[webkit-changes] [127513] trunk

Tue, 04 Sep 2012 15:19:56 -0700

Title: [127513] trunk
Revision
127513
Author
jp...@apple.com
Date
2012-09-04 15:20:43 -0700 (Tue, 04 Sep 2012)

Log Message

Make plugins respect third-party storage blocking setting
https://bugs.webkit.org/show_bug.cgi?id=94888

Reviewed by Brady Eidson.

Source/WebCore:

Added functions for discerning if a plugin should be able to access its storage in its current origin.

Tests: http/tests/security/cross-origin-plugin-allowed.html
       http/tests/security/cross-origin-plugin.html

* WebCore.exp.in: Export FrameTree::top and SecurityOrigin::canAccessStorage
* page/SecurityOrigin.h: Added canAccessPluginStorage
(WebCore::SecurityOrigin::canAccessPluginStorage):

Source/WebKit2:

Plugins that are in a third-party context should be put into private browsing mode so their storage is temporary.

* WebProcess/Plugins/PluginView.cpp:
(WebKit::PluginView::isPrivateBrowsingEnabled): Put the plugin into private browsing mode if it is in a third-party context.
(WebKit::PluginView::privateBrowsingStateChanged): Make sure a plugin doesn't leave private browsing mode if it's in a third-party context.

LayoutTests:

Created tests for plugins in a third party and first party context when third-party blocking is on and off.

* http/tests/security/cross-origin-plugin-allowed-expected.txt: Added.
* http/tests/security/cross-origin-plugin-allowed.html: Added.
* http/tests/security/cross-origin-plugin-expected.txt: Added.
* http/tests/security/cross-origin-plugin-private-browsing-toggled-allowed-expected.txt: Added.
* http/tests/security/cross-origin-plugin-private-browsing-toggled-allowed.html: Added.
* http/tests/security/cross-origin-plugin-private-browsing-toggled-expected.txt: Added.
* http/tests/security/cross-origin-plugin-private-browsing-toggled.html: Added.
* http/tests/security/cross-origin-plugin.html: Added.
* http/tests/security/resources/cross-origin-iframe-for-plugin.html: Added.
* http/tests/security/resources/cross-origin-iframe-for-plugin-async.html: Added.
* platform/mac-wk2/http/tests/security/cross-origin-plugin-expected.txt: Added.
* platform/mac-wk2/http/tests/security/cross-origin-plugin-private-browsing-toggled-expected.txt: Added.

Modified Paths

Added Paths

Diff

Modified: trunk/LayoutTests/ChangeLog (127512 => 127513)


--- trunk/LayoutTests/ChangeLog	2012-09-04 22:14:36 UTC (rev 127512)
+++ trunk/LayoutTests/ChangeLog	2012-09-04 22:20:43 UTC (rev 127513)
@@ -1,3 +1,25 @@
+2012-09-04  Jeffrey Pfau  <jp...@apple.com>
+
+        Make plugins respect third-party storage blocking setting
+        https://bugs.webkit.org/show_bug.cgi?id=94888
+
+        Reviewed by Brady Eidson.
+
+        Created tests for plugins in a third party and first party context when third-party blocking is on and off.
+
+        * http/tests/security/cross-origin-plugin-allowed-expected.txt: Added.
+        * http/tests/security/cross-origin-plugin-allowed.html: Added.
+        * http/tests/security/cross-origin-plugin-expected.txt: Added.
+        * http/tests/security/cross-origin-plugin-private-browsing-toggled-allowed-expected.txt: Added.
+        * http/tests/security/cross-origin-plugin-private-browsing-toggled-allowed.html: Added.
+        * http/tests/security/cross-origin-plugin-private-browsing-toggled-expected.txt: Added.
+        * http/tests/security/cross-origin-plugin-private-browsing-toggled.html: Added.
+        * http/tests/security/cross-origin-plugin.html: Added.
+        * http/tests/security/resources/cross-origin-iframe-for-plugin.html: Added.
+        * http/tests/security/resources/cross-origin-iframe-for-plugin-async.html: Added.
+        * platform/mac-wk2/http/tests/security/cross-origin-plugin-expected.txt: Added.
+        * platform/mac-wk2/http/tests/security/cross-origin-plugin-private-browsing-toggled-expected.txt: Added.
+
 2012-09-04  Roger Fong  <roger_f...@apple.com>
 
         Unreviewed. Rebaseline Windows expected results for accessibility\canvas-description-and-role-expected.txt.

Added: trunk/LayoutTests/http/tests/security/cross-origin-plugin-allowed-expected.txt (0 => 127513)


--- trunk/LayoutTests/http/tests/security/cross-origin-plugin-allowed-expected.txt	                        (rev 0)
+++ trunk/LayoutTests/http/tests/security/cross-origin-plugin-allowed-expected.txt	2012-09-04 22:20:43 UTC (rev 127513)
@@ -0,0 +1,16 @@
+This iframe should not have private browsing enabled:
+
+
+This iframe should not have private browsing enabled:
+
+
+
+--------
+Frame: '<!--framePath //<!--frame0-->-->'
+--------
+false
+
+--------
+Frame: '<!--framePath //<!--frame1-->-->'
+--------
+false

Added: trunk/LayoutTests/http/tests/security/cross-origin-plugin-allowed.html (0 => 127513)


--- trunk/LayoutTests/http/tests/security/cross-origin-plugin-allowed.html	                        (rev 0)
+++ trunk/LayoutTests/http/tests/security/cross-origin-plugin-allowed.html	2012-09-04 22:20:43 UTC (rev 127513)
@@ -0,0 +1,16 @@
+<html>
+<head>
+<script>
+if (window.testRunner) {
+	testRunner.dumpAsText();
+	testRunner.dumpChildFramesAsText();
+}
+
+</script>
+<body>
+<p>This iframe should not have private browsing enabled:</p>
+<iframe src=""
+<p>This iframe should not have private browsing enabled:</p>
+<iframe src=""
+</body>
+</html>

Added: trunk/LayoutTests/http/tests/security/cross-origin-plugin-expected.txt (0 => 127513)


--- trunk/LayoutTests/http/tests/security/cross-origin-plugin-expected.txt	                        (rev 0)
+++ trunk/LayoutTests/http/tests/security/cross-origin-plugin-expected.txt	2012-09-04 22:20:43 UTC (rev 127513)
@@ -0,0 +1,16 @@
+This iframe should have private browsing enabled:
+
+
+This iframe should not have private browsing enabled:
+
+
+
+--------
+Frame: '<!--framePath //<!--frame0-->-->'
+--------
+false
+
+--------
+Frame: '<!--framePath //<!--frame1-->-->'
+--------
+false

Added: trunk/LayoutTests/http/tests/security/cross-origin-plugin-private-browsing-toggled-allowed-expected.txt (0 => 127513)


--- trunk/LayoutTests/http/tests/security/cross-origin-plugin-private-browsing-toggled-allowed-expected.txt	                        (rev 0)
+++ trunk/LayoutTests/http/tests/security/cross-origin-plugin-private-browsing-toggled-allowed-expected.txt	2012-09-04 22:20:43 UTC (rev 127513)
@@ -0,0 +1,16 @@
+This iframe should not have private browsing enabled:
+
+
+This iframe should not have private browsing enabled:
+
+
+
+--------
+Frame: '<!--framePath //<!--frame0-->-->'
+--------
+false
+
+--------
+Frame: '<!--framePath //<!--frame1-->-->'
+--------
+false

Added: trunk/LayoutTests/http/tests/security/cross-origin-plugin-private-browsing-toggled-allowed.html (0 => 127513)


--- trunk/LayoutTests/http/tests/security/cross-origin-plugin-private-browsing-toggled-allowed.html	                        (rev 0)
+++ trunk/LayoutTests/http/tests/security/cross-origin-plugin-private-browsing-toggled-allowed.html	2012-09-04 22:20:43 UTC (rev 127513)
@@ -0,0 +1,37 @@
+<html>
+<head>
+<script>
+var frames = 2;
+if (window.testRunner) {
+	testRunner.dumpAsText();
+	testRunner.dumpChildFramesAsText();
+	testRunner.setPrivateBrowsingEnabled(true);
+	testRunner.waitUntilDone();
+}
+
+function decrement() {
+	--frames;
+	if (!frames) {
+		if (window.testRunner)
+			testRunner.setPrivateBrowsingEnabled(false);
+		for (var i = 0; i < 2; ++i) {
+			var frame = document.getElementsByTagName('iframe')[i].contentWindow;
+			frame.postMessage('loaded', '*');
+		}
+		frames = 2;
+	}
+}
+
+window._onmessage_ = function() {
+	--frames;
+	if (window.testRunner)
+		testRunner.notifyDone();
+}
+</script>
+<body>
+<p>This iframe should not have private browsing enabled:</p>
+<iframe src="" _onload_="decrement()"></iframe>
+<p>This iframe should not have private browsing enabled:</p>
+<iframe src="" _onload_="decrement()"></iframe>
+</body>
+</html>

Added: trunk/LayoutTests/http/tests/security/cross-origin-plugin-private-browsing-toggled-expected.txt (0 => 127513)


--- trunk/LayoutTests/http/tests/security/cross-origin-plugin-private-browsing-toggled-expected.txt	                        (rev 0)
+++ trunk/LayoutTests/http/tests/security/cross-origin-plugin-private-browsing-toggled-expected.txt	2012-09-04 22:20:43 UTC (rev 127513)
@@ -0,0 +1,16 @@
+This iframe should have private browsing enabled:
+
+
+This iframe should not have private browsing enabled:
+
+
+
+--------
+Frame: '<!--framePath //<!--frame0-->-->'
+--------
+false
+
+--------
+Frame: '<!--framePath //<!--frame1-->-->'
+--------
+false

Added: trunk/LayoutTests/http/tests/security/cross-origin-plugin-private-browsing-toggled.html (0 => 127513)


--- trunk/LayoutTests/http/tests/security/cross-origin-plugin-private-browsing-toggled.html	                        (rev 0)
+++ trunk/LayoutTests/http/tests/security/cross-origin-plugin-private-browsing-toggled.html	2012-09-04 22:20:43 UTC (rev 127513)
@@ -0,0 +1,40 @@
+<html>
+<head>
+<script>
+var frames = 2;
+if (window.testRunner) {
+	testRunner.dumpAsText();
+	testRunner.dumpChildFramesAsText();
+	testRunner.setPrivateBrowsingEnabled(true);
+	testRunner.waitUntilDone();
+	internals.settings.setThirdPartyStorageBlockingEnabled(true);
+}
+
+function decrement() {
+	--frames;
+	if (!frames) {
+		if (window.testRunner)
+			testRunner.setPrivateBrowsingEnabled(false);
+		for (var i = 0; i < 2; ++i) {
+			var frame = document.getElementsByTagName('iframe')[i].contentWindow;
+			frame.postMessage('loaded', '*');
+		}
+		frames = 2;
+	}
+}
+
+window._onmessage_ = function() {
+	--frames;
+	if (window.testRunner) {
+		internals.settings.setThirdPartyStorageBlockingEnabled(false);
+		testRunner.notifyDone();
+	}
+}
+</script>
+<body>
+<p>This iframe should have private browsing enabled:</p>
+<iframe src="" _onload_="decrement()"></iframe>
+<p>This iframe should not have private browsing enabled:</p>
+<iframe src="" _onload_="decrement()"></iframe>
+</body>
+</html>

Added: trunk/LayoutTests/http/tests/security/cross-origin-plugin.html (0 => 127513)


--- trunk/LayoutTests/http/tests/security/cross-origin-plugin.html	                        (rev 0)
+++ trunk/LayoutTests/http/tests/security/cross-origin-plugin.html	2012-09-04 22:20:43 UTC (rev 127513)
@@ -0,0 +1,23 @@
+<html>
+<head>
+<script>
+var frames = 2;
+if (window.testRunner) {
+	testRunner.dumpAsText();
+	testRunner.dumpChildFramesAsText();
+	internals.settings.setThirdPartyStorageBlockingEnabled(true);
+}
+
+function decrement() {
+	--frames;
+	if (!frames && window.testRunner)
+		internals.settings.setThirdPartyStorageBlockingEnabled(false);
+}
+</script>
+<body>
+<p>This iframe should have private browsing enabled:</p>
+<iframe src="" _onload_="decrement()"></iframe>
+<p>This iframe should not have private browsing enabled:</p>
+<iframe src="" _onload_="decrement()"></iframe>
+</body>
+</html>

Added: trunk/LayoutTests/http/tests/security/resources/cross-origin-iframe-for-plugin-async.html (0 => 127513)


--- trunk/LayoutTests/http/tests/security/resources/cross-origin-iframe-for-plugin-async.html	                        (rev 0)
+++ trunk/LayoutTests/http/tests/security/resources/cross-origin-iframe-for-plugin-async.html	2012-09-04 22:20:43 UTC (rev 127513)
@@ -0,0 +1,13 @@
+<html>
+<head>
+<script>
+window._onmessage_ = function() {
+	document.write(plg.privateBrowsingEnabled);
+	window.parent.postMessage('complete', '*');
+}
+</script>
+</head>
+<body>
+<embed name="plg" type="application/x-webkit-test-netscape" test="private-browsing"></embed>
+</body>
+</html>

Added: trunk/LayoutTests/http/tests/security/resources/cross-origin-iframe-for-plugin.html (0 => 127513)


--- trunk/LayoutTests/http/tests/security/resources/cross-origin-iframe-for-plugin.html	                        (rev 0)
+++ trunk/LayoutTests/http/tests/security/resources/cross-origin-iframe-for-plugin.html	2012-09-04 22:20:43 UTC (rev 127513)
@@ -0,0 +1,12 @@
+<html>
+<head>
+<script>
+window._onload_ = function() {
+	document.write(plg.privateBrowsingEnabled);
+}
+</script>
+</head>
+<body>
+<embed name="plg" type="application/x-webkit-test-netscape" test="private-browsing"></embed>
+</body>
+</html>

Added: trunk/LayoutTests/platform/mac-wk2/http/tests/security/cross-origin-plugin-expected.txt (0 => 127513)


--- trunk/LayoutTests/platform/mac-wk2/http/tests/security/cross-origin-plugin-expected.txt	                        (rev 0)
+++ trunk/LayoutTests/platform/mac-wk2/http/tests/security/cross-origin-plugin-expected.txt	2012-09-04 22:20:43 UTC (rev 127513)
@@ -0,0 +1,16 @@
+This iframe should have private browsing enabled:
+
+
+This iframe should not have private browsing enabled:
+
+
+
+--------
+Frame: '<!--framePath //<!--frame0-->-->'
+--------
+true
+
+--------
+Frame: '<!--framePath //<!--frame1-->-->'
+--------
+false

Added: trunk/LayoutTests/platform/mac-wk2/http/tests/security/cross-origin-plugin-private-browsing-toggled-expected.txt (0 => 127513)


--- trunk/LayoutTests/platform/mac-wk2/http/tests/security/cross-origin-plugin-private-browsing-toggled-expected.txt	                        (rev 0)
+++ trunk/LayoutTests/platform/mac-wk2/http/tests/security/cross-origin-plugin-private-browsing-toggled-expected.txt	2012-09-04 22:20:43 UTC (rev 127513)
@@ -0,0 +1,16 @@
+This iframe should have private browsing enabled:
+
+
+This iframe should not have private browsing enabled:
+
+
+
+--------
+Frame: '<!--framePath //<!--frame0-->-->'
+--------
+true
+
+--------
+Frame: '<!--framePath //<!--frame1-->-->'
+--------
+false

Modified: trunk/Source/WebCore/ChangeLog (127512 => 127513)


--- trunk/Source/WebCore/ChangeLog	2012-09-04 22:14:36 UTC (rev 127512)
+++ trunk/Source/WebCore/ChangeLog	2012-09-04 22:20:43 UTC (rev 127513)
@@ -1,3 +1,19 @@
+2012-09-04  Jeffrey Pfau  <jp...@apple.com>
+
+        Make plugins respect third-party storage blocking setting
+        https://bugs.webkit.org/show_bug.cgi?id=94888
+
+        Reviewed by Brady Eidson.
+
+        Added functions for discerning if a plugin should be able to access its storage in its current origin.
+
+        Tests: http/tests/security/cross-origin-plugin-allowed.html
+               http/tests/security/cross-origin-plugin.html
+
+        * WebCore.exp.in: Export FrameTree::top and SecurityOrigin::canAccessStorage
+        * page/SecurityOrigin.h: Added canAccessPluginStorage
+        (WebCore::SecurityOrigin::canAccessPluginStorage):
+
 2012-09-04  Robert Hogan  <rob...@webkit.org>
 
         Regression(r127163): Heap-use-after-free in WebCore::RenderBoxModelObject::hasSelfPaintingLayer

Modified: trunk/Source/WebCore/WebCore.exp.in (127512 => 127513)


--- trunk/Source/WebCore/WebCore.exp.in	2012-09-04 22:14:36 UTC (rev 127512)
+++ trunk/Source/WebCore/WebCore.exp.in	2012-09-04 22:20:43 UTC (rev 127513)
@@ -1177,6 +1177,7 @@
 __ZNK7WebCore14SecurityOrigin18databaseIdentifierEv
 __ZNK7WebCore14SecurityOrigin5equalEPKS0_
 __ZNK7WebCore14SecurityOrigin8toStringEv
+__ZNK7WebCore14SecurityOrigin16canAccessStorageEPKS0_
 __ZNK7WebCore15AffineTransform10isIdentityEv
 __ZNK7WebCore15AffineTransform12isInvertibleEv
 __ZNK7WebCore15AffineTransform7inverseEv
@@ -1373,6 +1374,7 @@
 __ZNK7WebCore9FloatQuad11boundingBoxEv
 __ZNK7WebCore9FloatRect10intersectsERKS0_
 __ZNK7WebCore9FloatSize6isZeroEv
+__ZNK7WebCore9FrameTree3topEv
 __ZNK7WebCore9FrameTree10childCountEv
 __ZNK7WebCore9FrameTree12traverseNextEPKNS_5FrameE
 __ZNK7WebCore9FrameTree14isDescendantOfEPKNS_5FrameE

Modified: trunk/Source/WebCore/page/SecurityOrigin.h (127512 => 127513)


--- trunk/Source/WebCore/page/SecurityOrigin.h	2012-09-04 22:14:36 UTC (rev 127512)
+++ trunk/Source/WebCore/page/SecurityOrigin.h	2012-09-04 22:20:43 UTC (rev 127513)
@@ -139,6 +139,7 @@
     bool canAccessDatabase(const SecurityOrigin* topOrigin = 0) const { return canAccessStorage(topOrigin); };
     bool canAccessLocalStorage(const SecurityOrigin* topOrigin) const { return canAccessStorage(topOrigin); };
     bool canAccessSharedWorkers(const SecurityOrigin* topOrigin) const { return canAccessStorage(topOrigin); }
+    bool canAccessPluginStorage(const SecurityOrigin* topOrigin) const { return canAccessStorage(topOrigin); }
     bool canAccessCookies() const { return !isUnique(); }
     bool canAccessPasswordManager() const { return !isUnique(); }
     bool canAccessFileSystem() const { return !isUnique(); }

Modified: trunk/Source/WebKit2/ChangeLog (127512 => 127513)


--- trunk/Source/WebKit2/ChangeLog	2012-09-04 22:14:36 UTC (rev 127512)
+++ trunk/Source/WebKit2/ChangeLog	2012-09-04 22:20:43 UTC (rev 127513)
@@ -1,3 +1,16 @@
+2012-09-04  Jeffrey Pfau  <jp...@apple.com>
+
+        Make plugins respect third-party storage blocking setting
+        https://bugs.webkit.org/show_bug.cgi?id=94888
+
+        Reviewed by Brady Eidson.
+
+        Plugins that are in a third-party context should be put into private browsing mode so their storage is temporary.
+
+        * WebProcess/Plugins/PluginView.cpp:
+        (WebKit::PluginView::isPrivateBrowsingEnabled): Put the plugin into private browsing mode if it is in a third-party context.
+        (WebKit::PluginView::privateBrowsingStateChanged): Make sure a plugin doesn't leave private browsing mode if it's in a third-party context.
+
 2012-09-04  Pekka Vuorela  <pvuor...@iki.fi>
 
         [Qt] Remove use of deprecated QInputMethod method

Modified: trunk/Source/WebKit2/WebProcess/Plugins/PluginView.cpp (127512 => 127513)


--- trunk/Source/WebKit2/WebProcess/Plugins/PluginView.cpp	2012-09-04 22:14:36 UTC (rev 127512)
+++ trunk/Source/WebKit2/WebProcess/Plugins/PluginView.cpp	2012-09-04 22:20:43 UTC (rev 127513)
@@ -583,6 +583,9 @@
     if (!m_isInitialized || !m_plugin)
         return;
 
+    if (!privateBrowsingEnabled && !frame()->document()->securityOrigin()->canAccessPluginStorage(frame()->tree()->top()->document()->securityOrigin()))
+        return;
+
     m_plugin->privateBrowsingStateChanged(privateBrowsingEnabled);
 }
 
@@ -1273,6 +1276,9 @@
     if (!frame())
         return true;
 
+    if (!frame()->document()->securityOrigin()->canAccessPluginStorage(frame()->tree()->top()->document()->securityOrigin()))
+        return true;
+
     Settings* settings = frame()->settings();
     if (!settings)
         return true;

_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
http://lists.webkit.org/mailman/listinfo/webkit-changes

Reply via email to