Bug 228924 - Add Cross-Origin-Opener-Policy support for Blob URLs
Summary: Add Cross-Origin-Opener-Policy support for Blob URLs
Alias: None
Product: WebKit
Classification: Unclassified
Component: Page Loading (show other bugs)
Version: WebKit Nightly Build
Hardware: Unspecified Unspecified
: P2 Normal
Assignee: Chris Dumez
Keywords: InRadar
Depends on: 228923
Blocks: 228755
  Show dependency treegraph
Reported: 2021-08-09 14:02 PDT by Chris Dumez
Modified: 2021-08-10 19:59 PDT (History)
20 users (show)

See Also:

Patch (42.45 KB, patch)
2021-08-10 10:32 PDT, Chris Dumez
ews-feeder: commit-queue-
Details | Formatted Diff | Diff
Patch (45.90 KB, patch)
2021-08-10 13:37 PDT, Chris Dumez
no flags Details | Formatted Diff | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Chris Dumez 2021-08-09 14:02:26 PDT
Add Cross-Origin-Opener-Policy support for Blob URLs.
Comment 1 Chris Dumez 2021-08-10 10:32:32 PDT
Created attachment 435270 [details]
Comment 2 Chris Dumez 2021-08-10 13:37:55 PDT
Created attachment 435284 [details]
Comment 3 Alex Christensen 2021-08-10 15:57:01 PDT
Comment on attachment 435284 [details]

Why is it ok to have { } in registerBlobURLOptionallyFileBacked and Blob's DeserializationContructor?
Comment 4 Chris Dumez 2021-08-10 16:12:41 PDT
Comment on attachment 435284 [details]

View in context: https://bugs.webkit.org/attachment.cgi?id=435284&action=review

> Source/WebCore/fileapi/Blob.cpp:140
> +        ThreadableBlobRegistry::registerBlobURL(nullptr, { }, m_internalURL, srcURL);

Passing an empty coop is intentional here.
Notice that we are also passing nullptr as the securityOrigin (first parameter). This is because this constructor is merely used when deserializing a Blob passed via SerializedScriptValue. Both srcURL and and m_internalURL are internal blob URLs here (no origin).

COOP gets assigned when creating a *public* blob URL from a Blob (By calling URL.createObjectURL()). Blobs themselves don't have a COOP value but there is a COOP value associated with each public Blob URL for the blob in question.

> Source/WebKit/NetworkProcess/NetworkConnectionToWebProcess.cpp:848
> +    session->blobRegistry().registerBlobURLOptionallyFileBacked(url, srcURL, BlobDataFileReferenceWithSandboxExtension::create(fileBackedPath), contentType, { });

BlobRegistryImpl::registerBlobURL() calls BlobRegistryImpl::registerBlobURLOptionallyFileBacked() internally so I had to add a COOP parameter to BlobRegistryImpl::registerBlobURLOptionallyFileBacked(). However, ThreadableBlobRegistry::registerBlobURLOptionallyFileBacked() is only called from the Blob deserialization constructor (discussed above) and only deals with internal blob URLs (not public ones with security origins). Also note that ThreadableBlobRegistry::registerBlobURLOptionallyFileBacked() does not take a SecurityOrigin in parameter.
Comment 5 Chris Dumez 2021-08-10 19:58:10 PDT
Comment on attachment 435284 [details]

Clearing flags on attachment: 435284

Committed r280881 (240418@main): <https://commits.webkit.org/240418@main>
Comment 6 Chris Dumez 2021-08-10 19:58:14 PDT
All reviewed patches have been landed.  Closing bug.
Comment 7 Radar WebKit Bug Importer 2021-08-10 19:59:28 PDT