WebKit Bugzilla
Attachment 343090 Details for
Bug 185273
: Use SafeBrowsing in WKWebView
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
Patch
bug-185273-20180619162830.patch (text/plain), 77.49 KB, created by
Ali Juma
on 2018-06-19 13:28:32 PDT
(
hide
)
Description:
Patch
Filename:
MIME Type:
Creator:
Ali Juma
Created:
2018-06-19 13:28:32 PDT
Size:
77.49 KB
patch
obsolete
>Subversion Revision: 232943 >diff --git a/Source/WebCore/ChangeLog b/Source/WebCore/ChangeLog >index ba6e2d713a2fc4b694a8b42524bc1f971cf08b45..fa886edb1486069b262bda8cf88b31f6c9e263c2 100644 >--- a/Source/WebCore/ChangeLog >+++ b/Source/WebCore/ChangeLog >@@ -1,3 +1,21 @@ >+2018-06-19 Ali Juma <ajuma@chromium.org> >+ >+ Use SafeBrowsing in WKWebView >+ https://bugs.webkit.org/show_bug.cgi?id=181804 >+ >+ Reviewed by NOBODY (OOPS!). >+ >+ Add a setting for WKWebView SafeBrowsing. >+ >+ New API tests: WebKit.SafeBrowsingForSafePage >+ WebKit.SafeBrowsingForUnsafePage >+ WebKit.SafeBrowsingForUnsafePageBackForward >+ WebKit.SafeBrowsingForUnsafePageCancelNavigation >+ WebKit.SafeBrowsingForUnsafePageRedirect >+ WebKit.SafeBrowsingForUnsafeSubframe >+ >+ * page/Settings.yaml: >+ > 2018-06-18 Youenn Fablet <youenn@apple.com> > > Expose RTCPeerConnectionIceEventInit constructor >diff --git a/Source/WebKit/ChangeLog b/Source/WebKit/ChangeLog >index 34429f3a236e2febcafd829521ed434841343c19..d7c4d808d203c6da116590ae8d7ca35f7e7e2429 100644 >--- a/Source/WebKit/ChangeLog >+++ b/Source/WebKit/ChangeLog >@@ -1,3 +1,56 @@ >+2018-06-19 Ali Juma <ajuma@chromium.org> >+ >+ Use SafeBrowsing in WKWebView >+ https://bugs.webkit.org/show_bug.cgi?id=181804 >+ >+ Reviewed by NOBODY (OOPS!). >+ >+ In parallel with asking the embedder to decidePolicyForNavigationAction, >+ perform a SafeBrowsing look-up. If the embedder's decision is to proceed, >+ but the SafeBrowsing look-up finds that the URL is unsafe, cancel the >+ navigation and load a warning page. >+ >+ Add a new safeBrowsingEnabled WKPreference for this new behavior, disabled >+ by default. >+ >+ Add a SafeBrowsingContextProvider for switching between the system-provided >+ SSBLookupContext and the test-only _WKSafeBrowsingLookupContext. >+ >+ * Shared/WebPreferences.yaml: >+ * UIProcess/API/Cocoa/WKPreferences.h: >+ * UIProcess/API/Cocoa/WKPreferences.mm: >+ (-[WKPreferences encodeWithCoder:]): >+ (-[WKPreferences initWithCoder:]): >+ (-[WKPreferences safeBrowsingEnabled]): >+ (-[WKPreferences setSafeBrowsingEnabled:]): >+ * UIProcess/API/Cocoa/WKWebView.mm: >+ * UIProcess/API/Cocoa/WKWebViewConfiguration.mm: >+ (-[WKWebViewConfiguration init]): >+ (-[WKWebViewConfiguration copyWithZone:]): >+ (-[WKWebViewConfiguration _useTestSafeBrowsingContext]): >+ (-[WKWebViewConfiguration _setUseTestSafeBrowsingContext:]): >+ * UIProcess/API/Cocoa/WKWebViewConfigurationPrivate.h: >+ * UIProcess/Cocoa/NavigationState.h: >+ * UIProcess/Cocoa/NavigationState.mm: >+ (WebKit::NavigationState::NavigationState): >+ (WebKit::NavigationState::NavigationClient::decidePolicyForNavigationAction): >+ (WebKit::NavigationState::NavigationClient::decidePolicyForNavigationActionInternal): >+ * UIProcess/Cocoa/SafeBrowsingContextProvider.h: Added. >+ * UIProcess/Cocoa/SafeBrowsingContextProvider.mm: Added. >+ (+[_WKSafeBrowsingTestLookupContext sharedLookupContext]): >+ (-[_WKSafeBrowsingTestLookupContext lookUpURL:completionHandler:]): >+ (WebKit::SafeBrowsingContextProvider::sharedLookupContext): >+ * UIProcess/Cocoa/SafeBrowsingController.h: Added. >+ (WebKit::SafeBrowsingController::SafeBrowsingCheck::SafeBrowsingCheck): >+ * UIProcess/Cocoa/SafeBrowsingController.mm: Added. >+ (WebKit::SafeBrowsingController::SafeBrowsingController): >+ (WebKit::SafeBrowsingController::~SafeBrowsingController): >+ (WebKit::SafeBrowsingController::checkURL): >+ (WebKit::SafeBrowsingController::receivedNavigationPolicyDecision): >+ (WebKit::SafeBrowsingController::receivedSafeBrowsingResult): >+ (WebKit::SafeBrowsingController::maybeFinishedCheck): >+ * WebKit.xcodeproj/project.pbxproj: >+ > 2018-06-18 Jiewen Tan <jiewen_tan@apple.com> > > Add a graceful exit for AuthenticationManager::initializeConnection >diff --git a/Source/WebCore/page/Settings.yaml b/Source/WebCore/page/Settings.yaml >index dd9ed86fa1554cf7d76e49a1fe9667112ee6609a..a5716ea81b9a6d710b570b065671314241425dc4 100644 >--- a/Source/WebCore/page/Settings.yaml >+++ b/Source/WebCore/page/Settings.yaml >@@ -689,6 +689,9 @@ shouldAllowUserInstalledFonts: > initial: true > onChange: setNeedsRecalcStyleInAllFrames > >+safeBrowsingEnabled: >+ initial: false >+ > # Only set by Layout Tests. > mediaTypeOverride: > type: String >diff --git a/Source/WebKit/Shared/WebPreferences.yaml b/Source/WebKit/Shared/WebPreferences.yaml >index d370f59a76d502338af021f5505e1496f9d0bd2e..3900f485b5cc1157560fee413c4b4a8063f6bad9 100644 >--- a/Source/WebKit/Shared/WebPreferences.yaml >+++ b/Source/WebKit/Shared/WebPreferences.yaml >@@ -1066,6 +1066,10 @@ SystemPreviewEnabled: > webcoreBinding: RuntimeEnabledFeatures > condition: USE(SYSTEM_PREVIEW) > >+SafeBrowsingEnabled: >+ type: bool >+ defaultValue: false >+ > # For experimental features: > # The type should be boolean. > # You must provide a humanReadableName and humanReadableName for all experimental features. They >diff --git a/Source/WebKit/UIProcess/API/Cocoa/WKPreferences.h b/Source/WebKit/UIProcess/API/Cocoa/WKPreferences.h >index e35b7192c0b666ebff50f46f605c630a129db931..51334e7158526eb51d282b91811f91b7f923b598 100644 >--- a/Source/WebKit/UIProcess/API/Cocoa/WKPreferences.h >+++ b/Source/WebKit/UIProcess/API/Cocoa/WKPreferences.h >@@ -53,6 +53,12 @@ WK_CLASS_AVAILABLE(macosx(10.10), ios(8.0)) > */ > @property (nonatomic) BOOL javaScriptCanOpenWindowsAutomatically; > >+/*! @abstract A Boolean value indicating whether the WKWebView should perform SafeBrowsing checks >+ before navigating to a URL. >+ @discussion The default value is NO. >+ */ >+@property (nonatomic) BOOL safeBrowsingEnabled WK_API_AVAILABLE(macosx(WK_MAC_TBA), ios(WK_IOS_TBA)); >+ > #if !TARGET_OS_IPHONE > /*! @abstract A Boolean value indicating whether Java is enabled. > @discussion The default value is NO. >diff --git a/Source/WebKit/UIProcess/API/Cocoa/WKPreferences.mm b/Source/WebKit/UIProcess/API/Cocoa/WKPreferences.mm >index 5fc0bc5a73af08d6188b1618cae1c79f5eddf42f..b3286d21a2ead2744ba1724b6da4632fa1b0a307 100644 >--- a/Source/WebKit/UIProcess/API/Cocoa/WKPreferences.mm >+++ b/Source/WebKit/UIProcess/API/Cocoa/WKPreferences.mm >@@ -68,6 +68,7 @@ - (void)encodeWithCoder:(NSCoder *)coder > [coder encodeDouble:self.minimumFontSize forKey:@"minimumFontSize"]; > [coder encodeBool:self.javaScriptEnabled forKey:@"javaScriptEnabled"]; > [coder encodeBool:self.javaScriptCanOpenWindowsAutomatically forKey:@"javaScriptCanOpenWindowsAutomatically"]; >+ [coder encodeBool:self.safeBrowsingEnabled forKey:@"safeBrowsingEnabled"]; > > #if PLATFORM(MAC) > [coder encodeBool:self.javaEnabled forKey:@"javaEnabled"]; >@@ -84,6 +85,7 @@ - (instancetype)initWithCoder:(NSCoder *)coder > self.minimumFontSize = [coder decodeDoubleForKey:@"minimumFontSize"]; > self.javaScriptEnabled = [coder decodeBoolForKey:@"javaScriptEnabled"]; > self.javaScriptCanOpenWindowsAutomatically = [coder decodeBoolForKey:@"javaScriptCanOpenWindowsAutomatically"]; >+ self.safeBrowsingEnabled = [coder decodeBoolForKey:@"safeBrowsingEnabled"]; > > #if PLATFORM(MAC) > self.javaEnabled = [coder decodeBoolForKey:@"javaEnabled"]; >@@ -139,6 +141,16 @@ - (void)_setStorageAccessPromptsEnabled:(BOOL)enabled > _preferences->setStorageAccessPromptsEnabled(enabled); > } > >+- (BOOL)safeBrowsingEnabled >+{ >+ return _preferences->safeBrowsingEnabled(); >+} >+ >+- (void)setSafeBrowsingEnabled:(BOOL)safeBrowsingEnabled >+{ >+ _preferences->setSafeBrowsingEnabled(safeBrowsingEnabled); >+} >+ > #pragma mark OS X-specific methods > > #if PLATFORM(MAC) >diff --git a/Source/WebKit/UIProcess/API/Cocoa/WKWebView.mm b/Source/WebKit/UIProcess/API/Cocoa/WKWebView.mm >index 33445e647853f107ea546ed947ea43bdf0977d65..8d7c26a7889bcc0553d7576b73dec57ecb671777 100644 >--- a/Source/WebKit/UIProcess/API/Cocoa/WKWebView.mm >+++ b/Source/WebKit/UIProcess/API/Cocoa/WKWebView.mm >@@ -46,6 +46,7 @@ > #import "RemoteLayerTreeTransaction.h" > #import "RemoteObjectRegistry.h" > #import "RemoteObjectRegistryMessages.h" >+#import "SafeBrowsingContextProvider.h" > #import "UIDelegate.h" > #import "UserMediaProcessManager.h" > #import "VersionChecks.h" >diff --git a/Source/WebKit/UIProcess/API/Cocoa/WKWebViewConfiguration.mm b/Source/WebKit/UIProcess/API/Cocoa/WKWebViewConfiguration.mm >index 7cd12c8190dff8bddfcd75458a025686f3fa9a6b..9a0adb82119d048d82ddc49da6d1f5c7c6ba8989 100644 >--- a/Source/WebKit/UIProcess/API/Cocoa/WKWebViewConfiguration.mm >+++ b/Source/WebKit/UIProcess/API/Cocoa/WKWebViewConfiguration.mm >@@ -167,6 +167,7 @@ @implementation WKWebViewConfiguration { > RetainPtr<NSString> _mediaContentTypesRequiringHardwareSupport; > > BOOL _colorFilterEnabled; >+ BOOL _useTestSafeBrowsingContext; > } > > - (instancetype)init >@@ -248,6 +249,7 @@ - (instancetype)init > _allowMediaContentTypesRequiringHardwareSupportAsFallback = YES; > > _colorFilterEnabled = NO; >+ _useTestSafeBrowsingContext = NO; > > return self; > } >@@ -407,6 +409,7 @@ - (id)copyWithZone:(NSZone *)zone > > configuration->_groupIdentifier = adoptNS([self->_groupIdentifier copyWithZone:zone]); > configuration->_colorFilterEnabled = self->_colorFilterEnabled; >+ configuration->_useTestSafeBrowsingContext = self->_useTestSafeBrowsingContext; > > return configuration; > } >@@ -766,6 +769,16 @@ - (void)_setColorFilterEnabled:(BOOL)colorFilterEnabled > _colorFilterEnabled = colorFilterEnabled; > } > >+- (BOOL)_useTestSafeBrowsingContext >+{ >+ return _useTestSafeBrowsingContext; >+} >+ >+- (void)_setUseTestSafeBrowsingContext:(BOOL)useTestSafeBrowsingContext >+{ >+ _useTestSafeBrowsingContext = useTestSafeBrowsingContext; >+} >+ > - (BOOL)_requiresUserActionForVideoPlayback > { > return self.mediaTypesRequiringUserActionForPlayback & WKAudiovisualMediaTypeVideo; >diff --git a/Source/WebKit/UIProcess/API/Cocoa/WKWebViewConfigurationPrivate.h b/Source/WebKit/UIProcess/API/Cocoa/WKWebViewConfigurationPrivate.h >index bd04920b11293ac80c2a067d1982698cc0923f01..b0f3e5a5ee43e301232d3f2844ffbfed3a61bbb4 100644 >--- a/Source/WebKit/UIProcess/API/Cocoa/WKWebViewConfigurationPrivate.h >+++ b/Source/WebKit/UIProcess/API/Cocoa/WKWebViewConfigurationPrivate.h >@@ -71,6 +71,7 @@ typedef NS_ENUM(NSUInteger, _WKDragLiftDelay) { > @property (nonatomic, setter=_setControlledByAutomation:, getter=_isControlledByAutomation) BOOL _controlledByAutomation WK_API_AVAILABLE(macosx(10.12.3), ios(10.3)); > @property (nonatomic, setter=_setApplicationManifest:) _WKApplicationManifest *_applicationManifest WK_API_AVAILABLE(macosx(10.13.4), ios(11.3)); > @property (nonatomic, setter=_setColorFilterEnabled:) BOOL _colorFilterEnabled WK_API_AVAILABLE(macosx(WK_MAC_TBA), ios(WK_IOS_TBA)); >+@property (nonatomic, setter=_setUseTestSafeBrowsingContext:) BOOL _useTestSafeBrowsingContext WK_API_AVAILABLE(macosx(WK_MAC_TBA), ios(WK_IOS_TBA)); > > #if TARGET_OS_IPHONE > @property (nonatomic, setter=_setAlwaysRunsAtForegroundPriority:) BOOL _alwaysRunsAtForegroundPriority WK_API_AVAILABLE(ios(9_0)); >diff --git a/Source/WebKit/UIProcess/Cocoa/NavigationState.h b/Source/WebKit/UIProcess/Cocoa/NavigationState.h >index 2bfe65c8beb1130cc5300ab6e252998fe3d1eb03..4202f9f4979790394ccda1c95c0b9b60520cb395 100644 >--- a/Source/WebKit/UIProcess/Cocoa/NavigationState.h >+++ b/Source/WebKit/UIProcess/Cocoa/NavigationState.h >@@ -34,6 +34,7 @@ > #import "PageLoadState.h" > #import "ProcessTerminationReason.h" > #import "ProcessThrottler.h" >+#import "WKNavigationDelegatePrivate.h" > #import <wtf/RetainPtr.h> > #import <wtf/RunLoop.h> > #import <wtf/WeakObjCPtr.h> >@@ -52,6 +53,7 @@ struct SecurityOriginData; > > namespace WebKit { > >+class SafeBrowsingController; > struct WebNavigationDataStore; > > class NavigationState final : private PageLoadState::Observer { >@@ -137,6 +139,8 @@ private: > void decidePolicyForNavigationAction(WebPageProxy&, Ref<API::NavigationAction>&&, Ref<WebFramePolicyListenerProxy>&&, API::Object* userData) override; > void decidePolicyForNavigationResponse(WebPageProxy&, Ref<API::NavigationResponse>&&, Ref<WebFramePolicyListenerProxy>&&, API::Object* userData) override; > >+ void decidePolicyForNavigationActionInternal(WebPageProxy&, Ref<API::NavigationAction>&&, WTF::Function<void(WKNavigationActionPolicy, std::optional<WebsitePoliciesData>&&)>&& completionHandler, API::Object* userData); >+ > NavigationState& m_navigationState; > }; > >@@ -182,6 +186,7 @@ private: > > WKWebView *m_webView; > WeakObjCPtr<id <WKNavigationDelegate> > m_navigationDelegate; >+ std::unique_ptr<SafeBrowsingController> m_safeBrowsingController; > > struct { > bool webViewDecidePolicyForNavigationActionDecisionHandler : 1; >diff --git a/Source/WebKit/UIProcess/Cocoa/NavigationState.mm b/Source/WebKit/UIProcess/Cocoa/NavigationState.mm >index 6f07ee13b6dc4e349be557f7bcd1bea1b2d84987..70dce64b3207d9e6d9d97ded5d5966e5452ea907 100644 >--- a/Source/WebKit/UIProcess/Cocoa/NavigationState.mm >+++ b/Source/WebKit/UIProcess/Cocoa/NavigationState.mm >@@ -39,6 +39,7 @@ > #import "Logging.h" > #import "NavigationActionData.h" > #import "PageLoadState.h" >+#import "SafeBrowsingController.h" > #import "WKBackForwardListInternal.h" > #import "WKBackForwardListItemInternal.h" > #import "WKFrameInfoInternal.h" >@@ -105,6 +106,7 @@ NavigationState::NavigationState(WKWebView *webView) > > navigationStates().add(m_webView->_page.get(), this); > m_webView->_page->pageLoadState().addObserver(*this); >+ m_safeBrowsingController = std::make_unique<SafeBrowsingController>(webView); > } > > NavigationState::~NavigationState() >@@ -478,29 +480,37 @@ static void tryAppLink(Ref<API::NavigationAction>&& navigationAction, const Stri > void NavigationState::NavigationClient::decidePolicyForNavigationAction(WebPageProxy& webPageProxy, Ref<API::NavigationAction>&& navigationAction, Ref<WebFramePolicyListenerProxy>&& listener, API::Object* userInfo) > { > ASSERT(webPageProxy.mainFrame()); >+ auto policyDecider = [&webPageProxy, navigationAction = navigationAction.copyRef(), userInfo, this] (WTF::Function<void(WKNavigationActionPolicy, std::optional<WebsitePoliciesData>&&)>&& completionHandler) mutable { >+ decidePolicyForNavigationActionInternal(webPageProxy, WTFMove(navigationAction), WTFMove(completionHandler), userInfo); >+ }; >+ m_navigationState.m_safeBrowsingController->checkURL(WTFMove(navigationAction), WTFMove(policyDecider), WTFMove(listener)); >+} >+ >+void NavigationState::NavigationClient::decidePolicyForNavigationActionInternal(WebPageProxy& webPageProxy, Ref<API::NavigationAction>&& navigationAction, WTF::Function<void(WKNavigationActionPolicy, std::optional<WebsitePoliciesData>&&)>&& completionHandler, API::Object* userInfo) >+{ > String mainFrameURLString = webPageProxy.mainFrame()->url(); > bool subframeNavigation = navigationAction->targetFrame() && !navigationAction->targetFrame()->isMainFrame(); > > if (!m_navigationState.m_navigationDelegateMethods.webViewDecidePolicyForNavigationActionDecisionHandler > && !m_navigationState.m_navigationDelegateMethods.webViewDecidePolicyForNavigationActionDecisionHandlerWebsitePolicies > && !m_navigationState.m_navigationDelegateMethods.webViewDecidePolicyForNavigationActionUserInfoDecisionHandlerWebsitePolicies) { >- auto completionHandler = [webPage = makeRef(webPageProxy), listener = WTFMove(listener), navigationAction = navigationAction.copyRef()] (bool followedLinkToApp) { >+ auto localCompletionHandler = [webPage = makeRef(webPageProxy), completionHandler = WTFMove(completionHandler), navigationAction = navigationAction.copyRef()] (bool followedLinkToApp) { > if (followedLinkToApp) { >- listener->ignore(); >+ completionHandler(WKNavigationActionPolicyCancel, std::nullopt); > return; > } > > if (!navigationAction->targetFrame()) { >- listener->use(std::nullopt); >+ completionHandler(WKNavigationActionPolicyAllow, std::nullopt); > return; > } > > RetainPtr<NSURLRequest> nsURLRequest = adoptNS(wrapper(API::URLRequest::create(navigationAction->request()).leakRef())); > if ([NSURLConnection canHandleRequest:nsURLRequest.get()] || webPage->urlSchemeHandlerForScheme([nsURLRequest URL].scheme)) { > if (navigationAction->shouldPerformDownload()) >- listener->download(); >+ completionHandler(_WKNavigationActionPolicyDownload, std::nullopt); > else >- listener->use(std::nullopt); >+ completionHandler(WKNavigationActionPolicyAllow, std::nullopt); > return; > } > >@@ -510,9 +520,9 @@ void NavigationState::NavigationClient::decidePolicyForNavigationAction(WebPageP > if (![[nsURLRequest URL] isFileURL]) > [[NSWorkspace sharedWorkspace] openURL:[nsURLRequest URL]]; > #endif >- listener->ignore(); >+ completionHandler(WKNavigationActionPolicyCancel, std::nullopt); > }; >- tryAppLink(WTFMove(navigationAction), mainFrameURLString, WTFMove(completionHandler)); >+ tryAppLink(WTFMove(navigationAction), mainFrameURLString, WTFMove(localCompletionHandler)); > return; > } > >@@ -524,7 +534,7 @@ void NavigationState::NavigationClient::decidePolicyForNavigationAction(WebPageP > > auto checker = CompletionHandlerCallChecker::create(navigationDelegate.get(), delegateHasWebsitePolicies ? @selector(_webView:decidePolicyForNavigationAction:decisionHandler:) : @selector(webView:decidePolicyForNavigationAction:decisionHandler:)); > >- auto decisionHandlerWithPolicies = [localListener = WTFMove(listener), navigationAction = navigationAction.copyRef(), checker = WTFMove(checker), mainFrameURLString, webPageProxy = makeRef(webPageProxy), subframeNavigation](WKNavigationActionPolicy actionPolicy, _WKWebsitePolicies *websitePolicies) mutable { >+ auto decisionHandlerWithPolicies = [localCompletionHandler = WTFMove(completionHandler), navigationAction = navigationAction.copyRef(), checker = WTFMove(checker), mainFrameURLString, webPageProxy = makeRef(webPageProxy), subframeNavigation](WKNavigationActionPolicy actionPolicy, _WKWebsitePolicies *websitePolicies) mutable { > if (checker->completionHandlerHasBeenCalled()) > return; > checker->didCallCompletionHandler(); >@@ -545,30 +555,30 @@ void NavigationState::NavigationClient::decidePolicyForNavigationAction(WebPageP > > switch (actionPolicy) { > case WKNavigationActionPolicyAllow: >- tryAppLink(WTFMove(navigationAction), mainFrameURLString, [localListener = WTFMove(localListener), data = WTFMove(data)](bool followedLinkToApp) mutable { >+ tryAppLink(WTFMove(navigationAction), mainFrameURLString, [localCompletionHandler = WTFMove(localCompletionHandler), data = WTFMove(data)](bool followedLinkToApp) mutable { > if (followedLinkToApp) { >- localListener->ignore(); >+ localCompletionHandler(WKNavigationActionPolicyCancel, std::nullopt); > return; > } > >- localListener->use(WTFMove(data)); >+ localCompletionHandler(WKNavigationActionPolicyAllow, WTFMove(data)); > }); > > break; > > case WKNavigationActionPolicyCancel: >- localListener->ignore(); >+ localCompletionHandler(WKNavigationActionPolicyCancel, std::nullopt); > break; > > // FIXME: Once we have a new enough compiler everywhere we don't need to ignore -Wswitch. > #pragma clang diagnostic push > #pragma clang diagnostic ignored "-Wswitch" > case _WKNavigationActionPolicyDownload: >- localListener->download(); >+ localCompletionHandler(_WKNavigationActionPolicyDownload, std::nullopt); > break; > case _WKNavigationActionPolicyAllowWithoutTryingAppLink: > #pragma clang diagnostic pop >- localListener->use(WTFMove(data)); >+ localCompletionHandler(WKNavigationActionPolicyAllow, WTFMove(data)); > break; > } > }; >diff --git a/Source/WebKit/UIProcess/Cocoa/SafeBrowsingContextProvider.h b/Source/WebKit/UIProcess/Cocoa/SafeBrowsingContextProvider.h >new file mode 100644 >index 0000000000000000000000000000000000000000..04688b7ba19b900060d5d92469138e432cb52f23 >--- /dev/null >+++ b/Source/WebKit/UIProcess/Cocoa/SafeBrowsingContextProvider.h >@@ -0,0 +1,48 @@ >+/* >+ * Copyright (C) 2018 Google LLC. All rights reserved. >+ * >+ * Redistribution and use in source and binary forms, with or without >+ * modification, are permitted provided that the following conditions >+ * are met: >+ * 1. Redistributions of source code must retain the above copyright >+ * notice, this list of conditions and the following disclaimer. >+ * 2. Redistributions in binary form must reproduce the above copyright >+ * notice, this list of conditions and the following disclaimer in the >+ * documentation and/or other materials provided with the distribution. >+ * >+ * THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS'' >+ * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, >+ * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR >+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS >+ * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR >+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF >+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS >+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN >+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) >+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF >+ * THE POSSIBILITY OF SUCH DAMAGE. >+ */ >+ >+#pragma once >+ >+#if (PLATFORM(MAC) && __MAC_OS_X_VERSION_MIN_REQUIRED >= 101300) || (PLATFORM(IOS) && __IPHONE_OS_VERSION_MIN_REQUIRED >= 110000) >+ >+#import "WKFoundation.h" >+ >+#if WK_API_ENABLED >+ >+@class SSBLookupContext; >+@class WKWebView; >+ >+namespace WebKit { >+ >+class SafeBrowsingContextProvider { >+public: >+ static SSBLookupContext* sharedLookupContext(WKWebView*); >+}; >+ >+} // namespace WebKit >+ >+#endif // WK_API_ENABLED >+ >+#endif >diff --git a/Source/WebKit/UIProcess/Cocoa/SafeBrowsingContextProvider.mm b/Source/WebKit/UIProcess/Cocoa/SafeBrowsingContextProvider.mm >new file mode 100644 >index 0000000000000000000000000000000000000000..40c829ad05936328b3be0051c1bcc57bd15d6756 >--- /dev/null >+++ b/Source/WebKit/UIProcess/Cocoa/SafeBrowsingContextProvider.mm >@@ -0,0 +1,89 @@ >+/* >+ * Copyright (C) 2018 Google LLC. All rights reserved. >+ * >+ * Redistribution and use in source and binary forms, with or without >+ * modification, are permitted provided that the following conditions >+ * are met: >+ * 1. Redistributions of source code must retain the above copyright >+ * notice, this list of conditions and the following disclaimer. >+ * 2. Redistributions in binary form must reproduce the above copyright >+ * notice, this list of conditions and the following disclaimer in the >+ * documentation and/or other materials provided with the distribution. >+ * >+ * THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS'' >+ * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, >+ * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR >+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS >+ * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR >+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF >+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS >+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN >+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) >+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF >+ * THE POSSIBILITY OF SUCH DAMAGE. >+ */ >+ >+#import "config.h" >+ >+#if (PLATFORM(MAC) && __MAC_OS_X_VERSION_MIN_REQUIRED >= 101300) || (PLATFORM(IOS) && __IPHONE_OS_VERSION_MIN_REQUIRED >= 110000) >+#import "SafeBrowsingContextProvider.h" >+ >+#if WK_API_ENABLED >+ >+#import "SafeBrowsingSPI.h" >+#import "WKWebViewConfigurationPrivate.h" >+#import "WKWebViewInternal.h" >+ >+@interface _WKSafeBrowsingTestServiceLookupResult : SSBServiceLookupResult >+@property (nonatomic, readwrite, getter=isPhishing) BOOL phishing; >+@end >+ >+@implementation _WKSafeBrowsingTestServiceLookupResult >+@synthesize phishing=_phishing; >+@end >+ >+@interface _WKSafeBrowsingTestLookupContext : SSBLookupContext >++ (_WKSafeBrowsingTestLookupContext *)sharedLookupContext; >+- (void)lookUpURL:(NSURL *)URL completionHandler:(void (^)(SSBLookupResult *, NSError *))completionHandler; >+@end >+ >+@implementation _WKSafeBrowsingTestLookupContext >+ >++ (_WKSafeBrowsingTestLookupContext*) sharedLookupContext >+{ >+ static _WKSafeBrowsingTestLookupContext* sharedTestLookupContext; >+ static dispatch_once_t onceToken; >+ dispatch_once(&onceToken, ^{ >+ sharedTestLookupContext = [[self alloc] init]; >+ }); >+ >+ return sharedTestLookupContext; >+} >+ >+- (void)lookUpURL:(NSURL *)URL completionHandler:(void (^)(SSBLookupResult *, NSError *))completionHandler >+{ >+ SSBLookupResult* lookupResult = [[SSBLookupResult alloc] init]; >+ _WKSafeBrowsingTestServiceLookupResult* result = [[_WKSafeBrowsingTestServiceLookupResult alloc] init]; >+ if ([[URL absoluteString] isEqualToString:@"sb://host/phishing.html"]) >+ [result setPhishing:YES]; >+ NSArray<SSBServiceLookupResult *> *serviceLookupResults = [NSArray arrayWithObject:[result autorelease]]; >+ [lookupResult setValue:serviceLookupResults forKey:@"serviceLookupResults"]; >+ completionHandler([lookupResult autorelease], nil); >+} >+ >+@end >+ >+namespace WebKit { >+ >+SSBLookupContext* SafeBrowsingContextProvider::sharedLookupContext(WKWebView* webView) >+{ >+ if (webView.configuration._useTestSafeBrowsingContext) >+ return [_WKSafeBrowsingTestLookupContext sharedLookupContext]; >+ return [SSBLookupContext sharedLookupContext]; >+} >+ >+} // namespace WebKit >+ >+#endif // WK_API_ENABLED >+ >+#endif >diff --git a/Source/WebKit/UIProcess/Cocoa/SafeBrowsingController.h b/Source/WebKit/UIProcess/Cocoa/SafeBrowsingController.h >new file mode 100644 >index 0000000000000000000000000000000000000000..ff53a5d60c8fbba7739d6d9e7b7af0478441b63c >--- /dev/null >+++ b/Source/WebKit/UIProcess/Cocoa/SafeBrowsingController.h >@@ -0,0 +1,92 @@ >+/* >+ * Copyright (C) 2018 Google LLC. All rights reserved. >+ * >+ * Redistribution and use in source and binary forms, with or without >+ * modification, are permitted provided that the following conditions >+ * are met: >+ * 1. Redistributions of source code must retain the above copyright >+ * notice, this list of conditions and the following disclaimer. >+ * 2. Redistributions in binary form must reproduce the above copyright >+ * notice, this list of conditions and the following disclaimer in the >+ * documentation and/or other materials provided with the distribution. >+ * >+ * THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS'' >+ * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, >+ * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR >+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS >+ * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR >+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF >+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS >+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN >+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) >+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF >+ * THE POSSIBILITY OF SUCH DAMAGE. >+ */ >+ >+#pragma once >+ >+#import "WKFoundation.h" >+ >+#if WK_API_ENABLED >+ >+#import "WKNavigationDelegatePrivate.h" >+#import "WebsitePoliciesData.h" >+#import <WebCore/URL.h> >+#import <WebCore/URLHash.h> >+#import <wtf/HashSet.h> >+#import <wtf/WeakPtr.h> >+ >+@class WKWebView; >+ >+namespace API { >+class NavigationAction; >+} >+ >+namespace WebKit { >+ >+class WebFramePolicyListenerProxy; >+ >+class SafeBrowsingController { >+public: >+ explicit SafeBrowsingController(WKWebView *); >+ ~SafeBrowsingController(); >+ >+ using NavigationPolicyDecider = WTF::Function<void(WTF::Function<void(WKNavigationActionPolicy, std::optional<WebsitePoliciesData>&&)>&&)>; >+ >+ void checkURL(Ref<API::NavigationAction>&&, NavigationPolicyDecider&&, Ref<WebFramePolicyListenerProxy>&&); >+ >+private: >+ enum class SafeBrowsingResult { Safe, Unsafe }; >+ struct SafeBrowsingCheck { >+ SafeBrowsingCheck(Ref<WebFramePolicyListenerProxy>&& listener, Ref<API::NavigationAction>&& navigationAction) >+ : listener(WTFMove(listener)) >+ , navigationAction(WTFMove(navigationAction)) >+ { >+ } >+ >+ std::optional<WKNavigationActionPolicy> navigationPolicyDecision; >+ std::optional<WebsitePoliciesData> websitePoliciesData; >+ std::optional<SafeBrowsingResult> safeBrowsingResult; >+ Ref<WebFramePolicyListenerProxy> listener; >+ Ref<API::NavigationAction> navigationAction; >+ }; >+ >+ void receivedNavigationPolicyDecision(SafeBrowsingCheck&, WKNavigationActionPolicy, std::optional<WebsitePoliciesData>&&); >+ >+ // Takes a |SafeBrowsingCheck*| rather than |SafeBrowsingCheck&| since the >+ // check might have already been destroyed, e.g., if the embedder's navigation >+ // policy response was to ignore the navigation. >+ void receivedSafeBrowsingResult(SafeBrowsingCheck*, SafeBrowsingResult); >+ >+ void maybeFinishedCheck(SafeBrowsingCheck&); >+ >+ WKWebView *m_webView; >+ HashSet<std::unique_ptr<SafeBrowsingCheck>> m_checks; >+ HashSet<WebCore::URL> m_warningIgnoredUrls; >+ WeakPtrFactory<SafeBrowsingController> m_weakPtrFactory; >+ static const char* s_warningPageUrl; >+}; >+ >+} // namespace WebKit >+ >+#endif // WK_API_ENABLED >diff --git a/Source/WebKit/UIProcess/Cocoa/SafeBrowsingController.mm b/Source/WebKit/UIProcess/Cocoa/SafeBrowsingController.mm >new file mode 100644 >index 0000000000000000000000000000000000000000..8b3af857e03e27e5746bc81a71831827ba0293df >--- /dev/null >+++ b/Source/WebKit/UIProcess/Cocoa/SafeBrowsingController.mm >@@ -0,0 +1,159 @@ >+/* >+ * Copyright (C) 2018 Google LLC. All rights reserved. >+ * >+ * Redistribution and use in source and binary forms, with or without >+ * modification, are permitted provided that the following conditions >+ * are met: >+ * 1. Redistributions of source code must retain the above copyright >+ * notice, this list of conditions and the following disclaimer. >+ * 2. Redistributions in binary form must reproduce the above copyright >+ * notice, this list of conditions and the following disclaimer in the >+ * documentation and/or other materials provided with the distribution. >+ * >+ * THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS'' >+ * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, >+ * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR >+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS >+ * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR >+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF >+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS >+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN >+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) >+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF >+ * THE POSSIBILITY OF SUCH DAMAGE. >+ */ >+ >+#import "config.h" >+#import "SafeBrowsingController.h" >+ >+#if WK_API_ENABLED >+ >+#import "APINavigationAction.h" >+#import "SafeBrowsingContextProvider.h" >+#import "SafeBrowsingSPI.h" >+#import "WKNavigationActionInternal.h" >+#import "WKPreferences.h" >+#import "WKWebViewConfiguration.h" >+#import "WKWebViewInternal.h" >+#import "WebFramePolicyListenerProxy.h" >+#import "WebPageProxy.h" >+ >+namespace WebKit { >+ >+const char* SafeBrowsingController::s_warningPageUrl = "file:///SafeBrowsing"; >+ >+SafeBrowsingController::SafeBrowsingController(WKWebView *webView) >+ : m_webView(webView) >+{ >+} >+ >+SafeBrowsingController::~SafeBrowsingController() >+{ >+} >+ >+void SafeBrowsingController::checkURL(Ref<API::NavigationAction>&& navigationAction, NavigationPolicyDecider&& policyDecider, Ref<WebFramePolicyListenerProxy>&& listener) >+{ >+ bool shouldSkipSafeBrowsingLookUp = !m_webView.configuration.preferences.safeBrowsingEnabled; >+ if (!shouldSkipSafeBrowsingLookUp) { >+ bool warningBypassed = navigationAction->navigationType() == WebCore::NavigationType::LinkClicked >+ && navigationAction->sourceFrame() >+ && navigationAction->sourceFrame()->page()->pageLoadState().url() == s_warningPageUrl >+ && navigationAction->sourceFrame()->page()->currentURL() == navigationAction->originalURL().string(); >+ >+ if (warningBypassed) >+ m_warningIgnoredUrls.add(navigationAction->originalURL()); >+ >+ shouldSkipSafeBrowsingLookUp = warningBypassed || m_warningIgnoredUrls.contains(navigationAction->originalURL()); >+ } >+ >+ auto safeBrowsingCheck = std::make_unique<SafeBrowsingCheck>(WTFMove(listener), WTFMove(navigationAction)); >+ auto checkRaw = safeBrowsingCheck.get(); >+ m_checks.add(WTFMove(safeBrowsingCheck)); >+ >+ if (shouldSkipSafeBrowsingLookUp) >+ receivedSafeBrowsingResult(checkRaw, SafeBrowsingResult::Safe); >+ else { >+#if (PLATFORM(MAC) && __MAC_OS_X_VERSION_MIN_REQUIRED >= 101300) || (PLATFORM(IOS) && __IPHONE_OS_VERSION_MIN_REQUIRED >= 110000) >+ auto weakThis = m_weakPtrFactory.createWeakPtr(*this); >+ [SafeBrowsingContextProvider::sharedLookupContext(m_webView) lookUpURL:checkRaw->navigationAction->request().url() completionHandler:^(SSBLookupResult* result, NSError* error) { >+ if (!weakThis) >+ return; >+ >+ SafeBrowsingResult safeBrowsingResult = SafeBrowsingResult::Safe; >+ if (result.serviceLookupResults) { >+ for (SSBServiceLookupResult* details in result.serviceLookupResults) { >+ // FIXME: Keep track of the different types in order to give different warnings. >+ if (details.isPhishing || details.isMalware || details.isUnwantedSoftware || details.isKnownToBeUnsafe) >+ safeBrowsingResult = SafeBrowsingResult::Unsafe; >+ } >+ } >+ weakThis->receivedSafeBrowsingResult(checkRaw, safeBrowsingResult); >+ }]; >+#else >+ receivedSafeBrowsingResult(checkRaw, SafeBrowsingResult::Safe); >+#endif >+ } >+ >+ auto policyCompletionHandler = [checkRaw, weakThis = m_weakPtrFactory.createWeakPtr(*this)] (WKNavigationActionPolicy policy, std::optional<WebsitePoliciesData>&& data) mutable { >+ if (weakThis) >+ weakThis->receivedNavigationPolicyDecision(*checkRaw, policy, WTFMove(data)); >+ }; >+ >+ policyDecider(WTFMove(policyCompletionHandler)); >+} >+ >+void SafeBrowsingController::receivedNavigationPolicyDecision(SafeBrowsingController::SafeBrowsingCheck& check, WKNavigationActionPolicy policy, std::optional<WebsitePoliciesData>&& data) >+{ >+ check.navigationPolicyDecision = policy; >+ check.websitePoliciesData = WTFMove(data); >+ maybeFinishedCheck(check); >+} >+ >+void SafeBrowsingController::receivedSafeBrowsingResult(SafeBrowsingCheck* check, SafeBrowsingResult safeBrowsingResult) >+{ >+ if (!m_checks.contains(check)) >+ return; >+ >+ check->safeBrowsingResult = safeBrowsingResult; >+ maybeFinishedCheck(*check); >+} >+ >+void SafeBrowsingController::maybeFinishedCheck(SafeBrowsingController::SafeBrowsingCheck& check) >+{ >+ if (!check.navigationPolicyDecision) >+ return; >+ >+ if (check.navigationPolicyDecision.value() == WKNavigationActionPolicyAllow && !check.safeBrowsingResult) >+ return; >+ >+ switch (check.navigationPolicyDecision.value()) { >+ case WKNavigationActionPolicyAllow: { >+ if (check.safeBrowsingResult == SafeBrowsingResult::Safe) { >+ check.listener->use(WTFMove(check.websitePoliciesData)); >+ break; >+ } >+ >+ check.listener->ignore(); >+ // FIXME: This really needs to be loaded in a way that permits localization. >+ // FIXME: Make the warning message more similar to Safari, which means different >+ // wording depending on the type of warning (phishing, malware, etc.). >+ auto targetMainFrameUrl = check.navigationAction->targetFrame()->isMainFrame() ? check.navigationAction->request().url() : WebCore::URL(WebCore::ParsedURLString, check.navigationAction->targetFrame()->page()->currentURL()); >+ NSString* warningString = [NSString stringWithFormat:@"<style>body { background-color: red; }</style><body><h1>This is a simple SafeBrowsing warning.</h1><h2>You've been warned!!!</h2><h2><a id='visitAnyway' href='%s'>Visit the site anyway</a></h2>", targetMainFrameUrl.string().utf8().data()]; >+ [m_webView _loadAlternateHTMLString:warningString baseURL:WebCore::URL(WebCore::ParsedURLString, s_warningPageUrl) forUnreachableURL:targetMainFrameUrl]; >+ break; >+ } >+ case WKNavigationActionPolicyCancel: >+ check.listener->ignore(); >+ break; >+ case _WKNavigationActionPolicyDownload: >+ check.listener->download(); >+ break; >+ default: >+ ASSERT_NOT_REACHED(); >+ } >+ m_checks.remove(&check); >+} >+ >+} // namespace WebKit >+ >+#endif // WK_API_ENABLED >diff --git a/Source/WebKit/WebKit.xcodeproj/project.pbxproj b/Source/WebKit/WebKit.xcodeproj/project.pbxproj >index 6a50721ee229997a95726eab07e9182652cdf2a5..d6489897460684f9d6de248d692fc9033d975432 100644 >--- a/Source/WebKit/WebKit.xcodeproj/project.pbxproj >+++ b/Source/WebKit/WebKit.xcodeproj/project.pbxproj >@@ -1308,6 +1308,10 @@ > 75A8D2C9187CCFAF00C39C9E /* WKWebsiteDataStore.mm in Sources */ = {isa = PBXBuildFile; fileRef = 75A8D2C5187CCF9F00C39C9E /* WKWebsiteDataStore.mm */; }; > 75A8D2D6187D1C0E00C39C9E /* WKWebsiteDataStoreInternal.h in Headers */ = {isa = PBXBuildFile; fileRef = 75A8D2D4187D1C0100C39C9E /* WKWebsiteDataStoreInternal.h */; }; > 762B748D120BC75C00819339 /* WKPreferencesRefPrivate.h in Headers */ = {isa = PBXBuildFile; fileRef = 762B7484120BBA2D00819339 /* WKPreferencesRefPrivate.h */; settings = {ATTRIBUTES = (Private, ); }; }; >+ 7727593E20CADA7F00D88206 /* SafeBrowsingContextProvider.h in Headers */ = {isa = PBXBuildFile; fileRef = 7727593D20CADA7F00D88206 /* SafeBrowsingContextProvider.h */; }; >+ 7727594020CADC0D00D88206 /* SafeBrowsingContextProvider.mm in Sources */ = {isa = PBXBuildFile; fileRef = 7727593F20CADC0D00D88206 /* SafeBrowsingContextProvider.mm */; }; >+ 7749087E208554C500072D86 /* SafeBrowsingController.h in Headers */ = {isa = PBXBuildFile; fileRef = 7749087D208554C500072D86 /* SafeBrowsingController.h */; }; >+ 774908822085562400072D86 /* SafeBrowsingController.mm in Sources */ = {isa = PBXBuildFile; fileRef = 774908812085562400072D86 /* SafeBrowsingController.mm */; }; > 7A1E2A851EEFE8920037A0E0 /* APINotificationProvider.h in Headers */ = {isa = PBXBuildFile; fileRef = 7A1E2A841EEFE88A0037A0E0 /* APINotificationProvider.h */; }; > 7A3ACE1B1EEEF79B00A864A4 /* APIInjectedBundlePageLoaderClient.h in Headers */ = {isa = PBXBuildFile; fileRef = 7A3ACE1A1EEEF78C00A864A4 /* APIInjectedBundlePageLoaderClient.h */; }; > 7A772C8D1DDD4A25000F34F1 /* com.apple.WebKit.plugin-common.sb in Copy Plug-in Sandbox Profiles */ = {isa = PBXBuildFile; fileRef = 7A1506721DD56298001F4B58 /* com.apple.WebKit.plugin-common.sb */; }; >@@ -3782,6 +3786,10 @@ > 75A8D2D4187D1C0100C39C9E /* WKWebsiteDataStoreInternal.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = WKWebsiteDataStoreInternal.h; sourceTree = "<group>"; }; > 762B7481120BBA0100819339 /* FontSmoothingLevel.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = FontSmoothingLevel.h; sourceTree = "<group>"; }; > 762B7484120BBA2D00819339 /* WKPreferencesRefPrivate.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = WKPreferencesRefPrivate.h; sourceTree = "<group>"; }; >+ 7727593D20CADA7F00D88206 /* SafeBrowsingContextProvider.h */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; path = SafeBrowsingContextProvider.h; sourceTree = "<group>"; }; >+ 7727593F20CADC0D00D88206 /* SafeBrowsingContextProvider.mm */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.cpp.objcpp; path = SafeBrowsingContextProvider.mm; sourceTree = "<group>"; }; >+ 7749087D208554C500072D86 /* SafeBrowsingController.h */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; path = SafeBrowsingController.h; sourceTree = "<group>"; }; >+ 774908812085562400072D86 /* SafeBrowsingController.mm */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.cpp.objcpp; path = SafeBrowsingController.mm; sourceTree = "<group>"; }; > 7A1506721DD56298001F4B58 /* com.apple.WebKit.plugin-common.sb */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = text; path = "com.apple.WebKit.plugin-common.sb"; sourceTree = "<group>"; }; > 7A1E2A841EEFE88A0037A0E0 /* APINotificationProvider.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = APINotificationProvider.h; sourceTree = "<group>"; }; > 7A3ACE1A1EEEF78C00A864A4 /* APIInjectedBundlePageLoaderClient.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = APIInjectedBundlePageLoaderClient.h; sourceTree = "<group>"; }; >@@ -5536,6 +5544,10 @@ > CDA29A1E1CBEB5FB00901CCF /* PlaybackSessionManagerProxy.h */, > CDA29A221CBEB61A00901CCF /* PlaybackSessionManagerProxy.messages.in */, > CDA29A1F1CBEB5FB00901CCF /* PlaybackSessionManagerProxy.mm */, >+ 7727593D20CADA7F00D88206 /* SafeBrowsingContextProvider.h */, >+ 7727593F20CADC0D00D88206 /* SafeBrowsingContextProvider.mm */, >+ 7749087D208554C500072D86 /* SafeBrowsingController.h */, >+ 774908812085562400072D86 /* SafeBrowsingController.mm */, > 1A002D47196B345D00B9AD44 /* SessionStateCoding.h */, > 1A002D46196B345D00B9AD44 /* SessionStateCoding.mm */, > 3157135C2040A9B20084F9CF /* SystemPreviewControllerCocoa.mm */, >@@ -9193,6 +9205,8 @@ > 51E6C1641F2935DD00FD3437 /* ResourceLoadStatisticsPersistentStorage.h in Headers */, > 1A30066E1110F4F70031937C /* ResponsivenessTimer.h in Headers */, > 410482CE1DDD324F00F006D0 /* RTCNetwork.h in Headers */, >+ 7727593E20CADA7F00D88206 /* SafeBrowsingContextProvider.h in Headers */, >+ 7749087E208554C500072D86 /* SafeBrowsingController.h in Headers */, > 0E97D74D200E900400BF6643 /* SafeBrowsingSPI.h in Headers */, > BC2D021712AC41CB00E732A3 /* SameDocumentNavigationType.h in Headers */, > 1AAB4A8D1296F0A20023952F /* SandboxExtension.h in Headers */, >@@ -10993,6 +11007,8 @@ > BC111B09112F5E3C00337BAB /* ResponsivenessTimer.cpp in Sources */, > 410482CD1DDD324C00F006D0 /* RTCNetwork.cpp in Sources */, > 41B28B0A1F83AD4200FB52AC /* RTCPacketOptions.cpp in Sources */, >+ 7727594020CADC0D00D88206 /* SafeBrowsingContextProvider.mm in Sources */, >+ 774908822085562400072D86 /* SafeBrowsingController.mm in Sources */, > 1AAB4AAA1296F1540023952F /* SandboxExtensionMac.mm in Sources */, > E1E552C416AE065F004ED653 /* SandboxInitialiationParametersMac.mm in Sources */, > E19BDA8B19368D4600B97F57 /* SandboxUtilities.mm in Sources */, >diff --git a/Tools/ChangeLog b/Tools/ChangeLog >index c65cefb4ea40db1a17ede7ec78bb8a539d46280e..c457b8a8edfa02d939251aee4a6535379a13ee03 100644 >--- a/Tools/ChangeLog >+++ b/Tools/ChangeLog >@@ -1,3 +1,35 @@ >+2018-06-19 Ali Juma <ajuma@chromium.org> >+ >+ Use SafeBrowsing in WKWebView >+ https://bugs.webkit.org/show_bug.cgi?id=181804 >+ >+ Reviewed by NOBODY (OOPS!). >+ >+ Add a SafeBrowsing option to the Settings menu in MiniBrowser. >+ >+ Add API tests for SafeBrowsing. >+ >+ * MiniBrowser/MiniBrowser.entitlements: >+ * MiniBrowser/mac/AppDelegate.m: >+ (defaultConfiguration): >+ * MiniBrowser/mac/SettingsController.h: >+ * MiniBrowser/mac/SettingsController.m: >+ (-[SettingsController _populateMenu]): >+ (-[SettingsController validateMenuItem:]): >+ (-[SettingsController safeBrowsingEnabled]): >+ (-[SettingsController toggleSafeBrowsingEnabled:]): >+ * MiniBrowser/mac/WK2BrowserWindowController.m: >+ (-[WK2BrowserWindowController didChangeSettings]): >+ * TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj: >+ * TestWebKitAPI/Tests/WebKitCocoa/SafeBrowsing.mm: Added. >+ (-[SBScheme webView:startURLSchemeTask:]): >+ (-[SBScheme webView:stopURLSchemeTask:]): >+ (-[SafeBrowsingTestController webView:decidePolicyForNavigationAction:decisionHandler:]): >+ (-[SafeBrowsingTestController webView:didFinishNavigation:]): >+ (TEST): >+ * TestWebKitAPI/Tests/WebKitCocoa/redirect-to-unsafe.html: Added. >+ * TestWebKitAPI/Tests/WebKitCocoa/unsafe-iframe.html: Added. >+ > 2018-06-18 Zan Dobersek <zdobersek@igalia.com> > > [webkitpy] WPTRunner should remove any metadata content before (re)generating it >diff --git a/Tools/MiniBrowser/MiniBrowser.entitlements b/Tools/MiniBrowser/MiniBrowser.entitlements >index ea26ab2421009df705a6b9f01bcd33b3f8975752..a72c4ce64dac6ef0d16770e8faee48c23a9ff5f0 100644 >--- a/Tools/MiniBrowser/MiniBrowser.entitlements >+++ b/Tools/MiniBrowser/MiniBrowser.entitlements >@@ -4,6 +4,8 @@ > <dict> > <key>com.apple.security.app-sandbox</key> > <true/> >+ <key>com.apple.security.temporary-exception.mach-lookup.global-name</key> >+ <string>com.apple.Safari.SafeBrowsing.Service</string> > <key>com.apple.security.network.client</key> > <true/> > <key>com.apple.security.temporary-exception.files.absolute-path.read-only</key> >diff --git a/Tools/MiniBrowser/mac/AppDelegate.m b/Tools/MiniBrowser/mac/AppDelegate.m >index 3a369a409c4bcda75a1136c1123a0863d5770ea7..56c3c7747ae18dfe3841a50e93acf222d3cd8a2c 100644 >--- a/Tools/MiniBrowser/mac/AppDelegate.m >+++ b/Tools/MiniBrowser/mac/AppDelegate.m >@@ -93,6 +93,7 @@ - (void)awakeFromNib > configuration = [[WKWebViewConfiguration alloc] init]; > configuration.preferences._fullScreenEnabled = YES; > configuration.preferences._developerExtrasEnabled = YES; >+ configuration.preferences.safeBrowsingEnabled = [SettingsController shared].safeBrowsingEnabled; > > _WKProcessPoolConfiguration *processConfiguration = [[[_WKProcessPoolConfiguration alloc] init] autorelease]; > processConfiguration.diskCacheSpeculativeValidationEnabled = ![SettingsController shared].networkCacheSpeculativeRevalidationDisabled; >diff --git a/Tools/MiniBrowser/mac/SettingsController.h b/Tools/MiniBrowser/mac/SettingsController.h >index 84db32c5ddeb963414e3c980e53a4f4b51473d3c..54a711944945d0c23afe5a4271cbfdbb49a9d28f 100644 >--- a/Tools/MiniBrowser/mac/SettingsController.h >+++ b/Tools/MiniBrowser/mac/SettingsController.h >@@ -61,6 +61,7 @@ @property (nonatomic, readonly) BOOL usesGameControllerFramework; > @property (nonatomic, readonly) BOOL networkCacheSpeculativeRevalidationDisabled; > @property (nonatomic, readonly) BOOL processSwapOnNavigationEnabled; > @property (nonatomic, readonly) BOOL processSwapOnWindowOpenWithOpenerEnabled; >+@property (nonatomic, readonly) BOOL safeBrowsingEnabled; > > @property (nonatomic, readonly) NSString *defaultURL; > >diff --git a/Tools/MiniBrowser/mac/SettingsController.m b/Tools/MiniBrowser/mac/SettingsController.m >index 84f019082815082b8af6a9a35184eef5f5397d23..b4cccd3caa76082f73d61a1150568af848ce0062 100644 >--- a/Tools/MiniBrowser/mac/SettingsController.m >+++ b/Tools/MiniBrowser/mac/SettingsController.m >@@ -72,6 +72,7 @@ > static NSString * const NetworkCacheSpeculativeRevalidationDisabledKey = @"NetworkCacheSpeculativeRevalidationDisabled"; > static NSString * const ProcessSwapOnNavigationKey = @"ProcessSwapOnNavigation"; > static NSString * const ProcessSwapOnWindowOpenWithOpenerKey = @"ProcessSwapOnWindowOpenWithOpener"; >+static NSString * const SafeBrowsingEnabledPreferenceKey = @"SafeBrowsingEnabled"; > > typedef NS_ENUM(NSInteger, DebugOverylayMenuItemTag) { > NonFastScrollableRegionOverlayTag = 100, >@@ -183,6 +184,7 @@ - (void)_populateMenu > [self _addItemWithTitle:@"Disable network cache speculative revalidation" action:@selector(toggleNetworkCacheSpeculativeRevalidationDisabled:) indented:YES]; > [self _addItemWithTitle:@"Enable Process Swap on Navigation" action:@selector(toggleProcessSwapOnNavigation:) indented:YES]; > [self _addItemWithTitle:@"Enable Process Swap on window.open() with an opener" action:@selector(toggleProcessSwapOnWindowOpenWithOpener:) indented:YES]; >+ [self _addItemWithTitle:@"Enable SafeBrowsing" action:@selector(toggleSafeBrowsingEnabled:) indented:YES]; > > NSMenuItem *debugOverlaysSubmenuItem = [[NSMenuItem alloc] initWithTitle:@"Debug Overlays" action:nil keyEquivalent:@""]; > NSMenu *debugOverlaysMenu = [[NSMenu alloc] initWithTitle:@"Debug Overlays"]; >@@ -278,6 +280,8 @@ - (BOOL)validateMenuItem:(NSMenuItem *)menuItem > [menuItem setState:[self processSwapOnNavigationEnabled] ? NSControlStateValueOn : NSControlStateValueOff]; > else if (action == @selector(toggleProcessSwapOnWindowOpenWithOpener:)) > [menuItem setState:[self processSwapOnWindowOpenWithOpenerEnabled] ? NSControlStateValueOn : NSControlStateValueOff]; >+ else if (action == @selector(toggleSafeBrowsingEnabled:)) >+ [menuItem setState:[self safeBrowsingEnabled] ? NSControlStateValueOn : NSControlStateValueOff]; > else if (action == @selector(toggleUseUISideCompositing:)) > [menuItem setState:[self useUISideCompositing] ? NSControlStateValueOn : NSControlStateValueOff]; > else if (action == @selector(togglePerWindowWebProcessesDisabled:)) >@@ -513,6 +517,16 @@ - (void)toggleProcessSwapOnWindowOpenWithOpener:(id)sender > [self _toggleBooleanDefault:ProcessSwapOnWindowOpenWithOpenerKey]; > } > >+- (BOOL)safeBrowsingEnabled >+{ >+ return [[NSUserDefaults standardUserDefaults] boolForKey:SafeBrowsingEnabledPreferenceKey]; >+} >+ >+- (void)toggleSafeBrowsingEnabled:(id)sender >+{ >+ [self _toggleBooleanDefault:SafeBrowsingEnabledPreferenceKey]; >+} >+ > - (BOOL)isSpaceReservedForBanners > { > return [[NSUserDefaults standardUserDefaults] boolForKey:ReserveSpaceForBannersPreferenceKey]; >diff --git a/Tools/MiniBrowser/mac/WK2BrowserWindowController.m b/Tools/MiniBrowser/mac/WK2BrowserWindowController.m >index 3ead630a78928a19ffecbedbf5155d516bb88c1a..2924bbc5764573b2dd462ba8b565433d850655a4 100644 >--- a/Tools/MiniBrowser/mac/WK2BrowserWindowController.m >+++ b/Tools/MiniBrowser/mac/WK2BrowserWindowController.m >@@ -408,6 +408,7 @@ - (void)didChangeSettings > preferences._visualViewportEnabled = settings.visualViewportEnabled; > preferences._largeImageAsyncDecodingEnabled = settings.largeImageAsyncDecodingEnabled; > preferences._animatedImageAsyncDecodingEnabled = settings.animatedImageAsyncDecodingEnabled; >+ preferences.safeBrowsingEnabled = settings.safeBrowsingEnabled; > > _webView.configuration.websiteDataStore._resourceLoadStatisticsEnabled = settings.resourceLoadStatisticsEnabled; > >diff --git a/Tools/TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj b/Tools/TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj >index b4763f98b9b296999960382c0b7c36b2516ce381..748efc13e03daef467b691f41bdbc36867b0e383 100644 >--- a/Tools/TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj >+++ b/Tools/TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj >@@ -301,6 +301,9 @@ > 7673499D1930C5BB00E44DF9 /* StopLoadingDuringDidFailProvisionalLoad_bundle.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 7673499A1930182E00E44DF9 /* StopLoadingDuringDidFailProvisionalLoad_bundle.cpp */; }; > 76E182DD1547569100F1FADD /* WillSendSubmitEvent_Bundle.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 76E182DC1547569100F1FADD /* WillSendSubmitEvent_Bundle.cpp */; }; > 76E182DF154767E600F1FADD /* auto-submitting-form.html in Copy Resources */ = {isa = PBXBuildFile; fileRef = 76E182DE15475A8300F1FADD /* auto-submitting-form.html */; }; >+ 7727593C20C1BC8400D88206 /* SafeBrowsing.mm in Sources */ = {isa = PBXBuildFile; fileRef = 7727593A20C1BC7400D88206 /* SafeBrowsing.mm */; }; >+ 7731562820C8572100E8C6DE /* redirect-to-unsafe.html in Copy Resources */ = {isa = PBXBuildFile; fileRef = 7731562520C83A9000E8C6DE /* redirect-to-unsafe.html */; }; >+ 7731562A20C8726700E8C6DE /* unsafe-iframe.html in Copy Resources */ = {isa = PBXBuildFile; fileRef = 7731562920C8721200E8C6DE /* unsafe-iframe.html */; }; > 79C5D431209D768300F1E7CA /* InjectedBundleNodeHandleIsTextField.mm in Sources */ = {isa = PBXBuildFile; fileRef = 79C5D430209D768300F1E7CA /* InjectedBundleNodeHandleIsTextField.mm */; }; > 7A010BCB1D877C0500EDE72A /* CoreGraphics.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = 7A010BCA1D877C0500EDE72A /* CoreGraphics.framework */; }; > 7A010BCD1D877C0D00EDE72A /* QuartzCore.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = 7A010BCC1D877C0D00EDE72A /* QuartzCore.framework */; }; >@@ -887,9 +890,6 @@ > dstPath = TestWebKitAPI.resources; > dstSubfolderSpec = 7; > files = ( >- 51460E1220D421F2005345F2 /* SimpleServiceWorkerRegistrations-2.sqlite3 in Copy Resources */, >- 51460E1320D421F2005345F2 /* SimpleServiceWorkerRegistrations-2.sqlite3-shm in Copy Resources */, >- 51460E1420D421F2005345F2 /* SimpleServiceWorkerRegistrations-2.sqlite3-wal in Copy Resources */, > 1A9E52C913E65EF4006917F5 /* 18-characters.html in Copy Resources */, > 379028B914FAC24C007E6B43 /* acceptsFirstMouse.html in Copy Resources */, > 1C2B81871C8925A000A5529F /* Ahem.ttf in Copy Resources */, >@@ -1094,6 +1094,7 @@ > F41AB9A81EF4696B0083FA08 /* prevent-operation.html in Copy Resources */, > F41AB9A91EF4696B0083FA08 /* prevent-start.html in Copy Resources */, > F6FDDDD614241C6F004F1729 /* push-state.html in Copy Resources */, >+ 7731562820C8572100E8C6DE /* redirect-to-unsafe.html in Copy Resources */, > A12DDC001E8373E700CF6CAE /* rendered-image-excluding-overflow.html in Copy Resources */, > F46849C01EEF5EF300B937FE /* rich-and-plain-text.html in Copy Resources */, > 0F5651F91FCE513500310FBC /* scroll-to-anchor.html in Copy Resources */, >@@ -1110,6 +1111,9 @@ > BC909784125571CF00083756 /* simple.html in Copy Resources */, > 51E5C7021919C3B200D8B3E1 /* simple2.html in Copy Resources */, > 51E5C7031919C3B200D8B3E1 /* simple3.html in Copy Resources */, >+ 51460E1220D421F2005345F2 /* SimpleServiceWorkerRegistrations-2.sqlite3 in Copy Resources */, >+ 51460E1320D421F2005345F2 /* SimpleServiceWorkerRegistrations-2.sqlite3-shm in Copy Resources */, >+ 51460E1420D421F2005345F2 /* SimpleServiceWorkerRegistrations-2.sqlite3-wal in Copy Resources */, > F4F405BD1D4C0D1C007A9707 /* skinny-autoplaying-video-with-audio.html in Copy Resources */, > C01A23F21266156700C9ED55 /* spacebar-scrolling.html in Copy Resources */, > E194E1BD177E53C7009C4D4E /* StopLoadingFromDidReceiveResponse.html in Copy Resources */, >@@ -1125,6 +1129,7 @@ > 2E9896151D8F093800739892 /* text-and-password-inputs.html in Copy Resources */, > F41AB9AA1EF4696B0083FA08 /* textarea-to-input.html in Copy Resources */, > F4451C761EB8FD890020C5DA /* two-paragraph-contenteditable.html in Copy Resources */, >+ 7731562A20C8726700E8C6DE /* unsafe-iframe.html in Copy Resources */, > C540F784152E5A9A00A40C8C /* verboseMarkup.html in Copy Resources */, > CDC8E4941BC6F10800594FEC /* video-with-audio.html in Copy Resources */, > CDC8E4951BC6F10800594FEC /* video-with-audio.mp4 in Copy Resources */, >@@ -1537,6 +1542,9 @@ > 76E182D91547550100F1FADD /* WillSendSubmitEvent.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = WillSendSubmitEvent.cpp; sourceTree = "<group>"; }; > 76E182DC1547569100F1FADD /* WillSendSubmitEvent_Bundle.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = WillSendSubmitEvent_Bundle.cpp; sourceTree = "<group>"; }; > 76E182DE15475A8300F1FADD /* auto-submitting-form.html */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = text.html; path = "auto-submitting-form.html"; sourceTree = "<group>"; }; >+ 7727593A20C1BC7400D88206 /* SafeBrowsing.mm */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.objcpp; path = SafeBrowsing.mm; sourceTree = "<group>"; }; >+ 7731562520C83A9000E8C6DE /* redirect-to-unsafe.html */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = text.html; path = "redirect-to-unsafe.html"; sourceTree = "<group>"; }; >+ 7731562920C8721200E8C6DE /* unsafe-iframe.html */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = text.html; path = "unsafe-iframe.html"; sourceTree = "<group>"; }; > 79C5D430209D768300F1E7CA /* InjectedBundleNodeHandleIsTextField.mm */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.objcpp; path = InjectedBundleNodeHandleIsTextField.mm; sourceTree = "<group>"; }; > 7A010BCA1D877C0500EDE72A /* CoreGraphics.framework */ = {isa = PBXFileReference; lastKnownFileType = wrapper.framework; name = CoreGraphics.framework; path = System/Library/Frameworks/CoreGraphics.framework; sourceTree = SDKROOT; }; > 7A010BCC1D877C0D00EDE72A /* QuartzCore.framework */ = {isa = PBXFileReference; lastKnownFileType = wrapper.framework; name = QuartzCore.framework; path = System/Library/Frameworks/QuartzCore.framework; sourceTree = SDKROOT; }; >@@ -2269,6 +2277,7 @@ > CD9E292B1C90A71F000BB800 /* RequiresUserActionForPlayback.mm */, > 51C8E1A41F26AC5400BF731B /* ResourceLoadStatistics.mm */, > A180C0F91EE67DF000468F47 /* RunOpenPanel.mm */, >+ 7727593A20C1BC7400D88206 /* SafeBrowsing.mm */, > CE0947362063223B003C9BA0 /* SchemeRegistry.mm */, > 51EB12931FDF050500A5A1BD /* ServiceWorkerBasic.mm */, > 37BCA61B1B596BA9002012CA /* ShouldOpenExternalURLsInNewWindowActions.mm */, >@@ -2478,9 +2487,6 @@ > A16F66B81C40E9E100BD4D24 /* Resources */ = { > isa = PBXGroup; > children = ( >- 51460E0F20D4216E005345F2 /* SimpleServiceWorkerRegistrations-2.sqlite3 */, >- 51460E1020D4216E005345F2 /* SimpleServiceWorkerRegistrations-2.sqlite3-shm */, >- 51460E1120D4216E005345F2 /* SimpleServiceWorkerRegistrations-2.sqlite3-wal */, > C25CCA0C1E5140E50026CB8A /* AllAhem.svg */, > F4A9202E1FEE34C800F59590 /* apple-data-url.html */, > F47D30EB1ED28619000482E1 /* apple.gif */, >@@ -2601,10 +2607,14 @@ > F415086C1DA040C10044BE9B /* play-audio-on-click.html */, > F41AB9941EF4692C0083FA08 /* prevent-operation.html */, > F41AB99A1EF4692C0083FA08 /* prevent-start.html */, >+ 7731562520C83A9000E8C6DE /* redirect-to-unsafe.html */, > A12DDBFF1E8373C100CF6CAE /* rendered-image-excluding-overflow.html */, > F46849BF1EEF5EDC00B937FE /* rich-and-plain-text.html */, > F4D65DA71F5E46C0009D8C27 /* selected-text-image-link-and-editable.html */, > C9B4AD291ECA6EA500F5FEA0 /* silence-long.m4a */, >+ 51460E0F20D4216E005345F2 /* SimpleServiceWorkerRegistrations-2.sqlite3 */, >+ 51460E1020D4216E005345F2 /* SimpleServiceWorkerRegistrations-2.sqlite3-shm */, >+ 51460E1120D4216E005345F2 /* SimpleServiceWorkerRegistrations-2.sqlite3-wal */, > F4F405BB1D4C0CF8007A9707 /* skinny-autoplaying-video-with-audio.html */, > 515BE16E1D4288FF00DD7C68 /* StoreBlobToBeDeleted.html */, > 9BD6D3A11F7B202100BD4962 /* sunset-in-cupertino-100px.tiff */, >@@ -2614,6 +2624,7 @@ > 2E9896141D8F092B00739892 /* text-and-password-inputs.html */, > F41AB9951EF4692C0083FA08 /* textarea-to-input.html */, > F4451C751EB8FD7C0020C5DA /* two-paragraph-contenteditable.html */, >+ 7731562920C8721200E8C6DE /* unsafe-iframe.html */, > 51714EB21CF8C761004723C4 /* WebProcessKillIDBCleanup-1.html */, > 51714EB31CF8C761004723C4 /* WebProcessKillIDBCleanup-2.html */, > 5120C83B1E674E350025B250 /* WebsiteDataStoreCustomPaths.html */, >@@ -3762,6 +3773,7 @@ > 46E816F81E79E29C00375ADC /* RestoreStateAfterTermination.mm in Sources */, > F418BE151F71B7DC001970E6 /* RoundedRectTests.cpp in Sources */, > A180C0FA1EE67DF000468F47 /* RunOpenPanel.mm in Sources */, >+ 7727593C20C1BC8400D88206 /* SafeBrowsing.mm in Sources */, > CDCFA7AA1E45183200C2433D /* SampleMap.cpp in Sources */, > CE0947372063223B003C9BA0 /* SchemeRegistry.mm in Sources */, > 7CCE7F121A411AE600447C4C /* ScrollPinningBehaviors.cpp in Sources */, >diff --git a/Tools/TestWebKitAPI/Tests/WebKitCocoa/SafeBrowsing.mm b/Tools/TestWebKitAPI/Tests/WebKitCocoa/SafeBrowsing.mm >new file mode 100644 >index 0000000000000000000000000000000000000000..34bb523b2089713f70d90b069c9e0799a9d2b107 >--- /dev/null >+++ b/Tools/TestWebKitAPI/Tests/WebKitCocoa/SafeBrowsing.mm >@@ -0,0 +1,344 @@ >+/* >+ * Copyright (C) 2018 Google LLC. All rights reserved. >+ * >+ * Redistribution and use in source and binary forms, with or without >+ * modification, are permitted provided that the following conditions >+ * are met: >+ * 1. Redistributions of source code must retain the above copyright >+ * notice, this list of conditions and the following disclaimer. >+ * 2. Redistributions in binary form must reproduce the above copyright >+ * notice, this list of conditions and the following disclaimer in the >+ * documentation and/or other materials provided with the distribution. >+ * >+ * THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS'' >+ * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, >+ * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR >+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS >+ * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR >+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF >+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS >+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN >+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) >+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF >+ * THE POSSIBILITY OF SUCH DAMAGE. >+ */ >+ >+#include "config.h" >+ >+#if PLATFORM(MAC) && __MAC_OS_X_VERSION_MIN_REQUIRED >= 101300 >+ >+#import "PlatformUtilities.h" >+#import "TestProtocol.h" >+#import <WebKit/WKNavigationActionPrivate.h> >+#import <WebKit/WKWebViewConfigurationPrivate.h> >+#import <WebKit/WKWebViewPrivate.h> >+#import <wtf/RetainPtr.h> >+ >+#if WK_API_ENABLED >+ >+static bool shouldCancelNavigation; >+static bool decidedNavigationPolicy; >+static bool finishedNavigation; >+static bool finishedRedirectNavigation; >+ >+static NSString *firstURL = @"sb://host/good.html"; >+static NSString *secondURL = @"sb://host/good2.html"; >+static NSString *unsafeURL = @"sb://host/phishing.html"; >+static NSString *warningURL = @"file:///SafeBrowsing"; >+ >+@interface SBScheme : NSObject <WKURLSchemeHandler> >+@end >+ >+@implementation SBScheme >+ >+- (void)webView:(WKWebView *)webView startURLSchemeTask:(id <WKURLSchemeTask>)urlSchemeTask >+{ >+ NSString *data = @"Lorem ipsum dolor sit amet"; >+ [urlSchemeTask didReceiveResponse:[[[NSURLResponse alloc] initWithURL:urlSchemeTask.request.URL MIMEType:@"text/html" expectedContentLength:data.length textEncodingName:nil] autorelease]]; >+ [urlSchemeTask didReceiveData:[data dataUsingEncoding:NSUTF8StringEncoding]]; >+ [urlSchemeTask didFinish]; >+} >+ >+- (void)webView:(WKWebView *)webView stopURLSchemeTask:(id <WKURLSchemeTask>)urlSchemeTask >+{ >+} >+ >+@end >+ >+@interface SafeBrowsingTestController : NSObject <WKNavigationDelegate, WKUIDelegate> >+@end >+ >+@implementation SafeBrowsingTestController >+ >+- (void)webView:(WKWebView *)webView decidePolicyForNavigationAction:(WKNavigationAction *)navigationAction decisionHandler:(void (^)(WKNavigationActionPolicy))decisionHandler >+{ >+ if (shouldCancelNavigation) >+ decisionHandler(WKNavigationActionPolicyCancel); >+ else >+ decisionHandler(WKNavigationActionPolicyAllow); >+ decidedNavigationPolicy = true; >+} >+ >+- (void)webView:(WKWebView *)webView didFinishNavigation:(WKNavigation *)navigation >+{ >+ if (finishedNavigation) >+ finishedRedirectNavigation = true; >+ else >+ finishedNavigation = true; >+} >+ >+ >+@end >+ >+TEST(WebKit, SafeBrowsingForSafePage) >+{ >+ RetainPtr<WKWebViewConfiguration> configuration = adoptNS([[WKWebViewConfiguration alloc] init]); >+ RetainPtr<SBScheme> handler = adoptNS([[SBScheme alloc] init]); >+ [configuration setURLSchemeHandler:handler.get() forURLScheme:@"SB"]; >+ [configuration preferences].safeBrowsingEnabled = YES; >+ [configuration _setUseTestSafeBrowsingContext:YES]; >+ auto webView = adoptNS([[WKWebView alloc] initWithFrame:NSMakeRect(0, 0, 800, 600) configuration:configuration.get()]); >+ >+ auto window = adoptNS([[NSWindow alloc] initWithContentRect:[webView frame] styleMask:NSWindowStyleMaskBorderless backing:NSBackingStoreBuffered defer:YES]); >+ [[window contentView] addSubview:webView.get()]; >+ >+ auto controller = adoptNS([[SafeBrowsingTestController alloc] init]); >+ [webView setNavigationDelegate:controller.get()]; >+ [webView setUIDelegate:controller.get()]; >+ >+ finishedNavigation = false; >+ decidedNavigationPolicy = false; >+ [webView loadRequest:[NSURLRequest requestWithURL:[NSURL URLWithString:firstURL]]]; >+ TestWebKitAPI::Util::run(&finishedNavigation); >+ >+ EXPECT_TRUE(decidedNavigationPolicy); >+ EXPECT_WK_STREQ([[[[webView backForwardList] currentItem] URL] absoluteString], firstURL); >+ EXPECT_WK_STREQ([[webView URL] absoluteString], firstURL); >+ EXPECT_WK_STREQ([[webView _committedURL] absoluteString], firstURL); >+ EXPECT_WK_STREQ([[webView _unreachableURL] absoluteString], ""); >+} >+ >+TEST(WebKit, SafeBrowsingForUnsafePage) >+{ >+ RetainPtr<WKWebViewConfiguration> configuration = adoptNS([[WKWebViewConfiguration alloc] init]); >+ RetainPtr<SBScheme> handler = adoptNS([[SBScheme alloc] init]); >+ [configuration setURLSchemeHandler:handler.get() forURLScheme:@"SB"]; >+ [configuration preferences].safeBrowsingEnabled = YES; >+ [configuration _setUseTestSafeBrowsingContext:YES]; >+ auto webView = adoptNS([[WKWebView alloc] initWithFrame:NSMakeRect(0, 0, 800, 600) configuration:configuration.get()]); >+ >+ auto window = adoptNS([[NSWindow alloc] initWithContentRect:[webView frame] styleMask:NSWindowStyleMaskBorderless backing:NSBackingStoreBuffered defer:YES]); >+ [[window contentView] addSubview:webView.get()]; >+ >+ auto controller = adoptNS([[SafeBrowsingTestController alloc] init]); >+ [webView setNavigationDelegate:controller.get()]; >+ [webView setUIDelegate:controller.get()]; >+ >+ finishedNavigation = false; >+ [webView loadRequest:[NSURLRequest requestWithURL:[NSURL URLWithString:firstURL]]]; >+ TestWebKitAPI::Util::run(&finishedNavigation); >+ >+ finishedNavigation = false; >+ decidedNavigationPolicy = false; >+ [webView loadRequest:[NSURLRequest requestWithURL:[NSURL URLWithString:unsafeURL]]]; >+ TestWebKitAPI::Util::run(&finishedNavigation); >+ >+ EXPECT_TRUE(decidedNavigationPolicy); >+ EXPECT_WK_STREQ([[[[webView backForwardList] currentItem] URL] absoluteString], unsafeURL); >+ EXPECT_WK_STREQ([[[[webView backForwardList] backItem] URL] absoluteString], firstURL); >+ EXPECT_WK_STREQ([[webView URL] absoluteString], unsafeURL); >+ EXPECT_WK_STREQ([[webView _committedURL] absoluteString], warningURL); >+ EXPECT_WK_STREQ([[webView _unreachableURL] absoluteString], unsafeURL); >+ >+ finishedNavigation = false; >+ decidedNavigationPolicy = false; >+ [webView evaluateJavaScript:@"var evt = document.createEvent('MouseEvent'); evt.initMouseEvent('click'); document.getElementById('visitAnyway').dispatchEvent(evt);" completionHandler:nil]; >+ TestWebKitAPI::Util::run(&finishedNavigation); >+ EXPECT_TRUE(decidedNavigationPolicy); >+ EXPECT_WK_STREQ([[[[webView backForwardList] currentItem] URL] absoluteString], unsafeURL); >+ EXPECT_WK_STREQ([[[[webView backForwardList] backItem] URL] absoluteString], firstURL); >+ EXPECT_WK_STREQ([[webView URL] absoluteString], unsafeURL); >+ EXPECT_WK_STREQ([[webView _committedURL] absoluteString], unsafeURL); >+ EXPECT_WK_STREQ([[webView _unreachableURL] absoluteString], ""); >+} >+ >+ >+TEST(WebKit, SafeBrowsingForUnsafePageBackForward) >+{ >+ RetainPtr<WKWebViewConfiguration> configuration = adoptNS([[WKWebViewConfiguration alloc] init]); >+ RetainPtr<SBScheme> handler = adoptNS([[SBScheme alloc] init]); >+ [configuration setURLSchemeHandler:handler.get() forURLScheme:@"SB"]; >+ [configuration preferences].safeBrowsingEnabled = YES; >+ [configuration _setUseTestSafeBrowsingContext:YES]; >+ auto webView = adoptNS([[WKWebView alloc] initWithFrame:NSMakeRect(0, 0, 800, 600) configuration:configuration.get()]); >+ >+ auto window = adoptNS([[NSWindow alloc] initWithContentRect:[webView frame] styleMask:NSWindowStyleMaskBorderless backing:NSBackingStoreBuffered defer:YES]); >+ [[window contentView] addSubview:webView.get()]; >+ >+ auto controller = adoptNS([[SafeBrowsingTestController alloc] init]); >+ [webView setNavigationDelegate:controller.get()]; >+ [webView setUIDelegate:controller.get()]; >+ >+ finishedNavigation = false; >+ [webView loadRequest:[NSURLRequest requestWithURL:[NSURL URLWithString:firstURL]]]; >+ TestWebKitAPI::Util::run(&finishedNavigation); >+ >+ finishedNavigation = false; >+ decidedNavigationPolicy = false; >+ [webView loadRequest:[NSURLRequest requestWithURL:[NSURL URLWithString:unsafeURL]]]; >+ TestWebKitAPI::Util::run(&finishedNavigation); >+ >+ EXPECT_TRUE(decidedNavigationPolicy); >+ EXPECT_WK_STREQ([[[[webView backForwardList] currentItem] URL] absoluteString], unsafeURL); >+ EXPECT_WK_STREQ([[[[webView backForwardList] backItem] URL] absoluteString], firstURL); >+ EXPECT_WK_STREQ([[webView URL] absoluteString], unsafeURL); >+ EXPECT_WK_STREQ([[webView _committedURL] absoluteString], warningURL); >+ EXPECT_WK_STREQ([[webView _unreachableURL] absoluteString], unsafeURL); >+ >+ finishedNavigation = false; >+ [webView goBack]; >+ TestWebKitAPI::Util::run(&finishedNavigation); >+ >+ EXPECT_WK_STREQ([[[[webView backForwardList] currentItem] URL] absoluteString], firstURL); >+ EXPECT_WK_STREQ([[[[webView backForwardList] forwardItem] URL] absoluteString], unsafeURL); >+ EXPECT_WK_STREQ([[webView URL] absoluteString], firstURL); >+ >+ finishedNavigation = false; >+ decidedNavigationPolicy = false; >+ [webView goForward]; >+ TestWebKitAPI::Util::run(&finishedNavigation); >+ >+ EXPECT_TRUE(decidedNavigationPolicy); >+ EXPECT_WK_STREQ([[[[webView backForwardList] currentItem] URL] absoluteString], unsafeURL); >+ EXPECT_WK_STREQ([[[[webView backForwardList] backItem] URL] absoluteString], firstURL); >+ EXPECT_WK_STREQ([[webView URL] absoluteString], unsafeURL); >+ EXPECT_WK_STREQ([[webView _committedURL] absoluteString], warningURL); >+ EXPECT_WK_STREQ([[webView _unreachableURL] absoluteString], unsafeURL); >+ >+ finishedNavigation = false; >+ [webView loadRequest:[NSURLRequest requestWithURL:[NSURL URLWithString:secondURL]]]; >+ TestWebKitAPI::Util::run(&finishedNavigation); >+ >+ finishedNavigation = false; >+ decidedNavigationPolicy = false; >+ [webView goBack]; >+ TestWebKitAPI::Util::run(&finishedNavigation); >+ >+ EXPECT_TRUE(decidedNavigationPolicy); >+ EXPECT_WK_STREQ([[[[webView backForwardList] currentItem] URL] absoluteString], unsafeURL); >+ // FIXME: Also check backItem and forwardItem, once those are updated correctly. >+ >+ EXPECT_WK_STREQ([[webView URL] absoluteString], unsafeURL); >+ EXPECT_WK_STREQ([[webView _committedURL] absoluteString], warningURL); >+ EXPECT_WK_STREQ([[webView _unreachableURL] absoluteString], unsafeURL); >+} >+ >+ >+TEST(WebKit, SafeBrowsingForUnsafePageCancelNavigation) >+{ >+ RetainPtr<WKWebViewConfiguration> configuration = adoptNS([[WKWebViewConfiguration alloc] init]); >+ RetainPtr<SBScheme> handler = adoptNS([[SBScheme alloc] init]); >+ [configuration setURLSchemeHandler:handler.get() forURLScheme:@"SB"]; >+ [configuration preferences].safeBrowsingEnabled = YES; >+ [configuration _setUseTestSafeBrowsingContext:YES]; >+ auto webView = adoptNS([[WKWebView alloc] initWithFrame:NSMakeRect(0, 0, 800, 600) configuration:configuration.get()]); >+ >+ auto window = adoptNS([[NSWindow alloc] initWithContentRect:[webView frame] styleMask:NSWindowStyleMaskBorderless backing:NSBackingStoreBuffered defer:YES]); >+ [[window contentView] addSubview:webView.get()]; >+ >+ auto controller = adoptNS([[SafeBrowsingTestController alloc] init]); >+ [webView setNavigationDelegate:controller.get()]; >+ [webView setUIDelegate:controller.get()]; >+ >+ finishedNavigation = false; >+ [webView loadRequest:[NSURLRequest requestWithURL:[NSURL URLWithString:firstURL]]]; >+ TestWebKitAPI::Util::run(&finishedNavigation); >+ >+ finishedNavigation = false; >+ decidedNavigationPolicy = false; >+ shouldCancelNavigation = true; >+ [webView loadRequest:[NSURLRequest requestWithURL:[NSURL URLWithString:unsafeURL]]]; >+ TestWebKitAPI::Util::run(&decidedNavigationPolicy); >+ shouldCancelNavigation = false; >+ >+ EXPECT_FALSE(finishedNavigation); >+ EXPECT_WK_STREQ([[[[webView backForwardList] currentItem] URL] absoluteString], firstURL); >+ EXPECT_WK_STREQ([[webView URL] absoluteString], firstURL); >+ EXPECT_WK_STREQ([[webView _committedURL] absoluteString], firstURL); >+ EXPECT_WK_STREQ([[webView _unreachableURL] absoluteString], ""); >+} >+ >+TEST(WebKit, SafeBrowsingForUnsafePageRedirect) >+{ >+ RetainPtr<WKWebViewConfiguration> configuration = adoptNS([[WKWebViewConfiguration alloc] init]); >+ RetainPtr<SBScheme> handler = adoptNS([[SBScheme alloc] init]); >+ [configuration setURLSchemeHandler:handler.get() forURLScheme:@"SB"]; >+ [configuration preferences].safeBrowsingEnabled = YES; >+ [configuration _setUseTestSafeBrowsingContext:YES]; >+ auto webView = adoptNS([[WKWebView alloc] initWithFrame:NSMakeRect(0, 0, 800, 600) configuration:configuration.get()]); >+ >+ auto window = adoptNS([[NSWindow alloc] initWithContentRect:[webView frame] styleMask:NSWindowStyleMaskBorderless backing:NSBackingStoreBuffered defer:YES]); >+ [[window contentView] addSubview:webView.get()]; >+ >+ auto controller = adoptNS([[SafeBrowsingTestController alloc] init]); >+ [webView setNavigationDelegate:controller.get()]; >+ [webView setUIDelegate:controller.get()]; >+ >+ finishedNavigation = false; >+ [webView loadRequest:[NSURLRequest requestWithURL:[NSURL URLWithString:firstURL]]]; >+ TestWebKitAPI::Util::run(&finishedNavigation); >+ >+ finishedNavigation = false; >+ finishedRedirectNavigation = false; >+ decidedNavigationPolicy = false; >+ [webView loadRequest:[NSURLRequest requestWithURL:[[NSBundle mainBundle] URLForResource:@"redirect-to-unsafe" withExtension:@"html" subdirectory:@"TestWebKitAPI.resources"]]]; >+ TestWebKitAPI::Util::run(&finishedRedirectNavigation); >+ >+ EXPECT_TRUE(decidedNavigationPolicy); >+ EXPECT_WK_STREQ([[[[webView backForwardList] currentItem] URL] absoluteString], unsafeURL); >+ // FIXME: Also check that backItem is firstURL, once that backItem is updated correctly. >+ >+ EXPECT_WK_STREQ([[webView URL] absoluteString], unsafeURL); >+ EXPECT_WK_STREQ([[webView _committedURL] absoluteString], warningURL); >+ EXPECT_WK_STREQ([[webView _unreachableURL] absoluteString], unsafeURL); >+} >+ >+TEST(WebKit, SafeBrowsingForUnsafeSubframe) >+{ >+ RetainPtr<WKWebViewConfiguration> configuration = adoptNS([[WKWebViewConfiguration alloc] init]); >+ RetainPtr<SBScheme> handler = adoptNS([[SBScheme alloc] init]); >+ [configuration setURLSchemeHandler:handler.get() forURLScheme:@"SB"]; >+ [configuration preferences].safeBrowsingEnabled = YES; >+ [configuration _setUseTestSafeBrowsingContext:YES]; >+ auto webView = adoptNS([[WKWebView alloc] initWithFrame:NSMakeRect(0, 0, 800, 600) configuration:configuration.get()]); >+ >+ auto window = adoptNS([[NSWindow alloc] initWithContentRect:[webView frame] styleMask:NSWindowStyleMaskBorderless backing:NSBackingStoreBuffered defer:YES]); >+ [[window contentView] addSubview:webView.get()]; >+ >+ auto controller = adoptNS([[SafeBrowsingTestController alloc] init]); >+ [webView setNavigationDelegate:controller.get()]; >+ [webView setUIDelegate:controller.get()]; >+ >+ finishedNavigation = false; >+ [webView loadRequest:[NSURLRequest requestWithURL:[NSURL URLWithString:firstURL]]]; >+ TestWebKitAPI::Util::run(&finishedNavigation); >+ >+ finishedNavigation = false; >+ finishedRedirectNavigation = false; >+ decidedNavigationPolicy = false; >+ NSURLRequest* request = [NSURLRequest requestWithURL:[[NSBundle mainBundle] URLForResource:@"unsafe-iframe" withExtension:@"html" subdirectory:@"TestWebKitAPI.resources"]]; >+ [webView loadRequest:request]; >+ TestWebKitAPI::Util::run(&finishedRedirectNavigation); >+ >+ EXPECT_TRUE(decidedNavigationPolicy); >+ EXPECT_WK_STREQ([[[[webView backForwardList] currentItem] URL] absoluteString], [[request URL] absoluteString]); >+ // FIXME: Also check that backItem is firstURL, once that backItem is updated correctly. >+ >+ EXPECT_WK_STREQ([[webView URL] absoluteString], [[request URL] absoluteString]); >+ EXPECT_WK_STREQ([[webView _committedURL] absoluteString], warningURL); >+ EXPECT_WK_STREQ([[webView _unreachableURL] absoluteString], [[request URL] absoluteString]); >+} >+ >+#endif >+ >+#endif >diff --git a/Tools/TestWebKitAPI/Tests/WebKitCocoa/redirect-to-unsafe.html b/Tools/TestWebKitAPI/Tests/WebKitCocoa/redirect-to-unsafe.html >new file mode 100644 >index 0000000000000000000000000000000000000000..7d9dbf6caab71d949c8001930c595a518b0b9359 >--- /dev/null >+++ b/Tools/TestWebKitAPI/Tests/WebKitCocoa/redirect-to-unsafe.html >@@ -0,0 +1,4 @@ >+<!DOCTYPE html> >+<head> >+ <script>window.location = 'sb://host/phishing.html';</script> >+</head> >diff --git a/Tools/TestWebKitAPI/Tests/WebKitCocoa/unsafe-iframe.html b/Tools/TestWebKitAPI/Tests/WebKitCocoa/unsafe-iframe.html >new file mode 100644 >index 0000000000000000000000000000000000000000..9ecf280b2ec40b4a7cf576c6802902333e1d2efd >--- /dev/null >+++ b/Tools/TestWebKitAPI/Tests/WebKitCocoa/unsafe-iframe.html >@@ -0,0 +1,2 @@ >+<!DOCTYPE html> >+<iframe src='sb://host/phishing.html'></iframe>
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=343090">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Formatted Diff
|
Diff
Attachments on
bug 185273
:
339558
|
339580
|
339730
|
340500
|
340514
|
340519
|
341674
|
341677
|
342442
|
342444
|
342446
|
342459
|
342555
|
342591
|
342674
|
342682
|
342977
|
343043
|
343090
|
344296
|
344297