Bug 181950

Summary: Move Document::domainIsRegisterable to SecurityOrigin::isMatchingRegistrableDomainSuffix
Product: WebKit Reporter: Jiewen Tan <jiewen_tan>
Component: WebCore Misc.Assignee: Jiewen Tan <jiewen_tan>
Status: RESOLVED FIXED    
Severity: Normal CC: alex.gaynor, bfulgham, cdumez, commit-queue, dbates, esprehn+autocc, ews-watchlist, jiewen_tan, jonathan, jschoi, kangil.han, webkit-bug-importer, youennf
Priority: P2 Keywords: InRadar
Version: WebKit Nightly Build   
Hardware: Unspecified   
OS: Unspecified   
Bug Depends on:    
Bug Blocks: 181943    
Attachments:
Description Flags
Patch
none
Patch none

Jiewen Tan
Reported 2018-01-22 14:10:42 PST
This enhancement is needed for WebAuthN to work with RP ID: https://www.w3.org/TR/webauthn/#createCredential. Specifically, Step 5-7. Here are the requests: 1. SecurityOrigin/URL needs to tell if an origin is a valid domain: https://url.spec.whatwg.org/#valid-domain. 2. SecurityOrigin/URL needs to tell if an origin is a registrable domain suffix of another origin: https://html.spec.whatwg.org/multipage/origin.html#is-a-registrable-domain-suffix-of-or-is-equal-to.
Attachments
Patch (9.28 KB, patch)
2019-05-01 02:22 PDT, Jiewen Tan 		no flags
DetailsFormatted DiffDiff
Patch (10.61 KB, patch)
2019-05-01 12:33 PDT, Jiewen Tan 		no flags
DetailsFormatted DiffDiff
Show Obsolete (1) View All Add attachment proposed patch, testcase, etc.
Radar WebKit Bug Importer
Comment 1 2018-08-15 17:09:02 PDT
<rdar://problem/43357371>
Jiewen Tan
Comment 2 2019-05-01 02:22:50 PDT
Created attachment 368655 [details] Patch
Brent Fulgham
Comment 3 2019-05-01 09:35:20 PDT
Comment on attachment 368655 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=368655&action=review > Source/WebCore/dom/Document.cpp:-4874 > - return true; I'm not sure if the call to 'isMatchingRegistrableDomainSuffix' handles this case or not. We seem to ASSERT that host() and protocol() are case-insensitively equal, but we don't actually do the test as far as I can tell. > Source/WebCore/dom/Document.cpp:-4894 > - potentialPublicSuffix.remove(0, 1); Your new code doesn't seem to have this call protection before passing 'domainSuffix' to 'isPublicSuffix'. As far as I can tell, whatever code paths might have brought a domain with a leading '.' into this code, could still happen and we are no longer protecting our call to 'isPublicSuffix'. I think we should keep this.
Jiewen Tan
Comment 4 2019-05-01 12:02:27 PDT
Comment on attachment 368655 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=368655&action=review >> Source/WebCore/dom/Document.cpp:-4874 >> - return true; > > I'm not sure if the call to 'isMatchingRegistrableDomainSuffix' handles this case or not. We seem to ASSERT that host() and protocol() are case-insensitively equal, but we don't actually do the test as far as I can tell. At the constructor of OriginAccessEntry, it will convert the newDomain to lowercase. And the SecurityOrigin itself should store every data in lowercase. That means the regular string comparison actually does this job. >> Source/WebCore/dom/Document.cpp:-4894 >> - potentialPublicSuffix.remove(0, 1); > > Your new code doesn't seem to have this call protection before passing 'domainSuffix' to 'isPublicSuffix'. As far as I can tell, whatever code paths might have brought a domain with a leading '.' into this code, could still happen and we are no longer protecting our call to 'isPublicSuffix'. I think we should keep this. If anything has a leading dot, then it shouldn't pass accessEntry.matchesOrigin().
Jiewen Tan
Comment 5 2019-05-01 12:26:49 PDT
Comment on attachment 368655 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=368655&action=review > Source/WebCore/page/SecurityOrigin.cpp:445 > + From the spec, we should return true as long as it is an exact match even if both domains are public suffix.
Jiewen Tan
Comment 6 2019-05-01 12:33:42 PDT
Created attachment 368692 [details] Patch
Brent Fulgham
Comment 7 2019-05-01 12:59:26 PDT
Comment on attachment 368692 [details] Patch r=me (Wait for EWS, please)
Jiewen Tan
Comment 8 2019-05-01 13:11:02 PDT
(In reply to Brent Fulgham from comment #7) > Comment on attachment 368692 [details] > Patch > > r=me (Wait for EWS, please) Thanks, Brent.
WebKit Commit Bot
Comment 9 2019-05-01 15:08:05 PDT
Comment on attachment 368692 [details] Patch Clearing flags on attachment: 368692 Committed r244853: <https://trac.webkit.org/changeset/244853>
WebKit Commit Bot
Comment 10 2019-05-01 15:08:07 PDT
All reviewed patches have been landed. Closing bug.
Note You need to log in before you can comment on or make changes to this bug.