Title: [264961] trunk/Source/WebKit
- Revision
- 264961
- Author
- katherine_che...@apple.com
- Date
- 2020-07-27 17:36:59 -0700 (Mon, 27 Jul 2020)
Log Message
Handle full browser apps that try to use prohibited Info.plist strings
https://bugs.webkit.org/show_bug.cgi?id=214852
<rdar://problem/66023860>
Reviewed by Brent Fulgham.
Full-web browsing applications which also use prohibited Info.plist
strings should be restricted from using certain powerful APIs like
_javascript_ injection. These apps will have the equivalent privileges
of an app that opts into App-Bound Domains with an empty
WKAppBoundDomains key.
No new tests. Writing a test for this would require being able to
change TestWebKitAPI's Info.plist between tests, which we do not
support. I manually tested this by adding a prohibited
string to the TestWebKitAPI Info.plist then verified that restricted APIs,
like JS injection, were blocked.
* UIProcess/WebPageProxy.cpp:
(isFullWebBrowser):
(hasProhibitedUsageStrings):
(WebKit::WebPageProxy::loadData):
(WebKit::WebPageProxy::setIsNavigatingToAppBoundDomainAndCheckIfPermitted):
We do not need to set m_isNavigatingToAppBoundDomain in the case where
a full web browser does not use prohibited strings. In this case, we
want m_isNavigatingToAppBoundDomain to stay as WTF::nullopt so no API
restriction is enabled.
Modified Paths
Diff
Modified: trunk/Source/WebKit/ChangeLog (264960 => 264961)
--- trunk/Source/WebKit/ChangeLog 2020-07-28 00:30:17 UTC (rev 264960)
+++ trunk/Source/WebKit/ChangeLog 2020-07-28 00:36:59 UTC (rev 264961)
@@ -1,3 +1,33 @@
+2020-07-27 Kate Cheney <katherine_che...@apple.com>
+
+ Handle full browser apps that try to use prohibited Info.plist strings
+ https://bugs.webkit.org/show_bug.cgi?id=214852
+ <rdar://problem/66023860>
+
+ Reviewed by Brent Fulgham.
+
+ Full-web browsing applications which also use prohibited Info.plist
+ strings should be restricted from using certain powerful APIs like
+ _javascript_ injection. These apps will have the equivalent privileges
+ of an app that opts into App-Bound Domains with an empty
+ WKAppBoundDomains key.
+
+ No new tests. Writing a test for this would require being able to
+ change TestWebKitAPI's Info.plist between tests, which we do not
+ support. I manually tested this by adding a prohibited
+ string to the TestWebKitAPI Info.plist then verified that restricted APIs,
+ like JS injection, were blocked.
+
+ * UIProcess/WebPageProxy.cpp:
+ (isFullWebBrowser):
+ (hasProhibitedUsageStrings):
+ (WebKit::WebPageProxy::loadData):
+ (WebKit::WebPageProxy::setIsNavigatingToAppBoundDomainAndCheckIfPermitted):
+ We do not need to set m_isNavigatingToAppBoundDomain in the case where
+ a full web browser does not use prohibited strings. In this case, we
+ want m_isNavigatingToAppBoundDomain to stay as WTF::nullopt so no API
+ restriction is enabled.
+
2020-07-27 David Kilzer <ddkil...@apple.com>
WebKit::setCrashReportApplicationSpecificInformation() should also log to WTFLogAlways()
Modified: trunk/Source/WebKit/UIProcess/WebPageProxy.cpp (264960 => 264961)
--- trunk/Source/WebKit/UIProcess/WebPageProxy.cpp 2020-07-28 00:30:17 UTC (rev 264960)
+++ trunk/Source/WebKit/UIProcess/WebPageProxy.cpp 2020-07-28 00:36:59 UTC (rev 264961)
@@ -291,8 +291,11 @@
#if USE(APPLE_INTERNAL_SDK)
#include <WebKitAdditions/WebPageProxyAdditions.h>
#else
-#define WEB_PAGE_PROXY_ADDITIONS_SETISNAVIGATINGTOAPPBOUNDDOMAIN true
+static bool isFullWebBrowser() { return true; }
+#if PLATFORM(IOS_FAMILY)
+static bool hasProhibitedUsageStrings() { return false; }
#endif
+#endif
// This controls what strategy we use for mouse wheel coalescing.
#define MERGE_WHEEL_EVENTS 1
@@ -1393,7 +1396,7 @@
{
RELEASE_LOG_IF_ALLOWED(Loading, "loadData:");
- if (MIMEType == "text/html"_s && !WEB_PAGE_PROXY_ADDITIONS_SETISNAVIGATINGTOAPPBOUNDDOMAIN)
+ if (MIMEType == "text/html"_s && !isFullWebBrowser())
m_limitsNavigationsToAppBoundDomains = true;
if (m_isClosed) {
@@ -3134,8 +3137,11 @@
bool WebPageProxy::setIsNavigatingToAppBoundDomainAndCheckIfPermitted(bool isMainFrame, const URL& requestURL, Optional<NavigatingToAppBoundDomain> isNavigatingToAppBoundDomain)
{
#if PLATFORM(IOS_FAMILY)
- if (WEB_PAGE_PROXY_ADDITIONS_SETISNAVIGATINGTOAPPBOUNDDOMAIN)
+ if (isFullWebBrowser()) {
+ if (hasProhibitedUsageStrings())
+ m_isNavigatingToAppBoundDomain = NavigatingToAppBoundDomain::No;
return true;
+ }
if (!isNavigatingToAppBoundDomain) {
m_isNavigatingToAppBoundDomain = WTF::nullopt;
return true;
_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes