NEW 234128
Revoke attachment element sandbox extensions 
https://bugs.webkit.org/show_bug.cgi?id=234128
Summary Revoke attachment element sandbox extensions
Per Arne Vollan
Reported 2021-12-10 00:44:16 PST
Attachment element sandbox extensions should be revoked in order to block further use of these extensions.
Attachments
Patch (14.24 KB, patch)
2021-12-10 00:53 PST, Per Arne Vollan 		ews-feeder: commit-queue-
DetailsFormatted DiffDiff
Patch (14.22 KB, patch)
2021-12-10 01:08 PST, Per Arne Vollan 		ews-feeder: commit-queue-
DetailsFormatted DiffDiff
Patch (14.23 KB, patch)
2021-12-10 01:18 PST, Per Arne Vollan 		ews-feeder: commit-queue-
DetailsFormatted DiffDiff
Patch (14.24 KB, patch)
2021-12-10 01:22 PST, Per Arne Vollan 		ews-feeder: commit-queue-
DetailsFormatted DiffDiff
Patch (14.25 KB, patch)
2021-12-10 01:37 PST, Per Arne Vollan 		ews-feeder: commit-queue-
DetailsFormatted DiffDiff
Patch (14.25 KB, patch)
2021-12-10 01:42 PST, Per Arne Vollan 		ews-feeder: commit-queue-
DetailsFormatted DiffDiff
Patch (14.26 KB, patch)
2021-12-10 01:51 PST, Per Arne Vollan 		ews-feeder: commit-queue-
DetailsFormatted DiffDiff
Patch (14.26 KB, patch)
2021-12-10 02:00 PST, Per Arne Vollan 		ews-feeder: commit-queue-
DetailsFormatted DiffDiff
Patch (14.26 KB, patch)
2021-12-10 02:07 PST, Per Arne Vollan 		ews-feeder: commit-queue-
DetailsFormatted DiffDiff
Patch (14.24 KB, patch)
2021-12-10 02:30 PST, Per Arne Vollan 		no flags
DetailsFormatted DiffDiff
Patch (14.66 KB, patch)
2021-12-10 02:32 PST, Per Arne Vollan 		ews-feeder: commit-queue-
DetailsFormatted DiffDiff
Patch (14.70 KB, patch)
2021-12-10 02:45 PST, Per Arne Vollan 		no flags
DetailsFormatted DiffDiff
Patch (14.85 KB, patch)
2021-12-10 09:19 PST, Per Arne Vollan 		no flags
DetailsFormatted DiffDiff
Patch (15.39 KB, patch)
2021-12-10 12:02 PST, Per Arne Vollan 		bfulgham: review+
ews-feeder: commit-queue-
DetailsFormatted DiffDiff
Patch (15.70 KB, patch)
2022-01-29 19:01 PST, Per Arne Vollan 		ews-feeder: commit-queue-
DetailsFormatted DiffDiff
Patch (15.73 KB, patch)
2022-01-29 19:03 PST, Per Arne Vollan 		ews-feeder: commit-queue-
DetailsFormatted DiffDiff
Patch (15.81 KB, patch)
2022-01-29 19:05 PST, Per Arne Vollan 		ews-feeder: commit-queue-
DetailsFormatted DiffDiff
Show Obsolete (15) View All Add attachment proposed patch, testcase, etc.
Per Arne Vollan
Comment 1 2021-12-10 00:53:05 PST
Created attachment 446676 [details] Patch
Per Arne Vollan
Comment 2 2021-12-10 01:08:47 PST
Created attachment 446679 [details] Patch
Per Arne Vollan
Comment 3 2021-12-10 01:18:20 PST
Created attachment 446680 [details] Patch
Per Arne Vollan
Comment 4 2021-12-10 01:22:36 PST
Created attachment 446681 [details] Patch
Per Arne Vollan
Comment 5 2021-12-10 01:37:34 PST
Created attachment 446683 [details] Patch
Per Arne Vollan
Comment 6 2021-12-10 01:42:39 PST
Created attachment 446684 [details] Patch
Per Arne Vollan
Comment 7 2021-12-10 01:51:50 PST
Created attachment 446686 [details] Patch
Per Arne Vollan
Comment 8 2021-12-10 02:00:01 PST
Created attachment 446688 [details] Patch
Per Arne Vollan
Comment 9 2021-12-10 02:07:34 PST
Created attachment 446689 [details] Patch
Per Arne Vollan
Comment 10 2021-12-10 02:30:26 PST
Created attachment 446695 [details] Patch
Per Arne Vollan
Comment 11 2021-12-10 02:32:10 PST
Created attachment 446696 [details] Patch
Per Arne Vollan
Comment 12 2021-12-10 02:45:13 PST
Created attachment 446698 [details] Patch
Per Arne Vollan
Comment 13 2021-12-10 09:19:59 PST
Created attachment 446742 [details] Patch
Per Arne Vollan
Comment 14 2021-12-10 12:02:53 PST
Created attachment 446776 [details] Patch
Brent Fulgham
Comment 15 2021-12-10 14:37:17 PST
Comment on attachment 446776 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=446776&action=review r=me, but please consider the naming and adding a comment to reduce confusion about this new method. > Source/WebCore/PAL/pal/spi/cocoa/ISIconManagerSPI.h:28 > +@interface ISIconManager : NSObject If this is defined in an internal header, shouldn't we do the usual "#if USE(APPLE_INTERNAL_SDK)" thing and grab it directly? > Source/WebKit/ChangeLog:10 > + ISIconManager. Maybe we should name this "consumeAndRevokeAttachmentElementSandboxExtensions" or something, and add a comment in it that the extensions are not needed after the ISIconManager is initialized?
Radar WebKit Bug Importer
Comment 16 2021-12-17 00:45:19 PST
<rdar://problem/86619872>
Per Arne Vollan
Comment 17 2022-01-29 19:01:19 PST
Created attachment 450344 [details] Patch
Per Arne Vollan
Comment 18 2022-01-29 19:03:52 PST
Created attachment 450345 [details] Patch
Per Arne Vollan
Comment 19 2022-01-29 19:05:21 PST
Created attachment 450346 [details] Patch
Per Arne Vollan
Comment 20 2022-01-29 19:06:08 PST
(In reply to Brent Fulgham from comment #15) > Comment on attachment 446776 [details] > Patch > > View in context: > https://bugs.webkit.org/attachment.cgi?id=446776&action=review > > r=me, but please consider the naming and adding a comment to reduce > confusion about this new method. > > > Source/WebCore/PAL/pal/spi/cocoa/ISIconManagerSPI.h:28 > > +@interface ISIconManager : NSObject > > If this is defined in an internal header, shouldn't we do the usual "#if > USE(APPLE_INTERNAL_SDK)" thing and grab it directly? > That's a good point. I will address that in an upcoming patch. > > Source/WebKit/ChangeLog:10 > > + ISIconManager. > > Maybe we should name this > "consumeAndRevokeAttachmentElementSandboxExtensions" or something, and add a > comment in it that the extensions are not needed after the ISIconManager is > initialized? Fixed! Thanks for reviewing!
Note You need to log in before you can comment on or make changes to this bug.