Diff
Modified: branches/safari-608-branch/LayoutTests/ChangeLog (252612 => 252613)
--- branches/safari-608-branch/LayoutTests/ChangeLog 2019-11-19 01:12:50 UTC (rev 252612)
+++ branches/safari-608-branch/LayoutTests/ChangeLog 2019-11-19 01:12:57 UTC (rev 252613)
@@ -1,5 +1,27 @@
2019-11-18 Alan Coon <[email protected]>
+ Apply patch. rdar://problem/57283569
+
+ 2019-11-18 Alex Christensen <[email protected]>
+
+ WKContentRuleLists should block requests from service workers
+ https://bugs.webkit.org/show_bug.cgi?id=201980
+ <rdar://problem/55516735>
+
+ Reviewed by Chris Dumez.
+
+ * http/tests/contentextensions/resources/fetch-worker.js: Added.
+ (event.fetch.string_appeared_here.then):
+ (event.catch):
+ * http/tests/contentextensions/resources/serviceworkertest.js: Added.
+ (testServiceWorker):
+ (test):
+ * http/tests/contentextensions/service-worker.https-expected.txt: Added.
+ * http/tests/contentextensions/service-worker.https.html: Added.
+ * http/tests/contentextensions/service-worker.https.html.json: Added.
+
+2019-11-18 Alan Coon <[email protected]>
+
Apply patch. rdar://problem/57257755
2019-11-18 John Wilander <[email protected]>
Added: branches/safari-608-branch/LayoutTests/http/tests/contentextensions/resources/fetch-worker.js (0 => 252613)
--- branches/safari-608-branch/LayoutTests/http/tests/contentextensions/resources/fetch-worker.js (rev 0)
+++ branches/safari-608-branch/LayoutTests/http/tests/contentextensions/resources/fetch-worker.js 2019-11-19 01:12:57 UTC (rev 252613)
@@ -0,0 +1,11 @@
+self.addEventListener("message", (event) => {
+ fetch("/resources/dummy.js").then(() => {
+ event.source.postMessage("FAIL - should have blocked dummy.js");
+ }).catch(() => {
+ fetch("/resources/dummy.css").then(() => {
+ event.source.postMessage("PASS - blocked dummy.js, allowed dummy.css");
+ }).catch(() => {
+ event.source.postMessage("FAIL - should have allowed dummy.css");
+ });
+ });
+});
Added: branches/safari-608-branch/LayoutTests/http/tests/contentextensions/resources/serviceworkertest.js (0 => 252613)
--- branches/safari-608-branch/LayoutTests/http/tests/contentextensions/resources/serviceworkertest.js (rev 0)
+++ branches/safari-608-branch/LayoutTests/http/tests/contentextensions/resources/serviceworkertest.js 2019-11-19 01:12:57 UTC (rev 252613)
@@ -0,0 +1,44 @@
+if (window.testRunner) {
+ testRunner.dumpAsText();
+ testRunner.waitUntilDone();
+}
+
+function testServiceWorker() {
+ navigator.serviceWorker.addEventListener("message", function(event) {
+ alert("Message from worker: " + event.data);
+ if (window.testRunner)
+ testRunner.notifyDone();
+ });
+
+ try {
+ navigator.serviceWorker.register('resources/fetch-worker.js').then(function(reg) {
+ worker = reg.installing ? reg.installing : reg.active;
+ worker.postMessage("Hello from the web page");
+ }).catch(function(error) {
+ alert("Registration failed with: " + error);
+ if (window.testRunner)
+ testRunner.notifyDone();
+ });
+ } catch(e) {
+ alert("Exception: " + e);
+ if (window.testRunner)
+ testRunner.notifyDone();
+ }
+}
+
+function test() {
+ fetch("/resources/dummy.js").then(() => {
+ alert("FAIL - should have blocked request to dummy.js");
+ if (window.testRunner)
+ testRunner.notifyDone();
+ }).catch(() => {
+ alert("PASS - blocked request to dummy.js");
+ fetch("/resources/dummy.css").then(() => {
+ testServiceWorker();
+ }).catch(() => {
+ alert("FAIL - should have allowed request to dummy.css");
+ if (window.testRunner)
+ testRunner.notifyDone();
+ });
+ });
+}
Added: branches/safari-608-branch/LayoutTests/http/tests/contentextensions/service-worker.https-expected.txt (0 => 252613)
--- branches/safari-608-branch/LayoutTests/http/tests/contentextensions/service-worker.https-expected.txt (rev 0)
+++ branches/safari-608-branch/LayoutTests/http/tests/contentextensions/service-worker.https-expected.txt 2019-11-19 01:12:57 UTC (rev 252613)
@@ -0,0 +1,6 @@
+CONSOLE MESSAGE: line 30: Content blocker prevented frame displaying https://127.0.0.1:8443/contentextensions/service-worker.https.html from loading a resource from https://127.0.0.1:8443/resources/dummy.js
+CONSOLE MESSAGE: line 30: Resource blocked by content blocker
+CONSOLE MESSAGE: line 30: Fetch API cannot load https://127.0.0.1:8443/resources/dummy.js due to access control checks.
+ALERT: PASS - blocked request to dummy.js
+ALERT: Message from worker: PASS - blocked dummy.js, allowed dummy.css
+
Added: branches/safari-608-branch/LayoutTests/http/tests/contentextensions/service-worker.https.html (0 => 252613)
--- branches/safari-608-branch/LayoutTests/http/tests/contentextensions/service-worker.https.html (rev 0)
+++ branches/safari-608-branch/LayoutTests/http/tests/contentextensions/service-worker.https.html 2019-11-19 01:12:57 UTC (rev 252613)
@@ -0,0 +1,4 @@
+<head>
+<script src=""
+</head>
+<body _onload_="test()"></body>
Added: branches/safari-608-branch/LayoutTests/http/tests/contentextensions/service-worker.https.html.json (0 => 252613)
--- branches/safari-608-branch/LayoutTests/http/tests/contentextensions/service-worker.https.html.json (rev 0)
+++ branches/safari-608-branch/LayoutTests/http/tests/contentextensions/service-worker.https.html.json 2019-11-19 01:12:57 UTC (rev 252613)
@@ -0,0 +1,10 @@
+[
+ {
+ "action": {
+ "type": "block"
+ },
+ "trigger": {
+ "url-filter": "dummy.js"
+ }
+ }
+]
Modified: branches/safari-608-branch/Source/WebKit/ChangeLog (252612 => 252613)
--- branches/safari-608-branch/Source/WebKit/ChangeLog 2019-11-19 01:12:50 UTC (rev 252612)
+++ branches/safari-608-branch/Source/WebKit/ChangeLog 2019-11-19 01:12:57 UTC (rev 252613)
@@ -1,5 +1,51 @@
2019-11-18 Alan Coon <[email protected]>
+ Apply patch. rdar://problem/57283569
+
+ 2019-11-18 Alex Christensen <[email protected]>
+
+ WKContentRuleLists should block requests from service workers
+ https://bugs.webkit.org/show_bug.cgi?id=201980
+ <rdar://problem/55516735>
+
+ Reviewed by Chris Dumez.
+
+ Test: http/tests/contentextensions/service-worker.https.html
+
+ Also covered by an API test.
+
+ * Shared/ServiceWorkerInitializationData.cpp: Added.
+ (WebKit::ServiceWorkerInitializationData::encode const):
+ (WebKit::ServiceWorkerInitializationData::decode):
+ * Shared/ServiceWorkerInitializationData.h: Added.
+ * Sources.txt:
+ * UIProcess/UserContent/WebUserContentControllerProxy.cpp:
+ (WebKit::WebUserContentControllerProxy::addProcess):
+ (WebKit::WebUserContentControllerProxy::contentRuleListData):
+ * UIProcess/UserContent/WebUserContentControllerProxy.h:
+ * UIProcess/WebProcessPool.cpp:
+ (WebKit::WebProcessPool::establishWorkerContextConnectionToNetworkProcess):
+ (WebKit::WebProcessPool::createWebPage):
+ * UIProcess/WebProcessPool.h:
+ * UIProcess/WebProcessProxy.cpp:
+ (WebKit::WebProcessProxy::createForServiceWorkers):
+ (WebKit::WebProcessProxy::establishServiceWorkerContext):
+ (WebKit::contentRuleListsFromIdentifier):
+ (WebKit::WebProcessProxy::enableServiceWorkers):
+ * UIProcess/WebProcessProxy.h:
+ * WebKit.xcodeproj/project.pbxproj:
+ * WebProcess/Storage/WebSWContextManagerConnection.cpp:
+ (WebKit::WebSWContextManagerConnection::WebSWContextManagerConnection):
+ (WebKit::m_userAgent):
+ (WebKit::WebSWContextManagerConnection::installServiceWorker):
+ * WebProcess/Storage/WebSWContextManagerConnection.h:
+ * WebProcess/WebProcess.cpp:
+ (WebKit::WebProcess::establishWorkerContextConnectionToNetworkProcess):
+ * WebProcess/WebProcess.h:
+ * WebProcess/WebProcess.messages.in:
+
+2019-11-18 Alan Coon <[email protected]>
+
Apply patch. rdar://problem/57257755
2019-11-18 John Wilander <[email protected]>
Added: branches/safari-608-branch/Source/WebKit/Shared/ServiceWorkerInitializationData.cpp (0 => 252613)
--- branches/safari-608-branch/Source/WebKit/Shared/ServiceWorkerInitializationData.cpp (rev 0)
+++ branches/safari-608-branch/Source/WebKit/Shared/ServiceWorkerInitializationData.cpp 2019-11-19 01:12:57 UTC (rev 252613)
@@ -0,0 +1,65 @@
+/*
+ * Copyright (C) 2019 Apple Inc. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS''
+ * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,
+ * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS
+ * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF
+ * THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include "config.h"
+#include "ServiceWorkerInitializationData.h"
+
+#include "Decoder.h"
+#include "Encoder.h"
+#include "WebCompiledContentRuleListData.h"
+
+namespace WebKit {
+
+void ServiceWorkerInitializationData::encode(IPC::Encoder& encoder) const
+{
+ encoder << userContentControllerIdentifier;
+#if ENABLE(CONTENT_EXTENSIONS)
+ encoder << contentRuleLists;
+#endif
+}
+
+Optional<ServiceWorkerInitializationData> ServiceWorkerInitializationData::decode(IPC::Decoder& decoder)
+{
+ Optional<Optional<UserContentControllerIdentifier>> userContentControllerIdentifier;
+ decoder >> userContentControllerIdentifier;
+ if (!userContentControllerIdentifier)
+ return WTF::nullopt;
+
+#if ENABLE(CONTENT_EXTENSIONS)
+ Optional<Vector<std::pair<String, WebCompiledContentRuleListData>>> contentRuleLists;
+ decoder >> contentRuleLists;
+ if (!contentRuleLists)
+ return WTF::nullopt;
+#endif
+
+ return {{
+ WTFMove(*userContentControllerIdentifier),
+#if ENABLE(CONTENT_EXTENSIONS)
+ WTFMove(*contentRuleLists),
+#endif
+ }};
+}
+
+}
Added: branches/safari-608-branch/Source/WebKit/Shared/ServiceWorkerInitializationData.h (0 => 252613)
--- branches/safari-608-branch/Source/WebKit/Shared/ServiceWorkerInitializationData.h (rev 0)
+++ branches/safari-608-branch/Source/WebKit/Shared/ServiceWorkerInitializationData.h 2019-11-19 01:12:57 UTC (rev 252613)
@@ -0,0 +1,51 @@
+/*
+ * Copyright (C) 2019 Apple Inc. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS''
+ * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,
+ * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS
+ * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF
+ * THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#pragma once
+
+#include "UserContentControllerIdentifier.h"
+#include <wtf/Forward.h>
+
+namespace IPC {
+class Decoder;
+class Encoder;
+}
+
+namespace WebKit {
+
+class WebCompiledContentRuleListData;
+
+struct ServiceWorkerInitializationData {
+
+ void encode(IPC::Encoder&) const;
+ static Optional<ServiceWorkerInitializationData> decode(IPC::Decoder&);
+
+ Optional<UserContentControllerIdentifier> userContentControllerIdentifier;
+#if ENABLE(CONTENT_EXTENSIONS)
+ Vector<std::pair<String, WebCompiledContentRuleListData>> contentRuleLists;
+#endif
+};
+
+} // namespace WebKit
Modified: branches/safari-608-branch/Source/WebKit/Sources.txt (252612 => 252613)
--- branches/safari-608-branch/Source/WebKit/Sources.txt 2019-11-19 01:12:50 UTC (rev 252612)
+++ branches/safari-608-branch/Source/WebKit/Sources.txt 2019-11-19 01:12:57 UTC (rev 252613)
@@ -128,6 +128,7 @@
Shared/PrintInfo.cpp
Shared/RTCNetwork.cpp
Shared/RTCPacketOptions.cpp
+Shared/ServiceWorkerInitializationData.cpp
Shared/SessionState.cpp
Shared/ShareableBitmap.cpp @no-unify
Shared/ShareableResource.cpp
Modified: branches/safari-608-branch/Source/WebKit/UIProcess/ServiceWorkerProcessProxy.cpp (252612 => 252613)
--- branches/safari-608-branch/Source/WebKit/UIProcess/ServiceWorkerProcessProxy.cpp 2019-11-19 01:12:50 UTC (rev 252612)
+++ branches/safari-608-branch/Source/WebKit/UIProcess/ServiceWorkerProcessProxy.cpp 2019-11-19 01:12:57 UTC (rev 252613)
@@ -37,6 +37,7 @@
#include "WebProcessMessages.h"
#include "WebProcessPool.h"
#include "WebSWContextManagerConnectionMessages.h"
+#include "WebUserContentControllerProxy.h"
#include <WebCore/NotImplemented.h>
#include <WebCore/RegistrationDatabase.h>
@@ -75,9 +76,34 @@
launchOptions.extraInitializationData.add("registrable-domain"_s, registrableDomain().string());
}
+#if ENABLE(CONTENT_EXTENSIONS)
+static Vector<std::pair<String, WebCompiledContentRuleListData>> contentRuleListsFromIdentifier(const Optional<UserContentControllerIdentifier>& userContentControllerIdentifier)
+{
+ if (!userContentControllerIdentifier) {
+ ASSERT_NOT_REACHED();
+ return { };
+ }
+
+ auto* userContentController = WebUserContentControllerProxy::get(*userContentControllerIdentifier);
+ if (!userContentController) {
+ ASSERT_NOT_REACHED();
+ return { };
+ }
+
+ return userContentController->contentRuleListData();
+}
+#endif
+
void ServiceWorkerProcessProxy::start(const WebPreferencesStore& store, Optional<PAL::SessionID> initialSessionID)
{
- send(Messages::WebProcess::EstablishWorkerContextConnectionToNetworkProcess { processPool().defaultPageGroup().pageGroupID(), m_serviceWorkerPageID, store, initialSessionID.valueOr(PAL::SessionID::defaultSessionID()) }, 0);
+ auto& userContentControllerID = processPool().userContentControllerIdentifierForServiceWorkers();
+ ServiceWorkerInitializationData initializationData {
+ userContentControllerID,
+#if ENABLE(CONTENT_EXTENSIONS)
+ contentRuleListsFromIdentifier(userContentControllerID),
+#endif
+ };
+ send(Messages::WebProcess::EstablishWorkerContextConnectionToNetworkProcess { processPool().defaultPageGroup().pageGroupID(), m_serviceWorkerPageID, store, initialSessionID.valueOr(PAL::SessionID::defaultSessionID()), initializationData }, 0);
}
void ServiceWorkerProcessProxy::setUserAgent(const String& userAgent)
Modified: branches/safari-608-branch/Source/WebKit/UIProcess/UserContent/WebUserContentControllerProxy.cpp (252612 => 252613)
--- branches/safari-608-branch/Source/WebKit/UIProcess/UserContent/WebUserContentControllerProxy.cpp 2019-11-19 01:12:50 UTC (rev 252612)
+++ branches/safari-608-branch/Source/WebKit/UIProcess/UserContent/WebUserContentControllerProxy.cpp 2019-11-19 01:12:57 UTC (rev 252613)
@@ -109,11 +109,21 @@
#if ENABLE(CONTENT_EXTENSIONS)
ASSERT(parameters.contentRuleLists.isEmpty());
- for (const auto& contentRuleList : m_contentRuleLists.values())
- parameters.contentRuleLists.append(std::make_pair(contentRuleList->name(), contentRuleList->compiledRuleList().data()));
+ parameters.contentRuleLists = contentRuleListData();
#endif
}
+#if ENABLE(CONTENT_EXTENSIONS)
+Vector<std::pair<String, WebCompiledContentRuleListData>> WebUserContentControllerProxy::contentRuleListData()
+{
+ Vector<std::pair<String, WebCompiledContentRuleListData>> data;
+ data.reserveInitialCapacity(m_contentRuleLists.size());
+ for (const auto& contentRuleList : m_contentRuleLists.values())
+ data.uncheckedAppend(std::make_pair(contentRuleList->name(), contentRuleList->compiledRuleList().data()));
+ return data;
+}
+#endif
+
void WebUserContentControllerProxy::removeProcess(WebProcessProxy& webProcessProxy)
{
ASSERT(m_processes.contains(webProcessProxy));
Modified: branches/safari-608-branch/Source/WebKit/UIProcess/UserContent/WebUserContentControllerProxy.h (252612 => 252613)
--- branches/safari-608-branch/Source/WebKit/UIProcess/UserContent/WebUserContentControllerProxy.h 2019-11-19 01:12:50 UTC (rev 252612)
+++ branches/safari-608-branch/Source/WebKit/UIProcess/UserContent/WebUserContentControllerProxy.h 2019-11-19 01:12:57 UTC (rev 252613)
@@ -60,6 +60,7 @@
class WebProcessProxy;
class WebScriptMessageHandler;
struct FrameInfoData;
+class WebCompiledContentRuleListData;
struct WebPageCreationParameters;
enum class InjectUserScriptImmediately : bool;
@@ -104,6 +105,7 @@
void removeContentRuleList(const String&);
void removeAllContentRuleLists();
const HashMap<String, RefPtr<API::ContentRuleList>>& contentExtensionRules() { return m_contentRuleLists; }
+ Vector<std::pair<String, WebCompiledContentRuleListData>> contentRuleListData();
#endif
UserContentControllerIdentifier identifier() const { return m_identifier; }
Modified: branches/safari-608-branch/Source/WebKit/UIProcess/WebProcessPool.cpp (252612 => 252613)
--- branches/safari-608-branch/Source/WebKit/UIProcess/WebProcessPool.cpp 2019-11-19 01:12:50 UTC (rev 252612)
+++ branches/safari-608-branch/Source/WebKit/UIProcess/WebProcessPool.cpp 2019-11-19 01:12:57 UTC (rev 252613)
@@ -76,6 +76,7 @@
#include "WebProcessMessages.h"
#include "WebProcessPoolMessages.h"
#include "WebProcessProxy.h"
+#include "WebUserContentControllerProxy.h"
#include "WebsiteDataStore.h"
#include "WebsiteDataStoreParameters.h"
#include <_javascript_Core/JSCInlines.h>
@@ -1253,6 +1254,8 @@
} else
process = &processForRegistrableDomain(pageConfiguration->websiteDataStore()->websiteDataStore(), nullptr, { });
+ RefPtr<WebUserContentControllerProxy> userContentController = pageConfiguration->userContentController();
+
ASSERT(process);
auto page = process->createWebPage(pageClient, WTFMove(pageConfiguration));
@@ -1265,6 +1268,8 @@
for (auto* serviceWorkerProcess : m_serviceWorkerProcesses.values())
serviceWorkerProcess->updatePreferencesStore(*m_serviceWorkerPreferences);
}
+ if (userContentController)
+ m_userContentControllerIDForServiceWorker = userContentController->identifier();
#endif
bool enableProcessSwapOnCrossSiteNavigation = page->preferences().processSwapOnCrossSiteNavigationEnabled();
Modified: branches/safari-608-branch/Source/WebKit/UIProcess/WebProcessPool.h (252612 => 252613)
--- branches/safari-608-branch/Source/WebKit/UIProcess/WebProcessPool.h 2019-11-19 01:12:50 UTC (rev 252612)
+++ branches/safari-608-branch/Source/WebKit/UIProcess/WebProcessPool.h 2019-11-19 01:12:57 UTC (rev 252613)
@@ -399,6 +399,7 @@
bool allowsAnySSLCertificateForServiceWorker() const { return m_allowsAnySSLCertificateForServiceWorker; }
void updateServiceWorkerUserAgent(const String& userAgent);
bool mayHaveRegisteredServiceWorkers(const WebsiteDataStore&);
+ const Optional<UserContentControllerIdentifier>& userContentControllerIdentifierForServiceWorkers() const { return m_userContentControllerIDForServiceWorker; }
#endif
#if PLATFORM(COCOA)
@@ -639,6 +640,7 @@
String m_serviceWorkerUserAgent;
Optional<WebPreferencesStore> m_serviceWorkerPreferences;
HashMap<String, bool> m_mayHaveRegisteredServiceWorkers;
+ Optional<UserContentControllerIdentifier> m_userContentControllerIDForServiceWorker;
#endif
Ref<WebPageGroup> m_defaultPageGroup;
Modified: branches/safari-608-branch/Source/WebKit/UIProcess/WebProcessProxy.h (252612 => 252613)
--- branches/safari-608-branch/Source/WebKit/UIProcess/WebProcessProxy.h 2019-11-19 01:12:50 UTC (rev 252612)
+++ branches/safari-608-branch/Source/WebKit/UIProcess/WebProcessProxy.h 2019-11-19 01:12:57 UTC (rev 252613)
@@ -35,6 +35,8 @@
#include "ProcessThrottler.h"
#include "ProcessThrottlerClient.h"
#include "ResponsivenessTimer.h"
+#include "ServiceWorkerInitializationData.h"
+#include "UserContentControllerIdentifier.h"
#include "VisibleWebPageCounter.h"
#include "WebConnectionToWebProcess.h"
#include "WebProcessProxyMessages.h"
@@ -73,6 +75,7 @@
class UserMediaCaptureManagerProxy;
class VisitedLinkStore;
class WebBackForwardListItem;
+class WebCompiledContentRuleListData;
class WebFrameProxy;
class WebPageGroup;
class WebPageProxy;
Modified: branches/safari-608-branch/Source/WebKit/WebKit.xcodeproj/project.pbxproj (252612 => 252613)
--- branches/safari-608-branch/Source/WebKit/WebKit.xcodeproj/project.pbxproj 2019-11-19 01:12:50 UTC (rev 252612)
+++ branches/safari-608-branch/Source/WebKit/WebKit.xcodeproj/project.pbxproj 2019-11-19 01:12:57 UTC (rev 252613)
@@ -3630,6 +3630,8 @@
5C7C88DC1D0F41A0009D2F6D /* WebSocketProvider.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = WebSocketProvider.h; path = Network/WebSocketProvider.h; sourceTree = "<group>"; };
5C7FB46E21E97C0B009E3241 /* WebCookieJar.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = WebCookieJar.cpp; sourceTree = "<group>"; };
5C7FB46F21E97C0C009E3241 /* WebCookieJar.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = WebCookieJar.h; sourceTree = "<group>"; };
+ 5C80B3DB23690D8D0086E6DE /* ServiceWorkerInitializationData.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = ServiceWorkerInitializationData.h; sourceTree = "<group>"; };
+ 5C80B3DD23690F100086E6DE /* ServiceWorkerInitializationData.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = ServiceWorkerInitializationData.cpp; sourceTree = "<group>"; };
5C84CF901F96AC4E00B6705A /* NetworkSessionCreationParameters.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = NetworkSessionCreationParameters.h; sourceTree = "<group>"; };
5C85C7861C3F23C50061A4FA /* PendingDownload.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = PendingDownload.cpp; sourceTree = "<group>"; };
5C89DF5621AF61FF004645E8 /* NetworkSessionCreationParameters.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = NetworkSessionCreationParameters.cpp; sourceTree = "<group>"; };
@@ -5281,6 +5283,8 @@
BC2D021612AC41CB00E732A3 /* SameDocumentNavigationType.h */,
1AAB4A8C1296F0A20023952F /* SandboxExtension.h */,
E1E552C316AE065E004ED653 /* SandboxInitializationParameters.h */,
+ 5C80B3DD23690F100086E6DE /* ServiceWorkerInitializationData.cpp */,
+ 5C80B3DB23690D8D0086E6DE /* ServiceWorkerInitializationData.h */,
1AFDE6571954A42B00C48FFA /* SessionState.cpp */,
1AFDE6581954A42B00C48FFA /* SessionState.h */,
1A6420E212DCE2FF00CAAE2C /* ShareableBitmap.cpp */,
Modified: branches/safari-608-branch/Source/WebKit/WebProcess/Storage/WebSWContextManagerConnection.cpp (252612 => 252613)
--- branches/safari-608-branch/Source/WebKit/WebProcess/Storage/WebSWContextManagerConnection.cpp 2019-11-19 01:12:50 UTC (rev 252612)
+++ branches/safari-608-branch/Source/WebKit/WebProcess/Storage/WebSWContextManagerConnection.cpp 2019-11-19 01:12:57 UTC (rev 252613)
@@ -33,7 +33,9 @@
#include "Logging.h"
#include "NetworkProcessMessages.h"
#include "ServiceWorkerFetchTaskMessages.h"
+#include "ServiceWorkerInitializationData.h"
#include "WebCacheStorageProvider.h"
+#include "WebCompiledContentRuleListData.h"
#include "WebCoreArgumentCoders.h"
#include "WebDatabaseProvider.h"
#include "WebDocumentLoader.h"
@@ -44,6 +46,7 @@
#include "WebSWServerToContextConnectionMessages.h"
#include "WebServiceWorkerFetchTaskClient.h"
#include "WebSocketProvider.h"
+#include "WebUserContentController.h"
#include <WebCore/EditorClient.h>
#include <WebCore/EmptyClients.h>
#include <WebCore/EmptyFrameLoaderClient.h>
@@ -106,7 +109,7 @@
String m_userAgent;
};
-WebSWContextManagerConnection::WebSWContextManagerConnection(Ref<IPC::Connection>&& connection, uint64_t pageGroupID, PageIdentifier pageID, const WebPreferencesStore& store)
+WebSWContextManagerConnection::WebSWContextManagerConnection(Ref<IPC::Connection>&& connection, uint64_t pageGroupID, PageIdentifier pageID, const WebPreferencesStore& store, ServiceWorkerInitializationData&& initializationData)
: m_connectionToNetworkProcess(WTFMove(connection))
, m_pageGroupID(pageGroupID)
, m_pageID(pageID)
@@ -116,6 +119,13 @@
, m_userAgent(standardUserAgent())
#endif
{
+ if (initializationData.userContentControllerIdentifier) {
+ m_userContentController = WebUserContentController::getOrCreate(*initializationData.userContentControllerIdentifier);
+#if ENABLE(CONTENT_EXTENSIONS)
+ m_userContentController->addContentRuleLists(WTFMove(initializationData.contentRuleLists));
+#endif
+ }
+
updatePreferencesStore(store);
}
@@ -146,6 +156,7 @@
pageConfiguration.databaseProvider = WebDatabaseProvider::getOrCreate(m_pageGroupID);
#endif
pageConfiguration.socketProvider = WebSocketProvider::create();
+ pageConfiguration.userContentProvider = m_userContentController;
auto effectiveUserAgent = WTFMove(userAgent);
if (effectiveUserAgent.isNull())
Modified: branches/safari-608-branch/Source/WebKit/WebProcess/Storage/WebSWContextManagerConnection.h (252612 => 252613)
--- branches/safari-608-branch/Source/WebKit/WebProcess/Storage/WebSWContextManagerConnection.h 2019-11-19 01:12:50 UTC (rev 252612)
+++ branches/safari-608-branch/Source/WebKit/WebProcess/Storage/WebSWContextManagerConnection.h 2019-11-19 01:12:57 UTC (rev 252613)
@@ -47,11 +47,13 @@
namespace WebKit {
class ServiceWorkerFrameLoaderClient;
+struct ServiceWorkerInitializationData;
struct WebPreferencesStore;
+class WebUserContentController;
class WebSWContextManagerConnection final : public WebCore::SWContextManager::Connection, public IPC::MessageReceiver {
public:
- WebSWContextManagerConnection(Ref<IPC::Connection>&&, uint64_t pageGroupID, WebCore::PageIdentifier, const WebPreferencesStore&);
+ WebSWContextManagerConnection(Ref<IPC::Connection>&&, uint64_t pageGroupID, WebCore::PageIdentifier, const WebPreferencesStore&, ServiceWorkerInitializationData&&);
~WebSWContextManagerConnection();
void didReceiveMessage(IPC::Connection&, IPC::Decoder&) final;
@@ -109,6 +111,7 @@
uint64_t m_previousRequestIdentifier { 0 };
String m_userAgent;
bool m_isThrottleable { true };
+ RefPtr<WebUserContentController> m_userContentController;
};
} // namespace WebKit
Modified: branches/safari-608-branch/Source/WebKit/WebProcess/WebProcess.cpp (252612 => 252613)
--- branches/safari-608-branch/Source/WebKit/WebProcess/WebProcess.cpp 2019-11-19 01:12:50 UTC (rev 252612)
+++ branches/safari-608-branch/Source/WebKit/WebProcess/WebProcess.cpp 2019-11-19 01:12:57 UTC (rev 252613)
@@ -1887,13 +1887,13 @@
}
#if ENABLE(SERVICE_WORKER)
-void WebProcess::establishWorkerContextConnectionToNetworkProcess(uint64_t pageGroupID, PageIdentifier pageID, const WebPreferencesStore& store, PAL::SessionID initialSessionID)
+void WebProcess::establishWorkerContextConnectionToNetworkProcess(uint64_t pageGroupID, PageIdentifier pageID, const WebPreferencesStore& store, PAL::SessionID initialSessionID, ServiceWorkerInitializationData&& initializationData)
{
// We are in the Service Worker context process and the call below establishes our connection to the Network Process
// by calling ensureNetworkProcessConnection. SWContextManager needs to use the same underlying IPC::Connection as the
// NetworkProcessConnection for synchronization purposes.
auto& ipcConnection = ensureNetworkProcessConnection().connection();
- SWContextManager::singleton().setConnection(std::make_unique<WebSWContextManagerConnection>(ipcConnection, pageGroupID, pageID, store));
+ SWContextManager::singleton().setConnection(std::make_unique<WebSWContextManagerConnection>(ipcConnection, pageGroupID, pageID, store, WTFMove(initializationData)));
}
void WebProcess::registerServiceWorkerClients()
Modified: branches/safari-608-branch/Source/WebKit/WebProcess/WebProcess.h (252612 => 252613)
--- branches/safari-608-branch/Source/WebKit/WebProcess/WebProcess.h 2019-11-19 01:12:50 UTC (rev 252612)
+++ branches/safari-608-branch/Source/WebKit/WebProcess/WebProcess.h 2019-11-19 01:12:57 UTC (rev 252613)
@@ -34,6 +34,7 @@
#include "ResourceCachesToClear.h"
#include "SandboxExtension.h"
#include "TextCheckerState.h"
+#include "UserContentControllerIdentifier.h"
#include "ViewUpdateDispatcher.h"
#include "WebInspectorInterruptDispatcher.h"
#include "WebProcessCreationParameters.h"
@@ -104,11 +105,13 @@
class LibWebRTCNetwork;
class NetworkProcessConnection;
class ObjCObjectGraph;
+struct ServiceWorkerInitializationData;
class StorageAreaMap;
class UserData;
class WaylandCompositorDisplay;
class WebAutomationSessionProxy;
class WebCacheStorageProvider;
+class WebCompiledContentRuleListData;
class WebConnectionToUIProcess;
class WebFrame;
class WebLoaderStrategy;
@@ -367,7 +370,7 @@
#endif
#if ENABLE(SERVICE_WORKER)
- void establishWorkerContextConnectionToNetworkProcess(uint64_t pageGroupID, WebCore::PageIdentifier, const WebPreferencesStore&, PAL::SessionID);
+ void establishWorkerContextConnectionToNetworkProcess(uint64_t pageGroupID, WebCore::PageIdentifier, const WebPreferencesStore&, PAL::SessionID, ServiceWorkerInitializationData&&);
void registerServiceWorkerClients();
#endif
Modified: branches/safari-608-branch/Source/WebKit/WebProcess/WebProcess.messages.in (252612 => 252613)
--- branches/safari-608-branch/Source/WebKit/WebProcess/WebProcess.messages.in 2019-11-19 01:12:50 UTC (rev 252612)
+++ branches/safari-608-branch/Source/WebKit/WebProcess/WebProcess.messages.in 2019-11-19 01:12:57 UTC (rev 252613)
@@ -111,7 +111,7 @@
#endif
#if ENABLE(SERVICE_WORKER)
- EstablishWorkerContextConnectionToNetworkProcess(uint64_t pageGroupID, WebCore::PageIdentifier pageID, struct WebKit::WebPreferencesStore store, PAL::SessionID initialSessionID)
+ EstablishWorkerContextConnectionToNetworkProcess(uint64_t pageGroupID, WebCore::PageIdentifier pageID, struct WebKit::WebPreferencesStore store, PAL::SessionID initialSessionID, struct WebKit::ServiceWorkerInitializationData initializationData)
RegisterServiceWorkerClients()
#endif
Modified: branches/safari-608-branch/Tools/ChangeLog (252612 => 252613)
--- branches/safari-608-branch/Tools/ChangeLog 2019-11-19 01:12:50 UTC (rev 252612)
+++ branches/safari-608-branch/Tools/ChangeLog 2019-11-19 01:12:57 UTC (rev 252613)
@@ -1,5 +1,26 @@
2019-11-18 Alan Coon <[email protected]>
+ Apply patch. rdar://problem/57283569
+
+ 2019-11-18 Alex Christensen <[email protected]>
+
+ WKContentRuleLists should block requests from service workers
+ https://bugs.webkit.org/show_bug.cgi?id=201980
+ <rdar://problem/55516735>
+
+ Reviewed by Chris Dumez.
+
+ NSString initWithContentsOfURL doesn't work with https URLs with certificates without a trusted root,
+ so I use an ephemeral NSURLSession instead so I can tell it to accept any connection, even our WebKit httpd server.
+ I also added an API test.
+
+ * TestWebKitAPI/Tests/WebKitCocoa/ServiceWorkerBasic.mm:
+ * WebKitTestRunner/mac/TestControllerMac.mm:
+ (-[WKTRSessionDelegate URLSession:task:didReceiveChallenge:completionHandler:]):
+ (WTR::TestController::configureContentExtensionForTest):
+
+2019-11-18 Alan Coon <[email protected]>
+
Apply patch. rdar://problem/57257755
2019-11-18 John Wilander <[email protected]>
Modified: branches/safari-608-branch/Tools/TestWebKitAPI/Tests/WebKitCocoa/ServiceWorkerBasic.mm (252612 => 252613)
--- branches/safari-608-branch/Tools/TestWebKitAPI/Tests/WebKitCocoa/ServiceWorkerBasic.mm 2019-11-19 01:12:50 UTC (rev 252612)
+++ branches/safari-608-branch/Tools/TestWebKitAPI/Tests/WebKitCocoa/ServiceWorkerBasic.mm 2019-11-19 01:12:57 UTC (rev 252613)
@@ -26,6 +26,7 @@
#import "config.h"
#import "PlatformUtilities.h"
+#import "TCPServer.h"
#import "Test.h"
#import "TestNavigationDelegate.h"
#import "TestWKWebView.h"
@@ -1904,3 +1905,76 @@
EXPECT_TRUE([[NSFileManager defaultManager] fileExistsAtPath:swDBPath.path]);
}
+
+static const char* contentRuleListWorkerScript =
+"self.addEventListener('message', (event) => {"
+" fetch('blockedsubresource').then(() => {"
+" event.source.postMessage('FAIL - should have blocked first request');"
+" }).catch(() => {"
+" fetch('allowedsubresource').then(() => {"
+" event.source.postMessage('PASS - blocked first request, allowed second');"
+" }).catch(() => {"
+" event.source.postMessage('FAIL - should have allowed second request');"
+" });"
+" });"
+"});";
+
+TEST(ServiceWorkers, ContentRuleList)
+{
+ [WKWebsiteDataStore _allowWebsiteDataRecordsForAllOrigins];
+
+ __block bool doneCompiling = false;
+ __block RetainPtr<WKContentRuleList> contentRuleList;
+ [[WKContentRuleListStore defaultStore] compileContentRuleListForIdentifier:@"ServiceWorkerRuleList" encodedContentRuleList:@"[{\"action\":{\"type\":\"block\"},\"trigger\":{\"url-filter\":\"blockedsubresource\"}}]" completionHandler:^(WKContentRuleList *list, NSError *error) {
+ EXPECT_NOT_NULL(list);
+ EXPECT_NULL(error);
+ contentRuleList = list;
+ doneCompiling = true;
+ }];
+ TestWebKitAPI::Util::run(&doneCompiling);
+
+ // Start with a clean slate data store
+ [[WKWebsiteDataStore defaultDataStore] removeDataOfTypes:[WKWebsiteDataStore allWebsiteDataTypes] modifiedSince:[NSDate distantPast] completionHandler:^() {
+ done = true;
+ }];
+ TestWebKitAPI::Util::run(&done);
+ done = false;
+
+ auto configuration = adoptNS([[WKWebViewConfiguration alloc] init]);
+
+ auto messageHandler = adoptNS([[SWMessageHandlerWithExpectedMessage alloc] init]);
+ [[configuration userContentController] addScriptMessageHandler:messageHandler.get() name:@"sw"];
+ [[configuration userContentController] addContentRuleList:contentRuleList.get()];
+
+ using namespace TestWebKitAPI;
+ TCPServer server([] (int socket) {
+ auto respond = [socket] (const char* body, const char* mimeType) {
+ NSString *format = @"HTTP/1.1 200 OK\r\n"
+ "Content-Type: %s\r\n"
+ "Content-Length: %d\r\n\r\n"
+ "%s";
+ NSString *response = [NSString stringWithFormat:format, mimeType, strlen(body), body];
+ TCPServer::write(socket, response.UTF8String, response.length);
+ };
+ TCPServer::read(socket);
+ respond(mainBytes, "text/html");
+ TCPServer::read(socket);
+ respond(contentRuleListWorkerScript, "application/_javascript_");
+ auto lastRequest = TCPServer::read(socket);
+ EXPECT_TRUE(strstr((const char*)lastRequest.data(), "allowedsubresource"));
+ respond("successful fetch", "application/octet-stream");
+ });
+
+ expectedMessage = @"Message from worker: PASS - blocked first request, allowed second";
+
+ auto webView = adoptNS([[WKWebView alloc] initWithFrame:NSMakeRect(0, 0, 800, 600) configuration:configuration.get()]);
+ [webView loadRequest:[NSURLRequest requestWithURL:[NSURL URLWithString:[NSString stringWithFormat:@"http://127.0.0.1:%d/", server.port()]]]];
+ TestWebKitAPI::Util::run(&done);
+
+ __block bool doneRemoving = false;
+ [[WKContentRuleListStore defaultStore] removeContentRuleListForIdentifier:@"ServiceWorkerRuleList" completionHandler:^(NSError *error) {
+ EXPECT_NULL(error);
+ doneRemoving = true;
+ }];
+ TestWebKitAPI::Util::run(&doneRemoving);
+}
Modified: branches/safari-608-branch/Tools/WebKitTestRunner/mac/TestControllerMac.mm (252612 => 252613)
--- branches/safari-608-branch/Tools/WebKitTestRunner/mac/TestControllerMac.mm 2019-11-19 01:12:50 UTC (rev 252612)
+++ branches/safari-608-branch/Tools/WebKitTestRunner/mac/TestControllerMac.mm 2019-11-19 01:12:57 UTC (rev 252613)
@@ -51,6 +51,15 @@
+ (void)_setAlertType:(NSUInteger)alertType;
@end
+@interface WKTRSessionDelegate : NSObject <NSURLSessionDataDelegate>
+@end
+@implementation WKTRSessionDelegate
+- (void)URLSession:(NSURLSession *)session task:(NSURLSessionTask *)task didReceiveChallenge:(NSURLAuthenticationChallenge *)challenge completionHandler:(void (^)(NSURLSessionAuthChallengeDisposition disposition, NSURLCredential *credential))completionHandler
+{
+ completionHandler(NSURLSessionAuthChallengeUseCredential, [NSURLCredential credentialForTrust:challenge.protectionSpace.serverTrust]);
+}
+@end
+
namespace WTR {
void TestController::notifyDone()
@@ -126,11 +135,20 @@
RetainPtr<CFURLRef> testURL = adoptCF(WKURLCopyCFURL(kCFAllocatorDefault, test.url()));
NSURL *filterURL = [(__bridge NSURL *)testURL.get() URLByAppendingPathExtension:@"json"];
- NSStringEncoding encoding;
- NSString *contentExtensionString = [[NSString alloc] initWithContentsOfURL:filterURL usedEncoding:&encoding error:NULL];
- if (!contentExtensionString)
- return;
-
+ __block NSString *contentExtensionString;
+ __block bool doneFetchingContentExtension = false;
+ auto delegate = adoptNS([WKTRSessionDelegate new]);
+ NSURLSession *session = [NSURLSession sessionWithConfiguration:[NSURLSessionConfiguration ephemeralSessionConfiguration] delegate:delegate.get() delegateQueue:[NSOperationQueue mainQueue]];
+ NSURLSessionDataTask *task = [session dataTaskWithRequest:[NSURLRequest requestWithURL:filterURL] completionHandler:^(NSData * data, NSURLResponse *response, NSError *error) {
+ ASSERT(data);
+ ASSERT(response);
+ ASSERT(!error);
+ contentExtensionString = [[NSString alloc] initWithData:data encoding:NSUTF8StringEncoding];
+ doneFetchingContentExtension = true;
+ }];
+ [task resume];
+ platformRunUntil(doneFetchingContentExtension, noTimeout);
+
__block bool doneCompiling = false;
NSURL *tempDir;
