Diff
Modified: branches/safari-611-branch/LayoutTests/ChangeLog (276401 => 276402)
--- branches/safari-611-branch/LayoutTests/ChangeLog 2021-04-21 23:39:17 UTC (rev 276401)
+++ branches/safari-611-branch/LayoutTests/ChangeLog 2021-04-21 23:39:26 UTC (rev 276402)
@@ -1,3 +1,152 @@
+2021-04-21 Ruben Turcios <[email protected]>
+
+ Cherry-pick r276193. rdar://problem/76962916
+
+ Perform port blocking earlier in the load
+ https://bugs.webkit.org/show_bug.cgi?id=224525
+ <rdar://problem/75440591>
+
+ Reviewed by Darin Adler.
+
+ Source/WebCore:
+
+ WebKit blocks loads to URLs with any of the prohibited ports defined in
+ the engine. This blocking happens late in the load process, allowing
+ connections to be made (and observed). Instead, we should stop the load
+ early, at the same time we perform other checks.
+
+ Test: http/tests/security/form-blocked-port.html
+
+ * html/HTMLMediaElement.cpp:
+ (WebCore::HTMLMediaElement::isSafeToLoadURL): Add a check for prohibited ports,
+ and block (with relevant logging) if a load to a denied port is attempted.
+ * loader/DocumentLoader.cpp:
+ (WebCore::DocumentLoader::willSendRequest): Ditto.
+ * loader/FrameLoader.cpp:
+ (WebCore::FrameLoader::loadFrameRequest): Ditto.
+ (WebCore::FrameLoader::reportBlockedLoadFailed): Ditto.
+ * loader/FrameLoader.h:
+ * loader/PingLoader.cpp:
+ (WebCore::PingLoader::loadImage): Ditto.
+ * loader/ResourceLoader.cpp:
+ (WebCore::ResourceLoader::init): Ditto.
+ * loader/SubframeLoader.cpp:
+ (WebCore::FrameLoader::SubframeLoader::pluginIsLoadable): Ditto.
+ (WebCore::FrameLoader::SubframeLoader::loadSubframe): Ditto.
+ * loader/cache/CachedResourceLoader.cpp:
+ (WebCore::CachedResourceLoader::canRequest): Ditto.
+ (WebCore::CachedResourceLoader::canRequestAfterRedirection const): Ditto.
+
+ Tools:
+
+ Update URLScheme test to use a non-prohibited port for the test. Tests of
+ failed fetches are already handled in WPT and other tests, so using a valid
+ port here should continue to be a valid test.
+
+ * TestWebKitAPI/Tests/WebKitCocoa/WKURLSchemeHandler-1.mm:
+ (-[FrameSchemeHandler webView:startURLSchemeTask:]): Use allowed port or the test
+ instead of 123.
+
+ LayoutTests:
+
+ WebKit blocks loads to URLs with any of the prohibited ports defined in
+ the engine. This blocking happens late in the load process, allowing
+ connections to be made (and observed). Instead, we should stop the load
+ early, at the same time we perform other checks.
+
+ Note: The fact that we now block loads earlier means that we do not fire
+ 'willSendRequestForFrame' for blocked ports, so WebKitTestRunner no longer
+ outputs a message to stdout. Those errors are reported in the JS console,
+ but since some test paths are specified to always output JS console messages
+ to stderrr (for example the WPT tests), we have to revise out test expectations
+ for a few cases.
+
+ * fast/loader/cancel-load-during-port-block-timer.html: Revised expectation to reflect new console error message.
+ * http/tests/cache/cancel-during-failure-crash-expected.txt: Ditto.
+ * http/tests/preload/download_resources_from_invalid_headers-expected.txt: Update to reflect a preflight is not executed
+ for a blocked port.
+ * http/tests/preload/resources/nph-invalid_resources_from_header.pl: Update to reflect that we do not preload
+ from restricted ports.
+ * http/tests/security/blocked-on-redirect-expected.txt: Revised expectation to match revised error message.
+ * http/tests/security/form-blocked-port.html: Added.
+ * http/tests/security/form-blocked-port-expected.txt: Added.
+ * http/tests/xmlhttprequest/cross-origin-redirect-responseURL-expected.txt: Revised expectation for revised error message.
+ * http/tests/xmlhttprequest/redirect-cross-origin-2-expected.txt: Ditto.
+ * http/tests/xmlhttprequest/redirect-cross-origin-expected.txt: Ditto.
+ * http/tests/xmlhttprequest/simple-cross-origin-denied-events.html: Instead of using a port WebKit blocks (7), use one that
+ is not blocked but is unlikely to be active (as originally intended). This retains the expected test behavior since we now
+ block loads to restricted ports earlier in the load process.
+ * http/tests/xmlhttprequest/simple-cross-origin-denied-events-post.html: Ditto.
+ * http/tests/xmlhttprequest/simple-cross-origin-denied-events-post-expected.txt: Update test output to reflect that we
+ are attempting to load from port 8 instead of port 7.
+ * http/wpt/beacon/beacon-async-error-logging-expected.txt: Ditto.
+ * http/wpt/beacon/beacon-async-error-logging.html: Update to reflect a preflight is not executed
+ for a blocked port.
+ * imported/w3c/web-platform-tests/fetch/api/request/request-bad-port.any-expected.txt: Since we block before executing the load,
+ TestRunner no longer outputs an error message to stdout. Instead, they appear in stderr (since all 'wpt' tests are marked
+ to dump console.log output to stderr).
+ * imported/w3c/web-platform-tests/fetch/api/request/request-bad-port.any.worker-expected.txt: Ditto.
+ * platform/mac-wk1/http/tests/xmlhttprequest/redirect-cross-origin-post-expected.txt: Revise to reflect change in console
+ logging (the functional test results are identical).
+ * platform/mac-wk1/http/tests/xmlhttprequest/simple-cross-origin-denied-events-post-expected.txt: Ditto.
+ * platform/win/http/tests/xmlhttprequest/redirect-cross-origin-post-expected.txt: Ditto.
+ * platform/win/http/tests/xmlhttprequest/simple-cross-origin-denied-events-post-expected.txt: Ditto.
+ * platform/wk2/http/tests/security/blocked-on-redirect-expected.txt: Ditto.
+
+ git-svn-id: https://svn.webkit.org/repository/webkit/trunk@276193 268f45cc-cd09-0410-ab3c-d52691b4dbfc
+
+ 2021-04-16 Brent Fulgham <[email protected]>
+
+ Perform port blocking earlier in the load
+ https://bugs.webkit.org/show_bug.cgi?id=224525
+ <rdar://problem/75440591>
+
+ Reviewed by Darin Adler.
+
+ WebKit blocks loads to URLs with any of the prohibited ports defined in
+ the engine. This blocking happens late in the load process, allowing
+ connections to be made (and observed). Instead, we should stop the load
+ early, at the same time we perform other checks.
+
+ Note: The fact that we now block loads earlier means that we do not fire
+ 'willSendRequestForFrame' for blocked ports, so WebKitTestRunner no longer
+ outputs a message to stdout. Those errors are reported in the JS console,
+ but since some test paths are specified to always output JS console messages
+ to stderrr (for example the WPT tests), we have to revise out test expectations
+ for a few cases.
+
+ * fast/loader/cancel-load-during-port-block-timer.html: Revised expectation to reflect new console error message.
+ * http/tests/cache/cancel-during-failure-crash-expected.txt: Ditto.
+ * http/tests/preload/download_resources_from_invalid_headers-expected.txt: Update to reflect a preflight is not executed
+ for a blocked port.
+ * http/tests/preload/resources/nph-invalid_resources_from_header.pl: Update to reflect that we do not preload
+ from restricted ports.
+ * http/tests/security/blocked-on-redirect-expected.txt: Revised expectation to match revised error message.
+ * http/tests/security/form-blocked-port.html: Added.
+ * http/tests/security/form-blocked-port-expected.txt: Added.
+ * http/tests/xmlhttprequest/cross-origin-redirect-responseURL-expected.txt: Revised expectation for revised error message.
+ * http/tests/xmlhttprequest/redirect-cross-origin-2-expected.txt: Ditto.
+ * http/tests/xmlhttprequest/redirect-cross-origin-expected.txt: Ditto.
+ * http/tests/xmlhttprequest/simple-cross-origin-denied-events.html: Instead of using a port WebKit blocks (7), use one that
+ is not blocked but is unlikely to be active (as originally intended). This retains the expected test behavior since we now
+ block loads to restricted ports earlier in the load process.
+ * http/tests/xmlhttprequest/simple-cross-origin-denied-events-post.html: Ditto.
+ * http/tests/xmlhttprequest/simple-cross-origin-denied-events-post-expected.txt: Update test output to reflect that we
+ are attempting to load from port 8 instead of port 7.
+ * http/wpt/beacon/beacon-async-error-logging-expected.txt: Ditto.
+ * http/wpt/beacon/beacon-async-error-logging.html: Update to reflect a preflight is not executed
+ for a blocked port.
+ * imported/w3c/web-platform-tests/fetch/api/request/request-bad-port.any-expected.txt: Since we block before executing the load,
+ TestRunner no longer outputs an error message to stdout. Instead, they appear in stderr (since all 'wpt' tests are marked
+ to dump console.log output to stderr).
+ * imported/w3c/web-platform-tests/fetch/api/request/request-bad-port.any.worker-expected.txt: Ditto.
+ * platform/mac-wk1/http/tests/xmlhttprequest/redirect-cross-origin-post-expected.txt: Revise to reflect change in console
+ logging (the functional test results are identical).
+ * platform/mac-wk1/http/tests/xmlhttprequest/simple-cross-origin-denied-events-post-expected.txt: Ditto.
+ * platform/win/http/tests/xmlhttprequest/redirect-cross-origin-post-expected.txt: Ditto.
+ * platform/win/http/tests/xmlhttprequest/simple-cross-origin-denied-events-post-expected.txt: Ditto.
+ * platform/wk2/http/tests/security/blocked-on-redirect-expected.txt: Ditto.
+
2021-04-21 Alan Coon <[email protected]>
Cherry-pick r274064. rdar://problem/76962988
Modified: branches/safari-611-branch/LayoutTests/fast/loader/cancel-load-during-port-block-timer-expected.txt (276401 => 276402)
--- branches/safari-611-branch/LayoutTests/fast/loader/cancel-load-during-port-block-timer-expected.txt 2021-04-21 23:39:17 UTC (rev 276401)
+++ branches/safari-611-branch/LayoutTests/fast/loader/cancel-load-during-port-block-timer-expected.txt 2021-04-21 23:39:26 UTC (rev 276402)
@@ -1 +1,2 @@
+CONSOLE MESSAGE: Not allowed to use restricted network port 22: http://127.0.0.1:22/
If this does crash, the test has passed.
Modified: branches/safari-611-branch/LayoutTests/http/tests/cache/cancel-during-failure-crash-expected.txt (276401 => 276402)
--- branches/safari-611-branch/LayoutTests/http/tests/cache/cancel-during-failure-crash-expected.txt 2021-04-21 23:39:17 UTC (rev 276401)
+++ branches/safari-611-branch/LayoutTests/http/tests/cache/cancel-during-failure-crash-expected.txt 2021-04-21 23:39:26 UTC (rev 276402)
@@ -1 +1,2 @@
+CONSOLE MESSAGE: Not allowed to use restricted network port 7: http://localhost:7/
PASS
Modified: branches/safari-611-branch/LayoutTests/http/tests/preload/download_resources_from_invalid_headers-expected.txt (276401 => 276402)
--- branches/safari-611-branch/LayoutTests/http/tests/preload/download_resources_from_invalid_headers-expected.txt 2021-04-21 23:39:17 UTC (rev 276401)
+++ branches/safari-611-branch/LayoutTests/http/tests/preload/download_resources_from_invalid_headers-expected.txt 2021-04-21 23:39:26 UTC (rev 276402)
@@ -17,7 +17,7 @@
PASS internals.isPreloaded('../resources/dummy.xml'); is false
PASS internals.isPreloaded('../resources/dumm'); is false
PASS internals.isPreloaded('http://localhost:8000/preload/resources/square.png'); is false
-PASS internals.isPreloaded('http://localhost:53/preload/resources/dummy.js'); is true
+PASS internals.isPreloaded('http://localhost:53/preload/resources/dummy.js'); is false
PASS internals.isPreloaded('#foobar'); is false
PASS internals.isPreloaded('../resources/Ahem.ttf'); is false
PASS internals.isPreloaded('../resources/dummy.js?invalid'); is false
Modified: branches/safari-611-branch/LayoutTests/http/tests/preload/resources/nph-invalid_resources_from_header.pl (276401 => 276402)
--- branches/safari-611-branch/LayoutTests/http/tests/preload/resources/nph-invalid_resources_from_header.pl 2021-04-21 23:39:17 UTC (rev 276401)
+++ branches/safari-611-branch/LayoutTests/http/tests/preload/resources/nph-invalid_resources_from_header.pl 2021-04-21 23:39:26 UTC (rev 276402)
@@ -43,8 +43,7 @@
shouldBeFalse("internals.isPreloaded('../resources/dummy.xml');");
shouldBeFalse("internals.isPreloaded('../resources/dumm');");
shouldBeFalse("internals.isPreloaded('http://localhost:8000/preload/resources/square.png');");
- // Invalid ports get preloaded (and get terminated further down the stack).
- shouldBeTrue("internals.isPreloaded('http://localhost:53/preload/resources/dummy.js');");
+ shouldBeFalse("internals.isPreloaded('http://localhost:53/preload/resources/dummy.js');");
shouldBeFalse("internals.isPreloaded('#foobar');");
shouldBeFalse("internals.isPreloaded('../resources/Ahem.ttf');");
shouldBeFalse("internals.isPreloaded('../resources/dummy.js?invalid');");
Modified: branches/safari-611-branch/LayoutTests/http/tests/security/blocked-on-redirect-expected.txt (276401 => 276402)
--- branches/safari-611-branch/LayoutTests/http/tests/security/blocked-on-redirect-expected.txt 2021-04-21 23:39:17 UTC (rev 276401)
+++ branches/safari-611-branch/LayoutTests/http/tests/security/blocked-on-redirect-expected.txt 2021-04-21 23:39:26 UTC (rev 276402)
@@ -1,5 +1,5 @@
http://127.0.0.1:8000/resources/redirect.php?code=307&url="" - willSendRequest <NSURLRequest URL http://127.0.0.1:8000/resources/redirect.php?code=307&url="" main document URL http://127.0.0.1:8000/security/blocked-on-redirect.html, http method GET> redirectResponse (null)
http://127.0.0.1:8000/security/blocked-on-redirect.html - didFinishLoading
-CONSOLE MESSAGE: Not allowed to use restricted network port: http://localhost:25/security/resources/post-done.html
+CONSOLE MESSAGE: Not allowed to use restricted network port 25: http://localhost:25/security/resources/post-done.html
http://127.0.0.1:8000/resources/redirect.php?code=307&url="" - didFailLoadingWithError: <NSError domain WebKitErrorDomain, code 103, failing URL "http://localhost:25/security/resources/post-done.html">
This test produces output in the console. Only the initial URL should be logged.
Added: branches/safari-611-branch/LayoutTests/http/tests/security/form-blocked-port-expected.txt (0 => 276402)
--- branches/safari-611-branch/LayoutTests/http/tests/security/form-blocked-port-expected.txt (rev 0)
+++ branches/safari-611-branch/LayoutTests/http/tests/security/form-blocked-port-expected.txt 2021-04-21 23:39:26 UTC (rev 276402)
@@ -0,0 +1,3 @@
+CONSOLE MESSAGE: Not allowed to use restricted network port 6000: http://127.0.0.1:6000/
+Test Data:
+Tests that blocking form actions to restricted ports works correctly. If this test passes, you will see a console error, and will not see a page indicating a form was POSTed.
Added: branches/safari-611-branch/LayoutTests/http/tests/security/form-blocked-port.html (0 => 276402)
--- branches/safari-611-branch/LayoutTests/http/tests/security/form-blocked-port.html (rev 0)
+++ branches/safari-611-branch/LayoutTests/http/tests/security/form-blocked-port.html 2021-04-21 23:39:26 UTC (rev 276402)
@@ -0,0 +1,28 @@
+<!DOCTYPE html>
+<html>
+<head>
+<script>
+ if (window.testRunner) {
+ testRunner.dumpAsText();
+ testRunner.waitUntilDone();
+ }
+ window.addEventListener('load', function() {
+ setTimeout(function () {
+ testRunner.notifyDone();
+ }, 1000);
+ document.getElementById('submit').click();
+ });
+</script>
+</head>
+<body>
+ <form id='theform' method='post' action='' enctype="multipart/form-data">
+ <label for="" Data:</label>
+ <input type='text' name='fieldname' value='fieldvalue'>
+ <input type='submit' id='submit' value='submit'>
+ </form>
+
+ <p>
+ Tests that blocking form actions to restricted ports works correctly. If this test passes, you will see a console error, and will not see a page indicating a form was POSTed.
+ </p>
+</body>
+</html>
Modified: branches/safari-611-branch/LayoutTests/http/tests/xmlhttprequest/cross-origin-redirect-responseURL-expected.txt (276401 => 276402)
--- branches/safari-611-branch/LayoutTests/http/tests/xmlhttprequest/cross-origin-redirect-responseURL-expected.txt 2021-04-21 23:39:17 UTC (rev 276401)
+++ branches/safari-611-branch/LayoutTests/http/tests/xmlhttprequest/cross-origin-redirect-responseURL-expected.txt 2021-04-21 23:39:26 UTC (rev 276402)
@@ -1,3 +1,5 @@
+CONSOLE MESSAGE: Not allowed to use restricted network port 7: http://localhost:7/
+CONSOLE MESSAGE: Not allowed to use restricted network port 22: http://localhost:22/
Test XMLHttpRequest responseURL.
On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".
Modified: branches/safari-611-branch/LayoutTests/http/tests/xmlhttprequest/redirect-cross-origin-2-expected.txt (276401 => 276402)
--- branches/safari-611-branch/LayoutTests/http/tests/xmlhttprequest/redirect-cross-origin-2-expected.txt 2021-04-21 23:39:17 UTC (rev 276401)
+++ branches/safari-611-branch/LayoutTests/http/tests/xmlhttprequest/redirect-cross-origin-2-expected.txt 2021-04-21 23:39:26 UTC (rev 276402)
@@ -1,5 +1,6 @@
CONSOLE MESSAGE: Origin http://127.0.0.1:8000 is not allowed by Access-Control-Allow-Origin.
CONSOLE MESSAGE: XMLHttpRequest cannot load http://localhost:8000/xmlhttprequest/resources/reply.xml due to access control checks.
+CONSOLE MESSAGE: Not allowed to use restricted network port 22: http://localhost:22/
Test that a cross-origin redirect to a server that responds is indistinguishable from one that does not. Should say PASS:
PASS
Modified: branches/safari-611-branch/LayoutTests/http/tests/xmlhttprequest/redirect-cross-origin-expected.txt (276401 => 276402)
--- branches/safari-611-branch/LayoutTests/http/tests/xmlhttprequest/redirect-cross-origin-expected.txt 2021-04-21 23:39:17 UTC (rev 276401)
+++ branches/safari-611-branch/LayoutTests/http/tests/xmlhttprequest/redirect-cross-origin-expected.txt 2021-04-21 23:39:26 UTC (rev 276402)
@@ -1,5 +1,6 @@
CONSOLE MESSAGE: Origin http://127.0.0.1:8000 is not allowed by Access-Control-Allow-Origin.
CONSOLE MESSAGE: XMLHttpRequest cannot load http://localhost:8000/xmlhttprequest/resources/reply.xml due to access control checks.
+CONSOLE MESSAGE: Not allowed to use restricted network port 7: http://localhost:7/
Test that a cross-origin redirect to a server that responds is indistinguishable from one that does not. Should say PASS:
PASS
Modified: branches/safari-611-branch/LayoutTests/http/tests/xmlhttprequest/simple-cross-origin-denied-events-post-expected.txt (276401 => 276402)
--- branches/safari-611-branch/LayoutTests/http/tests/xmlhttprequest/simple-cross-origin-denied-events-post-expected.txt 2021-04-21 23:39:17 UTC (rev 276401)
+++ branches/safari-611-branch/LayoutTests/http/tests/xmlhttprequest/simple-cross-origin-denied-events-post-expected.txt 2021-04-21 23:39:26 UTC (rev 276402)
@@ -1,7 +1,7 @@
CONSOLE MESSAGE: Origin http://127.0.0.1:8000 is not allowed by Access-Control-Allow-Origin.
CONSOLE MESSAGE: XMLHttpRequest cannot load http://localhost:8000/xmlhttprequest/resources/reply.xml due to access control checks.
-CONSOLE MESSAGE: CORS-preflight request was blocked
-CONSOLE MESSAGE: XMLHttpRequest cannot load http://localhost:7/ due to access control checks.
+CONSOLE MESSAGE: Could not connect to the server.
+CONSOLE MESSAGE: XMLHttpRequest cannot load http://localhost:8/ due to access control checks.
Test that a simple cross-origin request to a server that responds (but does not permit cross-origin requests) is indistinguishable from one that does not exist. Should say PASS:
PASS
Modified: branches/safari-611-branch/LayoutTests/http/tests/xmlhttprequest/simple-cross-origin-denied-events-post.html (276401 => 276402)
--- branches/safari-611-branch/LayoutTests/http/tests/xmlhttprequest/simple-cross-origin-denied-events-post.html 2021-04-21 23:39:17 UTC (rev 276401)
+++ branches/safari-611-branch/LayoutTests/http/tests/xmlhttprequest/simple-cross-origin-denied-events-post.html 2021-04-21 23:39:26 UTC (rev 276402)
@@ -36,7 +36,7 @@
xhr.upload._onload_ = function() { log("upload.onload") }
xhr.upload._onloadstart_ = function() { log("upload.onloadstart") }
xhr.upload._onprogress_ = function() { log("upload.onprogress") }
- xhr.open("POST", "http://localhost:7/", true); // A port that will likely refuse the connection.
+ xhr.open("POST", "http://localhost:8/", true); // A port that will likely refuse the connection.
xhr.setRequestHeader("Content-Type", "text/plain");
xhr.send("Text");
}
Modified: branches/safari-611-branch/LayoutTests/http/tests/xmlhttprequest/simple-cross-origin-denied-events.html (276401 => 276402)
--- branches/safari-611-branch/LayoutTests/http/tests/xmlhttprequest/simple-cross-origin-denied-events.html 2021-04-21 23:39:17 UTC (rev 276401)
+++ branches/safari-611-branch/LayoutTests/http/tests/xmlhttprequest/simple-cross-origin-denied-events.html 2021-04-21 23:39:26 UTC (rev 276402)
@@ -31,9 +31,9 @@
xhr._onloadstart_ = function() { log("onloadstart") }
xhr._onprogress_ = function() { log("onprogress") }
xhr._onerror_ = function() { log("onerror"); setTimeout(doneMissing, 100); }
- xhr.open("GET", "http://localhost:7/", true); // A port that will likely refuse the connection.
+ xhr.open("GET", "http://localhost:8/", true); // A port that will likely refuse the connection.
xhr.send();
- }
+ }
function doneMissing()
{
Modified: branches/safari-611-branch/LayoutTests/http/wpt/beacon/beacon-async-error-logging-expected.txt (276401 => 276402)
--- branches/safari-611-branch/LayoutTests/http/wpt/beacon/beacon-async-error-logging-expected.txt 2021-04-21 23:39:17 UTC (rev 276401)
+++ branches/safari-611-branch/LayoutTests/http/wpt/beacon/beacon-async-error-logging-expected.txt 2021-04-21 23:39:26 UTC (rev 276402)
@@ -1,3 +1,4 @@
+CONSOLE MESSAGE: Not allowed to use restricted network port 1: http://localhost:1/
CONSOLE MESSAGE: Beacon API cannot load http://localhost:1/. Not allowed to use restricted network port
PASS Should log an error message in the console
Modified: branches/safari-611-branch/LayoutTests/http/wpt/beacon/beacon-async-error-logging.html (276401 => 276402)
--- branches/safari-611-branch/LayoutTests/http/wpt/beacon/beacon-async-error-logging.html 2021-04-21 23:39:17 UTC (rev 276401)
+++ branches/safari-611-branch/LayoutTests/http/wpt/beacon/beacon-async-error-logging.html 2021-04-21 23:39:26 UTC (rev 276402)
@@ -15,7 +15,7 @@
setTimeout(function() { t.done(); }, 500);
}
let hostWithInvalidPort = "http://localhost:1";
- assert_true(navigator.sendBeacon(hostWithInvalidPort, 'test'), "sendBeacon should return true");
+ assert_false(navigator.sendBeacon(hostWithInvalidPort, 'test'), "sendBeacon should return true");
}, "Should log an error message in the console");
</script>
</body>
Modified: branches/safari-611-branch/LayoutTests/imported/w3c/web-platform-tests/fetch/api/request/request-bad-port.any-expected.txt (276401 => 276402)
--- branches/safari-611-branch/LayoutTests/imported/w3c/web-platform-tests/fetch/api/request/request-bad-port.any-expected.txt 2021-04-21 23:39:17 UTC (rev 276401)
+++ branches/safari-611-branch/LayoutTests/imported/w3c/web-platform-tests/fetch/api/request/request-bad-port.any-expected.txt 2021-04-21 23:39:26 UTC (rev 276402)
@@ -1,81 +1,3 @@
-Blocked access to external URL http://example.com:1/
-Blocked access to external URL http://example.com:7/
-Blocked access to external URL http://example.com:9/
-Blocked access to external URL http://example.com:11/
-Blocked access to external URL http://example.com:13/
-Blocked access to external URL http://example.com:15/
-Blocked access to external URL http://example.com:17/
-Blocked access to external URL http://example.com:19/
-Blocked access to external URL http://example.com:20/
-Blocked access to external URL http://example.com:21/
-Blocked access to external URL http://example.com:22/
-Blocked access to external URL http://example.com:23/
-Blocked access to external URL http://example.com:25/
-Blocked access to external URL http://example.com:37/
-Blocked access to external URL http://example.com:42/
-Blocked access to external URL http://example.com:43/
-Blocked access to external URL http://example.com:53/
-Blocked access to external URL http://example.com:69/
-Blocked access to external URL http://example.com:77/
-Blocked access to external URL http://example.com:79/
-Blocked access to external URL http://example.com:87/
-Blocked access to external URL http://example.com:95/
-Blocked access to external URL http://example.com:101/
-Blocked access to external URL http://example.com:102/
-Blocked access to external URL http://example.com:103/
-Blocked access to external URL http://example.com:104/
-Blocked access to external URL http://example.com:109/
-Blocked access to external URL http://example.com:110/
-Blocked access to external URL http://example.com:111/
-Blocked access to external URL http://example.com:113/
-Blocked access to external URL http://example.com:115/
-Blocked access to external URL http://example.com:117/
-Blocked access to external URL http://example.com:119/
-Blocked access to external URL http://example.com:123/
-Blocked access to external URL http://example.com:135/
-Blocked access to external URL http://example.com:137/
-Blocked access to external URL http://example.com:139/
-Blocked access to external URL http://example.com:143/
-Blocked access to external URL http://example.com:161/
-Blocked access to external URL http://example.com:179/
-Blocked access to external URL http://example.com:389/
-Blocked access to external URL http://example.com:427/
-Blocked access to external URL http://example.com:465/
-Blocked access to external URL http://example.com:512/
-Blocked access to external URL http://example.com:513/
-Blocked access to external URL http://example.com:514/
-Blocked access to external URL http://example.com:515/
-Blocked access to external URL http://example.com:526/
-Blocked access to external URL http://example.com:530/
-Blocked access to external URL http://example.com:531/
-Blocked access to external URL http://example.com:532/
-Blocked access to external URL http://example.com:540/
-Blocked access to external URL http://example.com:548/
-Blocked access to external URL http://example.com:554/
-Blocked access to external URL http://example.com:556/
-Blocked access to external URL http://example.com:563/
-Blocked access to external URL http://example.com:587/
-Blocked access to external URL http://example.com:601/
-Blocked access to external URL http://example.com:636/
-Blocked access to external URL http://example.com:993/
-Blocked access to external URL http://example.com:995/
-Blocked access to external URL http://example.com:2049/
-Blocked access to external URL http://example.com:1719/
-Blocked access to external URL http://example.com:1720/
-Blocked access to external URL http://example.com:1723/
-Blocked access to external URL http://example.com:3659/
-Blocked access to external URL http://example.com:4045/
-Blocked access to external URL http://example.com:5060/
-Blocked access to external URL http://example.com:5061/
-Blocked access to external URL http://example.com:6000/
-Blocked access to external URL http://example.com:6566/
-Blocked access to external URL http://example.com:6665/
-Blocked access to external URL http://example.com:6666/
-Blocked access to external URL http://example.com:6667/
-Blocked access to external URL http://example.com:6668/
-Blocked access to external URL http://example.com:6669/
-Blocked access to external URL http://example.com:6697/
-
PASS Request on bad port 1 should throw TypeError.
PASS Request on bad port 7 should throw TypeError.
PASS Request on bad port 9 should throw TypeError.
Modified: branches/safari-611-branch/LayoutTests/imported/w3c/web-platform-tests/fetch/api/request/request-bad-port.any.worker-expected.txt (276401 => 276402)
--- branches/safari-611-branch/LayoutTests/imported/w3c/web-platform-tests/fetch/api/request/request-bad-port.any.worker-expected.txt 2021-04-21 23:39:17 UTC (rev 276401)
+++ branches/safari-611-branch/LayoutTests/imported/w3c/web-platform-tests/fetch/api/request/request-bad-port.any.worker-expected.txt 2021-04-21 23:39:26 UTC (rev 276402)
@@ -1,81 +1,3 @@
-Blocked access to external URL http://example.com:1/
-Blocked access to external URL http://example.com:7/
-Blocked access to external URL http://example.com:9/
-Blocked access to external URL http://example.com:11/
-Blocked access to external URL http://example.com:13/
-Blocked access to external URL http://example.com:15/
-Blocked access to external URL http://example.com:17/
-Blocked access to external URL http://example.com:19/
-Blocked access to external URL http://example.com:20/
-Blocked access to external URL http://example.com:21/
-Blocked access to external URL http://example.com:22/
-Blocked access to external URL http://example.com:23/
-Blocked access to external URL http://example.com:25/
-Blocked access to external URL http://example.com:37/
-Blocked access to external URL http://example.com:42/
-Blocked access to external URL http://example.com:43/
-Blocked access to external URL http://example.com:53/
-Blocked access to external URL http://example.com:69/
-Blocked access to external URL http://example.com:77/
-Blocked access to external URL http://example.com:79/
-Blocked access to external URL http://example.com:87/
-Blocked access to external URL http://example.com:95/
-Blocked access to external URL http://example.com:101/
-Blocked access to external URL http://example.com:102/
-Blocked access to external URL http://example.com:103/
-Blocked access to external URL http://example.com:104/
-Blocked access to external URL http://example.com:109/
-Blocked access to external URL http://example.com:110/
-Blocked access to external URL http://example.com:111/
-Blocked access to external URL http://example.com:113/
-Blocked access to external URL http://example.com:115/
-Blocked access to external URL http://example.com:117/
-Blocked access to external URL http://example.com:119/
-Blocked access to external URL http://example.com:123/
-Blocked access to external URL http://example.com:135/
-Blocked access to external URL http://example.com:137/
-Blocked access to external URL http://example.com:139/
-Blocked access to external URL http://example.com:143/
-Blocked access to external URL http://example.com:161/
-Blocked access to external URL http://example.com:179/
-Blocked access to external URL http://example.com:389/
-Blocked access to external URL http://example.com:427/
-Blocked access to external URL http://example.com:465/
-Blocked access to external URL http://example.com:512/
-Blocked access to external URL http://example.com:513/
-Blocked access to external URL http://example.com:514/
-Blocked access to external URL http://example.com:515/
-Blocked access to external URL http://example.com:526/
-Blocked access to external URL http://example.com:530/
-Blocked access to external URL http://example.com:531/
-Blocked access to external URL http://example.com:532/
-Blocked access to external URL http://example.com:540/
-Blocked access to external URL http://example.com:548/
-Blocked access to external URL http://example.com:554/
-Blocked access to external URL http://example.com:556/
-Blocked access to external URL http://example.com:563/
-Blocked access to external URL http://example.com:587/
-Blocked access to external URL http://example.com:601/
-Blocked access to external URL http://example.com:636/
-Blocked access to external URL http://example.com:993/
-Blocked access to external URL http://example.com:995/
-Blocked access to external URL http://example.com:2049/
-Blocked access to external URL http://example.com:1719/
-Blocked access to external URL http://example.com:1720/
-Blocked access to external URL http://example.com:1723/
-Blocked access to external URL http://example.com:3659/
-Blocked access to external URL http://example.com:4045/
-Blocked access to external URL http://example.com:5060/
-Blocked access to external URL http://example.com:5061/
-Blocked access to external URL http://example.com:6000/
-Blocked access to external URL http://example.com:6566/
-Blocked access to external URL http://example.com:6665/
-Blocked access to external URL http://example.com:6666/
-Blocked access to external URL http://example.com:6667/
-Blocked access to external URL http://example.com:6668/
-Blocked access to external URL http://example.com:6669/
-Blocked access to external URL http://example.com:6697/
-
PASS Request on bad port 1 should throw TypeError.
PASS Request on bad port 7 should throw TypeError.
PASS Request on bad port 9 should throw TypeError.
Copied: branches/safari-611-branch/LayoutTests/platform/mac-wk1/http/tests/xmlhttprequest/redirect-cross-origin-post-expected.txt (from rev 276401, branches/safari-611-branch/LayoutTests/http/tests/xmlhttprequest/redirect-cross-origin-2-expected.txt) (0 => 276402)
--- branches/safari-611-branch/LayoutTests/platform/mac-wk1/http/tests/xmlhttprequest/redirect-cross-origin-post-expected.txt (rev 0)
+++ branches/safari-611-branch/LayoutTests/platform/mac-wk1/http/tests/xmlhttprequest/redirect-cross-origin-post-expected.txt 2021-04-21 23:39:26 UTC (rev 276402)
@@ -0,0 +1,7 @@
+CONSOLE MESSAGE: Origin http://127.0.0.1:8000 is not allowed by Access-Control-Allow-Origin.
+CONSOLE MESSAGE: XMLHttpRequest cannot load http://localhost:8000/xmlhttprequest/resources/reply.xml due to access control checks.
+CONSOLE MESSAGE: Not allowed to use restricted network port 7: http://localhost:7/
+Test that a cross-origin redirect to a server that responds is indistinguishable from one that does not. Should say PASS:
+
+PASS
+
Copied: branches/safari-611-branch/LayoutTests/platform/mac-wk1/http/tests/xmlhttprequest/simple-cross-origin-denied-events-post-expected.txt (from rev 276401, branches/safari-611-branch/LayoutTests/http/tests/xmlhttprequest/simple-cross-origin-denied-events-post-expected.txt) (0 => 276402)
--- branches/safari-611-branch/LayoutTests/platform/mac-wk1/http/tests/xmlhttprequest/simple-cross-origin-denied-events-post-expected.txt (rev 0)
+++ branches/safari-611-branch/LayoutTests/platform/mac-wk1/http/tests/xmlhttprequest/simple-cross-origin-denied-events-post-expected.txt 2021-04-21 23:39:26 UTC (rev 276402)
@@ -0,0 +1,8 @@
+CONSOLE MESSAGE: Origin http://127.0.0.1:8000 is not allowed by Access-Control-Allow-Origin.
+CONSOLE MESSAGE: XMLHttpRequest cannot load http://localhost:8000/xmlhttprequest/resources/reply.xml due to access control checks.
+CONSOLE MESSAGE: CORS-preflight request was blocked
+CONSOLE MESSAGE: XMLHttpRequest cannot load http://localhost:8/ due to access control checks.
+Test that a simple cross-origin request to a server that responds (but does not permit cross-origin requests) is indistinguishable from one that does not exist. Should say PASS:
+
+PASS
+
Copied: branches/safari-611-branch/LayoutTests/platform/win/http/tests/xmlhttprequest/redirect-cross-origin-post-expected.txt (from rev 276401, branches/safari-611-branch/LayoutTests/http/tests/xmlhttprequest/redirect-cross-origin-2-expected.txt) (0 => 276402)
--- branches/safari-611-branch/LayoutTests/platform/win/http/tests/xmlhttprequest/redirect-cross-origin-post-expected.txt (rev 0)
+++ branches/safari-611-branch/LayoutTests/platform/win/http/tests/xmlhttprequest/redirect-cross-origin-post-expected.txt 2021-04-21 23:39:26 UTC (rev 276402)
@@ -0,0 +1,7 @@
+CONSOLE MESSAGE: Origin http://127.0.0.1:8000 is not allowed by Access-Control-Allow-Origin.
+CONSOLE MESSAGE: XMLHttpRequest cannot load http://localhost:8000/xmlhttprequest/resources/reply.xml due to access control checks.
+CONSOLE MESSAGE: Not allowed to use restricted network port 7: http://localhost:7/
+Test that a cross-origin redirect to a server that responds is indistinguishable from one that does not. Should say PASS:
+
+PASS
+
Copied: branches/safari-611-branch/LayoutTests/platform/win/http/tests/xmlhttprequest/simple-cross-origin-denied-events-post-expected.txt (from rev 276401, branches/safari-611-branch/LayoutTests/http/tests/xmlhttprequest/simple-cross-origin-denied-events-post-expected.txt) (0 => 276402)
--- branches/safari-611-branch/LayoutTests/platform/win/http/tests/xmlhttprequest/simple-cross-origin-denied-events-post-expected.txt (rev 0)
+++ branches/safari-611-branch/LayoutTests/platform/win/http/tests/xmlhttprequest/simple-cross-origin-denied-events-post-expected.txt 2021-04-21 23:39:26 UTC (rev 276402)
@@ -0,0 +1,8 @@
+CONSOLE MESSAGE: Origin http://127.0.0.1:8000 is not allowed by Access-Control-Allow-Origin.
+CONSOLE MESSAGE: XMLHttpRequest cannot load http://localhost:8000/xmlhttprequest/resources/reply.xml due to access control checks.
+CONSOLE MESSAGE: CORS-preflight request was blocked
+CONSOLE MESSAGE: XMLHttpRequest cannot load http://localhost:8/ due to access control checks.
+Test that a simple cross-origin request to a server that responds (but does not permit cross-origin requests) is indistinguishable from one that does not exist. Should say PASS:
+
+PASS
+
Modified: branches/safari-611-branch/LayoutTests/platform/wk2/http/tests/security/blocked-on-redirect-expected.txt (276401 => 276402)
--- branches/safari-611-branch/LayoutTests/platform/wk2/http/tests/security/blocked-on-redirect-expected.txt 2021-04-21 23:39:17 UTC (rev 276401)
+++ branches/safari-611-branch/LayoutTests/platform/wk2/http/tests/security/blocked-on-redirect-expected.txt 2021-04-21 23:39:26 UTC (rev 276402)
@@ -1,5 +1,5 @@
http://127.0.0.1:8000/security/blocked-on-redirect.html - didFinishLoading
http://127.0.0.1:8000/resources/redirect.php?code=307&url="" - willSendRequest <NSURLRequest URL http://127.0.0.1:8000/resources/redirect.php?code=307&url="" main document URL http://127.0.0.1:8000/security/blocked-on-redirect.html, http method GET> redirectResponse (null)
-CONSOLE MESSAGE: Not allowed to use restricted network port: http://localhost:25/security/resources/post-done.html
+CONSOLE MESSAGE: Not allowed to use restricted network port 25: http://localhost:25/security/resources/post-done.html
http://127.0.0.1:8000/resources/redirect.php?code=307&url="" - didFailLoadingWithError: <NSError domain WebKitErrorDomain, code 103, failing URL "http://localhost:25/security/resources/post-done.html">
This test produces output in the console. Only the initial URL should be logged.
Modified: branches/safari-611-branch/Source/WebCore/ChangeLog (276401 => 276402)
--- branches/safari-611-branch/Source/WebCore/ChangeLog 2021-04-21 23:39:17 UTC (rev 276401)
+++ branches/safari-611-branch/Source/WebCore/ChangeLog 2021-04-21 23:39:26 UTC (rev 276402)
@@ -1,3 +1,135 @@
+2021-04-21 Ruben Turcios <[email protected]>
+
+ Cherry-pick r276193. rdar://problem/76962916
+
+ Perform port blocking earlier in the load
+ https://bugs.webkit.org/show_bug.cgi?id=224525
+ <rdar://problem/75440591>
+
+ Reviewed by Darin Adler.
+
+ Source/WebCore:
+
+ WebKit blocks loads to URLs with any of the prohibited ports defined in
+ the engine. This blocking happens late in the load process, allowing
+ connections to be made (and observed). Instead, we should stop the load
+ early, at the same time we perform other checks.
+
+ Test: http/tests/security/form-blocked-port.html
+
+ * html/HTMLMediaElement.cpp:
+ (WebCore::HTMLMediaElement::isSafeToLoadURL): Add a check for prohibited ports,
+ and block (with relevant logging) if a load to a denied port is attempted.
+ * loader/DocumentLoader.cpp:
+ (WebCore::DocumentLoader::willSendRequest): Ditto.
+ * loader/FrameLoader.cpp:
+ (WebCore::FrameLoader::loadFrameRequest): Ditto.
+ (WebCore::FrameLoader::reportBlockedLoadFailed): Ditto.
+ * loader/FrameLoader.h:
+ * loader/PingLoader.cpp:
+ (WebCore::PingLoader::loadImage): Ditto.
+ * loader/ResourceLoader.cpp:
+ (WebCore::ResourceLoader::init): Ditto.
+ * loader/SubframeLoader.cpp:
+ (WebCore::FrameLoader::SubframeLoader::pluginIsLoadable): Ditto.
+ (WebCore::FrameLoader::SubframeLoader::loadSubframe): Ditto.
+ * loader/cache/CachedResourceLoader.cpp:
+ (WebCore::CachedResourceLoader::canRequest): Ditto.
+ (WebCore::CachedResourceLoader::canRequestAfterRedirection const): Ditto.
+
+ Tools:
+
+ Update URLScheme test to use a non-prohibited port for the test. Tests of
+ failed fetches are already handled in WPT and other tests, so using a valid
+ port here should continue to be a valid test.
+
+ * TestWebKitAPI/Tests/WebKitCocoa/WKURLSchemeHandler-1.mm:
+ (-[FrameSchemeHandler webView:startURLSchemeTask:]): Use allowed port or the test
+ instead of 123.
+
+ LayoutTests:
+
+ WebKit blocks loads to URLs with any of the prohibited ports defined in
+ the engine. This blocking happens late in the load process, allowing
+ connections to be made (and observed). Instead, we should stop the load
+ early, at the same time we perform other checks.
+
+ Note: The fact that we now block loads earlier means that we do not fire
+ 'willSendRequestForFrame' for blocked ports, so WebKitTestRunner no longer
+ outputs a message to stdout. Those errors are reported in the JS console,
+ but since some test paths are specified to always output JS console messages
+ to stderrr (for example the WPT tests), we have to revise out test expectations
+ for a few cases.
+
+ * fast/loader/cancel-load-during-port-block-timer.html: Revised expectation to reflect new console error message.
+ * http/tests/cache/cancel-during-failure-crash-expected.txt: Ditto.
+ * http/tests/preload/download_resources_from_invalid_headers-expected.txt: Update to reflect a preflight is not executed
+ for a blocked port.
+ * http/tests/preload/resources/nph-invalid_resources_from_header.pl: Update to reflect that we do not preload
+ from restricted ports.
+ * http/tests/security/blocked-on-redirect-expected.txt: Revised expectation to match revised error message.
+ * http/tests/security/form-blocked-port.html: Added.
+ * http/tests/security/form-blocked-port-expected.txt: Added.
+ * http/tests/xmlhttprequest/cross-origin-redirect-responseURL-expected.txt: Revised expectation for revised error message.
+ * http/tests/xmlhttprequest/redirect-cross-origin-2-expected.txt: Ditto.
+ * http/tests/xmlhttprequest/redirect-cross-origin-expected.txt: Ditto.
+ * http/tests/xmlhttprequest/simple-cross-origin-denied-events.html: Instead of using a port WebKit blocks (7), use one that
+ is not blocked but is unlikely to be active (as originally intended). This retains the expected test behavior since we now
+ block loads to restricted ports earlier in the load process.
+ * http/tests/xmlhttprequest/simple-cross-origin-denied-events-post.html: Ditto.
+ * http/tests/xmlhttprequest/simple-cross-origin-denied-events-post-expected.txt: Update test output to reflect that we
+ are attempting to load from port 8 instead of port 7.
+ * http/wpt/beacon/beacon-async-error-logging-expected.txt: Ditto.
+ * http/wpt/beacon/beacon-async-error-logging.html: Update to reflect a preflight is not executed
+ for a blocked port.
+ * imported/w3c/web-platform-tests/fetch/api/request/request-bad-port.any-expected.txt: Since we block before executing the load,
+ TestRunner no longer outputs an error message to stdout. Instead, they appear in stderr (since all 'wpt' tests are marked
+ to dump console.log output to stderr).
+ * imported/w3c/web-platform-tests/fetch/api/request/request-bad-port.any.worker-expected.txt: Ditto.
+ * platform/mac-wk1/http/tests/xmlhttprequest/redirect-cross-origin-post-expected.txt: Revise to reflect change in console
+ logging (the functional test results are identical).
+ * platform/mac-wk1/http/tests/xmlhttprequest/simple-cross-origin-denied-events-post-expected.txt: Ditto.
+ * platform/win/http/tests/xmlhttprequest/redirect-cross-origin-post-expected.txt: Ditto.
+ * platform/win/http/tests/xmlhttprequest/simple-cross-origin-denied-events-post-expected.txt: Ditto.
+ * platform/wk2/http/tests/security/blocked-on-redirect-expected.txt: Ditto.
+
+ git-svn-id: https://svn.webkit.org/repository/webkit/trunk@276193 268f45cc-cd09-0410-ab3c-d52691b4dbfc
+
+ 2021-04-16 Brent Fulgham <[email protected]>
+
+ Perform port blocking earlier in the load
+ https://bugs.webkit.org/show_bug.cgi?id=224525
+ <rdar://problem/75440591>
+
+ Reviewed by Darin Adler.
+
+ WebKit blocks loads to URLs with any of the prohibited ports defined in
+ the engine. This blocking happens late in the load process, allowing
+ connections to be made (and observed). Instead, we should stop the load
+ early, at the same time we perform other checks.
+
+ Test: http/tests/security/form-blocked-port.html
+
+ * html/HTMLMediaElement.cpp:
+ (WebCore::HTMLMediaElement::isSafeToLoadURL): Add a check for prohibited ports,
+ and block (with relevant logging) if a load to a denied port is attempted.
+ * loader/DocumentLoader.cpp:
+ (WebCore::DocumentLoader::willSendRequest): Ditto.
+ * loader/FrameLoader.cpp:
+ (WebCore::FrameLoader::loadFrameRequest): Ditto.
+ (WebCore::FrameLoader::reportBlockedLoadFailed): Ditto.
+ * loader/FrameLoader.h:
+ * loader/PingLoader.cpp:
+ (WebCore::PingLoader::loadImage): Ditto.
+ * loader/ResourceLoader.cpp:
+ (WebCore::ResourceLoader::init): Ditto.
+ * loader/SubframeLoader.cpp:
+ (WebCore::FrameLoader::SubframeLoader::pluginIsLoadable): Ditto.
+ (WebCore::FrameLoader::SubframeLoader::loadSubframe): Ditto.
+ * loader/cache/CachedResourceLoader.cpp:
+ (WebCore::CachedResourceLoader::canRequest): Ditto.
+ (WebCore::CachedResourceLoader::canRequestAfterRedirection const): Ditto.
+
2021-04-21 Alan Coon <[email protected]>
Cherry-pick r274064. rdar://problem/76962988
Modified: branches/safari-611-branch/Source/WebCore/html/HTMLMediaElement.cpp (276401 => 276402)
--- branches/safari-611-branch/Source/WebCore/html/HTMLMediaElement.cpp 2021-04-21 23:39:17 UTC (rev 276401)
+++ branches/safari-611-branch/Source/WebCore/html/HTMLMediaElement.cpp 2021-04-21 23:39:26 UTC (rev 276402)
@@ -1973,6 +1973,15 @@
return false;
}
+ if (!portAllowed(url)) {
+ if (actionIfInvalid == Complain) {
+ if (frame)
+ FrameLoader::reportBlockedLoadFailed(*frame, url);
+ ERROR_LOG(LOGIDENTIFIER, url , " was rejected because the port is not allowed");
+ }
+ return false;
+ }
+
if (!isAllowedToLoadMediaURL(*this, url, isInUserAgentShadowTree())) {
ERROR_LOG(LOGIDENTIFIER, url, " was rejected by Content Security Policy");
return false;
Modified: branches/safari-611-branch/Source/WebCore/loader/DocumentLoader.cpp (276401 => 276402)
--- branches/safari-611-branch/Source/WebCore/loader/DocumentLoader.cpp 2021-04-21 23:39:17 UTC (rev 276401)
+++ branches/safari-611-branch/Source/WebCore/loader/DocumentLoader.cpp 2021-04-21 23:39:26 UTC (rev 276402)
@@ -627,9 +627,8 @@
return completionHandler(WTFMove(newRequest));
}
if (!portAllowed(newRequest.url())) {
- RELEASE_LOG_IF_ALLOWED("willSendRequest: canceling - port not allowed");
- if (m_frame)
- m_frame->document()->addConsoleMessage(MessageSource::Security, MessageLevel::Error, "Not allowed to use restricted network port: " + newRequest.url().string());
+ RELEASE_LOG_IF_ALLOWED("willSendRequest: canceling - redirecting to a URL with a blocked port");
+ FrameLoader::reportBlockedLoadFailed(*m_frame, newRequest.url());
cancelMainResourceLoad(frameLoader()->blockedError(newRequest));
return completionHandler(WTFMove(newRequest));
}
Modified: branches/safari-611-branch/Source/WebCore/loader/FrameLoader.cpp (276401 => 276402)
--- branches/safari-611-branch/Source/WebCore/loader/FrameLoader.cpp 2021-04-21 23:39:17 UTC (rev 276401)
+++ branches/safari-611-branch/Source/WebCore/loader/FrameLoader.cpp 2021-04-21 23:39:26 UTC (rev 276402)
@@ -1226,10 +1226,17 @@
ASSERT(m_frame.document());
if (!request.requesterSecurityOrigin().canDisplay(url)) {
+ FRAMELOADER_RELEASE_LOG_IF_ALLOWED(ResourceLoading, "loadFrameRequest: canceling - Not allowed to load local resource");
reportLocalLoadFailed(&m_frame, url.stringCenterEllipsizedToLength());
return;
}
+ if (!portAllowed(url)) {
+ FRAMELOADER_RELEASE_LOG_IF_ALLOWED(ResourceLoading, "loadFrameRequest: canceling - port not allowed");
+ reportBlockedLoadFailed(m_frame, url);
+ return;
+ }
+
String argsReferrer = request.resourceRequest().httpReferrer();
if (argsReferrer.isEmpty())
argsReferrer = outgoingReferrer();
@@ -1644,6 +1651,13 @@
return activeDocumentLoader()->originalRequest();
}
+void FrameLoader::reportBlockedLoadFailed(Frame& frame, const URL& url)
+{
+ ASSERT(!url.isEmpty());
+ auto message = makeString("Not allowed to use restricted network port ", url.port().value(), ": ", url.stringCenterEllipsizedToLength());
+ frame.document()->addConsoleMessage(MessageSource::Security, MessageLevel::Error, message);
+}
+
bool FrameLoader::willLoadMediaElementURL(URL& url, Node& initiatorNode)
{
#if PLATFORM(IOS_FAMILY)
Modified: branches/safari-611-branch/Source/WebCore/loader/FrameLoader.h (276401 => 276402)
--- branches/safari-611-branch/Source/WebCore/loader/FrameLoader.h 2021-04-21 23:39:17 UTC (rev 276401)
+++ branches/safari-611-branch/Source/WebCore/loader/FrameLoader.h 2021-04-21 23:39:26 UTC (rev 276402)
@@ -141,6 +141,7 @@
void retryAfterFailedCacheOnlyMainResourceLoad();
static void reportLocalLoadFailed(Frame*, const String& url);
+ static void reportBlockedLoadFailed(Frame&, const URL&);
// FIXME: These are all functions which stop loads. We have too many.
void stopAllLoadersAndCheckCompleteness();
Modified: branches/safari-611-branch/Source/WebCore/loader/PingLoader.cpp (276401 => 276402)
--- branches/safari-611-branch/Source/WebCore/loader/PingLoader.cpp 2021-04-21 23:39:17 UTC (rev 276401)
+++ branches/safari-611-branch/Source/WebCore/loader/PingLoader.cpp 2021-04-21 23:39:26 UTC (rev 276402)
@@ -90,6 +90,11 @@
return;
}
+ if (!portAllowed(url)) {
+ FrameLoader::reportBlockedLoadFailed(frame, url);
+ return;
+ }
+
ResourceRequest request(url);
#if ENABLE(CONTENT_EXTENSIONS)
if (processContentRuleListsForLoad(frame, request, ContentExtensions::ResourceType::Image))
Modified: branches/safari-611-branch/Source/WebCore/loader/ResourceLoader.cpp (276401 => 276402)
--- branches/safari-611-branch/Source/WebCore/loader/ResourceLoader.cpp 2021-04-21 23:39:17 UTC (rev 276401)
+++ branches/safari-611-branch/Source/WebCore/loader/ResourceLoader.cpp 2021-04-21 23:39:26 UTC (rev 276402)
@@ -143,6 +143,13 @@
return completionHandler(false);
}
+ if (!portAllowed(clientRequest.url())) {
+ RELEASE_LOG_IF_ALLOWED("init: Cancelling load to a blocked port.");
+ FrameLoader::reportBlockedLoadFailed(*m_frame, clientRequest.url());
+ releaseResources();
+ return completionHandler(false);
+ }
+
// The various plug-in implementations call directly to ResourceLoader::load() instead of piping requests
// through FrameLoader. As a result, they miss the FrameLoader::addExtraFieldsToRequest() step which sets
// up the 1st party for cookies URL and Same-Site info. Until plug-in implementations can be reigned in
Modified: branches/safari-611-branch/Source/WebCore/loader/SubframeLoader.cpp (276401 => 276402)
--- branches/safari-611-branch/Source/WebCore/loader/SubframeLoader.cpp 2021-04-21 23:39:17 UTC (rev 276401)
+++ branches/safari-611-branch/Source/WebCore/loader/SubframeLoader.cpp 2021-04-21 23:39:26 UTC (rev 276402)
@@ -140,6 +140,11 @@
return false;
}
+ if (!portAllowed(url)) {
+ FrameLoader::reportBlockedLoadFailed(m_frame, url);
+ return false;
+ }
+
if (!MixedContentChecker::canRunInsecureContent(m_frame, document->securityOrigin(), url))
return false;
}
@@ -263,6 +268,11 @@
return nullptr;
}
+ if (!portAllowed(url)) {
+ FrameLoader::reportBlockedLoadFailed(m_frame, url);
+ return nullptr;
+ }
+
if (!SubframeLoadingDisabler::canLoadFrame(ownerElement))
return nullptr;
Modified: branches/safari-611-branch/Source/WebCore/loader/SubresourceLoader.cpp (276401 => 276402)
--- branches/safari-611-branch/Source/WebCore/loader/SubresourceLoader.cpp 2021-04-21 23:39:17 UTC (rev 276401)
+++ branches/safari-611-branch/Source/WebCore/loader/SubresourceLoader.cpp 2021-04-21 23:39:26 UTC (rev 276402)
@@ -280,6 +280,14 @@
return completionHandler(WTFMove(newRequest));
}
+ if (!portAllowed(newRequest.url())) {
+ RELEASE_LOG_IF_ALLOWED("willSendRequestInternal: resource load (redirect) canceled because it attempted to use a blocked port");
+ if (m_frame)
+ FrameLoader::reportBlockedLoadFailed(*m_frame, newRequest.url());
+ cancel(frameLoader()->blockedError(newRequest));
+ return completionHandler(WTFMove(newRequest));
+ }
+
auto accessControlCheckResult = checkRedirectionCrossOriginAccessControl(request(), redirectResponse, newRequest);
if (!accessControlCheckResult) {
auto errorMessage = makeString("Cross-origin redirection to ", newRequest.url().string(), " denied by Cross-Origin Resource Sharing policy: ", accessControlCheckResult.error());
Modified: branches/safari-611-branch/Source/WebCore/loader/cache/CachedResourceLoader.cpp (276401 => 276402)
--- branches/safari-611-branch/Source/WebCore/loader/cache/CachedResourceLoader.cpp 2021-04-21 23:39:17 UTC (rev 276401)
+++ branches/safari-611-branch/Source/WebCore/loader/cache/CachedResourceLoader.cpp 2021-04-21 23:39:26 UTC (rev 276402)
@@ -864,6 +864,13 @@
return makeUnexpected(ResourceError { errorDomainWebKitInternal, 0, url, "Not allowed to request resource"_s, ResourceError::Type::AccessControl });
}
+ if (!portAllowed(url)) {
+ if (forPreload == ForPreload::No)
+ FrameLoader::reportBlockedLoadFailed(frame, url);
+ RELEASE_LOG_IF_ALLOWED_WITH_FRAME("CachedResourceLoader::requestResource URL has a blocked port", frame);
+ return makeUnexpected(frame.loader().blockedError(request.resourceRequest()));
+ }
+
request.updateReferrerPolicy(document() ? document()->referrerPolicy() : ReferrerPolicy::NoReferrerWhenDowngrade);
if (InspectorInstrumentation::willIntercept(&frame, request.resourceRequest()))
Modified: branches/safari-611-branch/Tools/ChangeLog (276401 => 276402)
--- branches/safari-611-branch/Tools/ChangeLog 2021-04-21 23:39:17 UTC (rev 276401)
+++ branches/safari-611-branch/Tools/ChangeLog 2021-04-21 23:39:26 UTC (rev 276402)
@@ -1,5 +1,118 @@
2021-04-21 Ruben Turcios <[email protected]>
+ Cherry-pick r276193. rdar://problem/76962916
+
+ Perform port blocking earlier in the load
+ https://bugs.webkit.org/show_bug.cgi?id=224525
+ <rdar://problem/75440591>
+
+ Reviewed by Darin Adler.
+
+ Source/WebCore:
+
+ WebKit blocks loads to URLs with any of the prohibited ports defined in
+ the engine. This blocking happens late in the load process, allowing
+ connections to be made (and observed). Instead, we should stop the load
+ early, at the same time we perform other checks.
+
+ Test: http/tests/security/form-blocked-port.html
+
+ * html/HTMLMediaElement.cpp:
+ (WebCore::HTMLMediaElement::isSafeToLoadURL): Add a check for prohibited ports,
+ and block (with relevant logging) if a load to a denied port is attempted.
+ * loader/DocumentLoader.cpp:
+ (WebCore::DocumentLoader::willSendRequest): Ditto.
+ * loader/FrameLoader.cpp:
+ (WebCore::FrameLoader::loadFrameRequest): Ditto.
+ (WebCore::FrameLoader::reportBlockedLoadFailed): Ditto.
+ * loader/FrameLoader.h:
+ * loader/PingLoader.cpp:
+ (WebCore::PingLoader::loadImage): Ditto.
+ * loader/ResourceLoader.cpp:
+ (WebCore::ResourceLoader::init): Ditto.
+ * loader/SubframeLoader.cpp:
+ (WebCore::FrameLoader::SubframeLoader::pluginIsLoadable): Ditto.
+ (WebCore::FrameLoader::SubframeLoader::loadSubframe): Ditto.
+ * loader/cache/CachedResourceLoader.cpp:
+ (WebCore::CachedResourceLoader::canRequest): Ditto.
+ (WebCore::CachedResourceLoader::canRequestAfterRedirection const): Ditto.
+
+ Tools:
+
+ Update URLScheme test to use a non-prohibited port for the test. Tests of
+ failed fetches are already handled in WPT and other tests, so using a valid
+ port here should continue to be a valid test.
+
+ * TestWebKitAPI/Tests/WebKitCocoa/WKURLSchemeHandler-1.mm:
+ (-[FrameSchemeHandler webView:startURLSchemeTask:]): Use allowed port or the test
+ instead of 123.
+
+ LayoutTests:
+
+ WebKit blocks loads to URLs with any of the prohibited ports defined in
+ the engine. This blocking happens late in the load process, allowing
+ connections to be made (and observed). Instead, we should stop the load
+ early, at the same time we perform other checks.
+
+ Note: The fact that we now block loads earlier means that we do not fire
+ 'willSendRequestForFrame' for blocked ports, so WebKitTestRunner no longer
+ outputs a message to stdout. Those errors are reported in the JS console,
+ but since some test paths are specified to always output JS console messages
+ to stderrr (for example the WPT tests), we have to revise out test expectations
+ for a few cases.
+
+ * fast/loader/cancel-load-during-port-block-timer.html: Revised expectation to reflect new console error message.
+ * http/tests/cache/cancel-during-failure-crash-expected.txt: Ditto.
+ * http/tests/preload/download_resources_from_invalid_headers-expected.txt: Update to reflect a preflight is not executed
+ for a blocked port.
+ * http/tests/preload/resources/nph-invalid_resources_from_header.pl: Update to reflect that we do not preload
+ from restricted ports.
+ * http/tests/security/blocked-on-redirect-expected.txt: Revised expectation to match revised error message.
+ * http/tests/security/form-blocked-port.html: Added.
+ * http/tests/security/form-blocked-port-expected.txt: Added.
+ * http/tests/xmlhttprequest/cross-origin-redirect-responseURL-expected.txt: Revised expectation for revised error message.
+ * http/tests/xmlhttprequest/redirect-cross-origin-2-expected.txt: Ditto.
+ * http/tests/xmlhttprequest/redirect-cross-origin-expected.txt: Ditto.
+ * http/tests/xmlhttprequest/simple-cross-origin-denied-events.html: Instead of using a port WebKit blocks (7), use one that
+ is not blocked but is unlikely to be active (as originally intended). This retains the expected test behavior since we now
+ block loads to restricted ports earlier in the load process.
+ * http/tests/xmlhttprequest/simple-cross-origin-denied-events-post.html: Ditto.
+ * http/tests/xmlhttprequest/simple-cross-origin-denied-events-post-expected.txt: Update test output to reflect that we
+ are attempting to load from port 8 instead of port 7.
+ * http/wpt/beacon/beacon-async-error-logging-expected.txt: Ditto.
+ * http/wpt/beacon/beacon-async-error-logging.html: Update to reflect a preflight is not executed
+ for a blocked port.
+ * imported/w3c/web-platform-tests/fetch/api/request/request-bad-port.any-expected.txt: Since we block before executing the load,
+ TestRunner no longer outputs an error message to stdout. Instead, they appear in stderr (since all 'wpt' tests are marked
+ to dump console.log output to stderr).
+ * imported/w3c/web-platform-tests/fetch/api/request/request-bad-port.any.worker-expected.txt: Ditto.
+ * platform/mac-wk1/http/tests/xmlhttprequest/redirect-cross-origin-post-expected.txt: Revise to reflect change in console
+ logging (the functional test results are identical).
+ * platform/mac-wk1/http/tests/xmlhttprequest/simple-cross-origin-denied-events-post-expected.txt: Ditto.
+ * platform/win/http/tests/xmlhttprequest/redirect-cross-origin-post-expected.txt: Ditto.
+ * platform/win/http/tests/xmlhttprequest/simple-cross-origin-denied-events-post-expected.txt: Ditto.
+ * platform/wk2/http/tests/security/blocked-on-redirect-expected.txt: Ditto.
+
+ git-svn-id: https://svn.webkit.org/repository/webkit/trunk@276193 268f45cc-cd09-0410-ab3c-d52691b4dbfc
+
+ 2021-04-16 Brent Fulgham <[email protected]>
+
+ Perform port blocking earlier in the load
+ https://bugs.webkit.org/show_bug.cgi?id=224525
+ <rdar://problem/75440591>
+
+ Reviewed by Darin Adler.
+
+ Update URLScheme test to use a non-prohibited port for the test. Tests of
+ failed fetches are already handled in WPT and other tests, so using a valid
+ port here should continue to be a valid test.
+
+ * TestWebKitAPI/Tests/WebKitCocoa/WKURLSchemeHandler-1.mm:
+ (-[FrameSchemeHandler webView:startURLSchemeTask:]): Use allowed port or the test
+ instead of 123.
+
+2021-04-21 Ruben Turcios <[email protected]>
+
Cherry-pick r275487. rdar://problem/76962948
REGRESSION(r267763) NetworkProcess never terminates
Modified: branches/safari-611-branch/Tools/TestWebKitAPI/Tests/WebKitCocoa/WKURLSchemeHandler-1.mm (276401 => 276402)
--- branches/safari-611-branch/Tools/TestWebKitAPI/Tests/WebKitCocoa/WKURLSchemeHandler-1.mm 2021-04-21 23:39:17 UTC (rev 276401)
+++ branches/safari-611-branch/Tools/TestWebKitAPI/Tests/WebKitCocoa/WKURLSchemeHandler-1.mm 2021-04-21 23:39:26 UTC (rev 276402)
@@ -1247,14 +1247,14 @@
switch (++_requestCount) {
case 1:
check(task, "frame://host1/main", true, "", "", "", 0);
- respond(task, "<iframe src=''></iframe>");
+ respond(task, "<iframe src=''></iframe>");
return;
case 2:
- check(task, "frame://host2:123/iframe", false, "", "frame", "host1", 0);
+ check(task, "frame://host2:1234/iframe", false, "", "frame", "host1", 0);
respond(task, "<script>fetch('subresource')</script>");
return;
case 3:
- check(task, "frame://host2:123/subresource", false, "frame://host2:123/iframe", "frame", "host2", 123);
+ check(task, "frame://host2:1234/subresource", false, "frame://host2:1234/iframe", "frame", "host2", 1234);
respond(task, "done!");
return;
}
