Branch: refs/heads/main
Home: https://github.com/WebKit/WebKit
Commit: a44c7708f19cb62b72564acc2f81893c41a52563
https://github.com/WebKit/WebKit/commit/a44c7708f19cb62b72564acc2f81893c41a52563
Author: Ruthvik Konda <[email protected]>
Date: 2025-12-08 (Mon, 08 Dec 2025)
Changed paths:
M Source/WebCore/en.lproj/Localizable.strings
M Source/WebKit/UIProcess/API/ios/WKWebViewIOS.mm
M Source/WebKit/UIProcess/Cocoa/WKWebViewContentProvider.h
M Source/WebKit/UIProcess/ios/WKUSDPreviewView.mm
M Tools/TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj
M Tools/TestWebKitAPI/Tests/WebKitCocoa/SystemPreview.mm
A Tools/TestWebKitAPI/Tests/WebKitCocoa/hab.reality
M Tools/TestWebKitAPI/Tests/WebKitCocoa/system-preview.html
Log Message:
-----------
Add user prompt before invoking ARQuickLook for 3D Asset Parsing
https://bugs.webkit.org/show_bug.cgi?id=299065
rdar://159192457
Reviewed by Mike Wyrzykowski and Abrar Rahman Protyasha.
Certain code flows allow 3D asset parsing outside of WebContent
without user prompts. This fix adds a user prompt for those flows and thus
introduces
a user-in-the-loop mechanism to mitigate this attack surface.
These flows specifically are top level navigations to 3D assets
and <a> WITHOUT rel=ar. A new user prompt/message is needed because the
existing "View in AR?" prompt for <a> WITH rel=ar does not fit here. In the two
flows here,
the user prompt precedes handing the file off to ARQL to generate a preview
image.
The existing "View in AR?" prompt already has a user provided preview image,
and its prompt in contrast precedes ARQL launching into the camera and placing
the asset into user surroundings.
As a result, our new prompt "Display Model Preview?" reflects the behavior
appopriately to
the user.
Appropriate API tests are added to verify that alert shows up in all
3 flows (<a> WITH rel=ar, <a> WITHOUT rel=ar, and top level navigations) and
for both usdz
and reality files. We also test to make sure that ARQL is only invoked when
user presses allow action.
The RelARPrompt has its own testing logic because of its slightly different
behavior
and the need to execute the cancel and allow action handlers separately due to
std::exchange()
being used in SystemPreviewControllerCocoa.mm.
* Source/WebCore/en.lproj/Localizable.strings:
* Source/WebKit/UIProcess/API/ios/WKWebViewIOS.mm:
(-[WKWebView
_didFinishLoadingDataForCustomContentProviderWithSuggestedFilename:data:]):
* Source/WebKit/UIProcess/Cocoa/WKWebViewContentProvider.h:
* Source/WebKit/UIProcess/ios/WKPDFView.mm:
(-[WKPDFView web_setContentProviderData:suggestedFilename:completionHandler:]):
(-[WKPDFView web_setContentProviderData:suggestedFilename:]): Deleted.
* Source/WebKit/UIProcess/ios/WKUSDPreviewView.mm:
(-[WKUSDPreviewView
web_setContentProviderData:suggestedFilename:completionHandler:]):
(-[WKUSDPreviewView web_setContentProviderData:suggestedFilename:]): Deleted.
* Tools/TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj:
* Tools/TestWebKitAPI/Tests/WebKitCocoa/SystemPreview.mm:
(TestWebKitAPI::testModelPreviewPrompt):
(TestWebKitAPI::testRelARPrompt):
(TestWebKitAPI::TEST(WebKit, PromptUSDZTopLevelNavigation)):
(TestWebKitAPI::TEST(WebKit, PromptRealityTopLevelNavigation)):
(TestWebKitAPI::TEST(WebKit, PromptUSDZLinkWithoutRelAR)):
(TestWebKitAPI::TEST(WebKit, PromptRealityLinkWithoutRelAR)):
(TestWebKitAPI::TEST(WebKit, PromptUSDZLinkWithRelAR)):
(TestWebKitAPI::TEST(WebKit, PromptRealityLinkWithRelAR)):
* Tools/TestWebKitAPI/Tests/WebKitCocoa/hab.reality: Added.
* Tools/TestWebKitAPI/Tests/WebKitCocoa/system-preview.html:
Originally-landed-as: 297297.491@safari-7622-branch (053b792933f4).
rdar://164211773
Canonical link: https://commits.webkit.org/304123@main
To unsubscribe from these emails, change your notification settings at
https://github.com/WebKit/WebKit/settings/notifications
