Migrate manifest version content security policy filtering for extensions into WebKit
Created attachment 455443 [details] WIP patch
rdar://60081492
Created attachment 455787 [details] Patch
Created attachment 455932 [details] Patch
Created attachment 455944 [details] Patch
Created attachment 455959 [details] Patch
Created attachment 455973 [details] Patch
Created attachment 456023 [details] Patch
Comment on attachment 456023 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=456023&action=review (not a reviewer, just informal comments) > Source/WebCore/page/PageConfiguration.h:161 > + WebCore::ContentSecurityPolicyModeForExtension contentSecurityPolicyModeForExtension { WebCore::ContentSecurityPolicyModeForExtension::None }; nit: no need for WebCore:: here > Source/WebCore/page/csp/ContentSecurityPolicySourceList.cpp:207 > + hostIsPublicSuffix = isPublicSuffix(parsedSource.host.value.toString()); nit: may be able to use toStringWithoutCopying here > Source/WebCore/page/csp/ContentSecurityPolicySourceList.cpp:230 > + if (!schemeIsInHttpFamily(parsedSource.scheme.toString()) || !SecurityOrigin::isLocalHostOrLoopbackIPAddress(parsedSource.host.value)) ditto
Comment on attachment 456023 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=456023&action=review > Source/WebKit/UIProcess/API/Cocoa/WKWebViewConfiguration.mm:1373 > + return WebKit::toWKContentSecurityPolicyModeForExtension(_pageConfiguration->contentSecurityPolicyModeForExtension()); Can you drop "WebKit::" here?
Thanks for the review comments! I'll make all of these changes. Waiting on the final EWS bots before uploading a PFL.
(In reply to Timothy Hatcher from comment #10) > Comment on attachment 456023 [details] > Patch > > View in context: > https://bugs.webkit.org/attachment.cgi?id=456023&action=review > > > Source/WebKit/UIProcess/API/Cocoa/WKWebViewConfiguration.mm:1373 > > + return WebKit::toWKContentSecurityPolicyModeForExtension(_pageConfiguration->contentSecurityPolicyModeForExtension()); > > Can you drop "WebKit::" here? This actually seems to be needed, I think because we don't have namespace declarations in ObjC files?
Created attachment 456129 [details] Patch for landing
Committed r292134 (249041@main): <https://commits.webkit.org/249041@main> All reviewed patches have been landed. Closing bug and clearing flags on attachment 456129 [details].