Bug 228924

Summary: Add Cross-Origin-Opener-Policy support for Blob URLs
Product: WebKit Reporter: Chris Dumez <cdumez>
Component: Page LoadingAssignee: Chris Dumez <cdumez>
Status: RESOLVED FIXED    
Severity: Normal CC: achristensen, beidson, calvaris, changseok, darin, eric.carlson, esprehn+autocc, ews-watchlist, ggaren, glenn, gyuyoung.kim, japhet, jer.noble, kangil.han, philipj, rniwa, sam, sergio, webkit-bug-importer, youennf
Priority: P2 Keywords: InRadar
Version: WebKit Nightly Build   
Hardware: Unspecified   
OS: Unspecified   
Bug Depends on: 228923    
Bug Blocks: 228755    
Attachments:
Description Flags
Patch
ews-feeder: commit-queue-
Patch none

Description Chris Dumez 2021-08-09 14:02:26 PDT 
Add Cross-Origin-Opener-Policy support for Blob URLs.
Comment 1 Chris Dumez 2021-08-10 10:32:32 PDT 
Created attachment 435270 [details]
Patch
Comment 2 Chris Dumez 2021-08-10 13:37:55 PDT 
Created attachment 435284 [details]
Patch
Comment 3 Alex Christensen 2021-08-10 15:57:01 PDT 
Comment on attachment 435284 [details]
Patch

Why is it ok to have { } in registerBlobURLOptionallyFileBacked and Blob's DeserializationContructor?
Comment 4 Chris Dumez 2021-08-10 16:12:41 PDT 
Comment on attachment 435284 [details]
Patch

View in context: https://bugs.webkit.org/attachment.cgi?id=435284&action=review

> Source/WebCore/fileapi/Blob.cpp:140
> +        ThreadableBlobRegistry::registerBlobURL(nullptr, { }, m_internalURL, srcURL);

Passing an empty coop is intentional here.
Notice that we are also passing nullptr as the securityOrigin (first parameter). This is because this constructor is merely used when deserializing a Blob passed via SerializedScriptValue. Both srcURL and and m_internalURL are internal blob URLs here (no origin).

COOP gets assigned when creating a *public* blob URL from a Blob (By calling URL.createObjectURL()). Blobs themselves don't have a COOP value but there is a COOP value associated with each public Blob URL for the blob in question.

> Source/WebKit/NetworkProcess/NetworkConnectionToWebProcess.cpp:848
> +    session->blobRegistry().registerBlobURLOptionallyFileBacked(url, srcURL, BlobDataFileReferenceWithSandboxExtension::create(fileBackedPath), contentType, { });

BlobRegistryImpl::registerBlobURL() calls BlobRegistryImpl::registerBlobURLOptionallyFileBacked() internally so I had to add a COOP parameter to BlobRegistryImpl::registerBlobURLOptionallyFileBacked(). However, ThreadableBlobRegistry::registerBlobURLOptionallyFileBacked() is only called from the Blob deserialization constructor (discussed above) and only deals with internal blob URLs (not public ones with security origins). Also note that ThreadableBlobRegistry::registerBlobURLOptionallyFileBacked() does not take a SecurityOrigin in parameter.
Comment 5 Chris Dumez 2021-08-10 19:58:10 PDT 
Comment on attachment 435284 [details]
Patch

Clearing flags on attachment: 435284

Committed r280881 (240418@main): <https://commits.webkit.org/240418@main>
Comment 6 Chris Dumez 2021-08-10 19:58:14 PDT 
All reviewed patches have been landed.  Closing bug.
Comment 7 Radar WebKit Bug Importer 2021-08-10 19:59:28 PDT 
<rdar://problem/81773955>