branches/safari-607-branch/Source/WebKit/UIProcess/ProvisionalPageProxy.h 2019-02-07 00:02:53 UTC (rev 241106)
@@ -79,8 +79,11 @@
void didReceiveMessage(IPC::Connection&, IPC::Decoder&) final;
void didReceiveSyncMessage(IPC::Connection&, IPC::Decoder&, std::unique_ptr<IPC::Encoder>&) final;
- void decidePolicyForNavigationActionAsync(uint64_t frameID, WebCore::SecurityOriginData&& frameSecurityOrigin, uint64_t navigationID, NavigationActionData&&, FrameInfoData&&, uint64_t originatingPageID, const WebCore::ResourceRequest& originalRequest, WebCore::ResourceRequest&&, IPC::FormDataReference&& requestBody, WebCore::ResourceResponse&& redirectResponse, const UserData&, uint64_t listenerID);
- void decidePolicyForResponse(uint64_t frameID, const WebCore::SecurityOriginData& frameSecurityOrigin, uint64_t navigationID, const WebCore::ResourceResponse&, const WebCore::ResourceRequest&, bool canShowMIMEType, uint64_t listenerID, const UserData&);
+ void decidePolicyForNavigationActionAsync(uint64_t frameID, WebCore::SecurityOriginData&&, WebCore::PolicyCheckIdentifier, uint64_t navigationID, NavigationActionData&&, FrameInfoData&&,
+ uint64_t originatingPageID, const WebCore::ResourceRequest& originalRequest, WebCore::ResourceRequest&&, IPC::FormDataReference&& requestBody,
+ WebCore::ResourceResponse&& redirectResponse, const UserData&, uint64_t listenerID);
+ void decidePolicyForResponse(uint64_t frameID, const WebCore::SecurityOriginData&, WebCore::PolicyCheckIdentifier, uint64_t navigationID, const WebCore::ResourceResponse&,
+ const WebCore::ResourceRequest&, bool canShowMIMEType, uint64_t listenerID, const UserData&);
void didChangeProvisionalURLForFrame(uint64_t frameID, uint64_t navigationID, URL&&);
void didNavigateWithNavigationData(const WebNavigationDataStore&, uint64_t frameID);
void didPerformClientRedirect(const String& sourceURLString, const String& destinationURLString, uint64_t frameID);
Modified: branches/safari-607-branch/Source/WebKit/UIProcess/WebPageProxy.cpp (241105 => 241106)
--- branches/safari-607-branch/Source/WebKit/UIProcess/WebPageProxy.cpp 2019-02-06 23:18:07 UTC (rev 241105)
+++ branches/safari-607-branch/Source/WebKit/UIProcess/WebPageProxy.cpp 2019-02-07 00:02:53 UTC (rev 241106)
@@ -2666,22 +2666,26 @@
class WebPageProxy::PolicyDecisionSender : public RefCounted<PolicyDecisionSender> {
public:
- using SendFunction = CompletionHandler<void(PolicyAction, uint64_t newNavigationID, DownloadID, Optional<WebsitePoliciesData>)>;
- static Ref<PolicyDecisionSender> create(SendFunction&& sendFunction)
+ using SendFunction = CompletionHandler<void(PolicyCheckIdentifier, PolicyAction, uint64_t newNavigationID, DownloadID, Optional<WebsitePoliciesData>)>;
+
+ static Ref<PolicyDecisionSender> create(PolicyCheckIdentifier identifier, SendFunction&& sendFunction)
{
- return adoptRef(*new PolicyDecisionSender(WTFMove(sendFunction)));
+ return adoptRef(*new PolicyDecisionSender(identifier, WTFMove(sendFunction)));
}
template<typename... Args> void send(Args... args)
{
if (m_sendFunction)
- m_sendFunction(std::forward<Args>(args)...);
+ m_sendFunction(m_identifier, std::forward<Args>(args)...);
}
private:
- PolicyDecisionSender(SendFunction sendFunction)
- : m_sendFunction(WTFMove(sendFunction)) { }
+ PolicyDecisionSender(PolicyCheckIdentifier identifier, SendFunction sendFunction)
+ : m_sendFunction(WTFMove(sendFunction))
+ , m_identifier(identifier)
+ { }
SendFunction m_sendFunction;
+ PolicyCheckIdentifier m_identifier;
};
void WebPageProxy::receivedNavigationPolicyDecision(PolicyAction policyAction, API::Navigation* navigation, ProcessSwapRequestedByClient processSwapRequestedByClient, WebFrameProxy& frame, API::WebsitePolicies* policies, Ref<PolicyDecisionSender>&& sender)
@@ -2701,7 +2705,8 @@
return;
}
- process().processPool().processForNavigation(*this, *navigation, processSwapRequestedByClient, [this, protectedThis = makeRef(*this), policyAction, navigation = makeRef(*navigation), data = "" sender = WTFMove(sender), processSwapRequestedByClient](Ref<WebProcessProxy>&& processForNavigation, SuspendedPageProxy* destinationSuspendedPage, const String& reason) mutable {
+ process().processPool().processForNavigation(*this, *navigation, processSwapRequestedByClient, [this, protectedThis = makeRef(*this), policyAction, navigation = makeRef(*navigation),
+ data = "" sender = WTFMove(sender), processSwapRequestedByClient] (Ref<WebProcessProxy>&& processForNavigation, SuspendedPageProxy* destinationSuspendedPage, const String& reason) mutable {
// If the navigation has been destroyed, then no need to proceed.
if (isClosed() || !navigationState().hasNavigation(navigation->navigationID())) {
receivedPolicyDecision(policyAction, navigation.ptr(), WTFMove(data), WTFMove(sender));
@@ -4360,22 +4365,33 @@
}
#endif
-void WebPageProxy::decidePolicyForNavigationActionAsync(uint64_t frameID, WebCore::SecurityOriginData&& frameSecurityOrigin, uint64_t navigationID, NavigationActionData&& navigationActionData, FrameInfoData&& frameInfoData, uint64_t originatingPageID, const WebCore::ResourceRequest& originalRequest, WebCore::ResourceRequest&& request, IPC::FormDataReference&& requestBody, WebCore::ResourceResponse&& redirectResponse, const UserData& userData, uint64_t listenerID)
+void WebPageProxy::decidePolicyForNavigationActionAsync(uint64_t frameID, WebCore::SecurityOriginData&& frameSecurityOrigin, PolicyCheckIdentifier identifier, uint64_t navigationID,
+ NavigationActionData&& navigationActionData, FrameInfoData&& frameInfoData, uint64_t originatingPageID, const WebCore::ResourceRequest& originalRequest, WebCore::ResourceRequest&& request,
+ IPC::FormDataReference&& requestBody, WebCore::ResourceResponse&& redirectResponse, const UserData& userData, uint64_t listenerID)
{
- decidePolicyForNavigationActionAsyncShared(m_process.copyRef(), frameID, WTFMove(frameSecurityOrigin), navigationID, WTFMove(navigationActionData), WTFMove(frameInfoData), originatingPageID, originalRequest, WTFMove(request), WTFMove(requestBody), WTFMove(redirectResponse), userData, listenerID);
+ decidePolicyForNavigationActionAsyncShared(m_process.copyRef(), frameID, WTFMove(frameSecurityOrigin), identifier, navigationID, WTFMove(navigationActionData),
+ WTFMove(frameInfoData), originatingPageID, originalRequest, WTFMove(request), WTFMove(requestBody), WTFMove(redirectResponse), userData, listenerID);
}
-void WebPageProxy::decidePolicyForNavigationActionAsyncShared(Ref<WebProcessProxy>&& process, uint64_t frameID, WebCore::SecurityOriginData&& frameSecurityOrigin, uint64_t navigationID, NavigationActionData&& navigationActionData, FrameInfoData&& frameInfoData, uint64_t originatingPageID, const WebCore::ResourceRequest& originalRequest, WebCore::ResourceRequest&& request, IPC::FormDataReference&& requestBody, WebCore::ResourceResponse&& redirectResponse, const UserData& userData, uint64_t listenerID)
+void WebPageProxy::decidePolicyForNavigationActionAsyncShared(Ref<WebProcessProxy>&& process, uint64_t frameID, WebCore::SecurityOriginData&& frameSecurityOrigin,
+ WebCore::PolicyCheckIdentifier identifier, uint64_t navigationID, NavigationActionData&& navigationActionData, FrameInfoData&& frameInfoData, uint64_t originatingPageID,
+ const WebCore::ResourceRequest& originalRequest, WebCore::ResourceRequest&& request, IPC::FormDataReference&& requestBody, WebCore::ResourceResponse&& redirectResponse,
+ const UserData& userData, uint64_t listenerID)
{
auto* frame = process->webFrame(frameID);
MESSAGE_CHECK(process, frame);
- decidePolicyForNavigationAction(process.copyRef(), *frame, WTFMove(frameSecurityOrigin), navigationID, WTFMove(navigationActionData), WTFMove(frameInfoData), originatingPageID, originalRequest, WTFMove(request), WTFMove(requestBody), WTFMove(redirectResponse), userData, PolicyDecisionSender::create([this, protectedThis = makeRef(*this), frameID, listenerID, process = process.copyRef()] (auto... args) {
+ auto sender = PolicyDecisionSender::create(identifier, [this, protectedThis = makeRef(*this), frameID, listenerID, process = process.copyRef()] (auto... args) {
process->send(Messages::WebPage::DidReceivePolicyDecision(frameID, listenerID, args...), m_pageID);
- }));
+ });
+
+ decidePolicyForNavigationAction(process.copyRef(), *frame, WTFMove(frameSecurityOrigin), navigationID, WTFMove(navigationActionData), WTFMove(frameInfoData), originatingPageID,
+ originalRequest, WTFMove(request), WTFMove(requestBody), WTFMove(redirectResponse), userData, WTFMove(sender));
}
-void WebPageProxy::decidePolicyForNavigationAction(Ref<WebProcessProxy>&& process, WebFrameProxy& frame, WebCore::SecurityOriginData&& frameSecurityOrigin, uint64_t navigationID, NavigationActionData&& navigationActionData, FrameInfoData&& originatingFrameInfoData, uint64_t originatingPageID, const WebCore::ResourceRequest& originalRequest, WebCore::ResourceRequest&& request, IPC::FormDataReference&& requestBody, WebCore::ResourceResponse&& redirectResponse, const UserData& userData, Ref<PolicyDecisionSender>&& sender)
+void WebPageProxy::decidePolicyForNavigationAction(Ref<WebProcessProxy>&& process, WebFrameProxy& frame, WebCore::SecurityOriginData&& frameSecurityOrigin, uint64_t navigationID,
+ NavigationActionData&& navigationActionData, FrameInfoData&& originatingFrameInfoData, uint64_t originatingPageID, const WebCore::ResourceRequest& originalRequest, WebCore::ResourceRequest&& request,
+ IPC::FormDataReference&& requestBody, WebCore::ResourceResponse&& redirectResponse, const UserData& userData, Ref<PolicyDecisionSender>&& sender)
{
LOG(Loading, "WebPageProxy::decidePolicyForNavigationAction - Original URL %s, current target URL %s", originalRequest.url().string().utf8().data(), request.url().string().utf8().data());
@@ -4434,7 +4450,7 @@
shouldExpectSafeBrowsingResult = ShouldExpectSafeBrowsingResult::No;
auto listener = makeRef(frame.setUpPolicyListenerProxy([this, protectedThis = makeRef(*this), frame = makeRef(frame), sender = WTFMove(sender), navigation] (PolicyAction policyAction, API::WebsitePolicies* policies, ProcessSwapRequestedByClient processSwapRequestedByClient, RefPtr<SafeBrowsingWarning>&& safeBrowsingWarning) mutable {
-
+
auto completionHandler = [this, protectedThis = protectedThis.copyRef(), frame = frame.copyRef(), sender = WTFMove(sender), navigation = WTFMove(navigation), processSwapRequestedByClient, policies = makeRefPtr(policies)] (PolicyAction policyAction) mutable {
receivedNavigationPolicyDecision(policyAction, navigation.get(), processSwapRequestedByClient, frame, policies.get(), WTFMove(sender));
};
@@ -4503,9 +4519,12 @@
m_shouldSuppressAppLinksInNextNavigationPolicyDecision = false;
}
-void WebPageProxy::decidePolicyForNavigationActionSync(uint64_t frameID, bool isMainFrame, WebCore::SecurityOriginData&& frameSecurityOrigin, uint64_t navigationID, NavigationActionData&& navigationActionData, FrameInfoData&& frameInfoData, uint64_t originatingPageID, const WebCore::ResourceRequest& originalRequest, WebCore::ResourceRequest&& request, IPC::FormDataReference&& requestBody, WebCore::ResourceResponse&& redirectResponse, const UserData& userData, Messages::WebPageProxy::DecidePolicyForNavigationActionSync::DelayedReply&& reply)
+void WebPageProxy::decidePolicyForNavigationActionSync(uint64_t frameID, bool isMainFrame, WebCore::SecurityOriginData&& frameSecurityOrigin, PolicyCheckIdentifier identifier,
+ uint64_t navigationID, NavigationActionData&& navigationActionData, FrameInfoData&& frameInfoData, uint64_t originatingPageID,
+ const WebCore::ResourceRequest& originalRequest, WebCore::ResourceRequest&& request, IPC::FormDataReference&& requestBody, WebCore::ResourceResponse&& redirectResponse,
+ const UserData& userData, Messages::WebPageProxy::DecidePolicyForNavigationActionSync::DelayedReply&& reply)
{
- auto sender = PolicyDecisionSender::create(WTFMove(reply));
+ auto sender = PolicyDecisionSender::create(identifier, WTFMove(reply));
auto* frame = m_process->webFrame(frameID);
if (!frame) {
@@ -4519,13 +4538,15 @@
RELEASE_ASSERT(frame);
}
- decidePolicyForNavigationAction(m_process.copyRef(), *frame, WTFMove(frameSecurityOrigin), navigationID, WTFMove(navigationActionData), WTFMove(frameInfoData), originatingPageID, originalRequest, WTFMove(request), WTFMove(requestBody), WTFMove(redirectResponse), userData, sender.copyRef());
+ decidePolicyForNavigationAction(m_process.copyRef(), *frame, WTFMove(frameSecurityOrigin), navigationID, WTFMove(navigationActionData), WTFMove(frameInfoData),
+ originatingPageID, originalRequest, WTFMove(request), WTFMove(requestBody), WTFMove(redirectResponse), userData, sender.copyRef());
// If the client did not respond synchronously, proceed with the load.
sender->send(PolicyAction::Use, navigationID, DownloadID(), WTF::nullopt);
}
-void WebPageProxy::decidePolicyForNewWindowAction(uint64_t frameID, const SecurityOriginData& frameSecurityOrigin, NavigationActionData&& navigationActionData, ResourceRequest&& request, const String& frameName, uint64_t listenerID, const UserData& userData)
+void WebPageProxy::decidePolicyForNewWindowAction(uint64_t frameID, const SecurityOriginData& frameSecurityOrigin, PolicyCheckIdentifier identifier,
+ NavigationActionData&& navigationActionData, ResourceRequest&& request, const String& frameName, uint64_t listenerID, const UserData& userData)
{
PageClientProtector protector(pageClient());
@@ -4533,13 +4554,16 @@
MESSAGE_CHECK(m_process, frame);
MESSAGE_CHECK_URL(m_process, request.url());
- auto listener = makeRef(frame->setUpPolicyListenerProxy([this, protectedThis = makeRef(*this), listenerID, frameID] (PolicyAction policyAction, API::WebsitePolicies*, ProcessSwapRequestedByClient processSwapRequestedByClient, RefPtr<SafeBrowsingWarning>&& safeBrowsingWarning) mutable {
+ auto listener = makeRef(frame->setUpPolicyListenerProxy([this, protectedThis = makeRef(*this), identifier, listenerID, frameID] (PolicyAction policyAction, API::WebsitePolicies*, ProcessSwapRequestedByClient processSwapRequestedByClient, RefPtr<SafeBrowsingWarning>&& safeBrowsingWarning) mutable {
// FIXME: Assert the API::WebsitePolicies* is nullptr here once clients of WKFramePolicyListenerUseWithPolicies go away.
RELEASE_ASSERT(processSwapRequestedByClient == ProcessSwapRequestedByClient::No);
ASSERT_UNUSED(safeBrowsingWarning, !safeBrowsingWarning);
- receivedPolicyDecision(policyAction, nullptr, WTF::nullopt, PolicyDecisionSender::create([this, protectedThis = WTFMove(protectedThis), frameID, listenerID] (auto... args) {
+
+ auto sender = PolicyDecisionSender::create(identifier, [this, protectedThis = WTFMove(protectedThis), frameID, listenerID] (auto... args) {
m_process->send(Messages::WebPage::DidReceivePolicyDecision(frameID, listenerID, args...), m_pageID);
- }));
+ });
+
+ receivedPolicyDecision(policyAction, nullptr, WTF::nullopt, WTFMove(sender));
}, ShouldExpectSafeBrowsingResult::No));
if (m_policyClient)
@@ -4559,12 +4583,14 @@
}
-void WebPageProxy::decidePolicyForResponse(uint64_t frameID, const SecurityOriginData& frameSecurityOrigin, uint64_t navigationID, const ResourceResponse& response, const ResourceRequest& request, bool canShowMIMEType, uint64_t listenerID, const UserData& userData)
+void WebPageProxy::decidePolicyForResponse(uint64_t frameID, const SecurityOriginData& frameSecurityOrigin, PolicyCheckIdentifier identifier,
+ uint64_t navigationID, const ResourceResponse& response, const ResourceRequest& request, bool canShowMIMEType, uint64_t listenerID, const UserData& userData)
{
- decidePolicyForResponseShared(m_process.copyRef(), frameID, frameSecurityOrigin, navigationID, response, request, canShowMIMEType, listenerID, userData);
+ decidePolicyForResponseShared(m_process.copyRef(), frameID, frameSecurityOrigin, identifier, navigationID, response, request, canShowMIMEType, listenerID, userData);
}
-void WebPageProxy::decidePolicyForResponseShared(Ref<WebProcessProxy>&& process, uint64_t frameID, const SecurityOriginData& frameSecurityOrigin, uint64_t navigationID, const ResourceResponse& response, const ResourceRequest& request, bool canShowMIMEType, uint64_t listenerID, const UserData& userData)
+void WebPageProxy::decidePolicyForResponseShared(Ref<WebProcessProxy>&& process, uint64_t frameID, const SecurityOriginData& frameSecurityOrigin, PolicyCheckIdentifier identifier,
+ uint64_t navigationID, const ResourceResponse& response, const ResourceRequest& request, bool canShowMIMEType, uint64_t listenerID, const UserData& userData)
{
PageClientProtector protector(pageClient());
@@ -4576,13 +4602,17 @@
MESSAGE_CHECK_URL(process, response.url());
RefPtr<API::Navigation> navigation = navigationID ? m_navigationState->navigation(navigationID) : nullptr;
- auto listener = makeRef(frame->setUpPolicyListenerProxy([this, protectedThis = makeRef(*this), frameID, listenerID, navigation = WTFMove(navigation), process = process.copyRef()] (PolicyAction policyAction, API::WebsitePolicies*, ProcessSwapRequestedByClient processSwapRequestedByClient, RefPtr<SafeBrowsingWarning>&& safeBrowsingWarning) mutable {
+ auto listener = makeRef(frame->setUpPolicyListenerProxy([this, protectedThis = makeRef(*this), frameID, identifier, listenerID, navigation = WTFMove(navigation),
+ process = process.copyRef()] (PolicyAction policyAction, API::WebsitePolicies*, ProcessSwapRequestedByClient processSwapRequestedByClient, RefPtr<SafeBrowsingWarning>&& safeBrowsingWarning) mutable {
// FIXME: Assert the API::WebsitePolicies* is nullptr here once clients of WKFramePolicyListenerUseWithPolicies go away.
RELEASE_ASSERT(processSwapRequestedByClient == ProcessSwapRequestedByClient::No);
ASSERT_UNUSED(safeBrowsingWarning, !safeBrowsingWarning);
- receivedPolicyDecision(policyAction, navigation.get(), WTF::nullopt, PolicyDecisionSender::create([this, protectedThis = WTFMove(protectedThis), frameID, listenerID, process = WTFMove(process)] (auto... args) {
+
+ auto sender = PolicyDecisionSender::create(identifier, [this, protectedThis = WTFMove(protectedThis), frameID, listenerID, process = WTFMove(process)] (auto... args) {
process->send(Messages::WebPage::DidReceivePolicyDecision(frameID, listenerID, args...), m_pageID);
- }));
+ });
+
+ receivedPolicyDecision(policyAction, navigation.get(), WTF::nullopt, WTFMove(sender));
}, ShouldExpectSafeBrowsingResult::No));
if (m_policyClient)
Modified: branches/safari-607-branch/Source/WebKit/UIProcess/WebPageProxy.h (241105 => 241106)
--- branches/safari-607-branch/Source/WebKit/UIProcess/WebPageProxy.h 2019-02-06 23:18:07 UTC (rev 241105)
+++ branches/safari-607-branch/Source/WebKit/UIProcess/WebPageProxy.h 2019-02-07 00:02:53 UTC (rev 241106)
@@ -1431,8 +1431,11 @@
void didPerformClientRedirectShared(Ref<WebProcessProxy>&&, const String& sourceURLString, const String& destinationURLString, uint64_t frameID);
void didNavigateWithNavigationDataShared(Ref<WebProcessProxy>&&, const WebNavigationDataStore&, uint64_t frameID);
void didChangeProvisionalURLForFrameShared(Ref<WebProcessProxy>&&, uint64_t frameID, uint64_t navigationID, URL&&);
- void decidePolicyForNavigationActionAsyncShared(Ref<WebProcessProxy>&&, uint64_t frameID, WebCore::SecurityOriginData&& frameSecurityOrigin, uint64_t navigationID, NavigationActionData&&, FrameInfoData&&, uint64_t originatingPageID, const WebCore::ResourceRequest& originalRequest, WebCore::ResourceRequest&&, IPC::FormDataReference&& requestBody, WebCore::ResourceResponse&& redirectResponse, const UserData&, uint64_t listenerID);
- void decidePolicyForResponseShared(Ref<WebProcessProxy>&&, uint64_t frameID, const WebCore::SecurityOriginData& frameSecurityOrigin, uint64_t navigationID, const WebCore::ResourceResponse&, const WebCore::ResourceRequest&, bool canShowMIMEType, uint64_t listenerID, const UserData&);
+ void decidePolicyForNavigationActionAsyncShared(Ref<WebProcessProxy>&&, uint64_t frameID, WebCore::SecurityOriginData&& frameSecurityOrigin, WebCore::PolicyCheckIdentifier,
+ uint64_t navigationID, NavigationActionData&&, FrameInfoData&&, uint64_t originatingPageID, const WebCore::ResourceRequest& originalRequest, WebCore::ResourceRequest&&,
+ IPC::FormDataReference&& requestBody, WebCore::ResourceResponse&& redirectResponse, const UserData&, uint64_t listenerID);
+ void decidePolicyForResponseShared(Ref<WebProcessProxy>&&, uint64_t frameID, const WebCore::SecurityOriginData& frameSecurityOrigin, WebCore::PolicyCheckIdentifier,
+ uint64_t navigationID, const WebCore::ResourceResponse&, const WebCore::ResourceRequest&, bool canShowMIMEType, uint64_t listenerID, const UserData&);
void startURLSchemeTaskShared(Ref<WebProcessProxy>&&, URLSchemeTaskParameters&&);
void loadDataWithNavigationShared(Ref<WebProcessProxy>&&, API::Navigation&, const IPC::DataReference&, const String& MIMEType, const String& encoding, const String& baseURL, API::Object* userData, WebCore::ShouldTreatAsContinuingLoad, Optional<WebsitePoliciesData>&& = WTF::nullopt);
void loadRequestWithNavigationShared(Ref<WebProcessProxy>&&, API::Navigation&, WebCore::ResourceRequest&&, WebCore::ShouldOpenExternalURLsPolicy, API::Object* userData, WebCore::ShouldTreatAsContinuingLoad, Optional<WebsitePoliciesData>&& = WTF::nullopt);
@@ -1518,11 +1521,19 @@
void didDestroyNavigation(uint64_t navigationID);
- void decidePolicyForNavigationAction(Ref<WebProcessProxy>&&, WebFrameProxy&, WebCore::SecurityOriginData&& frameSecurityOrigin, uint64_t navigationID, NavigationActionData&&, FrameInfoData&&, uint64_t originatingPageID, const WebCore::ResourceRequest& originalRequest, WebCore::ResourceRequest&&, IPC::FormDataReference&& requestBody, WebCore::ResourceResponse&& redirectResponse, const UserData&, Ref<PolicyDecisionSender>&&);
- void decidePolicyForNavigationActionAsync(uint64_t frameID, WebCore::SecurityOriginData&& frameSecurityOrigin, uint64_t navigationID, NavigationActionData&&, FrameInfoData&&, uint64_t originatingPageID, const WebCore::ResourceRequest& originalRequest, WebCore::ResourceRequest&&, IPC::FormDataReference&& requestBody, WebCore::ResourceResponse&& redirectResponse, const UserData&, uint64_t listenerID);
- void decidePolicyForNavigationActionSync(uint64_t frameID, bool isMainFrame, WebCore::SecurityOriginData&& frameSecurityOrigin, uint64_t navigationID, NavigationActionData&&, FrameInfoData&&, uint64_t originatingPageID, const WebCore::ResourceRequest& originalRequest, WebCore::ResourceRequest&&, IPC::FormDataReference&& requestBody, WebCore::ResourceResponse&& redirectResponse, const UserData&, Messages::WebPageProxy::DecidePolicyForNavigationActionSync::DelayedReply&&);
- void decidePolicyForNewWindowAction(uint64_t frameID, const WebCore::SecurityOriginData& frameSecurityOrigin, NavigationActionData&&, WebCore::ResourceRequest&&, const String& frameName, uint64_t listenerID, const UserData&);
- void decidePolicyForResponse(uint64_t frameID, const WebCore::SecurityOriginData& frameSecurityOrigin, uint64_t navigationID, const WebCore::ResourceResponse&, const WebCore::ResourceRequest&, bool canShowMIMEType, uint64_t listenerID, const UserData&);
+ void decidePolicyForNavigationAction(Ref<WebProcessProxy>&&, WebFrameProxy&, WebCore::SecurityOriginData&&, uint64_t navigationID, NavigationActionData&&,
+ FrameInfoData&&, uint64_t originatingPageID, const WebCore::ResourceRequest& originalRequest, WebCore::ResourceRequest&&, IPC::FormDataReference&& requestBody,
+ WebCore::ResourceResponse&& redirectResponse, const UserData&, Ref<PolicyDecisionSender>&&);
+ void decidePolicyForNavigationActionAsync(uint64_t frameID, WebCore::SecurityOriginData&&, WebCore::PolicyCheckIdentifier, uint64_t navigationID, NavigationActionData&&,
+ FrameInfoData&&, uint64_t originatingPageID, const WebCore::ResourceRequest& originalRequest, WebCore::ResourceRequest&&, IPC::FormDataReference&& requestBody,
+ WebCore::ResourceResponse&& redirectResponse, const UserData&, uint64_t listenerID);
+ void decidePolicyForNavigationActionSync(uint64_t frameID, bool isMainFrame, WebCore::SecurityOriginData&&, WebCore::PolicyCheckIdentifier, uint64_t navigationID, NavigationActionData&&,
+ FrameInfoData&&, uint64_t originatingPageID, const WebCore::ResourceRequest& originalRequest, WebCore::ResourceRequest&&, IPC::FormDataReference&& requestBody,
+ WebCore::ResourceResponse&& redirectResponse, const UserData&, Messages::WebPageProxy::DecidePolicyForNavigationActionSync::DelayedReply&&);
+ void decidePolicyForNewWindowAction(uint64_t frameID, const WebCore::SecurityOriginData&, WebCore::PolicyCheckIdentifier, NavigationActionData&&,
+ WebCore::ResourceRequest&&, const String& frameName, uint64_t listenerID, const UserData&);
+ void decidePolicyForResponse(uint64_t frameID, const WebCore::SecurityOriginData&, WebCore::PolicyCheckIdentifier, uint64_t navigationID,
+ const WebCore::ResourceResponse&, const WebCore::ResourceRequest&, bool canShowMIMEType, uint64_t listenerID, const UserData&);
void unableToImplementPolicy(uint64_t frameID, const WebCore::ResourceError&, const UserData&);
void beginSafeBrowsingCheck(const URL&, bool, WebFramePolicyListenerProxy&);
Modified: branches/safari-607-branch/Source/WebKit/UIProcess/WebPageProxy.messages.in (241105 => 241106)
--- branches/safari-607-branch/Source/WebKit/UIProcess/WebPageProxy.messages.in 2019-02-06 23:18:07 UTC (rev 241105)
+++ branches/safari-607-branch/Source/WebKit/UIProcess/WebPageProxy.messages.in 2019-02-07 00:02:53 UTC (rev 241106)
@@ -105,10 +105,10 @@
#endif
# Policy messages
- DecidePolicyForResponse(uint64_t frameID, struct WebCore::SecurityOriginData frameSecurityOrigin, uint64_t navigationID, WebCore::ResourceResponse response, WebCore::ResourceRequest request, bool canShowMIMEType, uint64_t listenerID, WebKit::UserData userData)
- DecidePolicyForNavigationActionAsync(uint64_t frameID, struct WebCore::SecurityOriginData frameSecurityOrigin, uint64_t navigationID, struct WebKit::NavigationActionData navigationActionData, struct WebKit::FrameInfoData originatingFrameInfoData, uint64_t originatingPageID, WebCore::ResourceRequest originalRequest, WebCore::ResourceRequest request, IPC::FormDataReference requestBody, WebCore::ResourceResponse redirectResponse, WebKit::UserData userData, uint64_t listenerID)
- DecidePolicyForNavigationActionSync(uint64_t frameID, bool isMainFrame, struct WebCore::SecurityOriginData frameSecurityOrigin, uint64_t navigationID, struct WebKit::NavigationActionData navigationActionData, struct WebKit::FrameInfoData originatingFrameInfoData, uint64_t originatingPageID, WebCore::ResourceRequest originalRequest, WebCore::ResourceRequest request, IPC::FormDataReference requestBody, WebCore::ResourceResponse redirectResponse, WebKit::UserData userData) -> (enum:uint8_t WebCore::PolicyAction policyAction, uint64_t newNavigationID, WebKit::DownloadID downloadID, Optional<WebKit::WebsitePoliciesData> websitePolicies) Delayed
- DecidePolicyForNewWindowAction(uint64_t frameID, struct WebCore::SecurityOriginData frameSecurityOrigin, struct WebKit::NavigationActionData navigationActionData, WebCore::ResourceRequest request, String frameName, uint64_t listenerID, WebKit::UserData userData)
+ DecidePolicyForResponse(uint64_t frameID, struct WebCore::SecurityOriginData frameSecurityOrigin, WebCore::PolicyCheckIdentifier policyCheckIdentifier, uint64_t navigationID, WebCore::ResourceResponse response, WebCore::ResourceRequest request, bool canShowMIMEType, uint64_t listenerID, WebKit::UserData userData)
+ DecidePolicyForNavigationActionAsync(uint64_t frameID, struct WebCore::SecurityOriginData frameSecurityOrigin, WebCore::PolicyCheckIdentifier policyCheckIdentifier, uint64_t navigationID, struct WebKit::NavigationActionData navigationActionData, struct WebKit::FrameInfoData originatingFrameInfoData, uint64_t originatingPageID, WebCore::ResourceRequest originalRequest, WebCore::ResourceRequest request, IPC::FormDataReference requestBody, WebCore::ResourceResponse redirectResponse, WebKit::UserData userData, uint64_t listenerID)
+ DecidePolicyForNavigationActionSync(uint64_t frameID, bool isMainFrame, struct WebCore::SecurityOriginData frameSecurityOrigin, WebCore::PolicyCheckIdentifier policyCheckIdentifier, uint64_t navigationID, struct WebKit::NavigationActionData navigationActionData, struct WebKit::FrameInfoData originatingFrameInfoData, uint64_t originatingPageID, WebCore::ResourceRequest originalRequest, WebCore::ResourceRequest request, IPC::FormDataReference requestBody, WebCore::ResourceResponse redirectResponse, WebKit::UserData userData) -> (WebCore::PolicyCheckIdentifier policyCheckIdentifier, enum:uint8_t WebCore::PolicyAction policyAction, uint64_t newNavigationID, WebKit::DownloadID downloadID, Optional<WebKit::WebsitePoliciesData> websitePolicies) Delayed
+ DecidePolicyForNewWindowAction(uint64_t frameID, struct WebCore::SecurityOriginData frameSecurityOrigin, WebCore::PolicyCheckIdentifier policyCheckIdentifier, struct WebKit::NavigationActionData navigationActionData, WebCore::ResourceRequest request, String frameName, uint64_t listenerID, WebKit::UserData userData)
UnableToImplementPolicy(uint64_t frameID, WebCore::ResourceError error, WebKit::UserData userData)
# Progress messages
Modified: branches/safari-607-branch/Source/WebKit/WebProcess/WebCoreSupport/WebFrameLoaderClient.cpp (241105 => 241106)
--- branches/safari-607-branch/Source/WebKit/WebProcess/WebCoreSupport/WebFrameLoaderClient.cpp 2019-02-06 23:18:07 UTC (rev 241105)
+++ branches/safari-607-branch/Source/WebKit/WebProcess/WebCoreSupport/WebFrameLoaderClient.cpp 2019-02-07 00:02:53 UTC (rev 241106)
@@ -727,16 +727,16 @@
webPage->show();
}
-void WebFrameLoaderClient::dispatchDecidePolicyForResponse(const ResourceResponse& response, const ResourceRequest& request, FramePolicyFunction&& function)
+void WebFrameLoaderClient::dispatchDecidePolicyForResponse(const ResourceResponse& response, const ResourceRequest& request, WebCore::PolicyCheckIdentifier identifier, FramePolicyFunction&& function)
{
WebPage* webPage = m_frame ? m_frame->page() : nullptr;
if (!webPage) {
- function(PolicyAction::Ignore);
+ function(PolicyAction::Ignore, identifier);
return;
}
if (!request.url().string()) {
- function(PolicyAction::Use);
+ function(PolicyAction::Use, identifier);
return;
}
@@ -745,7 +745,7 @@
// Notify the bundle client.
WKBundlePagePolicyAction policy = webPage->injectedBundlePolicyClient().decidePolicyForResponse(webPage, m_frame, response, request, userData);
if (policy == WKBundlePagePolicyActionUse) {
- function(PolicyAction::Use);
+ function(PolicyAction::Use, identifier);
return;
}
@@ -756,16 +756,18 @@
auto navigationID = policyDocumentLoader ? static_cast<WebDocumentLoader&>(*policyDocumentLoader).navigationID() : 0;
Ref<WebFrame> protector(*m_frame);
- uint64_t listenerID = m_frame->setUpPolicyListener(WTFMove(function), WebFrame::ForNavigationAction::No);
- if (!webPage->send(Messages::WebPageProxy::DecidePolicyForResponse(m_frame->frameID(), SecurityOriginData::fromFrame(coreFrame), navigationID, response, request, canShowResponse, listenerID, UserData(WebProcess::singleton().transformObjectsToHandles(userData.get()).get()))))
- m_frame->didReceivePolicyDecision(listenerID, PolicyAction::Ignore, 0, { }, { });
+ uint64_t listenerID = m_frame->setUpPolicyListener(identifier, WTFMove(function), WebFrame::ForNavigationAction::No);
+ if (!webPage->send(Messages::WebPageProxy::DecidePolicyForResponse(m_frame->frameID(), SecurityOriginData::fromFrame(coreFrame), identifier, navigationID, response, request,
+ canShowResponse, listenerID, UserData(WebProcess::singleton().transformObjectsToHandles(userData.get()).get()))))
+ m_frame->didReceivePolicyDecision(listenerID, identifier, PolicyAction::Ignore, 0, { }, { });
}
-void WebFrameLoaderClient::dispatchDecidePolicyForNewWindowAction(const NavigationAction& navigationAction, const ResourceRequest& request, FormState* formState, const String& frameName, FramePolicyFunction&& function)
+void WebFrameLoaderClient::dispatchDecidePolicyForNewWindowAction(const NavigationAction& navigationAction, const ResourceRequest& request,
+ FormState* formState, const String& frameName, WebCore::PolicyCheckIdentifier identifier, FramePolicyFunction&& function)
{
WebPage* webPage = m_frame ? m_frame->page() : nullptr;
if (!webPage) {
- function(PolicyAction::Ignore);
+ function(PolicyAction::Ignore, identifier);
return;
}
@@ -776,11 +778,11 @@
// Notify the bundle client.
WKBundlePagePolicyAction policy = webPage->injectedBundlePolicyClient().decidePolicyForNewWindowAction(webPage, m_frame, action.ptr(), request, frameName, userData);
if (policy == WKBundlePagePolicyActionUse) {
- function(PolicyAction::Use);
+ function(PolicyAction::Use, identifier);
return;
}
- uint64_t listenerID = m_frame->setUpPolicyListener(WTFMove(function), WebFrame::ForNavigationAction::No);
+ uint64_t listenerID = m_frame->setUpPolicyListener(identifier, WTFMove(function), WebFrame::ForNavigationAction::No);
NavigationActionData navigationActionData;
navigationActionData.navigationType = action->navigationType();
@@ -794,7 +796,8 @@
navigationActionData.downloadAttribute = navigationAction.downloadAttribute();
WebCore::Frame* coreFrame = m_frame ? m_frame->coreFrame() : nullptr;
- webPage->send(Messages::WebPageProxy::DecidePolicyForNewWindowAction(m_frame->frameID(), SecurityOriginData::fromFrame(coreFrame), navigationActionData, request, frameName, listenerID, UserData(WebProcess::singleton().transformObjectsToHandles(userData.get()).get())));
+ webPage->send(Messages::WebPageProxy::DecidePolicyForNewWindowAction(m_frame->frameID(), SecurityOriginData::fromFrame(coreFrame), identifier, navigationActionData, request,
+ frameName, listenerID, UserData(WebProcess::singleton().transformObjectsToHandles(userData.get()).get())));
}
void WebFrameLoaderClient::applyToDocumentLoader(WebsitePoliciesData&& websitePolicies)
@@ -815,11 +818,12 @@
WebsitePoliciesData::applyToDocumentLoader(WTFMove(websitePolicies), *documentLoader);
}
-void WebFrameLoaderClient::dispatchDecidePolicyForNavigationAction(const NavigationAction& navigationAction, const ResourceRequest& request, const ResourceResponse& redirectResponse, FormState* formState, PolicyDecisionMode policyDecisionMode, FramePolicyFunction&& function)
+void WebFrameLoaderClient::dispatchDecidePolicyForNavigationAction(const NavigationAction& navigationAction, const ResourceRequest& request, const ResourceResponse& redirectResponse,
+ FormState* formState, PolicyDecisionMode policyDecisionMode, WebCore::PolicyCheckIdentifier requestIdentifier, FramePolicyFunction&& function)
{
WebPage* webPage = m_frame ? m_frame->page() : nullptr;
if (!webPage) {
- function(PolicyAction::Ignore);
+ function(PolicyAction::Ignore, requestIdentifier);
return;
}
@@ -827,7 +831,7 @@
// Always ignore requests with empty URLs.
if (request.isEmpty()) {
- function(PolicyAction::Ignore);
+ function(PolicyAction::Ignore, requestIdentifier);
return;
}
@@ -838,12 +842,12 @@
// Notify the bundle client.
WKBundlePagePolicyAction policy = webPage->injectedBundlePolicyClient().decidePolicyForNavigationAction(webPage, m_frame, action.ptr(), request, userData);
if (policy == WKBundlePagePolicyActionUse) {
- function(PolicyAction::Use);
+ function(PolicyAction::Use, requestIdentifier);
return;
}
-
- uint64_t listenerID = m_frame->setUpPolicyListener(WTFMove(function), WebFrame::ForNavigationAction::Yes);
+ uint64_t listenerID = m_frame->setUpPolicyListener(requestIdentifier, WTFMove(function), WebFrame::ForNavigationAction::Yes);
+
ASSERT(navigationAction.requester());
auto requester = navigationAction.requester().value();
@@ -878,7 +882,7 @@
WebCore::Frame* coreFrame = m_frame->coreFrame();
if (!coreFrame)
- return function(PolicyAction::Ignore);
+ return function(PolicyAction::Ignore, requestIdentifier);
WebDocumentLoader* documentLoader = static_cast<WebDocumentLoader*>(coreFrame->loader().policyDocumentLoader());
if (!documentLoader) {
// FIXME: When we receive a redirect after the navigation policy has been decided for the initial request,
@@ -895,22 +899,28 @@
if (policyDecisionMode == PolicyDecisionMode::Synchronous) {
uint64_t newNavigationID;
+ WebCore::PolicyCheckIdentifier responseIdentifier;
PolicyAction policyAction;
DownloadID downloadID;
Optional<WebsitePoliciesData> websitePolicies;
- if (!webPage->sendSync(Messages::WebPageProxy::DecidePolicyForNavigationActionSync(m_frame->frameID(), m_frame->isMainFrame(), SecurityOriginData::fromFrame(coreFrame), documentLoader->navigationID(), navigationActionData, originatingFrameInfoData, originatingPageID, navigationAction.resourceRequest(), request, IPC::FormDataReference { request.httpBody() }, redirectResponse, UserData(WebProcess::singleton().transformObjectsToHandles(userData.get()).get())), Messages::WebPageProxy::DecidePolicyForNavigationActionSync::Reply(policyAction, newNavigationID, downloadID, websitePolicies))) {
- m_frame->didReceivePolicyDecision(listenerID, PolicyAction::Ignore, 0, { }, { });
+ if (!webPage->sendSync(Messages::WebPageProxy::DecidePolicyForNavigationActionSync(m_frame->frameID(), m_frame->isMainFrame(), SecurityOriginData::fromFrame(coreFrame),
+ requestIdentifier, documentLoader->navigationID(), navigationActionData, originatingFrameInfoData, originatingPageID, navigationAction.resourceRequest(), request,
+ IPC::FormDataReference { request.httpBody() }, redirectResponse, UserData(WebProcess::singleton().transformObjectsToHandles(userData.get()).get())),
+ Messages::WebPageProxy::DecidePolicyForNavigationActionSync::Reply(responseIdentifier, policyAction, newNavigationID, downloadID, websitePolicies))) {
+ m_frame->didReceivePolicyDecision(listenerID, responseIdentifier, PolicyAction::Ignore, 0, { }, { });
return;
}
- m_frame->didReceivePolicyDecision(listenerID, policyAction, 0, downloadID, { });
+ m_frame->didReceivePolicyDecision(listenerID, responseIdentifier, policyAction, 0, downloadID, { });
return;
}
ASSERT(policyDecisionMode == PolicyDecisionMode::Asynchronous);
- if (!webPage->send(Messages::WebPageProxy::DecidePolicyForNavigationActionAsync(m_frame->frameID(), SecurityOriginData::fromFrame(coreFrame), documentLoader->navigationID(), navigationActionData, originatingFrameInfoData, originatingPageID, navigationAction.resourceRequest(), request, IPC::FormDataReference { request.httpBody() }, redirectResponse, UserData(WebProcess::singleton().transformObjectsToHandles(userData.get()).get()), listenerID)))
- m_frame->didReceivePolicyDecision(listenerID, PolicyAction::Ignore, 0, { }, { });
+ if (!webPage->send(Messages::WebPageProxy::DecidePolicyForNavigationActionAsync(m_frame->frameID(), SecurityOriginData::fromFrame(coreFrame),
+ requestIdentifier, documentLoader->navigationID(), navigationActionData, originatingFrameInfoData, originatingPageID, navigationAction.resourceRequest(), request,
+ IPC::FormDataReference { request.httpBody() }, redirectResponse, UserData(WebProcess::singleton().transformObjectsToHandles(userData.get()).get()), listenerID)))
+ m_frame->didReceivePolicyDecision(listenerID, requestIdentifier, PolicyAction::Ignore, 0, { }, { });
}
void WebFrameLoaderClient::cancelPolicyCheck()
Modified: branches/safari-607-branch/Source/WebKit/WebProcess/WebCoreSupport/WebFrameLoaderClient.h (241105 => 241106)
--- branches/safari-607-branch/Source/WebKit/WebProcess/WebCoreSupport/WebFrameLoaderClient.h 2019-02-06 23:18:07 UTC (rev 241105)
+++ branches/safari-607-branch/Source/WebKit/WebProcess/WebCoreSupport/WebFrameLoaderClient.h 2019-02-07 00:02:53 UTC (rev 241106)
@@ -123,9 +123,9 @@
WebCore::Frame* dispatchCreatePage(const WebCore::NavigationAction&) final;
void dispatchShow() final;
- void dispatchDecidePolicyForResponse(const WebCore::ResourceResponse&, const WebCore::ResourceRequest&, WebCore::FramePolicyFunction&&) final;
- void dispatchDecidePolicyForNewWindowAction(const WebCore::NavigationAction&, const WebCore::ResourceRequest&, WebCore::FormState*, const String& frameName, WebCore::FramePolicyFunction&&) final;
- void dispatchDecidePolicyForNavigationAction(const WebCore::NavigationAction&, const WebCore::ResourceRequest&, const WebCore::ResourceResponse& redirectResponse, WebCore::FormState*, WebCore::PolicyDecisionMode, WebCore::FramePolicyFunction&&) final;
+ void dispatchDecidePolicyForResponse(const WebCore::ResourceResponse&, const WebCore::ResourceRequest&, WebCore::PolicyCheckIdentifier, WebCore::FramePolicyFunction&&) final;
+ void dispatchDecidePolicyForNewWindowAction(const WebCore::NavigationAction&, const WebCore::ResourceRequest&, WebCore::FormState*, const String& frameName, WebCore::PolicyCheckIdentifier, WebCore::FramePolicyFunction&&) final;
+ void dispatchDecidePolicyForNavigationAction(const WebCore::NavigationAction&, const WebCore::ResourceRequest&, const WebCore::ResourceResponse& redirectResponse, WebCore::FormState*, WebCore::PolicyDecisionMode, WebCore::PolicyCheckIdentifier, WebCore::FramePolicyFunction&&) final;
void cancelPolicyCheck() final;
void dispatchUnableToImplementPolicy(const WebCore::ResourceError&) final;
Modified: branches/safari-607-branch/Source/WebKit/WebProcess/WebPage/WebFrame.cpp (241105 => 241106)
--- branches/safari-607-branch/Source/WebKit/WebProcess/WebPage/WebFrame.cpp 2019-02-06 23:18:07 UTC (rev 241105)
+++ branches/safari-607-branch/Source/WebKit/WebProcess/WebPage/WebFrame.cpp 2019-02-07 00:02:53 UTC (rev 241106)
@@ -210,12 +210,13 @@
m_coreFrame = 0;
}
-uint64_t WebFrame::setUpPolicyListener(WebCore::FramePolicyFunction&& policyFunction, ForNavigationAction forNavigationAction)
+uint64_t WebFrame::setUpPolicyListener(WebCore::PolicyCheckIdentifier identifier, WebCore::FramePolicyFunction&& policyFunction, ForNavigationAction forNavigationAction)
{
// FIXME: <rdar://5634381> We need to support multiple active policy listeners.
invalidatePolicyListener();
+ m_policyIdentifier = identifier;
m_policyListenerID = generateListenerID();
m_policyFunction = WTFMove(policyFunction);
m_policyFunctionForNavigationAction = forNavigationAction;
@@ -244,8 +245,10 @@
m_policyDownloadID = { };
m_policyListenerID = 0;
+ auto identifier = m_policyIdentifier;
+ m_policyIdentifier = WTF::nullopt;
if (auto function = std::exchange(m_policyFunction, nullptr))
- function(PolicyAction::Ignore);
+ function(PolicyAction::Ignore, *identifier);
m_policyFunctionForNavigationAction = ForNavigationAction::No;
auto willSubmitFormCompletionHandlers = WTFMove(m_willSubmitFormCompletionHandlers);
@@ -253,11 +256,14 @@
completionHandler();
}
-void WebFrame::didReceivePolicyDecision(uint64_t listenerID, PolicyAction action, uint64_t navigationID, DownloadID downloadID, Optional<WebsitePoliciesData>&& websitePolicies)
+void WebFrame::didReceivePolicyDecision(uint64_t listenerID, WebCore::PolicyCheckIdentifier identifier, PolicyAction action, uint64_t navigationID, DownloadID downloadID, Optional<WebsitePoliciesData>&& websitePolicies)
{
if (!m_coreFrame || !m_policyListenerID || listenerID != m_policyListenerID || !m_policyFunction)
return;
+ ASSERT(identifier == m_policyIdentifier);
+ m_policyIdentifier = WTF::nullopt;
+
FramePolicyFunction function = WTFMove(m_policyFunction);
bool forNavigationAction = m_policyFunctionForNavigationAction == ForNavigationAction::Yes;
@@ -272,7 +278,7 @@
documentLoader->setNavigationID(navigationID);
}
- function(action);
+ function(action, identifier);
}
void WebFrame::startDownload(const WebCore::ResourceRequest& request, const String& suggestedName)
Modified: branches/safari-607-branch/Source/WebKit/WebProcess/WebPage/WebFrame.h (241105 => 241106)
--- branches/safari-607-branch/Source/WebKit/WebProcess/WebPage/WebFrame.h 2019-02-06 23:18:07 UTC (rev 241105)
+++ branches/safari-607-branch/Source/WebKit/WebProcess/WebPage/WebFrame.h 2019-02-07 00:02:53 UTC (rev 241106)
@@ -83,9 +83,9 @@
uint64_t frameID() const { return m_frameID; }
enum class ForNavigationAction { No, Yes };
- uint64_t setUpPolicyListener(WebCore::FramePolicyFunction&&, ForNavigationAction);
+ uint64_t setUpPolicyListener(WebCore::PolicyCheckIdentifier, WebCore::FramePolicyFunction&&, ForNavigationAction);
void invalidatePolicyListener();
- void didReceivePolicyDecision(uint64_t listenerID, WebCore::PolicyAction, uint64_t navigationID, DownloadID, Optional<WebsitePoliciesData>&&);
+ void didReceivePolicyDecision(uint64_t listenerID, WebCore::PolicyCheckIdentifier, WebCore::PolicyAction, uint64_t navigationID, DownloadID, Optional<WebsitePoliciesData>&&);
uint64_t setUpWillSubmitFormListener(CompletionHandler<void()>&&);
void continueWillSubmitForm(uint64_t);
@@ -178,6 +178,7 @@
WebCore::Frame* m_coreFrame { nullptr };
uint64_t m_policyListenerID { 0 };
+ Optional<WebCore::PolicyCheckIdentifier> m_policyIdentifier;
WebCore::FramePolicyFunction m_policyFunction;
ForNavigationAction m_policyFunctionForNavigationAction { ForNavigationAction::No };
HashMap<uint64_t, CompletionHandler<void()>> m_willSubmitFormCompletionHandlers;
Modified: branches/safari-607-branch/Source/WebKit/WebProcess/WebPage/WebPage.cpp (241105 => 241106)
--- branches/safari-607-branch/Source/WebKit/WebProcess/WebPage/WebPage.cpp 2019-02-06 23:18:07 UTC (rev 241105)
+++ branches/safari-607-branch/Source/WebKit/WebProcess/WebPage/WebPage.cpp 2019-02-07 00:02:53 UTC (rev 241106)
@@ -3044,12 +3044,12 @@
m_page->setSessionID(sessionID);
}
-void WebPage::didReceivePolicyDecision(uint64_t frameID, uint64_t listenerID, PolicyAction policyAction, uint64_t navigationID, const DownloadID& downloadID, Optional<WebsitePoliciesData>&& websitePolicies)
+void WebPage::didReceivePolicyDecision(uint64_t frameID, uint64_t listenerID, PolicyCheckIdentifier identifier, PolicyAction policyAction, uint64_t navigationID, const DownloadID& downloadID, Optional<WebsitePoliciesData>&& websitePolicies)
{
WebFrame* frame = WebProcess::singleton().webFrame(frameID);
if (!frame)
return;
- frame->didReceivePolicyDecision(listenerID, policyAction, navigationID, downloadID, WTFMove(websitePolicies));
+ frame->didReceivePolicyDecision(listenerID, identifier, policyAction, navigationID, downloadID, WTFMove(websitePolicies));
}
void WebPage::continueWillSubmitForm(uint64_t frameID, uint64_t listenerID)
Modified: branches/safari-607-branch/Source/WebKit/WebProcess/WebPage/WebPage.h (241105 => 241106)
--- branches/safari-607-branch/Source/WebKit/WebProcess/WebPage/WebPage.h 2019-02-06 23:18:07 UTC (rev 241105)
+++ branches/safari-607-branch/Source/WebKit/WebProcess/WebPage/WebPage.h 2019-02-07 00:02:53 UTC (rev 241106)
@@ -1299,7 +1299,7 @@
bool parentProcessHasServiceWorkerEntitlement() const { return true; }
#endif
- void didReceivePolicyDecision(uint64_t frameID, uint64_t listenerID, WebCore::PolicyAction, uint64_t navigationID, const DownloadID&, Optional<WebsitePoliciesData>&&);
+ void didReceivePolicyDecision(uint64_t frameID, uint64_t listenerID, WebCore::PolicyCheckIdentifier, WebCore::PolicyAction, uint64_t navigationID, const DownloadID&, Optional<WebsitePoliciesData>&&);
void continueWillSubmitForm(uint64_t frameID, uint64_t listenerID);
void setUserAgent(const String&);
void setCustomTextEncodingName(const String&);
Modified: branches/safari-607-branch/Source/WebKit/WebProcess/WebPage/WebPage.messages.in (241105 => 241106)
--- branches/safari-607-branch/Source/WebKit/WebProcess/WebPage/WebPage.messages.in 2019-02-06 23:18:07 UTC (rev 241105)
+++ branches/safari-607-branch/Source/WebKit/WebProcess/WebPage/WebPage.messages.in 2019-02-07 00:02:53 UTC (rev 241106)
@@ -167,7 +167,7 @@
DidRemoveBackForwardItem(struct WebCore::BackForwardItemIdentifier backForwardItemID)
UpdateWebsitePolicies(struct WebKit::WebsitePoliciesData websitePolicies)
- DidReceivePolicyDecision(uint64_t frameID, uint64_t listenerID, enum:uint8_t WebCore::PolicyAction policyAction, uint64_t navigationID, WebKit::DownloadID downloadID, Optional<WebKit::WebsitePoliciesData> websitePolicies)
+ DidReceivePolicyDecision(uint64_t frameID, uint64_t listenerID, WebCore::PolicyCheckIdentifier policyCheckIdentifier, enum:uint8_t WebCore::PolicyAction policyAction, uint64_t navigationID, WebKit::DownloadID downloadID, Optional<WebKit::WebsitePoliciesData> websitePolicies)
ContinueWillSubmitForm(uint64_t frameID, uint64_t listenerID)
ClearSelection()
Modified: branches/safari-607-branch/Source/WebKitLegacy/mac/ChangeLog (241105 => 241106)
--- branches/safari-607-branch/Source/WebKitLegacy/mac/ChangeLog 2019-02-06 23:18:07 UTC (rev 241105)
+++ branches/safari-607-branch/Source/WebKitLegacy/mac/ChangeLog 2019-02-07 00:02:53 UTC (rev 241106)
@@ -1,3 +1,32 @@
+2019-02-06 Alan Coon <[email protected]>
+
+ Apply patch. rdar://problem/47822019
+
+ 2019-02-06 Ryosuke Niwa <[email protected]>
+
+ Validate navigation policy decisions to avoid crashes in continueLoadAfterNavigationPolicy
+ https://bugs.webkit.org/show_bug.cgi?id=194189
+
+ Reviewed by Geoffrey Garen.
+
+ Pass the policy check identifier around functions and store it in WebFramePolicyListener
+ so that we can send it back to WebCore with the navigation policy decision.
+
+ * WebCoreSupport/WebFrameLoaderClient.h:
+ * WebCoreSupport/WebFrameLoaderClient.mm:
+ (WebFrameLoaderClient::dispatchDecidePolicyForResponse):
+ (WebFrameLoaderClient::dispatchDecidePolicyForNewWindowAction):
+ (WebFrameLoaderClient::dispatchDecidePolicyForNavigationAction):
+ (WebFrameLoaderClient::dispatchWillSubmitForm):
+ (WebFrameLoaderClient::setUpPolicyListener):
+ (-[WebFramePolicyListener initWithFrame:identifier:policyFunction:defaultPolicy:]):
+ (-[WebFramePolicyListener initWithFrame:identifier:policyFunction:defaultPolicy:appLinkURL:]):
+ (-[WebFramePolicyListener invalidate]):
+ (-[WebFramePolicyListener dealloc]):
+ (-[WebFramePolicyListener receivedPolicyDecision:]):
+ (-[WebFramePolicyListener initWithFrame:policyFunction:defaultPolicy:]): Deleted.
+ (-[WebFramePolicyListener initWithFrame:policyFunction:defaultPolicy:appLinkURL:]): Deleted.
+
2019-01-30 Babak Shafiei <[email protected]>
Cherry-pick r240633. rdar://problem/47682687
Modified: branches/safari-607-branch/Source/WebKitLegacy/mac/WebCoreSupport/WebFrameLoaderClient.h (241105 => 241106)
--- branches/safari-607-branch/Source/WebKitLegacy/mac/WebCoreSupport/WebFrameLoaderClient.h 2019-02-06 23:18:07 UTC (rev 241105)
+++ branches/safari-607-branch/Source/WebKitLegacy/mac/WebCoreSupport/WebFrameLoaderClient.h 2019-02-07 00:02:53 UTC (rev 241106)
@@ -126,9 +126,9 @@
WebCore::Frame* dispatchCreatePage(const WebCore::NavigationAction&) final;
void dispatchShow() final;
- void dispatchDecidePolicyForResponse(const WebCore::ResourceResponse&, const WebCore::ResourceRequest&, WebCore::FramePolicyFunction&&) final;
- void dispatchDecidePolicyForNewWindowAction(const WebCore::NavigationAction&, const WebCore::ResourceRequest&, WebCore::FormState*, const WTF::String& frameName, WebCore::FramePolicyFunction&&) final;
- void dispatchDecidePolicyForNavigationAction(const WebCore::NavigationAction&, const WebCore::ResourceRequest&, const WebCore::ResourceResponse& redirectResponse, WebCore::FormState*, WebCore::PolicyDecisionMode, WebCore::FramePolicyFunction&&) final;
+ void dispatchDecidePolicyForResponse(const WebCore::ResourceResponse&, const WebCore::ResourceRequest&, WebCore::PolicyCheckIdentifier, WebCore::FramePolicyFunction&&) final;
+ void dispatchDecidePolicyForNewWindowAction(const WebCore::NavigationAction&, const WebCore::ResourceRequest&, WebCore::FormState*, const WTF::String& frameName, WebCore::PolicyCheckIdentifier, WebCore::FramePolicyFunction&&) final;
+ void dispatchDecidePolicyForNavigationAction(const WebCore::NavigationAction&, const WebCore::ResourceRequest&, const WebCore::ResourceResponse& redirectResponse, WebCore::FormState*, WebCore::PolicyDecisionMode, WebCore::PolicyCheckIdentifier, WebCore::FramePolicyFunction&&) final;
void cancelPolicyCheck() final;
void dispatchUnableToImplementPolicy(const WebCore::ResourceError&) final;
@@ -233,7 +233,7 @@
RemoteAXObjectRef accessibilityRemoteObject() final { return 0; }
- RetainPtr<WebFramePolicyListener> setUpPolicyListener(WebCore::FramePolicyFunction&&, WebCore::PolicyAction defaultPolicy, NSURL *appLinkURL = nil);
+ RetainPtr<WebFramePolicyListener> setUpPolicyListener(WebCore::PolicyCheckIdentifier, WebCore::FramePolicyFunction&&, WebCore::PolicyAction defaultPolicy, NSURL *appLinkURL = nil);
NSDictionary *actionDictionary(const WebCore::NavigationAction&, WebCore::FormState*) const;
Modified: branches/safari-607-branch/Source/WebKitLegacy/mac/WebCoreSupport/WebFrameLoaderClient.mm (241105 => 241106)
--- branches/safari-607-branch/Source/WebKitLegacy/mac/WebCoreSupport/WebFrameLoaderClient.mm 2019-02-06 23:18:07 UTC (rev 241105)
+++ branches/safari-607-branch/Source/WebKitLegacy/mac/WebCoreSupport/WebFrameLoaderClient.mm 2019-02-07 00:02:53 UTC (rev 241106)
@@ -178,6 +178,7 @@
@interface WebFramePolicyListener : NSObject <WebPolicyDecisionListener, WebFormSubmissionListener> {
RefPtr<Frame> _frame;
+ PolicyCheckIdentifier _identifier;
FramePolicyFunction _policyFunction;
#if HAVE(APP_LINKS)
RetainPtr<NSURL> _appLinkURL;
@@ -185,9 +186,9 @@
PolicyAction _defaultPolicy;
}
-- (id)initWithFrame:(Frame*)frame policyFunction:(FramePolicyFunction&&)policyFunction defaultPolicy:(PolicyAction)defaultPolicy;
+- (id)initWithFrame:(Frame*)frame identifier:(PolicyCheckIdentifier)identifier policyFunction:(FramePolicyFunction&&)policyFunction defaultPolicy:(PolicyAction)defaultPolicy;
#if HAVE(APP_LINKS)
-- (id)initWithFrame:(Frame*)frame policyFunction:(FramePolicyFunction&&)policyFunction defaultPolicy:(PolicyAction)defaultPolicy appLinkURL:(NSURL *)url;
+- (id)initWithFrame:(Frame*)frame identifier:(PolicyCheckIdentifier)identifier policyFunction:(FramePolicyFunction&&)policyFunction defaultPolicy:(PolicyAction)defaultPolicy appLinkURL:(NSURL *)url;
#endif
- (void)invalidate;
@@ -862,7 +863,7 @@
[[webView _UIDelegateForwarder] webViewShow:webView];
}
-void WebFrameLoaderClient::dispatchDecidePolicyForResponse(const ResourceResponse& response, const ResourceRequest& request, FramePolicyFunction&& function)
+void WebFrameLoaderClient::dispatchDecidePolicyForResponse(const ResourceResponse& response, const ResourceRequest& request, WebCore::PolicyCheckIdentifier identifier, FramePolicyFunction&& function)
{
WebView *webView = getWebView(m_webFrame.get());
@@ -870,7 +871,7 @@
decidePolicyForMIMEType:response.mimeType()
request:request.nsURLRequest(HTTPBodyUpdatePolicy::UpdateHTTPBody)
frame:m_webFrame.get()
- decisionListener:setUpPolicyListener(WTFMove(function), PolicyAction::Use).get()];
+ decisionListener:setUpPolicyListener(identifier, WTFMove(function), PolicyAction::Use).get()];
}
@@ -893,7 +894,7 @@
#endif
}
-void WebFrameLoaderClient::dispatchDecidePolicyForNewWindowAction(const NavigationAction& action, const ResourceRequest& request, FormState* formState, const String& frameName, FramePolicyFunction&& function)
+void WebFrameLoaderClient::dispatchDecidePolicyForNewWindowAction(const NavigationAction& action, const ResourceRequest& request, FormState* formState, const String& frameName, WebCore::PolicyCheckIdentifier identifier, FramePolicyFunction&& function)
{
WebView *webView = getWebView(m_webFrame.get());
BOOL tryAppLink = shouldTryAppLink(webView, action, nullptr);
@@ -902,10 +903,10 @@
decidePolicyForNewWindowAction:actionDictionary(action, formState)
request:request.nsURLRequest(HTTPBodyUpdatePolicy::UpdateHTTPBody)
newFrameName:frameName
- decisionListener:setUpPolicyListener(WTFMove(function), PolicyAction::Ignore, tryAppLink ? (NSURL *)request.url() : nil).get()];
+ decisionListener:setUpPolicyListener(identifier, WTFMove(function), PolicyAction::Ignore, tryAppLink ? (NSURL *)request.url() : nil).get()];
}
-void WebFrameLoaderClient::dispatchDecidePolicyForNavigationAction(const NavigationAction& action, const ResourceRequest& request, const ResourceResponse&, FormState* formState, PolicyDecisionMode, FramePolicyFunction&& function)
+void WebFrameLoaderClient::dispatchDecidePolicyForNavigationAction(const NavigationAction& action, const ResourceRequest& request, const ResourceResponse&, FormState* formState, PolicyDecisionMode, WebCore::PolicyCheckIdentifier identifier, FramePolicyFunction&& function)
{
WebView *webView = getWebView(m_webFrame.get());
BOOL tryAppLink = shouldTryAppLink(webView, action, core(m_webFrame.get()));
@@ -914,7 +915,7 @@
decidePolicyForNavigationAction:actionDictionary(action, formState)
request:request.nsURLRequest(HTTPBodyUpdatePolicy::UpdateHTTPBody)
frame:m_webFrame.get()
- decisionListener:setUpPolicyListener(WTFMove(function), PolicyAction::Ignore, tryAppLink ? (NSURL *)request.url() : nil).get()];
+ decisionListener:setUpPolicyListener(identifier, WTFMove(function), PolicyAction::Ignore, tryAppLink ? (NSURL *)request.url() : nil).get()];
}
void WebFrameLoaderClient::cancelPolicyCheck()
@@ -962,7 +963,9 @@
}
NSDictionary *values = makeFormFieldValuesDictionary(formState);
- CallFormDelegate(getWebView(m_webFrame.get()), @selector(frame:sourceFrame:willSubmitForm:withValues:submissionListener:), m_webFrame.get(), kit(formState.sourceDocument().frame()), kit(&formState.form()), values, setUpPolicyListener([completionHandler = WTFMove(completionHandler)](PolicyAction) mutable { completionHandler(); }, PolicyAction::Ignore).get());
+ CallFormDelegate(getWebView(m_webFrame.get()), @selector(frame:sourceFrame:willSubmitForm:withValues:submissionListener:), m_webFrame.get(), kit(formState.sourceDocument().frame()), kit(&formState.form()), values, setUpPolicyListener(PolicyCheckIdentifier { },
+ [completionHandler = WTFMove(completionHandler)](PolicyAction, PolicyCheckIdentifier) mutable { completionHandler(); },
+ PolicyAction::Ignore).get());
}
void WebFrameLoaderClient::revertToProvisionalState(DocumentLoader* loader)
@@ -1515,7 +1518,7 @@
{
}
-RetainPtr<WebFramePolicyListener> WebFrameLoaderClient::setUpPolicyListener(FramePolicyFunction&& function, PolicyAction defaultPolicy, NSURL *appLinkURL)
+RetainPtr<WebFramePolicyListener> WebFrameLoaderClient::setUpPolicyListener(PolicyCheckIdentifier identifier, FramePolicyFunction&& function, PolicyAction defaultPolicy, NSURL *appLinkURL)
{
// FIXME: <rdar://5634381> We need to support multiple active policy listeners.
[m_policyListener invalidate];
@@ -1523,10 +1526,10 @@
RetainPtr<WebFramePolicyListener> policyListener;
#if HAVE(APP_LINKS)
if (appLinkURL)
- policyListener = adoptNS([[WebFramePolicyListener alloc] initWithFrame:core(m_webFrame.get()) policyFunction:WTFMove(function) defaultPolicy:defaultPolicy appLinkURL:appLinkURL]);
+ policyListener = adoptNS([[WebFramePolicyListener alloc] initWithFrame:core(m_webFrame.get()) identifier:identifier policyFunction:WTFMove(function) defaultPolicy:defaultPolicy appLinkURL:appLinkURL]);
else
#endif
- policyListener = adoptNS([[WebFramePolicyListener alloc] initWithFrame:core(m_webFrame.get()) policyFunction:WTFMove(function) defaultPolicy:defaultPolicy]);
+ policyListener = adoptNS([[WebFramePolicyListener alloc] initWithFrame:core(m_webFrame.get()) identifier:identifier policyFunction:WTFMove(function) defaultPolicy:defaultPolicy]);
m_policyListener = policyListener.get();
@@ -2380,12 +2383,13 @@
#endif
}
-- (id)initWithFrame:(Frame*)frame policyFunction:(FramePolicyFunction&&)policyFunction defaultPolicy:(PolicyAction)defaultPolicy
+- (id)initWithFrame:(Frame*)frame identifier:(PolicyCheckIdentifier)identifier policyFunction:(FramePolicyFunction&&)policyFunction defaultPolicy:(PolicyAction)defaultPolicy
{
self = [self init];
if (!self)
return nil;
+ _identifier = identifier;
_frame = frame;
_policyFunction = WTFMove(policyFunction);
_defaultPolicy = defaultPolicy;
@@ -2394,9 +2398,9 @@
}
#if HAVE(APP_LINKS)
-- (id)initWithFrame:(Frame*)frame policyFunction:(FramePolicyFunction&&)policyFunction defaultPolicy:(PolicyAction)defaultPolicy appLinkURL:(NSURL *)appLinkURL
+- (id)initWithFrame:(Frame*)frame identifier:(PolicyCheckIdentifier)identifier policyFunction:(FramePolicyFunction&&)policyFunction defaultPolicy:(PolicyAction)defaultPolicy appLinkURL:(NSURL *)appLinkURL
{
- self = [self initWithFrame:frame policyFunction:WTFMove(policyFunction) defaultPolicy:defaultPolicy];
+ self = [self initWithFrame:frame identifier:identifier policyFunction:WTFMove(policyFunction) defaultPolicy:defaultPolicy];
if (!self)
return nil;
@@ -2410,7 +2414,7 @@
{
_frame = nullptr;
if (auto policyFunction = std::exchange(_policyFunction, nullptr))
- policyFunction(PolicyAction::Ignore);
+ policyFunction(PolicyAction::Ignore, _identifier);
}
- (void)dealloc
@@ -2423,7 +2427,7 @@
_frame = nullptr;
if (auto policyFunction = std::exchange(_policyFunction, nullptr)) {
RELEASE_LOG_ERROR(Loading, "Client application failed to make a policy decision via WebPolicyDecisionListener, using defaultPolicy %hhu", _defaultPolicy);
- policyFunction(_defaultPolicy);
+ policyFunction(_defaultPolicy, _identifier);
}
[super dealloc];
@@ -2436,7 +2440,7 @@
return;
if (auto policyFunction = std::exchange(_policyFunction, nullptr))
- policyFunction(action);
+ policyFunction(action, _identifier);
}
- (void)ignore
Modified: branches/safari-607-branch/Source/WebKitLegacy/win/ChangeLog (241105 => 241106)
--- branches/safari-607-branch/Source/WebKitLegacy/win/ChangeLog 2019-02-06 23:18:07 UTC (rev 241105)
+++ branches/safari-607-branch/Source/WebKitLegacy/win/ChangeLog 2019-02-07 00:02:53 UTC (rev 241106)
@@ -1,3 +1,25 @@
+2019-02-06 Alan Coon <[email protected]>
+
+ Apply patch. rdar://problem/47822019
+
+ 2019-02-06 Ryosuke Niwa <[email protected]>
+
+ Validate navigation policy decisions to avoid crashes in continueLoadAfterNavigationPolicy
+ https://bugs.webkit.org/show_bug.cgi?id=194189
+
+ Reviewed by Geoffrey Garen.
+
+ Pass the policy check identifier around functions and store it in WebFramePolicyListener
+ so that we can send it back to WebCore with the navigation policy decision.
+
+ * WebCoreSupport/WebFrameLoaderClient.cpp:
+ (WebFrameLoaderClient::dispatchDecidePolicyForResponse):
+ (WebFrameLoaderClient::dispatchDecidePolicyForNewWindowAction):
+ (WebFrameLoaderClient::dispatchDecidePolicyForNavigationAction):
+ (WebFrameLoaderClient::dispatchWillSubmitForm):
+ (WebFrameLoaderClient::setUpPolicyListener):
+ * WebCoreSupport/WebFrameLoaderClient.h:
+
2019-01-23 Alan Coon <[email protected]>
Cherry-pick r240131. rdar://problem/47458219
Modified: branches/safari-607-branch/Source/WebKitLegacy/win/WebCoreSupport/WebFrameLoaderClient.cpp (241105 => 241106)
--- branches/safari-607-branch/Source/WebKitLegacy/win/WebCoreSupport/WebFrameLoaderClient.cpp 2019-02-06 23:18:07 UTC (rev 241105)
+++ branches/safari-607-branch/Source/WebKitLegacy/win/WebCoreSupport/WebFrameLoaderClient.cpp 2019-02-07 00:02:53 UTC (rev 241106)
@@ -101,6 +101,7 @@
~WebFramePolicyListenerPrivate() { }
+ PolicyCheckIdentifier m_policyCheckIdentifier;
FramePolicyFunction m_policyFunction;
COMPtr<WebFramePolicyListener> m_policyListener;
};
@@ -529,7 +530,7 @@
ui->webViewShow(webView);
}
-void WebFrameLoaderClient::dispatchDecidePolicyForResponse(const ResourceResponse& response, const ResourceRequest& request, FramePolicyFunction&& function)
+void WebFrameLoaderClient::dispatchDecidePolicyForResponse(const ResourceResponse& response, const ResourceRequest& request, WebCore::PolicyCheckIdentifier identifier, FramePolicyFunction&& function)
{
WebView* webView = m_webFrame->webView();
Frame* coreFrame = core(m_webFrame);
@@ -541,13 +542,13 @@
COMPtr<IWebURLRequest> urlRequest(AdoptCOM, WebMutableURLRequest::createInstance(request));
- if (SUCCEEDED(policyDelegate->decidePolicyForMIMEType(webView, BString(response.mimeType()), urlRequest.get(), m_webFrame, setUpPolicyListener(WTFMove(function)).get())))
+ if (SUCCEEDED(policyDelegate->decidePolicyForMIMEType(webView, BString(response.mimeType()), urlRequest.get(), m_webFrame, setUpPolicyListener(identifier, WTFMove(function)).get())))
return;
- m_policyListenerPrivate->m_policyFunction(PolicyAction::Use);
+ m_policyListenerPrivate->m_policyFunction(PolicyAction::Use, identifier);
}
-void WebFrameLoaderClient::dispatchDecidePolicyForNewWindowAction(const NavigationAction& action, const ResourceRequest& request, FormState* formState, const String& frameName, FramePolicyFunction&& function)
+void WebFrameLoaderClient::dispatchDecidePolicyForNewWindowAction(const NavigationAction& action, const ResourceRequest& request, FormState* formState, const String& frameName, WebCore::PolicyCheckIdentifier identifier, FramePolicyFunction&& function)
{
WebView* webView = m_webFrame->webView();
Frame* coreFrame = core(m_webFrame);
@@ -560,13 +561,13 @@
COMPtr<IWebURLRequest> urlRequest(AdoptCOM, WebMutableURLRequest::createInstance(request));
COMPtr<WebActionPropertyBag> actionInformation(AdoptCOM, WebActionPropertyBag::createInstance(action, formState ? &formState->form() : nullptr, coreFrame));
- if (SUCCEEDED(policyDelegate->decidePolicyForNewWindowAction(webView, actionInformation.get(), urlRequest.get(), BString(frameName), setUpPolicyListener(WTFMove(function)).get())))
+ if (SUCCEEDED(policyDelegate->decidePolicyForNewWindowAction(webView, actionInformation.get(), urlRequest.get(), BString(frameName), setUpPolicyListener(identifier, WTFMove(function)).get())))
return;
- m_policyListenerPrivate->m_policyFunction(PolicyAction::Use);
+ m_policyListenerPrivate->m_policyFunction(PolicyAction::Use, identifier);
}
-void WebFrameLoaderClient::dispatchDecidePolicyForNavigationAction(const NavigationAction& action, const ResourceRequest& request, const ResourceResponse&, FormState* formState, WebCore::PolicyDecisionMode, FramePolicyFunction&& function)
+void WebFrameLoaderClient::dispatchDecidePolicyForNavigationAction(const NavigationAction& action, const ResourceRequest& request, const ResourceResponse&, FormState* formState, WebCore::PolicyDecisionMode, WebCore::PolicyCheckIdentifier identifier, FramePolicyFunction&& function)
{
WebView* webView = m_webFrame->webView();
Frame* coreFrame = core(m_webFrame);
@@ -579,10 +580,10 @@
COMPtr<IWebURLRequest> urlRequest(AdoptCOM, WebMutableURLRequest::createInstance(request));
COMPtr<WebActionPropertyBag> actionInformation(AdoptCOM, WebActionPropertyBag::createInstance(action, formState ? &formState->form() : nullptr, coreFrame));
- if (SUCCEEDED(policyDelegate->decidePolicyForNavigationAction(webView, actionInformation.get(), urlRequest.get(), m_webFrame, setUpPolicyListener(WTFMove(function)).get())))
+ if (SUCCEEDED(policyDelegate->decidePolicyForNavigationAction(webView, actionInformation.get(), urlRequest.get(), m_webFrame, setUpPolicyListener(identifier, WTFMove(function)).get())))
return;
- m_policyListenerPrivate->m_policyFunction(PolicyAction::Use);
+ m_policyListenerPrivate->m_policyFunction(PolicyAction::Use, identifier);
}
void WebFrameLoaderClient::dispatchUnableToImplementPolicy(const ResourceError& error)
@@ -624,7 +625,8 @@
COMPtr<IPropertyBag> formValuesPropertyBag(AdoptCOM, COMPropertyBag<String>::createInstance(formValuesMap));
COMPtr<WebFrame> sourceFrame(kit(formState.sourceDocument().frame()));
- if (SUCCEEDED(formDelegate->willSubmitForm(m_webFrame, sourceFrame.get(), formElement.get(), formValuesPropertyBag.get(), setUpPolicyListener([completionHandler = WTFMove(completionHandler)] (PolicyAction) mutable { completionHandler(); }).get())))
+ if (SUCCEEDED(formDelegate->willSubmitForm(m_webFrame, sourceFrame.get(), formElement.get(), formValuesPropertyBag.get(),
+ setUpPolicyListener(PolicyCheckIdentifier { }, [completionHandler = WTFMove(completionHandler)] (PolicyAction, PolicyCheckIdentifier) mutable { completionHandler(); }).get())))
return;
// FIXME: Add a sane default implementation
@@ -1283,7 +1285,7 @@
m_policyListenerPrivate->m_policyFunction = nullptr;
}
-COMPtr<WebFramePolicyListener> WebFrameLoaderClient::setUpPolicyListener(WebCore::FramePolicyFunction&& function)
+COMPtr<WebFramePolicyListener> WebFrameLoaderClient::setUpPolicyListener(WebCore::PolicyCheckIdentifier identifier, WebCore::FramePolicyFunction&& function)
{
// FIXME: <rdar://5634381> We need to support multiple active policy listeners.
@@ -1294,6 +1296,7 @@
ASSERT(coreFrame);
m_policyListenerPrivate->m_policyListener.adoptRef(WebFramePolicyListener::createInstance(coreFrame));
+ m_policyListenerPrivate->m_policyCheckIdentifier = identifier;
m_policyListenerPrivate->m_policyFunction = WTFMove(function);
return m_policyListenerPrivate->m_policyListener;
@@ -1311,7 +1314,7 @@
Frame* coreFrame = core(m_webFrame);
ASSERT(coreFrame);
- function(action);
+ function(action, m_policyListenerPrivate->m_policyCheckIdentifier);
}
void WebFrameLoaderClient::prefetchDNS(const String& hostname)
Modified: branches/safari-607-branch/Source/WebKitLegacy/win/WebCoreSupport/WebFrameLoaderClient.h (241105 => 241106)
--- branches/safari-607-branch/Source/WebKitLegacy/win/WebCoreSupport/WebFrameLoaderClient.h 2019-02-06 23:18:07 UTC (rev 241105)
+++ branches/safari-607-branch/Source/WebKitLegacy/win/WebCoreSupport/WebFrameLoaderClient.h 2019-02-07 00:02:53 UTC (rev 241106)
@@ -100,9 +100,9 @@
void dispatchDidFinishLoad() override;
void dispatchDidReachLayoutMilestone(OptionSet<WebCore::LayoutMilestone>) override;
- void dispatchDecidePolicyForResponse(const WebCore::ResourceResponse&, const WebCore::ResourceRequest&, WebCore::FramePolicyFunction&&) override;
- void dispatchDecidePolicyForNewWindowAction(const WebCore::NavigationAction&, const WebCore::ResourceRequest&, WebCore::FormState*, const WTF::String& frameName, WebCore::FramePolicyFunction&&) override;
- void dispatchDecidePolicyForNavigationAction(const WebCore::NavigationAction&, const WebCore::ResourceRequest&, const WebCore::ResourceResponse& redirectResponse, WebCore::FormState*, WebCore::PolicyDecisionMode, WebCore::FramePolicyFunction&&) override;
+ void dispatchDecidePolicyForResponse(const WebCore::ResourceResponse&, const WebCore::ResourceRequest&, WebCore::PolicyCheckIdentifier, WebCore::FramePolicyFunction&&) override;
+ void dispatchDecidePolicyForNewWindowAction(const WebCore::NavigationAction&, const WebCore::ResourceRequest&, WebCore::FormState*, const WTF::String& frameName, WebCore::PolicyCheckIdentifier, WebCore::FramePolicyFunction&&) override;
+ void dispatchDecidePolicyForNavigationAction(const WebCore::NavigationAction&, const WebCore::ResourceRequest&, const WebCore::ResourceResponse& redirectResponse, WebCore::FormState*, WebCore::PolicyDecisionMode, WebCore::PolicyCheckIdentifier, WebCore::FramePolicyFunction&&) override;
void cancelPolicyCheck() override;
void dispatchUnableToImplementPolicy(const WebCore::ResourceError&) override;
@@ -197,7 +197,7 @@
void dispatchDidClearWindowObjectInWorld(WebCore::DOMWrapperWorld&) override;
- COMPtr<WebFramePolicyListener> setUpPolicyListener(WebCore::FramePolicyFunction&&);
+ COMPtr<WebFramePolicyListener> setUpPolicyListener(WebCore::PolicyCheckIdentifier, WebCore::FramePolicyFunction&&);
void receivedPolicyDecision(WebCore::PolicyAction);
bool shouldAlwaysUsePluginDocument(const WTF::String& mimeType) const override;
