Branch: refs/heads/main
Home: https://github.com/WebKit/WebKit
Commit: bac61d2b1bab1f4a66c981e0d9fd96db91072252
https://github.com/WebKit/WebKit/commit/bac61d2b1bab1f4a66c981e0d9fd96db91072252
Author: Wenson Hsieh <[email protected]>
Date: 2026-02-25 (Wed, 25 Feb 2026)
Changed paths:
M Source/WebKit/UIProcess/API/APINavigation.cpp
M Source/WebKit/UIProcess/API/APINavigation.h
M Source/WebKit/UIProcess/API/Cocoa/WKWebView.mm
M Source/WebKit/UIProcess/API/Cocoa/WKWebViewInternal.h
M Source/WebKit/UIProcess/API/Cocoa/WKWebViewPrivateForTesting.h
M Source/WebKit/UIProcess/API/Cocoa/WKWebViewTesting.mm
M Source/WebKit/UIProcess/Cocoa/WebPageProxyCocoa.mm
M Source/WebKit/UIProcess/PageLoadState.cpp
M Source/WebKit/UIProcess/PageLoadState.h
M Source/WebKit/UIProcess/WebPageProxy.cpp
M Source/WebKit/UIProcess/WebPageProxy.h
M Source/WebKit/UIProcess/mac/WebViewImpl.mm
M Tools/TestWebKitAPI/SourcesCocoa.txt
M Tools/TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj
M Tools/TestWebKitAPI/Tests/WebKitCocoa/SafeBrowsing.mm
M Tools/TestWebKitAPI/Tests/WebKitCocoa/ScreenTime.mm
M Tools/TestWebKitAPI/Tests/WebKitCocoa/TextExtractionTests.mm
M Tools/TestWebKitAPI/cocoa/HTTPServer.h
M Tools/TestWebKitAPI/cocoa/HTTPServer.mm
A Tools/TestWebKitAPI/cocoa/SafeBrowsingTestUtilities.h
A Tools/TestWebKitAPI/cocoa/SafeBrowsingTestUtilities.mm
M Tools/TestWebKitAPI/cocoa/TestWKWebView.h
M Tools/TestWebKitAPI/cocoa/TestWKWebView.mm
Log Message:
-----------
[AutoFill Debugging] Suppress text extraction if either screen time shield or
safe browsing warning is present
https://bugs.webkit.org/show_bug.cgi?id=308589
rdar://171117238
Reviewed by Aditya Keerthi, Pascoe, and Abrar Rahman Protyasha.
Suppress text extraction when the Screen Time shield is up, when the safe
browsing warning is shown,
or if the user has navigated to an unsafe website (manually bypassing the safe
browsing warning).
See below for more details.
Tests: TextExtractionTests.ScreenTimeBlocksTextExtraction
TextExtractionTests.SafeBrowsingWarningBlocksTextExtraction
TextExtractionTests.DelayedSafeBrowsingWarningBlocksTextExtraction
* Source/WebKit/UIProcess/API/APINavigation.cpp:
(API::Navigation::setSafeBrowsingWarning):
* Source/WebKit/UIProcess/API/APINavigation.h:
(API::Navigation::hadSafeBrowsingWarning const):
* Source/WebKit/UIProcess/API/Cocoa/WKWebView.mm:
(-[WKWebView _extractDebugTextWithConfiguration:completionHandler:]):
Early return with a blank result in the above scenarios.
(-[WKWebView _screenTimeWebpageController]): Deleted.
(-[WKWebView _screenTimeBlurredSnapshot]): Deleted.
* Source/WebKit/UIProcess/API/Cocoa/WKWebViewInternal.h:
* Source/WebKit/UIProcess/API/Cocoa/WKWebViewPrivateForTesting.h:
* Source/WebKit/UIProcess/API/Cocoa/WKWebViewTesting.mm:
(-[WKWebView _screenTimeWebpageController]):
(-[WKWebView _screenTimeBlurredSnapshot]):
Move these testing hooks out into the `WKTesting` category (as testing-only
SPI), so that they can
be accessed from `TextExtractionTests.mm`. This also lets us delete the extra
forward declarations
in `ScreenTime.mm`.
* Source/WebKit/UIProcess/Cocoa/WebPageProxyCocoa.mm:
(WebKit::WebPageProxy::beginSafeBrowsingCheck):
* Source/WebKit/UIProcess/PageLoadState.cpp:
(WebKit::PageLoadState::setHadSafeBrowsingWarning):
* Source/WebKit/UIProcess/PageLoadState.h:
(WebKit::PageLoadState::committedHadSafeBrowsingWarning const):
Add plumbing to keep track of whether we ever showed a safe browsing warning
for the current
(committed) page load. To do this, we add a new flag on the `API::Navigation`
that's set if a
safe browsing warning is ever set on the navigation, and then consult this flag
when committing a
navigation to update a new (similar) flag on the page load state.
* Source/WebKit/UIProcess/WebPageProxy.cpp:
* Source/WebKit/UIProcess/Cocoa/WebPageProxyCocoa.mm:
(WebKit::WebPageProxy::beginSafeBrowsingCheck):
Additionally take care of the case where the safe browsing check initially
times out, but then
completes after the load commits. To do this, add a new flag on `WebPageProxy`
that's set when we
show the safe browsing warning after the fact, which isn't cleared until the
next load is committed.
This ensures that in both cases where the safe browsing warning is shown before
load commit or after
load commit, we will correctly block text extractions.
* Source/WebKit/UIProcess/WebPageProxy.cpp:
(WebKit::WebPageProxy::didCommitLoadForFrame):
(WebKit::WebPageProxy::decidePolicyForNavigationAction):
(WebKit::WebPageProxy::decidePolicyForResponseShared):
(WebKit::WebPageProxy::resetState):
* Source/WebKit/UIProcess/WebPageProxy.h:
* Source/WebKit/UIProcess/mac/WebViewImpl.mm:
(WebKit::WebViewImpl::nativeMouseEventHandlerInternal):
* Tools/TestWebKitAPI/SourcesCocoa.txt:
* Tools/TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj:
* Tools/TestWebKitAPI/Tests/WebKitCocoa/SafeBrowsing.mm:
(TEST(SafeBrowsing, VisitUnsafeWebsite)):
(TEST(SafeBrowsing, ShowWarningSPI)):
(TEST(SafeBrowsing, URLObservation)):
(TEST(SafeBrowsing, HangTimeout)):
(TEST(SafeBrowsing, PostResponse)):
(TEST(SafeBrowsing, PostResponseIframe)):
(TEST(SafeBrowsing, PostResponseServerSideRedirect)):
(TEST(SafeBrowsing, PostResponseInjectedBundleSkipsDecidePolicyForResponse)):
(TEST(SafeBrowsing, PostTimeout)):
(TEST(SafeBrowsing, ModalDeferredDuringCheck)):
(TEST(SafeBrowsing, DeferredModalShownWhenProceedingThroughWarning)):
(TEST(SafeBrowsing, DeferredModalSuppressedWhenGoingBack)):
(TEST(SafeBrowsing, MultipleDeferredModalsShownInOrder)):
(TEST(SafeBrowsing, DeferredModalsClearedOnNavigation)):
(TEST(SafeBrowsing, AllModalTypesProperlyDeferred)):
(+[TestServiceLookupResult
resultWithProvider:phishing:malware:unwantedSoftware:]): Deleted.
(-[TestServiceLookupResult provider]): Deleted.
(-[TestServiceLookupResult isPhishing]): Deleted.
(-[TestServiceLookupResult isMalware]): Deleted.
(-[TestServiceLookupResult isUnwantedSoftware]): Deleted.
(-[TestServiceLookupResult malwareDetailsBaseURLString]): Deleted.
(-[TestServiceLookupResult learnMoreURL]): Deleted.
(-[TestServiceLookupResult reportAnErrorBaseURLString]): Deleted.
(-[TestServiceLookupResult localizedProviderDisplayName]): Deleted.
(+[TestLookupResult resultWithResults:]): Deleted.
(-[TestLookupResult serviceLookupResults]): Deleted.
(+[TestLookupContext sharedLookupContext]): Deleted.
(-[TestLookupContext lookUpURL:completionHandler:]): Deleted.
(visitUnsafeSite): Deleted.
(+[DelayedLookupContext sharedLookupContext]): Deleted.
(-[DelayedLookupContext lookUpURL:completionHandler:]): Deleted.
* Tools/TestWebKitAPI/Tests/WebKitCocoa/ScreenTime.mm:
* Tools/TestWebKitAPI/Tests/WebKitCocoa/TextExtractionTests.mm:
(TestWebKitAPI::ScreenTimeBlocksTextExtraction)):
(TestWebKitAPI::SafeBrowsingWarningBlocksTextExtraction)):
Add text extraction API tests to cover these new cases.
(TestWebKitAPI::DelayedSafeBrowsingWarningBlocksTextExtraction)):
* Tools/TestWebKitAPI/cocoa/HTTPServer.h:
* Tools/TestWebKitAPI/cocoa/HTTPServer.mm:
(TestWebKitAPI::makeRequestMap):
(TestWebKitAPI::HTTPServer::RequestData::RequestData):
(): Deleted.
* Tools/TestWebKitAPI/cocoa/SafeBrowsingTestUtilities.h: Added.
* Tools/TestWebKitAPI/cocoa/SafeBrowsingTestUtilities.mm: Added.
(+[TestServiceLookupResult
resultWithProvider:phishing:malware:unwantedSoftware:]):
(-[TestServiceLookupResult provider]):
(-[TestServiceLookupResult isPhishing]):
(-[TestServiceLookupResult isMalware]):
(-[TestServiceLookupResult isUnwantedSoftware]):
(-[TestServiceLookupResult malwareDetailsBaseURLString]):
(-[TestServiceLookupResult learnMoreURL]):
(-[TestServiceLookupResult reportAnErrorBaseURLString]):
(-[TestServiceLookupResult localizedProviderDisplayName]):
Move all of these existing safe-browsing-related testing helpers out into a new
shared utility file,
`SafeBrowsingTestUtilities`, so that they can be used across API tests in
multiple suites.
(+[TestLookupResult resultWithResults:]):
(-[TestLookupResult serviceLookupResults]):
(+[TestLookupContext sharedLookupContext]):
(-[TestLookupContext lookUpURL:completionHandler:]):
(+[DelayedLookupContext delayDuration]):
(+[DelayedLookupContext setDelayDuration:]):
(+[DelayedLookupContext sharedLookupContext]):
(-[DelayedLookupContext lookUpURL:completionHandler:]):
* Tools/TestWebKitAPI/cocoa/TestWKWebView.h:
* Tools/TestWebKitAPI/cocoa/TestWKWebView.mm:
(-[WKWebView visitUnsafeSite]):
Add a new helper method that simulates dismissing a safe browsing warning and
visiting the unsafe
destination. Deploy it in various places that simulate this behavior (including
my new API test).
Canonical link: https://commits.webkit.org/308262@main
To unsubscribe from these emails, change your notification settings at
https://github.com/WebKit/WebKit/settings/notifications
