[webkit-changes] [293417] trunk

[youenn]

Title: [293417] trunk

Revision

293417

Author

you...@apple.com

Date

2022-04-25 23:57:34 -0700 (Mon, 25 Apr 2022)

Log Message

Service workers should not intercept embed/object related loads
https://bugs.webkit.org/show_bug.cgi?id=239642

Reviewed by Chris Dumez.

LayoutTests/imported/w3c:

* web-platform-tests/service-workers/service-worker/embed-and-object-are-not-intercepted.https-expected.txt:

Source/WebCore:

In case document loader or image loader are triggered by embed/object elements,
set service worker mode to none.

Covered by rebased test.

* loader/DocumentLoader.cpp:
* loader/DocumentLoader.h:
* loader/ImageLoader.cpp:

Modified Paths

• trunk/LayoutTests/imported/w3c/ChangeLog
• trunk/LayoutTests/imported/w3c/web-platform-tests/service-workers/service-worker/embed-and-object-are-not-intercepted.https-expected.txt
• trunk/Source/WebCore/ChangeLog
• trunk/Source/WebCore/loader/DocumentLoader.cpp
• trunk/Source/WebCore/loader/DocumentLoader.h
• trunk/Source/WebCore/loader/ImageLoader.cpp

Diff

Modified: trunk/LayoutTests/imported/w3c/ChangeLog (293416 => 293417)

--- trunk/LayoutTests/imported/w3c/ChangeLog	2022-04-26 06:43:13 UTC (rev 293416)
+++ trunk/LayoutTests/imported/w3c/ChangeLog	2022-04-26 06:57:34 UTC (rev 293417)
@@ -1,3 +1,12 @@
+2022-04-25  Youenn Fablet  <you...@apple.com>
+
+        Service workers should not intercept embed/object related loads
+        https://bugs.webkit.org/show_bug.cgi?id=239642
+
+        Reviewed by Chris Dumez.
+
+        * web-platform-tests/service-workers/service-worker/embed-and-object-are-not-intercepted.https-expected.txt:
+
 2022-04-25  Ziran Sun  <z...@igalia.com>
 
         UA stylesheet should include table { text-indent: initial } to conform with HTML standard

Modified: trunk/LayoutTests/imported/w3c/web-platform-tests/service-workers/service-worker/embed-and-object-are-not-intercepted.https-expected.txt (293416 => 293417)

--- trunk/LayoutTests/imported/w3c/web-platform-tests/service-workers/service-worker/embed-and-object-are-not-intercepted.https-expected.txt	2022-04-26 06:43:13 UTC (rev 293416)
+++ trunk/LayoutTests/imported/w3c/web-platform-tests/service-workers/service-worker/embed-and-object-are-not-intercepted.https-expected.txt	2022-04-26 06:57:34 UTC (rev 293417)
@@ -1,10 +1,10 @@
 
 PASS initialize global state
-FAIL requests for EMBED elements of embedded HTML content should not be intercepted by service workers assert_equals: expected "request for embedded content was not intercepted" but got "request for embedded content was intercepted by service worker"
-FAIL requests for OBJECT elements of embedded HTML content should not be intercepted by service workers assert_equals: expected "request for embedded content was not intercepted" but got "request for embedded content was intercepted by service worker"
-FAIL requests for EMBED elements of an image should not be intercepted by service workers assert_equals: expected "request was not intercepted" but got "FAIL: request was intercepted"
-FAIL requests for OBJECT elements of an image should not be intercepted by service workers assert_equals: expected "request was not intercepted" but got "FAIL: request was intercepted"
-FAIL post-load navigation of OBJECT elements should not be intercepted by service workers assert_equals: expected "request for embedded content was not intercepted" but got "request for embedded content was intercepted by service worker"
-FAIL post-load navigation of EMBED elements should not be intercepted by service workers assert_equals: expected "request for embedded content was not intercepted" but got "request for embedded content was intercepted by service worker"
+PASS requests for EMBED elements of embedded HTML content should not be intercepted by service workers
+PASS requests for OBJECT elements of embedded HTML content should not be intercepted by service workers
+PASS requests for EMBED elements of an image should not be intercepted by service workers
+PASS requests for OBJECT elements of an image should not be intercepted by service workers
+PASS post-load navigation of OBJECT elements should not be intercepted by service workers
+PASS post-load navigation of EMBED elements should not be intercepted by service workers
 PASS restore global state
 

Modified: trunk/Source/WebCore/ChangeLog (293416 => 293417)

--- trunk/Source/WebCore/ChangeLog	2022-04-26 06:43:13 UTC (rev 293416)
+++ trunk/Source/WebCore/ChangeLog	2022-04-26 06:57:34 UTC (rev 293417)
@@ -1,3 +1,19 @@
+2022-04-25  Youenn Fablet  <you...@apple.com>
+
+        Service workers should not intercept embed/object related loads
+        https://bugs.webkit.org/show_bug.cgi?id=239642
+
+        Reviewed by Chris Dumez.
+
+        In case document loader or image loader are triggered by embed/object elements,
+        set service worker mode to none.
+
+        Covered by rebased test.
+
+        * loader/DocumentLoader.cpp:
+        * loader/DocumentLoader.h:
+        * loader/ImageLoader.cpp:
+
 2022-04-25  Devin Rousso  <drou...@apple.com>
 
         Web Inspector: add UI for blocking requests

Modified: trunk/Source/WebCore/loader/DocumentLoader.cpp (293416 => 293417)

--- trunk/Source/WebCore/loader/DocumentLoader.cpp	2022-04-26 06:43:13 UTC (rev 293416)
+++ trunk/Source/WebCore/loader/DocumentLoader.cpp	2022-04-26 06:57:34 UTC (rev 293417)
@@ -571,7 +571,7 @@
 
 void DocumentLoader::matchRegistration(const URL& url, SWClientConnection::RegistrationCallback&& callback)
 {
-    auto shouldTryLoadingThroughServiceWorker = !frameLoader()->isReloadingFromOrigin() && m_frame->page() && m_frame->settings().serviceWorkersEnabled() && url.protocolIsInHTTPFamily();
+    bool shouldTryLoadingThroughServiceWorker = m_canUseServiceWorkers && !frameLoader()->isReloadingFromOrigin() && m_frame->page() && url.protocolIsInHTTPFamily();
     if (!shouldTryLoadingThroughServiceWorker) {
         callback(std::nullopt);
         return;
@@ -891,7 +891,7 @@
 #endif
 
 #if ENABLE(SERVICE_WORKER)
-    if (m_frame && m_frame->settings().serviceWorkersEnabled() && response.source() == ResourceResponse::Source::MemoryCache) {
+    if (m_canUseServiceWorkers && response.source() == ResourceResponse::Source::MemoryCache) {
         matchRegistration(response.url(), [this, protectedThis = Ref { *this }, response, completionHandler = WTFMove(completionHandler)](auto&& registrationData) mutable {
             if (!m_mainDocumentError.isNull() || !m_frame) {
                 completionHandler();
@@ -1244,7 +1244,7 @@
             document.setBaseURLOverride(m_archive->mainResource()->url());
 #endif
 #if ENABLE(SERVICE_WORKER)
-        if (m_frame && m_frame->settings().serviceWorkersEnabled()) {
+        if (m_canUseServiceWorkers) {
             if (!document.securityOrigin().isUnique()) {
                 if (m_serviceWorkerRegistrationData && m_serviceWorkerRegistrationData->activeWorker) {
                     document.setActiveServiceWorker(ServiceWorker::getOrCreate(document, WTFMove(m_serviceWorkerRegistrationData->activeWorker.value())));
@@ -2019,8 +2019,21 @@
     return true;
 }
 
+#if ENABLE(SERVICE_WORKER)
+static bool canUseServiceWorkers(Frame* frame)
+{
+    if (!frame || !frame->settings().serviceWorkersEnabled())
+        return false;
+    auto* ownerElement = frame->ownerElement();
+    return !ownerElement || !is<HTMLPlugInElement>(ownerElement);
+}
+#endif
+
 void DocumentLoader::startLoadingMainResource()
 {
+#if ENABLE(SERVICE_WORKER)
+    m_canUseServiceWorkers = canUseServiceWorkers(m_frame.get());
+#endif
     m_mainDocumentError = ResourceError();
     timing().markStartTime();
     ASSERT(!m_mainResource);
@@ -2138,18 +2151,16 @@
         CachingPolicy::AllowCaching);
 
 #if ENABLE(SERVICE_WORKER)
-    if (m_frame && m_frame->settings().serviceWorkersEnabled()) {
-        if (!isSandboxingAllowingServiceWorkerFetchHandling(frameLoader()->effectiveSandboxFlags()))
-            mainResourceLoadOptions.serviceWorkersMode = ServiceWorkersMode::None;
-        else {
-            // The main navigation load will trigger the registration of the client.
-            if (m_resultingClientId)
-                scriptExecutionContextIdentifierToLoaderMap().remove(m_resultingClientId);
-            m_resultingClientId = ScriptExecutionContextIdentifier::generate();
-            ASSERT(!scriptExecutionContextIdentifierToLoaderMap().contains(m_resultingClientId));
-            scriptExecutionContextIdentifierToLoaderMap().add(m_resultingClientId, this);
-            mainResourceLoadOptions.clientIdentifier = m_resultingClientId;
-        }
+    if (!m_canUseServiceWorkers || !isSandboxingAllowingServiceWorkerFetchHandling(frameLoader()->effectiveSandboxFlags()))
+        mainResourceLoadOptions.serviceWorkersMode = ServiceWorkersMode::None;
+    else {
+        // The main navigation load will trigger the registration of the client.
+        if (m_resultingClientId)
+            scriptExecutionContextIdentifierToLoaderMap().remove(m_resultingClientId);
+        m_resultingClientId = ScriptExecutionContextIdentifier::generate();
+        ASSERT(!scriptExecutionContextIdentifierToLoaderMap().contains(m_resultingClientId));
+        scriptExecutionContextIdentifierToLoaderMap().add(m_resultingClientId, this);
+        mainResourceLoadOptions.clientIdentifier = m_resultingClientId;
     }
 #endif
 

Modified: trunk/Source/WebCore/loader/DocumentLoader.h (293416 => 293417)

--- trunk/Source/WebCore/loader/DocumentLoader.h	2022-04-26 06:43:13 UTC (rev 293416)
+++ trunk/Source/WebCore/loader/DocumentLoader.h	2022-04-26 06:57:34 UTC (rev 293417)
@@ -708,6 +708,7 @@
 
 #if ENABLE(SERVICE_WORKER)
     std::optional<ServiceWorkerRegistrationData> m_serviceWorkerRegistrationData;
+    bool m_canUseServiceWorkers { true };
 #endif
     ScriptExecutionContextIdentifier m_resultingClientId;
 

Modified: trunk/Source/WebCore/loader/ImageLoader.cpp (293416 => 293417)

--- trunk/Source/WebCore/loader/ImageLoader.cpp	2022-04-26 06:43:13 UTC (rev 293416)
+++ trunk/Source/WebCore/loader/ImageLoader.cpp	2022-04-26 06:57:34 UTC (rev 293417)
@@ -192,6 +192,7 @@
         options.contentSecurityPolicyImposition = element().isInUserAgentShadowTree() ? ContentSecurityPolicyImposition::SkipPolicyCheck : ContentSecurityPolicyImposition::DoPolicyCheck;
         options.loadedFromPluginElement = is<HTMLPlugInElement>(element()) ? LoadedFromPluginElement::Yes : LoadedFromPluginElement::No;
         options.sameOriginDataURLFlag = SameOriginDataURLFlag::Set;
+        options.serviceWorkersMode = is<HTMLPlugInElement>(element()) ? ServiceWorkersMode::None : ServiceWorkersMode::All;
         bool isImageElement = is<HTMLImageElement>(element());
         if (isImageElement)
             options.referrerPolicy = downcast<HTMLImageElement>(element()).referrerPolicy();

_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes