- Revision
- 171943
- Author
- [email protected]
- Date
- 2014-08-01 12:19:22 -0700 (Fri, 01 Aug 2014)
Log Message
Various frameworks may want to use the container temp directory, so our current restrictions are too tight
https://bugs.webkit.org/show_bug.cgi?id=135518
<rdar://17869279>
Reviewed by Anders Carlsson.
We don't (and can't) have complete knowledge of what different frameworks
will want to use the container temporary directory for, and so our
current attempt to heavily restrict access is simply too tight.
This patch recognises this by simply giving read-write access to the
entire NSTemporary() directory (e.g. $container/tmp in the general case),
rather than the single sub directory we wishfully thought that we would
be able to get away with.
* Shared/WebProcessCreationParameters.cpp:
(WebKit::WebProcessCreationParameters::encode):
(WebKit::WebProcessCreationParameters::decode):
* Shared/WebProcessCreationParameters.h:
* UIProcess/WebContext.cpp:
(WebKit::WebContext::createNewWebProcess):
(WebKit::WebContext::mediaCacheDirectory): Deleted.
* UIProcess/WebContext.h:
* UIProcess/efl/WebContextEfl.cpp:
(WebKit::WebContext::containerTemporaryDirectory):
(WebKit::WebContext::platformMediaCacheDirectory): Deleted.
* UIProcess/gtk/WebContextGtk.cpp:
(WebKit::WebContext::containerTemporaryDirectory):
(WebKit::WebContext::platformMediaCacheDirectory): Deleted.
* UIProcess/mac/WebContextMac.mm:
(WebKit::WebContext::containerTemporaryDirectory):
(WebKit::WebContext::platformMediaCacheDirectory): Deleted.
* WebProcess/cocoa/WebProcessCocoa.mm:
(WebKit::WebProcess::platformInitializeWebProcess):
Modified Paths
Diff
Modified: trunk/Source/WebKit2/ChangeLog (171942 => 171943)
--- trunk/Source/WebKit2/ChangeLog 2014-08-01 19:19:14 UTC (rev 171942)
+++ trunk/Source/WebKit2/ChangeLog 2014-08-01 19:19:22 UTC (rev 171943)
@@ -1,3 +1,40 @@
+2014-08-01 Oliver Hunt <[email protected]>
+
+ Various frameworks may want to use the container temp directory, so our current restrictions are too tight
+ https://bugs.webkit.org/show_bug.cgi?id=135518
+ <rdar://17869279>
+
+ Reviewed by Anders Carlsson.
+
+ We don't (and can't) have complete knowledge of what different frameworks
+ will want to use the container temporary directory for, and so our
+ current attempt to heavily restrict access is simply too tight.
+
+ This patch recognises this by simply giving read-write access to the
+ entire NSTemporary() directory (e.g. $container/tmp in the general case),
+ rather than the single sub directory we wishfully thought that we would
+ be able to get away with.
+
+ * Shared/WebProcessCreationParameters.cpp:
+ (WebKit::WebProcessCreationParameters::encode):
+ (WebKit::WebProcessCreationParameters::decode):
+ * Shared/WebProcessCreationParameters.h:
+ * UIProcess/WebContext.cpp:
+ (WebKit::WebContext::createNewWebProcess):
+ (WebKit::WebContext::mediaCacheDirectory): Deleted.
+ * UIProcess/WebContext.h:
+ * UIProcess/efl/WebContextEfl.cpp:
+ (WebKit::WebContext::containerTemporaryDirectory):
+ (WebKit::WebContext::platformMediaCacheDirectory): Deleted.
+ * UIProcess/gtk/WebContextGtk.cpp:
+ (WebKit::WebContext::containerTemporaryDirectory):
+ (WebKit::WebContext::platformMediaCacheDirectory): Deleted.
+ * UIProcess/mac/WebContextMac.mm:
+ (WebKit::WebContext::containerTemporaryDirectory):
+ (WebKit::WebContext::platformMediaCacheDirectory): Deleted.
+ * WebProcess/cocoa/WebProcessCocoa.mm:
+ (WebKit::WebProcess::platformInitializeWebProcess):
+
2014-08-01 Dan Bernstein <[email protected]>
<rdar://problem/17862013> REGRESSION (r169357): Disabling "allow plug-ins" doesn't stick on quit/relaunch
Modified: trunk/Source/WebKit2/Shared/WebProcessCreationParameters.cpp (171942 => 171943)
--- trunk/Source/WebKit2/Shared/WebProcessCreationParameters.cpp 2014-08-01 19:19:14 UTC (rev 171942)
+++ trunk/Source/WebKit2/Shared/WebProcessCreationParameters.cpp 2014-08-01 19:19:22 UTC (rev 171943)
@@ -69,8 +69,8 @@
encoder << cookieStorageDirectoryExtensionHandle;
encoder << openGLCacheDirectory;
encoder << openGLCacheDirectoryExtensionHandle;
- encoder << mediaCacheDirectory;
- encoder << mediaCacheDirectoryExtensionHandle;
+ encoder << containerTemporaryDirectory;
+ encoder << containerTemporaryDirectoryExtensionHandle;
encoder << shouldUseTestingNetworkSession;
encoder << urlSchemesRegistererdAsEmptyDocument;
encoder << urlSchemesRegisteredAsSecure;
@@ -168,9 +168,9 @@
return false;
if (!decoder.decode(parameters.openGLCacheDirectoryExtensionHandle))
return false;
- if (!decoder.decode(parameters.mediaCacheDirectory))
+ if (!decoder.decode(parameters.containerTemporaryDirectory))
return false;
- if (!decoder.decode(parameters.mediaCacheDirectoryExtensionHandle))
+ if (!decoder.decode(parameters.containerTemporaryDirectoryExtensionHandle))
return false;
if (!decoder.decode(parameters.shouldUseTestingNetworkSession))
return false;
Modified: trunk/Source/WebKit2/Shared/WebProcessCreationParameters.h (171942 => 171943)
--- trunk/Source/WebKit2/Shared/WebProcessCreationParameters.h 2014-08-01 19:19:14 UTC (rev 171942)
+++ trunk/Source/WebKit2/Shared/WebProcessCreationParameters.h 2014-08-01 19:19:22 UTC (rev 171943)
@@ -74,8 +74,8 @@
SandboxExtension::Handle cookieStorageDirectoryExtensionHandle;
String openGLCacheDirectory;
SandboxExtension::Handle openGLCacheDirectoryExtensionHandle;
- String mediaCacheDirectory;
- SandboxExtension::Handle mediaCacheDirectoryExtensionHandle;
+ String containerTemporaryDirectory;
+ SandboxExtension::Handle containerTemporaryDirectoryExtensionHandle;
bool shouldUseTestingNetworkSession;
Modified: trunk/Source/WebKit2/UIProcess/WebContext.cpp (171942 => 171943)
--- trunk/Source/WebKit2/UIProcess/WebContext.cpp 2014-08-01 19:19:14 UTC (rev 171942)
+++ trunk/Source/WebKit2/UIProcess/WebContext.cpp 2014-08-01 19:19:22 UTC (rev 171943)
@@ -621,9 +621,9 @@
if (!parameters.openGLCacheDirectory.isEmpty())
SandboxExtension::createHandleForReadWriteDirectory(parameters.openGLCacheDirectory, parameters.openGLCacheDirectoryExtensionHandle);
- parameters.mediaCacheDirectory = mediaCacheDirectory();
- if (!parameters.mediaCacheDirectory.isEmpty())
- SandboxExtension::createHandleForReadWriteDirectory(parameters.mediaCacheDirectory, parameters.mediaCacheDirectoryExtensionHandle);
+ parameters.containerTemporaryDirectory = containerTemporaryDirectory();
+ if (!parameters.containerTemporaryDirectory.isEmpty())
+ SandboxExtension::createHandleForReadWriteDirectory(parameters.containerTemporaryDirectory, parameters.containerTemporaryDirectoryExtensionHandle);
parameters.shouldUseTestingNetworkSession = m_shouldUseTestingNetworkSession;
@@ -1223,14 +1223,6 @@
return platformDefaultNetworkingHSTSDatabasePath();
}
-String WebContext::mediaCacheDirectory() const
-{
- if (!m_overrideMediaCacheDirectory.isEmpty())
- return m_overrideMediaCacheDirectory;
-
- return platformMediaCacheDirectory();
-}
-
void WebContext::useTestingNetworkSession()
{
ASSERT(m_processes.isEmpty());
Modified: trunk/Source/WebKit2/UIProcess/WebContext.h (171942 => 171943)
--- trunk/Source/WebKit2/UIProcess/WebContext.h 2014-08-01 19:19:14 UTC (rev 171942)
+++ trunk/Source/WebKit2/UIProcess/WebContext.h 2014-08-01 19:19:22 UTC (rev 171943)
@@ -433,8 +433,7 @@
String networkingHSTSDatabasePath() const;
String platformDefaultNetworkingHSTSDatabasePath() const;
- String mediaCacheDirectory() const;
- String platformMediaCacheDirectory() const;
+ String containerTemporaryDirectory() const;
#if PLATFORM(COCOA)
void registerNotificationObservers();
@@ -532,7 +531,6 @@
String m_overrideDiskCacheDirectory;
String m_overrideCookieStorageDirectory;
String m_overrideOpenGLCacheDirectory;
- String m_overrideMediaCacheDirectory;
String m_webSQLDatabaseDirectory;
String m_indexedDBDatabaseDirectory;
Modified: trunk/Source/WebKit2/UIProcess/efl/WebContextEfl.cpp (171942 => 171943)
--- trunk/Source/WebKit2/UIProcess/efl/WebContextEfl.cpp 2014-08-01 19:19:14 UTC (rev 171942)
+++ trunk/Source/WebKit2/UIProcess/efl/WebContextEfl.cpp 2014-08-01 19:19:22 UTC (rev 171943)
@@ -138,7 +138,7 @@
return String();
}
-String WebContext::platformMediaCacheDirectory() const
+String WebContext::containerTemporaryDirectory() const
{
notImplemented();
return String();
Modified: trunk/Source/WebKit2/UIProcess/gtk/WebContextGtk.cpp (171942 => 171943)
--- trunk/Source/WebKit2/UIProcess/gtk/WebContextGtk.cpp 2014-08-01 19:19:14 UTC (rev 171942)
+++ trunk/Source/WebKit2/UIProcess/gtk/WebContextGtk.cpp 2014-08-01 19:19:22 UTC (rev 171943)
@@ -154,7 +154,7 @@
return String();
}
-String WebContext::platformMediaCacheDirectory() const
+String WebContext::containerTemporaryDirectory() const
{
notImplemented();
return String();
Modified: trunk/Source/WebKit2/UIProcess/mac/WebContextMac.mm (171942 => 171943)
--- trunk/Source/WebKit2/UIProcess/mac/WebContextMac.mm 2014-08-01 19:19:14 UTC (rev 171942)
+++ trunk/Source/WebKit2/UIProcess/mac/WebContextMac.mm 2014-08-01 19:19:22 UTC (rev 171943)
@@ -323,16 +323,10 @@
#endif
}
-String WebContext::platformMediaCacheDirectory() const
+String WebContext::containerTemporaryDirectory() const
{
-#if PLATFORM(IOS)
String path = NSTemporaryDirectory();
- path = path + "/MediaCache";
return stringByResolvingSymlinksInPath(path);
-#else
- notImplemented();
- return [@"" stringByStandardizingPath];
-#endif
}
String WebContext::platformDefaultWebSQLDatabaseDirectory()
Modified: trunk/Source/WebKit2/WebProcess/cocoa/WebProcessCocoa.mm (171942 => 171943)
--- trunk/Source/WebKit2/WebProcess/cocoa/WebProcessCocoa.mm 2014-08-01 19:19:14 UTC (rev 171942)
+++ trunk/Source/WebKit2/WebProcess/cocoa/WebProcessCocoa.mm 2014-08-01 19:19:22 UTC (rev 171943)
@@ -169,7 +169,7 @@
SandboxExtension::consumePermanently(parameters.diskCacheDirectoryExtensionHandle);
SandboxExtension::consumePermanently(parameters.cookieStorageDirectoryExtensionHandle);
SandboxExtension::consumePermanently(parameters.openGLCacheDirectoryExtensionHandle);
- SandboxExtension::consumePermanently(parameters.mediaCacheDirectoryExtensionHandle);
+ SandboxExtension::consumePermanently(parameters.containerTemporaryDirectoryExtensionHandle);
#endif
// When the network process is enabled, each web process wants a stand-alone
