- Revision
- 283056
- Author
- [email protected]
- Date
- 2021-09-24 14:25:41 -0700 (Fri, 24 Sep 2021)
Log Message
Cherry-pick r281941. rdar://problem/83429618
[COOP] html/cross-origin-opener-policy/coop-navigate-same-origin-csp-sandbox.html WPT test is failing
https://bugs.webkit.org/show_bug.cgi?id=229716
Reviewed by Darin Adler.
LayoutTests/imported/w3c:
Rebaseline WPT test that is now passing.
* web-platform-tests/html/cross-origin-opener-policy/coop-navigate-same-origin-csp-sandbox-expected.txt:
Source/WebCore:
The COOP algorithm is relying on the response origin for some of the checks. We were computing the
response origin via `SecurityOrigin::create(response.url())`, which worked fine in most cases.
However, the response may contain a CSP header, which could set sandbox flags. If sandbox flags
are set, the response origin should be unique, not the origin of the response URL. This patch fixes
that.
No new tests, rebaselined existing WPT test.
* loader/DocumentLoader.cpp:
(WebCore::computeResponseOriginAndCOOP):
(WebCore::DocumentLoader::doCrossOriginOpenerHandlingOfResponse):
* loader/DocumentLoader.h:
(WebCore::DocumentLoader::contentSecurityPolicy const):
* loader/FrameLoader.cpp:
(WebCore::FrameLoader::didBeginDocument):
* page/csp/ContentSecurityPolicy.cpp:
(WebCore::ContentSecurityPolicy::copyStateFrom):
(WebCore::ContentSecurityPolicy::didReceiveHeaders):
* page/csp/ContentSecurityPolicy.h:
(WebCore::ContentSecurityPolicy::sandboxFlags const):
git-svn-id: https://svn.webkit.org/repository/webkit/trunk@281941 268f45cc-cd09-0410-ab3c-d52691b4dbfc
Modified Paths
Added Paths
Diff
Modified: branches/safari-612-branch/LayoutTests/imported/w3c/ChangeLog (283055 => 283056)
--- branches/safari-612-branch/LayoutTests/imported/w3c/ChangeLog 2021-09-24 21:19:00 UTC (rev 283055)
+++ branches/safari-612-branch/LayoutTests/imported/w3c/ChangeLog 2021-09-24 21:25:41 UTC (rev 283056)
@@ -1,3 +1,54 @@
+2021-09-24 Russell Epstein <[email protected]>
+
+ Cherry-pick r281941. rdar://problem/83429618
+
+ [COOP] html/cross-origin-opener-policy/coop-navigate-same-origin-csp-sandbox.html WPT test is failing
+ https://bugs.webkit.org/show_bug.cgi?id=229716
+
+ Reviewed by Darin Adler.
+
+ LayoutTests/imported/w3c:
+
+ Rebaseline WPT test that is now passing.
+
+ * web-platform-tests/html/cross-origin-opener-policy/coop-navigate-same-origin-csp-sandbox-expected.txt:
+
+ Source/WebCore:
+
+ The COOP algorithm is relying on the response origin for some of the checks. We were computing the
+ response origin via `SecurityOrigin::create(response.url())`, which worked fine in most cases.
+ However, the response may contain a CSP header, which could set sandbox flags. If sandbox flags
+ are set, the response origin should be unique, not the origin of the response URL. This patch fixes
+ that.
+
+ No new tests, rebaselined existing WPT test.
+
+ * loader/DocumentLoader.cpp:
+ (WebCore::computeResponseOriginAndCOOP):
+ (WebCore::DocumentLoader::doCrossOriginOpenerHandlingOfResponse):
+ * loader/DocumentLoader.h:
+ (WebCore::DocumentLoader::contentSecurityPolicy const):
+ * loader/FrameLoader.cpp:
+ (WebCore::FrameLoader::didBeginDocument):
+ * page/csp/ContentSecurityPolicy.cpp:
+ (WebCore::ContentSecurityPolicy::copyStateFrom):
+ (WebCore::ContentSecurityPolicy::didReceiveHeaders):
+ * page/csp/ContentSecurityPolicy.h:
+ (WebCore::ContentSecurityPolicy::sandboxFlags const):
+
+ git-svn-id: https://svn.webkit.org/repository/webkit/trunk@281941 268f45cc-cd09-0410-ab3c-d52691b4dbfc
+
+ 2021-09-02 Chris Dumez <[email protected]>
+
+ [COOP] html/cross-origin-opener-policy/coop-navigate-same-origin-csp-sandbox.html WPT test is failing
+ https://bugs.webkit.org/show_bug.cgi?id=229716
+
+ Reviewed by Darin Adler.
+
+ Rebaseline WPT test that is now passing.
+
+ * web-platform-tests/html/cross-origin-opener-policy/coop-navigate-same-origin-csp-sandbox-expected.txt:
+
2021-09-16 Russell Epstein <[email protected]>
Cherry-pick r282017. rdar://problem/83183644
Added: branches/safari-612-branch/LayoutTests/imported/w3c/web-platform-tests/html/cross-origin-opener-policy/coop-navigate-same-origin-csp-sandbox-expected.txt (0 => 283056)
--- branches/safari-612-branch/LayoutTests/imported/w3c/web-platform-tests/html/cross-origin-opener-policy/coop-navigate-same-origin-csp-sandbox-expected.txt (rev 0)
+++ branches/safari-612-branch/LayoutTests/imported/w3c/web-platform-tests/html/cross-origin-opener-policy/coop-navigate-same-origin-csp-sandbox-expected.txt 2021-09-24 21:25:41 UTC (rev 283056)
@@ -0,0 +1,3 @@
+
+PASS coop-navigate-same-origin-csp-sandbox
+
Modified: branches/safari-612-branch/Source/WebCore/ChangeLog (283055 => 283056)
--- branches/safari-612-branch/Source/WebCore/ChangeLog 2021-09-24 21:19:00 UTC (rev 283055)
+++ branches/safari-612-branch/Source/WebCore/ChangeLog 2021-09-24 21:25:41 UTC (rev 283056)
@@ -1,3 +1,71 @@
+2021-09-24 Russell Epstein <[email protected]>
+
+ Cherry-pick r281941. rdar://problem/83429618
+
+ [COOP] html/cross-origin-opener-policy/coop-navigate-same-origin-csp-sandbox.html WPT test is failing
+ https://bugs.webkit.org/show_bug.cgi?id=229716
+
+ Reviewed by Darin Adler.
+
+ LayoutTests/imported/w3c:
+
+ Rebaseline WPT test that is now passing.
+
+ * web-platform-tests/html/cross-origin-opener-policy/coop-navigate-same-origin-csp-sandbox-expected.txt:
+
+ Source/WebCore:
+
+ The COOP algorithm is relying on the response origin for some of the checks. We were computing the
+ response origin via `SecurityOrigin::create(response.url())`, which worked fine in most cases.
+ However, the response may contain a CSP header, which could set sandbox flags. If sandbox flags
+ are set, the response origin should be unique, not the origin of the response URL. This patch fixes
+ that.
+
+ No new tests, rebaselined existing WPT test.
+
+ * loader/DocumentLoader.cpp:
+ (WebCore::computeResponseOriginAndCOOP):
+ (WebCore::DocumentLoader::doCrossOriginOpenerHandlingOfResponse):
+ * loader/DocumentLoader.h:
+ (WebCore::DocumentLoader::contentSecurityPolicy const):
+ * loader/FrameLoader.cpp:
+ (WebCore::FrameLoader::didBeginDocument):
+ * page/csp/ContentSecurityPolicy.cpp:
+ (WebCore::ContentSecurityPolicy::copyStateFrom):
+ (WebCore::ContentSecurityPolicy::didReceiveHeaders):
+ * page/csp/ContentSecurityPolicy.h:
+ (WebCore::ContentSecurityPolicy::sandboxFlags const):
+
+ git-svn-id: https://svn.webkit.org/repository/webkit/trunk@281941 268f45cc-cd09-0410-ab3c-d52691b4dbfc
+
+ 2021-09-02 Chris Dumez <[email protected]>
+
+ [COOP] html/cross-origin-opener-policy/coop-navigate-same-origin-csp-sandbox.html WPT test is failing
+ https://bugs.webkit.org/show_bug.cgi?id=229716
+
+ Reviewed by Darin Adler.
+
+ The COOP algorithm is relying on the response origin for some of the checks. We were computing the
+ response origin via `SecurityOrigin::create(response.url())`, which worked fine in most cases.
+ However, the response may contain a CSP header, which could set sandbox flags. If sandbox flags
+ are set, the response origin should be unique, not the origin of the response URL. This patch fixes
+ that.
+
+ No new tests, rebaselined existing WPT test.
+
+ * loader/DocumentLoader.cpp:
+ (WebCore::computeResponseOriginAndCOOP):
+ (WebCore::DocumentLoader::doCrossOriginOpenerHandlingOfResponse):
+ * loader/DocumentLoader.h:
+ (WebCore::DocumentLoader::contentSecurityPolicy const):
+ * loader/FrameLoader.cpp:
+ (WebCore::FrameLoader::didBeginDocument):
+ * page/csp/ContentSecurityPolicy.cpp:
+ (WebCore::ContentSecurityPolicy::copyStateFrom):
+ (WebCore::ContentSecurityPolicy::didReceiveHeaders):
+ * page/csp/ContentSecurityPolicy.h:
+ (WebCore::ContentSecurityPolicy::sandboxFlags const):
+
2021-09-23 Russell Epstein <[email protected]>
Cherry-pick r281910. rdar://problem/83429926
Modified: branches/safari-612-branch/Source/WebCore/loader/DocumentLoader.h (283055 => 283056)
--- branches/safari-612-branch/Source/WebCore/loader/DocumentLoader.h 2021-09-24 21:19:00 UTC (rev 283055)
+++ branches/safari-612-branch/Source/WebCore/loader/DocumentLoader.h 2021-09-24 21:25:41 UTC (rev 283056)
@@ -423,6 +423,7 @@
bool lastNavigationWasAppInitiated() const { return m_lastNavigationWasAppInitiated; }
void setLastNavigationWasAppInitiated(bool lastNavigationWasAppInitiated) { m_lastNavigationWasAppInitiated = lastNavigationWasAppInitiated; }
+ ContentSecurityPolicy* contentSecurityPolicy() const { return m_contentSecurityPolicy.get(); }
CrossOriginOpenerPolicy crossOriginOpenerPolicy() const { return m_currentCoopEnforcementResult ? m_currentCoopEnforcementResult->crossOriginOpenerPolicy : CrossOriginOpenerPolicy { }; }
protected:
@@ -624,6 +625,7 @@
ShouldOpenExternalURLsPolicy m_shouldOpenExternalURLsPolicy { ShouldOpenExternalURLsPolicy::ShouldNotAllow };
std::unique_ptr<ApplicationCacheHost> m_applicationCacheHost;
+ std::unique_ptr<ContentSecurityPolicy> m_contentSecurityPolicy;
#if ENABLE(CONTENT_FILTERING)
std::unique_ptr<ContentFilter> m_contentFilter;
Modified: branches/safari-612-branch/Source/WebCore/loader/FrameLoader.cpp (283055 => 283056)
--- branches/safari-612-branch/Source/WebCore/loader/FrameLoader.cpp 2021-09-24 21:19:00 UTC (rev 283055)
+++ branches/safari-612-branch/Source/WebCore/loader/FrameLoader.cpp 2021-09-24 21:25:41 UTC (rev 283056)
@@ -749,7 +749,11 @@
if (!dnsPrefetchControl.isEmpty())
m_frame.document()->parseDNSPrefetchControlHeader(dnsPrefetchControl);
- m_frame.document()->contentSecurityPolicy()->didReceiveHeaders(ContentSecurityPolicyResponseHeaders(m_documentLoader->response()), referrer(), ContentSecurityPolicy::ReportParsingErrors::No);
+ // The DocumentLoader may have already parsed the CSP header to do some checks. If so, reuse the already parsed version instead of parsing again.
+ if (auto* contentSecurityPolicy = m_documentLoader->contentSecurityPolicy())
+ m_frame.document()->contentSecurityPolicy()->didReceiveHeaders(*contentSecurityPolicy, ContentSecurityPolicy::ReportParsingErrors::No);
+ else
+ m_frame.document()->contentSecurityPolicy()->didReceiveHeaders(ContentSecurityPolicyResponseHeaders(m_documentLoader->response()), referrer(), ContentSecurityPolicy::ReportParsingErrors::No);
if (m_frame.document()->url().protocolIsInHTTPFamily() || m_frame.document()->url().protocolIsBlob())
m_frame.document()->setCrossOriginEmbedderPolicy(obtainCrossOriginEmbedderPolicy(m_documentLoader->response(), *m_frame.document()));
Modified: branches/safari-612-branch/Source/WebCore/page/csp/ContentSecurityPolicy.cpp (283055 => 283056)
--- branches/safari-612-branch/Source/WebCore/page/csp/ContentSecurityPolicy.cpp 2021-09-24 21:19:00 UTC (rev 283055)
+++ branches/safari-612-branch/Source/WebCore/page/csp/ContentSecurityPolicy.cpp 2021-09-24 21:25:41 UTC (rev 283056)
@@ -173,6 +173,17 @@
m_httpStatusCode = headers.m_httpStatusCode;
}
+void ContentSecurityPolicy::didReceiveHeaders(const ContentSecurityPolicy& other, ReportParsingErrors reportParsingErrors)
+{
+ SetForScope<bool> isReportingEnabled(m_isReportingEnabled, reportParsingErrors == ReportParsingErrors::Yes);
+ for (auto& policy : other.m_policies)
+ didReceiveHeader(policy->header(), policy->headerType(), ContentSecurityPolicy::PolicyFrom::HTTPHeader, String { });
+ m_referrer = other.m_referrer;
+ m_httpStatusCode = other.m_httpStatusCode;
+ m_upgradeInsecureRequests = other.m_upgradeInsecureRequests;
+ m_insecureNavigationRequestsToUpgrade.add(other.m_insecureNavigationRequestsToUpgrade.begin(), other.m_insecureNavigationRequestsToUpgrade.end());
+}
+
void ContentSecurityPolicy::didReceiveHeader(const String& header, ContentSecurityPolicyHeaderType type, ContentSecurityPolicy::PolicyFrom policyFrom, String&& referrer, int httpStatusCode)
{
if (m_hasAPIPolicy)
Modified: branches/safari-612-branch/Source/WebCore/page/csp/ContentSecurityPolicy.h (283055 => 283056)
--- branches/safari-612-branch/Source/WebCore/page/csp/ContentSecurityPolicy.h 2021-09-24 21:19:00 UTC (rev 283055)
+++ branches/safari-612-branch/Source/WebCore/page/csp/ContentSecurityPolicy.h 2021-09-24 21:25:41 UTC (rev 283056)
@@ -84,6 +84,7 @@
WEBCORE_EXPORT ContentSecurityPolicyResponseHeaders responseHeaders() const;
enum ReportParsingErrors { No, Yes };
WEBCORE_EXPORT void didReceiveHeaders(const ContentSecurityPolicyResponseHeaders&, String&& referrer, ReportParsingErrors = ReportParsingErrors::Yes);
+ void didReceiveHeaders(const ContentSecurityPolicy&, ReportParsingErrors = ReportParsingErrors::Yes);
void didReceiveHeader(const String&, ContentSecurityPolicyHeaderType, ContentSecurityPolicy::PolicyFrom, String&& referrer, int httpStatusCode = 0);
bool allowScriptWithNonce(const String& nonce, bool overrideContentSecurityPolicy = false) const;
@@ -177,6 +178,8 @@
void setDocumentURL(URL& documentURL) { m_documentURL = documentURL; }
+ SandboxFlags sandboxFlags() const { return m_sandboxFlags; }
+
private:
void logToConsole(const String& message, const String& contextURL = String(), const WTF::OrdinalNumber& contextLine = WTF::OrdinalNumber::beforeFirst(), const WTF::OrdinalNumber& contextColumn = WTF::OrdinalNumber::beforeFirst(), JSC::JSGlobalObject* = nullptr) const;
void applyPolicyToScriptExecutionContext();
