Bug 225426

Summary: Add SPI to restrict networking to a set of hosts
Product: WebKit Reporter: Alex Christensen <achristensen>
Component: New BugsAssignee: Alex Christensen <achristensen>
Status: RESOLVED FIXED    
Severity: Normal CC: cdumez, ews-watchlist, japhet, thorton, toyoshim, webkit-bug-importer, yutak
Priority: P2 Keywords: InRadar
Version: WebKit Nightly Build   
Hardware: Unspecified   
OS: Unspecified   
See Also: https://bugs.webkit.org/show_bug.cgi?id=234543
Attachments:
Description Flags
Patch
ews-feeder: commit-queue-
Patch
none
Patch none

Description Alex Christensen 2021-05-05 17:14:40 PDT 
Add SPI to restrict networking to a set of hosts
Comment 1 Alex Christensen 2021-05-05 17:18:43 PDT 
Created attachment 427826 [details]
Patch
Comment 2 Alex Christensen 2021-05-05 17:42:42 PDT 
rdar://77571521
Comment 3 Alex Christensen 2021-05-05 17:44:58 PDT 
Created attachment 427831 [details]
Patch
Comment 4 Alex Christensen 2021-05-05 17:57:46 PDT 
Created attachment 427833 [details]
Patch
Comment 5 Tim Horton 2021-05-11 11:28:15 PDT 
Comment on attachment 427833 [details]
Patch

View in context: https://bugs.webkit.org/attachment.cgi?id=427833&action=review

> Source/WebCore/page/Page.cpp:3307
> +    if (!url.protocolIsInHTTPFamily() && !url.protocolIs("ws") && !url.protocolIs("wss"))
> +        return true;

Do we not have a helper somewhere else that is like "the host in this is a host in the HTTP sense"? It seems weird for Page to know this
Comment 6 Alex Christensen 2021-05-11 12:31:11 PDT 
Comment on attachment 427833 [details]
Patch

We don't.  This needs to be more than HTTP.  This needs to be schemes that access the network, which includes http, https, ws, and wss.
Comment 7 EWS 2021-05-11 12:47:59 PDT 
Committed r277336 (237595@main): <https://commits.webkit.org/237595@main>

All reviewed patches have been landed. Closing bug and clearing flags on attachment 427833 [details].
Comment 8 Radar WebKit Bug Importer 2021-05-11 12:48:23 PDT 
<rdar://problem/77857370>