WebKit Bugzilla
Attachment 339795 Details for
Bug 185410
: Check X-Frame-Options and CSP frame-ancestors in network process
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
Patch
bug-185410-20180507205731.patch (text/plain), 47.04 KB, created by
Daniel Bates
on 2018-05-07 20:57:32 PDT
(
hide
)
Description:
Patch
Filename:
MIME Type:
Creator:
Daniel Bates
Created:
2018-05-07 20:57:32 PDT
Size:
47.04 KB
patch
obsolete
>Subversion Revision: 231403 >diff --git a/Source/JavaScriptCore/ChangeLog b/Source/JavaScriptCore/ChangeLog >index fb2176fa3b51d9f8651b978d2fc78ae7bba88687..6952060a100a2a815e48cdca08224bf761ec039e 100644 >--- a/Source/JavaScriptCore/ChangeLog >+++ b/Source/JavaScriptCore/ChangeLog >@@ -1,3 +1,15 @@ >+2018-05-07 Daniel Bates <dabates@apple.com> >+ >+ Check X-Frame-Options and CSP frame-ancestors in network process >+ https://bugs.webkit.org/show_bug.cgi?id=185410 >+ <rdar://problem/37733934> >+ >+ Reviewed by NOBODY (OOPS!). >+ >+ Add enum traits for MessageSource and MessageLevel so that we can encode and decode them for IPC. >+ >+ * runtime/ConsoleTypes.h: >+ > 2018-05-06 Yusuke Suzuki <utatane.tea@gmail.com> > > [JSC] Remove "using namespace std;" from JSC, bmalloc, WTF >diff --git a/Source/WebCore/ChangeLog b/Source/WebCore/ChangeLog >index 8092e15c2448597ba16de528f3f55b4b94985066..07f59a26ac217fdf6f3b7c1f4f2927fc4c189852 100644 >--- a/Source/WebCore/ChangeLog >+++ b/Source/WebCore/ChangeLog >@@ -1,5 +1,41 @@ > 2018-05-07 Daniel Bates <dabates@apple.com> > >+ Check X-Frame-Options and CSP frame-ancestors in network process >+ https://bugs.webkit.org/show_bug.cgi?id=185410 >+ <rdar://problem/37733934> >+ >+ Reviewed by NOBODY (OOPS!). >+ >+ * WebCore.xcodeproj/project.pbxproj: Make PingLoader.h a private header so that we can include it in WebKit. >+ * loader/DocumentLoader.cpp: >+ (WebCore::DocumentLoader::responseReceived): Only check CSP frame-ancestors and X-Frame-Options here if >+ we are not checking them in the NetworkProcess and HTTP response access is restricted. I code is otherwise kept >+ unchanged. There may be opportunities to clean this code up more and share more of it. We should look into this >+ in subsequent bugs. >+ * loader/DocumentLoader.h: Change visibility of stopLoadingAfterXFrameOptionsOrContentSecurityPolicyDenied() from >+ private to public and export it so that we can call it from the WebKit. >+ * loader/PingLoader.h: >+ * page/Settings.yaml: Add a new setting called networkProcessCSPFrameAncestorsCheckingEnabled (defaults: false) >+ and is hardcoded in WebPage.cpp to be enabled. This setting is used to determine if we will be using the NetworkProcess. >+ Ideally we wouldn't have this setting and just key off RuntimeEnabledFeatures::sharedFeatures().restrictedHTTPResponseAccess(). >+ However RuntimeEnabledFeatures::sharedFeatures().restrictedHTTPResponseAccess() is always enabled in WebKit Legacy >+ at the time of writing (why?). And, strangely, RuntimeEnabledFeatures::sharedFeatures().restrictedHTTPResponseAccess() >+ is conditionally enabled in WebKit. For now, we add a new setting, networkProcessCSPFrameAncestorsCheckingEnabled, >+ to determine if CSP checking should be performed in NetworkProcess. For checking to actually happen in NetworkProcess >+ and not in DocumentLoader::responseReceived() RuntimeEnabledFeatures::sharedFeatures().restrictedHTTPResponseAccess() >+ will also need to be enabled. >+ * page/csp/ContentSecurityPolicy.cpp: >+ (WebCore::ContentSecurityPolicy::allowFrameAncestors const): Added a variant that takes a vector of ancestor origins. >+ * page/csp/ContentSecurityPolicy.h: >+ * page/csp/ContentSecurityPolicyDirectiveList.cpp: >+ (WebCore::checkFrameAncestors): Ditto. >+ (WebCore::ContentSecurityPolicyDirectiveList::violatedDirectiveForFrameAncestorOrigins const): Ditto. >+ * page/csp/ContentSecurityPolicyDirectiveList.h: Export constructor so that we can invoke it from NetworkResourceLoader::shouldInterruptLoadForCSPFrameAncestorsOrXFrameOptions(). >+ * page/csp/ContentSecurityPolicyResponseHeaders.h: >+ * platform/network/HTTPParsers.h: Export XFrameOptionsDisposition() so that we can use in WebKit. >+ >+2018-05-07 Daniel Bates <dabates@apple.com> >+ > Abstract logic to log console messages and send CSP violation reports into a client > https://bugs.webkit.org/show_bug.cgi?id=185393 > <rdar://problem/40036053> >diff --git a/Source/WebKit/ChangeLog b/Source/WebKit/ChangeLog >index b61e1f32b3e4e66428a742d8279bcebfc93dad59..840c75d0b82264cbb8cdd5fa01e0b823d2288f2f 100644 >--- a/Source/WebKit/ChangeLog >+++ b/Source/WebKit/ChangeLog >@@ -1,5 +1,43 @@ > 2018-05-07 Daniel Bates <dabates@apple.com> > >+ Check X-Frame-Options and CSP frame-ancestors in network process >+ https://bugs.webkit.org/show_bug.cgi?id=185410 >+ <rdar://problem/37733934> >+ >+ Reviewed by NOBODY (OOPS!). >+ >+ * NetworkProcess/NetworkResourceLoadParameters.cpp: >+ (WebKit::NetworkResourceLoadParameters::encode const): >+ (WebKit::NetworkResourceLoadParameters::decode): >+ * NetworkProcess/NetworkResourceLoader.cpp: >+ (WebKit::NetworkResourceLoader::shouldInterruptLoadForXFrameOptions): >+ (WebKit::NetworkResourceLoader::shouldInterruptLoadForCSPFrameAncestorsOrXFrameOptions): >+ (WebKit::NetworkResourceLoader::didReceiveResponse): >+ (WebKit::NetworkResourceLoader::didRetrieveCacheEntry): >+ (NetworkResourceLoader::addConsoleMessage): >+ (NetworkResourceLoader::sendCSPViolationReport): >+ * NetworkProcess/NetworkResourceLoader.h: >+ * Scripts/webkit/messages.py: >+ * WebProcess/Network/NetworkProcessConnection.cpp: >+ (WebKit::NetworkProcessConnection::didReceiveMessage): >+ * WebProcess/Network/WebLoaderStrategy.cpp: >+ (WebKit::WebLoaderStrategy::scheduleLoadFromNetworkProcess): >+ * WebProcess/Network/WebResourceLoader.cpp: >+ (WebKit::WebResourceLoader::stopLoadingAfterXFrameOptionsOrContentSecurityPolicyDenied): >+ * WebProcess/Network/WebResourceLoader.h: >+ * WebProcess/Network/WebResourceLoader.messages.in: >+ * WebProcess/WebPage/WebFrame.cpp: >+ (WebKit::WebFrame::addConsoleMessage): >+ * WebProcess/WebPage/WebFrame.h: >+ * WebProcess/WebPage/WebPage.cpp: >+ (WebKit::m_credentialsMessenger): >+ (WebKit::WebPage::addConsoleMessage): >+ (WebKit::WebPage::sendCSPViolationReport): >+ * WebProcess/WebPage/WebPage.h: >+ * WebProcess/WebPage/WebPage.messages.in: >+ >+2018-05-07 Daniel Bates <dabates@apple.com> >+ > Abstract logic to log console messages and send CSP violation reports into a client > https://bugs.webkit.org/show_bug.cgi?id=185393 > <rdar://problem/40036053> >diff --git a/Source/JavaScriptCore/runtime/ConsoleTypes.h b/Source/JavaScriptCore/runtime/ConsoleTypes.h >index 7ca2fe7c7fcdf4cee0b8005e14b0b3ae896c465d..3dfec02b550b3fcf2e7f561bd56a3e65f2368339 100644 >--- a/Source/JavaScriptCore/runtime/ConsoleTypes.h >+++ b/Source/JavaScriptCore/runtime/ConsoleTypes.h >@@ -25,6 +25,8 @@ > > #pragma once > >+#include <wtf/EnumTraits.h> >+ > namespace JSC { > > enum class MessageSource { >@@ -69,6 +71,40 @@ enum class MessageLevel { > > } // namespace JSC > >+namespace WTF { >+ >+template<> struct EnumTraits<JSC::MessageSource> { >+ using values = EnumValues< >+ JSC::MessageSource, >+ JSC::MessageSource::XML, >+ JSC::MessageSource::JS, >+ JSC::MessageSource::Network, >+ JSC::MessageSource::ConsoleAPI, >+ JSC::MessageSource::Storage, >+ JSC::MessageSource::AppCache, >+ JSC::MessageSource::Rendering, >+ JSC::MessageSource::CSS, >+ JSC::MessageSource::Security, >+ JSC::MessageSource::ContentBlocker, >+ JSC::MessageSource::Other, >+ JSC::MessageSource::Media, >+ JSC::MessageSource::WebRTC >+ >; >+}; >+ >+template<> struct EnumTraits<JSC::MessageLevel> { >+ using values = EnumValues< >+ JSC::MessageLevel, >+ JSC::MessageLevel::Log, >+ JSC::MessageLevel::Warning, >+ JSC::MessageLevel::Error, >+ JSC::MessageLevel::Debug, >+ JSC::MessageLevel::Info >+ >; >+}; >+ >+} // namespace WTF >+ > using JSC::MessageSource; > using JSC::MessageType; > using JSC::MessageLevel; >diff --git a/Source/WebCore/WebCore.xcodeproj/project.pbxproj b/Source/WebCore/WebCore.xcodeproj/project.pbxproj >index f9bdb8f9c38e4359182546553ebff218c812bca4..851104a8c73ec3952d3b65d8f2b0d20358949b00 100644 >--- a/Source/WebCore/WebCore.xcodeproj/project.pbxproj >+++ b/Source/WebCore/WebCore.xcodeproj/project.pbxproj >@@ -4111,7 +4111,7 @@ > D0BC54491443AC4A00E105DA /* CachedStyleSheetClient.h in Headers */ = {isa = PBXBuildFile; fileRef = D0BC54481443AC4A00E105DA /* CachedStyleSheetClient.h */; settings = {ATTRIBUTES = (Private, ); }; }; > D0BD4F5D1408850F006839B6 /* DictationCommandIOS.h in Headers */ = {isa = PBXBuildFile; fileRef = D0BD4F5B1408850F006839B6 /* DictationCommandIOS.h */; }; > D0EDA775143E303C0028E383 /* CachedRawResource.h in Headers */ = {isa = PBXBuildFile; fileRef = D0EDA773143E303C0028E383 /* CachedRawResource.h */; settings = {ATTRIBUTES = (Private, ); }; }; >- D0FF2A5E11F8C45A007E74E0 /* PingLoader.h in Headers */ = {isa = PBXBuildFile; fileRef = D0FF2A5C11F8C45A007E74E0 /* PingLoader.h */; }; >+ D0FF2A5E11F8C45A007E74E0 /* PingLoader.h in Headers */ = {isa = PBXBuildFile; fileRef = D0FF2A5C11F8C45A007E74E0 /* PingLoader.h */; settings = {ATTRIBUTES = (Private, ); }; }; > D302754A12A5FE84004BD828 /* RenderDetailsMarker.h in Headers */ = {isa = PBXBuildFile; fileRef = D302754612A5FE84004BD828 /* RenderDetailsMarker.h */; }; > D359D78A129CA2710006E5D2 /* HTMLDetailsElement.h in Headers */ = {isa = PBXBuildFile; fileRef = D359D787129CA2710006E5D2 /* HTMLDetailsElement.h */; }; > D359D8BF129CA55C0006E5D2 /* JSHTMLDetailsElement.h in Headers */ = {isa = PBXBuildFile; fileRef = D359D8BD129CA55C0006E5D2 /* JSHTMLDetailsElement.h */; }; >diff --git a/Source/WebCore/loader/DocumentLoader.cpp b/Source/WebCore/loader/DocumentLoader.cpp >index 954ba777346a04be66c40a94c6701ed031221f3d..04b34e5503901cba3a05440259509f1a51ad52c4 100644 >--- a/Source/WebCore/loader/DocumentLoader.cpp >+++ b/Source/WebCore/loader/DocumentLoader.cpp >@@ -766,26 +766,27 @@ void DocumentLoader::responseReceived(const ResourceResponse& response, Completi > ASSERT(m_identifierForLoadWithoutResourceLoader || m_mainResource); > unsigned long identifier = m_identifierForLoadWithoutResourceLoader ? m_identifierForLoadWithoutResourceLoader : m_mainResource->identifier(); > ASSERT(identifier); >- >- auto url = response.url(); >- >- ContentSecurityPolicy contentSecurityPolicy(URL { url }, this); >- contentSecurityPolicy.didReceiveHeaders(ContentSecurityPolicyResponseHeaders { response }, m_request.httpReferrer()); >- if (!contentSecurityPolicy.allowFrameAncestors(*m_frame, url)) { >- stopLoadingAfterXFrameOptionsOrContentSecurityPolicyDenied(identifier, response); >- return; >- } > >- const auto& commonHeaders = response.httpHeaderFields().commonHeaders(); >- auto it = commonHeaders.find(HTTPHeaderName::XFrameOptions); >- if (it != commonHeaders.end()) { >- String content = it->value; >- if (frameLoader()->shouldInterruptLoadForXFrameOptions(content, url, identifier)) { >- String message = "Refused to display '" + url.stringCenterEllipsizedToLength() + "' in a frame because it set 'X-Frame-Options' to '" + content + "'."; >- m_frame->document()->addConsoleMessage(MessageSource::Security, MessageLevel::Error, message, identifier); >+ if (!m_frame->settings().networkProcessCSPFrameAncestorsCheckingEnabled() || !RuntimeEnabledFeatures::sharedFeatures().restrictedHTTPResponseAccess()) { >+ auto url = response.url(); >+ ContentSecurityPolicy contentSecurityPolicy(URL { url }, this); >+ contentSecurityPolicy.didReceiveHeaders(ContentSecurityPolicyResponseHeaders { response }, m_request.httpReferrer()); >+ if (!contentSecurityPolicy.allowFrameAncestors(*m_frame, url)) { > stopLoadingAfterXFrameOptionsOrContentSecurityPolicyDenied(identifier, response); > return; > } >+ >+ const auto& commonHeaders = response.httpHeaderFields().commonHeaders(); >+ auto it = commonHeaders.find(HTTPHeaderName::XFrameOptions); >+ if (it != commonHeaders.end()) { >+ String content = it->value; >+ if (frameLoader()->shouldInterruptLoadForXFrameOptions(content, url, identifier)) { >+ String message = "Refused to display '" + url.stringCenterEllipsizedToLength() + "' in a frame because it set 'X-Frame-Options' to '" + content + "'."; >+ m_frame->document()->addConsoleMessage(MessageSource::Security, MessageLevel::Error, message, identifier); >+ stopLoadingAfterXFrameOptionsOrContentSecurityPolicyDenied(identifier, response); >+ return; >+ } >+ } > } > > // There is a bug in CFNetwork where callbacks can be dispatched even when loads are deferred. >diff --git a/Source/WebCore/loader/DocumentLoader.h b/Source/WebCore/loader/DocumentLoader.h >index 00f6dca355e3d19c4ae8a6a8b666fc7c3b59cf4d..071ef64aca93ea444369f0986f8ad4caf78ed0bb 100644 >--- a/Source/WebCore/loader/DocumentLoader.h >+++ b/Source/WebCore/loader/DocumentLoader.h >@@ -253,6 +253,7 @@ public: > > void stopLoadingPlugIns(); > void stopLoadingSubresources(); >+ WEBCORE_EXPORT void stopLoadingAfterXFrameOptionsOrContentSecurityPolicyDenied(unsigned long identifier, const ResourceResponse&); > > bool userContentExtensionsEnabled() const { return m_userContentExtensionsEnabled; } > void setUserContentExtensionsEnabled(bool enabled) { m_userContentExtensionsEnabled = enabled; } >@@ -384,8 +385,6 @@ private: > void stopLoadingForPolicyChange(); > ResourceError interruptedForPolicyChangeError() const; > >- void stopLoadingAfterXFrameOptionsOrContentSecurityPolicyDenied(unsigned long identifier, const ResourceResponse&); >- > #if HAVE(RUNLOOP_TIMER) > typedef RunLoopTimer<DocumentLoader> DocumentLoaderTimer; > #else >diff --git a/Source/WebCore/loader/PingLoader.h b/Source/WebCore/loader/PingLoader.h >index 175a470a5904a5feb70804a5d6a0ced0342b7ec1..15489dcf04bf1ded7886ef8c08617ddbc13d9a18 100644 >--- a/Source/WebCore/loader/PingLoader.h >+++ b/Source/WebCore/loader/PingLoader.h >@@ -52,7 +52,7 @@ class PingLoader { > public: > static void loadImage(Frame&, const URL&); > static void sendPing(Frame&, const URL& pingURL, const URL& destinationURL); >- static void sendViolationReport(Frame&, const URL& reportURL, Ref<FormData>&& report, ViolationReportType); >+ WEBCORE_EXPORT static void sendViolationReport(Frame&, const URL& reportURL, Ref<FormData>&& report, ViolationReportType); > > private: > enum class ShouldFollowRedirects { No, Yes }; >diff --git a/Source/WebCore/page/Settings.yaml b/Source/WebCore/page/Settings.yaml >index e2e4c7cf92f428d7c80866b8c64f97a7612e1107..5a2ca70e7558e8768ed8d39bead100a4ec3fe1d2 100644 >--- a/Source/WebCore/page/Settings.yaml >+++ b/Source/WebCore/page/Settings.yaml >@@ -313,6 +313,8 @@ forceUpdateScrollbarsOnMainThreadForPerformanceTesting: > initial: false > notificationsEnabled: > initial: true >+networkProcessCSPFrameAncestorsCheckingEnabled: >+ initial: false > > # Some apps needs isLoadingInAPISense to account for active subresource loaders. > needsIsLoadingInAPISenseQuirk: >diff --git a/Source/WebCore/page/csp/ContentSecurityPolicy.cpp b/Source/WebCore/page/csp/ContentSecurityPolicy.cpp >index c78c5fb98dbcadd2646209bd7c1e9fcddbe84bfd..bd27f213d34335a19d388a7be4f502f1599878b4 100644 >--- a/Source/WebCore/page/csp/ContentSecurityPolicy.cpp >+++ b/Source/WebCore/page/csp/ContentSecurityPolicy.cpp >@@ -477,6 +477,22 @@ bool ContentSecurityPolicy::allowFrameAncestors(const Frame& frame, const URL& u > return allPoliciesAllow(WTFMove(handleViolatedDirective), &ContentSecurityPolicyDirectiveList::violatedDirectiveForFrameAncestor, frame); > } > >+bool ContentSecurityPolicy::allowFrameAncestors(const Vector<RefPtr<SecurityOrigin>>& ancestorOrigins, const URL& url, bool overrideContentSecurityPolicy) const >+{ >+ if (overrideContentSecurityPolicy) >+ return true; >+ RELEASE_ASSERT_WITH_SECURITY_IMPLICATION(!ancestorOrigins.isEmpty()); >+ if (ancestorOrigins.size() == 1) >+ return true; // The top-most frame is always allowed. >+ String sourceURL; >+ TextPosition sourcePosition(WTF::OrdinalNumber::beforeFirst(), WTF::OrdinalNumber()); >+ auto handleViolatedDirective = [&] (const ContentSecurityPolicyDirective& violatedDirective) { >+ String consoleMessage = consoleMessageForViolation(ContentSecurityPolicyDirectiveNames::frameAncestors, violatedDirective, url, "Refused to load"); >+ reportViolation(ContentSecurityPolicyDirectiveNames::frameAncestors, violatedDirective, url, consoleMessage, sourceURL, sourcePosition); >+ }; >+ return allPoliciesAllow(WTFMove(handleViolatedDirective), &ContentSecurityPolicyDirectiveList::violatedDirectiveForFrameAncestorOrigins, ancestorOrigins); >+} >+ > bool ContentSecurityPolicy::allowPluginType(const String& type, const String& typeAttribute, const URL& url, bool overrideContentSecurityPolicy) const > { > if (overrideContentSecurityPolicy) >diff --git a/Source/WebCore/page/csp/ContentSecurityPolicy.h b/Source/WebCore/page/csp/ContentSecurityPolicy.h >index 543ec093c47052ccb18a71469b6f86c38d341b1b..9125080888c9935db7262b5e8feeb18ff809d09d 100644 >--- a/Source/WebCore/page/csp/ContentSecurityPolicy.h >+++ b/Source/WebCore/page/csp/ContentSecurityPolicy.h >@@ -97,6 +97,7 @@ public: > bool allowPluginType(const String& type, const String& typeAttribute, const URL&, bool overrideContentSecurityPolicy = false) const; > > bool allowFrameAncestors(const Frame&, const URL&, bool overrideContentSecurityPolicy = false) const; >+ WEBCORE_EXPORT bool allowFrameAncestors(const Vector<RefPtr<SecurityOrigin>>& ancestorOrigins, const URL&, bool overrideContentSecurityPolicy = false) const; > > enum class RedirectResponseReceived { No, Yes }; > bool allowScriptFromSource(const URL&, RedirectResponseReceived = RedirectResponseReceived::No) const; >diff --git a/Source/WebCore/page/csp/ContentSecurityPolicyDirectiveList.cpp b/Source/WebCore/page/csp/ContentSecurityPolicyDirectiveList.cpp >index 57763957293a43b2b33f5cd0f72187747483bb7a..f7b2f90d746003fdaa449bd97cc87f1aecd82ce6 100644 >--- a/Source/WebCore/page/csp/ContentSecurityPolicyDirectiveList.cpp >+++ b/Source/WebCore/page/csp/ContentSecurityPolicyDirectiveList.cpp >@@ -83,6 +83,20 @@ static inline bool checkFrameAncestors(ContentSecurityPolicySourceListDirective* > return true; > } > >+static inline bool checkFrameAncestors(ContentSecurityPolicySourceListDirective* directive, const Vector<RefPtr<SecurityOrigin>>& ancestorOrigins) >+{ >+ if (!directive) >+ return true; >+ bool didReceiveRedirectResponse = false; >+ auto end = ancestorOrigins.end(); >+ for (auto it = ancestorOrigins.begin() + 1; it != end; ++it) { >+ URL origin { URL { }, (*it)->toString() }; >+ if (!origin.isValid() || !directive->allows(origin, didReceiveRedirectResponse, ContentSecurityPolicySourceListDirective::ShouldAllowEmptyURLIfSourceListIsNotNone::No)) >+ return false; >+ } >+ return true; >+} >+ > static inline bool checkMediaType(ContentSecurityPolicyMediaListDirective* directive, const String& type, const String& typeAttribute) > { > if (!directive) >@@ -236,6 +250,13 @@ const ContentSecurityPolicyDirective* ContentSecurityPolicyDirectiveList::violat > return m_frameAncestors.get(); > } > >+const ContentSecurityPolicyDirective* ContentSecurityPolicyDirectiveList::violatedDirectiveForFrameAncestorOrigins(const Vector<RefPtr<SecurityOrigin>>& ancestorOrigins) const >+{ >+ if (checkFrameAncestors(m_frameAncestors.get(), ancestorOrigins)) >+ return nullptr; >+ return m_frameAncestors.get(); >+} >+ > const ContentSecurityPolicyDirective* ContentSecurityPolicyDirectiveList::violatedDirectiveForImage(const URL& url, bool didReceiveRedirectResponse) const > { > ContentSecurityPolicySourceListDirective* operativeDirective = this->operativeDirective(m_imgSrc.get()); >diff --git a/Source/WebCore/page/csp/ContentSecurityPolicyDirectiveList.h b/Source/WebCore/page/csp/ContentSecurityPolicyDirectiveList.h >index 91261fa177fee3e5abd82b709a9e48e53d14bcca..2907250f0eb1dc4fd08fb2072c68337b28d7b026 100644 >--- a/Source/WebCore/page/csp/ContentSecurityPolicyDirectiveList.h >+++ b/Source/WebCore/page/csp/ContentSecurityPolicyDirectiveList.h >@@ -62,6 +62,7 @@ public: > const ContentSecurityPolicyDirective* violatedDirectiveForFormAction(const URL&, bool didReceiveRedirectResponse) const; > const ContentSecurityPolicyDirective* violatedDirectiveForFrame(const URL&, bool didReceiveRedirectResponse) const; > const ContentSecurityPolicyDirective* violatedDirectiveForFrameAncestor(const Frame&) const; >+ const ContentSecurityPolicyDirective* violatedDirectiveForFrameAncestorOrigins(const Vector<RefPtr<SecurityOrigin>>&) const; > const ContentSecurityPolicyDirective* violatedDirectiveForImage(const URL&, bool didReceiveRedirectResponse) const; > #if ENABLE(APPLICATION_MANIFEST) > const ContentSecurityPolicyDirective* violatedDirectiveForManifest(const URL&, bool didReceiveRedirectResponse) const; >diff --git a/Source/WebCore/page/csp/ContentSecurityPolicyResponseHeaders.h b/Source/WebCore/page/csp/ContentSecurityPolicyResponseHeaders.h >index 4323fe668b6d5c49f45fdba46d2581ca1e95572a..7d4eea7f5ebe53e1c95a8514be3b369403bac402 100644 >--- a/Source/WebCore/page/csp/ContentSecurityPolicyResponseHeaders.h >+++ b/Source/WebCore/page/csp/ContentSecurityPolicyResponseHeaders.h >@@ -43,7 +43,7 @@ enum class ContentSecurityPolicyHeaderType { > class ContentSecurityPolicyResponseHeaders { > public: > ContentSecurityPolicyResponseHeaders() = default; >- explicit ContentSecurityPolicyResponseHeaders(const ResourceResponse&); >+ WEBCORE_EXPORT explicit ContentSecurityPolicyResponseHeaders(const ResourceResponse&); > > ContentSecurityPolicyResponseHeaders isolatedCopy() const; > >diff --git a/Source/WebCore/platform/network/HTTPParsers.h b/Source/WebCore/platform/network/HTTPParsers.h >index 90bcd18a0ee092cdf6cfe8a22b9b89d5b02713ec..e14fc040c69e42759259266d4695132b25ea6f0a 100644 >--- a/Source/WebCore/platform/network/HTTPParsers.h >+++ b/Source/WebCore/platform/network/HTTPParsers.h >@@ -84,7 +84,7 @@ String extractCharsetFromMediaType(const String&); > void findCharsetInMediaType(const String& mediaType, unsigned int& charsetPos, unsigned int& charsetLen, unsigned int start = 0); > XSSProtectionDisposition parseXSSProtectionHeader(const String& header, String& failureReason, unsigned& failurePosition, String& reportURL); > AtomicString extractReasonPhraseFromHTTPStatusLine(const String&); >-XFrameOptionsDisposition parseXFrameOptionsHeader(const String&); >+WEBCORE_EXPORT XFrameOptionsDisposition parseXFrameOptionsHeader(const String&); > > // -1 could be set to one of the return parameters to indicate the value is not specified. > WEBCORE_EXPORT bool parseRange(const String&, long long& rangeOffset, long long& rangeEnd, long long& rangeSuffixLength); >diff --git a/Source/WebKit/NetworkProcess/NetworkResourceLoadParameters.cpp b/Source/WebKit/NetworkProcess/NetworkResourceLoadParameters.cpp >index 07e8e71dc3eb8f7555dc06c0df42ff6d6f0aae0f..86b7b50788d125c20672beb8a1bf392d26407689 100644 >--- a/Source/WebKit/NetworkProcess/NetworkResourceLoadParameters.cpp >+++ b/Source/WebKit/NetworkProcess/NetworkResourceLoadParameters.cpp >@@ -98,8 +98,8 @@ void NetworkResourceLoadParameters::encode(IPC::Encoder& encoder) const > encoder.encodeEnum(preflightPolicy); > > encoder << shouldEnableFromOriginResponseHeader; >- if (shouldEnableFromOriginResponseHeader) >- encoder << frameAncestorOrigins; >+ >+ encoder << frameAncestorOrigins; > > #if ENABLE(CONTENT_EXTENSIONS) > encoder << mainDocumentURL; >@@ -210,10 +210,9 @@ bool NetworkResourceLoadParameters::decode(IPC::Decoder& decoder, NetworkResourc > if (!shouldEnableFromOriginResponseHeader) > return false; > result.shouldEnableFromOriginResponseHeader = *shouldEnableFromOriginResponseHeader; >- if (result.shouldEnableFromOriginResponseHeader) { >- if (!decoder.decode(result.frameAncestorOrigins)) >- return false; >- } >+ >+ if (!decoder.decode(result.frameAncestorOrigins)) >+ return false; > > #if ENABLE(CONTENT_EXTENSIONS) > if (!decoder.decode(result.mainDocumentURL)) >diff --git a/Source/WebKit/NetworkProcess/NetworkResourceLoader.cpp b/Source/WebKit/NetworkProcess/NetworkResourceLoader.cpp >index 1f7840372e9a6e3b1067bc054d048c1b6c254adb..14a013110e2d861c3b2e1d9e79260483c5ed9ff8 100644 >--- a/Source/WebKit/NetworkProcess/NetworkResourceLoader.cpp >+++ b/Source/WebKit/NetworkProcess/NetworkResourceLoader.cpp >@@ -27,6 +27,7 @@ > #include "NetworkResourceLoader.h" > > #include "DataReference.h" >+#include "FormDataReference.h" > #include "Logging.h" > #include "NetworkBlobRegistry.h" > #include "NetworkCache.h" >@@ -38,10 +39,13 @@ > #include "SessionTracker.h" > #include "WebCoreArgumentCoders.h" > #include "WebErrors.h" >+#include "WebPageMessages.h" > #include "WebResourceLoaderMessages.h" > #include "WebsiteDataStoreParameters.h" >+#include <JavaScriptCore/ConsoleTypes.h> > #include <WebCore/BlobDataFileReference.h> > #include <WebCore/CertificateInfo.h> >+#include <WebCore/ContentSecurityPolicy.h> > #include <WebCore/DiagnosticLoggingKeys.h> > #include <WebCore/HTTPHeaderNames.h> > #include <WebCore/HTTPParsers.h> >@@ -395,6 +399,53 @@ static ResourceError fromOriginResourceError(const URL& url) > return { errorDomainWebKitInternal, 0, url, ASCIILiteral { "Cancelled load because it violates the resource's From-Origin response header." }, ResourceError::Type::AccessControl }; > } > >+bool NetworkResourceLoader::shouldInterruptLoadForXFrameOptions(const String& xFrameOptions, const URL& url) >+{ >+ if (isMainFrameLoad()) >+ return false; >+ >+ XFrameOptionsDisposition disposition = parseXFrameOptionsHeader(xFrameOptions); >+ >+ switch (disposition) { >+ case XFrameOptionsNone: >+ case XFrameOptionsAllowAll: >+ return false; >+ case XFrameOptionsDeny: >+ return true; >+ case XFrameOptionsSameOrigin: >+ return !SecurityOrigin::create(url)->isSameSchemeHostPort(*m_parameters.sourceOrigin); >+ case XFrameOptionsConflict: { >+ String errorMessage = "Multiple 'X-Frame-Options' headers with conflicting values ('" + xFrameOptions + "') encountered when loading '" + url.stringCenterEllipsizedToLength() + "'. Falling back to 'DENY'."; >+ send(Messages::WebPage::AddConsoleMessage { m_parameters.webFrameID, MessageSource::JS, MessageLevel::Error, errorMessage, identifier() }, m_parameters.webPageID); >+ return true; >+ } >+ case XFrameOptionsInvalid: { >+ String errorMessage = "Invalid 'X-Frame-Options' header encountered when loading '" + url.stringCenterEllipsizedToLength() + "': '" + xFrameOptions + "' is not a recognized directive. The header will be ignored."; >+ send(Messages::WebPage::AddConsoleMessage { m_parameters.webFrameID, MessageSource::JS, MessageLevel::Error, errorMessage, identifier() }, m_parameters.webPageID); >+ return false; >+ } >+ } >+ ASSERT_NOT_REACHED(); >+ return false; >+} >+ >+bool NetworkResourceLoader::shouldInterruptLoadForCSPFrameAncestorsOrXFrameOptions(const ResourceResponse& response) >+{ >+ ASSERT(isMainResource()); >+ auto url = response.url(); >+ ContentSecurityPolicy contentSecurityPolicy { URL { url }, this }; >+ contentSecurityPolicy.didReceiveHeaders(ContentSecurityPolicyResponseHeaders { response }, originalRequest().httpReferrer()); >+ if (!contentSecurityPolicy.allowFrameAncestors(m_parameters.frameAncestorOrigins, url)) >+ return true; >+ String xFrameOptions = m_response.httpHeaderField(HTTPHeaderName::XFrameOptions); >+ if (!xFrameOptions.isNull() && shouldInterruptLoadForXFrameOptions(xFrameOptions, response.url())) { >+ String errorMessage = "Refused to display '" + response.url().stringCenterEllipsizedToLength() + "' in a frame because it set 'X-Frame-Options' to '" + xFrameOptions + "'."; >+ send(Messages::WebPage::AddConsoleMessage { m_parameters.webFrameID, MessageSource::Security, MessageLevel::Error, errorMessage, identifier() }, m_parameters.webPageID); >+ return true; >+ } >+ return false; >+} >+ > auto NetworkResourceLoader::didReceiveResponse(ResourceResponse&& receivedResponse) -> ShouldContinueDidReceiveResponse > { > RELEASE_LOG_IF_ALLOWED("didReceiveResponse: (pageID = %" PRIu64 ", frameID = %" PRIu64 ", resourceID = %" PRIu64 ", httpStatusCode = %d, length = %" PRId64 ")", m_parameters.webPageID, m_parameters.webFrameID, m_parameters.identifier, receivedResponse.httpStatusCode(), receivedResponse.expectedContentLength()); >@@ -427,16 +478,17 @@ auto NetworkResourceLoader::didReceiveResponse(ResourceResponse&& receivedRespon > ResourceError error; > if (m_parameters.shouldEnableFromOriginResponseHeader && shouldCancelCrossOriginLoad(m_response, m_parameters.frameAncestorOrigins)) > error = fromOriginResourceError(m_response.url()); >+ if (error.isNull() && isMainResource() && shouldInterruptLoadForCSPFrameAncestorsOrXFrameOptions(m_response)) { >+ send(Messages::WebResourceLoader::StopLoadingAfterXFrameOptionsOrContentSecurityPolicyDenied { }); >+ return ShouldContinueDidReceiveResponse::No; >+ } > if (error.isNull() && m_networkLoadChecker) > error = m_networkLoadChecker->validateResponse(m_response); > if (!error.isNull()) { >- // FIXME: We need to make a main resource load look successful to prevent leaking its existence. See <https://bugs.webkit.org/show_bug.cgi?id=185120>. > RunLoop::main().dispatch([protectedThis = makeRef(*this), error = WTFMove(error)] { > if (protectedThis->m_networkLoad) > protectedThis->didFailLoading(error); > }); >- // FIXME: We know that we are not going to continue this load. ShouldContinueDidReceiveResponse::No should only be returned when >- // the network process is waiting to receive message NetworkResourceLoader::ContinueDidReceiveResponse to continue a load. > return ShouldContinueDidReceiveResponse::No; > } > >@@ -726,7 +778,10 @@ void NetworkResourceLoader::didRetrieveCacheEntry(std::unique_ptr<NetworkCache:: > ResourceError error; > if (m_parameters.shouldEnableFromOriginResponseHeader && shouldCancelCrossOriginLoad(response, m_parameters.frameAncestorOrigins)) > error = fromOriginResourceError(response.url()); >- >+ if (error.isNull() && isMainResource() && shouldInterruptLoadForCSPFrameAncestorsOrXFrameOptions(response)) { >+ send(Messages::WebResourceLoader::StopLoadingAfterXFrameOptionsOrContentSecurityPolicyDenied { }); >+ return; >+ } > if (error.isNull() && m_networkLoadChecker) > error = m_networkLoadChecker->validateResponse(response); > >@@ -1040,4 +1095,14 @@ void NetworkResourceLoader::logCookieInformation(const String& label, const void > } > #endif > >+void NetworkResourceLoader::addConsoleMessage(MessageSource messageSource, MessageLevel messageLevel, const String& message, unsigned long) >+{ >+ send(Messages::WebPage::AddConsoleMessage { m_parameters.webFrameID, messageSource, messageLevel, message, identifier() }, m_parameters.webPageID); >+} >+ >+void NetworkResourceLoader::sendCSPViolationReport(URL&& reportURL, Ref<FormData>&& report) >+{ >+ send(Messages::WebPage::SendCSPViolationReport { m_parameters.webFrameID, WTFMove(reportURL), IPC::FormDataReference { WTFMove(report) } }, m_parameters.webPageID); >+} >+ > } // namespace WebKit >diff --git a/Source/WebKit/NetworkProcess/NetworkResourceLoader.h b/Source/WebKit/NetworkProcess/NetworkResourceLoader.h >index 57c540d7777faccdf3e815e8731a430bf6183dd0..b6a585eaf1d8a0c56af9fb802bc33bb2d66cb2f9 100644 >--- a/Source/WebKit/NetworkProcess/NetworkResourceLoader.h >+++ b/Source/WebKit/NetworkProcess/NetworkResourceLoader.h >@@ -32,13 +32,17 @@ > #include "NetworkLoadClient.h" > #include "NetworkResourceLoadParameters.h" > #include "ShareableResource.h" >+#include <JavaScriptCore/ConsoleTypes.h> >+#include <WebCore/ContentSecurityPolicyClient.h> > #include <WebCore/ResourceResponse.h> > #include <WebCore/Timer.h> > > namespace WebCore { > class BlobDataFileReference; >+class FormData; > class NetworkStorageSession; > class ResourceRequest; >+class SecurityPolicyViolationEvent; > } > > namespace WebKit { >@@ -52,7 +56,11 @@ namespace NetworkCache { > class Entry; > } > >-class NetworkResourceLoader final : public RefCounted<NetworkResourceLoader>, public NetworkLoadClient, public IPC::MessageSender { >+class NetworkResourceLoader final >+ : public RefCounted<NetworkResourceLoader> >+ , public NetworkLoadClient >+ , public IPC::MessageSender >+ , public WebCore::ContentSecurityPolicyClient { > public: > static Ref<NetworkResourceLoader> create(NetworkResourceLoadParameters&& parameters, NetworkConnectionToWebProcess& connection, RefPtr<Messages::NetworkConnectionToWebProcess::PerformSynchronousLoad::DelayedReply>&& reply = nullptr) > { >@@ -105,6 +113,8 @@ public: > void convertToDownload(DownloadID, const WebCore::ResourceRequest&, const WebCore::ResourceResponse&); > > bool isMainResource() const { return m_parameters.request.requester() == WebCore::ResourceRequest::Requester::Main; } >+ bool isMainFrameLoad() const { return isMainResource() && m_parameters.frameAncestorOrigins.size() == 1; } >+ > bool isAlwaysOnLoggingAllowed() const; > > #if HAVE(CFNETWORK_STORAGE_PARTITIONING) && !RELEASE_LOG_DISABLED >@@ -130,6 +140,9 @@ private: > void dispatchWillSendRequestForCacheEntry(std::unique_ptr<NetworkCache::Entry>); > void continueProcessingCachedEntryAfterDidReceiveResponse(std::unique_ptr<NetworkCache::Entry>); > >+ bool shouldInterruptLoadForXFrameOptions(const String&, const WebCore::URL&); >+ bool shouldInterruptLoadForCSPFrameAncestorsOrXFrameOptions(const WebCore::ResourceResponse&); >+ > enum class FirstLoad { No, Yes }; > void startNetworkLoad(WebCore::ResourceRequest&&, FirstLoad); > void continueDidReceiveResponse(); >@@ -159,6 +172,11 @@ private: > > WebCore::ResourceResponse sanitizeResponseIfPossible(WebCore::ResourceResponse&&, WebCore::ResourceResponse::SanitizationType); > >+ // ContentSecurityPolicyClient >+ void addConsoleMessage(MessageSource, MessageLevel, const String&, unsigned long) final; >+ void sendCSPViolationReport(WebCore::URL&&, Ref<WebCore::FormData>&&) final; >+ void dispatchSecurityPolicyViolationEvent(Ref<WebCore::SecurityPolicyViolationEvent>&&) final { }; // No observable effect for frame-ancestors violation. >+ > const NetworkResourceLoadParameters m_parameters; > > Ref<NetworkConnectionToWebProcess> m_connection; >diff --git a/Source/WebKit/Scripts/webkit/messages.py b/Source/WebKit/Scripts/webkit/messages.py >index 3ca1ff73f5f57e6a787977c627f54d1814267074..6ed46e925b5e591eaaa2935ddf059becfc11b678 100644 >--- a/Source/WebKit/Scripts/webkit/messages.py >+++ b/Source/WebKit/Scripts/webkit/messages.py >@@ -187,6 +187,8 @@ def forward_declarations_and_headers(receiver): > > no_forward_declaration_types = frozenset([ > 'MachSendRight', >+ 'MessageLevel', >+ 'MessageSource', > 'String', > 'WebCore::DocumentIdentifier', > 'WebCore::ServiceWorkerIdentifier', >@@ -368,6 +370,8 @@ def headers_for_type(type): > > special_cases = { > 'MachSendRight': ['<wtf/MachSendRight.h>'], >+ 'MessageLevel': ['<JavaScriptCore/ConsoleTypes.h>'], >+ 'MessageSource': ['<JavaScriptCore/ConsoleTypes.h>'], > 'MonotonicTime': ['<wtf/MonotonicTime.h>'], > 'Seconds': ['<wtf/Seconds.h>'], > 'WallTime': ['<wtf/WallTime.h>'], >diff --git a/Source/WebKit/WebProcess/Network/NetworkProcessConnection.cpp b/Source/WebKit/WebProcess/Network/NetworkProcessConnection.cpp >index 4b5e10418eda009ec21dfdf161ef4b3bde1ceb16..9a238ecfdeb93ac8988184066f1667b997aa505f 100644 >--- a/Source/WebKit/WebProcess/Network/NetworkProcessConnection.cpp >+++ b/Source/WebKit/WebProcess/Network/NetworkProcessConnection.cpp >@@ -35,6 +35,8 @@ > #include "WebCoreArgumentCoders.h" > #include "WebLoaderStrategy.h" > #include "WebMDNSRegisterMessages.h" >+#include "WebPage.h" >+#include "WebPageMessages.h" > #include "WebProcess.h" > #include "WebRTCMonitor.h" > #include "WebRTCMonitorMessages.h" >@@ -75,6 +77,11 @@ void NetworkProcessConnection::didReceiveMessage(IPC::Connection& connection, IP > stream->didReceiveMessage(connection, decoder); > return; > } >+ if (decoder.messageReceiverName() == Messages::WebPage::messageReceiverName()) { >+ if (auto* webPage = WebProcess::singleton().webPage(decoder.destinationID())) >+ webPage->didReceiveWebPageMessage(connection, decoder); >+ return; >+ } > > #if USE(LIBWEBRTC) > if (decoder.messageReceiverName() == Messages::WebRTCSocket::messageReceiverName()) { >diff --git a/Source/WebKit/WebProcess/Network/WebLoaderStrategy.cpp b/Source/WebKit/WebProcess/Network/WebLoaderStrategy.cpp >index b691fee2f08b3a608a4086e14236a2bc5ab9749e..6c32406f306876912a261604234ed361bcc975bc 100644 >--- a/Source/WebKit/WebProcess/Network/WebLoaderStrategy.cpp >+++ b/Source/WebKit/WebProcess/Network/WebLoaderStrategy.cpp >@@ -327,16 +327,11 @@ void WebLoaderStrategy::scheduleLoadFromNetworkProcess(ResourceLoader& resourceL > loadParameters.isMainFrameNavigation = resourceLoader.frame() && resourceLoader.frame()->isMainFrame() && resourceLoader.options().mode == FetchOptions::Mode::Navigate; > > loadParameters.shouldEnableFromOriginResponseHeader = RuntimeEnabledFeatures::sharedFeatures().fromOriginResponseHeaderEnabled() && !loadParameters.isMainFrameNavigation; >- if (loadParameters.shouldEnableFromOriginResponseHeader) { >- Vector<RefPtr<WebCore::SecurityOrigin>> frameAncestorOrigins; >- for (auto* frame = resourceLoader.frame(); frame; frame = frame->tree().parent()) { >- if (frame->document()) >- frameAncestorOrigins.append(makeRefPtr(frame->document()->securityOrigin())); >- if (frame->isMainFrame()) >- break; >- } >- loadParameters.frameAncestorOrigins = WTFMove(frameAncestorOrigins); >- } >+ >+ Vector<RefPtr<SecurityOrigin>> frameAncestorOrigins; >+ for (auto* frame = resourceLoader.frame(); frame; frame = frame->tree().parent()) >+ frameAncestorOrigins.append(makeRefPtr(frame->document()->securityOrigin())); >+ loadParameters.frameAncestorOrigins = WTFMove(frameAncestorOrigins); > > ASSERT((loadParameters.webPageID && loadParameters.webFrameID) || loadParameters.clientCredentialPolicy == ClientCredentialPolicy::CannotAskClientForCredentials); > >diff --git a/Source/WebKit/WebProcess/Network/WebResourceLoader.cpp b/Source/WebKit/WebProcess/Network/WebResourceLoader.cpp >index ca464820560d3c13c18600ab08dbea1a7fd3dea3..c974ff8a0b56a6a7b96ccf3c3aaaae8a0ba047a0 100644 >--- a/Source/WebKit/WebProcess/Network/WebResourceLoader.cpp >+++ b/Source/WebKit/WebProcess/Network/WebResourceLoader.cpp >@@ -180,6 +180,14 @@ void WebResourceLoader::didBlockAuthenticationChallenge() > m_coreLoader->didBlockAuthenticationChallenge(); > } > >+void WebResourceLoader::stopLoadingAfterXFrameOptionsOrContentSecurityPolicyDenied() >+{ >+ LOG(Network, "(WebProcess) WebResourceLoader::stopLoadingAfterXFrameOptionsOrContentSecurityPolicyDenied for '%s'", m_coreLoader->url().string().latin1().data()); >+ RELEASE_LOG_IF_ALLOWED("stopLoadingAfterXFrameOptionsOrContentSecurityPolicyDenied: (pageID = %" PRIu64 ", frameID = %" PRIu64 ", resourceID = %" PRIu64 ")", m_trackingParameters.pageID, m_trackingParameters.frameID, m_trackingParameters.resourceID); >+ >+ m_coreLoader->documentLoader()->stopLoadingAfterXFrameOptionsOrContentSecurityPolicyDenied(m_coreLoader->identifier(), ResourceResponse { }); >+} >+ > #if ENABLE(SHAREABLE_RESOURCE) > void WebResourceLoader::didReceiveResource(const ShareableResource::Handle& handle) > { >diff --git a/Source/WebKit/WebProcess/Network/WebResourceLoader.h b/Source/WebKit/WebProcess/Network/WebResourceLoader.h >index d2ae6a2bd64db1c2cb3449aa35e09bbe809c9169..e7bed02190384409ade916e317c91fb49f2e5c32 100644 >--- a/Source/WebKit/WebProcess/Network/WebResourceLoader.h >+++ b/Source/WebKit/WebProcess/Network/WebResourceLoader.h >@@ -82,6 +82,9 @@ private: > void didFinishResourceLoad(const WebCore::NetworkLoadMetrics&); > void didFailResourceLoad(const WebCore::ResourceError&); > void didBlockAuthenticationChallenge(); >+ >+ void stopLoadingAfterXFrameOptionsOrContentSecurityPolicyDenied(); >+ > #if ENABLE(SHAREABLE_RESOURCE) > void didReceiveResource(const ShareableResource::Handle&); > #endif >diff --git a/Source/WebKit/WebProcess/Network/WebResourceLoader.messages.in b/Source/WebKit/WebProcess/Network/WebResourceLoader.messages.in >index 95f69cbceb0462f479cf73c3969ab3397658ded8..46584582c3e56640a6f6a28ca9a30805c62368d0 100644 >--- a/Source/WebKit/WebProcess/Network/WebResourceLoader.messages.in >+++ b/Source/WebKit/WebProcess/Network/WebResourceLoader.messages.in >@@ -30,6 +30,8 @@ messages -> WebResourceLoader LegacyReceiver { > DidFailResourceLoad(WebCore::ResourceError error) > DidBlockAuthenticationChallenge() > >+ StopLoadingAfterXFrameOptionsOrContentSecurityPolicyDenied() >+ > #if ENABLE(SHAREABLE_RESOURCE) > // DidReceiveResource is for when we have the entire resource data available at once, such as when the resource is cached in memory > DidReceiveResource(WebKit::ShareableResource::Handle resource) >diff --git a/Source/WebKit/WebProcess/WebPage/WebFrame.cpp b/Source/WebKit/WebProcess/WebPage/WebFrame.cpp >index 16abe5571dc817cbff9b1b04ade1076c517ca38f..43c1ae0101acb047acc869c6135f7819daa5c33e 100644 >--- a/Source/WebKit/WebProcess/WebPage/WebFrame.cpp >+++ b/Source/WebKit/WebProcess/WebPage/WebFrame.cpp >@@ -315,6 +315,14 @@ void WebFrame::convertMainResourceLoadToDownload(DocumentLoader* documentLoader, > webProcess.ensureNetworkProcessConnection().connection().send(Messages::NetworkConnectionToWebProcess::ConvertMainResourceLoadToDownload(sessionID, mainResourceLoadIdentifier, policyDownloadID, request, response), 0); > } > >+void WebFrame::addConsoleMessage(MessageSource messageSource, MessageLevel messageLevel, const String& message, uint64_t requestID) >+{ >+ if (!m_coreFrame) >+ return; >+ if (auto* document = m_coreFrame->document()) >+ document->addConsoleMessage(messageSource, messageLevel, message, requestID); >+} >+ > String WebFrame::source() const > { > if (!m_coreFrame) >diff --git a/Source/WebKit/WebProcess/WebPage/WebFrame.h b/Source/WebKit/WebProcess/WebPage/WebFrame.h >index 9fef7f13a2f07dc07eab974f18476a20e5a05430..a73d22db72377523be8bbe089fa15778289bdf2b 100644 >--- a/Source/WebKit/WebProcess/WebPage/WebFrame.h >+++ b/Source/WebKit/WebProcess/WebPage/WebFrame.h >@@ -30,6 +30,7 @@ > #include "ShareableBitmap.h" > #include "WKBase.h" > #include "WebFrameLoaderClient.h" >+#include <JavaScriptCore/ConsoleTypes.h> > #include <JavaScriptCore/JSBase.h> > #include <WebCore/FrameLoaderClient.h> > #include <WebCore/FrameLoaderTypes.h> >@@ -94,6 +95,8 @@ public: > void startDownload(const WebCore::ResourceRequest&, const String& suggestedName = { }); > void convertMainResourceLoadToDownload(WebCore::DocumentLoader*, PAL::SessionID, const WebCore::ResourceRequest&, const WebCore::ResourceResponse&); > >+ void addConsoleMessage(MessageSource, MessageLevel, const String&, uint64_t requestID = 0); >+ > String source() const; > String contentsAsString() const; > String selectionAsString() const; >diff --git a/Source/WebKit/WebProcess/WebPage/WebPage.cpp b/Source/WebKit/WebProcess/WebPage/WebPage.cpp >index a82871d5691fba588ddb6655c435fbe71a1638b0..10cc04e590821bf799d94e6a55c184de1a329a29 100644 >--- a/Source/WebKit/WebProcess/WebPage/WebPage.cpp >+++ b/Source/WebKit/WebProcess/WebPage/WebPage.cpp >@@ -38,6 +38,7 @@ > #include "EditorState.h" > #include "EventDispatcher.h" > #include "FindController.h" >+#include "FormDataReference.h" > #include "GeolocationPermissionRequestManager.h" > #include "InjectedBundle.h" > #include "InjectedBundleBackForwardList.h" >@@ -177,6 +178,7 @@ > #include <WebCore/NotImplemented.h> > #include <WebCore/Page.h> > #include <WebCore/PageConfiguration.h> >+#include <WebCore/PingLoader.h> > #include <WebCore/PlatformKeyboardEvent.h> > #include <WebCore/PluginDocument.h> > #include <WebCore/PrintContext.h> >@@ -469,6 +471,8 @@ WebPage::WebPage(uint64_t pageID, WebPageCreationParameters&& parameters) > WebCore::provideUserMediaTo(m_page.get(), new WebUserMediaClient(*this)); > #endif > >+ m_page->settings().setNetworkProcessCSPFrameAncestorsCheckingEnabled(true); >+ > m_page->setControlledByAutomation(parameters.controlledByAutomation); > > #if ENABLE(REMOTE_INSPECTOR) >@@ -3297,6 +3301,21 @@ WebFullScreenManager* WebPage::fullScreenManager() > } > #endif > >+void WebPage::addConsoleMessage(uint64_t frameID, MessageSource messageSource, MessageLevel messageLevel, const String& message, uint64_t requestID) >+{ >+ if (auto* frame = WebProcess::singleton().webFrame(frameID)) >+ frame->addConsoleMessage(messageSource, messageLevel, message, requestID); >+} >+ >+void WebPage::sendCSPViolationReport(uint64_t frameID, const WebCore::URL& reportURL, IPC::FormDataReference&& reportData) >+{ >+ auto report = reportData.takeData(); >+ if (!report) >+ return; >+ if (auto* frame = WebProcess::singleton().webFrame(frameID)) >+ PingLoader::sendViolationReport(*frame->coreFrame(), reportURL, report.releaseNonNull(), ViolationReportType::ContentSecurityPolicy); >+} >+ > NotificationPermissionRequestManager* WebPage::notificationPermissionRequestManager() > { > if (m_notificationPermissionRequestManager) >diff --git a/Source/WebKit/WebProcess/WebPage/WebPage.h b/Source/WebKit/WebProcess/WebPage/WebPage.h >index 9780cfc6c5af840cbdafb1d093eca8e4e2eef2f1..a8c5fb79b222ac84278fd80fc84634d2e9758ff6 100644 >--- a/Source/WebKit/WebProcess/WebPage/WebPage.h >+++ b/Source/WebKit/WebProcess/WebPage/WebPage.h >@@ -119,8 +119,9 @@ class Array; > } > > namespace IPC { >-class Decoder; > class Connection; >+class Decoder; >+class FormDataReference; > } > > namespace WebCore { >@@ -304,6 +305,9 @@ public: > WebFullScreenManager* fullScreenManager(); > #endif > >+ void addConsoleMessage(uint64_t frameID, MessageSource, MessageLevel, const String&, uint64_t requestID = 0); >+ void sendCSPViolationReport(uint64_t frameID, const WebCore::URL& reportURL, IPC::FormDataReference&&); >+ > // -- Called by the DrawingArea. > // FIXME: We could genericize these into a DrawingArea client interface. Would that be beneficial? > void drawRect(WebCore::GraphicsContext&, const WebCore::IntRect&); >@@ -1077,6 +1081,8 @@ public: > > bool isSuspended() const { return m_isSuspended; } > >+ void didReceiveWebPageMessage(IPC::Connection&, IPC::Decoder&); >+ > private: > WebPage(uint64_t pageID, WebPageCreationParameters&&); > >@@ -1099,7 +1105,6 @@ private: > void sendTouchBarMenuItemDataRemovedUpdate(WebCore::HTMLMenuItemElement&); > #endif > >- void didReceiveWebPageMessage(IPC::Connection&, IPC::Decoder&); > void didReceiveSyncWebPageMessage(IPC::Connection&, IPC::Decoder&, std::unique_ptr<IPC::Encoder>&); > > #if PLATFORM(IOS) >diff --git a/Source/WebKit/WebProcess/WebPage/WebPage.messages.in b/Source/WebKit/WebProcess/WebPage/WebPage.messages.in >index 5d1cf6f14227d3179861d6fdd4297c8d7d0b77b3..82b20282aa26b5aa8e855f75b8be4bf424566743 100644 >--- a/Source/WebKit/WebProcess/WebPage/WebPage.messages.in >+++ b/Source/WebKit/WebProcess/WebPage/WebPage.messages.in >@@ -27,6 +27,9 @@ messages -> WebPage LegacyReceiver { > > SetDrawsBackground(bool drawsBackground) > >+ AddConsoleMessage(uint64_t frameID, enum MessageSource messageSource, enum MessageLevel messageLevel, String message, uint64_t requestID) >+ SendCSPViolationReport(uint64_t frameID, WebCore::URL reportURL, IPC::FormDataReference reportData) >+ > #if PLATFORM(COCOA) > SetTopContentInsetFenced(float contentInset, IPC::Attachment fencePort) > #endif
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=339795">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Flags:
rniwa
:
review+
Actions:
View
|
Formatted Diff
|
Diff
Attachments on
bug 185410
: 339795