[webkit-changes] [WebKit/WebKit] 6198c5: enable-font-awesome-lockdown-mode

Thu, 15 Dec 2022 13:15:42 -0800 

  Branch: refs/heads/main
  Home:   https://github.com/WebKit/WebKit
  Commit: 6198c51976a38d44659e41ca4791de9f763de19a
      
https://github.com/WebKit/WebKit/commit/6198c51976a38d44659e41ca4791de9f763de19a
  Author: Vitor Roriz <[email protected]>
  Date:   2022-12-15 (Thu, 15 Dec 2022)

  Changed paths:
    M Source/WebCore/Headers.cmake
    M Source/WebCore/Sources.txt
    M Source/WebCore/WebCore.xcodeproj/project.pbxproj
    M Source/WebCore/css/CSSFontFace.cpp
    M Source/WebCore/css/FontFace.cpp
    A Source/WebCore/loader/cache/AllowedFonts.cpp
    A Source/WebCore/loader/cache/AllowedFonts.h
    M Source/WebCore/loader/cache/CachedFont.cpp
    M Source/WebCore/loader/cache/CachedFont.h
    M Source/WebCore/page/Quirks.cpp
    M Source/WebCore/page/Settings.yaml
    M Source/WebCore/page/SettingsBase.h
    M Source/WebCore/platform/SharedBuffer.h
    M Source/WebKit/WebProcess/WebPage/WebPage.cpp
    M Tools/TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj
    A Tools/TestWebKitAPI/Tests/WebKitCocoa/Ahem-10000A.ttf
    A Tools/TestWebKitAPI/Tests/WebKitCocoa/LockdownModeFonts.html
    M Tools/TestWebKitAPI/Tests/WebKitCocoa/LockdownModeFonts.mm

  Log Message:
  -----------
  enable-font-awesome-lockdown-mode
https://bugs.webkit.org/show_bug.cgi?id=248938
rdar://101523138

Reviewed by Brent Fulgham.

* Source/WebCore/Headers.cmake:
* Source/WebCore/Sources.txt:
* Source/WebCore/WebCore.xcodeproj/project.pbxproj:
* Tools/TestWebKitAPI/Tests/WebKitCocoa/Ahem-10000A.ttf: Added.
* Tools/TestWebKitAPI/Tests/WebKitCocoa/LockdownModeFonts.html: Added.
Adding new files: AllowedFonts.cpp and AllowedFonts.h

* Source/WebCore/css/CSSFontFace.cpp:
(WebCore::CSSFontFace::appendSources):
Adjusting allow downloading for modified settings 
'DownloadableBinaryFontAllowedTypes'.

* Source/WebCore/css/FontFace.cpp:
(WebCore::FontFace::create):
Adjusting allow downloading for modified settings 
'DownloadableBinaryFontAllowedTypes'.

* Source/WebCore/loader/cache/AllowedFonts.cpp: Added.
(WebCore::allowedFontHashesInLockdownMode):
(WebCore::hashForFontData):
(WebCore::isFontBinaryAllowed):
Source/WebCore/loader/cache/AllowedFonts.h: Added.
Contains definition for new enum class used by settings 
'DownloadableBinaryFontAllowedTypes'.
Contain hashes for the hard-coded allowed fonts when in restrict mode 
DownloadableBinaryFontAllowedTypes::Restricted.

* Source/WebCore/loader/cache/CachedFont.cpp:
(WebCore::CachedFont::shouldAllowCustomFont):
(WebCore::CachedFont::finishLoading):
(WebCore::CachedFont::setErrorAndDeleteData):
* Source/WebCore/loader/cache/CachedFont.h:
When font binary is finish loading, we will verify if we should allow custom 
font depending on the settings DownloadableBinaryFontAllowedTypes.
For DownloadableBinaryFontAllowedTypes::Any, we don't have to check if font can 
be loaded, any font is allowed.
For DownloadableBinaryFontAllowedTypes::Restricted, only fonts which 
binary-hash is listed in AllowedFonts.cpp:allowedHashes() will be loaded.
For DownloadableBinaryFontAllowedTypes::None, no font is downloaded or loaded.

When a font doesn't pass the loading test, we will not allow it to be loaded 
and its data buffer will get deleted.

* Source/WebCore/page/Quirks.cpp:
(WebCore::Quirks::shouldEnableFontLoadingAPIQuirk const):
Adjusting for modified settings 'DownloadableBinaryFontAllowedTypes'.

* Source/WebCore/platform/SharedBuffer.h:
(WebCore::SharedBuffer::dataAsSpanForContiguousData const):
Adding function for returning data as Span if the buffer holds contiguous data. 
If data is not contiguous it returns a span with size 0.

* Source/WebCore/page/Settings.yaml:
* Source/WebCore/page/SettingsBase.h:
Modifying and renaming the settings 'DownloadableBinaryFontsEnabled' to 
'DownloadableBinaryFontAllowedTypes'.
Now, instead of a bool, the settings is represented by a Enum with three values 
{Any, Restricted, None). See AllowedFonts.h.

* Source/WebKit/UIProcess/API/APIWebsitePolicies.cpp:
(API::WebsitePolicies::lockdownModeEnabled const):
* Source/WebKit/WebProcess/WebPage/WebPage.cpp:
(WebKit::adjustSettingsForLockdownMode):
Adjusting for modified settings 'DownloadableBinaryFontAllowedTypes'. Now, when 
in lockdown mode, instead of setting 'DownloadableBinaryFontsEnabled' to true,
we set 'DownloadableBinaryFontAllowedTypes' to 'Restricted'. With that, font 
binaries will still be downloaded while in lockdown mode, but only allowed 
fonts will be loaded and kept in the system.

* Tools/TestWebKitAPI/Tests/WebKitCocoa/LockdownModeFonts.mm:
(TestWebKitAPI::TEST):
New test cases for loading allowed and not allowed fonts.
Modified FontLoadingApi and split it into two: AllowedFontLoadingApi and 
NotAllowedFontLoadingApi.
These will test that a allowed and not-allowed buffer can be loaded and lot 
loaded with the
FontFace font-loading API that utilizes data buffers.

Canonical link: https://commits.webkit.org/257954@main


_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes

Reply via email to