Diff
Modified: branches/safari-612-branch/LayoutTests/ChangeLog (283921 => 283922)
--- branches/safari-612-branch/LayoutTests/ChangeLog 2021-10-11 19:17:10 UTC (rev 283921)
+++ branches/safari-612-branch/LayoutTests/ChangeLog 2021-10-11 19:30:19 UTC (rev 283922)
@@ -1,3 +1,17 @@
+2021-09-16 Chris Dumez <[email protected]>
+
+ Add violations reporting support for Cross-Origin-Embedder-Policy
+ https://bugs.webkit.org/show_bug.cgi?id=230269
+
+ Reviewed by Youenn Fablet.
+
+ * TestExpectations:
+ Unskip test that is now passing.
+
+ * http/wpt/service-workers/no-cors-css-worker.js:
+ (async doFetch):
+ Fix existing test now that I added support for Fetch destination="iframe".
+
2021-09-10 Chris Dumez <[email protected]>
Implement navigation reporting for Cross-Origin-Opener-Policy
Modified: branches/safari-612-branch/LayoutTests/TestExpectations (283921 => 283922)
--- branches/safari-612-branch/LayoutTests/TestExpectations 2021-10-11 19:17:10 UTC (rev 283921)
+++ branches/safari-612-branch/LayoutTests/TestExpectations 2021-10-11 19:30:19 UTC (rev 283922)
@@ -403,6 +403,7 @@
imported/w3c/web-platform-tests/html/browsers/sandboxing/sandbox-disallow-popups.html [ DumpJSConsoleLogInStdErr ]
imported/w3c/web-platform-tests/html/cross-origin-embedder-policy/anonymous-iframe/require-corp-embed-anonymous-iframe.tentative.https.html [ DumpJSConsoleLogInStdErr ]
imported/w3c/web-platform-tests/html/cross-origin-embedder-policy/blob.https.html [ DumpJSConsoleLogInStdErr ]
+imported/w3c/web-platform-tests/html/cross-origin-embedder-policy/reporting-to-endpoint.https.html [ DumpJSConsoleLogInStdErr ]
imported/w3c/web-platform-tests/html/cross-origin-opener-policy/navigate-to-aboutblank.https.html [ DumpJSConsoleLogInStdErr ]
imported/w3c/web-platform-tests/html/cross-origin-opener-policy/navigate-top-to-aboutblank.https.html [ DumpJSConsoleLogInStdErr ]
imported/w3c/web-platform-tests/html/cross-origin-opener-policy/reporting/navigation-reporting/reporting-coop-navigated-opener.https.html [ DumpJSConsoleLogInStdErr ]
@@ -730,8 +731,7 @@
# our layout tests. We maintain our own version of this test in http/wpt.
imported/w3c/web-platform-tests/html/cross-origin-embedder-policy/require-corp.https.html [ Skip ]
-# We do not support COEP reporting.
-imported/w3c/web-platform-tests/html/cross-origin-embedder-policy/reporting-to-endpoint.https.html [ Failure Pass ]
+# We do not support reporting JS API (https://www.w3.org/TR/reporting).
imported/w3c/web-platform-tests/html/cross-origin-embedder-policy/multi-globals/workers-coep-report.https.html [ Skip ]
# Newly imported WPT tests that are crashing.
Modified: branches/safari-612-branch/LayoutTests/http/wpt/service-workers/no-cors-css-worker.js (283921 => 283922)
--- branches/safari-612-branch/LayoutTests/http/wpt/service-workers/no-cors-css-worker.js 2021-10-11 19:17:10 UTC (rev 283921)
+++ branches/safari-612-branch/LayoutTests/http/wpt/service-workers/no-cors-css-worker.js 2021-10-11 19:30:19 UTC (rev 283922)
@@ -12,7 +12,7 @@
async function doFetch(event)
{
- if (event.request.destination === "document") {
+ if (event.request.destination === "document" || event.request.destination === "iframe") {
const link = event.request.url.substring(event.request.url.indexOf('?') + 1);
const style = 'font: 12px "ahem"';
event.respondWith(new Response("<!DOCTYPE html><html><header><link href='' rel='stylesheet' type='text/css'></header><body><div style='" + style + "'>test</div></body></html>",
Modified: branches/safari-612-branch/LayoutTests/imported/w3c/ChangeLog (283921 => 283922)
--- branches/safari-612-branch/LayoutTests/imported/w3c/ChangeLog 2021-10-11 19:17:10 UTC (rev 283921)
+++ branches/safari-612-branch/LayoutTests/imported/w3c/ChangeLog 2021-10-11 19:30:19 UTC (rev 283922)
@@ -1,3 +1,20 @@
+2021-09-16 Chris Dumez <[email protected]>
+
+ Add violations reporting support for Cross-Origin-Embedder-Policy
+ https://bugs.webkit.org/show_bug.cgi?id=230269
+
+ Reviewed by Youenn Fablet.
+
+ * web-platform-tests/fetch/api/request/destination/fetch-destination-iframe.https-expected.txt:
+ Rebaseline test that is passing now that we support Fetch destination="iframe".
+
+ * web-platform-tests/html/cross-origin-embedder-policy/reporting-to-endpoint.https-expected.txt:
+ Rebaseline test that is passing now that we support reporting for COEP violations.
+
+ * web-platform-tests/html/cross-origin-embedder-policy/reporting-to-endpoint.https.html.sub.headers:
+ Merge fix from https://github.com/web-platform-tests/wpt/pull/30785 so that the test can run within
+ the WebKit test infrastructure.
+
2021-09-10 Chris Dumez <[email protected]>
Implement navigation reporting for Cross-Origin-Opener-Policy
Modified: branches/safari-612-branch/LayoutTests/imported/w3c/web-platform-tests/fetch/api/request/destination/fetch-destination-iframe.https-expected.txt (283921 => 283922)
--- branches/safari-612-branch/LayoutTests/imported/w3c/web-platform-tests/fetch/api/request/destination/fetch-destination-iframe.https-expected.txt 2021-10-11 19:17:10 UTC (rev 283921)
+++ branches/safari-612-branch/LayoutTests/imported/w3c/web-platform-tests/fetch/api/request/destination/fetch-destination-iframe.https-expected.txt 2021-10-11 19:30:19 UTC (rev 283922)
@@ -1,5 +1,4 @@
-
PASS Initialize global state
-FAIL iframe fetches with a "iframe" Request.destination assert_unreached: Wrong destination. Reached unreachable code
+PASS iframe fetches with a "iframe" Request.destination
Modified: branches/safari-612-branch/LayoutTests/imported/w3c/web-platform-tests/html/cross-origin-embedder-policy/reporting-to-endpoint.https-expected.txt (283921 => 283922)
--- branches/safari-612-branch/LayoutTests/imported/w3c/web-platform-tests/html/cross-origin-embedder-policy/reporting-to-endpoint.https-expected.txt 2021-10-11 19:17:10 UTC (rev 283921)
+++ branches/safari-612-branch/LayoutTests/imported/w3c/web-platform-tests/html/cross-origin-embedder-policy/reporting-to-endpoint.https-expected.txt 2021-10-11 19:30:19 UTC (rev 283922)
@@ -1,11 +1,7 @@
-CONSOLE MESSAGE: Cancelled load to https://127.0.0.1:9443/common/text-plain.txt?5770c451-7494-433b-8c09-b31f6ee4ffc8 because it violates the resource's Cross-Origin-Resource-Policy response header.
-CONSOLE MESSAGE: Fetch API cannot load https://127.0.0.1:9443/common/text-plain.txt?5770c451-7494-433b-8c09-b31f6ee4ffc8 due to access control checks.
-CONSOLE MESSAGE: Refused to display 'https://127.0.0.1:9443/common/blank.html?61cf891c-f480-4336-8e40-08917296c4b1' in a frame because of Cross-Origin-Embedder-Policy.
-CONSOLE MESSAGE: Refused to display 'https://localhost:9443/common/blank.html?99e6eced-bb02-418a-b988-2339189a16a2' in a frame because of Cross-Origin-Embedder-Policy.
-CONSOLE MESSAGE: Refused to display 'https://localhost:9443/common/blank.html?03fa3aa7-2433-4e5d-af85-f3b4581de86a' in a frame because of Cross-Origin-Embedder-Policy.
-FAIL subresource CORP assert_unreached: A report whose blockedURL is https://127.0.0.1:9443/common/text-plain.txt?5770c451-7494-433b-8c09-b31f6ee4ffc8 and url is https://localhost:9443/html/cross-origin-embedder-policy/resources/reporting-empty-frame.html?pipe=header(cross-origin-embedder-policy,require-corp;report-to=%22endpoint%22)|header(cross-origin-embedder-policy-report-only,require-corp;report-to=%22report-only-endpoint%22) is not found. Reached unreachable code
-FAIL navigation CORP assert_unreached: A report whose blockedURL is https://127.0.0.1:9443/common/blank.html?61cf891c-f480-4336-8e40-08917296c4b1 and url is https://localhost:9443/html/cross-origin-embedder-policy/resources/reporting-empty-frame.html?pipe=header(cross-origin-embedder-policy,require-corp;report-to=%22endpoint%22)|header(cross-origin-embedder-policy-report-only,require-corp;report-to=%22report-only-endpoint%22) is not found. Reached unreachable code
-FAIL COEP violation on nested frame navigation assert_unreached: A report whose blockedURL is https://localhost:9443/common/blank.html?99e6eced-bb02-418a-b988-2339189a16a2 and url is https://localhost:9443/html/cross-origin-embedder-policy/resources/reporting-empty-frame.html?pipe=header(cross-origin-embedder-policy,require-corp;report-to=%22endpoint%22)|header(cross-origin-embedder-policy-report-only,require-corp;report-to=%22report-only-endpoint%22) is not found. Reached unreachable code
-FAIL Two COEP headers, split inside report-to value assert_unreached: A report whose blockedURL is https://localhost:9443/common/blank.html?03fa3aa7-2433-4e5d-af85-f3b4581de86a and url is https://localhost:9443/html/cross-origin-embedder-policy/resources/reporting-empty-frame-multiple-headers.html.asis is not found. Reached unreachable code
+PASS subresource CORP
+PASS navigation CORP
+PASS COEP violation on nested frame navigation
+PASS Two COEP headers, split inside report-to value
+FAIL Shared worker fetch promise_test: Unhandled rejection with value: object "TypeError: null is not an object (evaluating 'worker.port.start')"
Added: branches/safari-612-branch/LayoutTests/imported/w3c/web-platform-tests/html/cross-origin-embedder-policy/reporting-to-endpoint.https.html.headers (0 => 283922)
--- branches/safari-612-branch/LayoutTests/imported/w3c/web-platform-tests/html/cross-origin-embedder-policy/reporting-to-endpoint.https.html.headers (rev 0)
+++ branches/safari-612-branch/LayoutTests/imported/w3c/web-platform-tests/html/cross-origin-embedder-policy/reporting-to-endpoint.https.html.headers 2021-10-11 19:30:19 UTC (rev 283922)
@@ -0,0 +1 @@
+report-to: { "group": "endpoint", "max_age": 10886400, "endpoints": [{ "url": "/html/cross-origin-embedder-policy/resources/report.py?endpoint=endpoint" }] }, { "group": "report-only-endpoint", "max_age": 10886400, "endpoints": [{ "url": "/html/cross-origin-embedder-policy/resources/report.py?endpoint=report-only-endpoint" }] }
Deleted: branches/safari-612-branch/LayoutTests/imported/w3c/web-platform-tests/html/cross-origin-embedder-policy/reporting-to-endpoint.https.html.sub.headers (283921 => 283922)
--- branches/safari-612-branch/LayoutTests/imported/w3c/web-platform-tests/html/cross-origin-embedder-policy/reporting-to-endpoint.https.html.sub.headers 2021-10-11 19:17:10 UTC (rev 283921)
+++ branches/safari-612-branch/LayoutTests/imported/w3c/web-platform-tests/html/cross-origin-embedder-policy/reporting-to-endpoint.https.html.sub.headers 2021-10-11 19:30:19 UTC (rev 283922)
@@ -1 +0,0 @@
-report-to: { "group": "endpoint", "max_age": 10886400, "endpoints": [{ "url": "https://{{hosts[][www]}}:{{ports[https][0]}}/html/cross-origin-embedder-policy/resources/report.py?endpoint=endpoint" }] }, { "group": "report-only-endpoint", "max_age": 10886400, "endpoints": [{ "url": "https://{{hosts[][www]}}:{{ports[https][0]}}/html/cross-origin-embedder-policy/resources/report.py?endpoint=report-only-endpoint" }] }
Modified: branches/safari-612-branch/Source/WebCore/ChangeLog (283921 => 283922)
--- branches/safari-612-branch/Source/WebCore/ChangeLog 2021-10-11 19:17:10 UTC (rev 283921)
+++ branches/safari-612-branch/Source/WebCore/ChangeLog 2021-10-11 19:30:19 UTC (rev 283922)
@@ -1,3 +1,43 @@
+2021-09-16 Chris Dumez <[email protected]>
+
+ Add violations reporting support for Cross-Origin-Embedder-Policy
+ https://bugs.webkit.org/show_bug.cgi?id=230269
+
+ Reviewed by Youenn Fablet.
+
+ Add support for COEP inheritance violation reporting:
+ - https://html.spec.whatwg.org/multipage/origin.html#check-a-navigation-response's-adherence-to-its-embedder-policy
+ - https://html.spec.whatwg.org/multipage/origin.html#check-a-global-object's-embedder-policy
+ - https://html.spec.whatwg.org/multipage/origin.html#queue-a-cross-origin-embedder-policy-inheritance-violation
+
+ Add support for COEP CORP violation reporting:
+ - https://fetch.spec.whatwg.org/#cross-origin-resource-policy-check
+ - https://fetch.spec.whatwg.org/#queue-a-cross-origin-embedder-policy-corp-violation-report
+
+ Add support for Fetch destination="iframe" because the COEP test relied on it:
+ - https://fetch.spec.whatwg.org/#concept-request-destination
+
+ No new tests, rebaselined existing tests.
+
+ * Modules/fetch/FetchRequest.idl:
+ * loader/CrossOriginEmbedderPolicy.cpp:
+ (WebCore::contextURLForReport):
+ (WebCore::sendCOEPPolicyInheritenceViolation):
+ (WebCore::sendCOEPCORPViolation):
+ * loader/CrossOriginEmbedderPolicy.h:
+ * loader/CrossOriginOpenerPolicy.cpp:
+ (WebCore::sendViolationReportWhenNavigatingToCOOPResponse):
+ (WebCore::sendViolationReportWhenNavigatingAwayFromCOOPResponse):
+ * loader/FetchOptions.h:
+ (WebCore::isNonSubresourceRequest):
+ * loader/PingLoader.cpp:
+ (WebCore::PingLoader::sanitizeURLForReport):
+ (WebCore::PingLoader::sendReportToEndpoint):
+ * loader/PingLoader.h:
+ * loader/cache/CachedResourceLoader.cpp:
+ (WebCore::destinationForType):
+ (WebCore::CachedResourceLoader::requestResource):
+
2021-09-10 Chris Dumez <[email protected]>
Implement navigation reporting for Cross-Origin-Opener-Policy
Modified: branches/safari-612-branch/Source/WebCore/Modules/fetch/FetchRequest.idl (283921 => 283922)
--- branches/safari-612-branch/Source/WebCore/Modules/fetch/FetchRequest.idl 2021-10-11 19:17:10 UTC (rev 283921)
+++ branches/safari-612-branch/Source/WebCore/Modules/fetch/FetchRequest.idl 2021-10-11 19:30:19 UTC (rev 283922)
@@ -26,7 +26,7 @@
* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
-enum FetchRequestDestination { "", "audio", "audioworklet", "document", "embed", "font", "image", "manifest", "model", "object", "paintworklet", "report", "script", "serviceworker", "sharedworker", "style", "track", "video", "worker", "xslt" };
+enum FetchRequestDestination { "", "audio", "audioworklet", "document", "embed", "font", "image", "iframe", "manifest", "model", "object", "paintworklet", "report", "script", "serviceworker", "sharedworker", "style", "track", "video", "worker", "xslt" };
typedef (FetchRequest or USVString) RequestInfo;
Modified: branches/safari-612-branch/Source/WebCore/loader/CrossOriginEmbedderPolicy.cpp (283921 => 283922)
--- branches/safari-612-branch/Source/WebCore/loader/CrossOriginEmbedderPolicy.cpp 2021-10-11 19:17:10 UTC (rev 283921)
+++ branches/safari-612-branch/Source/WebCore/loader/CrossOriginEmbedderPolicy.cpp 2021-10-11 19:30:19 UTC (rev 283922)
@@ -28,6 +28,8 @@
#include "HTTPHeaderNames.h"
#include "HTTPParsers.h"
+#include "JSFetchRequest.h"
+#include "PingLoader.h"
#include "ResourceResponse.h"
#include "ScriptExecutionContext.h"
#include "SecurityOrigin.h"
@@ -34,6 +36,18 @@
namespace WebCore {
+static URL contextURLForReport(Frame& frame)
+{
+ auto reportURL = frame.document() ? frame.document()->url() : aboutBlankURL();
+ if (reportURL.isAboutBlank()) {
+ if (auto* parentFrame = frame.tree().parent(); parentFrame->document())
+ reportURL = parentFrame->document()->url();
+ else if (auto* openerFrame = frame.loader().opener(); openerFrame->document())
+ reportURL = openerFrame->document()->url();
+ }
+ return reportURL;
+}
+
// https://html.spec.whatwg.org/multipage/origin.html#obtain-an-embedder-policy
CrossOriginEmbedderPolicy obtainCrossOriginEmbedderPolicy(const ResourceResponse& response, const ScriptExecutionContext* context)
{
@@ -84,4 +98,27 @@
}
}
+// https://html.spec.whatwg.org/multipage/origin.html#queue-a-cross-origin-embedder-policy-inheritance-violation
+void sendCOEPPolicyInheritenceViolation(Frame& frame, const WebCore::SecurityOriginData& embedderOrigin, const String& endpoint, COEPDisposition disposition, const String& type, const URL& blockedURL)
+{
+ ASSERT(!endpoint.isEmpty());
+ PingLoader::sendReportToEndpoint(frame, embedderOrigin, endpoint, "coep"_s, contextURLForReport(frame), frame.loader().userAgent(blockedURL), [&](auto& body) {
+ body.setString("disposition"_s, disposition == COEPDisposition::Reporting ? "reporting"_s : "enforce"_s);
+ body.setString("type"_s, type);
+ body.setString("blockedURL"_s, PingLoader::sanitizeURLForReport(blockedURL));
+ });
+}
+
+// https://fetch.spec.whatwg.org/#queue-a-cross-origin-embedder-policy-corp-violation-report
+void sendCOEPCORPViolation(Frame& frame, const SecurityOriginData& embedderOrigin, const String& endpoint, COEPDisposition disposition, FetchOptions::Destination destination, const URL& blockedURL)
+{
+ ASSERT(!endpoint.isEmpty());
+ PingLoader::sendReportToEndpoint(frame, embedderOrigin, endpoint, "coep"_s, contextURLForReport(frame), frame.loader().userAgent(blockedURL), [&](auto& body) {
+ body.setString("disposition"_s, disposition == COEPDisposition::Reporting ? "reporting"_s : "enforce"_s);
+ body.setString("type"_s, "corp");
+ body.setString("blockedURL"_s, PingLoader::sanitizeURLForReport(blockedURL));
+ body.setString("destination"_s, convertEnumerationToString(destination));
+ });
+}
+
} // namespace WebCore
Modified: branches/safari-612-branch/Source/WebCore/loader/CrossOriginEmbedderPolicy.h (283921 => 283922)
--- branches/safari-612-branch/Source/WebCore/loader/CrossOriginEmbedderPolicy.h 2021-10-11 19:17:10 UTC (rev 283921)
+++ branches/safari-612-branch/Source/WebCore/loader/CrossOriginEmbedderPolicy.h 2021-10-11 19:30:19 UTC (rev 283922)
@@ -25,13 +25,17 @@
#pragma once
+#include "FetchOptions.h"
#include <wtf/text/WTFString.h>
namespace WebCore {
+class Frame;
class ResourceResponse;
class ScriptExecutionContext;
+struct SecurityOriginData;
+
// https://html.spec.whatwg.org/multipage/origin.html#embedder-policy-value
enum class CrossOriginEmbedderPolicyValue : bool {
UnsafeNone,
@@ -92,7 +96,11 @@
}};
}
+enum class COEPDisposition : bool { Reporting , Enforce };
+
WEBCORE_EXPORT CrossOriginEmbedderPolicy obtainCrossOriginEmbedderPolicy(const ResourceResponse&, const ScriptExecutionContext*);
WEBCORE_EXPORT void addCrossOriginEmbedderPolicyHeaders(ResourceResponse&, const CrossOriginEmbedderPolicy&);
+WEBCORE_EXPORT void sendCOEPPolicyInheritenceViolation(Frame&, const SecurityOriginData& embedderOrigin, const String& endpoint, COEPDisposition, const String& type, const URL& blockedURL);
+WEBCORE_EXPORT void sendCOEPCORPViolation(Frame&, const SecurityOriginData& embedderOrigin, const String& endpoint, COEPDisposition, FetchOptions::Destination, const URL& blockedURL);
} // namespace WebCore
Modified: branches/safari-612-branch/Source/WebCore/loader/CrossOriginOpenerPolicy.cpp (283921 => 283922)
--- branches/safari-612-branch/Source/WebCore/loader/CrossOriginOpenerPolicy.cpp 2021-10-11 19:17:10 UTC (rev 283921)
+++ branches/safari-612-branch/Source/WebCore/loader/CrossOriginOpenerPolicy.cpp 2021-10-11 19:30:19 UTC (rev 283922)
@@ -30,7 +30,6 @@
#include "HTTPHeaderNames.h"
#include "HTTPParsers.h"
#include "PingLoader.h"
-#include "ReportingEndpointsCache.h"
#include "ResourceResponse.h"
#include "ScriptExecutionContext.h"
#include <wtf/JSONValues.h>
@@ -37,15 +36,6 @@
namespace WebCore {
-// https://html.spec.whatwg.org/multipage/origin.html#sanitize-url-report
-static String sanitizeReferrerForURLReport(const URL& referrer)
-{
- URL sanitizedReferrer = referrer;
- sanitizedReferrer.removeCredentials();
- sanitizedReferrer.removeFragmentIdentifier();
- return sanitizedReferrer.string();
-}
-
static ASCIILiteral crossOriginOpenerPolicyToString(const CrossOriginOpenerPolicyValue& coop)
{
switch (coop) {
@@ -136,44 +126,17 @@
}
}
-// https://www.w3.org/TR/reporting/#try-delivery
-static void sendCOOPViolationReport(Frame& frame, CrossOriginOpenerPolicy coop, COOPDisposition disposition, const URL& coopURL, const SecurityOrigin& coopOrigin, const String& userAgent, Function<void(JSON::Object&)>&& populateBody)
+// https://html.spec.whatwg.org/multipage/origin.html#coop-violation-navigation-to
+void sendViolationReportWhenNavigatingToCOOPResponse(Frame& frame, CrossOriginOpenerPolicy coop, COOPDisposition disposition, const URL& coopURL, const URL& previousResponseURL, const SecurityOrigin& coopOrigin, const SecurityOrigin& previousResponseOrigin, const String& referrer, const String& userAgent)
{
- auto& reportingEndpoint = disposition == COOPDisposition::Reporting ? coop.reportOnlyReportingEndpoint : coop.reportingEndpoint;
- if (reportingEndpoint.isEmpty())
+ auto& endpoint = disposition == COOPDisposition::Reporting ? coop.reportOnlyReportingEndpoint : coop.reportingEndpoint;
+ if (endpoint.isEmpty())
return;
- auto reportingEndpointsCache = frame.page() ? frame.page()->reportingEndpointsCache() : nullptr;
- if (!reportingEndpointsCache)
- return;
- auto endpointURL = reportingEndpointsCache->endpointURL(coopOrigin.data(), reportingEndpoint);
- if (!endpointURL.isValid())
- return;
-
- auto body = JSON::Object::create();
- body->setString("disposition"_s, disposition == COOPDisposition::Reporting ? "reporting"_s : "enforce"_s);
- body->setString("effectivePolicy"_s, crossOriginOpenerPolicyValueToEffectivePolicyString(disposition == COOPDisposition::Reporting ? coop.reportOnlyValue : coop.value));
- populateBody(body);
-
- auto reportObject = JSON::Object::create();
- reportObject->setString("type"_s, "coop"_s);
- reportObject->setString("url"_s, coopURL.string());
- reportObject->setString("user_agent", userAgent);
- reportObject->setInteger("age", 0); // We currently do not delay sending the reports.
- reportObject->setObject("body"_s, WTFMove(body));
-
- auto reportList = JSON::Array::create();
- reportList->pushObject(reportObject);
-
- auto report = FormData::create(reportList->toJSONString().utf8());
- PingLoader::sendViolationReport(frame, endpointURL, WTFMove(report), ViolationReportType::StandardReportingAPIViolation);
-}
-
-// https://html.spec.whatwg.org/multipage/origin.html#coop-violation-navigation-to
-void sendViolationReportWhenNavigatingToCOOPResponse(Frame& frame, CrossOriginOpenerPolicy coop, COOPDisposition disposition, const URL& coopURL, const URL& previousResponseURL, const SecurityOrigin& coopOrigin, const SecurityOrigin& previousResponseOrigin, const String& referrer, const String& userAgent)
-{
- sendCOOPViolationReport(frame, coop, disposition, coopURL, coopOrigin, userAgent, [&](auto& body) {
- body.setString("previousResponseURL"_s, coopOrigin.isSameOriginAs(previousResponseOrigin) ? sanitizeReferrerForURLReport(previousResponseURL) : String());
+ PingLoader::sendReportToEndpoint(frame, coopOrigin.data(), endpoint, "coop"_s, coopURL, userAgent, [&](auto& body) {
+ body.setString("disposition"_s, disposition == COOPDisposition::Reporting ? "reporting"_s : "enforce"_s);
+ body.setString("effectivePolicy"_s, crossOriginOpenerPolicyValueToEffectivePolicyString(disposition == COOPDisposition::Reporting ? coop.reportOnlyValue : coop.value));
+ body.setString("previousResponseURL"_s, coopOrigin.isSameOriginAs(previousResponseOrigin) ? PingLoader::sanitizeURLForReport(previousResponseURL) : String());
body.setString("type"_s, "navigation-to-response"_s);
body.setString("referrer"_s, referrer);
});
@@ -182,8 +145,14 @@
// https://html.spec.whatwg.org/multipage/origin.html#coop-violation-navigation-from
void sendViolationReportWhenNavigatingAwayFromCOOPResponse(Frame& frame, CrossOriginOpenerPolicy coop, COOPDisposition disposition, const URL& coopURL, const URL& nextResponseURL, const SecurityOrigin& coopOrigin, const SecurityOrigin& nextResponseOrigin, bool isCOOPResponseNavigationSource, const String& userAgent)
{
- sendCOOPViolationReport(frame, coop, disposition, coopURL, coopOrigin, userAgent, [&](auto& body) {
- body.setString("nextResponseURL"_s, coopOrigin.isSameOriginAs(nextResponseOrigin) || isCOOPResponseNavigationSource ? sanitizeReferrerForURLReport(nextResponseURL) : String());
+ auto& endpoint = disposition == COOPDisposition::Reporting ? coop.reportOnlyReportingEndpoint : coop.reportingEndpoint;
+ if (endpoint.isEmpty())
+ return;
+
+ PingLoader::sendReportToEndpoint(frame, coopOrigin.data(), endpoint, "coop"_s, coopURL, userAgent, [&](auto& body) {
+ body.setString("disposition"_s, disposition == COOPDisposition::Reporting ? "reporting"_s : "enforce"_s);
+ body.setString("effectivePolicy"_s, crossOriginOpenerPolicyValueToEffectivePolicyString(disposition == COOPDisposition::Reporting ? coop.reportOnlyValue : coop.value));
+ body.setString("nextResponseURL"_s, coopOrigin.isSameOriginAs(nextResponseOrigin) || isCOOPResponseNavigationSource ? PingLoader::sanitizeURLForReport(nextResponseURL) : String());
body.setString("type"_s, "navigation-from-response"_s);
});
}
Modified: branches/safari-612-branch/Source/WebCore/loader/FetchOptions.h (283921 => 283922)
--- branches/safari-612-branch/Source/WebCore/loader/FetchOptions.h 2021-10-11 19:17:10 UTC (rev 283921)
+++ branches/safari-612-branch/Source/WebCore/loader/FetchOptions.h 2021-10-11 19:30:19 UTC (rev 283922)
@@ -36,7 +36,7 @@
namespace WebCore {
struct FetchOptions {
- enum class Destination : uint8_t { EmptyString, Audio, Audioworklet, Document, Embed, Font, Image, Manifest, Model, Object, Paintworklet, Report, Script, Serviceworker, Sharedworker, Style, Track, Video, Worker, Xslt };
+ enum class Destination : uint8_t { EmptyString, Audio, Audioworklet, Document, Embed, Font, Image, Iframe, Manifest, Model, Object, Paintworklet, Report, Script, Serviceworker, Sharedworker, Style, Track, Video, Worker, Xslt };
enum class Mode : uint8_t { Navigate, SameOrigin, NoCors, Cors };
enum class Credentials : uint8_t { Omit, SameOrigin, Include };
enum class Cache : uint8_t { Default, NoStore, Reload, NoCache, ForceCache, OnlyIfCached };
@@ -80,9 +80,11 @@
|| destination == FetchOptions::Destination::Embed;
}
+// https://fetch.spec.whatwg.org/#non-subresource-request
inline bool isNonSubresourceRequest(FetchOptions::Destination destination)
{
return destination == FetchOptions::Destination::Document
+ || destination == FetchOptions::Destination::Iframe
|| destination == FetchOptions::Destination::Report
|| destination == FetchOptions::Destination::Serviceworker
|| destination == FetchOptions::Destination::Sharedworker
@@ -112,6 +114,7 @@
WebCore::FetchOptions::Destination::Embed,
WebCore::FetchOptions::Destination::Font,
WebCore::FetchOptions::Destination::Image,
+ WebCore::FetchOptions::Destination::Iframe,
WebCore::FetchOptions::Destination::Manifest,
WebCore::FetchOptions::Destination::Model,
WebCore::FetchOptions::Destination::Object,
Modified: branches/safari-612-branch/Source/WebCore/loader/PingLoader.cpp (283921 => 283922)
--- branches/safari-612-branch/Source/WebCore/loader/PingLoader.cpp 2021-10-11 19:17:10 UTC (rev 283921)
+++ branches/safari-612-branch/Source/WebCore/loader/PingLoader.cpp 2021-10-11 19:30:19 UTC (rev 283922)
@@ -49,6 +49,7 @@
#include "Page.h"
#include "PlatformStrategies.h"
#include "ProgressTracker.h"
+#include "ReportingEndpointsCache.h"
#include "ResourceError.h"
#include "ResourceHandle.h"
#include "ResourceLoadInfo.h"
@@ -243,4 +244,42 @@
frame.document()->cachedResourceLoader().requestPingResource(WTFMove(cachedResourceRequest));
}
+// // https://html.spec.whatwg.org/multipage/origin.html#sanitize-url-report
+String PingLoader::sanitizeURLForReport(const URL& url)
+{
+ URL sanitizedURL = url;
+ sanitizedURL.removeCredentials();
+ sanitizedURL.removeFragmentIdentifier();
+ return sanitizedURL.string();
}
+
+// https://www.w3.org/TR/reporting/#try-delivery
+void PingLoader::sendReportToEndpoint(Frame& frame, const SecurityOriginData& origin, const String& endpoint, const String& type, const URL& reportURL, const String& userAgent, const Function<void(JSON::Object&)>& populateReportBody)
+{
+ ASSERT(!endpoint.isEmpty());
+ auto reportingEndpointsCache = frame.page() ? frame.page()->reportingEndpointsCache() : nullptr;
+ if (!reportingEndpointsCache)
+ return;
+ auto endpointURL = reportingEndpointsCache->endpointURL(origin, endpoint);
+ if (!endpointURL.isValid())
+ return;
+
+ auto body = JSON::Object::create();
+ populateReportBody(body);
+
+ auto reportObject = JSON::Object::create();
+ reportObject->setString("type"_s, type);
+ if (reportURL.isValid())
+ reportObject->setString("url"_s, reportURL.string());
+ reportObject->setString("user_agent", userAgent);
+ reportObject->setInteger("age", 0); // We currently do not delay sending the reports.
+ reportObject->setObject("body"_s, WTFMove(body));
+
+ auto reportList = JSON::Array::create();
+ reportList->pushObject(reportObject);
+
+ auto report = FormData::create(reportList->toJSONString().utf8());
+ sendViolationReport(frame, endpointURL, WTFMove(report), ViolationReportType::StandardReportingAPIViolation);
+}
+
+} // namespace WebCore
Modified: branches/safari-612-branch/Source/WebCore/loader/PingLoader.h (283921 => 283922)
--- branches/safari-612-branch/Source/WebCore/loader/PingLoader.h 2021-10-11 19:17:10 UTC (rev 283921)
+++ branches/safari-612-branch/Source/WebCore/loader/PingLoader.h 2021-10-11 19:30:19 UTC (rev 283922)
@@ -57,6 +57,9 @@
static void sendPing(Frame&, const URL& pingURL, const URL& destinationURL);
WEBCORE_EXPORT static void sendViolationReport(Frame&, const URL& reportURL, Ref<FormData>&& report, ViolationReportType);
+ static String sanitizeURLForReport(const URL&);
+ static void sendReportToEndpoint(Frame&, const SecurityOriginData&, const String& endpoint, const String& type, const URL& reportURL, const String& userAgent, const Function<void(JSON::Object&)>& populateReportBody);
+
private:
enum class ShouldFollowRedirects { No, Yes };
static void startPingLoad(Frame&, ResourceRequest&, HTTPHeaderMap&& originalRequestHeaders, ShouldFollowRedirects, ContentSecurityPolicyImposition, ReferrerPolicy, std::optional<ViolationReportType> = std::nullopt);
Modified: branches/safari-612-branch/Source/WebCore/loader/cache/CachedResourceLoader.cpp (283921 => 283922)
--- branches/safari-612-branch/Source/WebCore/loader/cache/CachedResourceLoader.cpp 2021-10-11 19:17:10 UTC (rev 283921)
+++ branches/safari-612-branch/Source/WebCore/loader/cache/CachedResourceLoader.cpp 2021-10-11 19:30:19 UTC (rev 283922)
@@ -795,10 +795,11 @@
request.updateAcceptEncodingHeader();
}
-static FetchOptions::Destination destinationForType(CachedResource::Type type)
+static FetchOptions::Destination destinationForType(CachedResource::Type type, Frame& frame)
{
switch (type) {
case CachedResource::Type::MainResource:
+ return frame.isMainFrame() ? FetchOptions::Destination::Document : FetchOptions::Destination::Iframe;
case CachedResource::Type::SVGDocumentResource:
return FetchOptions::Destination::Document;
case CachedResource::Type::ImageResource:
@@ -868,7 +869,7 @@
LOG(ResourceLoading, "CachedResourceLoader::requestResource '%.255s', charset '%s', priority=%d, forPreload=%u", url.stringCenterEllipsizedToLength().latin1().data(), request.charset().latin1().data(), request.priority() ? static_cast<int>(request.priority().value()) : -1, forPreload == ForPreload::Yes);
- request.setDestinationIfNotSet(destinationForType(type));
+ request.setDestinationIfNotSet(destinationForType(type, frame));
// Entry point to https://fetch.spec.whatwg.org/#main-fetch.
std::unique_ptr<ResourceRequest> originalRequest;
@@ -880,7 +881,7 @@
prepareFetch(type, request);
- if (request.options().destination == FetchOptions::Destination::Document) {
+ if (request.options().destination == FetchOptions::Destination::Document || request.options().destination == FetchOptions::Destination::Iframe) {
// FIXME: Identify HSTS cases and avoid adding the header. <https://bugs.webkit.org/show_bug.cgi?id=157885>
if (!url.protocolIs("https"))
request.resourceRequest().setHTTPHeaderField(HTTPHeaderName::UpgradeInsecureRequests, "1"_s);
Modified: branches/safari-612-branch/Source/WebKit/ChangeLog (283921 => 283922)
--- branches/safari-612-branch/Source/WebKit/ChangeLog 2021-10-11 19:17:10 UTC (rev 283921)
+++ branches/safari-612-branch/Source/WebKit/ChangeLog 2021-10-11 19:30:19 UTC (rev 283922)
@@ -1,3 +1,41 @@
+2021-09-16 Chris Dumez <[email protected]>
+
+ Add violations reporting support for Cross-Origin-Embedder-Policy
+ https://bugs.webkit.org/show_bug.cgi?id=230269
+
+ Reviewed by Youenn Fablet.
+
+ Add support for COEP inheritance violation reporting:
+ - https://html.spec.whatwg.org/multipage/origin.html#check-a-navigation-response's-adherence-to-its-embedder-policy
+ - https://html.spec.whatwg.org/multipage/origin.html#check-a-global-object's-embedder-policy
+ - https://html.spec.whatwg.org/multipage/origin.html#queue-a-cross-origin-embedder-policy-inheritance-violation
+
+ Add support for COEP CORP violation reporting:
+ - https://fetch.spec.whatwg.org/#cross-origin-resource-policy-check
+ - https://fetch.spec.whatwg.org/#queue-a-cross-origin-embedder-policy-corp-violation-report
+
+ Add support for Fetch destination="iframe" because the COEP test relied on it:
+ - https://fetch.spec.whatwg.org/#concept-request-destination
+
+ * NetworkProcess/NetworkLoadChecker.cpp:
+ (WebKit::performCORPCheck):
+ (WebKit::NetworkLoadChecker::validateResponse):
+ (WebKit::NetworkLoadChecker::isAllowedByContentSecurityPolicy):
+ * NetworkProcess/NetworkResourceLoader.cpp:
+ (WebKit::NetworkResourceLoader::resourceLoadInfo):
+ (WebKit::NetworkResourceLoader::shouldInterruptNavigationForCrossOriginEmbedderPolicy):
+ (WebKit::NetworkResourceLoader::shouldInterruptWorkerLoadForCrossOriginEmbedderPolicy):
+ (WebKit::NetworkResourceLoader::didReceiveResponse):
+ (WebKit::NetworkResourceLoader::willSendRedirectedRequest):
+ * NetworkProcess/NetworkResourceLoader.h:
+ * Scripts/webkit/messages.py:
+ (headers_for_type):
+ * WebProcess/WebPage/WebPage.cpp:
+ (WebKit::WebPage::sendCOEPPolicyInheritenceViolation):
+ (WebKit::WebPage::sendCOEPCORPViolation):
+ * WebProcess/WebPage/WebPage.h:
+ * WebProcess/WebPage/WebPage.messages.in:
+
2021-09-10 Chris Dumez <[email protected]>
Implement navigation reporting for Cross-Origin-Opener-Policy
Modified: branches/safari-612-branch/Source/WebKit/NetworkProcess/NetworkLoadChecker.cpp (283921 => 283922)
--- branches/safari-612-branch/Source/WebKit/NetworkProcess/NetworkLoadChecker.cpp 2021-10-11 19:17:10 UTC (rev 283921)
+++ branches/safari-612-branch/Source/WebKit/NetworkProcess/NetworkLoadChecker.cpp 2021-10-11 19:30:19 UTC (rev 283922)
@@ -32,6 +32,7 @@
#include "NetworkProcess.h"
#include "NetworkResourceLoader.h"
#include "NetworkSchemeRegistry.h"
+#include "WebPageMessages.h"
#include <WebCore/ContentRuleListResults.h>
#include <WebCore/ContentSecurityPolicy.h>
#include <WebCore/CrossOriginAccessControl.h>
@@ -158,6 +159,27 @@
});
}
+// https://fetch.spec.whatwg.org/#cross-origin-resource-policy-check
+static std::optional<ResourceError> performCORPCheck(const CrossOriginEmbedderPolicy& embedderCOEP, const SecurityOrigin& embedderOrigin, const URL& url, ResourceResponse& response, ForNavigation forNavigation, NetworkResourceLoader* loader)
+{
+ if (auto error = validateCrossOriginResourcePolicy(CrossOriginEmbedderPolicyValue::UnsafeNone, embedderOrigin, url, response, forNavigation))
+ return error;
+
+ if (embedderCOEP.reportOnlyValue == CrossOriginEmbedderPolicyValue::RequireCORP && !embedderCOEP.reportOnlyReportingEndpoint.isEmpty() && loader) {
+ if (auto error = validateCrossOriginResourcePolicy(embedderCOEP.reportOnlyValue, embedderOrigin, url, response, forNavigation))
+ loader->send(Messages::WebPage::SendCOEPCORPViolation { loader->frameID(), embedderOrigin.data(), embedderCOEP.reportOnlyReportingEndpoint, COEPDisposition::Reporting, loader->parameters().options.destination, loader->firstResponseURL() }, loader->pageID());
+ }
+
+ if (embedderCOEP.value == CrossOriginEmbedderPolicyValue::RequireCORP) {
+ if (auto error = validateCrossOriginResourcePolicy(embedderCOEP.value, embedderOrigin, url, response, forNavigation)) {
+ if (loader && !embedderCOEP.reportingEndpoint.isEmpty())
+ loader->send(Messages::WebPage::SendCOEPCORPViolation { loader->frameID(), embedderOrigin.data(), embedderCOEP.reportingEndpoint, COEPDisposition::Enforce, loader->parameters().options.destination, loader->firstResponseURL() }, loader->pageID());
+ return error;
+ }
+ }
+ return std::nullopt;
+}
+
ResourceError NetworkLoadChecker::validateResponse(const ResourceRequest& request, ResourceResponse& response)
{
if (m_redirectCount)
@@ -170,7 +192,7 @@
if (m_options.mode == FetchOptions::Mode::Navigate || m_isSameOriginRequest) {
if (m_options.mode == FetchOptions::Mode::Navigate && m_parentOrigin) {
- if (auto error = validateCrossOriginResourcePolicy(m_parentCrossOriginEmbedderPolicy.value, *m_parentOrigin, m_url, response, ForNavigation::Yes))
+ if (auto error = performCORPCheck(m_parentCrossOriginEmbedderPolicy, *m_parentOrigin, m_url, response, ForNavigation::Yes, m_networkResourceLoader.get()))
return WTFMove(*error);
}
response.setTainting(ResourceResponse::Tainting::Basic);
@@ -181,7 +203,7 @@
response.setAsRangeRequested();
if (m_options.mode == FetchOptions::Mode::NoCors) {
- if (auto error = validateCrossOriginResourcePolicy(m_crossOriginEmbedderPolicy.value, *m_origin, m_url, response, ForNavigation::No))
+ if (auto error = performCORPCheck(m_crossOriginEmbedderPolicy, *m_origin, m_url, response, ForNavigation::No, m_networkResourceLoader.get()))
return WTFMove(*error);
response.setTainting(ResourceResponse::Tainting::Opaque);
@@ -281,6 +303,7 @@
case FetchOptions::Destination::Embed:
case FetchOptions::Destination::Font:
case FetchOptions::Destination::Image:
+ case FetchOptions::Destination::Iframe:
case FetchOptions::Destination::Manifest:
case FetchOptions::Destination::Model:
case FetchOptions::Destination::Object:
Modified: branches/safari-612-branch/Source/WebKit/NetworkProcess/NetworkResourceLoader.cpp (283921 => 283922)
--- branches/safari-612-branch/Source/WebKit/NetworkProcess/NetworkResourceLoader.cpp 2021-10-11 19:17:10 UTC (rev 283921)
+++ branches/safari-612-branch/Source/WebKit/NetworkProcess/NetworkResourceLoader.cpp 2021-10-11 19:30:19 UTC (rev 283922)
@@ -394,6 +394,7 @@
case WebCore::FetchOptions::Destination::Audioworklet:
return ResourceLoadInfo::Type::Other;
case WebCore::FetchOptions::Destination::Document:
+ case WebCore::FetchOptions::Destination::Iframe:
return ResourceLoadInfo::Type::Document;
case WebCore::FetchOptions::Destination::Embed:
return ResourceLoadInfo::Type::Object;
@@ -604,30 +605,47 @@
ASSERT(isMainResource());
// https://html.spec.whatwg.org/multipage/origin.html#check-a-navigation-response's-adherence-to-its-embedder-policy
- if (m_parameters.parentCrossOriginEmbedderPolicy.value != WebCore::CrossOriginEmbedderPolicyValue::UnsafeNone && m_parameters.sourceOrigin) {
+ if (m_parameters.parentCrossOriginEmbedderPolicy.value == WebCore::CrossOriginEmbedderPolicyValue::RequireCORP || m_parameters.parentCrossOriginEmbedderPolicy.reportOnlyValue == WebCore::CrossOriginEmbedderPolicyValue::RequireCORP) {
auto responseCOEP = WebCore::obtainCrossOriginEmbedderPolicy(response, nullptr);
- if (responseCOEP.value != WebCore::CrossOriginEmbedderPolicyValue::RequireCORP) {
+ if (m_parameters.parentCrossOriginEmbedderPolicy.reportOnlyValue == WebCore::CrossOriginEmbedderPolicyValue::RequireCORP && responseCOEP.value != WebCore::CrossOriginEmbedderPolicyValue::RequireCORP) {
+ if (auto parentOrigin = m_parameters.parentOrigin(); parentOrigin && !m_parameters.parentCrossOriginEmbedderPolicy.reportOnlyReportingEndpoint.isEmpty())
+ send(Messages::WebPage::SendCOEPPolicyInheritenceViolation { m_parameters.webFrameID, parentOrigin->data(), m_parameters.parentCrossOriginEmbedderPolicy.reportOnlyReportingEndpoint, COEPDisposition::Reporting, "navigation"_s, m_firstResponseURL }, m_parameters.webPageID);
+ }
+
+ if (m_parameters.parentCrossOriginEmbedderPolicy.value != WebCore::CrossOriginEmbedderPolicyValue::UnsafeNone && responseCOEP.value != WebCore::CrossOriginEmbedderPolicyValue::RequireCORP) {
String errorMessage = makeString("Refused to display '", response.url().stringCenterEllipsizedToLength(), "' in a frame because of Cross-Origin-Embedder-Policy.");
send(Messages::WebPage::AddConsoleMessage { m_parameters.webFrameID, MessageSource::Security, MessageLevel::Error, errorMessage, coreIdentifier() }, m_parameters.webPageID);
+ if (auto parentOrigin = m_parameters.parentOrigin(); parentOrigin && !m_parameters.parentCrossOriginEmbedderPolicy.reportingEndpoint.isEmpty())
+ send(Messages::WebPage::SendCOEPPolicyInheritenceViolation { m_parameters.webFrameID, parentOrigin->data(), m_parameters.parentCrossOriginEmbedderPolicy.reportingEndpoint, COEPDisposition::Enforce, "navigation"_s, m_firstResponseURL }, m_parameters.webPageID);
return true;
}
}
+
return false;
}
+// https://html.spec.whatwg.org/multipage/origin.html#check-a-global-object's-embedder-policy
bool NetworkResourceLoader::shouldInterruptWorkerLoadForCrossOriginEmbedderPolicy(const ResourceResponse& response)
{
if (m_parameters.options.destination != FetchOptions::Destination::Worker)
return false;
- if (m_parameters.crossOriginEmbedderPolicy.value != WebCore::CrossOriginEmbedderPolicyValue::UnsafeNone && m_parameters.sourceOrigin) {
+ if (m_parameters.crossOriginEmbedderPolicy.value == WebCore::CrossOriginEmbedderPolicyValue::RequireCORP || m_parameters.crossOriginEmbedderPolicy.reportOnlyValue == WebCore::CrossOriginEmbedderPolicyValue::RequireCORP) {
auto responseCOEP = WebCore::obtainCrossOriginEmbedderPolicy(response, nullptr);
- if (responseCOEP.value != WebCore::CrossOriginEmbedderPolicyValue::RequireCORP) {
+ if (m_parameters.crossOriginEmbedderPolicy.reportOnlyValue == WebCore::CrossOriginEmbedderPolicyValue::RequireCORP && responseCOEP.value == WebCore::CrossOriginEmbedderPolicyValue::UnsafeNone) {
+ if (m_parameters.sourceOrigin && !m_parameters.crossOriginEmbedderPolicy.reportOnlyReportingEndpoint.isEmpty())
+ send(Messages::WebPage::SendCOEPPolicyInheritenceViolation { m_parameters.webFrameID, m_parameters.sourceOrigin->data(), m_parameters.crossOriginEmbedderPolicy.reportOnlyReportingEndpoint, COEPDisposition::Reporting, "worker initialization"_s, m_firstResponseURL }, m_parameters.webPageID);
+ }
+
+ if (m_parameters.crossOriginEmbedderPolicy.value == WebCore::CrossOriginEmbedderPolicyValue::RequireCORP && responseCOEP.value == WebCore::CrossOriginEmbedderPolicyValue::UnsafeNone) {
String errorMessage = makeString("Refused to load '", response.url().stringCenterEllipsizedToLength(), "' worker because of Cross-Origin-Embedder-Policy.");
send(Messages::WebPage::AddConsoleMessage { m_parameters.webFrameID, MessageSource::Security, MessageLevel::Error, errorMessage, coreIdentifier() }, m_parameters.webPageID);
+ if (m_parameters.sourceOrigin && !m_parameters.crossOriginEmbedderPolicy.reportingEndpoint.isEmpty())
+ send(Messages::WebPage::SendCOEPPolicyInheritenceViolation { m_parameters.webFrameID, m_parameters.sourceOrigin->data(), m_parameters.crossOriginEmbedderPolicy.reportingEndpoint, COEPDisposition::Enforce, "worker initialization"_s, m_firstResponseURL }, m_parameters.webPageID);
return true;
}
}
+
return false;
}
@@ -639,6 +657,8 @@
didReceiveMainResourceResponse(receivedResponse);
m_response = WTFMove(receivedResponse);
+ if (!m_firstResponseURL.isValid())
+ m_firstResponseURL = m_response.url();
if (shouldCaptureExtraNetworkLoadMetrics() && m_networkLoadChecker) {
auto information = m_networkLoadChecker->takeNetworkLoadInformation();
@@ -688,6 +708,18 @@
if (m_cacheEntryForValidation)
return completionHandler(PolicyAction::Use);
+ if (m_networkLoadChecker) {
+ auto error = m_networkLoadChecker->validateResponse(m_networkLoad ? m_networkLoad->currentRequest() : originalRequest(), m_response);
+ if (!error.isNull()) {
+ LOADER_RELEASE_LOG_ERROR("didReceiveResponse: NetworkLoadChecker::validateResponse returned an error (error.domain=%" PUBLIC_LOG_STRING ", error.code=%d)", error.domain().utf8().data(), error.errorCode());
+ RunLoop::main().dispatch([protectedThis = makeRef(*this), error = WTFMove(error)] {
+ if (protectedThis->m_networkLoad)
+ protectedThis->didFailLoading(error);
+ });
+ return completionHandler(PolicyAction::Ignore);
+ }
+ }
+
if (isMainResource() && shouldInterruptLoadForCSPFrameAncestorsOrXFrameOptions(m_response)) {
LOADER_RELEASE_LOG_ERROR("didReceiveResponse: Interrupting main resource load due to CSP frame-ancestors or X-Frame-Options");
auto response = sanitizeResponseIfPossible(ResourceResponse { m_response }, ResourceResponse::SanitizationType::CrossOriginSafe);
@@ -705,18 +737,6 @@
return completionHandler(PolicyAction::Ignore);
}
- if (m_networkLoadChecker) {
- auto error = m_networkLoadChecker->validateResponse(m_networkLoad ? m_networkLoad->currentRequest() : originalRequest(), m_response);
- if (!error.isNull()) {
- LOADER_RELEASE_LOG_ERROR("didReceiveResponse: NetworkLoadChecker::validateResponse returned an error (error.domain=%" PUBLIC_LOG_STRING ", error.code=%d)", error.domain().utf8().data(), error.errorCode());
- RunLoop::main().dispatch([protectedThis = makeRef(*this), error = WTFMove(error)] {
- if (protectedThis->m_networkLoad)
- protectedThis->didFailLoading(error);
- });
- return completionHandler(PolicyAction::Ignore);
- }
- }
-
auto response = sanitizeResponseIfPossible(ResourceResponse { m_response }, ResourceResponse::SanitizationType::CrossOriginSafe);
if (isSynchronous()) {
LOADER_RELEASE_LOG("didReceiveResponse: Using response for synchronous load");
@@ -900,6 +920,8 @@
LOADER_RELEASE_LOG("willSendRedirectedRequest:");
++m_redirectCount;
m_redirectResponse = redirectResponse;
+ if (!m_firstResponseURL.isValid())
+ m_firstResponseURL = redirectResponse.url();
std::optional<WebCore::PrivateClickMeasurement::AttributionTriggerData> privateClickMeasurementAttributionTriggerData;
if (!sessionID().isEphemeral()) {
Modified: branches/safari-612-branch/Source/WebKit/NetworkProcess/NetworkResourceLoader.h (283921 => 283922)
--- branches/safari-612-branch/Source/WebKit/NetworkProcess/NetworkResourceLoader.h 2021-10-11 19:17:10 UTC (rev 283921)
+++ branches/safari-612-branch/Source/WebKit/NetworkProcess/NetworkResourceLoader.h 2021-10-11 19:30:19 UTC (rev 283922)
@@ -102,6 +102,7 @@
WebCore::PageIdentifier pageID() const { return m_parameters.webPageID; }
const NetworkResourceLoadParameters& parameters() const { return m_parameters; }
NetworkResourceLoadIdentifier identifier() const { return m_resourceLoadID; }
+ const URL& firstResponseURL() const { return m_firstResponseURL; }
NetworkCache::GlobalFrameID globalFrameID() { return { m_parameters.webPageProxyID, pageID(), frameID() }; }
@@ -255,6 +256,7 @@
#endif
NetworkResourceLoadIdentifier m_resourceLoadID;
WebCore::ResourceResponse m_redirectResponse;
+ URL m_firstResponseURL; // First URL in response's URL list (https://fetch.spec.whatwg.org/#concept-response-url-list).
};
} // namespace WebKit
Modified: branches/safari-612-branch/Source/WebKit/Scripts/webkit/messages.py (283921 => 283922)
--- branches/safari-612-branch/Source/WebKit/Scripts/webkit/messages.py 2021-10-11 19:17:10 UTC (rev 283921)
+++ branches/safari-612-branch/Source/WebKit/Scripts/webkit/messages.py 2021-10-11 19:30:19 UTC (rev 283922)
@@ -681,6 +681,7 @@
'PAL::SessionID': ['<pal/SessionID.h>'],
'WebCore::AutoplayEventFlags': ['<WebCore/AutoplayEvent.h>'],
'WebCore::BrowsingContextGroupSwitchDecision': ['<WebCore/FrameLoaderTypes.h>'],
+ 'WebCore::COEPDisposition': ['<WebCore/CrossOriginEmbedderPolicy.h>'],
'WebCore::CreateNewGroupForHighlight': ['<WebCore/AppHighlight.h>'],
'WebCore::DOMPasteAccessResponse': ['<WebCore/DOMPasteAccess.h>'],
'WebCore::DestinationColorSpace': ['<WebCore/ColorSpace.h>'],
Modified: branches/safari-612-branch/Source/WebKit/WebProcess/WebPage/WebPage.cpp (283921 => 283922)
--- branches/safari-612-branch/Source/WebKit/WebProcess/WebPage/WebPage.cpp 2021-10-11 19:17:10 UTC (rev 283921)
+++ branches/safari-612-branch/Source/WebKit/WebProcess/WebPage/WebPage.cpp 2021-10-11 19:30:19 UTC (rev 283922)
@@ -159,6 +159,7 @@
#include <WebCore/CommonVM.h>
#include <WebCore/ContactsRequestData.h>
#include <WebCore/ContextMenuController.h>
+#include <WebCore/CrossOriginEmbedderPolicy.h>
#include <WebCore/DOMPasteAccess.h>
#include <WebCore/DataTransfer.h>
#include <WebCore/DatabaseManager.h>
@@ -4326,6 +4327,18 @@
PingLoader::sendViolationReport(*frame->coreFrame(), reportURL, report.releaseNonNull(), ViolationReportType::ContentSecurityPolicy);
}
+void WebPage::sendCOEPPolicyInheritenceViolation(FrameIdentifier frameID, const SecurityOriginData& embedderOrigin, const String& endpoint, COEPDisposition disposition, const String& type, const URL& blockedURL)
+{
+ if (auto* frame = WebProcess::singleton().webFrame(frameID); frame->coreFrame())
+ WebCore::sendCOEPPolicyInheritenceViolation(*frame->coreFrame(), embedderOrigin, endpoint, disposition, type, blockedURL);
+}
+
+void WebPage::sendCOEPCORPViolation(FrameIdentifier frameID, const SecurityOriginData& embedderOrigin, const String& endpoint, COEPDisposition disposition, FetchOptions::Destination destination, const URL& blockedURL)
+{
+ if (auto* frame = WebProcess::singleton().webFrame(frameID); frame->coreFrame())
+ WebCore::sendCOEPCORPViolation(*frame->coreFrame(), embedderOrigin, endpoint, disposition, destination, blockedURL);
+}
+
void WebPage::enqueueSecurityPolicyViolationEvent(FrameIdentifier frameID, SecurityPolicyViolationEvent::Init&& eventInit)
{
auto* frame = WebProcess::singleton().webFrame(frameID);
Modified: branches/safari-612-branch/Source/WebKit/WebProcess/WebPage/WebPage.h (283921 => 283922)
--- branches/safari-612-branch/Source/WebKit/WebProcess/WebPage/WebPage.h 2021-10-11 19:17:10 UTC (rev 283921)
+++ branches/safari-612-branch/Source/WebKit/WebProcess/WebPage/WebPage.h 2021-10-11 19:30:19 UTC (rev 283922)
@@ -217,6 +217,7 @@
#endif
enum SyntheticClickType : int8_t;
+enum class COEPDisposition : bool;
enum class CreateNewGroupForHighlight : bool;
enum class DOMPasteAccessResponse : uint8_t;
enum class DragApplicationFlags : uint8_t;
@@ -434,6 +435,8 @@
void addConsoleMessage(WebCore::FrameIdentifier, MessageSource, MessageLevel, const String&, uint64_t requestID = 0);
void sendCSPViolationReport(WebCore::FrameIdentifier, const URL& reportURL, IPC::FormDataReference&&);
+ void sendCOEPPolicyInheritenceViolation(WebCore::FrameIdentifier, const WebCore::SecurityOriginData& embedderOrigin, const String& endpoint, WebCore::COEPDisposition, const String& type, const URL& blockedURL);
+ void sendCOEPCORPViolation(WebCore::FrameIdentifier, const WebCore::SecurityOriginData& embedderOrigin, const String& endpoint, WebCore::COEPDisposition, WebCore::FetchOptions::Destination, const URL& blockedURL);
void enqueueSecurityPolicyViolationEvent(WebCore::FrameIdentifier, WebCore::SecurityPolicyViolationEvent::Init&&);
// -- Called by the DrawingArea.
Modified: branches/safari-612-branch/Source/WebKit/WebProcess/WebPage/WebPage.messages.in (283921 => 283922)
--- branches/safari-612-branch/Source/WebKit/WebProcess/WebPage/WebPage.messages.in 2021-10-11 19:17:10 UTC (rev 283921)
+++ branches/safari-612-branch/Source/WebKit/WebProcess/WebPage/WebPage.messages.in 2021-10-11 19:30:19 UTC (rev 283922)
@@ -29,6 +29,8 @@
AddConsoleMessage(WebCore::FrameIdentifier frameID, enum:uint8_t JSC::MessageSource messageSource, enum:uint8_t JSC::MessageLevel messageLevel, String message, uint64_t requestID)
SendCSPViolationReport(WebCore::FrameIdentifier frameID, URL reportURL, IPC::FormDataReference reportData)
+ SendCOEPPolicyInheritenceViolation(WebCore::FrameIdentifier frameID, struct WebCore::SecurityOriginData embedderOrigin, String endpoint, enum:bool WebCore::COEPDisposition disposition, String type, URL blockedURL)
+ SendCOEPCORPViolation(WebCore::FrameIdentifier frameID, struct WebCore::SecurityOriginData embedderOrigin, String endpoint, enum:bool WebCore::COEPDisposition disposition, enum:uint8_t WebCore::FetchOptions::Destination destination, URL blockedURL)
EnqueueSecurityPolicyViolationEvent(WebCore::FrameIdentifier frameID, WebCore::SecurityPolicyViolationEvent::Init eventInit)
TestProcessIncomingSyncMessagesWhenWaitingForSyncReply() -> (bool handled) Synchronous
