Branch: refs/heads/main
Home: https://github.com/WebKit/WebKit
Commit: ec3e1edcb9e53c722dbac3fc483161d659ea1b1e
https://github.com/WebKit/WebKit/commit/ec3e1edcb9e53c722dbac3fc483161d659ea1b1e
Author: Matt Woodrow <[email protected]>
Date: 2023-01-19 (Thu, 19 Jan 2023)
Changed paths:
A
LayoutTests/http/tests/security/canvas-remote-read-remote-video-allowed-redirect-expected.txt
A
LayoutTests/http/tests/security/canvas-remote-read-remote-video-allowed-redirect.html
M LayoutTests/http/tests/security/resources/canvas-video-crossorigin.js
M
LayoutTests/imported/w3c/web-platform-tests/html/canvas/element/manual/imagebitmap/createImageBitmap-origin.sub-expected.txt
M
LayoutTests/imported/w3c/web-platform-tests/html/canvas/resources/canvas-tests.js
M
LayoutTests/imported/w3c/web-platform-tests/html/semantics/embedded-content/the-canvas-element/security.pattern.fillStyle.sub-expected.txt
M LayoutTests/platform/ios-wk2/TestExpectations
M LayoutTests/platform/mac/TestExpectations
M LayoutTests/platform/win/TestExpectations
M LayoutTests/platform/wk2/TestExpectations
M Source/WebCore/Modules/webaudio/MediaElementAudioSourceNode.cpp
M Source/WebCore/html/HTMLMediaElement.cpp
M Source/WebCore/html/HTMLMediaElement.h
M Source/WebCore/html/ImageBitmap.cpp
M Source/WebCore/html/canvas/CanvasRenderingContext.cpp
M Source/WebCore/platform/graphics/MediaPlayer.cpp
M Source/WebCore/platform/graphics/MediaPlayer.h
M Source/WebCore/platform/graphics/MediaPlayerPrivate.h
M
Source/WebCore/platform/graphics/avfoundation/MediaPlayerPrivateAVFoundation.cpp
M
Source/WebCore/platform/graphics/avfoundation/MediaPlayerPrivateAVFoundation.h
M
Source/WebCore/platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.h
M
Source/WebCore/platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm
M
Source/WebCore/platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaSourceAVFObjC.h
M
Source/WebCore/platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaStreamAVFObjC.h
M Source/WebCore/platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp
M Source/WebCore/platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.h
M Source/WebCore/platform/graphics/gstreamer/WebKitWebSourceGStreamer.cpp
M Source/WebCore/platform/graphics/gstreamer/WebKitWebSourceGStreamer.h
M Source/WebCore/platform/network/cocoa/WebCoreNSURLSession.h
M Source/WebCore/platform/network/cocoa/WebCoreNSURLSession.mm
M Source/WebKit/GPUProcess/media/RemoteMediaPlayerProxy.cpp
M Source/WebKit/GPUProcess/media/RemoteMediaPlayerProxy.h
M Source/WebKit/GPUProcess/media/RemoteMediaPlayerProxy.messages.in
M Source/WebKit/WebProcess/GPU/media/MediaPlayerPrivateRemote.cpp
M Source/WebKit/WebProcess/GPU/media/MediaPlayerPrivateRemote.h
M Source/WebKit/WebProcess/GPU/media/RemoteMediaPlayerState.h
M Source/WebKit/WebProcess/GPU/media/RemoteMediaPlayerState.serialization.in
Log Message:
-----------
non-CORS Redirects to a cross-origin URI should cause video to taint
<canvas>, even if the final response is same-origin.
https://bugs.webkit.org/show_bug.cgi?id=248462
<rdar://102754474>
Reviewed by Jean-Yves Avenard.
This is true even if we start with a same-origin URI, redirect to a
cross-origin URI and then back again to a same-origin URI.
hasSingleSecurityOrigin currently tries to track this, but it only compares the
initial request URI against the response URI, not
any intermediate redirects.
This adds tracking of all redirect origins to the media player implementations
of wouldTaintOrigin (and rename it to isCrossOrigin), so that
they fail if we redirected to a cross-origin URI at any point. It also ensures
that we only do this if we haven't passed a CORS access check.
Moves the code for doing these checks from 3 separate callsites
(CanvasRenderingContext, ImageBitmap, MediaElementAudioSourceNode) into
a single shared location (HTMLMediaElement).
Removes all the hasSingleSecurityOrigin media code, since it's no longer in use.
*
LayoutTests/http/tests/security/canvas-remote-read-remote-video-allowed-redirect-expected.txt:
Added.
*
LayoutTests/http/tests/security/canvas-remote-read-remote-video-allowed-redirect.html:
Added.
This adds a test for the change in bug 242889, which stopped us tainting for
cross-origin redirects.
That's still desired, but only if CORS was requested and successful.
* LayoutTests/http/tests/security/resources/canvas-video-crossorigin.js:
(testDataRetrievalAllowed):
Fixes a test bug, where the 'allowed' test was expecting an exception to be
thrown.
*
LayoutTests/imported/w3c/web-platform-tests/html/canvas/element/manual/imagebitmap/createImageBitmap-origin.sub-expected.txt:
*
LayoutTests/imported/w3c/web-platform-tests/html/canvas/resources/canvas-tests.js:
*
LayoutTests/imported/w3c/web-platform-tests/html/semantics/embedded-content/the-canvas-element/security.pattern.fillStyle.sub-expected.txt:
Add new subtest for the same-origin -> cross-origin -> same-origin redirect
chain case.
* LayoutTests/platform/ios-wk2/TestExpectations:
* LayoutTests/platform/mac/TestExpectations:
* LayoutTests/platform/win/TestExpectations:
* LayoutTests/platform/wk2/TestExpectations:
Enables tests that now pass.
* Source/WebCore/Modules/webaudio/MediaElementAudioSourceNode.cpp:
(WebCore::MediaElementAudioSourceNode::wouldTaintOrigin):
* Source/WebCore/html/HTMLMediaElement.cpp:
(WebCore::HTMLMediaElement::wouldTaintOrigin const):
* Source/WebCore/html/HTMLMediaElement.h:
(WebCore::HTMLMediaElement::hasSingleSecurityOrigin const): Deleted.
(WebCore::HTMLMediaElement::wouldTaintOrigin const): Deleted.
* Source/WebCore/html/ImageBitmap.cpp:
(WebCore::taintsOrigin):
* Source/WebCore/html/canvas/CanvasRenderingContext.cpp:
(WebCore::CanvasRenderingContext::wouldTaintOrigin):
* Source/WebCore/platform/graphics/MediaPlayer.cpp:
(WebCore::MediaPlayer::isCrossOrigin const):
(WebCore::MediaPlayer::hasSingleSecurityOrigin const): Deleted.
(WebCore::MediaPlayer::wouldTaintOrigin const): Deleted.
* Source/WebCore/platform/graphics/MediaPlayer.h:
* Source/WebCore/platform/graphics/MediaPlayerPrivate.h:
(WebCore::MediaPlayerPrivateInterface::isCrossOrigin const):
(WebCore::MediaPlayerPrivateInterface::hasSingleSecurityOrigin const): Deleted.
(WebCore::MediaPlayerPrivateInterface::wouldTaintOrigin const): Deleted.
*
Source/WebCore/platform/graphics/avfoundation/MediaPlayerPrivateAVFoundation.cpp:
(WebCore::MediaPlayerPrivateAVFoundation::hasSingleSecurityOrigin const):
Deleted.
*
Source/WebCore/platform/graphics/avfoundation/MediaPlayerPrivateAVFoundation.h:
*
Source/WebCore/platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.h:
*
Source/WebCore/platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
(WebCore::MediaPlayerPrivateAVFoundationObjC::isCrossOrigin const):
(WebCore::MediaPlayerPrivateAVFoundationObjC::wouldTaintOrigin const): Deleted.
*
Source/WebCore/platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaSourceAVFObjC.h:
*
Source/WebCore/platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaStreamAVFObjC.h:
* Source/WebCore/platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
(WebCore::MediaPlayerPrivateGStreamer::isCrossOrigin const):
(WebCore::MediaPlayerPrivateGStreamer::loadNextLocation):
(WebCore::MediaPlayerPrivateGStreamer::hasSingleSecurityOrigin const): Deleted.
(WebCore::MediaPlayerPrivateGStreamer::wouldTaintOrigin const): Deleted.
* Source/WebCore/platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.h:
* Source/WebCore/platform/graphics/gstreamer/WebKitWebSourceGStreamer.cpp:
(CachedResourceStreamingClient::redirectReceived):
(webKitSrcIsCrossOrigin):
(webKitSrcWouldTaintOrigin): Deleted.
* Source/WebCore/platform/graphics/gstreamer/WebKitWebSourceGStreamer.h:
* Source/WebCore/platform/network/cocoa/WebCoreNSURLSession.h:
* Source/WebCore/platform/network/cocoa/WebCoreNSURLSession.mm:
(-[WebCoreNSURLSession task:addSecurityOrigin:]):
(-[WebCoreNSURLSession isCrossOrigin:]):
(-[WebCoreNSURLSessionDataTask resource:receivedResponse:completionHandler:]):
(-[WebCoreNSURLSessionDataTask
resource:receivedRedirect:request:completionHandler:]):
(-[WebCoreNSURLSession task:didReceiveResponseFromOrigin:]): Deleted.
(-[WebCoreNSURLSession wouldTaintOrigin:]): Deleted.
* Source/WebKit/GPUProcess/media/RemoteMediaPlayerProxy.cpp:
(WebKit::RemoteMediaPlayerProxy::mediaPlayerReadyStateChanged):
(WebKit::RemoteMediaPlayerProxy::isCrossOrigin):
(WebKit::RemoteMediaPlayerProxy::wouldTaintOrigin): Deleted.
* Source/WebKit/GPUProcess/media/RemoteMediaPlayerProxy.h:
* Source/WebKit/GPUProcess/media/RemoteMediaPlayerProxy.messages.in:
* Source/WebKit/WebProcess/GPU/media/MediaPlayerPrivateRemote.cpp:
(WebKit::MediaPlayerPrivateRemote::updateCachedState):
(WebKit::MediaPlayerPrivateRemote::isCrossOrigin const):
(WebKit::MediaPlayerPrivateRemote::hasSingleSecurityOrigin const): Deleted.
(WebKit::MediaPlayerPrivateRemote::wouldTaintOrigin const): Deleted.
* Source/WebKit/WebProcess/GPU/media/MediaPlayerPrivateRemote.h:
* Source/WebKit/WebProcess/GPU/media/RemoteMediaPlayerState.h:
* Source/WebKit/WebProcess/GPU/media/RemoteMediaPlayerState.serialization.in:
Canonical link: https://commits.webkit.org/259108@main
_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes
