WebKit Bugzilla
Attachment 340514 Details for
Bug 185273
: Use SafeBrowsing in WKWebView
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
WIP
bug-185273-20180516152103.patch (text/plain), 63.88 KB, created by
Ali Juma
on 2018-05-16 12:21:04 PDT
(
hide
)
Description:
WIP
Filename:
MIME Type:
Creator:
Ali Juma
Created:
2018-05-16 12:21:04 PDT
Size:
63.88 KB
patch
obsolete
>Subversion Revision: 231854 >diff --git a/Source/WebCore/ChangeLog b/Source/WebCore/ChangeLog >index 051b6bc788a0e126cf71a04de8d7841aafbd5ba9..61b5647ba16d0792abe78ea22b018a73a46da3b1 100644 >--- a/Source/WebCore/ChangeLog >+++ b/Source/WebCore/ChangeLog >@@ -1,3 +1,32 @@ >+2018-05-16 Ali Juma <ajuma@chromium.org> >+ >+ Use SafeBrowsing in WKWebView >+ https://bugs.webkit.org/show_bug.cgi?id=181804 >+ >+ Reviewed by NOBODY (OOPS!). >+ >+ Add a setting for WebView SafeBrowsing. Add a new PolicyAction that >+ ignores a navigation but freezes BackForwardList state in preparation >+ for displaying a warning page. >+ >+ This patch is still WIP, tests will be added. >+ >+ * loader/DocumentLoader.cpp: >+ (WebCore::DocumentLoader::willSendRequest): >+ (WebCore::DocumentLoader::continueAfterContentPolicy): >+ * loader/FrameLoadRequest.cpp: >+ (WebCore::FrameLoadRequest::FrameLoadRequest): >+ * loader/FrameLoadRequest.h: >+ * loader/FrameLoader.cpp: >+ (WebCore::FrameLoader::load): >+ (WebCore::FrameLoader::continueLoadAfterNavigationPolicy): >+ * loader/FrameLoaderTypes.h: >+ * loader/PolicyChecker.cpp: >+ (WebCore::PolicyChecker::checkNavigationPolicy): >+ (WebCore::PolicyChecker::checkNewWindowPolicy): >+ * loader/PolicyChecker.h: >+ * page/Settings.yaml: >+ > 2018-05-14 Yusuke Suzuki <utatane.tea@gmail.com> > > [Win] Use C++17 in MSVC >diff --git a/Source/WebKit/ChangeLog b/Source/WebKit/ChangeLog >index 51940422374a2719afe00b023c72a9af669ead17..ea2878e453e9d1b0162f5cbc72d2b12c5cfcd669 100644 >--- a/Source/WebKit/ChangeLog >+++ b/Source/WebKit/ChangeLog >@@ -1,3 +1,65 @@ >+2018-05-16 Ali Juma <ajuma@chromium.org> >+ >+ Use SafeBrowsing in WKWebView >+ https://bugs.webkit.org/show_bug.cgi?id=181804 >+ >+ Reviewed by NOBODY (OOPS!). >+ >+ In parallel with asking the embedder to decidePolicyForNavigationAction, >+ perform a SafeBrowsing look-up. If the embedder's decision is to proceed, >+ but the SafeBrowsing look-up finds that the URL is unsafe, fire a new >+ decidePolicyForSafeBrowsingResultForNavigationAction callback to ask >+ the embedder whether to proceed anyway, to cancel the navigation, or to >+ cancel the navigation and show a default warning page. >+ >+ Add a new safeBrowsingEnabled WKPreference for this new behavior. >+ >+ * NetworkProcess/NetworkDataTaskBlob.cpp: >+ (WebKit::NetworkDataTaskBlob::dispatchDidReceiveResponse): >+ * NetworkProcess/capture/NetworkDataTaskReplay.cpp: >+ (WebKit::NetworkCapture::NetworkDataTaskReplay::didReceiveResponse): >+ * NetworkProcess/cocoa/NetworkSessionCocoa.mm: >+ (toNSURLSessionResponseDisposition): >+ * Shared/LoadParameters.cpp: >+ (WebKit::LoadParameters::encode const): >+ (WebKit::LoadParameters::decode): >+ * Shared/LoadParameters.h: >+ * Shared/WebPreferences.yaml: >+ * UIProcess/API/Cocoa/WKNavigationDelegate.h: >+ * UIProcess/API/Cocoa/WKPreferences.h: >+ * UIProcess/API/Cocoa/WKPreferences.mm: >+ (-[WKPreferences encodeWithCoder:]): >+ (-[WKPreferences initWithCoder:]): >+ (-[WKPreferences safeBrowsingEnabled]): >+ (-[WKPreferences setSafeBrowsingEnabled:]): >+ * UIProcess/Cocoa/NavigationState.h: >+ * UIProcess/Cocoa/NavigationState.mm: >+ (WebKit::NavigationState::NavigationState): >+ (WebKit::NavigationState::NavigationClient::decidePolicyForNavigationAction): >+ (WebKit::NavigationState::NavigationClient::decidePolicyForNavigationActionInternal): >+ * UIProcess/Cocoa/SafeBrowsingController.h: Added. >+ (WebKit::SafeBrowsingController::SafeBrowsingCheck::SafeBrowsingCheck): >+ * UIProcess/Cocoa/SafeBrowsingController.mm: Added. >+ (WebKit::SafeBrowsingController::SafeBrowsingController): >+ (WebKit::SafeBrowsingController::~SafeBrowsingController): >+ (WebKit::SafeBrowsingController::checkURL): >+ (WebKit::SafeBrowsingController::placeholder): >+ (WebKit::SafeBrowsingController::receivedNavigationPolicyDecision): >+ (WebKit::SafeBrowsingController::receivedSafeBrowsingDecision): >+ (WebKit::SafeBrowsingController::maybeFinishedCheck): >+ * UIProcess/WebFramePolicyListenerProxy.cpp: >+ (WebKit::WebFramePolicyListenerProxy::ignoreAndLockBackForwardList): >+ * UIProcess/WebFramePolicyListenerProxy.h: >+ * UIProcess/WebPageProxy.cpp: >+ (WebKit::WebPageProxy::loadAlternateHTMLString): >+ * UIProcess/WebPageProxy.h: >+ * WebKit.xcodeproj/project.pbxproj: >+ * WebProcess/WebPage/WebPage.cpp: >+ (WebKit::WebPage::loadDataImpl): >+ (WebKit::WebPage::loadStringImpl): >+ (WebKit::WebPage::loadAlternateHTMLString): >+ * WebProcess/WebPage/WebPage.h: >+ > 2018-05-16 Fujii Hironori <Hironori.Fujii@sony.com> > > [Win] Implement WebPage::handleEditingKeyboardEvent >diff --git a/Source/WebCore/loader/DocumentLoader.cpp b/Source/WebCore/loader/DocumentLoader.cpp >index 2ef6f49220b380403f42e408e96b13f33480b1ea..bf18b82faa6b9e9c6995bcef6b011c87e16e25e6 100644 >--- a/Source/WebCore/loader/DocumentLoader.cpp >+++ b/Source/WebCore/loader/DocumentLoader.cpp >@@ -649,6 +649,7 @@ void DocumentLoader::willSendRequest(ResourceRequest&& newRequest, const Resourc > request = { blankURL() }; > break; > case ShouldContinue::No: >+ case ShouldContinue::NoAndLockBackForwardList: > stopLoadingForPolicyChange(); > break; > case ShouldContinue::Yes: >@@ -924,6 +925,7 @@ void DocumentLoader::continueAfterContentPolicy(PolicyAction policy) > // It is invalid to get a Suspend policy based on navigation response. > RELEASE_ASSERT_NOT_REACHED(); > case PolicyAction::Ignore: >+ case PolicyAction::IgnoreAndLockBackForwardList: > if (ResourceLoader* mainResourceLoader = this->mainResourceLoader()) > InspectorInstrumentation::continueWithPolicyIgnore(*m_frame, mainResourceLoader->identifier(), *this, m_response); > stopLoadingForPolicyChange(); >diff --git a/Source/WebCore/loader/FrameLoadRequest.cpp b/Source/WebCore/loader/FrameLoadRequest.cpp >index c154772813dee436a8221260f00c4fe2be6e87f2..b21ca14570b9b5feb763a4f44c6ab3b79447c1bf 100644 >--- a/Source/WebCore/loader/FrameLoadRequest.cpp >+++ b/Source/WebCore/loader/FrameLoadRequest.cpp >@@ -55,13 +55,13 @@ FrameLoadRequest::FrameLoadRequest(Document& requester, SecurityOrigin& requeste > { > } > >-FrameLoadRequest::FrameLoadRequest(Frame& frame, const ResourceRequest& resourceRequest, ShouldOpenExternalURLsPolicy shouldOpenExternalURLsPolicy, const SubstituteData& substituteData) >+FrameLoadRequest::FrameLoadRequest(Frame& frame, const ResourceRequest& resourceRequest, ShouldOpenExternalURLsPolicy shouldOpenExternalURLsPolicy, const SubstituteData& substituteData, LockBackForwardList lockBackForwardList) > : m_requester { makeRef(*frame.document()) } > , m_requesterSecurityOrigin { makeRef(frame.document()->securityOrigin()) } > , m_resourceRequest { resourceRequest } > , m_substituteData { substituteData } > , m_lockHistory { LockHistory::No } >- , m_lockBackForwardList { LockBackForwardList::No } >+ , m_lockBackForwardList { lockBackForwardList } > , m_shouldSendReferrer { MaybeSendReferrer } > , m_allowNavigationToInvalidURL { AllowNavigationToInvalidURL::Yes } > , m_newFrameOpenerPolicy { NewFrameOpenerPolicy::Allow } >diff --git a/Source/WebCore/loader/FrameLoadRequest.h b/Source/WebCore/loader/FrameLoadRequest.h >index d6f10ed7d900d460e1920d54df47c5df6804facd..c80f120f8ed394f610aa132ea1e6d59cefc916fc 100644 >--- a/Source/WebCore/loader/FrameLoadRequest.h >+++ b/Source/WebCore/loader/FrameLoadRequest.h >@@ -39,7 +39,7 @@ class SecurityOrigin; > class FrameLoadRequest { > public: > WEBCORE_EXPORT FrameLoadRequest(Document&, SecurityOrigin&, const ResourceRequest&, const String& frameName, LockHistory, LockBackForwardList, ShouldSendReferrer, AllowNavigationToInvalidURL, NewFrameOpenerPolicy, ShouldOpenExternalURLsPolicy, InitiatedByMainFrame, ShouldReplaceDocumentIfJavaScriptURL = ReplaceDocumentIfJavaScriptURL, const AtomicString& downloadAttribute = { }, bool isSystemPreview = false); >- WEBCORE_EXPORT FrameLoadRequest(Frame&, const ResourceRequest&, ShouldOpenExternalURLsPolicy, const SubstituteData& = SubstituteData()); >+ WEBCORE_EXPORT FrameLoadRequest(Frame&, const ResourceRequest&, ShouldOpenExternalURLsPolicy, const SubstituteData& = SubstituteData(), LockBackForwardList = LockBackForwardList::No); > > WEBCORE_EXPORT ~FrameLoadRequest(); > >diff --git a/Source/WebCore/loader/FrameLoader.cpp b/Source/WebCore/loader/FrameLoader.cpp >index 16bf82355fe06836d4330ab1a806e553b4a0f581..3f192ba191809f4ce31e8b5a6c54f040b2ba0c55 100644 >--- a/Source/WebCore/loader/FrameLoader.cpp >+++ b/Source/WebCore/loader/FrameLoader.cpp >@@ -1427,6 +1427,8 @@ void FrameLoader::load(FrameLoadRequest&& request) > applyShouldOpenExternalURLsPolicyToNewDocumentLoader(m_frame, loader, request); > > SetForScope<bool> currentLoadShouldCheckNavigationPolicyGuard(m_currentLoadShouldCheckNavigationPolicy, request.shouldCheckNavigationPolicy()); >+ if (request.lockBackForwardList() == LockBackForwardList::Yes) >+ m_loadType = FrameLoadType::RedirectWithLockedBackForwardList; > load(loader.ptr()); > } > >@@ -3224,7 +3226,7 @@ void FrameLoader::continueLoadAfterNavigationPolicy(const ResourceRequest& reque > bool isTargetItem = history().provisionalItem() ? history().provisionalItem()->isTargetItem() : false; > > bool urlIsDisallowed = allowNavigationToInvalidURL == AllowNavigationToInvalidURL::No && !request.url().isValid(); >- bool canContinue = shouldContinue != ShouldContinue::No && shouldClose() && !urlIsDisallowed; >+ bool canContinue = (shouldContinue != ShouldContinue::No && shouldContinue != ShouldContinue::NoAndLockBackForwardList) && shouldClose() && !urlIsDisallowed; > > if (!canContinue) { > // If we were waiting for a quick redirect, but the policy delegate decided to ignore it, then we >@@ -3241,7 +3243,10 @@ void FrameLoader::continueLoadAfterNavigationPolicy(const ResourceRequest& reque > // problem that we have optimistically moved the b/f cursor already, so move it back. For sanity, > // we only do this when punting a navigation for the target frame or top-level frame. > if ((isTargetItem || m_frame.isMainFrame()) && isBackForwardLoadType(policyChecker().loadType())) { >- if (Page* page = m_frame.page()) { >+ if (shouldContinue == ShouldContinue::NoAndLockBackForwardList) { >+ m_loadType = policyChecker().loadType(); >+ m_frame.mainFrame().loader().history().updateForCommit(); >+ } else if (Page* page = m_frame.page()) { > if (HistoryItem* resetItem = m_frame.mainFrame().loader().history().currentItem()) { > page->backForward().setCurrentItem(resetItem); > m_frame.loader().client().updateGlobalHistoryItemForPage(); >diff --git a/Source/WebCore/loader/FrameLoaderTypes.h b/Source/WebCore/loader/FrameLoaderTypes.h >index 6de1b6faafe2e9ad354e6992cb74ec8ad3c29311..f9930036994615a645eee46041c6ca7b6aa3247c 100644 >--- a/Source/WebCore/loader/FrameLoaderTypes.h >+++ b/Source/WebCore/loader/FrameLoaderTypes.h >@@ -42,6 +42,7 @@ enum class PolicyAction { > Use, > Download, > Ignore, >+ IgnoreAndLockBackForwardList, > Suspend, > }; > >@@ -160,6 +161,7 @@ template<> struct EnumTraits<WebCore::PolicyAction> { > WebCore::PolicyAction::Use, > WebCore::PolicyAction::Download, > WebCore::PolicyAction::Ignore, >+ WebCore::PolicyAction::IgnoreAndLockBackForwardList, > WebCore::PolicyAction::Suspend > >; > }; >@@ -180,4 +182,12 @@ template<> struct EnumTraits<WebCore::FrameLoadType> { > >; > }; > >+template<> struct EnumTraits<WebCore::LockBackForwardList> { >+ using values = EnumValues< >+ WebCore::LockBackForwardList, >+ WebCore::LockBackForwardList::Yes, >+ WebCore::LockBackForwardList::No >+ >; >+}; >+ > } // namespace WTF >diff --git a/Source/WebCore/loader/PolicyChecker.cpp b/Source/WebCore/loader/PolicyChecker.cpp >index b6690ea9665a1515c97a63adc9407732b9819127..9a5553c7ee7e9d23c62be5185f11d92c20e76f0a 100644 >--- a/Source/WebCore/loader/PolicyChecker.cpp >+++ b/Source/WebCore/loader/PolicyChecker.cpp >@@ -178,6 +178,8 @@ void PolicyChecker::checkNavigationPolicy(ResourceRequest&& request, bool didRec > FALLTHROUGH; > case PolicyAction::Ignore: > return function({ }, nullptr, ShouldContinue::No); >+ case PolicyAction::IgnoreAndLockBackForwardList: >+ return function({ }, nullptr, ShouldContinue::NoAndLockBackForwardList); > case PolicyAction::Suspend: > return function({ }, nullptr, ShouldContinue::ForSuspension); > case PolicyAction::Use: >@@ -209,6 +211,9 @@ void PolicyChecker::checkNewWindowPolicy(NavigationAction&& navigationAction, Re > case PolicyAction::Ignore: > function({ }, nullptr, { }, { }, ShouldContinue::No); > return; >+ case PolicyAction::IgnoreAndLockBackForwardList: >+ ASSERT_NOT_REACHED(); >+ return; > case PolicyAction::Suspend: > // It is invalid to get a "Suspend" policy for new windows, as the old document is not going away. > RELEASE_ASSERT_NOT_REACHED(); >diff --git a/Source/WebCore/loader/PolicyChecker.h b/Source/WebCore/loader/PolicyChecker.h >index c329ec43b81e35e8b73abe6e601d13d4250852af..abb994bb6429969a7ebb9ce9b0e4b977a82ce989 100644 >--- a/Source/WebCore/loader/PolicyChecker.h >+++ b/Source/WebCore/loader/PolicyChecker.h >@@ -54,6 +54,7 @@ class ResourceResponse; > enum class ShouldContinue { > Yes, > No, >+ NoAndLockBackForwardList, > ForSuspension > }; > >diff --git a/Source/WebCore/page/Settings.yaml b/Source/WebCore/page/Settings.yaml >index 01bc6c8edc5a25751537fb905cf525938338399d..4bd170a960e8ec3ca704d97948b61c54850e33e9 100644 >--- a/Source/WebCore/page/Settings.yaml >+++ b/Source/WebCore/page/Settings.yaml >@@ -685,6 +685,9 @@ shouldAllowUserInstalledFonts: > initial: true > onChange: setNeedsRecalcStyleInAllFrames > >+safeBrowsingEnabled: >+ initial: false >+ > # Only set by Layout Tests. > mediaTypeOverride: > type: String >diff --git a/Source/WebKit/NetworkProcess/NetworkDataTaskBlob.cpp b/Source/WebKit/NetworkProcess/NetworkDataTaskBlob.cpp >index 6e1d6fc7e73be0b7a3218f8d75dde3afa03fba01..d3f124f7775cc889d9c46f8e4a54a76ecf5b4c06 100644 >--- a/Source/WebKit/NetworkProcess/NetworkDataTaskBlob.cpp >+++ b/Source/WebKit/NetworkProcess/NetworkDataTaskBlob.cpp >@@ -322,6 +322,9 @@ void NetworkDataTaskBlob::dispatchDidReceiveResponse(Error errorCode) > FALLTHROUGH; > case PolicyAction::Ignore: > break; >+ case PolicyAction::IgnoreAndLockBackForwardList: >+ ASSERT_NOT_REACHED(); >+ break; > case PolicyAction::Download: > download(); > break; >diff --git a/Source/WebKit/NetworkProcess/capture/NetworkDataTaskReplay.cpp b/Source/WebKit/NetworkProcess/capture/NetworkDataTaskReplay.cpp >index 67c4bb83a551e6d74802400f1c8debdfcb4ff055..49f41a05348a80fee10cd282f5d1696326596531 100644 >--- a/Source/WebKit/NetworkProcess/capture/NetworkDataTaskReplay.cpp >+++ b/Source/WebKit/NetworkProcess/capture/NetworkDataTaskReplay.cpp >@@ -258,6 +258,9 @@ void NetworkDataTaskReplay::didReceiveResponse(WebCore::ResourceResponse&& respo > case WebCore::PolicyAction::Ignore: > complete(); > break; >+ case WebCore::PolicyAction::IgnoreAndLockBackForwardList: >+ ASSERT_NOT_REACHED(); >+ break; > case WebCore::PolicyAction::Download: > DEBUG_LOG_ERROR("WebCore::PolicyAction::PolicyDownload"); > break; >diff --git a/Source/WebKit/NetworkProcess/cocoa/NetworkSessionCocoa.mm b/Source/WebKit/NetworkProcess/cocoa/NetworkSessionCocoa.mm >index 9b0befb3f43184e70930f0d979e8acfa9e1a76d0..efcf896b2467065068f2a0cf107205b7e3cf60d0 100644 >--- a/Source/WebKit/NetworkProcess/cocoa/NetworkSessionCocoa.mm >+++ b/Source/WebKit/NetworkProcess/cocoa/NetworkSessionCocoa.mm >@@ -66,6 +66,8 @@ static NSURLSessionResponseDisposition toNSURLSessionResponseDisposition(WebCore > case WebCore::PolicyAction::Suspend: > LOG_ERROR("PolicyAction::Suspend encountered - Treating as PolicyAction::Ignore for now"); > FALLTHROUGH; >+ case WebCore::PolicyAction::IgnoreAndLockBackForwardList: >+ ASSERT_NOT_REACHED(); > case WebCore::PolicyAction::Ignore: > return NSURLSessionResponseCancel; > case WebCore::PolicyAction::Use: >diff --git a/Source/WebKit/Shared/LoadParameters.cpp b/Source/WebKit/Shared/LoadParameters.cpp >index a6791efa074dfe50d59fe0a1ce6feea246d3d5fe..df8203fe5a6e53613e77cb54c5b337d3266c6a21 100644 >--- a/Source/WebKit/Shared/LoadParameters.cpp >+++ b/Source/WebKit/Shared/LoadParameters.cpp >@@ -49,6 +49,7 @@ void LoadParameters::encode(IPC::Encoder& encoder) const > encoder << provisionalLoadErrorURLString; > encoder << shouldOpenExternalURLsPolicy; > encoder << shouldCheckNavigationPolicy; >+ encoder << lockBackForwardList; > encoder << userData; > > platformEncode(encoder); >@@ -106,6 +107,9 @@ bool LoadParameters::decode(IPC::Decoder& decoder, LoadParameters& data) > if (!decoder.decode(data.shouldCheckNavigationPolicy)) > return false; > >+ if (!decoder.decode(data.lockBackForwardList)) >+ return false; >+ > if (!decoder.decode(data.userData)) > return false; > >diff --git a/Source/WebKit/Shared/LoadParameters.h b/Source/WebKit/Shared/LoadParameters.h >index 8402ddc85002a5aca0ce01f310caebab08f1fd5c..3de4ac21d654ec7f8298128b17af4b5e2b88612d 100644 >--- a/Source/WebKit/Shared/LoadParameters.h >+++ b/Source/WebKit/Shared/LoadParameters.h >@@ -29,6 +29,7 @@ > #include "DataReference.h" > #include "SandboxExtension.h" > #include "UserData.h" >+#include <WebCore/FrameLoaderTypes.h> > #include <WebCore/ResourceRequest.h> > > OBJC_CLASS NSDictionary; >@@ -63,6 +64,7 @@ struct LoadParameters { > > uint64_t shouldOpenExternalURLsPolicy; > bool shouldCheckNavigationPolicy { true }; >+ WebCore::LockBackForwardList lockBackForwardList { WebCore::LockBackForwardList::No }; > UserData userData; > > #if PLATFORM(COCOA) >diff --git a/Source/WebKit/Shared/WebPreferences.yaml b/Source/WebKit/Shared/WebPreferences.yaml >index 8b9b0b90f9ad2180e78a2b43882fff593977fba4..fd3f402a82928497d6cf244c73bcdb9c4132faad 100644 >--- a/Source/WebKit/Shared/WebPreferences.yaml >+++ b/Source/WebKit/Shared/WebPreferences.yaml >@@ -1054,6 +1054,10 @@ MediaCapabilitiesEnabled: > defaultValue: false > webcoreBinding: RuntimeEnabledFeatures > >+SafeBrowsingEnabled: >+ type: bool >+ defaultValue: false >+ > # For experimental features: > # The type should be boolean. > # You must provide a humanReadableName and humanReadableName for all experimental features. They >diff --git a/Source/WebKit/UIProcess/API/Cocoa/WKNavigationDelegate.h b/Source/WebKit/UIProcess/API/Cocoa/WKNavigationDelegate.h >index 8ccfcc78b6427cd5009eeecbd7bbca7a68bde3bd..739bee1485a69b5659f1f433ee5c7853a3704339 100644 >--- a/Source/WebKit/UIProcess/API/Cocoa/WKNavigationDelegate.h >+++ b/Source/WebKit/UIProcess/API/Cocoa/WKNavigationDelegate.h >@@ -57,6 +57,12 @@ typedef NS_ENUM(NSInteger, WKNavigationResponsePolicy) { > WKNavigationResponsePolicyAllow, > } WK_API_AVAILABLE(macosx(10.10), ios(8.0)); > >+typedef NS_ENUM(NSInteger, WKSafeBrowsingResultPolicy) { >+ WKSafeBrowsingResultPolicyCancel, >+ WKSafeBrowsingResultPolicyCancelAndShowWarning, >+ WKSafeBrowsingResultPolicyAllow, >+} WK_API_AVAILABLE(macosx(WK_MAC_TBA), ios(WK_IOS_TBA)); >+ > /*! A class conforming to the WKNavigationDelegate protocol can provide > methods for tracking progress for main frame navigations and for deciding > policy for main frame and subframe navigations. >@@ -86,6 +92,16 @@ typedef NS_ENUM(NSInteger, WKNavigationResponsePolicy) { > */ > - (void)webView:(WKWebView *)webView decidePolicyForNavigationResponse:(WKNavigationResponse *)navigationResponse decisionHandler:(void (^)(WKNavigationResponsePolicy))decisionHandler; > >+/*! @abstract Decides whether to allow or cancel a navigation that has failed a SafeBrowsing check. >+ @param webView The web view invoking the delegate method. >+ @param navigationAction Descriptive information about the action >+ triggering the navigation request. >+ @param decisionHandler The decision handler to call to allow or cancel the >+ navigation. The argument is one of the constants of the enumerated type WKSafeBrowsingResultPolicy. >+ @discussion If you do not implement this method, the web view will cancel the navigation and display a warning page. >+*/ >+- (void)webView:(WKWebView*)webView decidePolicyForSafeBrowsingResultForNavigationAction:(WKNavigationAction *)navigationAction decisionHandler:(void (^)(WKSafeBrowsingResultPolicy))decisionHandler; >+ > /*! @abstract Invoked when a main frame navigation starts. > @param webView The web view invoking the delegate method. > @param navigation The navigation. >diff --git a/Source/WebKit/UIProcess/API/Cocoa/WKPreferences.h b/Source/WebKit/UIProcess/API/Cocoa/WKPreferences.h >index e35b7192c0b666ebff50f46f605c630a129db931..51334e7158526eb51d282b91811f91b7f923b598 100644 >--- a/Source/WebKit/UIProcess/API/Cocoa/WKPreferences.h >+++ b/Source/WebKit/UIProcess/API/Cocoa/WKPreferences.h >@@ -53,6 +53,12 @@ WK_CLASS_AVAILABLE(macosx(10.10), ios(8.0)) > */ > @property (nonatomic) BOOL javaScriptCanOpenWindowsAutomatically; > >+/*! @abstract A Boolean value indicating whether the WKWebView should perform SafeBrowsing checks >+ before navigating to a URL. >+ @discussion The default value is NO. >+ */ >+@property (nonatomic) BOOL safeBrowsingEnabled WK_API_AVAILABLE(macosx(WK_MAC_TBA), ios(WK_IOS_TBA)); >+ > #if !TARGET_OS_IPHONE > /*! @abstract A Boolean value indicating whether Java is enabled. > @discussion The default value is NO. >diff --git a/Source/WebKit/UIProcess/API/Cocoa/WKPreferences.mm b/Source/WebKit/UIProcess/API/Cocoa/WKPreferences.mm >index 5fc0bc5a73af08d6188b1618cae1c79f5eddf42f..b3286d21a2ead2744ba1724b6da4632fa1b0a307 100644 >--- a/Source/WebKit/UIProcess/API/Cocoa/WKPreferences.mm >+++ b/Source/WebKit/UIProcess/API/Cocoa/WKPreferences.mm >@@ -68,6 +68,7 @@ - (void)encodeWithCoder:(NSCoder *)coder > [coder encodeDouble:self.minimumFontSize forKey:@"minimumFontSize"]; > [coder encodeBool:self.javaScriptEnabled forKey:@"javaScriptEnabled"]; > [coder encodeBool:self.javaScriptCanOpenWindowsAutomatically forKey:@"javaScriptCanOpenWindowsAutomatically"]; >+ [coder encodeBool:self.safeBrowsingEnabled forKey:@"safeBrowsingEnabled"]; > > #if PLATFORM(MAC) > [coder encodeBool:self.javaEnabled forKey:@"javaEnabled"]; >@@ -84,6 +85,7 @@ - (instancetype)initWithCoder:(NSCoder *)coder > self.minimumFontSize = [coder decodeDoubleForKey:@"minimumFontSize"]; > self.javaScriptEnabled = [coder decodeBoolForKey:@"javaScriptEnabled"]; > self.javaScriptCanOpenWindowsAutomatically = [coder decodeBoolForKey:@"javaScriptCanOpenWindowsAutomatically"]; >+ self.safeBrowsingEnabled = [coder decodeBoolForKey:@"safeBrowsingEnabled"]; > > #if PLATFORM(MAC) > self.javaEnabled = [coder decodeBoolForKey:@"javaEnabled"]; >@@ -139,6 +141,16 @@ - (void)_setStorageAccessPromptsEnabled:(BOOL)enabled > _preferences->setStorageAccessPromptsEnabled(enabled); > } > >+- (BOOL)safeBrowsingEnabled >+{ >+ return _preferences->safeBrowsingEnabled(); >+} >+ >+- (void)setSafeBrowsingEnabled:(BOOL)safeBrowsingEnabled >+{ >+ _preferences->setSafeBrowsingEnabled(safeBrowsingEnabled); >+} >+ > #pragma mark OS X-specific methods > > #if PLATFORM(MAC) >diff --git a/Source/WebKit/UIProcess/Cocoa/NavigationState.h b/Source/WebKit/UIProcess/Cocoa/NavigationState.h >index 4a9c1cd8aa0bcf6353ba7e6615af2810f0fb2c37..edef27a092bdedeba515877ffd1912d0e3c6e464 100644 >--- a/Source/WebKit/UIProcess/Cocoa/NavigationState.h >+++ b/Source/WebKit/UIProcess/Cocoa/NavigationState.h >@@ -34,6 +34,7 @@ > #import "PageLoadState.h" > #import "ProcessTerminationReason.h" > #import "ProcessThrottler.h" >+#import "WKNavigationDelegatePrivate.h" > #import "WeakObjCPtr.h" > #import <wtf/RetainPtr.h> > #import <wtf/RunLoop.h> >@@ -52,6 +53,7 @@ struct SecurityOriginData; > > namespace WebKit { > >+class SafeBrowsingController; > struct WebNavigationDataStore; > > class NavigationState final : private PageLoadState::Observer { >@@ -137,6 +139,8 @@ private: > void decidePolicyForNavigationAction(WebPageProxy&, Ref<API::NavigationAction>&&, Ref<WebFramePolicyListenerProxy>&&, API::Object* userData) override; > void decidePolicyForNavigationResponse(WebPageProxy&, Ref<API::NavigationResponse>&&, Ref<WebFramePolicyListenerProxy>&&, API::Object* userData) override; > >+ void decidePolicyForNavigationActionInternal(WebPageProxy&, Ref<API::NavigationAction>&&, WTF::Function<void(WKNavigationActionPolicy, std::optional<WebsitePoliciesData>&&)>&& completionHandler, API::Object* userData); >+ > NavigationState& m_navigationState; > }; > >@@ -182,6 +186,7 @@ private: > > WKWebView *m_webView; > WeakObjCPtr<id <WKNavigationDelegate> > m_navigationDelegate; >+ std::unique_ptr<SafeBrowsingController> m_safeBrowsingController; > > struct { > bool webViewDecidePolicyForNavigationActionDecisionHandler : 1; >diff --git a/Source/WebKit/UIProcess/Cocoa/NavigationState.mm b/Source/WebKit/UIProcess/Cocoa/NavigationState.mm >index 8c3fa9d7496026b0b631aa7a11f9c2fa1287e0bb..ed8a0766456ab0b1a0db6b0eb0d0c4674b7bdd62 100644 >--- a/Source/WebKit/UIProcess/Cocoa/NavigationState.mm >+++ b/Source/WebKit/UIProcess/Cocoa/NavigationState.mm >@@ -39,6 +39,7 @@ > #import "Logging.h" > #import "NavigationActionData.h" > #import "PageLoadState.h" >+#import "SafeBrowsingController.h" > #import "WKBackForwardListInternal.h" > #import "WKBackForwardListItemInternal.h" > #import "WKFrameInfoInternal.h" >@@ -105,6 +106,7 @@ NavigationState::NavigationState(WKWebView *webView) > > navigationStates().add(m_webView->_page.get(), this); > m_webView->_page->pageLoadState().addObserver(*this); >+ m_safeBrowsingController = std::make_unique<SafeBrowsingController>(webView); > } > > NavigationState::~NavigationState() >@@ -478,29 +480,37 @@ static void tryAppLink(Ref<API::NavigationAction>&& navigationAction, const Stri > void NavigationState::NavigationClient::decidePolicyForNavigationAction(WebPageProxy& webPageProxy, Ref<API::NavigationAction>&& navigationAction, Ref<WebFramePolicyListenerProxy>&& listener, API::Object* userInfo) > { > ASSERT(webPageProxy.mainFrame()); >+ auto policyDecider = [&webPageProxy, navigationAction = navigationAction.copyRef(), userInfo, this] (WTF::Function<void(WKNavigationActionPolicy, std::optional<WebsitePoliciesData>&&)>&& completionHandler) mutable { >+ decidePolicyForNavigationActionInternal(webPageProxy, WTFMove(navigationAction), WTFMove(completionHandler), userInfo); >+ }; >+ m_navigationState.m_safeBrowsingController->checkURL(WTFMove(navigationAction), WTFMove(policyDecider), WTFMove(listener)); >+} >+ >+void NavigationState::NavigationClient::decidePolicyForNavigationActionInternal(WebPageProxy& webPageProxy, Ref<API::NavigationAction>&& navigationAction, WTF::Function<void(WKNavigationActionPolicy, std::optional<WebsitePoliciesData>&&)>&& completionHandler, API::Object* userInfo) >+{ > String mainFrameURLString = webPageProxy.mainFrame()->url(); > bool subframeNavigation = navigationAction->targetFrame() && !navigationAction->targetFrame()->isMainFrame(); > > if (!m_navigationState.m_navigationDelegateMethods.webViewDecidePolicyForNavigationActionDecisionHandler > && !m_navigationState.m_navigationDelegateMethods.webViewDecidePolicyForNavigationActionDecisionHandlerWebsitePolicies > && !m_navigationState.m_navigationDelegateMethods.webViewDecidePolicyForNavigationActionUserInfoDecisionHandlerWebsitePolicies) { >- auto completionHandler = [webPage = makeRef(webPageProxy), listener = WTFMove(listener), navigationAction = navigationAction.copyRef()] (bool followedLinkToApp) { >+ auto localCompletionHandler = [webPage = makeRef(webPageProxy), completionHandler = WTFMove(completionHandler), navigationAction = navigationAction.copyRef()] (bool followedLinkToApp) { > if (followedLinkToApp) { >- listener->ignore(); >+ completionHandler(WKNavigationActionPolicyCancel, std::nullopt); > return; > } > > if (!navigationAction->targetFrame()) { >- listener->use(std::nullopt); >+ completionHandler(WKNavigationActionPolicyAllow, std::nullopt); > return; > } > > RetainPtr<NSURLRequest> nsURLRequest = adoptNS(wrapper(API::URLRequest::create(navigationAction->request()).leakRef())); > if ([NSURLConnection canHandleRequest:nsURLRequest.get()] || webPage->urlSchemeHandlerForScheme([nsURLRequest URL].scheme)) { > if (navigationAction->shouldPerformDownload()) >- listener->download(); >+ completionHandler(_WKNavigationActionPolicyDownload, std::nullopt); > else >- listener->use(std::nullopt); >+ completionHandler(WKNavigationActionPolicyAllow, std::nullopt); > return; > } > >@@ -510,9 +520,9 @@ void NavigationState::NavigationClient::decidePolicyForNavigationAction(WebPageP > if (![[nsURLRequest URL] isFileURL]) > [[NSWorkspace sharedWorkspace] openURL:[nsURLRequest URL]]; > #endif >- listener->ignore(); >+ completionHandler(WKNavigationActionPolicyCancel, std::nullopt); > }; >- tryAppLink(WTFMove(navigationAction), mainFrameURLString, WTFMove(completionHandler)); >+ tryAppLink(WTFMove(navigationAction), mainFrameURLString, WTFMove(localCompletionHandler)); > return; > } > >@@ -524,7 +534,7 @@ void NavigationState::NavigationClient::decidePolicyForNavigationAction(WebPageP > > auto checker = CompletionHandlerCallChecker::create(navigationDelegate.get(), delegateHasWebsitePolicies ? @selector(_webView:decidePolicyForNavigationAction:decisionHandler:) : @selector(webView:decidePolicyForNavigationAction:decisionHandler:)); > >- auto decisionHandlerWithPolicies = [localListener = WTFMove(listener), navigationAction = navigationAction.copyRef(), checker = WTFMove(checker), mainFrameURLString, webPageProxy = makeRef(webPageProxy), subframeNavigation](WKNavigationActionPolicy actionPolicy, _WKWebsitePolicies *websitePolicies) mutable { >+ auto decisionHandlerWithPolicies = [localCompletionHandler = WTFMove(completionHandler), navigationAction = navigationAction.copyRef(), checker = WTFMove(checker), mainFrameURLString, webPageProxy = makeRef(webPageProxy), subframeNavigation](WKNavigationActionPolicy actionPolicy, _WKWebsitePolicies *websitePolicies) mutable { > if (checker->completionHandlerHasBeenCalled()) > return; > checker->didCallCompletionHandler(); >@@ -545,30 +555,30 @@ void NavigationState::NavigationClient::decidePolicyForNavigationAction(WebPageP > > switch (actionPolicy) { > case WKNavigationActionPolicyAllow: >- tryAppLink(WTFMove(navigationAction), mainFrameURLString, [localListener = WTFMove(localListener), data = WTFMove(data)](bool followedLinkToApp) mutable { >+ tryAppLink(WTFMove(navigationAction), mainFrameURLString, [localCompletionHandler = WTFMove(localCompletionHandler), data = WTFMove(data)](bool followedLinkToApp) mutable { > if (followedLinkToApp) { >- localListener->ignore(); >+ localCompletionHandler(WKNavigationActionPolicyCancel, std::nullopt); > return; > } > >- localListener->use(WTFMove(data)); >+ localCompletionHandler(WKNavigationActionPolicyAllow, WTFMove(data)); > }); > > break; > > case WKNavigationActionPolicyCancel: >- localListener->ignore(); >+ localCompletionHandler(WKNavigationActionPolicyCancel, std::nullopt); > break; > > // FIXME: Once we have a new enough compiler everywhere we don't need to ignore -Wswitch. > #pragma clang diagnostic push > #pragma clang diagnostic ignored "-Wswitch" > case _WKNavigationActionPolicyDownload: >- localListener->download(); >+ localCompletionHandler(_WKNavigationActionPolicyDownload, std::nullopt); > break; > case _WKNavigationActionPolicyAllowWithoutTryingAppLink: > #pragma clang diagnostic pop >- localListener->use(WTFMove(data)); >+ localCompletionHandler(WKNavigationActionPolicyAllow, WTFMove(data)); > break; > } > }; >diff --git a/Source/WebKit/UIProcess/Cocoa/SafeBrowsingController.h b/Source/WebKit/UIProcess/Cocoa/SafeBrowsingController.h >new file mode 100644 >index 0000000000000000000000000000000000000000..310125b738acda023696da5b3d7c344702438479 >--- /dev/null >+++ b/Source/WebKit/UIProcess/Cocoa/SafeBrowsingController.h >@@ -0,0 +1,98 @@ >+/* >+ * Copyright (C) 2018 Google LLC. All rights reserved. >+ * >+ * Redistribution and use in source and binary forms, with or without >+ * modification, are permitted provided that the following conditions >+ * are met: >+ * 1. Redistributions of source code must retain the above copyright >+ * notice, this list of conditions and the following disclaimer. >+ * 2. Redistributions in binary form must reproduce the above copyright >+ * notice, this list of conditions and the following disclaimer in the >+ * documentation and/or other materials provided with the distribution. >+ * >+ * THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS'' >+ * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, >+ * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR >+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS >+ * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR >+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF >+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS >+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN >+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) >+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF >+ * THE POSSIBILITY OF SUCH DAMAGE. >+ */ >+ >+#pragma once >+ >+#import "WKFoundation.h" >+ >+#if WK_API_ENABLED >+ >+#import "WKNavigationDelegatePrivate.h" >+#import "WebsitePoliciesData.h" >+#import <WebCore/URL.h> >+#import <WebCore/URLHash.h> >+#import <wtf/HashSet.h> >+#import <wtf/WeakPtr.h> >+ >+@class WKWebView; >+ >+namespace API { >+class NavigationAction; >+} >+ >+namespace WebKit { >+ >+class WebFramePolicyListenerProxy; >+ >+class SafeBrowsingController { >+public: >+ explicit SafeBrowsingController(WKWebView *); >+ ~SafeBrowsingController(); >+ >+ using NavigationPolicyDecider = WTF::Function<void(WTF::Function<void(WKNavigationActionPolicy, std::optional<WebsitePoliciesData>&&)>&&)>; >+ >+ void checkURL(Ref<API::NavigationAction>&&, NavigationPolicyDecider&&, Ref<WebFramePolicyListenerProxy>&&); >+ >+ // Just to make m_webView get used somewhere. >+ void placeholder(); >+ >+private: >+ struct SafeBrowsingCheck { >+ SafeBrowsingCheck(Ref<WebFramePolicyListenerProxy>&& listener, Ref<API::NavigationAction>&& navigationAction) >+ : listener(WTFMove(listener)) >+ , navigationAction(WTFMove(navigationAction)) >+ { >+ } >+ >+ std::optional<WKNavigationActionPolicy> navigationPolicyDecision; >+ std::optional<WebsitePoliciesData> websitePoliciesData; >+ >+ // FIXME: Use an std::optional<EnumType> for the SB result. >+ // Using std::optional<bool> is too confusing for readability. >+ bool safeBrowsingLookUpComplete = false; >+ bool isUnsafe = false; >+ Ref<WebFramePolicyListenerProxy> listener; >+ Ref<API::NavigationAction> navigationAction; >+ }; >+ >+ void receivedNavigationPolicyDecision(SafeBrowsingCheck&, WKNavigationActionPolicy, std::optional<WebsitePoliciesData>&&); >+ >+ // Takes a |SafeBrowsingCheck*| rather than |SafeBrowsingCheck&| since the >+ // check might have already been destroyed, e.g., if the embedder's navigation >+ // policy response was to ignore the navigation. >+ void receivedSafeBrowsingDecision(SafeBrowsingCheck*, bool isUnsafe); >+ >+ void maybeFinishedCheck(SafeBrowsingCheck&); >+ >+ WKWebView *m_webView; >+ HashSet<std::unique_ptr<SafeBrowsingCheck>> m_checks; >+ HashSet<WebCore::URL> m_warningIgnoredUrls; >+ WeakPtrFactory<SafeBrowsingController> m_weakPtrFactory; >+ static const char* s_warningPageUrl; >+}; >+ >+} // namespace WebKit >+ >+#endif // WK_API_ENABLED >diff --git a/Source/WebKit/UIProcess/Cocoa/SafeBrowsingController.mm b/Source/WebKit/UIProcess/Cocoa/SafeBrowsingController.mm >new file mode 100644 >index 0000000000000000000000000000000000000000..7d34509ef832821f542e9a347f62d07f53d3fcd3 >--- /dev/null >+++ b/Source/WebKit/UIProcess/Cocoa/SafeBrowsingController.mm >@@ -0,0 +1,204 @@ >+/* >+ * Copyright (C) 2018 Google LLC. All rights reserved. >+ * >+ * Redistribution and use in source and binary forms, with or without >+ * modification, are permitted provided that the following conditions >+ * are met: >+ * 1. Redistributions of source code must retain the above copyright >+ * notice, this list of conditions and the following disclaimer. >+ * 2. Redistributions in binary form must reproduce the above copyright >+ * notice, this list of conditions and the following disclaimer in the >+ * documentation and/or other materials provided with the distribution. >+ * >+ * THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS'' >+ * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, >+ * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR >+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS >+ * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR >+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF >+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS >+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN >+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) >+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF >+ * THE POSSIBILITY OF SUCH DAMAGE. >+ */ >+ >+#import "config.h" >+#import "SafeBrowsingController.h" >+ >+#if WK_API_ENABLED >+ >+#import "APINavigationAction.h" >+#import "SafeBrowsingSPI.h" >+#import "WKNavigationActionInternal.h" >+#import "WKPreferences.h" >+#import "WKWebViewConfiguration.h" >+#import "WKWebViewInternal.h" >+#import "WebFramePolicyListenerProxy.h" >+#import "WebPageProxy.h" >+ >+namespace WebKit { >+ >+const char* SafeBrowsingController::s_warningPageUrl = "file:///SafeBrowsing"; >+ >+SafeBrowsingController::SafeBrowsingController(WKWebView *webView) >+ : m_webView(webView) >+{ >+} >+ >+SafeBrowsingController::~SafeBrowsingController() >+{ >+} >+ >+void SafeBrowsingController::checkURL(Ref<API::NavigationAction>&& navigationAction, NavigationPolicyDecider&& policyDecider, Ref<WebFramePolicyListenerProxy>&& listener) >+{ >+ bool shouldSkipSafeBrowsingLookUp = !m_webView.configuration.preferences.safeBrowsingEnabled; >+ if (!shouldSkipSafeBrowsingLookUp) { >+ bool warningBypassed = navigationAction->navigationType() == WebCore::NavigationType::LinkClicked >+ && navigationAction->sourceFrame() >+ && navigationAction->sourceFrame()->page()->pageLoadState().url() == s_warningPageUrl >+ && navigationAction->sourceFrame()->page()->currentURL() == navigationAction->originalURL().string(); >+ >+ // FIXME: Figure out the right persistence model? Right now, this persists ignoring warnings for the currently >+ // displayed URL (i.e., the main-frame URL), but not for the specific subframe that triggered the >+ // warning. So the next attempt at loading that subframe will still trigger the warning. >+ // For subframes, the user might have no idea what URL is 'dangerous', so persisting that URL seems >+ // questionable. >+ // Another approach would be to exempt all loads triggered by the main-frame URL once the user >+ // bypasses a warning with that main-frame URL. But then we also need to track what warning types >+ // the user has decided to bypass (e.g., maybe the user bypassed a phishing warning, but that >+ // shouldn't automatically imply they also want to bypass malware warnings). >+ if (warningBypassed) >+ m_warningIgnoredUrls.add(navigationAction->originalURL()); >+ >+ shouldSkipSafeBrowsingLookUp = warningBypassed || m_warningIgnoredUrls.contains(navigationAction->originalURL()); >+ } >+ >+ auto safeBrowsingCheck = std::make_unique<SafeBrowsingCheck>(WTFMove(listener), WTFMove(navigationAction)); >+ auto checkRaw = safeBrowsingCheck.get(); >+ m_checks.add(WTFMove(safeBrowsingCheck)); >+ >+ auto policyCompletionHandler = [checkRaw, weakThis = m_weakPtrFactory.createWeakPtr(*this)] (WKNavigationActionPolicy policy, std::optional<WebsitePoliciesData>&& data) mutable { >+ if (weakThis) >+ weakThis->receivedNavigationPolicyDecision(*checkRaw, policy, WTFMove(data)); >+ }; >+ >+ policyDecider(WTFMove(policyCompletionHandler)); >+ >+ if (shouldSkipSafeBrowsingLookUp) { >+ receivedSafeBrowsingDecision(checkRaw, false); >+ return; >+ } >+ >+#if (PLATFORM(MAC) && __MAC_OS_X_VERSION_MIN_REQUIRED >= 101300) || (PLATFORM(IOS) && __IPHONE_OS_VERSION_MIN_REQUIRED >= 110000) >+ auto weakThis = m_weakPtrFactory.createWeakPtr(*this); >+ [[SSBLookupContext sharedLookupContext] lookUpURL:checkRaw->navigationAction->request().url() completionHandler:^(SSBLookupResult* result, NSError* error) { >+ // FIXME: Remove logging. >+ if (error) >+ WTFLogAlways("Error doing SafeBrowsing check"); >+ if (!weakThis) >+ return; >+ bool isUnsafe = false; >+ if (result.serviceLookupResults) { >+ for (SSBServiceLookupResult* details in result.serviceLookupResults) { >+ // FIXME: Do we want to keep track of the different types in order to give >+ // different warnings? >+ if (details.isPhishing || details.isMalware || details.isUnwantedSoftware || details.isKnownToBeUnsafe) >+ isUnsafe = true; >+ } >+ } >+ weakThis->receivedSafeBrowsingDecision(checkRaw, isUnsafe); >+ }]; >+#else >+ receivedSafeBrowsingDecision(checkRaw, false); >+#endif >+} >+ >+void SafeBrowsingController::placeholder() >+{ >+ [m_webView goBack]; >+} >+ >+void SafeBrowsingController::receivedNavigationPolicyDecision(SafeBrowsingController::SafeBrowsingCheck& check, WKNavigationActionPolicy policy, std::optional<WebsitePoliciesData>&& data) >+{ >+ check.navigationPolicyDecision = policy; >+ check.websitePoliciesData = WTFMove(data); >+ maybeFinishedCheck(check); >+} >+ >+void SafeBrowsingController::receivedSafeBrowsingDecision(SafeBrowsingCheck* check, bool isUnsafe) >+{ >+ if (!m_checks.contains(check)) >+ return; >+ >+ check->safeBrowsingLookUpComplete = true; >+ check->isUnsafe = isUnsafe; >+ maybeFinishedCheck(*check); >+} >+ >+void SafeBrowsingController::maybeFinishedCheck(SafeBrowsingController::SafeBrowsingCheck& check) >+{ >+ if (!check.navigationPolicyDecision) >+ return; >+ >+ if (check.navigationPolicyDecision.value() == WKNavigationActionPolicyAllow && !check.safeBrowsingLookUpComplete) >+ return; >+ >+ switch (check.navigationPolicyDecision.value()) { >+ case WKNavigationActionPolicyAllow: { >+ if (!check.isUnsafe) { >+ check.listener->use(WTFMove(check.websitePoliciesData)); >+ return; >+ } >+ >+ auto weakThis = m_weakPtrFactory.createWeakPtr(*this); >+ void (^safeBrowsingPolicyHandler)(WKSafeBrowsingResultPolicy) = ^(WKSafeBrowsingResultPolicy policy) { >+ if (!weakThis) >+ return; >+ switch (policy) { >+ case WKSafeBrowsingResultPolicyCancel: >+ check.listener->ignore(); >+ break; >+ case WKSafeBrowsingResultPolicyCancelAndShowWarning: { >+ check.listener->ignoreAndLockBackForwardList(); >+ // FIXME: This really needs to be loaded in a way that permits localization. >+ // Possibly put strings in LocalizedStrings.cpp or LocalizedStringCocoa.mm. >+ // Make the warning message similar/identical to Safari, which means different >+ // wording depending on the type of warning (phishing, malware, etc.). >+ auto targetMainFrameUrl = check.navigationAction->targetFrame()->isMainFrame() ? check.navigationAction->request().url() : WebCore::URL(WebCore::ParsedURLString, check.navigationAction->targetFrame()->page()->currentURL()); >+ WebCore::LockBackForwardList lockBackForwardList; >+ if (check.navigationAction->navigationType() == WebCore::NavigationType::BackForward) >+ lockBackForwardList = WebCore::LockBackForwardList::Yes; >+ else >+ lockBackForwardList = WebCore::LockBackForwardList::No; >+ [m_webView _page]->loadAlternateHTMLString([NSString stringWithFormat:@"<style>body { background-color: red; }</style><body><h1>This is a simple SafeBrowsing warning.</h1><h2>You've been warned!!!</h2><h2><a href='%s'>Live dangerously and visit the site anyway</a></h2>", targetMainFrameUrl.string().utf8().data()], WebCore::URL(WebCore::ParsedURLString, s_warningPageUrl), targetMainFrameUrl, nullptr, lockBackForwardList); >+ break; >+ } >+ case WKSafeBrowsingResultPolicyAllow: >+ check.listener->use(WTFMove(check.websitePoliciesData)); >+ break; >+ } >+ m_checks.remove(&check); >+ }; >+ auto navigationDelegate = [m_webView navigationDelegate]; >+ if (navigationDelegate && [navigationDelegate respondsToSelector:@selector(webView:decidePolicyForSafeBrowsingResultForNavigationAction:decisionHandler:)]) >+ [navigationDelegate webView:m_webView decidePolicyForSafeBrowsingResultForNavigationAction:wrapper(check.navigationAction) decisionHandler:safeBrowsingPolicyHandler]; >+ else >+ safeBrowsingPolicyHandler(WKSafeBrowsingResultPolicyCancelAndShowWarning); >+ return; >+ } >+ case WKNavigationActionPolicyCancel: >+ check.listener->ignore(); >+ break; >+ case _WKNavigationActionPolicyDownload: >+ check.listener->download(); >+ break; >+ default: >+ ASSERT_NOT_REACHED(); >+ } >+ m_checks.remove(&check); >+} >+ >+} // namespace WebKit >+ >+#endif // WK_API_ENABLED >diff --git a/Source/WebKit/UIProcess/WebFramePolicyListenerProxy.cpp b/Source/WebKit/UIProcess/WebFramePolicyListenerProxy.cpp >index a836712ec7ca69c1ea3830b2afc633776e4395ea..d64abd863e91801d6a2c7ae42e1e0497b75634b2 100644 >--- a/Source/WebKit/UIProcess/WebFramePolicyListenerProxy.cpp >+++ b/Source/WebKit/UIProcess/WebFramePolicyListenerProxy.cpp >@@ -53,4 +53,9 @@ void WebFramePolicyListenerProxy::ignore() > receivedPolicyDecision(WebCore::PolicyAction::Ignore, std::nullopt); > } > >+void WebFramePolicyListenerProxy::ignoreAndLockBackForwardList() >+{ >+ receivedPolicyDecision(WebCore::PolicyAction::IgnoreAndLockBackForwardList, std::nullopt); >+} >+ > } // namespace WebKit >diff --git a/Source/WebKit/UIProcess/WebFramePolicyListenerProxy.h b/Source/WebKit/UIProcess/WebFramePolicyListenerProxy.h >index 89907183bf36942acb86615e3bc32db23288be82..ce5c42ed8b741a9e5772fa09bbbc4c5173a92654 100644 >--- a/Source/WebKit/UIProcess/WebFramePolicyListenerProxy.h >+++ b/Source/WebKit/UIProcess/WebFramePolicyListenerProxy.h >@@ -53,6 +53,7 @@ public: > void use(std::optional<WebsitePoliciesData>&&); > void download(); > void ignore(); >+ void ignoreAndLockBackForwardList(); > > PolicyListenerType policyListenerType() const { return m_policyType; } > >diff --git a/Source/WebKit/UIProcess/WebPageProxy.cpp b/Source/WebKit/UIProcess/WebPageProxy.cpp >index cde1000c4edb846700f0915fe8a28013eb7fca63..991b2dc47719cda69b376d8c099a099f182b85c5 100644 >--- a/Source/WebKit/UIProcess/WebPageProxy.cpp >+++ b/Source/WebKit/UIProcess/WebPageProxy.cpp >@@ -1085,7 +1085,7 @@ RefPtr<API::Navigation> WebPageProxy::loadHTMLString(const String& htmlString, c > return WTFMove(navigation); > } > >-void WebPageProxy::loadAlternateHTMLString(const String& htmlString, const WebCore::URL& baseURL, const WebCore::URL& unreachableURL, API::Object* userData) >+void WebPageProxy::loadAlternateHTMLString(const String& htmlString, const WebCore::URL& baseURL, const WebCore::URL& unreachableURL, API::Object* userData, WebCore::LockBackForwardList lockBackForwardList) > { > // When the UIProcess is in the process of handling a failing provisional load, do not attempt to > // start a second alternative HTML load as this will prevent the page load state from being >@@ -1107,12 +1107,15 @@ void WebPageProxy::loadAlternateHTMLString(const String& htmlString, const WebCo > if (m_mainFrame) > m_mainFrame->setUnreachableURL(unreachableURL); > >+ auto navigation = m_navigationState->createLoadDataNavigation(); >+ > LoadParameters loadParameters; >- loadParameters.navigationID = 0; >+ loadParameters.navigationID = navigation->navigationID(); > loadParameters.string = htmlString; > loadParameters.baseURLString = baseURL; > loadParameters.unreachableURLString = unreachableURL; > loadParameters.provisionalLoadErrorURLString = m_failingProvisionalLoadURL; >+ loadParameters.lockBackForwardList = lockBackForwardList; > loadParameters.userData = UserData(process().transformObjectsToHandles(userData).get()); > addPlatformLoadParameters(loadParameters); > >diff --git a/Source/WebKit/UIProcess/WebPageProxy.h b/Source/WebKit/UIProcess/WebPageProxy.h >index 2e014368f09f060bf0979c516a63d38b20af5012..2b08ce3350721971652c6b0c9f74f577a3b4151d 100644 >--- a/Source/WebKit/UIProcess/WebPageProxy.h >+++ b/Source/WebKit/UIProcess/WebPageProxy.h >@@ -438,7 +438,7 @@ public: > RefPtr<API::Navigation> loadFile(const String& fileURL, const String& resourceDirectoryURL, API::Object* userData = nullptr); > RefPtr<API::Navigation> loadData(API::Data*, const String& MIMEType, const String& encoding, const String& baseURL, API::Object* userData = nullptr); > RefPtr<API::Navigation> loadHTMLString(const String& htmlString, const String& baseURL, API::Object* userData = nullptr); >- void loadAlternateHTMLString(const String& htmlString, const WebCore::URL& baseURL, const WebCore::URL& unreachableURL, API::Object* userData = nullptr); >+ void loadAlternateHTMLString(const String& htmlString, const WebCore::URL& baseURL, const WebCore::URL& unreachableURL, API::Object* userData = nullptr, WebCore::LockBackForwardList = WebCore::LockBackForwardList::No); > void loadPlainTextString(const String&, API::Object* userData = nullptr); > void loadWebArchiveData(API::Data*, API::Object* userData = nullptr); > void navigateToPDFLinkWithSimulatedClick(const String& url, WebCore::IntPoint documentPoint, WebCore::IntPoint screenPoint); >diff --git a/Source/WebKit/WebKit.xcodeproj/project.pbxproj b/Source/WebKit/WebKit.xcodeproj/project.pbxproj >index 37550be0e0c1d7ddbd0592a9db80cd4ed0379acc..417c7f1cfa317db68ee404b533298d9971877f95 100644 >--- a/Source/WebKit/WebKit.xcodeproj/project.pbxproj >+++ b/Source/WebKit/WebKit.xcodeproj/project.pbxproj >@@ -1301,6 +1301,8 @@ > 75A8D2C9187CCFAF00C39C9E /* WKWebsiteDataStore.mm in Sources */ = {isa = PBXBuildFile; fileRef = 75A8D2C5187CCF9F00C39C9E /* WKWebsiteDataStore.mm */; }; > 75A8D2D6187D1C0E00C39C9E /* WKWebsiteDataStoreInternal.h in Headers */ = {isa = PBXBuildFile; fileRef = 75A8D2D4187D1C0100C39C9E /* WKWebsiteDataStoreInternal.h */; }; > 762B748D120BC75C00819339 /* WKPreferencesRefPrivate.h in Headers */ = {isa = PBXBuildFile; fileRef = 762B7484120BBA2D00819339 /* WKPreferencesRefPrivate.h */; settings = {ATTRIBUTES = (Private, ); }; }; >+ 7749087E208554C500072D86 /* SafeBrowsingController.h in Headers */ = {isa = PBXBuildFile; fileRef = 7749087D208554C500072D86 /* SafeBrowsingController.h */; }; >+ 774908822085562400072D86 /* SafeBrowsingController.mm in Sources */ = {isa = PBXBuildFile; fileRef = 774908812085562400072D86 /* SafeBrowsingController.mm */; }; > 7A1E2A851EEFE8920037A0E0 /* APINotificationProvider.h in Headers */ = {isa = PBXBuildFile; fileRef = 7A1E2A841EEFE88A0037A0E0 /* APINotificationProvider.h */; }; > 7A3ACE1B1EEEF79B00A864A4 /* APIInjectedBundlePageLoaderClient.h in Headers */ = {isa = PBXBuildFile; fileRef = 7A3ACE1A1EEEF78C00A864A4 /* APIInjectedBundlePageLoaderClient.h */; }; > 7A772C8D1DDD4A25000F34F1 /* com.apple.WebKit.plugin-common.sb in Copy Plug-in Sandbox Profiles */ = {isa = PBXBuildFile; fileRef = 7A1506721DD56298001F4B58 /* com.apple.WebKit.plugin-common.sb */; }; >@@ -3764,6 +3766,8 @@ > 75A8D2D4187D1C0100C39C9E /* WKWebsiteDataStoreInternal.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = WKWebsiteDataStoreInternal.h; sourceTree = "<group>"; }; > 762B7481120BBA0100819339 /* FontSmoothingLevel.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = FontSmoothingLevel.h; sourceTree = "<group>"; }; > 762B7484120BBA2D00819339 /* WKPreferencesRefPrivate.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = WKPreferencesRefPrivate.h; sourceTree = "<group>"; }; >+ 7749087D208554C500072D86 /* SafeBrowsingController.h */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; path = SafeBrowsingController.h; sourceTree = "<group>"; }; >+ 774908812085562400072D86 /* SafeBrowsingController.mm */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.cpp.objcpp; path = SafeBrowsingController.mm; sourceTree = "<group>"; }; > 7A1506721DD56298001F4B58 /* com.apple.WebKit.plugin-common.sb */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = text; path = "com.apple.WebKit.plugin-common.sb"; sourceTree = "<group>"; }; > 7A1E2A841EEFE88A0037A0E0 /* APINotificationProvider.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = APINotificationProvider.h; sourceTree = "<group>"; }; > 7A3ACE1A1EEEF78C00A864A4 /* APIInjectedBundlePageLoaderClient.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = APIInjectedBundlePageLoaderClient.h; sourceTree = "<group>"; }; >@@ -5513,6 +5517,8 @@ > CDA29A1E1CBEB5FB00901CCF /* PlaybackSessionManagerProxy.h */, > CDA29A221CBEB61A00901CCF /* PlaybackSessionManagerProxy.messages.in */, > CDA29A1F1CBEB5FB00901CCF /* PlaybackSessionManagerProxy.mm */, >+ 7749087D208554C500072D86 /* SafeBrowsingController.h */, >+ 774908812085562400072D86 /* SafeBrowsingController.mm */, > 1A002D47196B345D00B9AD44 /* SessionStateCoding.h */, > 1A002D46196B345D00B9AD44 /* SessionStateCoding.mm */, > 3157135C2040A9B20084F9CF /* SystemPreviewControllerCocoa.mm */, >@@ -9144,6 +9150,7 @@ > 51E6C1641F2935DD00FD3437 /* ResourceLoadStatisticsPersistentStorage.h in Headers */, > 1A30066E1110F4F70031937C /* ResponsivenessTimer.h in Headers */, > 410482CE1DDD324F00F006D0 /* RTCNetwork.h in Headers */, >+ 7749087E208554C500072D86 /* SafeBrowsingController.h in Headers */, > 0E97D74D200E900400BF6643 /* SafeBrowsingSPI.h in Headers */, > BC2D021712AC41CB00E732A3 /* SameDocumentNavigationType.h in Headers */, > 1AAB4A8D1296F0A20023952F /* SandboxExtension.h in Headers */, >@@ -10825,6 +10832,7 @@ > BC111B09112F5E3C00337BAB /* ResponsivenessTimer.cpp in Sources */, > 410482CD1DDD324C00F006D0 /* RTCNetwork.cpp in Sources */, > 41B28B0A1F83AD4200FB52AC /* RTCPacketOptions.cpp in Sources */, >+ 774908822085562400072D86 /* SafeBrowsingController.mm in Sources */, > 1AAB4AAA1296F1540023952F /* SandboxExtensionMac.mm in Sources */, > E1E552C416AE065F004ED653 /* SandboxInitialiationParametersMac.mm in Sources */, > E19BDA8B19368D4600B97F57 /* SandboxUtilities.mm in Sources */, >diff --git a/Source/WebKit/WebProcess/WebPage/WebPage.cpp b/Source/WebKit/WebProcess/WebPage/WebPage.cpp >index 45a2356f4d7511b50f1ad80c03a5e27ae741c06d..f5edf5073d2fd99bfbb9f4fc4d6e6733e0a228e4 100644 >--- a/Source/WebKit/WebProcess/WebPage/WebPage.cpp >+++ b/Source/WebKit/WebProcess/WebPage/WebPage.cpp >@@ -1277,7 +1277,7 @@ void WebPage::loadRequest(LoadParameters&& loadParameters) > ASSERT(!m_pendingNavigationID); > } > >-void WebPage::loadDataImpl(uint64_t navigationID, Ref<SharedBuffer>&& sharedBuffer, const String& MIMEType, const String& encodingName, const URL& baseURL, const URL& unreachableURL, const UserData& userData) >+void WebPage::loadDataImpl(uint64_t navigationID, Ref<SharedBuffer>&& sharedBuffer, const String& MIMEType, const String& encodingName, const URL& baseURL, const URL& unreachableURL, const UserData& userData, LockBackForwardList lockBackForwardList) > { > SendStopResponsivenessTimer stopper; > >@@ -1292,17 +1292,17 @@ void WebPage::loadDataImpl(uint64_t navigationID, Ref<SharedBuffer>&& sharedBuff > m_loaderClient->willLoadDataRequest(*this, request, const_cast<SharedBuffer*>(substituteData.content()), substituteData.mimeType(), substituteData.textEncoding(), substituteData.failingURL(), WebProcess::singleton().transformHandlesToObjects(userData.object()).get()); > > // Initate the load in WebCore. >- m_mainFrame->coreFrame()->loader().load(FrameLoadRequest(*m_mainFrame->coreFrame(), request, ShouldOpenExternalURLsPolicy::ShouldNotAllow, substituteData)); >+ m_mainFrame->coreFrame()->loader().load(FrameLoadRequest(*m_mainFrame->coreFrame(), request, ShouldOpenExternalURLsPolicy::ShouldNotAllow, substituteData, lockBackForwardList)); > } > >-void WebPage::loadStringImpl(uint64_t navigationID, const String& htmlString, const String& MIMEType, const URL& baseURL, const URL& unreachableURL, const UserData& userData) >+void WebPage::loadStringImpl(uint64_t navigationID, const String& htmlString, const String& MIMEType, const URL& baseURL, const URL& unreachableURL, const UserData& userData, LockBackForwardList lockBackForwardList) > { > if (!htmlString.isNull() && htmlString.is8Bit()) { > auto sharedBuffer = SharedBuffer::create(reinterpret_cast<const char*>(htmlString.characters8()), htmlString.length() * sizeof(LChar)); >- loadDataImpl(navigationID, WTFMove(sharedBuffer), MIMEType, ASCIILiteral("latin1"), baseURL, unreachableURL, userData); >+ loadDataImpl(navigationID, WTFMove(sharedBuffer), MIMEType, ASCIILiteral("latin1"), baseURL, unreachableURL, userData, lockBackForwardList); > } else { > auto sharedBuffer = SharedBuffer::create(reinterpret_cast<const char*>(htmlString.characters16()), htmlString.length() * sizeof(UChar)); >- loadDataImpl(navigationID, WTFMove(sharedBuffer), MIMEType, ASCIILiteral("utf-16"), baseURL, unreachableURL, userData); >+ loadDataImpl(navigationID, WTFMove(sharedBuffer), MIMEType, ASCIILiteral("utf-16"), baseURL, unreachableURL, userData, lockBackForwardList); > } > } > >@@ -1331,7 +1331,7 @@ void WebPage::loadAlternateHTMLString(const LoadParameters& loadParameters) > URL unreachableURL = loadParameters.unreachableURLString.isEmpty() ? URL() : URL(URL(), loadParameters.unreachableURLString); > URL provisionalLoadErrorURL = loadParameters.provisionalLoadErrorURLString.isEmpty() ? URL() : URL(URL(), loadParameters.provisionalLoadErrorURLString); > m_mainFrame->coreFrame()->loader().setProvisionalLoadErrorBeingHandledURL(provisionalLoadErrorURL); >- loadStringImpl(0, loadParameters.string, ASCIILiteral("text/html"), baseURL, unreachableURL, loadParameters.userData); >+ loadStringImpl(loadParameters.navigationID, loadParameters.string, ASCIILiteral("text/html"), baseURL, unreachableURL, loadParameters.userData, loadParameters.lockBackForwardList); > m_mainFrame->coreFrame()->loader().setProvisionalLoadErrorBeingHandledURL({ }); > } > >diff --git a/Source/WebKit/WebProcess/WebPage/WebPage.h b/Source/WebKit/WebProcess/WebPage/WebPage.h >index 4da75aea52a35ef66cf1a9996084372dce3d22ef..53df0705c387529ea057e76ea6fa90852718a74d 100644 >--- a/Source/WebKit/WebProcess/WebPage/WebPage.h >+++ b/Source/WebKit/WebProcess/WebPage/WebPage.h >@@ -1149,8 +1149,8 @@ private: > > String sourceForFrame(WebFrame*); > >- void loadDataImpl(uint64_t navigationID, Ref<WebCore::SharedBuffer>&&, const String& MIMEType, const String& encodingName, const WebCore::URL& baseURL, const WebCore::URL& failingURL, const UserData&); >- void loadStringImpl(uint64_t navigationID, const String&, const String& MIMEType, const WebCore::URL& baseURL, const WebCore::URL& failingURL, const UserData&); >+ void loadDataImpl(uint64_t navigationID, Ref<WebCore::SharedBuffer>&&, const String& MIMEType, const String& encodingName, const WebCore::URL& baseURL, const WebCore::URL& failingURL, const UserData&, WebCore::LockBackForwardList = WebCore::LockBackForwardList::No); >+ void loadStringImpl(uint64_t navigationID, const String&, const String& MIMEType, const WebCore::URL& baseURL, const WebCore::URL& failingURL, const UserData&, WebCore::LockBackForwardList = WebCore::LockBackForwardList::No); > > bool platformHasLocalDataForURL(const WebCore::URL&); > >diff --git a/Tools/ChangeLog b/Tools/ChangeLog >index 9a4a47e364e8620daa422778c13e5ed1477d005a..e3a6bb1992aa1900c679737637fbec2c25169055 100644 >--- a/Tools/ChangeLog >+++ b/Tools/ChangeLog >@@ -1,3 +1,18 @@ >+2018-05-16 Ali Juma <ajuma@chromium.org> >+ >+ Use SafeBrowsing in WKWebView >+ https://bugs.webkit.org/show_bug.cgi?id=181804 >+ >+ Reviewed by NOBODY (OOPS!). >+ >+ Enable SafeBrowsing in MiniBrowser. >+ >+ * MiniBrowser/MiniBrowser.entitlements: >+ * MiniBrowser/mac/AppDelegate.m: >+ (defaultConfiguration): >+ * MiniBrowser/mac/WK2BrowserWindowController.m: >+ (-[WK2BrowserWindowController webView:decidePolicyForSafeBrowsingResultForNavigationAction:decisionHandler:]): >+ > 2018-05-14 Yusuke Suzuki <utatane.tea@gmail.com> > > [Win] Use C++17 in MSVC >diff --git a/Tools/MiniBrowser/MiniBrowser.entitlements b/Tools/MiniBrowser/MiniBrowser.entitlements >index ea26ab2421009df705a6b9f01bcd33b3f8975752..a72c4ce64dac6ef0d16770e8faee48c23a9ff5f0 100644 >--- a/Tools/MiniBrowser/MiniBrowser.entitlements >+++ b/Tools/MiniBrowser/MiniBrowser.entitlements >@@ -4,6 +4,8 @@ > <dict> > <key>com.apple.security.app-sandbox</key> > <true/> >+ <key>com.apple.security.temporary-exception.mach-lookup.global-name</key> >+ <string>com.apple.Safari.SafeBrowsing.Service</string> > <key>com.apple.security.network.client</key> > <true/> > <key>com.apple.security.temporary-exception.files.absolute-path.read-only</key> >diff --git a/Tools/MiniBrowser/mac/AppDelegate.m b/Tools/MiniBrowser/mac/AppDelegate.m >index 3a369a409c4bcda75a1136c1123a0863d5770ea7..b24c78dd79ce7194e6e3483b661b0bd8a564e079 100644 >--- a/Tools/MiniBrowser/mac/AppDelegate.m >+++ b/Tools/MiniBrowser/mac/AppDelegate.m >@@ -93,6 +93,7 @@ - (void)awakeFromNib > configuration = [[WKWebViewConfiguration alloc] init]; > configuration.preferences._fullScreenEnabled = YES; > configuration.preferences._developerExtrasEnabled = YES; >+ configuration.preferences.safeBrowsingEnabled = YES; > > _WKProcessPoolConfiguration *processConfiguration = [[[_WKProcessPoolConfiguration alloc] init] autorelease]; > processConfiguration.diskCacheSpeculativeValidationEnabled = ![SettingsController shared].networkCacheSpeculativeRevalidationDisabled; >diff --git a/Tools/MiniBrowser/mac/WK2BrowserWindowController.m b/Tools/MiniBrowser/mac/WK2BrowserWindowController.m >index 3ead630a78928a19ffecbedbf5155d516bb88c1a..7a5b955562299a1e6f05ad20238f3da80260a2d6 100644 >--- a/Tools/MiniBrowser/mac/WK2BrowserWindowController.m >+++ b/Tools/MiniBrowser/mac/WK2BrowserWindowController.m >@@ -641,6 +641,11 @@ - (void)webView:(WKWebView *)webView decidePolicyForNavigationAction:(WKNavigati > decisionHandler(WKNavigationActionPolicyCancel); > } > >+- (void)webView:(WKWebView *)webView decidePolicyForSafeBrowsingResultForNavigationAction:(WKNavigationAction *)navigationAction decisionHandler:(void (^)(WKSafeBrowsingResultPolicy))decisionHandler >+{ >+ decisionHandler(WKSafeBrowsingResultPolicyCancelAndShowWarning); >+} >+ > - (void)webView:(WKWebView *)webView decidePolicyForNavigationResponse:(WKNavigationResponse *)navigationResponse decisionHandler:(void (^)(WKNavigationResponsePolicy))decisionHandler > { > LOG(@"decidePolicyForNavigationResponse");
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=340514">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Formatted Diff
|
Diff
Attachments on
bug 185273
:
339558
|
339580
|
339730
|
340500
|
340514
|
340519
|
341674
|
341677
|
342442
|
342444
|
342446
|
342459
|
342555
|
342591
|
342674
|
342682
|
342977
|
343043
|
343090
|
344296
|
344297