Title: [275035] trunk
- Revision
- 275035
- Author
- [email protected]
- Date
- 2021-03-25 08:30:32 -0700 (Thu, 25 Mar 2021)
Log Message
WKContentRuleList first-party should include other subdomains of the current registrable domain
https://bugs.webkit.org/show_bug.cgi?id=223728
Source/WebCore:
<rdar://71912579>
Patch by Alex Christensen <[email protected]> on 2021-03-25
Reviewed by John Wilander.
Covered by API tests.
* loader/ResourceLoadInfo.cpp:
(WebCore::ContentExtensions::ResourceLoadInfo::isThirdParty const):
Tools:
Patch by Alex Christensen <[email protected]> on 2021-03-25
Reviewed by John Wilander.
* TestWebKitAPI/Tests/WebKitCocoa/ContentRuleListNotification.mm:
(TEST):
Modified Paths
Diff
Modified: trunk/Source/WebCore/ChangeLog (275034 => 275035)
--- trunk/Source/WebCore/ChangeLog 2021-03-25 15:28:52 UTC (rev 275034)
+++ trunk/Source/WebCore/ChangeLog 2021-03-25 15:30:32 UTC (rev 275035)
@@ -1,3 +1,16 @@
+2021-03-25 Alex Christensen <[email protected]>
+
+ WKContentRuleList first-party should include other subdomains of the current registrable domain
+ https://bugs.webkit.org/show_bug.cgi?id=223728
+ <rdar://71912579>
+
+ Reviewed by John Wilander.
+
+ Covered by API tests.
+
+ * loader/ResourceLoadInfo.cpp:
+ (WebCore::ContentExtensions::ResourceLoadInfo::isThirdParty const):
+
2021-03-25 Youenn Fablet <[email protected]>
Improve RealtimeIncomingVideoSourceCocoa::OnFrame logging to include rotation and size information
Modified: trunk/Source/WebCore/loader/ResourceLoadInfo.cpp (275034 => 275035)
--- trunk/Source/WebCore/loader/ResourceLoadInfo.cpp 2021-03-25 15:28:52 UTC (rev 275034)
+++ trunk/Source/WebCore/loader/ResourceLoadInfo.cpp 2021-03-25 15:30:32 UTC (rev 275035)
@@ -126,10 +126,7 @@
bool ResourceLoadInfo::isThirdParty() const
{
- Ref<SecurityOrigin> mainDocumentSecurityOrigin = SecurityOrigin::create(mainDocumentURL);
- Ref<SecurityOrigin> resourceSecurityOrigin = SecurityOrigin::create(resourceURL);
-
- return !mainDocumentSecurityOrigin->isSameOriginDomain(resourceSecurityOrigin.get());
+ return !RegistrableDomain(mainDocumentURL).matches(resourceURL);
}
ResourceFlags ResourceLoadInfo::getResourceFlags() const
Modified: trunk/Tools/ChangeLog (275034 => 275035)
--- trunk/Tools/ChangeLog 2021-03-25 15:28:52 UTC (rev 275034)
+++ trunk/Tools/ChangeLog 2021-03-25 15:30:32 UTC (rev 275035)
@@ -1,3 +1,13 @@
+2021-03-25 Alex Christensen <[email protected]>
+
+ WKContentRuleList first-party should include other subdomains of the current registrable domain
+ https://bugs.webkit.org/show_bug.cgi?id=223728
+
+ Reviewed by John Wilander.
+
+ * TestWebKitAPI/Tests/WebKitCocoa/ContentRuleListNotification.mm:
+ (TEST):
+
2021-03-25 Carlos Garcia Campos <[email protected]>
[GTK][WPE] JSC crashes if a function expects a parameter but doesn't receive any
Modified: trunk/Tools/TestWebKitAPI/Tests/WebKitCocoa/ContentRuleListNotification.mm (275034 => 275035)
--- trunk/Tools/TestWebKitAPI/Tests/WebKitCocoa/ContentRuleListNotification.mm 2021-03-25 15:28:52 UTC (rev 275034)
+++ trunk/Tools/TestWebKitAPI/Tests/WebKitCocoa/ContentRuleListNotification.mm 2021-03-25 15:30:32 UTC (rev 275035)
@@ -276,6 +276,53 @@
EXPECT_EQ(beaconServer.totalRequests(), 5u);
}
+TEST(ContentRuleList, ThirdParty)
+{
+ auto handler = [[TestURLSchemeHandler new] autorelease];
+ handler.startURLSchemeTaskHandler = ^(WKWebView *, id<WKURLSchemeTask> task) {
+ auto respond = [task] (const char* html) {
+ NSURLResponse *response = [[[NSURLResponse alloc] initWithURL:task.request.URL MIMEType:@"text/html" expectedContentLength:strlen(html) textEncodingName:nil] autorelease];
+ [task didReceiveResponse:response];
+ [task didReceiveData:[NSData dataWithBytes:html length:strlen(html)]];
+ [task didFinish];
+ };
+ NSString *path = task.request.URL.path;
+ if ([path isEqualToString:@"/main.html"]) {
+ return respond("<script>"
+ "function testWebKit() { fetch('test://webkit.org/resource.txt', {mode:'no-cors'}).then(()=>{alert('webkit.org loaded');}).catch(()=>{alert('webkit.org blocked');}) };"
+ "fetch('test://sub.example.com/resource.txt', {mode:'no-cors'}).then(()=>{alert('sub.example.com loaded');testWebKit();}).catch(()=>{alert('sub.example.com blocked');testWebKit();})"
+ "</script>");
+ }
+ if ([path isEqualToString:@"/resource.txt"])
+ return respond("hi");
+
+ ASSERT_NOT_REACHED();
+ };
+ auto configuration = [[WKWebViewConfiguration new] autorelease];
+ [configuration setURLSchemeHandler:handler forURLScheme:@"test"];
+ configuration.websiteDataStore = [WKWebsiteDataStore nonPersistentDataStore];
+ auto webView = [[[WKWebView alloc] initWithFrame:CGRectZero configuration:configuration] autorelease];
+
+ auto listWithLoadType = [] (const char* type) {
+ return makeContentRuleList([NSString stringWithFormat:@"[{\"action\":{\"type\":\"block\"},\"trigger\":{\"url-filter\":\"resource.txt\",\"load-type\":[\"%s\"]}}]", type]);
+ };
+
+ WKUserContentController *userContentController = webView.configuration.userContentController;
+ [webView loadRequest:[NSURLRequest requestWithURL:[NSURL URLWithString:@"test://example.com/main.html"]]];
+ EXPECT_WK_STREQ([webView _test_waitForAlert], "sub.example.com loaded");
+ EXPECT_WK_STREQ([webView _test_waitForAlert], "webkit.org loaded");
+
+ [userContentController addContentRuleList:listWithLoadType("third-party").get()];
+ [webView reload];
+ EXPECT_WK_STREQ([webView _test_waitForAlert], "sub.example.com loaded");
+ EXPECT_WK_STREQ([webView _test_waitForAlert], "webkit.org blocked");
+ [userContentController removeAllContentRuleLists];
+ [userContentController addContentRuleList:listWithLoadType("first-party").get()];
+ [webView reload];
+ EXPECT_WK_STREQ([webView _test_waitForAlert], "sub.example.com blocked");
+ EXPECT_WK_STREQ([webView _test_waitForAlert], "webkit.org loaded");
+}
+
TEST(ContentRuleList, SupportsRegex)
{
NSArray<NSString *> *allowed = @[
_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes
