Branch: refs/heads/main
Home: https://github.com/WebKit/WebKit
Commit: 40efee6a397a9ef0fadc63c54c180b99ac713ba5
https://github.com/WebKit/WebKit/commit/40efee6a397a9ef0fadc63c54c180b99ac713ba5
Author: Youenn Fablet <[email protected]>
Date: 2024-03-12 (Tue, 12 Mar 2024)
Changed paths:
A
LayoutTests/http/tests/contentextensions/service-worker-block-everything-if-localhost-expected.txt
A
LayoutTests/http/tests/contentextensions/service-worker-block-everything-if-localhost-serviceworker.js
A
LayoutTests/http/tests/contentextensions/service-worker-block-everything-if-localhost.html
A
LayoutTests/http/tests/contentextensions/service-worker-block-everything-if-localhost.html.json
M Source/WebCore/Modules/fetch/FetchLoader.cpp
M Source/WebCore/Modules/fetch/FetchRequest.cpp
M Source/WebCore/Modules/fetch/FetchRequest.h
M Source/WebCore/loader/ResourceLoaderOptions.h
M Source/WebCore/loader/ThreadableLoader.cpp
M Source/WebCore/loader/cache/CachedResourceLoader.cpp
M Source/WebCore/testing/Internals.cpp
M Source/WebCore/testing/Internals.h
M Source/WebCore/testing/Internals.idl
M Source/WebCore/workers/service/context/ServiceWorkerFetch.cpp
Log Message:
-----------
Advanced Tracking and Fingerprinting Protection Issue with Service Workers
rdar://117522948
https://bugs.webkit.org/show_bug.cgi?id=263366
Reviewed by Chris Dumez.
Requests exposed to service worker via the fetch events have already gone
through content extension checks.
We can safely disable content extension checks for those requests.
We add a corresponding ResourceLoaderOptions which is tested in
CachedResourceLoader::requestResource before apply content extension checks.
This new option is always enforcing content extension checks except for service
worker fetch event requests.
We do so in ServiceWorkerFetch::dispatchFetchEvent, and we ensure that cloned
requests or requests created from fetch event requests keep the same flag.
*
LayoutTests/http/tests/contentextensions/service-worker-block-everything-if-localhost-expected.txt:
Added.
*
LayoutTests/http/tests/contentextensions/service-worker-block-everything-if-localhost-serviceworker.js:
Added.
(onmessage.async e):
*
LayoutTests/http/tests/contentextensions/service-worker-block-everything-if-localhost.html:
Added.
*
LayoutTests/http/tests/contentextensions/service-worker-block-everything-if-localhost.html.json:
Added.
* Source/WebCore/Modules/fetch/FetchLoader.cpp:
(WebCore::FetchLoader::start):
* Source/WebCore/Modules/fetch/FetchRequest.cpp:
(WebCore::FetchRequest::initializeWith):
(WebCore::FetchRequest::clone):
* Source/WebCore/Modules/fetch/FetchRequest.h:
* Source/WebCore/loader/ResourceLoaderOptions.h:
(WebCore::ResourceLoaderOptions::shouldEnableContentExtensionsCheck):
(WebCore::ResourceLoaderOptions::ResourceLoaderOptions):
(WebCore::ResourceLoaderOptions::fetchPriorityHint): Deleted.
* Source/WebCore/loader/ThreadableLoader.cpp:
(WebCore::ThreadableLoaderOptions::isolatedCopy const):
* Source/WebCore/loader/cache/CachedResourceLoader.cpp:
(WebCore::CachedResourceLoader::requestResource):
* Source/WebCore/testing/Internals.cpp:
(WebCore::Internals::disableContentExtensionsChecks):
* Source/WebCore/testing/Internals.h:
* Source/WebCore/testing/Internals.idl:
* Source/WebCore/workers/service/context/ServiceWorkerFetch.cpp:
(WebCore::ServiceWorkerFetch::dispatchFetchEvent):
Canonical link: https://commits.webkit.org/275970@main
To unsubscribe from these emails, change your notification settings at
https://github.com/WebKit/WebKit/settings/notifications
_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes
