Diff
Modified: trunk/Source/WebKit2/ChangeLog (149764 => 149765)
--- trunk/Source/WebKit2/ChangeLog 2013-05-08 20:45:01 UTC (rev 149764)
+++ trunk/Source/WebKit2/ChangeLog 2013-05-08 20:48:58 UTC (rev 149765)
@@ -1,3 +1,34 @@
+2013-05-08 Sam Weinig <[email protected]>
+
+ Add SPI to determine if a plugin is sandboxed
+ https://bugs.webkit.org/show_bug.cgi?id=115810
+
+ Reviewed by Anders Carlsson.
+
+ * PluginProcess/mac/PluginProcessMac.mm:
+ (WebKit::PluginProcess::initializeSandbox):
+ * Shared/Plugins/mac/PluginSandboxProfile.h: Added.
+ * Shared/Plugins/mac/PluginSandboxProfile.mm: Added.
+ (WebKit::pluginSandboxProfileDefaultDirectory):
+ (WebKit::pluginSandboxProfileDirectories):
+ (WebKit::pluginSandboxProfileName):
+ (WebKit::pluginSandboxCommonProfile):
+ (WebKit::pluginSandboxProfileForDirectory):
+ (WebKit::pluginSandboxProfile):
+ (WebKit::pluginHasSandboxProfileForDirectory):
+ (WebKit::pluginHasSandboxProfile):
+ Move sandbox code to its own file and refactor to use cocoa. Also adds pluginHasSandboxProfile function
+ which uses the newly refactored code.
+
+ * UIProcess/API/C/mac/WKContextPrivateMac.h:
+ * UIProcess/API/C/mac/WKContextPrivateMac.mm:
+ (WKPlugInInfoIsSandboxedKey):
+ (createInfoDictionary):
+ Add WKPlugInInfoIsSandboxedKey.
+
+ * WebKit2.xcodeproj/project.pbxproj:
+ Add new files.
+
2013-05-08 Anders Carlsson <[email protected]>
Safari unexpectedly quits with invalid message from the web process with message ID 0x323002f (WebPageProxy.DecidePolicyForNavigationAction)
Modified: trunk/Source/WebKit2/PluginProcess/mac/PluginProcessMac.mm (149764 => 149765)
--- trunk/Source/WebKit2/PluginProcess/mac/PluginProcessMac.mm 2013-05-08 20:45:01 UTC (rev 149764)
+++ trunk/Source/WebKit2/PluginProcess/mac/PluginProcessMac.mm 2013-05-08 20:48:58 UTC (rev 149765)
@@ -30,9 +30,10 @@
#if ENABLE(PLUGIN_PROCESS)
#import "NetscapePlugin.h"
-#import "PluginProcessShim.h"
-#import "PluginProcessProxyMessages.h"
#import "PluginProcessCreationParameters.h"
+#import "PluginProcessProxyMessages.h"
+#import "PluginProcessShim.h"
+#import "PluginSandboxProfile.h"
#import "SandboxInitializationParameters.h"
#import <CoreAudio/AudioHardware.h>
#import <WebCore/LocalizedStrings.h>
@@ -282,48 +283,6 @@
parentProcessConnection()->send(Messages::PluginProcessProxy::SetFullscreenWindowIsShowing(fullscreenWindowIsShowing), 0);
}
-static String loadSandboxProfileForDirectory(const String& bundleIdentifier, NSString *sandboxProfileDirectoryPath)
-{
- if (bundleIdentifier.isEmpty())
- return String();
-
- // Fold all / characters to : to prevent the plugin bundle-id from trying to escape the profile directory
- String sanitizedBundleIdentifier = bundleIdentifier;
- sanitizedBundleIdentifier.replace('/', ':');
-
- RetainPtr<CFURLRef> sandboxProfileDirectory = adoptCF(CFURLCreateWithFileSystemPath(0, (CFStringRef)sandboxProfileDirectoryPath, kCFURLPOSIXPathStyle, TRUE));
-
- RetainPtr<CFStringRef> sandboxFileName = adoptCF(CFStringCreateWithFormat(0, 0, CFSTR("%@.sb"), sanitizedBundleIdentifier.createCFString().get()));
- RetainPtr<CFURLRef> sandboxURL = adoptCF(CFURLCreateWithFileSystemPathRelativeToBase(0, sandboxFileName.get(), kCFURLPOSIXPathStyle, FALSE, sandboxProfileDirectory.get()));
-
- RetainPtr<NSString> profileString = adoptNS([[NSString alloc] initWithContentsOfURL:(NSURL *)sandboxURL.get() encoding:NSUTF8StringEncoding error:NULL]);
- if (!profileString)
- return String();
-
- sandboxURL = adoptCF(CFURLCreateWithFileSystemPathRelativeToBase(0, CFSTR("com.apple.WebKit.plugin-common.sb"), kCFURLPOSIXPathStyle, FALSE, sandboxProfileDirectory.get()));
-
- RetainPtr<NSString> commonProfileString = adoptNS([[NSString alloc] initWithContentsOfURL:(NSURL *)sandboxURL.get() encoding:NSUTF8StringEncoding error:NULL]);
- if (!commonProfileString)
- return String();
-
- return [commonProfileString.get() stringByAppendingString:profileString.get()];
-}
-
-static String loadSandboxProfile(const String& bundleIdentifier)
-{
- // First look in the WebKit2 bundle.
- String sandboxProfile = loadSandboxProfileForDirectory(bundleIdentifier, [[[NSBundle bundleForClass:NSClassFromString(@"WKView")] resourcePath] stringByAppendingPathComponent:@"PlugInSandboxProfiles"]);
- if (!sandboxProfile.isEmpty())
- return sandboxProfile;
-
- // Then try /System/Library/Sandbox/Profiles/.
- sandboxProfile = loadSandboxProfileForDirectory(bundleIdentifier, @"/System/Library/Sandbox/Profiles/");
- if (!sandboxProfile.isEmpty())
- return sandboxProfile;
-
- return String();
-}
-
static void muteAudio(void)
{
AudioObjectPropertyAddress propertyAddress = { kAudioHardwarePropertyProcessIsAudible, kAudioObjectPropertyScopeGlobal, kAudioObjectPropertyElementMaster };
@@ -382,7 +341,7 @@
void PluginProcess::initializeSandbox(const ChildProcessInitializationParameters& parameters, SandboxInitializationParameters& sandboxParameters)
{
- String sandboxProfile = loadSandboxProfile(m_pluginBundleIdentifier);
+ String sandboxProfile = pluginSandboxProfile(m_pluginBundleIdentifier);
if (sandboxProfile.isEmpty())
return;
Added: trunk/Source/WebKit2/Shared/Plugins/mac/PluginSandboxProfile.h (0 => 149765)
--- trunk/Source/WebKit2/Shared/Plugins/mac/PluginSandboxProfile.h (rev 0)
+++ trunk/Source/WebKit2/Shared/Plugins/mac/PluginSandboxProfile.h 2013-05-08 20:48:58 UTC (rev 149765)
@@ -0,0 +1,38 @@
+/*
+ * Copyright (C) 2013 Apple Inc. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS''
+ * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,
+ * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS
+ * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF
+ * THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#ifndef PluginSandboxProfile_h
+#define PluginSandboxProfile_h
+
+#include <wtf/Forward.h>
+
+namespace WebKit {
+
+String pluginSandboxProfile(const String& bundleIdentifier);
+bool pluginHasSandboxProfile(const String& bundleIdentifier);
+
+} // namespace WebKit
+
+#endif // PluginSandboxProfile_h
Added: trunk/Source/WebKit2/Shared/Plugins/mac/PluginSandboxProfile.mm (0 => 149765)
--- trunk/Source/WebKit2/Shared/Plugins/mac/PluginSandboxProfile.mm (rev 0)
+++ trunk/Source/WebKit2/Shared/Plugins/mac/PluginSandboxProfile.mm 2013-05-08 20:48:58 UTC (rev 149765)
@@ -0,0 +1,113 @@
+/*
+ * Copyright (C) 2013 Apple Inc. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS''
+ * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,
+ * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS
+ * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF
+ * THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include "config.h"
+#include "PluginSandboxProfile.h"
+
+#include <wtf/RetainPtr.h>
+#include <wtf/text/StringConcatenate.h>
+#include <wtf/text/WTFString.h>
+
+namespace WebKit {
+
+static NSString *pluginSandboxProfileDefaultDirectory()
+{
+ return [[[NSBundle bundleForClass:NSClassFromString(@"WKView")] resourcePath] stringByAppendingPathComponent:@"PlugInSandboxProfiles"];
+}
+
+static NSArray *pluginSandboxProfileDirectories()
+{
+ return @[
+ // First look in the WebKit2 bundle.
+ pluginSandboxProfileDefaultDirectory(),
+
+ // Then try /System/Library/Sandbox/Profiles/.
+ @"/System/Library/Sandbox/Profiles/"
+ ];
+}
+
+static NSString *pluginSandboxProfileName(const String& bundleIdentifier)
+{
+ // Fold all / characters to : to prevent the plugin bundle-id from trying to escape the profile directory
+ String sanitizedBundleIdentifier = bundleIdentifier;
+ sanitizedBundleIdentifier.replace('/', ':');
+
+ return [NSString stringWithFormat:@"%@.sb", (NSString *)sanitizedBundleIdentifier];
+}
+
+static String pluginSandboxCommonProfile()
+{
+ NSString *profilePath = [pluginSandboxProfileDefaultDirectory() stringByAppendingPathComponent:@"com.apple.WebKit.plugin-common.sb"];
+ return [NSString stringWithContentsOfFile:profilePath encoding:NSUTF8StringEncoding error:NULL];
+}
+
+static String pluginSandboxProfileForDirectory(NSString *profileName, NSString *sandboxProfileDirectoryPath)
+{
+ NSString *profilePath = [sandboxProfileDirectoryPath stringByAppendingPathComponent:profileName];
+ NSString *profileString = [NSString stringWithContentsOfFile:profilePath encoding:NSUTF8StringEncoding error:NULL];
+ if (!profileString)
+ return String();
+
+ return makeString(pluginSandboxCommonProfile(), String(profileString));
+}
+
+String pluginSandboxProfile(const String& bundleIdentifier)
+{
+ if (bundleIdentifier.isEmpty())
+ return String();
+
+ NSString *profileName = pluginSandboxProfileName(bundleIdentifier);
+
+ for (NSString *directory in pluginSandboxProfileDirectories()) {
+ String sandboxProfile = pluginSandboxProfileForDirectory(profileName, directory);
+ if (!sandboxProfile.isEmpty())
+ return sandboxProfile;
+ }
+
+ return String();
+}
+
+static bool pluginHasSandboxProfileForDirectory(NSString *profileName, NSString *sandboxProfileDirectoryPath)
+{
+ NSString *profilePath = [sandboxProfileDirectoryPath stringByAppendingPathComponent:profileName];
+ return [[NSFileManager defaultManager] fileExistsAtPath:profilePath];
+}
+
+bool pluginHasSandboxProfile(const String& bundleIdentifier)
+{
+ if (bundleIdentifier.isEmpty())
+ return false;
+
+ NSString *profileName = pluginSandboxProfileName(bundleIdentifier);
+
+ for (NSString *directory in pluginSandboxProfileDirectories()) {
+ if (pluginHasSandboxProfileForDirectory(profileName, directory))
+ return true;
+ }
+
+ return false;
+}
+
+} // namespace WebKit
Modified: trunk/Source/WebKit2/UIProcess/API/C/mac/WKContextPrivateMac.h (149764 => 149765)
--- trunk/Source/WebKit2/UIProcess/API/C/mac/WKContextPrivateMac.h 2013-05-08 20:45:01 UTC (rev 149764)
+++ trunk/Source/WebKit2/UIProcess/API/C/mac/WKContextPrivateMac.h 2013-05-08 20:48:58 UTC (rev 149765)
@@ -53,6 +53,9 @@
/* Value type: WKBooleanRef */
WK_EXPORT WKStringRef WKPlugInInfoUpdatePastLastBlockedVersionIsKnownAvailableKey();
+/* Value type: WKBooleanRef */
+WK_EXPORT WKStringRef WKPlugInInfoIsSandboxedKey();
+
WK_EXPORT WKDictionaryRef WKContextCopyPlugInInfoForBundleIdentifier(WKContextRef context, WKStringRef plugInBundleIdentifier);
typedef void (^WKContextGetInfoForInstalledPlugInsBlock)(WKArrayRef, WKErrorRef);
Modified: trunk/Source/WebKit2/UIProcess/API/C/mac/WKContextPrivateMac.mm (149764 => 149765)
--- trunk/Source/WebKit2/UIProcess/API/C/mac/WKContextPrivateMac.mm 2013-05-08 20:45:01 UTC (rev 149764)
+++ trunk/Source/WebKit2/UIProcess/API/C/mac/WKContextPrivateMac.mm 2013-05-08 20:48:58 UTC (rev 149765)
@@ -29,6 +29,7 @@
#import "ImmutableArray.h"
#import "ImmutableDictionary.h"
#import "PluginInfoStore.h"
+#import "PluginSandboxProfile.h"
#import "StringUtilities.h"
#import "WKAPICast.h"
#import "WKSharedAPICast.h"
@@ -87,6 +88,12 @@
return toAPI(key);
}
+WKStringRef WKPlugInInfoIsSandboxedKey()
+{
+ static WebString* key = WebString::createFromUTF8String("WKPlugInInfoIsSandboxed").leakRef();
+ return toAPI(key);
+}
+
static PassRefPtr<ImmutableDictionary> createInfoDictionary(const PluginModuleInfo& info)
{
ImmutableDictionary::MapType map;
@@ -95,6 +102,7 @@
map.set(toWTFString(WKPlugInInfoVersionKey()), WebString::create(info.versionString));
map.set(toWTFString(WKPlugInInfoLoadPolicyKey()), WebUInt64::create(toWKPluginLoadPolicy(PluginInfoStore::policyForPlugin(info))));
map.set(toWTFString(WKPlugInInfoUpdatePastLastBlockedVersionIsKnownAvailableKey()), WebBoolean::create(WKIsPluginUpdateAvailable(nsStringFromWebCoreString(info.bundleIdentifier))));
+ map.set(toWTFString(WKPlugInInfoIsSandboxedKey()), WebBoolean::create(pluginHasSandboxProfile(info.bundleIdentifier)));
return ImmutableDictionary::adopt(map);
}
Modified: trunk/Source/WebKit2/WebKit2.xcodeproj/project.pbxproj (149764 => 149765)
--- trunk/Source/WebKit2/WebKit2.xcodeproj/project.pbxproj 2013-05-08 20:45:01 UTC (rev 149764)
+++ trunk/Source/WebKit2/WebKit2.xcodeproj/project.pbxproj 2013-05-08 20:48:58 UTC (rev 149765)
@@ -580,6 +580,8 @@
7CB16FF21724BA28007A0A95 /* com.macromedia.Flash Player.plugin.sb in Copy Plug-in Sandbox Profiles */ = {isa = PBXBuildFile; fileRef = 7CB16FE51724B9B5007A0A95 /* com.macromedia.Flash Player.plugin.sb */; };
7CB16FF31724BA2F007A0A95 /* com.microsoft.SilverlightPlugin.sb in Copy Plug-in Sandbox Profiles */ = {isa = PBXBuildFile; fileRef = 7CB16FE61724B9B5007A0A95 /* com.microsoft.SilverlightPlugin.sb */; };
7CB16FF41724BA30007A0A95 /* com.oracle.java.JavaAppletPlugin.sb in Copy Plug-in Sandbox Profiles */ = {isa = PBXBuildFile; fileRef = 7CB16FE71724B9B5007A0A95 /* com.oracle.java.JavaAppletPlugin.sb */; };
+ 7CD622771739D863005BD7FF /* PluginSandboxProfile.mm in Sources */ = {isa = PBXBuildFile; fileRef = 7CD622751739D863005BD7FF /* PluginSandboxProfile.mm */; };
+ 7CD622781739D863005BD7FF /* PluginSandboxProfile.h in Headers */ = {isa = PBXBuildFile; fileRef = 7CD622761739D863005BD7FF /* PluginSandboxProfile.h */; };
7CF47FF617275B71008ACB91 /* WKBundlePageBanner.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 7CF47FF417275B71008ACB91 /* WKBundlePageBanner.cpp */; };
7CF47FF717275B71008ACB91 /* WKBundlePageBanner.h in Headers */ = {isa = PBXBuildFile; fileRef = 7CF47FF517275B71008ACB91 /* WKBundlePageBanner.h */; settings = {ATTRIBUTES = (Private, ); }; };
7CF47FFB17275C57008ACB91 /* PageBanner.h in Headers */ = {isa = PBXBuildFile; fileRef = 7CF47FF917275C57008ACB91 /* PageBanner.h */; };
@@ -2054,6 +2056,8 @@
7CB16FE51724B9B5007A0A95 /* com.macromedia.Flash Player.plugin.sb */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = text; path = "com.macromedia.Flash Player.plugin.sb"; sourceTree = "<group>"; };
7CB16FE61724B9B5007A0A95 /* com.microsoft.SilverlightPlugin.sb */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = text; path = com.microsoft.SilverlightPlugin.sb; sourceTree = "<group>"; };
7CB16FE71724B9B5007A0A95 /* com.oracle.java.JavaAppletPlugin.sb */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = text; path = com.oracle.java.JavaAppletPlugin.sb; sourceTree = "<group>"; };
+ 7CD622751739D863005BD7FF /* PluginSandboxProfile.mm */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.objcpp; path = PluginSandboxProfile.mm; sourceTree = "<group>"; };
+ 7CD622761739D863005BD7FF /* PluginSandboxProfile.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = PluginSandboxProfile.h; sourceTree = "<group>"; };
7CF47FF417275B71008ACB91 /* WKBundlePageBanner.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = WKBundlePageBanner.cpp; sourceTree = "<group>"; };
7CF47FF517275B71008ACB91 /* WKBundlePageBanner.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = WKBundlePageBanner.h; sourceTree = "<group>"; };
7CF47FF917275C57008ACB91 /* PageBanner.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = PageBanner.h; sourceTree = "<group>"; };
@@ -3171,6 +3175,8 @@
isa = PBXGroup;
children = (
1A9FBA8C13FF04E600DEED67 /* PluginComplexTextInputState.h */,
+ 7CD622751739D863005BD7FF /* PluginSandboxProfile.mm */,
+ 7CD622761739D863005BD7FF /* PluginSandboxProfile.h */,
);
path = mac;
sourceTree = "<group>";
@@ -5581,6 +5587,7 @@
909854ED12BC4E18000AD080 /* WebMemorySampler.h in Headers */,
BCF69FA21176D01400471A52 /* WebNavigationData.h in Headers */,
BCF69F9A1176CED600471A52 /* WebNavigationDataStore.h in Headers */,
+ 7CD622781739D863005BD7FF /* PluginSandboxProfile.h in Headers */,
31A2EC49148997C200810D71 /* WebNotification.h in Headers */,
310999C7146C9E3D0029DEB9 /* WebNotificationClient.h in Headers */,
31312621148FF82C00BA2A39 /* WebNotificationManager.h in Headers */,
@@ -6589,6 +6596,7 @@
1AE49A4A11FFA8CE0048B464 /* JSNPMethod.cpp in Sources */,
1AE4987911FF7FAA0048B464 /* JSNPObject.cpp in Sources */,
BCE0937714FB128C001138D9 /* LayerHostingContext.mm in Sources */,
+ 7CD622771739D863005BD7FF /* PluginSandboxProfile.mm in Sources */,
1A92DC1312F8BAB90017AF65 /* LayerTreeContextMac.mm in Sources */,
1A186EEB12EF7618008E5F37 /* LayerTreeHost.cpp in Sources */,
1A97E07716A5F9E0000BC9E5 /* LayerTreeHostMac.mm in Sources */,
