Bug 214995

Summary: Log a warning to the dev console when gamepads are accessed from an insecure context
Product: WebKit Reporter: Brady Eidson <beidson>
Component: WebCore Misc.Assignee: Brady Eidson <beidson>
Status: RESOLVED FIXED    
Severity: Normal CC: aakash_jain, darin, ews-watchlist, mkwst, thorton, webkit-bot-watchers-bugzilla, webkit-bug-importer
Priority: P2 Keywords: InRadar
Version: WebKit Nightly Build   
Hardware: Unspecified   
OS: Unspecified   
See Also: https://bugs.webkit.org/show_bug.cgi?id=215099
Attachments:
Description Flags
Patch
none
Patch none

Description Brady Eidson 2020-07-30 16:14:55 PDT 
Log a warning to the dev console when gamepads are accessed from an insecure context

This is to prep for the eventual restriction to secure contexts

https://github.com/w3c/gamepad/pull/120
Comment 1 Brady Eidson 2020-07-31 14:00:09 PDT 
Created attachment 405735 [details]
Patch
Comment 2 Tim Horton 2020-07-31 14:02:10 PDT 
Comment on attachment 405735 [details]
Patch

View in context: https://bugs.webkit.org/attachment.cgi?id=405735&action=review

> Source/WebCore/Modules/gamepad/NavigatorGamepad.cpp:80
> +    RELEASE_ASSERT(domWindow);
> +    auto* document = domWindow->document();
> +    RELEASE_ASSERT(document);

These seem ... aggressive? Why not just bail?
Comment 3 Brady Eidson 2020-07-31 14:03:43 PDT 
(In reply to Tim Horton from comment #2)
> Comment on attachment 405735 [details]
> Patch
> 
> View in context:
> https://bugs.webkit.org/attachment.cgi?id=405735&action=review
> 
> > Source/WebCore/Modules/gamepad/NavigatorGamepad.cpp:80
> > +    RELEASE_ASSERT(domWindow);
> > +    auto* document = domWindow->document();
> > +    RELEASE_ASSERT(document);
> 
> These seem ... aggressive? Why not just bail?

Yah, because the signature to return an actual array is a bummer.
I'll deal with it now sub optimally.
Comment 4 Brady Eidson 2020-07-31 14:07:09 PDT 
Created attachment 405736 [details]
Patch
Comment 5 EWS 2020-07-31 15:14:10 PDT 
Committed r265160: <https://trac.webkit.org/changeset/265160>

All reviewed patches have been landed. Closing bug and clearing flags on attachment 405736 [details].
Comment 6 Radar WebKit Bug Importer 2020-07-31 15:15:23 PDT 
<rdar://problem/66401022>
Comment 7 Darin Adler 2020-08-02 12:28:16 PDT 
Comment on attachment 405736 [details]
Patch

View in context: https://bugs.webkit.org/attachment.cgi?id=405736&action=review

> Source/WebCore/Modules/gamepad/NavigatorGamepad.cpp:86
> +        static std::once_flag onceFlag;
> +        std::call_once(onceFlag, [document] {

I noticed that lots of people use the thread-safe std::call_once in code that otherwise is not thread safe. I often ask them to use a boolean instead. Am I the baddie?
Comment 8 Aakash Jain 2020-08-03 13:35:41 PDT 
(In reply to EWS from comment #5)
> Committed r265160: <https://trac.webkit.org/changeset/265160>
This introduced a broken test for windows: http/tests/misc/gamepads-insecure.html 

EWS also warned about this failure, tracked in Bug 215099.