Diff
Modified: trunk/LayoutTests/ChangeLog (287610 => 287611)
--- trunk/LayoutTests/ChangeLog 2022-01-05 10:01:06 UTC (rev 287610)
+++ trunk/LayoutTests/ChangeLog 2022-01-05 10:35:47 UTC (rev 287611)
@@ -1,3 +1,18 @@
+2022-01-05 Youenn Fablet <you...@apple.com>
+
+ Make sure secure websocket connections in service workers can trigger authentication challenge callbacks
+ https://bugs.webkit.org/show_bug.cgi?id=234809
+ <rdar://85888177>
+
+ Reviewed by Chris Dumez.
+
+ * http/tests/workers/service/serviceworker-websocket.https-expected.txt:
+ * http/tests/workers/service/serviceworker-websocket.https.html:
+ * platform/gtk/http/tests/workers/service/serviceworker-websocket.https-expected.txt: Copied from LayoutTests/http/tests/workers/service/serviceworker-websocket.https-expected.txt.
+ * platform/ios-wk2/http/tests/workers/service/serviceworker-websocket.https-expected.txt: Removed.
+ * platform/mac-bigsur-wk2/http/tests/workers/service/serviceworker-websocket.https-expected.txt: Copied from LayoutTests/http/tests/workers/service/serviceworker-websocket.https-expected.txt.
+ * platform/mac-catalina-wk2/http/tests/workers/service/serviceworker-websocket.https-expected.txt: Copied from LayoutTests/http/tests/workers/service/serviceworker-websocket.https-expected.txt.
+
2022-01-05 Martin Robinson <mrobin...@webkit.org>
Change offsetParent to match spec change
Modified: trunk/LayoutTests/http/tests/workers/service/serviceworker-websocket.https-expected.txt (287610 => 287611)
--- trunk/LayoutTests/http/tests/workers/service/serviceworker-websocket.https-expected.txt 2022-01-05 10:01:06 UTC (rev 287610)
+++ trunk/LayoutTests/http/tests/workers/service/serviceworker-websocket.https-expected.txt 2022-01-05 10:35:47 UTC (rev 287611)
@@ -1,3 +1,4 @@
+canAuthenticateAgainstProtectionSpace
PASS Setup worker
PASS Open a WebSocket in service worker
Modified: trunk/LayoutTests/http/tests/workers/service/serviceworker-websocket.https.html (287610 => 287611)
--- trunk/LayoutTests/http/tests/workers/service/serviceworker-websocket.https.html 2022-01-05 10:01:06 UTC (rev 287610)
+++ trunk/LayoutTests/http/tests/workers/service/serviceworker-websocket.https.html 2022-01-05 10:35:47 UTC (rev 287611)
@@ -30,6 +30,9 @@
}, "Setup worker");
promise_test(async (test) => {
+ if (window.testRunner)
+ testRunner.setShouldLogCanAuthenticateAgainstProtectionSpace(true);
+
var promise = new Promise((resolve, reject) => {
navigator.serviceWorker.addEventListener("message", test.step_func((event) => {
if (event.data ="" "PASS") {
@@ -42,6 +45,9 @@
activeWorker.postMessage("WEBSOCKET-1");
await promise;
+
+ if (window.testRunner)
+ testRunner.setShouldLogCanAuthenticateAgainstProtectionSpace(false);
}, "Open a WebSocket in service worker");
</script>
</body>
Copied: trunk/LayoutTests/platform/gtk/http/tests/workers/service/serviceworker-websocket.https-expected.txt (from rev 287610, trunk/LayoutTests/platform/ios-14-wk2/http/tests/workers/service/serviceworker-websocket.https-expected.txt) (0 => 287611)
--- trunk/LayoutTests/platform/gtk/http/tests/workers/service/serviceworker-websocket.https-expected.txt (rev 0)
+++ trunk/LayoutTests/platform/gtk/http/tests/workers/service/serviceworker-websocket.https-expected.txt 2022-01-05 10:35:47 UTC (rev 287611)
@@ -0,0 +1,4 @@
+
+PASS Setup worker
+PASS Open a WebSocket in service worker
+
Copied: trunk/LayoutTests/platform/mac-bigsur-wk2/http/tests/workers/service/serviceworker-websocket.https-expected.txt (from rev 287610, trunk/LayoutTests/http/tests/workers/service/serviceworker-websocket.https-expected.txt) (0 => 287611)
--- trunk/LayoutTests/platform/mac-bigsur-wk2/http/tests/workers/service/serviceworker-websocket.https-expected.txt (rev 0)
+++ trunk/LayoutTests/platform/mac-bigsur-wk2/http/tests/workers/service/serviceworker-websocket.https-expected.txt 2022-01-05 10:35:47 UTC (rev 287611)
@@ -0,0 +1,4 @@
+
+PASS Setup worker
+PASS Open a WebSocket in service worker
+
Copied: trunk/LayoutTests/platform/mac-catalina-wk2/http/tests/workers/service/serviceworker-websocket.https-expected.txt (from rev 287610, trunk/LayoutTests/http/tests/workers/service/serviceworker-websocket.https-expected.txt) (0 => 287611)
--- trunk/LayoutTests/platform/mac-catalina-wk2/http/tests/workers/service/serviceworker-websocket.https-expected.txt (rev 0)
+++ trunk/LayoutTests/platform/mac-catalina-wk2/http/tests/workers/service/serviceworker-websocket.https-expected.txt 2022-01-05 10:35:47 UTC (rev 287611)
@@ -0,0 +1,4 @@
+
+PASS Setup worker
+PASS Open a WebSocket in service worker
+
Modified: trunk/Source/WebCore/ChangeLog (287610 => 287611)
--- trunk/Source/WebCore/ChangeLog 2022-01-05 10:01:06 UTC (rev 287610)
+++ trunk/Source/WebCore/ChangeLog 2022-01-05 10:35:47 UTC (rev 287611)
@@ -1,3 +1,13 @@
+2022-01-05 Youenn Fablet <you...@apple.com>
+
+ Make sure secure websocket connections in service workers can trigger authentication challenge callbacks
+ https://bugs.webkit.org/show_bug.cgi?id=234809
+ <rdar://85888177>
+
+ Reviewed by Chris Dumez.
+
+ * dom/Document.h:
+
2022-01-05 Martin Robinson <mrobin...@webkit.org>
Change offsetParent to match spec change
Modified: trunk/Source/WebCore/dom/Document.h (287610 => 287611)
--- trunk/Source/WebCore/dom/Document.h 2022-01-05 10:01:06 UTC (rev 287610)
+++ trunk/Source/WebCore/dom/Document.h 2022-01-05 10:35:47 UTC (rev 287611)
@@ -29,6 +29,7 @@
#include "CSSRegisteredCustomProperty.h"
#include "CanvasBase.h"
+#include "ClientOrigin.h"
#include "Color.h"
#include "ContainerNode.h"
#include "CrossOriginOpenerPolicy.h"
@@ -49,6 +50,7 @@
#include "RegistrableDomain.h"
#include "RenderPtr.h"
#include "ScriptExecutionContext.h"
+#include "SecurityOrigin.h"
#include "StringWithDirection.h"
#include "Supplementable.h"
#include "Timer.h"
@@ -1382,6 +1384,7 @@
SecurityOrigin& securityOrigin() const { return *SecurityContext::securityOrigin(); }
SecurityOrigin& topOrigin() const final { return topDocument().securityOrigin(); }
+ ClientOrigin clientOrigin() const { return { topOrigin().data(), securityOrigin().data() }; }
inline bool isSameOriginAsTopDocument() const;
bool shouldForceNoOpenerBasedOnCOOP() const;
Modified: trunk/Source/WebKit/ChangeLog (287610 => 287611)
--- trunk/Source/WebKit/ChangeLog 2022-01-05 10:01:06 UTC (rev 287610)
+++ trunk/Source/WebKit/ChangeLog 2022-01-05 10:35:47 UTC (rev 287611)
@@ -1,5 +1,36 @@
2022-01-05 Youenn Fablet <you...@apple.com>
+ Make sure secure websocket connections in service workers can trigger authentication challenge callbacks
+ https://bugs.webkit.org/show_bug.cgi?id=234809
+ <rdar://85888177>
+
+ Reviewed by Chris Dumez.
+
+ In case we are not using fast server trust evaluation, we are going to the UIProcess to check certificates.
+ This is an issue for web socket loads triggered for service workers that have an invalid certificate.
+ Before the patch, the challenge was not provided a top origin, so the default action would be triggered by UIProcess.
+ To make sure this is working as expected, we now always pass the origin if it is the same as the top origin for web socket challenges.
+ This makes sure we get a page with the same top origin and the challenge callback is called on the page.
+
+ Covered by updated tests.
+
+ * NetworkProcess/NetworkConnectionToWebProcess.cpp:
+ * NetworkProcess/NetworkConnectionToWebProcess.h:
+ * NetworkProcess/NetworkConnectionToWebProcess.messages.in:
+ * NetworkProcess/NetworkSession.cpp:
+ * NetworkProcess/NetworkSession.h:
+ * NetworkProcess/NetworkSocketChannel.cpp:
+ * NetworkProcess/NetworkSocketChannel.h:
+ * NetworkProcess/cocoa/NetworkSessionCocoa.h:
+ * NetworkProcess/cocoa/NetworkSessionCocoa.mm:
+ * NetworkProcess/cocoa/WebSocketTaskCocoa.h:
+ * NetworkProcess/cocoa/WebSocketTaskCocoa.mm:
+ * NetworkProcess/soup/NetworkSessionSoup.cpp:
+ * NetworkProcess/soup/NetworkSessionSoup.h:
+ * WebProcess/Network/WebSocketChannel.cpp:
+
+2022-01-05 Youenn Fablet <you...@apple.com>
+
WebPageProxy::requestUserMediaPermissionForSpeechRecognition should return early in case of no capture devices
https://bugs.webkit.org/show_bug.cgi?id=234837
<rdar://87055505>
Modified: trunk/Source/WebKit/NetworkProcess/NetworkConnectionToWebProcess.cpp (287610 => 287611)
--- trunk/Source/WebKit/NetworkProcess/NetworkConnectionToWebProcess.cpp 2022-01-05 10:01:06 UTC (rev 287610)
+++ trunk/Source/WebKit/NetworkProcess/NetworkConnectionToWebProcess.cpp 2022-01-05 10:35:47 UTC (rev 287611)
@@ -429,10 +429,10 @@
m_networkSocketStreams.add(identifier, NetworkSocketStream::create(m_networkProcess.get(), WTFMove(url), m_sessionID, cachePartition, identifier, m_connection, WTFMove(token)));
}
-void NetworkConnectionToWebProcess::createSocketChannel(const ResourceRequest& request, const String& protocol, WebSocketIdentifier identifier, WebPageProxyIdentifier webPageProxyID)
+void NetworkConnectionToWebProcess::createSocketChannel(const ResourceRequest& request, const String& protocol, WebSocketIdentifier identifier, WebPageProxyIdentifier webPageProxyID, const ClientOrigin& clientOrigin)
{
ASSERT(!m_networkSocketChannels.contains(identifier));
- if (auto channel = NetworkSocketChannel::create(*this, m_sessionID, request, protocol, identifier, webPageProxyID))
+ if (auto channel = NetworkSocketChannel::create(*this, m_sessionID, request, protocol, identifier, webPageProxyID, clientOrigin))
m_networkSocketChannels.add(identifier, WTFMove(channel));
}
Modified: trunk/Source/WebKit/NetworkProcess/NetworkConnectionToWebProcess.h (287610 => 287611)
--- trunk/Source/WebKit/NetworkProcess/NetworkConnectionToWebProcess.h 2022-01-05 10:01:06 UTC (rev 287610)
+++ trunk/Source/WebKit/NetworkProcess/NetworkConnectionToWebProcess.h 2022-01-05 10:35:47 UTC (rev 287611)
@@ -246,7 +246,7 @@
void createSocketStream(URL&&, String cachePartition, WebCore::WebSocketIdentifier);
- void createSocketChannel(const WebCore::ResourceRequest&, const String& protocol, WebCore::WebSocketIdentifier, WebPageProxyIdentifier);
+ void createSocketChannel(const WebCore::ResourceRequest&, const String& protocol, WebCore::WebSocketIdentifier, WebPageProxyIdentifier, const WebCore::ClientOrigin&);
void updateQuotaBasedOnSpaceUsageForTesting(const WebCore::ClientOrigin&);
#if ENABLE(SERVICE_WORKER)
Modified: trunk/Source/WebKit/NetworkProcess/NetworkConnectionToWebProcess.messages.in (287610 => 287611)
--- trunk/Source/WebKit/NetworkProcess/NetworkConnectionToWebProcess.messages.in 2022-01-05 10:01:06 UTC (rev 287610)
+++ trunk/Source/WebKit/NetworkProcess/NetworkConnectionToWebProcess.messages.in 2022-01-05 10:35:47 UTC (rev 287611)
@@ -62,7 +62,7 @@
SetCaptureExtraNetworkLoadMetricsEnabled(bool enabled)
CreateSocketStream(URL url, String cachePartition, WebCore::WebSocketIdentifier identifier)
- CreateSocketChannel(WebCore::ResourceRequest request, String protocol, WebCore::WebSocketIdentifier identifier, WebKit::WebPageProxyIdentifier webPageProxyID)
+ CreateSocketChannel(WebCore::ResourceRequest request, String protocol, WebCore::WebSocketIdentifier identifier, WebKit::WebPageProxyIdentifier webPageProxyID, struct WebCore::ClientOrigin clientOrigin)
ClearPageSpecificData(WebCore::PageIdentifier pageID);
Modified: trunk/Source/WebKit/NetworkProcess/NetworkSession.cpp (287610 => 287611)
--- trunk/Source/WebKit/NetworkProcess/NetworkSession.cpp 2022-01-05 10:01:06 UTC (rev 287610)
+++ trunk/Source/WebKit/NetworkProcess/NetworkSession.cpp 2022-01-05 10:35:47 UTC (rev 287611)
@@ -530,7 +530,7 @@
cachedResourceLoader->takeLoader()->abort();
}
-std::unique_ptr<WebSocketTask> NetworkSession::createWebSocketTask(WebPageProxyIdentifier, NetworkSocketChannel&, const WebCore::ResourceRequest&, const String& protocol)
+std::unique_ptr<WebSocketTask> NetworkSession::createWebSocketTask(WebPageProxyIdentifier, NetworkSocketChannel&, const WebCore::ResourceRequest&, const String& protocol, const WebCore::ClientOrigin&)
{
return nullptr;
}
Modified: trunk/Source/WebKit/NetworkProcess/NetworkSession.h (287610 => 287611)
--- trunk/Source/WebKit/NetworkProcess/NetworkSession.h 2022-01-05 10:01:06 UTC (rev 287610)
+++ trunk/Source/WebKit/NetworkProcess/NetworkSession.h 2022-01-05 10:35:47 UTC (rev 287611)
@@ -58,6 +58,7 @@
class SWServer;
enum class IncludeHttpOnlyCookies : bool;
enum class ShouldSample : bool;
+struct ClientOrigin;
struct SecurityOriginData;
}
@@ -176,7 +177,7 @@
PrefetchCache& prefetchCache() { return m_prefetchCache; }
void clearPrefetchCache() { m_prefetchCache.clear(); }
- virtual std::unique_ptr<WebSocketTask> createWebSocketTask(WebPageProxyIdentifier, NetworkSocketChannel&, const WebCore::ResourceRequest&, const String& protocol);
+ virtual std::unique_ptr<WebSocketTask> createWebSocketTask(WebPageProxyIdentifier, NetworkSocketChannel&, const WebCore::ResourceRequest&, const String& protocol, const WebCore::ClientOrigin&);
virtual void removeWebSocketTask(SessionSet&, WebSocketTask&) { }
virtual void addWebSocketTask(WebPageProxyIdentifier, WebSocketTask&) { }
Modified: trunk/Source/WebKit/NetworkProcess/NetworkSocketChannel.cpp (287610 => 287611)
--- trunk/Source/WebKit/NetworkProcess/NetworkSocketChannel.cpp 2022-01-05 10:01:06 UTC (rev 287610)
+++ trunk/Source/WebKit/NetworkProcess/NetworkSocketChannel.cpp 2022-01-05 10:35:47 UTC (rev 287611)
@@ -36,9 +36,9 @@
namespace WebKit {
using namespace WebCore;
-std::unique_ptr<NetworkSocketChannel> NetworkSocketChannel::create(NetworkConnectionToWebProcess& connection, PAL::SessionID sessionID, const ResourceRequest& request, const String& protocol, WebSocketIdentifier identifier, WebPageProxyIdentifier webPageProxyID)
+std::unique_ptr<NetworkSocketChannel> NetworkSocketChannel::create(NetworkConnectionToWebProcess& connection, PAL::SessionID sessionID, const ResourceRequest& request, const String& protocol, WebSocketIdentifier identifier, WebPageProxyIdentifier webPageProxyID, const WebCore::ClientOrigin& clientOrigin)
{
- auto result = makeUnique<NetworkSocketChannel>(connection, connection.networkProcess().networkSession(sessionID), request, protocol, identifier, webPageProxyID);
+ auto result = makeUnique<NetworkSocketChannel>(connection, connection.networkProcess().networkSession(sessionID), request, protocol, identifier, webPageProxyID, clientOrigin);
if (!result->m_socket) {
result->didClose(0, "Cannot create a web socket task"_s);
return nullptr;
@@ -46,7 +46,7 @@
return result;
}
-NetworkSocketChannel::NetworkSocketChannel(NetworkConnectionToWebProcess& connection, NetworkSession* session, const ResourceRequest& request, const String& protocol, WebSocketIdentifier identifier, WebPageProxyIdentifier webPageProxyID)
+NetworkSocketChannel::NetworkSocketChannel(NetworkConnectionToWebProcess& connection, NetworkSession* session, const ResourceRequest& request, const String& protocol, WebSocketIdentifier identifier, WebPageProxyIdentifier webPageProxyID, const WebCore::ClientOrigin& clientOrigin)
: m_connectionToWebProcess(connection)
, m_identifier(identifier)
, m_session(session)
@@ -56,7 +56,7 @@
if (!m_session)
return;
- m_socket = m_session->createWebSocketTask(webPageProxyID, *this, request, protocol);
+ m_socket = m_session->createWebSocketTask(webPageProxyID, *this, request, protocol, clientOrigin);
if (m_socket) {
m_session->addWebSocketTask(webPageProxyID, *m_socket);
m_socket->resume();
Modified: trunk/Source/WebKit/NetworkProcess/NetworkSocketChannel.h (287610 => 287611)
--- trunk/Source/WebKit/NetworkProcess/NetworkSocketChannel.h 2022-01-05 10:01:06 UTC (rev 287610)
+++ trunk/Source/WebKit/NetworkProcess/NetworkSocketChannel.h 2022-01-05 10:35:47 UTC (rev 287611)
@@ -36,6 +36,7 @@
#include <wtf/WeakPtr.h>
namespace WebCore {
+struct ClientOrigin;
class ResourceRequest;
class ResourceResponse;
}
@@ -55,9 +56,9 @@
class NetworkSocketChannel : public IPC::MessageSender, public IPC::MessageReceiver {
WTF_MAKE_FAST_ALLOCATED;
public:
- static std::unique_ptr<NetworkSocketChannel> create(NetworkConnectionToWebProcess&, PAL::SessionID, const WebCore::ResourceRequest&, const String& protocol, WebCore::WebSocketIdentifier, WebPageProxyIdentifier);
+ static std::unique_ptr<NetworkSocketChannel> create(NetworkConnectionToWebProcess&, PAL::SessionID, const WebCore::ResourceRequest&, const String& protocol, WebCore::WebSocketIdentifier, WebPageProxyIdentifier, const WebCore::ClientOrigin&);
- NetworkSocketChannel(NetworkConnectionToWebProcess&, NetworkSession*, const WebCore::ResourceRequest&, const String& protocol, WebCore::WebSocketIdentifier, WebPageProxyIdentifier);
+ NetworkSocketChannel(NetworkConnectionToWebProcess&, NetworkSession*, const WebCore::ResourceRequest&, const String& protocol, WebCore::WebSocketIdentifier, WebPageProxyIdentifier, const WebCore::ClientOrigin&);
~NetworkSocketChannel();
void didReceiveMessage(IPC::Connection&, IPC::Decoder&);
Modified: trunk/Source/WebKit/NetworkProcess/cocoa/NetworkSessionCocoa.h (287610 => 287611)
--- trunk/Source/WebKit/NetworkProcess/cocoa/NetworkSessionCocoa.h 2022-01-05 10:01:06 UTC (rev 287610)
+++ trunk/Source/WebKit/NetworkProcess/cocoa/NetworkSessionCocoa.h 2022-01-05 10:35:47 UTC (rev 287611)
@@ -157,7 +157,7 @@
void clearAlternativeServices(WallTime) override;
#if HAVE(NSURLSESSION_WEBSOCKET)
- std::unique_ptr<WebSocketTask> createWebSocketTask(WebPageProxyIdentifier, NetworkSocketChannel&, const WebCore::ResourceRequest&, const String& protocol) final;
+ std::unique_ptr<WebSocketTask> createWebSocketTask(WebPageProxyIdentifier, NetworkSocketChannel&, const WebCore::ResourceRequest&, const String& protocol, const WebCore::ClientOrigin&) final;
void addWebSocketTask(WebPageProxyIdentifier, WebSocketTask&) final;
void removeWebSocketTask(SessionSet&, WebSocketTask&) final;
#endif
Modified: trunk/Source/WebKit/NetworkProcess/cocoa/NetworkSessionCocoa.mm (287610 => 287611)
--- trunk/Source/WebKit/NetworkProcess/cocoa/NetworkSessionCocoa.mm 2022-01-05 10:01:06 UTC (rev 287610)
+++ trunk/Source/WebKit/NetworkProcess/cocoa/NetworkSessionCocoa.mm 2022-01-05 10:35:47 UTC (rev 287611)
@@ -1665,8 +1665,7 @@
#if HAVE(NSURLSESSION_WEBSOCKET)
if (auto* webSocketTask = sessionWrapper.webSocketDataTaskMap.get(taskIdentifier)) {
auto challengeCompletionHandler = createChallengeCompletionHandler(networkProcess(), sessionID(), challenge, webSocketTask->partition(), 0, WTFMove(completionHandler));
- networkProcess().authenticationManager().didReceiveAuthenticationChallenge(sessionID(), webSocketTask->pageID(), nullptr, challenge, negotiatedLegacyTLS, WTFMove(challengeCompletionHandler));
-
+ networkProcess().authenticationManager().didReceiveAuthenticationChallenge(sessionID(), webSocketTask->pageID(), !webSocketTask->topOrigin().isEmpty() ? &webSocketTask->topOrigin() : nullptr, challenge, negotiatedLegacyTLS, WTFMove(challengeCompletionHandler));
return;
}
#endif
@@ -1707,7 +1706,7 @@
}
#if HAVE(NSURLSESSION_WEBSOCKET)
-std::unique_ptr<WebSocketTask> NetworkSessionCocoa::createWebSocketTask(WebPageProxyIdentifier webPageProxyID, NetworkSocketChannel& channel, const WebCore::ResourceRequest& request, const String& protocol)
+std::unique_ptr<WebSocketTask> NetworkSessionCocoa::createWebSocketTask(WebPageProxyIdentifier webPageProxyID, NetworkSocketChannel& channel, const WebCore::ResourceRequest& request, const String& protocol, const WebCore::ClientOrigin& clientOrigin)
{
ASSERT(!request.hasHTTPHeaderField(WebCore::HTTPHeaderName::SecWebSocketProtocol));
auto nsRequest = retainPtr(request.nsURLRequest(WebCore::HTTPBodyUpdatePolicy::DoNotUpdateHTTPBody));
@@ -1735,7 +1734,7 @@
// Although the WebSocket protocol allows full 64-bit lengths, Chrome and Firefox limit the length to 2^63 - 1
task.get().maximumMessageSize = 0x7FFFFFFFFFFFFFFFull;
- return makeUnique<WebSocketTask>(channel, webPageProxyID, sessionSet, request, WTFMove(task));
+ return makeUnique<WebSocketTask>(channel, webPageProxyID, sessionSet, request, clientOrigin, WTFMove(task));
}
void NetworkSessionCocoa::addWebSocketTask(WebPageProxyIdentifier webPageProxyID, WebSocketTask& task)
Modified: trunk/Source/WebKit/NetworkProcess/cocoa/WebSocketTaskCocoa.h (287610 => 287611)
--- trunk/Source/WebKit/NetworkProcess/cocoa/WebSocketTaskCocoa.h 2022-01-05 10:01:06 UTC (rev 287610)
+++ trunk/Source/WebKit/NetworkProcess/cocoa/WebSocketTaskCocoa.h 2022-01-05 10:35:47 UTC (rev 287611)
@@ -29,6 +29,7 @@
#include "DataReference.h"
#include "WebPageProxyIdentifier.h"
+#include <WebCore/SecurityOriginData.h>
#include <wtf/RetainPtr.h>
#include <wtf/WeakPtr.h>
@@ -36,6 +37,7 @@
namespace WebCore {
class ResourceRequest;
+struct ClientOrigin;
}
namespace WebKit {
@@ -47,7 +49,7 @@
class WebSocketTask : public CanMakeWeakPtr<WebSocketTask> {
WTF_MAKE_FAST_ALLOCATED;
public:
- WebSocketTask(NetworkSocketChannel&, WebPageProxyIdentifier, WeakPtr<SessionSet>&&, const WebCore::ResourceRequest&, RetainPtr<NSURLSessionWebSocketTask>&&);
+ WebSocketTask(NetworkSocketChannel&, WebPageProxyIdentifier, WeakPtr<SessionSet>&&, const WebCore::ResourceRequest&, const WebCore::ClientOrigin&, RetainPtr<NSURLSessionWebSocketTask>&&);
~WebSocketTask();
void sendString(const IPC::DataReference&, CompletionHandler<void()>&&);
@@ -68,6 +70,7 @@
WebPageProxyIdentifier pageID() const { return m_pageID; }
String partition() const { return m_partition; }
+ const WebCore::SecurityOriginData& topOrigin() const { return m_topOrigin; }
private:
void readNextMessage();
@@ -79,6 +82,7 @@
WebPageProxyIdentifier m_pageID;
WeakPtr<SessionSet> m_sessionSet;
String m_partition;
+ WebCore::SecurityOriginData m_topOrigin;
};
} // namespace WebKit
Modified: trunk/Source/WebKit/NetworkProcess/cocoa/WebSocketTaskCocoa.mm (287610 => 287611)
--- trunk/Source/WebKit/NetworkProcess/cocoa/WebSocketTaskCocoa.mm 2022-01-05 10:01:06 UTC (rev 287610)
+++ trunk/Source/WebKit/NetworkProcess/cocoa/WebSocketTaskCocoa.mm 2022-01-05 10:35:47 UTC (rev 287611)
@@ -31,6 +31,7 @@
#import "NetworkSessionCocoa.h"
#import "NetworkSocketChannel.h"
#import <Foundation/NSURLSession.h>
+#import <WebCore/ClientOrigin.h>
#import <WebCore/ResourceRequest.h>
#import <WebCore/ResourceResponse.h>
#import <WebCore/WebSocketChannel.h>
@@ -40,7 +41,7 @@
using namespace WebCore;
-WebSocketTask::WebSocketTask(NetworkSocketChannel& channel, WebPageProxyIdentifier pageID, WeakPtr<SessionSet>&& sessionSet, const WebCore::ResourceRequest& request, RetainPtr<NSURLSessionWebSocketTask>&& task)
+WebSocketTask::WebSocketTask(NetworkSocketChannel& channel, WebPageProxyIdentifier pageID, WeakPtr<SessionSet>&& sessionSet, const WebCore::ResourceRequest& request, const WebCore::ClientOrigin& clientOrigin, RetainPtr<NSURLSessionWebSocketTask>&& task)
: m_channel(channel)
, m_task(WTFMove(task))
, m_pageID(pageID)
@@ -47,6 +48,11 @@
, m_sessionSet(WTFMove(sessionSet))
, m_partition(request.cachePartition())
{
+ // We use topOrigin in case of service worker websocket connections, for which pageID does not link to a real page.
+ // In that case, let's only call the callback for same origin loads.
+ if (clientOrigin.topOrigin == clientOrigin.clientOrigin)
+ m_topOrigin = clientOrigin.topOrigin;
+
readNextMessage();
m_channel.didSendHandshakeRequest(ResourceRequest { [m_task currentRequest] });
}
Modified: trunk/Source/WebKit/NetworkProcess/soup/NetworkSessionSoup.cpp (287610 => 287611)
--- trunk/Source/WebKit/NetworkProcess/soup/NetworkSessionSoup.cpp 2022-01-05 10:01:06 UTC (rev 287610)
+++ trunk/Source/WebKit/NetworkProcess/soup/NetworkSessionSoup.cpp 2022-01-05 10:35:47 UTC (rev 287611)
@@ -119,7 +119,7 @@
}
#endif
-std::unique_ptr<WebSocketTask> NetworkSessionSoup::createWebSocketTask(WebPageProxyIdentifier, NetworkSocketChannel& channel, const ResourceRequest& request, const String& protocol)
+std::unique_ptr<WebSocketTask> NetworkSessionSoup::createWebSocketTask(WebPageProxyIdentifier, NetworkSocketChannel& channel, const ResourceRequest& request, const String& protocol, const ClientOrigin&)
{
GRefPtr<SoupMessage> soupMessage = request.createSoupMessage(blobRegistry());
if (!soupMessage)
Modified: trunk/Source/WebKit/NetworkProcess/soup/NetworkSessionSoup.h (287610 => 287611)
--- trunk/Source/WebKit/NetworkProcess/soup/NetworkSessionSoup.h 2022-01-05 10:01:06 UTC (rev 287610)
+++ trunk/Source/WebKit/NetworkProcess/soup/NetworkSessionSoup.h 2022-01-05 10:35:47 UTC (rev 287611)
@@ -63,7 +63,7 @@
void setProxySettings(const WebCore::SoupNetworkProxySettings&);
private:
- std::unique_ptr<WebSocketTask> createWebSocketTask(WebPageProxyIdentifier, NetworkSocketChannel&, const WebCore::ResourceRequest&, const String& protocol) final;
+ std::unique_ptr<WebSocketTask> createWebSocketTask(WebPageProxyIdentifier, NetworkSocketChannel&, const WebCore::ResourceRequest&, const String& protocol, const WebCore::ClientOrigin&) final;
void clearCredentials() final;
std::unique_ptr<WebCore::SoupNetworkSession> m_networkSession;
Modified: trunk/Source/WebKit/WebProcess/Network/WebSocketChannel.cpp (287610 => 287611)
--- trunk/Source/WebKit/WebProcess/Network/WebSocketChannel.cpp 2022-01-05 10:01:06 UTC (rev 287610)
+++ trunk/Source/WebKit/WebProcess/Network/WebSocketChannel.cpp 2022-01-05 10:35:47 UTC (rev 287611)
@@ -32,6 +32,7 @@
#include "WebCoreArgumentCoders.h"
#include "WebProcess.h"
#include <WebCore/Blob.h>
+#include <WebCore/ClientOrigin.h>
#include <WebCore/Document.h>
#include <WebCore/ExceptionCode.h>
#include <WebCore/Page.h>
@@ -117,7 +118,7 @@
m_inspector.didCreateWebSocket(m_document.get(), url);
m_url = request->url();
- MessageSender::send(Messages::NetworkConnectionToWebProcess::CreateSocketChannel { *request, protocol, m_identifier, m_webPageProxyID });
+ MessageSender::send(Messages::NetworkConnectionToWebProcess::CreateSocketChannel { *request, protocol, m_identifier, m_webPageProxyID, m_document->clientOrigin() });
return ConnectStatus::OK;
}