Branch: refs/heads/main
Home: https://github.com/WebKit/WebKit
Commit: c740257eb4358031c7d049378d9e8cf76ba2408f
https://github.com/WebKit/WebKit/commit/c740257eb4358031c7d049378d9e8cf76ba2408f
Author: Ronan Turner <[email protected]>
Date: 2026-01-22 (Thu, 22 Jan 2026)
Changed paths:
M Source/WebCore/loader/FrameLoader.cpp
M Source/WebCore/loader/FrameLoader.h
M
Tools/TestWebKitAPI/Tests/WebKitCocoa/WKWebExtensionAPIDeclarativeNetRequest.mm
M Tools/TestWebKitAPI/cocoa/WebExtensionUtilities.h
M Tools/TestWebKitAPI/cocoa/WebExtensionUtilities.mm
Log Message:
-----------
Fix DeclarativeNetRequest cross-site redirect issue with Enhanced Security
https://bugs.webkit.org/show_bug.cgi?id=305405
rdar://168079499
Reviewed by Timothy Hatcher.
When enabling the EnhancedSecurityHeuristics flag, the following test began
to fail:
* WKWebExtensionAPIDeclarativeNetRequest.RedirectRule
This test performs a cross-site redirect from localhost -> 127.0.0.1 via
a web extension using the DeclarativeNetRequest API, which is handled
within the WebContent process. When such a redirect occurs, the WebContent
process opts to perform a new load and cancel the existing load.
When Enhanced Security is enabled, this cross-site redirect occurs in the
newly selected Enhanced Security process, which is only alive due to this
provisional load. When the current provisional load is cleared, to perform
the new navigation policy check, the UI process decides that our WebContent
process can be torn down now.
This change handles this case by marking the new FrameLoadRequest as being
related to such a ContentRuleList cross-site redirect. Then, when we clear
the current provisional load and send the DidFailProvisionalLoad message
to the UI process, we can check if this is a Cancellation error, and that
it was due to such a cross-site redirect, and if so, indicate to the UI
process that we will be handling this load failure internally. This is a
similar mechanism to how HTTPS upgrade fallbacks are handled.
Testing this is quite difficult - the only case I've managed to reliably
produce this is by using the extension API and having Enhanced Security
enabled. Rather than duplicating this into EnhancedSecurityPolicies, I've
added some plumbing that allows us to enable the EnhancedSecurityHeuristics
flag in the TestWebExtensionManager related code, and we now test this
RedirectRule test both with and without EnhancedSecurityHeuristics.
Tests:
Tools/TestWebKitAPI/Tests/WebKitCocoa/WKWebExtensionAPIDeclarativeNetRequest.mm
Tools/TestWebKitAPI/cocoa/WebExtensionUtilities.h
Tools/TestWebKitAPI/cocoa/WebExtensionUtilities.mm
* Source/WebCore/loader/FrameLoadRequest.h:
(WebCore::FrameLoadRequestBase::isCrossOriginContentRuleListRedirect const):
(WebCore::FrameLoadRequestBase::setIsCrossOriginContentRuleListRedirect):
* Source/WebCore/loader/FrameLoader.cpp:
(WebCore::FrameLoader::load):
(WebCore::FrameLoader::checkLoadCompleteForThisFrame):
* Source/WebCore/loader/FrameLoader.h:
* Source/WebCore/loader/cache/CachedResourceLoader.cpp:
(WebCore::CachedResourceLoader::requestResource):
*
Tools/TestWebKitAPI/Tests/WebKitCocoa/WKWebExtensionAPIDeclarativeNetRequest.mm:
(TestWebKitAPI::runRedirectRule):
(TestWebKitAPI::TEST(WKWebExtensionAPIDeclarativeNetRequest, RedirectRule)):
(TestWebKitAPI::TEST(WKWebExtensionAPIDeclarativeNetRequest,
RedirectRuleWithEnhancedSecurity)):
* Tools/TestWebKitAPI/cocoa/WebExtensionUtilities.h:
* Tools/TestWebKitAPI/cocoa/WebExtensionUtilities.mm:
(-[TestWebExtensionManager initForExtension:extensionControllerConfiguration:]):
(-[TestWebExtensionManager
initForExtension:extensionControllerConfiguration:usesEnhancedSecurity:]):
(-[TestWebExtensionTab initWithWindow:extensionController:]):
(-[TestWebExtensionWindow initWithExtensionController:usesPrivateBrowsing:]):
(-[TestWebExtensionWindow
initWithExtensionController:usesPrivateBrowsing:usesEnhancedSecurity:]):
(TestWebKitAPI::Util::parseExtension):
(TestWebKitAPI::Util::loadExtension):
Canonical link: https://commits.webkit.org/306005@main
To unsubscribe from these emails, change your notification settings at
https://github.com/WebKit/WebKit/settings/notifications
