Branch: refs/heads/main
Home: https://github.com/WebKit/WebKit
Commit: 519e45961292f33fc820167bb68e57a9903be0d7
https://github.com/WebKit/WebKit/commit/519e45961292f33fc820167bb68e57a9903be0d7
Author: Wenson Hsieh <[email protected]>
Date: 2023-08-21 (Mon, 21 Aug 2023)
Changed paths:
M Source/WebCore/workers/service/ServiceWorkerTypes.h
M Source/WebCore/workers/service/context/SWContextManager.cpp
M Source/WebCore/workers/service/context/SWContextManager.h
M Source/WebCore/workers/service/context/ServiceWorkerThreadProxy.cpp
M Source/WebCore/workers/service/context/ServiceWorkerThreadProxy.h
M Source/WebCore/workers/service/server/SWServer.cpp
M Source/WebCore/workers/service/server/SWServer.h
M Source/WebCore/workers/service/server/SWServerToContextConnection.h
M Source/WebKit/NetworkProcess/NetworkProcess.cpp
M Source/WebKit/NetworkProcess/NetworkProcess.h
M Source/WebKit/NetworkProcess/NetworkProcess.messages.in
M Source/WebKit/NetworkProcess/NetworkSession.cpp
M Source/WebKit/NetworkProcess/NetworkSession.h
M Source/WebKit/NetworkProcess/NetworkSessionCreationParameters.cpp
M Source/WebKit/NetworkProcess/NetworkSessionCreationParameters.h
M
Source/WebKit/NetworkProcess/ServiceWorker/WebSWServerToContextConnection.cpp
M
Source/WebKit/NetworkProcess/ServiceWorker/WebSWServerToContextConnection.h
M Source/WebKit/Scripts/webkit/messages.py
M Source/WebKit/Shared/WebCoreArgumentCoders.serialization.in
M Source/WebKit/UIProcess/ProvisionalPageProxy.cpp
M Source/WebKit/UIProcess/WebPageProxy.cpp
M Source/WebKit/UIProcess/WebProcessPool.cpp
M Source/WebKit/UIProcess/WebProcessPool.h
M Source/WebKit/UIProcess/WebProcessProxy.cpp
M Source/WebKit/UIProcess/WebsiteData/WebsiteDataStore.cpp
M Source/WebKit/UIProcess/WebsiteData/WebsiteDataStore.h
M Source/WebKit/WebProcess/Storage/WebSWContextManagerConnection.cpp
M Source/WebKit/WebProcess/Storage/WebSWContextManagerConnection.h
M Source/WebKit/WebProcess/Storage/WebSWContextManagerConnection.messages.in
Log Message:
-----------
[iOS 17] Remote inspection should be disabled for service workers used only
in locked private tabs
https://bugs.webkit.org/show_bug.cgi?id=260400
rdar://108476513
Reviewed by Patrick Angle and Chris Dumez.
Safari 17 introduces the ability to lock tabs in private browsing mode, such
that they require some
form of authentication before they're visible to the user. Aside from obscuring
the web views, one
of the other (myriad) ways we hide these private tabs is by making them
non-web-inspectable, via
`-[WKWebView setInspectable:]`. However, there's currently a corner case where
service workers that
are loaded as a part of these locked private browsing tabs will still be
inspectable, even if the
page itself is not; this is because service workers are currently _always_
inspectable, regardless
of whether inspection is enabled via web view API.
To address this corner case, we propagate `WKWebView` inspectability over to
service workers by
letting a website datastore allow inspection for service workers only if at
least one web view using
the data store is inspectable. In practice, because private browsing tabs
always use a separate,
ephemeral data stores, making web views in private tabs non-inspectable is
equivalent to making any
of their service workers non-inspectable.
At a high level, the inspection state plumbing takes the following route
through WebKit:
1. UI Process
↳ `WKWebView`/`WebPageProxy` (source of truth)
↳ `WebsiteDataStore`
↳ `NetworkProcessProxy`
2. Network Process
↳ `NetworkProcess`
↳ `NetworkSession`
↳ `SWServer`
↳ `WebSWServerToContextConnection`
3. Web Process
↳ `WebSWContextManagerConnection`
↳ `SWContextManager`
↳ `ServiceWorkerThreadProxy` (final destination)
* Source/WebCore/workers/service/ServiceWorkerTypes.h:
Add a boolean `enum class ServiceWorkerIsInspectable` so that we can use it in
`SWServer` and
adjacent code, so that the last argument to `installContextData` isn't just a
plain `bool`.
* Source/WebCore/workers/service/context/SWContextManager.cpp:
(WebCore::SWContextManager::setInspectable):
Iterate over all `ServiceWorkerThreadProxy`s and plumb the updated
inspectability state over to each
worker.
* Source/WebCore/workers/service/context/SWContextManager.h:
* Source/WebCore/workers/service/context/ServiceWorkerThreadProxy.cpp:
Take the inspectability state from the given `WebCore::Page`, which should now
have an inspection
state that's consistent with the associated service worker.
(WebCore::ServiceWorkerThreadProxy::ServiceWorkerThreadProxy):
(WebCore::ServiceWorkerThreadProxy::setInspectable):
* Source/WebCore/workers/service/context/ServiceWorkerThreadProxy.h:
* Source/WebCore/workers/service/server/SWServer.cpp:
(WebCore::SWServer::SWServer):
(WebCore::SWServer::contextConnectionCreated):
Plumb initial inspectability state through `SWServer` into the context
connection.
(WebCore::SWServer::setInspectable):
Update all context connections when inspectability changes.
* Source/WebCore/workers/service/server/SWServer.h:
* Source/WebCore/workers/service/server/SWServerToContextConnection.h:
* Source/WebKit/NetworkProcess/NetworkProcess.cpp:
(WebKit::NetworkProcess::setInspectionForServiceWorkersAllowed):
* Source/WebKit/NetworkProcess/NetworkProcess.h:
* Source/WebKit/NetworkProcess/NetworkProcess.messages.in:
* Source/WebKit/NetworkProcess/NetworkSession.cpp:
(WebKit::NetworkSession::NetworkSession):
(WebKit::NetworkSession::ensureSWServer):
(WebKit::NetworkSession::setInspectionForServiceWorkersAllowed):
* Source/WebKit/NetworkProcess/NetworkSession.h:
* Source/WebKit/NetworkProcess/NetworkSessionCreationParameters.cpp:
(WebKit::NetworkSessionCreationParameters::encode const):
(WebKit::NetworkSessionCreationParameters::decode):
Add a new flag to `NetworkSession`'s creation parameters to indicate whether or
not inspection
should be enabled. This is necessary in the case where we avoided sending any
inspectability updates
eagerly, in order to avoid needlessly launching the network process.
* Source/WebKit/NetworkProcess/NetworkSessionCreationParameters.h:
* Source/WebKit/NetworkProcess/ServiceWorker/WebSWServerToContextConnection.cpp:
(WebKit::WebSWServerToContextConnection::installServiceWorkerContext):
(WebKit::WebSWServerToContextConnection::setInspectable):
* Source/WebKit/NetworkProcess/ServiceWorker/WebSWServerToContextConnection.h:
* Source/WebKit/Scripts/webkit/messages.py:
(headers_for_type):
* Source/WebKit/Shared/WebCoreArgumentCoders.serialization.in:
* Source/WebKit/UIProcess/ProvisionalPageProxy.cpp:
(WebKit::ProvisionalPageProxy::ProvisionalPageProxy):
(WebKit::ProvisionalPageProxy::~ProvisionalPageProxy):
* Source/WebKit/UIProcess/WebPageProxy.cpp:
(WebKit::WebPageProxy::setInspectable):
* Source/WebKit/UIProcess/WebProcessPool.cpp:
(WebKit::WebProcessPool::pageBeginUsingWebsiteDataStore):
(WebKit::WebProcessPool::pageEndUsingWebsiteDataStore):
Update the data store's set of pages when pages begin or end use; we also
adjust these to take
`WebPageProxy&`, so that we can pass them directly into `WebsiteDataStore`.
* Source/WebKit/UIProcess/WebProcessPool.h:
* Source/WebKit/UIProcess/WebProcessProxy.cpp:
(WebKit::WebProcessProxy::addExistingWebPage):
(WebKit::WebProcessProxy::removeWebPage):
* Source/WebKit/UIProcess/WebsiteData/WebsiteDataStore.cpp:
Maintain state on each data store, that determines whether or not service
workers associated with
that data store should allow inspection. To achieve this, we maintain the set
of `m_pages` currently
associated with this data store; whenever pages are added or removed, or when a
page changes
inspectability, we recompute inspectability state on the data store and update
the network session
if it changes.
(WebKit::WebsiteDataStore::parameters):
(WebKit::WebsiteDataStore::updateServiceWorkerInspectability):
(WebKit::WebsiteDataStore::addPage):
(WebKit::WebsiteDataStore::removePage):
Update `m_pages` when `WebPageProxy`s start or stop using the data store.
* Source/WebKit/UIProcess/WebsiteData/WebsiteDataStore.h:
* Source/WebKit/WebProcess/Storage/WebSWContextManagerConnection.cpp:
(WebKit::WebSWContextManagerConnection::installServiceWorker):
(WebKit::WebSWContextManagerConnection::setThrottleState):
(WebKit::WebSWContextManagerConnection::setInspectable):
Plumb inspectability state through to `SWContextManager`.
* Source/WebKit/WebProcess/Storage/WebSWContextManagerConnection.h:
* Source/WebKit/WebProcess/Storage/WebSWContextManagerConnection.messages.in:
Canonical link: https://commits.webkit.org/267118@main
_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes
