Diff
Modified: trunk/Source/WebKit/ChangeLog (274269 => 274270)
--- trunk/Source/WebKit/ChangeLog 2021-03-11 08:41:24 UTC (rev 274269)
+++ trunk/Source/WebKit/ChangeLog 2021-03-11 09:09:18 UTC (rev 274270)
@@ -1,3 +1,46 @@
+2021-03-11 Michael Catanzaro <[email protected]>
+
+ REGRESSION(r272469): [WPE][GTK] Epiphany UI process crashes when downloading PDFs, WebKitSecurityOrigin should use SecurityOriginData
+ https://bugs.webkit.org/show_bug.cgi?id=222943
+
+ Reviewed by Alex Christensen.
+
+ Since r272469, WebCore::SecurityOrigin no longer accepts custom protocols except those
+ registered with LegacySchemeRegistry. WebPage registers all custom protocols, but
+ WebPageProxy does not, so WebCore::SecurityOrigin now only supports custom protocols in the
+ web process, not the UI process. This causes Epiphany to crash when the protocol of its
+ WebKitSecurityOrigin is unexpectedly NULL.
+
+ Alex wants to reduce usage of WebCore::SecurityOrigin outside the web process, so instead of
+ registering custom protocols with LegacySchemeRegistry in the UI process -- making it harder
+ to eventually get rid of LegacySchemeRegistry -- we will transition WebKitSecurityOrigin
+ from WebCore::SecurityOrigin to WebCore::SecurityOriginData, which is a simple data store
+ for <protocol, host, port>. This is mostly sufficient to implement WebKitSecurityOrigin,
+ except for webkit_security_origin_is_opaque(). I considered multiple ways to handle this,
+ but ultimately decided to just deprecate it. Epiphany is the only client using this function
+ in order to implement a WebKitSecurityOrigin equality operation, and it does so using
+ origins that should never be opaque, so there are no compatibility concerns here.
+
+ * UIProcess/API/glib/WebKitAuthenticationRequest.cpp:
+ (webkit_authentication_request_get_security_origin):
+ * UIProcess/API/glib/WebKitSecurityOrigin.cpp:
+ (_WebKitSecurityOrigin::_WebKitSecurityOrigin):
+ (webkitSecurityOriginCreate):
+ (webkitSecurityOriginGetSecurityOriginData):
+ (webkit_security_origin_new):
+ (webkit_security_origin_new_for_uri):
+ (webkit_security_origin_get_protocol):
+ (webkit_security_origin_get_host):
+ (webkit_security_origin_get_port):
+ (webkit_security_origin_is_opaque):
+ (webkit_security_origin_to_string):
+ (webkitSecurityOriginGetSecurityOrigin): Deleted.
+ * UIProcess/API/glib/WebKitSecurityOriginPrivate.h:
+ * UIProcess/API/glib/WebKitWebContext.cpp:
+ (addOriginToMap):
+ * UIProcess/API/gtk/WebKitSecurityOrigin.h:
+ * UIProcess/API/wpe/WebKitSecurityOrigin.h:
+
2021-03-10 Peng Liu <[email protected]>
[GPU Process] Assertion under RenderLayerCompositor::computeCompositingRequirements()
Modified: trunk/Source/WebKit/UIProcess/API/glib/WebKitAuthenticationRequest.cpp (274269 => 274270)
--- trunk/Source/WebKit/UIProcess/API/glib/WebKitAuthenticationRequest.cpp 2021-03-11 08:41:24 UTC (rev 274269)
+++ trunk/Source/WebKit/UIProcess/API/glib/WebKitAuthenticationRequest.cpp 2021-03-11 09:09:18 UTC (rev 274270)
@@ -365,7 +365,7 @@
protocol = "socks"_s;
break;
}
- return webkitSecurityOriginCreate(SecurityOrigin::create(protocol, protectionSpace.host(), protectionSpace.port()));
+ return webkitSecurityOriginCreate(SecurityOriginData(protocol, protectionSpace.host(), protectionSpace.port()));
}
/**
Modified: trunk/Source/WebKit/UIProcess/API/glib/WebKitSecurityOrigin.cpp (274269 => 274270)
--- trunk/Source/WebKit/UIProcess/API/glib/WebKitSecurityOrigin.cpp 2021-03-11 08:41:24 UTC (rev 274269)
+++ trunk/Source/WebKit/UIProcess/API/glib/WebKitSecurityOrigin.cpp 2021-03-11 09:09:18 UTC (rev 274270)
@@ -30,24 +30,24 @@
* @Title: WebKitSecurityOrigin
*
* #WebKitSecurityOrigin is a representation of a security domain
- * defined by websites. A security origin normally consists of a
- * protocol, a hostname, and a port number. It is also possible for a
- * security origin to be opaque, as defined by the HTML standard, in
- * which case it has no associated protocol, host, or port.
+ * defined by websites. A security origin consists of a protocol, a
+ * hostname, and an optional port number.
*
- * Websites with the same security origin can access each other's
- * resources for client-side scripting or database access.
+ * Resources with the same security origin can generally access each
+ * other for client-side scripting or database access. When comparing
+ * origins, beware that if both protocol and host are %NULL, the origins
+ * should not be treated as equal.
*
* Since: 2.16
*/
struct _WebKitSecurityOrigin {
- _WebKitSecurityOrigin(Ref<WebCore::SecurityOrigin>&& coreSecurityOrigin)
- : securityOrigin(WTFMove(coreSecurityOrigin))
+ explicit _WebKitSecurityOrigin(WebCore::SecurityOriginData&& data)
+ : securityOriginData(WTFMove(data))
{
}
- Ref<WebCore::SecurityOrigin> securityOrigin;
+ WebCore::SecurityOriginData securityOriginData;
CString protocol;
CString host;
int referenceCount { 1 };
@@ -55,17 +55,17 @@
G_DEFINE_BOXED_TYPE(WebKitSecurityOrigin, webkit_security_origin, webkit_security_origin_ref, webkit_security_origin_unref)
-WebKitSecurityOrigin* webkitSecurityOriginCreate(Ref<WebCore::SecurityOrigin>&& coreSecurityOrigin)
+WebKitSecurityOrigin* webkitSecurityOriginCreate(WebCore::SecurityOriginData&& data)
{
WebKitSecurityOrigin* origin = static_cast<WebKitSecurityOrigin*>(fastMalloc(sizeof(WebKitSecurityOrigin)));
- new (origin) WebKitSecurityOrigin(WTFMove(coreSecurityOrigin));
+ new (origin) WebKitSecurityOrigin(WTFMove(data));
return origin;
}
-WebCore::SecurityOrigin& webkitSecurityOriginGetSecurityOrigin(WebKitSecurityOrigin* origin)
+const WebCore::SecurityOriginData& webkitSecurityOriginGetSecurityOriginData(WebKitSecurityOrigin* origin)
{
ASSERT(origin);
- return origin->securityOrigin.get();
+ return origin->securityOriginData;
}
/**
@@ -88,10 +88,10 @@
g_return_val_if_fail(host, nullptr);
Optional<uint16_t> optionalPort;
- if (port)
+ if (port && !WTF::isDefaultPortForProtocol(port, protocol))
optionalPort = port;
- return webkitSecurityOriginCreate(WebCore::SecurityOrigin::create(String::fromUTF8(protocol), String::fromUTF8(host), optionalPort));
+ return webkitSecurityOriginCreate(WebCore::SecurityOriginData(String::fromUTF8(protocol), String::fromUTF8(host), optionalPort));
}
/**
@@ -110,7 +110,7 @@
{
g_return_val_if_fail(uri, nullptr);
- return webkitSecurityOriginCreate(WebCore::SecurityOrigin::create(URL(URL(), String::fromUTF8(uri))));
+ return webkitSecurityOriginCreate(WebCore::SecurityOriginData::fromURL(URL(URL(), String::fromUTF8(uri))));
}
/**
@@ -157,7 +157,7 @@
* webkit_security_origin_get_protocol:
* @origin: a #WebKitSecurityOrigin
*
- * Gets the protocol of @origin, or %NULL if @origin is opaque.
+ * Gets the protocol of @origin.
*
* Returns: (allow-none): The protocol of the #WebKitSecurityOrigin
*
@@ -167,11 +167,11 @@
{
g_return_val_if_fail(origin, nullptr);
- if (origin->securityOrigin->protocol().isEmpty())
+ if (origin->securityOriginData.protocol.isEmpty())
return nullptr;
if (origin->protocol.isNull())
- origin->protocol = origin->securityOrigin->protocol().utf8();
+ origin->protocol = origin->securityOriginData.protocol.utf8();
return origin->protocol.data();
}
@@ -179,8 +179,8 @@
* webkit_security_origin_get_host:
* @origin: a #WebKitSecurityOrigin
*
- * Gets the hostname of @origin, or %NULL if @origin is opaque or if its
- * protocol does not require a host component.
+ * Gets the hostname of @origin. It is reasonable for this to be %NULL
+ * if its protocol does not require a host component.
*
* Returns: (allow-none): The host of the #WebKitSecurityOrigin
*
@@ -190,11 +190,11 @@
{
g_return_val_if_fail(origin, nullptr);
- if (origin->securityOrigin->host().isEmpty())
+ if (origin->securityOriginData.host.isEmpty())
return nullptr;
if (origin->host.isNull())
- origin->host = origin->securityOrigin->host().utf8();
+ origin->host = origin->securityOriginData.host.utf8();
return origin->host.data();
}
@@ -206,8 +206,7 @@
* port is the default port for the given protocol. For example,
* http://example.com has the same security origin as
* http://example.com:80, and this function will return 0 for a
- * #WebKitSecurityOrigin constructed from either URI. It will also
- * return 0 if @origin is opaque.
+ * #WebKitSecurityOrigin constructed from either URI.
*
* Returns: The port of the #WebKitSecurityOrigin.
*
@@ -217,7 +216,7 @@
{
g_return_val_if_fail(origin, 0);
- return origin->securityOrigin->port().valueOr(0);
+ return origin->securityOriginData.port.valueOr(0);
}
/**
@@ -224,18 +223,21 @@
* webkit_security_origin_is_opaque:
* @origin: a #WebKitSecurityOrigin
*
- * Gets whether @origin is an opaque security origin, which does not
- * possess an associated protocol, host, or port.
+ * This function returns %FALSE. #WebKitSecurityOrigin is now a simple
+ * wrapper around a <protocol, host, port> triplet, and no longer
+ * represents an origin as defined by web standards that may be opaque.
*
- * Returns: %TRUE if @origin is opaque.
+ * Returns: %FALSE
*
* Since: 2.16
+ *
+ * Deprecated: 2.32
*/
gboolean webkit_security_origin_is_opaque(WebKitSecurityOrigin* origin)
{
- g_return_val_if_fail(origin, TRUE);
+ g_return_val_if_fail(origin, FALSE);
- return origin->securityOrigin->isUnique();
+ return FALSE;
}
/**
@@ -243,8 +245,8 @@
* @origin: a #WebKitSecurityOrigin
*
* Gets a string representation of @origin. The string representation
- * is a valid URI with only protocol, host, and port components. It may
- * be %NULL, but usually only if @origin is opaque.
+ * is a valid URI with only protocol, host, and port components, or
+ * %NULL.
*
* Returns: (allow-none) (transfer full): a URI representing @origin.
*
@@ -254,6 +256,6 @@
{
g_return_val_if_fail(origin, nullptr);
- CString cstring = origin->securityOrigin->toString().utf8();
+ CString cstring = origin->securityOriginData.toString().utf8();
return cstring == "null" ? nullptr : g_strdup (cstring.data());
}
Modified: trunk/Source/WebKit/UIProcess/API/glib/WebKitSecurityOriginPrivate.h (274269 => 274270)
--- trunk/Source/WebKit/UIProcess/API/glib/WebKitSecurityOriginPrivate.h 2021-03-11 08:41:24 UTC (rev 274269)
+++ trunk/Source/WebKit/UIProcess/API/glib/WebKitSecurityOriginPrivate.h 2021-03-11 09:09:18 UTC (rev 274270)
@@ -22,5 +22,5 @@
#include "WebKitSecurityOrigin.h"
#include <WebCore/SecurityOrigin.h>
-WebKitSecurityOrigin* webkitSecurityOriginCreate(Ref<WebCore::SecurityOrigin>&&);
-WebCore::SecurityOrigin& webkitSecurityOriginGetSecurityOrigin(WebKitSecurityOrigin*);
+WebKitSecurityOrigin* webkitSecurityOriginCreate(WebCore::SecurityOriginData&&);
+const WebCore::SecurityOriginData& webkitSecurityOriginGetSecurityOriginData(WebKitSecurityOrigin*);
Modified: trunk/Source/WebKit/UIProcess/API/glib/WebKitWebContext.cpp (274269 => 274270)
--- trunk/Source/WebKit/UIProcess/API/glib/WebKitWebContext.cpp 2021-03-11 08:41:24 UTC (rev 274269)
+++ trunk/Source/WebKit/UIProcess/API/glib/WebKitWebContext.cpp 2021-03-11 09:09:18 UTC (rev 274270)
@@ -1704,7 +1704,7 @@
static void addOriginToMap(WebKitSecurityOrigin* origin, HashMap<String, bool>* map, bool allowed)
{
- String string = webkitSecurityOriginGetSecurityOrigin(origin).toString();
+ String string = webkitSecurityOriginGetSecurityOriginData(origin).toString();
if (string != "null")
map->set(string, allowed);
}
Modified: trunk/Source/WebKit/UIProcess/API/gtk/WebKitSecurityOrigin.h (274269 => 274270)
--- trunk/Source/WebKit/UIProcess/API/gtk/WebKitSecurityOrigin.h 2021-03-11 08:41:24 UTC (rev 274269)
+++ trunk/Source/WebKit/UIProcess/API/gtk/WebKitSecurityOrigin.h 2021-03-11 09:09:18 UTC (rev 274270)
@@ -59,7 +59,7 @@
WEBKIT_API guint16
webkit_security_origin_get_port (WebKitSecurityOrigin *origin);
-WEBKIT_API gboolean
+WEBKIT_DEPRECATED gboolean
webkit_security_origin_is_opaque (WebKitSecurityOrigin *origin);
WEBKIT_API gchar *
Modified: trunk/Source/WebKit/UIProcess/API/wpe/WebKitSecurityOrigin.h (274269 => 274270)
--- trunk/Source/WebKit/UIProcess/API/wpe/WebKitSecurityOrigin.h 2021-03-11 08:41:24 UTC (rev 274269)
+++ trunk/Source/WebKit/UIProcess/API/wpe/WebKitSecurityOrigin.h 2021-03-11 09:09:18 UTC (rev 274270)
@@ -59,7 +59,7 @@
WEBKIT_API guint16
webkit_security_origin_get_port (WebKitSecurityOrigin *origin);
-WEBKIT_API gboolean
+WEBKIT_DEPRECATED gboolean
webkit_security_origin_is_opaque (WebKitSecurityOrigin *origin);
WEBKIT_API gchar *
Modified: trunk/Tools/ChangeLog (274269 => 274270)
--- trunk/Tools/ChangeLog 2021-03-11 08:41:24 UTC (rev 274269)
+++ trunk/Tools/ChangeLog 2021-03-11 09:09:18 UTC (rev 274270)
@@ -1,3 +1,24 @@
+2021-03-11 Michael Catanzaro <[email protected]>
+
+ REGRESSION(r272469): [WPE][GTK] Epiphany UI process crashes when downloading PDFs, WebKitSecurityOrigin should use SecurityOriginData
+ https://bugs.webkit.org/show_bug.cgi?id=222943
+
+ Reviewed by Alex Christensen.
+
+ Add a test to ensure security origins can be successfully created for custom protocols.
+ Also, update the tests to accomodate the deprecation of webkit_security_origin_is_opaque().
+ Notably, origins for data:// URIs are no longer special.
+
+ * TestWebKitAPI/Tests/WebKitGLib/TestWebKitSecurityOrigin.cpp:
+ (testSecurityOriginBasicConstructor):
+ (testSecurityOriginURIConstructor):
+ (testSecurityOriginDefaultPort):
+ (testSecurityOriginFileURI):
+ (testSecurityOriginDataURI):
+ (testCustomProtocolOrigin):
+ (beforeAll):
+ (testOpaqueSecurityOrigin): Deleted.
+
2021-03-10 Chris Dumez <[email protected]>
Use RetainPtr<> / OSObjectPtr<> more in WebKit
Modified: trunk/Tools/TestWebKitAPI/Tests/WebKitGLib/TestWebKitSecurityOrigin.cpp (274269 => 274270)
--- trunk/Tools/TestWebKitAPI/Tests/WebKitGLib/TestWebKitSecurityOrigin.cpp 2021-03-11 08:41:24 UTC (rev 274269)
+++ trunk/Tools/TestWebKitAPI/Tests/WebKitGLib/TestWebKitSecurityOrigin.cpp 2021-03-11 09:09:18 UTC (rev 274270)
@@ -31,7 +31,6 @@
g_assert_cmpstr(webkit_security_origin_get_protocol(origin), ==, "http");
g_assert_cmpstr(webkit_security_origin_get_host(origin), ==, "127.0.0.1");
g_assert_cmpint(webkit_security_origin_get_port(origin), ==, 1234);
- g_assert_false(webkit_security_origin_is_opaque(origin));
webkit_security_origin_unref(origin);
}
@@ -44,7 +43,6 @@
g_assert_cmpstr(webkit_security_origin_get_protocol(origin), ==, "http");
g_assert_cmpstr(webkit_security_origin_get_host(origin), ==, "127.0.0.1");
g_assert_cmpint(webkit_security_origin_get_port(origin), ==, 1234);
- g_assert_false(webkit_security_origin_is_opaque(origin));
webkit_security_origin_unref(origin);
origin = webkit_security_origin_new_for_uri("http://127.0.0.1:1234/this/path/?should=be#ignored");
@@ -54,7 +52,6 @@
g_assert_cmpstr(webkit_security_origin_get_protocol(origin), ==, "http");
g_assert_cmpstr(webkit_security_origin_get_host(origin), ==, "127.0.0.1");
g_assert_cmpint(webkit_security_origin_get_port(origin), ==, 1234);
- g_assert_false(webkit_security_origin_is_opaque(origin));
webkit_security_origin_unref(origin);
}
@@ -67,7 +64,6 @@
g_assert_cmpstr(webkit_security_origin_get_protocol(origin), ==, "http");
g_assert_cmpstr(webkit_security_origin_get_host(origin), ==, "127.0.0.1");
g_assert_cmpint(webkit_security_origin_get_port(origin), ==, 0);
- g_assert_false(webkit_security_origin_is_opaque(origin));
webkit_security_origin_unref(origin);
origin = webkit_security_origin_new("http", "127.0.0.1", 80);
@@ -77,7 +73,6 @@
g_assert_cmpstr(webkit_security_origin_get_protocol(origin), ==, "http");
g_assert_cmpstr(webkit_security_origin_get_host(origin), ==, "127.0.0.1");
g_assert_cmpint(webkit_security_origin_get_port(origin), ==, 0);
- g_assert_false(webkit_security_origin_is_opaque(origin));
webkit_security_origin_unref(origin);
origin = webkit_security_origin_new_for_uri("http://127.0.0.1");
@@ -87,7 +82,6 @@
g_assert_cmpstr(webkit_security_origin_get_protocol(origin), ==, "http");
g_assert_cmpstr(webkit_security_origin_get_host(origin), ==, "127.0.0.1");
g_assert_cmpint(webkit_security_origin_get_port(origin), ==, 0);
- g_assert_false(webkit_security_origin_is_opaque(origin));
webkit_security_origin_unref(origin);
origin = webkit_security_origin_new_for_uri("http://127.0.0.1:80");
@@ -97,7 +91,6 @@
g_assert_cmpstr(webkit_security_origin_get_protocol(origin), ==, "http");
g_assert_cmpstr(webkit_security_origin_get_host(origin), ==, "127.0.0.1");
g_assert_cmpint(webkit_security_origin_get_port(origin), ==, 0);
- g_assert_false(webkit_security_origin_is_opaque(origin));
webkit_security_origin_unref(origin);
}
@@ -110,23 +103,31 @@
g_assert_cmpstr(webkit_security_origin_get_protocol(origin), ==, "file");
g_assert_null(webkit_security_origin_get_host(origin));
g_assert_cmpint(webkit_security_origin_get_port(origin), ==, 0);
- g_assert_false(webkit_security_origin_is_opaque(origin));
webkit_security_origin_unref(origin);
}
-static void testOpaqueSecurityOrigin(Test*, gconstpointer)
+static void testSecurityOriginDataURI(Test*, gconstpointer)
{
WebKitSecurityOrigin* origin = webkit_security_origin_new_for_uri("data:Lali ho!");
g_assert_nonnull(origin);
GUniquePtr<char> asString(webkit_security_origin_to_string(origin));
- g_assert_null(asString);
- g_assert_null(webkit_security_origin_get_protocol(origin));
+ g_assert_cmpstr(asString.get(), ==, "data://");
+ g_assert_cmpstr(webkit_security_origin_get_protocol(origin), ==, "data");
g_assert_null(webkit_security_origin_get_host(origin));
g_assert_cmpint(webkit_security_origin_get_port(origin), ==, 0);
- g_assert_true(webkit_security_origin_is_opaque(origin));
webkit_security_origin_unref(origin);
}
+static void testCustomProtocolOrigin(Test*, gconstpointer)
+{
+ WebKitSecurityOrigin* origin = webkit_security_origin_new_for_uri("squirrel://fish");
+ g_assert_nonnull(origin);
+ g_assert_cmpstr(webkit_security_origin_get_protocol(origin), ==, "squirrel");
+ g_assert_cmpstr(webkit_security_origin_get_host(origin), ==, "fish");
+ g_assert_cmpint(webkit_security_origin_get_port(origin), ==, 0);
+ webkit_security_origin_unref(origin);
+}
+
void beforeAll()
{
Test::add("WebKitSecurityOrigin", "basic-constructor", testSecurityOriginBasicConstructor);
@@ -133,7 +134,8 @@
Test::add("WebKitSecurityOrigin", "uri-constructor", testSecurityOriginURIConstructor);
Test::add("WebKitSecruityOrigin", "default-port", testSecurityOriginDefaultPort);
Test::add("WebKitSecurityOrigin", "file-uri", testSecurityOriginFileURI);
- Test::add("WebKitSecruityOrigin", "opaque-origin", testOpaqueSecurityOrigin);
+ Test::add("WebKitSecurityOrigin", "blob-uri", testSecurityOriginDataURI);
+ Test::add("WebKitSecurityOrigin", "custom-protocol-origin", testCustomProtocolOrigin);
}
void afterAll()
