Bug 164662

Summary: Disallow loads using HTTP 0.9 at the ResourceHandle/NetworkDataTask level
Product: WebKit Reporter: Daniel Bates <dbates>
Component: WebCore Misc.Assignee: Daniel Bates <dbates>
Status: RESOLVED FIXED    
Severity: Normal CC: beidson, berto, bfulgham, cdumez, cgarcia, commit-queue, danw, gustavo, japhet, mcatanzaro, mrobinson, webkit-bug-importer, wilander
Priority: P2 Keywords: InRadar
Version: WebKit Local Build   
Hardware: All   
OS: All   
See Also: https://bugs.webkit.org/show_bug.cgi?id=82714
Attachments:
Description Flags
Patch and layout test
none
Patch and layout tests achristensen: review+

Description Daniel Bates 2016-11-11 16:00:27 PST 
Currently we disallow HTTP 0.9 loads at the ResourceLoader level. But this allows loads using HTTP 0.9 via other loaders (e.g. FrameLoader). We should disallow HTTP 0.9 loads at ResourceHandle/NetworkLoad level to prevent such circumvention.
Comment 1 Daniel Bates 2016-11-11 16:33:21 PST 
Created attachment 294563 [details]
Patch and layout test

I am not a loader/ResourceHandle/NetworkLoad expert. I am open to suggestions on the approach of this patch.
Comment 2 Alex Christensen 2016-11-11 16:41:18 PST 
Comment on attachment 294563 [details]
Patch and layout test

View in context: https://bugs.webkit.org/attachment.cgi?id=294563&action=review

Why do we want to move this to the NetworkProcess?  Do we care about WebSockets here?

> Source/WebCore/platform/network/ResourceHandle.cpp:153
> +void ResourceHandle::didReceiveResponse(ResourceResponse&& response)

If we do something with ResourceHandle, we should do it with NetworkDataTask, too.  I'm not sure we should do this here, though.

> LayoutTests/platform/wk2/TestExpectations:551
> +# Internals.registerDefaultPortForProtocol() does not affect NetworkProcess

We shouldn't expand this.
Comment 3 Michael Catanzaro 2016-11-11 16:43:57 PST 
(In reply to comment #2)
> Comment on attachment 294563 [details]
> Patch and layout test
> 
> View in context:
> https://bugs.webkit.org/attachment.cgi?id=294563&action=review
> 
> Why do we want to move this to the NetworkProcess?  Do we care about
> WebSockets here?

I believe we already have been blocking WebSockets that use HTTP 0.9 (at least in soup ports). I have seen several websites broken as a result, but I don't remember any off the top of my head. But I might be remembering wrongly; maybe they used HTTP 1.0. I wish I could remember which websites were affected.
Comment 4 Brady Eidson 2016-11-11 21:29:40 PST 
(In reply to comment #3)
> (In reply to comment #2)
> > Comment on attachment 294563 [details]
> > Patch and layout test
> > 
> > View in context:
> > https://bugs.webkit.org/attachment.cgi?id=294563&action=review
> > 
> > Why do we want to move this to the NetworkProcess?  Do we care about
> > WebSockets here?
> 
> I believe we already have been blocking WebSockets that use HTTP 0.9 (at
> least in soup ports). I have seen several websites broken as a result, but I
> don't remember any off the top of my head. But I might be remembering
> wrongly; maybe they used HTTP 1.0. I wish I could remember which websites
> were affected.

It is not only okay to break legacy websites that use WebSockets over obsolete comm channels - It is encouraged!
Comment 5 Brady Eidson 2016-11-11 21:31:31 PST 
Comment on attachment 294563 [details]
Patch and layout test

View in context: https://bugs.webkit.org/attachment.cgi?id=294563&action=review

>> Source/WebCore/platform/network/ResourceHandle.cpp:153
>> +void ResourceHandle::didReceiveResponse(ResourceResponse&& response)
> 
> If we do something with ResourceHandle, we should do it with NetworkDataTask, too.  I'm not sure we should do this here, though.

Yes: The NetworkLoad parts of this should be NetworkDataTask.

Sorry for telling you the wrong one in person, Dan.

But as for Alex's other point; Yes, doing this at the lowest level of the networking abstractions *is* where we should do it.
Comment 6 Daniel Bates 2016-11-14 09:35:11 PST 
(In reply to comment #2)
> Why do we want to move this to the NetworkProcess? 

We want to do this blocking of HTTP 0.9 at the lowest network abstraction level to to prevent circumvention.

> Do we care about WebSockets here?
> 

We do not allow an HTTP 0.9 response for the WebSocket handshake by <http://trac.webkit.org/browser/trunk/Source/WebCore/Modules/websockets/WebSocketHandshake.cpp?rev=208601#L481> and <http://trac.webkit.org/browser/trunk/Source/WebCore/Modules/websockets/WebSocketHandshake.cpp?rev=208601#L389>.

> > Source/WebCore/platform/network/ResourceHandle.cpp:153
> > +void ResourceHandle::didReceiveResponse(ResourceResponse&& response)
> 
> If we do something with ResourceHandle, we should do it with
> NetworkDataTask, too. [...]
> 

You're right!

> > LayoutTests/platform/wk2/TestExpectations:551
> > +# Internals.registerDefaultPortForProtocol() does not affect NetworkProcess
> 
> We shouldn't expand this.

I will update the comment to emphasize that we should remove this function.
Comment 7 Daniel Bates 2016-11-14 09:35:55 PST 
Created attachment 294706 [details]
Patch and layout tests

Updated patch based on feedback from Alex Christensen and Brady Eidson.
Comment 8 John Wilander 2016-11-14 10:48:47 PST 
Web Sockets are restricted to HTTP 1.1 and above as of https://bugs.webkit.org/show_bug.cgi?id=82714.
Comment 9 Brady Eidson 2016-11-14 13:07:17 PST 
Comment on attachment 294706 [details]
Patch and layout tests

LGTM, I think Alex should take a look too
Comment 10 Alex Christensen 2016-11-14 20:33:10 PST 
Comment on attachment 294706 [details]
Patch and layout tests

View in context: https://bugs.webkit.org/attachment.cgi?id=294706&action=review

elegant

> Source/WebKit2/ChangeLog:36
> +2016-11-11  Daniel Bates  <dabates@apple.com>

This has two ChangeLog entries.
Comment 11 Radar WebKit Bug Importer 2016-11-15 08:32:45 PST 
<rdar://problem/29268514>
Comment 12 Daniel Bates 2016-11-15 08:41:11 PST 
Committed r208732: <http://trac.webkit.org/changeset/208732>