Modified: branches/safari-610.1.7-branch/Source/WebKit/ChangeLog (259224 => 259225)
--- branches/safari-610.1.7-branch/Source/WebKit/ChangeLog 2020-03-30 20:56:44 UTC (rev 259224)
+++ branches/safari-610.1.7-branch/Source/WebKit/ChangeLog 2020-03-30 20:56:46 UTC (rev 259225)
@@ -1,64 +1,5 @@
-b'2020-03-30 Alan Coon <[email protected]>\n\n Cherry-pick r258456. rdar://problem/59931477\n\n Clean up sandbox violations found during testing\n https://bugs.webkit.org/show_bug.cgi?id=209096\n <rdar://problem/59931477>\n \n Reviewed by Geoffrey Garen.\n \n Remove telemetry from some items, and allow access to some IOKit properties\n needed for media playback on macOS and iOS.\n \n * Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb:\n * WebProcess/com.apple.WebProcess.sb.in:\n \n \n git-svn-id: https://svn.webkit.org/repository/webkit/trunk@258456 268f45cc-cd09-0410-ab3c-d52691b4dbfc\n\n 2020-03-13 Brent Fulgham <[email protected]>\n\n Clean up sandbox violations found during testing\n https://bugs.webkit.org/show_bug.cgi?id=209096\n <rdar://problem/59931477>\n\n Reviewed by Geoffrey Garen.\n\n Remove telemetry from some i
tems, and allow access to some IOKit properties\n needed for media playback on macOS and iOS.\n\n * Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb:\n * WebProcess/com.apple.WebProcess.sb.in:\n\n b"2020-03-24 Alan Coon <[email protected]>\\n\\n Cherry-pick r258476. rdar://problem/60839077\\n\\n Add missing checks needed for AppBound Quirk\\n https://bugs.webkit.org/show_bug.cgi?id=209117\\n <rdar://problem/60460097>\\n \\n Reviewed by John Wilander.\\n \\n The checks for the \'NeedsInAppBrowserPrivacyQuirks\' flag added in r258101 was incomplete.\\n Source/WebCore:\\n \\n Two additional call sites need to check the state of the flag.\\n \\n * bindings/js/ScriptController.cpp:\\n (WebCore::ScriptController::executeScriptInWorld): Add missing check for the quirk.\\n * loader/FrameLoaderClient.h: Add new API for the \'NeedsInAppBrowserPrivacyQuirks\'\\n debug flag.\\
n * page/Frame.cpp:\\n (WebCore::Frame::injectUserScriptImmediately): Ditto.\\n \\n Source/WebKit:\\n \\n These changes let the WebFrameLoaderClient report the quirk state to WebCore code.\\n \\n * WebProcess/WebCoreSupport/WebFrameLoaderClient.cpp:\\n (WebKit::WebFrameLoaderClient::needsInAppBrowserPrivacyQuirks): Added.\\n * WebProcess/WebCoreSupport/WebFrameLoaderClient.h:\\n * WebProcess/WebPage/WebPage.h:\\n (WebKit::WebPage::needsInAppBrowserPrivacyQuirks const): Added.\\n \\n \\n git-svn-id: https://svn.webkit.org/repository/webkit/trunk@258476 268f45cc-cd09-0410-ab3c-d52691b4dbfc\\n\\n 2020-03-14 Brent Fulgham <[email protected]>\\n\\n Add missing checks needed for AppBound Quirk\\n https://bugs.webkit.org/show_bug.cgi?id=209117\\n <rdar://problem/60460097>\\n\\n Reviewed by John Wilander.\\n\\n The checks for the \'NeedsInAppBrowserPrivacyQuirks\' flag added
in r258101 was incomplete.\\n These changes let the WebFrameLoaderClient report the quirk state to WebCore code.\\n\\n * WebProcess/WebCoreSupport/WebFrameLoaderClient.cpp:\\n (WebKit::WebFrameLoaderClient::needsInAppBrowserPrivacyQuirks): Added.\\n * WebProcess/WebCoreSupport/WebFrameLoaderClient.h:\\n * WebProcess/WebPage/WebPage.h:\\n (WebKit::WebPage::needsInAppBrowserPrivacyQuirks const): Added.\\n\\n"2020-03-17 Alan Coon <[email protected]>\n\n Cherry-pick r258515. rdar://problem/60551856\n\n [Cocoa] Crash under -[WKPreferenceObserver init]\n https://bugs.webkit.org/show_bug.cgi?id=209145\n\n Reviewed by Darin Adler.\n\n Handle the case when calling [NSUserDefaults initWithSuiteName:] did not succeed.\n\n No new tests, since I have not been able to reproduce.\n\n * UIProcess/Cocoa/PreferenceObserver.mm:\n (-[WKPreferenceObserver init]):\n
\n\n\n git-svn-id: https://svn.webkit.org/repository/webkit/trunk@258515 268f45cc-cd09-0410-ab3c-d52691b4dbfc\n\n 2020-03-16 Per Arne Vollan <[email protected]>\n\n [Cocoa] Crash under -[WKPreferenceObserver init]\n https://bugs.webkit.org/show_bug.cgi?id=209145\n\n Reviewed by Darin Adler.\n\n Handle the case when calling [NSUserDefaults initWithSuiteName:] did not succeed.\n\n No new tests, since I have not been able to reproduce.\n\n * UIProcess/Cocoa/PreferenceObserver.mm:\n (-[WKPreferenceObserver init]):\n\n'2020-03-17 Alan Coon <[email protected]>
+b'2020-03-30 Alan Coon <[email protected]>\n\n Cherry-pick r258521. rdar://problem/60453086\n\n Crash under WebCookieCache::clearForHost()\n https://bugs.webkit.org/show_bug.cgi?id=209149\n <rdar://problem/60453086>\n \n Reviewed by Alex Christensen.\n \n Source/WebKit:\n \n Make sure WebCookieCache::pruneCacheIfNecessary() keeps alive the host String it is passing\n to WebCookieCache::clearForHost(). Previously, it was merely deferencing a HashSet iterator\n and passing that to clearForHost(). However, clearForHost() would then drop the String from\n the HashSet and the host would no longer be valid.\n \n Change covered by new API test.\n \n * WebProcess/WebPage/WebCookieCache.cpp:\n (WebKit::WebCookieCache::pruneCacheIfNecessary):\n \n Tools:\n \n Add API test coverage.\n \n * TestWebKitAPI/Tests/WebKitCocoa/CookiePrivateBrowsing.mm:\n (TEST):\n \n \n git-svn-id: https
://svn.webkit.org/repository/webkit/trunk@258521 268f45cc-cd09-0410-ab3c-d52691b4dbfc\n\n 2020-03-16 Chris Dumez <[email protected]>\n\n Crash under WebCookieCache::clearForHost()\n https://bugs.webkit.org/show_bug.cgi?id=209149\n <rdar://problem/60453086>\n\n Reviewed by Alex Christensen.\n\n Make sure WebCookieCache::pruneCacheIfNecessary() keeps alive the host String it is passing\n to WebCookieCache::clearForHost(). Previously, it was merely deferencing a HashSet iterator\n and passing that to clearForHost(). However, clearForHost() would then drop the String from\n the HashSet and the host would no longer be valid.\n\n Change covered by new API test.\n\n * WebProcess/WebPage/WebCookieCache.cpp:\n (WebKit::WebCookieCache::pruneCacheIfNecessary):\n\n b\'2020-03-30 Alan Coon <[email protected]>\\n\\n Cherry-pick r258456. rdar:/
/problem/59931477\\n\\n Clean up sandbox violations found during testing\\n https://bugs.webkit.org/show_bug.cgi?id=209096\\n <rdar://problem/59931477>\\n \\n Reviewed by Geoffrey Garen.\\n \\n Remove telemetry from some items, and allow access to some IOKit properties\\n needed for media playback on macOS and iOS.\\n \\n * Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb:\\n * WebProcess/com.apple.WebProcess.sb.in:\\n \\n \\n git-svn-id: https://svn.webkit.org/repository/webkit/trunk@258456 268f45cc-cd09-0410-ab3c-d52691b4dbfc\\n\\n 2020-03-13 Brent Fulgham <[email protected]>\\n\\n Clean up sandbox violations found during testing\\n https://bugs.webkit.org/show_bug.cgi?id=209096\\n <rdar://problem/59931477>\\n\\n Reviewed by Geoffrey Garen.\\n\\n Remove telemetry from some items, and allow access to some IOKit properties\\n needed for medi
a playback on macOS and iOS.\\n\\n * Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb:\\n * WebProcess/com.apple.WebProcess.sb.in:\\n\\n b"2020-03-24 Alan Coon <[email protected]>\\\\n\\\\n Cherry-pick r258476. rdar://problem/60839077\\\\n\\\\n Add missing checks needed for AppBound Quirk\\\\n https://bugs.webkit.org/show_bug.cgi?id=209117\\\\n <rdar://problem/60460097>\\\\n \\\\n Reviewed by John Wilander.\\\\n \\\\n The checks for the \\\'NeedsInAppBrowserPrivacyQuirks\\\' flag added in r258101 was incomplete.\\\\n Source/WebCore:\\\\n \\\\n Two additional call sites need to check the state of the flag.\\\\n \\\\n * bindings/js/ScriptController.cpp:\\\\n (WebCore::ScriptController::executeScriptInWorld): Add missing check for the quirk.\\\\n * loader/FrameLoaderClient.h: Add new API for the \\\'NeedsInAppBrowserPrivacyQuirks\\\'\\\\n debug flag.\\\\n * page/Frame.cpp:\\\
\n (WebCore::Frame::injectUserScriptImmediately): Ditto.\\\\n \\\\n Source/WebKit:\\\\n \\\\n These changes let the WebFrameLoaderClient report the quirk state to WebCore code.\\\\n \\\\n * WebProcess/WebCoreSupport/WebFrameLoaderClient.cpp:\\\\n (WebKit::WebFrameLoaderClient::needsInAppBrowserPrivacyQuirks): Added.\\\\n * WebProcess/WebCoreSupport/WebFrameLoaderClient.h:\\\\n * WebProcess/WebPage/WebPage.h:\\\\n (WebKit::WebPage::needsInAppBrowserPrivacyQuirks const): Added.\\\\n \\\\n \\\\n git-svn-id: https://svn.webkit.org/repository/webkit/trunk@258476 268f45cc-cd09-0410-ab3c-d52691b4dbfc\\\\n\\\\n 2020-03-14 Brent Fulgham <[email protected]>\\\\n\\\\n Add missing checks needed for AppBound Quirk\\\\n https://bugs.webkit.org/show_bug.cgi?id=209117\\\\n <rdar://problem/60460097>\\\\n\\\\n Reviewed by John Wilander.\\\\n\\\\n The checks for the \\\'NeedsInAppBrowserP
rivacyQuirks\\\' flag added in r258101 was incomplete.\\\\n These changes let the WebFrameLoaderClient report the quirk state to WebCore code.\\\\n\\\\n * WebProcess/WebCoreSupport/WebFrameLoaderClient.cpp:\\\\n (WebKit::WebFrameLoaderClient::needsInAppBrowserPrivacyQuirks): Added.\\\\n * WebProcess/WebCoreSupport/WebFrameLoaderClient.h:\\\\n * WebProcess/WebPage/WebPage.h:\\\\n (WebKit::WebPage::needsInAppBrowserPrivacyQuirks const): Added.\\\\n\\\\n"2020-03-17 Alan Coon <[email protected]>\\n\\n Cherry-pick r258515. rdar://problem/60551856\\n\\n [Cocoa] Crash under -[WKPreferenceObserver init]\\n https://bugs.webkit.org/show_bug.cgi?id=209145\\n\\n Reviewed by Darin Adler.\\n\\n Handle the case when calling [NSUserDefaults initWithSuiteName:] did not succeed.\\n\\n No new tests, since I have not been able to reproduce.\\n\\n * UIProcess/Cocoa/Prefere
nceObserver.mm:\\n (-[WKPreferenceObserver init]):\\n\\n\\n\\n git-svn-id: https://svn.webkit.org/repository/webkit/trunk@258515 268f45cc-cd09-0410-ab3c-d52691b4dbfc\\n\\n 2020-03-16 Per Arne Vollan <[email protected]>\\n\\n [Cocoa] Crash under -[WKPreferenceObserver init]\\n https://bugs.webkit.org/show_bug.cgi?id=209145\\n\\n Reviewed by Darin Adler.\\n\\n Handle the case when calling [NSUserDefaults initWithSuiteName:] did not succeed.\\n\\n No new tests, since I have not been able to reproduce.\\n\\n * UIProcess/Cocoa/PreferenceObserver.mm:\\n (-[WKPreferenceObserver init]):\\n\\n\'2020-03-17 Alan Coon <[email protected]>\n\n Cherry-pick r258518. rdar://problem/60517387\n\n [macOS] Accessibility sandbox regressions\n https://bugs.webkit.org/show_bug.cgi?id=209065\n Source/WebCore/PAL:\n\n\n Reviewed
by Brent Fulgham.\n\n Add Accessibility notification name.\n\n * pal/spi/cocoa/NSAccessibilitySPI.h:\n\n Source/WebKit:\n\n <rdar://problem/60202450>\n\n Reviewed by Brent Fulgham.\n\n When Accessibility is enabled, the WebContent process needs access to the preference service, since Accessibility\n is relying on some advanced features of the service. Also, when CF prefs direct mode is enabled, the WebContent\n sandbox needs to explicitly allow reading of the various plist files.\n\n * UIProcess/Cocoa/WebProcessPoolCocoa.mm:\n (WebKit::WebProcessPool::registerNotificationObservers):\n * WebProcess/com.apple.WebProcess.sb.in:\n\n Tools:\n\n\n Reviewed by Brent Fulgham.\n\n * TestWebKitAPI/Tests/WebKit/EnableAccessibility.mm:\n (TEST):\n * TestWebKitAPI/Tests/WebKit/GrantAccessToPreferencesService.mm:\n (TEST):\n\n\n\n git-svn-id: https://svn.webkit.org/r
epository/webkit/trunk@258518 268f45cc-cd09-0410-ab3c-d52691b4dbfc\n\n 2020-03-16 Per Arne Vollan <[email protected]>\n\n [macOS] Accessibility sandbox regressions\n https://bugs.webkit.org/show_bug.cgi?id=209065\n <rdar://problem/60202450>\n\n Reviewed by Brent Fulgham.\n\n When Accessibility is enabled, the WebContent process needs access to the preference service, since Accessibility\n is relying on some advanced features of the service. Also, when CF prefs direct mode is enabled, the WebContent\n sandbox needs to explicitly allow reading of the various plist files.\n\n * UIProcess/Cocoa/WebProcessPoolCocoa.mm:\n (WebKit::WebProcessPool::registerNotificationObservers):\n * WebProcess/com.apple.WebProcess.sb.in:\n\n'2020-03-17 Alan Coon <[email protected]>
- Cherry-pick r258518. rdar://problem/60517387
-
- [macOS] Accessibility sandbox regressions
- https://bugs.webkit.org/show_bug.cgi?id=209065
- Source/WebCore/PAL:
-
-
- Reviewed by Brent Fulgham.
-
- Add Accessibility notification name.
-
- * pal/spi/cocoa/NSAccessibilitySPI.h:
-
- Source/WebKit:
-
- <rdar://problem/60202450>
-
- Reviewed by Brent Fulgham.
-
- When Accessibility is enabled, the WebContent process needs access to the preference service, since Accessibility
- is relying on some advanced features of the service. Also, when CF prefs direct mode is enabled, the WebContent
- sandbox needs to explicitly allow reading of the various plist files.
-
- * UIProcess/Cocoa/WebProcessPoolCocoa.mm:
- (WebKit::WebProcessPool::registerNotificationObservers):
- * WebProcess/com.apple.WebProcess.sb.in:
-
- Tools:
-
-
- Reviewed by Brent Fulgham.
-
- * TestWebKitAPI/Tests/WebKit/EnableAccessibility.mm:
- (TEST):
- * TestWebKitAPI/Tests/WebKit/GrantAccessToPreferencesService.mm:
- (TEST):
-
-
-
- git-svn-id: https://svn.webkit.org/repository/webkit/trunk@258518 268f45cc-cd09-0410-ab3c-d52691b4dbfc
-
- 2020-03-16 Per Arne Vollan <[email protected]>
-
- [macOS] Accessibility sandbox regressions
- https://bugs.webkit.org/show_bug.cgi?id=209065
- <rdar://problem/60202450>
-
- Reviewed by Brent Fulgham.
-
- When Accessibility is enabled, the WebContent process needs access to the preference service, since Accessibility
- is relying on some advanced features of the service. Also, when CF prefs direct mode is enabled, the WebContent
- sandbox needs to explicitly allow reading of the various plist files.
-
- * UIProcess/Cocoa/WebProcessPoolCocoa.mm:
- (WebKit::WebProcessPool::registerNotificationObservers):
- * WebProcess/com.apple.WebProcess.sb.in:
-
-2020-03-17 Alan Coon <[email protected]>
-
Cherry-pick r258359. rdar://problem/60517387
[macOS] _AXSApplicationAccessibilityEnabled should not be called
Modified: branches/safari-610.1.7-branch/Source/WebKit/WebProcess/WebPage/WebCookieCache.cpp (259224 => 259225)
--- branches/safari-610.1.7-branch/Source/WebKit/WebProcess/WebPage/WebCookieCache.cpp 2020-03-30 20:56:44 UTC (rev 259224)
+++ branches/safari-610.1.7-branch/Source/WebKit/WebProcess/WebPage/WebCookieCache.cpp 2020-03-30 20:56:46 UTC (rev 259225)
@@ -118,8 +118,10 @@
// We may want to raise this limit if we start using the cache for third-party iframes.
static const unsigned maxCachedHosts = 5;
- while (m_hostsWithInMemoryStorage.size() >= maxCachedHosts)
- clearForHost(*m_hostsWithInMemoryStorage.random());
+ while (m_hostsWithInMemoryStorage.size() >= maxCachedHosts) {
+ String hostToRemove = *m_hostsWithInMemoryStorage.random();
+ clearForHost(hostToRemove);
+ }
}
#if !PLATFORM(COCOA)
Modified: branches/safari-610.1.7-branch/Tools/ChangeLog (259224 => 259225)
--- branches/safari-610.1.7-branch/Tools/ChangeLog 2020-03-30 20:56:44 UTC (rev 259224)
+++ branches/safari-610.1.7-branch/Tools/ChangeLog 2020-03-30 20:56:46 UTC (rev 259225)
@@ -1,4 +1,4 @@
-2020-03-17 Alan Coon <[email protected]>
+b'2020-03-30 Alan Coon <[email protected]>\n\n Cherry-pick r258521. rdar://problem/60453086\n\n Crash under WebCookieCache::clearForHost()\n https://bugs.webkit.org/show_bug.cgi?id=209149\n <rdar://problem/60453086>\n \n Reviewed by Alex Christensen.\n \n Source/WebKit:\n \n Make sure WebCookieCache::pruneCacheIfNecessary() keeps alive the host String it is passing\n to WebCookieCache::clearForHost(). Previously, it was merely deferencing a HashSet iterator\n and passing that to clearForHost(). However, clearForHost() would then drop the String from\n the HashSet and the host would no longer be valid.\n \n Change covered by new API test.\n \n * WebProcess/WebPage/WebCookieCache.cpp:\n (WebKit::WebCookieCache::pruneCacheIfNecessary):\n \n Tools:\n \n Add API test coverage.\n \n * TestWebKitAPI/Tests/WebKitCocoa/CookiePrivateBrowsing.mm:\n (TEST):\n \n \n git-svn-id: https
://svn.webkit.org/repository/webkit/trunk@258521 268f45cc-cd09-0410-ab3c-d52691b4dbfc\n\n 2020-03-16 Chris Dumez <[email protected]>\n\n Crash under WebCookieCache::clearForHost()\n https://bugs.webkit.org/show_bug.cgi?id=209149\n <rdar://problem/60453086>\n\n Reviewed by Alex Christensen.\n\n Add API test coverage.\n\n * TestWebKitAPI/Tests/WebKitCocoa/CookiePrivateBrowsing.mm:\n (TEST):\n\n'2020-03-17 Alan Coon <[email protected]>
Cherry-pick r258518. rdar://problem/60517387
Modified: branches/safari-610.1.7-branch/Tools/TestWebKitAPI/Tests/WebKitCocoa/CookiePrivateBrowsing.mm (259224 => 259225)
--- branches/safari-610.1.7-branch/Tools/TestWebKitAPI/Tests/WebKitCocoa/CookiePrivateBrowsing.mm 2020-03-30 20:56:44 UTC (rev 259224)
+++ branches/safari-610.1.7-branch/Tools/TestWebKitAPI/Tests/WebKitCocoa/CookiePrivateBrowsing.mm 2020-03-30 20:56:46 UTC (rev 259225)
@@ -33,6 +33,7 @@
#import <WebKit/WKWebView.h>
#import <WebKit/WKWebViewConfiguration.h>
#import <wtf/RetainPtr.h>
+#import <wtf/text/StringConcatenateNumbers.h>
#import <wtf/text/WTFString.h>
static bool receivedAlert;
@@ -128,3 +129,22 @@
} while (cookieString != "" && timeout < 50);
EXPECT_WK_STREQ("foo=bar", cookieString);
}
+
+TEST(WebKit, CookieCachePruning)
+{
+ auto configuration = adoptNS([[WKWebViewConfiguration alloc] init]);
+ auto view = adoptNS([[WKWebView alloc] initWithFrame:NSMakeRect(0, 0, 800, 600) configuration:configuration.get()]);
+
+ for (unsigned i = 0; i < 100; ++i) {
+ [view synchronouslyLoadHTMLString:@"foo" baseURL:[NSURL URLWithString:makeString("http://foo", i, ".example.com/")]];
+
+ __block bool doneEvaluatingJavaScript = false;
+ [view evaluateJavaScript:@"document.cookie;" completionHandler:^(id _Nullable cookie, NSError * _Nullable error) {
+ EXPECT_NULL(error);
+ EXPECT_TRUE([cookie isKindOfClass:[NSString class]]);
+ EXPECT_WK_STREQ("", (NSString *)cookie);
+ doneEvaluatingJavaScript = true;
+ }];
+ TestWebKitAPI::Util::run(&doneEvaluatingJavaScript);
+ }
+}
