219632 2020-12-08 01:52:29 -0800 REGRESSION(r261238): WKWebView crashes on launch inside a quicklook preview 2021-01-27 11:33:48 -0800 1 1 1 Unclassified WebKit WebKit2 Safari 14 Mac Other RESOLVED FIXED InRadar P2 Critical --- 1 sbarex bfulgham ap bfulgham ggaren pvollan webkit-bug-importer webKit.bugzilla oldest_to_newest 1712713 0 sbarex 2020-12-08 01:52:29 -0800 I have a Quicklook appex that show the file contents by a WKWebView. The application and the extension are sandboxed. When try to use the quickllok preview I see only the spinning icon. On XCode this is the log: [Process] 0x7f8cbc029620 - [pageProxyID=5, webPageID=6, PID=0] WebPageProxy::processDidTerminate: (pid 0), reason 3 [Loading] 0x7f8cbc029620 - [pageProxyID=5, webPageID=6, PID=0] WebPageProxy::dispatchProcessDidTerminate: reason = 3 [Process] 0x7f8cbc029620 - [pageProxyID=5, webPageID=6, PID=0] WebPageProxy::tryReloadAfterProcessTermination: process crashed and the client did not handle it, not reloading the page because we reached the maximum number of attempts Using the webkit source code I see this other output log: com.apple.WebKit.Networking.Development[96084:1414561] Application does not have permission to communicate with network resources. rc=1 : errno=22 Che entitlements check fail on `XPCServiceInitializerDelegate::checkEntitlements` in XPCServiceEntryPoint.mm. If I hack this function returning true the preview works well. I see that the function was changed on revision 261238 of the 2020-05-06 19:32. From this revision the `checkEntitlements` uses the SandboxSPI to check the entitlements with `sandbox_check_by_audit_token`. Before it uses `hasEntitlement` (that uses `SecTaskCopyValueForEntitlement` to perform the check). Both the application and the extension contain the entitlement `com.apple.security.network.client`. Please note that the application works on Catalina. If I use the deprecated WebView insted of WKWebView the preview works also on Big Sur. 1713317 1 webkit-bug-importer 2020-12-09 14:59:15 -0800 <rdar://problem/72154830> 1713338 2 ggaren 2020-12-09 15:41:34 -0800 Seems like something about the quicklook preview setup does not carry the entitlement through the audit token. I wonder if you can hack most of the code out of your project and turn it into a test app demonstrating this problem. 1713352 3 ap 2020-12-09 16:17:38 -0800 > Both the application and the extension contain the entitlement `com.apple.security.network.client`. I don't think that it does anything for QuickLook extensions. Can you try using a com.apple.security.temporary-exception.mach-lookup.global-name exception entitlement for com.apple.nsurlsessiond instead? That would be for diagnosis only, I'm not suggesting to do this in production at this point. 1713650 4 sbarex 2020-12-10 12:05:28 -0800 (In reply to Geoffrey Garen from comment #2) > Seems like something about the quicklook preview setup does not carry the > entitlement through the audit token. > > I wonder if you can hack most of the code out of your project and turn it > into a test app demonstrating this problem. Hi, I have created a demo code here: https://github.com/sbarex/QLTest The quicklook appex handle files with extension .sbarex_test The PreviewController create a WKWebView and show a "hello world" message with loadHTMLString (so for this example do not shows the file contents). The completion handler to show the ql preview is called when the html rendering is complete. On Big Sur webkit fail immediately and the handle in never called (So the spinning icon rest visibile). Inside the PreviewController.swift I have inserted but commented the code that use the old WebView. Using this code instead of the wkwebview the preview works. 1713655 5 sbarex 2020-12-10 12:11:57 -0800 (In reply to Alexey Proskuryakov from comment #3) > > Both the application and the extension contain the entitlement `com.apple.security.network.client`. > > I don't think that it does anything for QuickLook extensions. > > Can you try using a > com.apple.security.temporary-exception.mach-lookup.global-name exception > entitlement for com.apple.nsurlsessiond instead? That would be for diagnosis > only, I'm not suggesting to do this in production at this point. I do not understand which entitlement I must try to add... com.apple.security.temporary-exception.mach-lookup.global-name does nothing for the bug. If I add com.apple.nsurlsessiond I need to sign the app with a certificate. Then the appex fail to load and Xcode cannot bind to the process to debug (failure Reason: “org.sbarex.QLTest.QLExt” failed to launch or exited before the debugger could attach to it. Please verify that “org.sbarex.QLTest.QLExt” has a valid code signature that permits it to be launched on “My Mac”.) 1713686 6 ap 2020-12-10 13:02:31 -0800 Please see documentation for com.apple.security.temporary-exception.mach-lookup.global-name at https://developer.apple.com/library/archive/documentation/Miscellaneous/Reference/EntitlementKeyReference/Chapters/AppSandboxTemporaryExceptionEntitlements.html. The idea is that WebContent process confirms that the UI process can look up the com.apple.nsurlsessiond name. For applications, com.apple.security.network.client includes that, but as far as I know, QuickLook extensions don't honor com.apple.security.network.client. 1713723 7 sbarex 2020-12-10 14:34:41 -0800 (In reply to Alexey Proskuryakov from comment #6) > Please see documentation for > com.apple.security.temporary-exception.mach-lookup.global-name at > https://developer.apple.com/library/archive/documentation/Miscellaneous/ > Reference/EntitlementKeyReference/Chapters/ > AppSandboxTemporaryExceptionEntitlements.html. > > The idea is that WebContent process confirms that the UI process can look up > the com.apple.nsurlsessiond name. For applications, > com.apple.security.network.client includes that, but as far as I know, > QuickLook extensions don't honor com.apple.security.network.client. Thanks, now I understand. By setting the entitlement com.apple.security.temporary-exception.mach-lookup.global-name as an array and inserting the value com.apple.nsurlsessiond finally the extension works! Many thanks! However with Catalina it was not necessary to insert an exception in the entitlements. I don't know if for a different management of the quicklook framework or for the different version of webkit. From what I understand most of the formats supported by the system are rendered in quicklook via a webkit view (although apple still uses the deperecated qlgenerator api), so it seems strange to me that it does not allow its use in the new framework. There is still one last bug but I'm afraid it doesn't depend on webkit. When scroll bars appear, it is not possible to drag the scroller with the mouse because the action causes the entire window to be dragged (but you can scroll with trackpad gesture). 1713741 8 ap 2020-12-10 15:22:23 -0800 This was a WebKit change, you correctly identified it to be http://trac.webkit.org/r261238. Thank you for testing! Just to reiterate, I'm not saying that adding a temporary entitlement is a permanent or even recommended solution. We'll need to look into this more. > There is still one last bug but I'm afraid it doesn't depend on webkit. https://feedbackassistant.apple.com is always a good place to report bugs that may or may not be in WebKit. 1713743 9 sbarex 2020-12-10 15:31:30 -0800 (In reply to Alexey Proskuryakov from comment #8) > This was a WebKit change, you correctly identified it to be > http://trac.webkit.org/r261238. > > Thank you for testing! Just to reiterate, I'm not saying that adding a > temporary entitlement is a permanent or even recommended solution. We'll > need to look into this more. > > > There is still one last bug but I'm afraid it doesn't depend on webkit. > > https://feedbackassistant.apple.com is always a good place to report bugs > that may or may not be in WebKit. Thanks. Yes I know it's not a permanent solution but at least it makes the code usable. In the absence of a temporary solution I was thinking of suspending some my quicklook extension projects while now I can take them back in hand. For the feedback to Apple I have already sent it (both for this bug, for the scroll bar bug and also for other things in the past) but unfortunately I have never received feedback until now. 1722378 10 418364 bfulgham 2021-01-25 19:06:19 -0800 Created attachment 418364 Patch 1722666 11 ews-feeder 2021-01-26 12:40:24 -0800 Committed r271895: <https://trac.webkit.org/changeset/271895> All reviewed patches have been landed. Closing bug and clearing flags on attachment 418364. 1723086 12 sbarex 2021-01-27 11:33:48 -0800 (In reply to Brent Fulgham from comment #10) > Created attachment 418364 [details] > Patch Thank you very much 418364 2021-01-25 19:06:19 -0800 2021-01-26 12:40:25 -0800 Patch bug-219632-20210125190618.patch text/plain 2285 bfulgham U3VidmVyc2lvbiBSZXZpc2lvbjogMjcwODczCmRpZmYgLS1naXQgYS9Tb3VyY2UvV2ViS2l0L0No YW5nZUxvZyBiL1NvdXJjZS9XZWJLaXQvQ2hhbmdlTG9nCmluZGV4IDI5ZDEzNzQ2NDM3NDMyM2Qw M2QzNDRhODIwZTM0NWE1MGRlMmI0YzAuLmNiZTc2M2M2MDZhNDZjNDYzMDE1ZDZhZGJhNzQ5YmRj NWVlMGIxMDkgMTAwNjQ0Ci0tLSBhL1NvdXJjZS9XZWJLaXQvQ2hhbmdlTG9nCisrKyBiL1NvdXJj ZS9XZWJLaXQvQ2hhbmdlTG9nCkBAIC0xLDMgKzEsMTkgQEAKKzIwMjEtMDEtMjUgIEJyZW50IEZ1 bGdoYW0gIDxiZnVsZ2hhbUBhcHBsZS5jb20+CisKKyAgICAgICAgUkVHUkVTU0lPTihyMjYxMjM4 KTogV0tXZWJWaWV3IGNyYXNoZXMgb24gbGF1bmNoIGluc2lkZSBhIHF1aWNrbG9vayBwcmV2aWV3 CisgICAgICAgIGh0dHBzOi8vYnVncy53ZWJraXQub3JnL3Nob3dfYnVnLmNnaT9pZD0yMTk2MzIK KyAgICAgICAgPHJkYXI6Ly9wcm9ibGVtLzcyMTU0ODMwPgorCisgICAgICAgIFJldmlld2VkIGJ5 IE5PQk9EWSAoT09QUyEpLgorCisgICAgICAgIFBhcnRpYWxseSByZXZlcnQgcjI2MTIzOCB0byBh bGxvdyBhcHBsaWNhdGlvbnMgd2l0aG91dCBhY2Nlc3MgdG8gJ25zdXJsc2Vzc2lvbmQnIHRvIHN0 aWxsCisgICAgICAgIGJlIGFibGUgdG8gdXNlIFdlYktpdCBmb3IgbG9jYWwgZmlsZSBhY2Nlc3Mu IFRoaXMgd29ya2Fyb3VuZCBzaG91bGQgYmUgcmVtb3ZlZCBvbmNlIHdlCisgICAgICAgIGNvbXBs ZXRlIHRoZSB3b3JrIG5lZWRlZCB0byBzdXBwb3J0IHRydWUgb2ZmbGluZSBXZWJLaXQgdXNlLgor CisgICAgICAgICogU2hhcmVkL0VudHJ5UG9pbnRVdGlsaXRpZXMvQ29jb2EvWFBDU2VydmljZS9Y UENTZXJ2aWNlRW50cnlQb2ludC5tbToKKyAgICAgICAgKFdlYktpdDo6WFBDU2VydmljZUluaXRp YWxpemVyRGVsZWdhdGU6OmNoZWNrRW50aXRsZW1lbnRzKTogQWRkIGFuIGVhcmx5IHJldHVybiBp ZiB0aGUgYXBwbGljYXRpb24KKyAgICAgICAgcG9zc2Vzc2VzIHRoZSAnY29tLmFwcGxlLnNlY3Vy aXR5Lm5ldHdvcmsuY2xpZW50JyBlbnRpdGxlbWVudC4KKwogMjAyMC0xMi0xNSAgUGVyIEFybmUg Vm9sbGFuIDxwdm9sbGFuQGFwcGxlLmNvbT4KIAogICAgICAgICBbbWFjT1MsIGlPU10gQWRkIHJl cXVpcmVkIG1hY2ggc3lzY2FsbApkaWZmIC0tZ2l0IGEvU291cmNlL1dlYktpdC9TaGFyZWQvRW50 cnlQb2ludFV0aWxpdGllcy9Db2NvYS9YUENTZXJ2aWNlL1hQQ1NlcnZpY2VFbnRyeVBvaW50Lm1t IGIvU291cmNlL1dlYktpdC9TaGFyZWQvRW50cnlQb2ludFV0aWxpdGllcy9Db2NvYS9YUENTZXJ2 aWNlL1hQQ1NlcnZpY2VFbnRyeVBvaW50Lm1tCmluZGV4IDgzNjk0OThlNWEyNTFiNjI2MTM1MTIw MzQzZjhiZGExNDBhNDMyM2QuLjBhMTQyNWJjYTU2ZGFhNjY2NzdmOTdjNTIzYzkzZTZkOTQ5OGVm Y2YgMTAwNjQ0Ci0tLSBhL1NvdXJjZS9XZWJLaXQvU2hhcmVkL0VudHJ5UG9pbnRVdGlsaXRpZXMv Q29jb2EvWFBDU2VydmljZS9YUENTZXJ2aWNlRW50cnlQb2ludC5tbQorKysgYi9Tb3VyY2UvV2Vi S2l0L1NoYXJlZC9FbnRyeVBvaW50VXRpbGl0aWVzL0NvY29hL1hQQ1NlcnZpY2UvWFBDU2Vydmlj ZUVudHJ5UG9pbnQubW0KQEAgLTQzLDYgKzQzLDEwIEBAIGJvb2wgWFBDU2VydmljZUluaXRpYWxp emVyRGVsZWdhdGU6OmNoZWNrRW50aXRsZW1lbnRzKCkKIHsKICNpZiBQTEFURk9STShNQUMpIHx8 IFBMQVRGT1JNKE1BQ0NBVEFMWVNUKQogICAgIGlmIChpc0NsaWVudFNhbmRib3hlZCgpKSB7Cisg ICAgICAgIC8vIEZJWE1FKDxyZGFyOi8vcHJvYmxlbS81NDE3ODY0MT4pOiBSZW1vdmUgdGhpcyBj aGVjayBvbmNlIFdlYktpdCBjYW4gd29yayB3aXRob3V0IG5ldHdvcmsgYWNjZXNzLgorICAgICAg ICBpZiAoaGFzRW50aXRsZW1lbnQoImNvbS5hcHBsZS5zZWN1cml0eS5uZXR3b3JrLmNsaWVudCIp KQorICAgICAgICAgICAgcmV0dXJuIHRydWU7CisKICAgICAgICAgYXVkaXRfdG9rZW5fdCBhdWRp dFRva2VuID0geyB9OwogICAgICAgICB4cGNfY29ubmVjdGlvbl9nZXRfYXVkaXRfdG9rZW4obV9j b25uZWN0aW9uLmdldCgpLCAmYXVkaXRUb2tlbik7CiAgICAgICAgIGlmIChhdXRvIHJjID0gc2Fu ZGJveF9jaGVja19ieV9hdWRpdF90b2tlbihhdWRpdFRva2VuLCAibWFjaC1sb29rdXAiLCBzdGF0 aWNfY2FzdDxlbnVtIHNhbmRib3hfZmlsdGVyX3R5cGU+KFNBTkRCT1hfRklMVEVSX0dMT0JBTF9O QU1FIHwgU0FOREJPWF9DSEVDS19OT19SRVBPUlQpLCAiY29tLmFwcGxlLm5zdXJsc2Vzc2lvbmQi KSkgewo=