[webkit-changes] [167238] releases/WebKitGTK/webkit-2.4/Source/WebKit2

Mon, 14 Apr 2014 04:13:30 -0700

Title: [167238] releases/WebKitGTK/webkit-2.4/Source/WebKit2
Revision
167238
Author
[email protected]
Date
2014-04-14 04:12:23 -0700 (Mon, 14 Apr 2014)

Log Message

Merge r166026 - Generalize WebInspector check in maybeInitializeSandboxExtensionHandle().
https://bugs.webkit.org/show_bug.cgi?id=130079
<rdar://problem/16286683>

Reviewed by Anders Carlsson.

* UIProcess/WebPageProxy.cpp: (WebKit::WebPageProxy::maybeInitializeSandboxExtensionHandle):
Perform an early return for all paths that don't need a sandbox extension due to
access being assumed, not only for WebInspector pages.

* UIProcess/WebProcessProxy.cpp:
(WebKit::WebProcessProxy::hasAssumedReadAccessToURL):
(WebKit::WebProcessProxy::checkURLReceivedFromWebProcess):
* UIProcess/WebProcessProxy.h:
Factored out m_localPathsWithAssumedReadAccess iteration to a public function.

Modified Paths

Diff

Modified: releases/WebKitGTK/webkit-2.4/Source/WebKit2/ChangeLog (167237 => 167238)


--- releases/WebKitGTK/webkit-2.4/Source/WebKit2/ChangeLog	2014-04-14 11:04:57 UTC (rev 167237)
+++ releases/WebKitGTK/webkit-2.4/Source/WebKit2/ChangeLog	2014-04-14 11:12:23 UTC (rev 167238)
@@ -1,3 +1,21 @@
+2014-03-20  Alexey Proskuryakov  <[email protected]>
+
+        Generalize WebInspector check in maybeInitializeSandboxExtensionHandle().
+        https://bugs.webkit.org/show_bug.cgi?id=130079
+        <rdar://problem/16286683>
+
+        Reviewed by Anders Carlsson.
+
+        * UIProcess/WebPageProxy.cpp: (WebKit::WebPageProxy::maybeInitializeSandboxExtensionHandle):
+        Perform an early return for all paths that don't need a sandbox extension due to
+        access being assumed, not only for WebInspector pages.
+
+        * UIProcess/WebProcessProxy.cpp:
+        (WebKit::WebProcessProxy::hasAssumedReadAccessToURL):
+        (WebKit::WebProcessProxy::checkURLReceivedFromWebProcess):
+        * UIProcess/WebProcessProxy.h:
+        Factored out m_localPathsWithAssumedReadAccess iteration to a public function.
+
 2014-04-11  Carlos Garcia Campos  <[email protected]>
 
         wk2-gtk does not display anything

Modified: releases/WebKitGTK/webkit-2.4/Source/WebKit2/UIProcess/WebPageProxy.cpp (167237 => 167238)


--- releases/WebKitGTK/webkit-2.4/Source/WebKit2/UIProcess/WebPageProxy.cpp	2014-04-14 11:04:57 UTC (rev 167237)
+++ releases/WebKitGTK/webkit-2.4/Source/WebKit2/UIProcess/WebPageProxy.cpp	2014-04-14 11:12:23 UTC (rev 167238)
@@ -597,10 +597,12 @@
     if (!url.isLocalFile())
         return false;
 
+    if (m_process->hasAssumedReadAccessToURL(url))
+        return false;
+
 #if ENABLE(INSPECTOR)
-    // Don't give the inspector full access to the file system.
-    if (WebInspectorProxy::isInspectorPage(*this))
-        return false;
+    // Inspector resources are in a directory with assumed access.
+    ASSERT_WITH_SECURITY_IMPLICATION(!WebInspectorProxy::isInspectorPage(*this));
 #endif
 
     SandboxExtension::createHandle("/", SandboxExtension::ReadOnly, sandboxExtensionHandle);

Modified: releases/WebKitGTK/webkit-2.4/Source/WebKit2/UIProcess/WebProcessProxy.cpp (167237 => 167238)


--- releases/WebKitGTK/webkit-2.4/Source/WebKit2/UIProcess/WebProcessProxy.cpp	2014-04-14 11:04:57 UTC (rev 167237)
+++ releases/WebKitGTK/webkit-2.4/Source/WebKit2/UIProcess/WebProcessProxy.cpp	2014-04-14 11:12:23 UTC (rev 167238)
@@ -245,6 +245,21 @@
     m_localPathsWithAssumedReadAccess.add(baseURL.fileSystemPath());
 }
 
+bool WebProcessProxy::hasAssumedReadAccessToURL(const URL& url) const
+{
+    if (!url.isLocalFile())
+        return false;
+
+    String path = url.fileSystemPath();
+    for (const String& assumedAccessPath : m_localPathsWithAssumedReadAccess) {
+        // There are no ".." components, because URL removes those.
+        if (path.startsWith(assumedAccessPath))
+            return true;
+    }
+
+    return false;
+}
+
 bool WebProcessProxy::checkURLReceivedFromWebProcess(const String& urlString)
 {
     return checkURLReceivedFromWebProcess(URL(URL(), urlString));
@@ -263,15 +278,12 @@
         return true;
 
     // If we loaded a string with a file base URL before, loading resources from that subdirectory is fine.
-    // There are no ".." components, because all URLs received from WebProcess are parsed with URL, which removes those.
-    String path = url.fileSystemPath();
-    for (HashSet<String>::const_iterator iter = m_localPathsWithAssumedReadAccess.begin(); iter != m_localPathsWithAssumedReadAccess.end(); ++iter) {
-        if (path.startsWith(*iter))
-            return true;
-    }
+    if (hasAssumedReadAccessToURL(url))
+        return true;
 
     // Items in back/forward list have been already checked.
     // One case where we don't have sandbox extensions for file URLs in b/f list is if the list has been reinstated after a crash or a browser restart.
+    String path = url.fileSystemPath();
     for (WebBackForwardListItemMap::iterator iter = m_backForwardListItemMap.begin(), end = m_backForwardListItemMap.end(); iter != end; ++iter) {
         if (URL(URL(), iter->value->url()).fileSystemPath() == path)
             return true;

Modified: releases/WebKitGTK/webkit-2.4/Source/WebKit2/UIProcess/WebProcessProxy.h (167237 => 167238)


--- releases/WebKitGTK/webkit-2.4/Source/WebKit2/UIProcess/WebProcessProxy.h	2014-04-14 11:04:57 UTC (rev 167237)
+++ releases/WebKitGTK/webkit-2.4/Source/WebKit2/UIProcess/WebProcessProxy.h	2014-04-14 11:12:23 UTC (rev 167238)
@@ -99,6 +99,7 @@
 
     void willAcquireUniversalFileReadSandboxExtension() { m_mayHaveUniversalFileReadSandboxExtension = true; }
     void assumeReadAccessToBaseURL(const String&);
+    bool hasAssumedReadAccessToURL(const WebCore::URL&) const;
 
     bool checkURLReceivedFromWebProcess(const String&);
     bool checkURLReceivedFromWebProcess(const WebCore::URL&);

_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes

Reply via email to