RESOLVED FIXED Bug 111964
Explicitly send only one report via XSSAuditorDelegate. 
https://bugs.webkit.org/show_bug.cgi?id=111964
Summary Explicitly send only one report via XSSAuditorDelegate.
Mike West
Reported 2013-03-11 02:09:09 PDT
We want to send only one report when blocking script/pages via XSSAuditor. Currently, we do this by zeroing out the report URL after creating an XSSInfo object. I'd like to move this responsibility to the XSSAuditorDelegate instead, and do it explicitly via a "m_numberOfReportsSent" counter or "m_reportSent" boolean. That seems simpler to understand.
Attachments
Patch (5.87 KB, patch)
2013-03-11 05:25 PDT, Mike West 		no flags
DetailsFormatted DiffDiff
Patch (5.79 KB, patch)
2013-03-13 04:47 PDT, Mike West 		no flags
DetailsFormatted DiffDiff
Patch for landing (5.67 KB, patch)
2013-03-14 03:11 PDT, Mike West 		no flags
DetailsFormatted DiffDiff
Show Obsolete (2) View All Add attachment proposed patch, testcase, etc.
Mike West
Comment 1 2013-03-11 05:25:30 PDT
Created attachment 192446 [details] Patch
Adam Barth
Comment 2 2013-03-11 10:44:05 PDT
Comment on attachment 192446 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=192446&action=review > Source/WebCore/html/parser/XSSAuditor.cpp:-335 > - m_reportURL = KURL(); Won't m_reportURL now be referenced on multiple threads at the same time?
Mike West
Comment 3 2013-03-12 02:45:01 PDT
(In reply to comment #2) > (From update of attachment 192446 [details]) > View in context: https://bugs.webkit.org/attachment.cgi?id=192446&action=review > > > Source/WebCore/html/parser/XSSAuditor.cpp:-335 > > - m_reportURL = KURL(); > > Won't m_reportURL now be referenced on multiple threads at the same time? Ugh. Yes. r-. I think it's more elegant to allow the delegate to determine what the reporting policy should be. I'm not sure that elegance is worth making multiple isolated copies of the report URL. Perhaps it would be possible to send the report URL to the delegate separately, rather than passing it around on an XSSInfo object. How would you feel about exposing the report URL via a public method on XSSAuditor, and adding it as a property to the XSSAuditorDelegate? We could populate it from HTMLDocumentParser::pumpTokenizer directly after initializing the Auditor. This would allow us to remove the property from XSSInfo objects entirely, which would also allow us to drop the thread-safe checks, as it would consist entirely of booleans (and a TextPosition, which might or might not be safe to pass across threads? (it isn't being checked in the existing code)). WDYT?
Adam Barth
Comment 4 2013-03-12 11:33:33 PDT
Yeah, there don't seem to be much reason to send the report URL to the background thread. We should give it to the delegate on the main thread somehow.
Mike West
Comment 5 2013-03-12 12:57:04 PDT
(In reply to comment #4) > Yeah, there don't seem to be much reason to send the report URL to the background thread. We should give it to the delegate on the main thread somehow. Forked this into https://bugs.webkit.org/show_bug.cgi?id=112179 for clarity. Mind taking a look?
Mike West
Comment 6 2013-03-13 04:47:24 PDT
Created attachment 192901 [details] Patch
Adam Barth
Comment 7 2013-03-13 12:51:39 PDT
Comment on attachment 192901 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=192901&action=review > Source/WebCore/html/parser/XSSAuditorDelegate.cpp:111 > + RefPtr<FormData> report = generateViolationReport(); > + PingLoader::sendViolationReport(m_document->frame(), m_reportURL, report); report.release() Actually, I would just combine these lines.
Mike West
Comment 8 2013-03-14 03:11:05 PDT
Created attachment 193098 [details] Patch for landing
WebKit Review Bot
Comment 9 2013-03-14 03:53:38 PDT
Comment on attachment 193098 [details] Patch for landing Clearing flags on attachment: 193098 Committed r145801: <http://trac.webkit.org/changeset/145801>
WebKit Review Bot
Comment 10 2013-03-14 03:53:42 PDT
All reviewed patches have been landed. Closing bug.
Note You need to log in before you can comment on or make changes to this bug.