[webkit-changes] [149422] trunk/Source/WebKit2

Tue, 30 Apr 2013 22:14:20 -0700

Title: [149422] trunk/Source/WebKit2
Revision
149422
Author
[email protected]
Date
2013-04-30 22:16:04 -0700 (Tue, 30 Apr 2013)

Log Message

        <rdar://problem/13574729> Implement file path restrictions in WebKit Objective C API
        https://bugs.webkit.org/show_bug.cgi?id=115321

        Reviewed by Darin Adler.

        * UIProcess/API/C/WKPage.cpp:
        * UIProcess/API/C/WKPage.h: 
        * UIProcess/WebPageProxy.cpp: (WebKit::WebPageProxy::loadFile):
        * UIProcess/WebPageProxy.h:
        Added and implemented a C API to load a file while only opening sandbox for
        a specific directory.

        * UIProcess/API/mac/WKBrowsingContextController.h: Fixed a typo in a comment.

        * UIProcess/API/mac/WKBrowsingContextController.mm:
        (-[WKBrowsingContextController loadFileURL:restrictToFilesWithin:]):
        Respect allowedDirectory argument. Updated the function to raise an exception for
        incorrect input, as decribed in header file.

Modified Paths

Diff

Modified: trunk/Source/WebKit2/ChangeLog (149421 => 149422)


--- trunk/Source/WebKit2/ChangeLog	2013-05-01 04:58:50 UTC (rev 149421)
+++ trunk/Source/WebKit2/ChangeLog	2013-05-01 05:16:04 UTC (rev 149422)
@@ -1,3 +1,24 @@
+2013-04-28  Alexey Proskuryakov  <[email protected]>
+
+        <rdar://problem/13574729> Implement file path restrictions in WebKit Objective C API
+        https://bugs.webkit.org/show_bug.cgi?id=115321
+
+        Reviewed by Darin Adler.
+
+        * UIProcess/API/C/WKPage.cpp:
+        * UIProcess/API/C/WKPage.h: 
+        * UIProcess/WebPageProxy.cpp: (WebKit::WebPageProxy::loadFile):
+        * UIProcess/WebPageProxy.h:
+        Added and implemented a C API to load a file while only opening sandbox for
+        a specific directory.
+
+        * UIProcess/API/mac/WKBrowsingContextController.h: Fixed a typo in a comment.
+
+        * UIProcess/API/mac/WKBrowsingContextController.mm:
+        (-[WKBrowsingContextController loadFileURL:restrictToFilesWithin:]):
+        Respect allowedDirectory argument. Updated the function to raise an exception for
+        incorrect input, as decribed in header file.
+
 2013-04-29  Sam Weinig  <[email protected]>
 
         Add API to allow WebKit2 banners to get mouse events

Modified: trunk/Source/WebKit2/UIProcess/API/C/WKPage.cpp (149421 => 149422)


--- trunk/Source/WebKit2/UIProcess/API/C/WKPage.cpp	2013-05-01 04:58:50 UTC (rev 149421)
+++ trunk/Source/WebKit2/UIProcess/API/C/WKPage.cpp	2013-05-01 05:16:04 UTC (rev 149422)
@@ -92,6 +92,11 @@
     toImpl(pageRef)->loadWebArchiveData(toImpl(webArchiveDataRef));
 }
 
+void WKPageLoadFile(WKPageRef pageRef, WKURLRef fileURL, WKURLRef resourceDirectoryURL)
+{
+    toImpl(pageRef)->loadFile(toWTFString(fileURL), toWTFString(resourceDirectoryURL));
+}
+
 void WKPageStopLoading(WKPageRef pageRef)
 {
     toImpl(pageRef)->stopLoading();

Modified: trunk/Source/WebKit2/UIProcess/API/C/WKPage.h (149421 => 149422)


--- trunk/Source/WebKit2/UIProcess/API/C/WKPage.h	2013-05-01 04:58:50 UTC (rev 149421)
+++ trunk/Source/WebKit2/UIProcess/API/C/WKPage.h	2013-05-01 05:16:04 UTC (rev 149422)
@@ -362,6 +362,7 @@
 WK_EXPORT void WKPageLoadAlternateHTMLString(WKPageRef page, WKStringRef htmlString, WKURLRef baseURL, WKURLRef unreachableURL);
 WK_EXPORT void WKPageLoadPlainTextString(WKPageRef page, WKStringRef plainTextString);
 WK_EXPORT void WKPageLoadWebArchiveData(WKPageRef page, WKDataRef webArchiveData);
+WK_EXPORT void WKPageLoadFile(WKPageRef page, WKURLRef fileURL, WKURLRef resourceDirectoryURL);
 
 WK_EXPORT void WKPageStopLoading(WKPageRef page);
 WK_EXPORT void WKPageReload(WKPageRef page);

Modified: trunk/Source/WebKit2/UIProcess/API/mac/WKBrowsingContextController.h (149421 => 149422)


--- trunk/Source/WebKit2/UIProcess/API/mac/WKBrowsingContextController.h	2013-05-01 04:58:50 UTC (rev 149421)
+++ trunk/Source/WebKit2/UIProcess/API/mac/WKBrowsingContextController.h	2013-05-01 05:16:04 UTC (rev 149422)
@@ -50,9 +50,9 @@
 - (void)loadRequest:(NSURLRequest *)request;
 
 /* Load a file: URL. Opens the sandbox only for files within allowedDirectory.
-    - Passing a non-file: URL to either parameter will yeild an exception.
+    - Passing a non-file: URL to either parameter will yield an exception.
     - Passing nil as the allowedDirectory will open the entire file-system for
-      reading. 
+      reading.
 */
 - (void)loadFileURL:(NSURL *)URL restrictToFilesWithin:(NSURL *)allowedDirectory;

Modified: trunk/Source/WebKit2/UIProcess/API/mac/WKBrowsingContextController.mm (149421 => 149422)


--- trunk/Source/WebKit2/UIProcess/API/mac/WKBrowsingContextController.mm	2013-05-01 04:58:50 UTC (rev 149421)
+++ trunk/Source/WebKit2/UIProcess/API/mac/WKBrowsingContextController.mm	2013-05-01 05:16:04 UTC (rev 149422)
@@ -119,13 +119,13 @@
 
 - (void)loadFileURL:(NSURL *)URL restrictToFilesWithin:(NSURL *)allowedDirectory
 {
-    if (![URL isFileURL])
-        return;
+    if (![URL isFileURL] || (allowedDirectory && ![allowedDirectory isFileURL]))
+        [NSException raise:NSInvalidArgumentException format:@"Attempted to load a non-file URL"];
 
-    /* FIXME: Implement restrictions. */
-
     WKRetainPtr<WKURLRef> wkURL = adoptWK(WKURLCreateWithCFURL((CFURLRef)URL));
-    WKPageLoadURL(self._pageRef, wkURL.get());
+    WKRetainPtr<WKURLRef> wkAllowedDirectory = adoptWK(WKURLCreateWithCFURL((CFURLRef)allowedDirectory));
+    
+    WKPageLoadFile(self._pageRef, wkURL.get(), wkAllowedDirectory.get());
 }
 
 - (void)loadHTMLString:(NSString *)HTMLString baseURL:(NSURL *)baseURL

Modified: trunk/Source/WebKit2/UIProcess/WebPageProxy.cpp (149421 => 149422)


--- trunk/Source/WebKit2/UIProcess/WebPageProxy.cpp	2013-05-01 04:58:50 UTC (rev 149421)
+++ trunk/Source/WebKit2/UIProcess/WebPageProxy.cpp	2013-05-01 05:16:04 UTC (rev 149422)
@@ -731,6 +731,31 @@
     m_process->responsivenessTimer()->start();
 }
 
+void WebPageProxy::loadFile(const String& fileURLString, const String& resourceDirectoryURLString)
+{
+    if (!isValid())
+        reattachToWebProcess();
+
+    KURL fileURL = KURL(KURL(), fileURLString);
+    if (!fileURL.isLocalFile())
+        return;
+
+    String resourceDirectoryPath;
+    if (!resourceDirectoryURLString.isNull()) {
+        KURL resourceDirectoryURL = KURL(KURL(), resourceDirectoryURLString);
+        if (!resourceDirectoryURL.isLocalFile())
+            return;
+        resourceDirectoryPath = resourceDirectoryURL.fileSystemPath();
+    } else
+        resourceDirectoryPath = ASCIILiteral("/");
+
+    SandboxExtension::Handle sandboxExtensionHandle;
+    SandboxExtension::createHandle(resourceDirectoryPath, SandboxExtension::ReadOnly, sandboxExtensionHandle);
+    m_process->assumeReadAccessToBaseURL(resourceDirectoryPath);
+    m_process->send(Messages::WebPage::LoadURL(fileURL, sandboxExtensionHandle), m_pageID);
+    m_process->responsivenessTimer()->start();
+}
+
 void WebPageProxy::stopLoading()
 {
     if (!isValid())

Modified: trunk/Source/WebKit2/UIProcess/WebPageProxy.h (149421 => 149422)


--- trunk/Source/WebKit2/UIProcess/WebPageProxy.h	2013-05-01 04:58:50 UTC (rev 149421)
+++ trunk/Source/WebKit2/UIProcess/WebPageProxy.h	2013-05-01 05:16:04 UTC (rev 149422)
@@ -288,6 +288,7 @@
     void loadAlternateHTMLString(const String& htmlString, const String& baseURL, const String& unreachableURL);
     void loadPlainTextString(const String& string);
     void loadWebArchiveData(const WebData*);
+    void loadFile(const String& fileURL, const String& resourceDirectoryURL);
 
     void stopLoading();
     void reload(bool reloadFromOrigin);

_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes

Reply via email to