[webkit-changes] [WebKit/WebKit] 73a878: Handle blob: PolicyContainer inheritance from the ...

Mon, 10 Oct 2022 10:25:49 -0700 

  Branch: refs/heads/main
  Home:   https://github.com/WebKit/WebKit
  Commit: 73a8787f1d069ff502146c0588eddf245a185999
      
https://github.com/WebKit/WebKit/commit/73a8787f1d069ff502146c0588eddf245a185999
  Author: Ryan Reno <rr...@apple.com>
  Date:   2022-10-10 (Mon, 10 Oct 2022)

  Changed paths:
    M 
LayoutTests/imported/w3c/web-platform-tests/content-security-policy/inheritance/history-iframe.sub-expected.txt
    M 
LayoutTests/imported/w3c/web-platform-tests/content-security-policy/inheritance/history.sub-expected.txt
    M Source/WebCore/Sources.txt
    M Source/WebCore/WebCore.xcodeproj/project.pbxproj
    M Source/WebCore/loader/CrossOriginEmbedderPolicy.cpp
    M Source/WebCore/loader/CrossOriginEmbedderPolicy.h
    M Source/WebCore/loader/CrossOriginOpenerPolicy.cpp
    M Source/WebCore/loader/CrossOriginOpenerPolicy.h
    M Source/WebCore/loader/DocumentWriter.cpp
    M Source/WebCore/loader/FrameLoader.cpp
    A Source/WebCore/loader/PolicyContainer.cpp
    M Source/WebCore/loader/PolicyContainer.h
    M Source/WebCore/page/csp/ContentSecurityPolicyResponseHeaders.cpp
    M Source/WebCore/page/csp/ContentSecurityPolicyResponseHeaders.h
    M Source/WebCore/platform/network/BlobResourceHandle.cpp
    M Source/WebKit/NetworkProcess/NetworkDataTaskBlob.cpp

  Log Message:
  -----------
  Handle blob: PolicyContainer inheritance from the Network Process
https://bugs.webkit.org/show_bug.cgi?id=246093
<rdar://100813396>

Reviewed by Chris Dumez.

The blob store in the Network process holds the appropriate PolicyContainer to 
inherit from.
This patch solves blob URL PolicyContainer inheritance by crafting an HTTP 
response with the
policy headers generated from that PolicyContainer.

* 
LayoutTests/imported/w3c/web-platform-tests/content-security-policy/inheritance/history-iframe.sub-expected.txt:
* 
LayoutTests/imported/w3c/web-platform-tests/content-security-policy/inheritance/history.sub-expected.txt:
* Source/WebCore/Sources.txt:
* Source/WebCore/WebCore.xcodeproj/project.pbxproj:
* Source/WebCore/loader/CrossOriginEmbedderPolicy.cpp:
(WebCore::CrossOriginEmbedderPolicy::addPolicyHeadersTo const):
(WebCore::addCrossOriginEmbedderPolicyHeaders): Deleted.
* Source/WebCore/loader/CrossOriginEmbedderPolicy.h:
* Source/WebCore/loader/CrossOriginOpenerPolicy.cpp:
(WebCore::CrossOriginOpenerPolicy::addPolicyHeadersTo const):
(WebCore::addCrossOriginOpenerPolicyHeaders): Deleted.
* Source/WebCore/loader/CrossOriginOpenerPolicy.h:
* Source/WebCore/loader/DocumentWriter.cpp:
(WebCore::DocumentWriter::begin):
* Source/WebCore/loader/FrameLoader.cpp:
(WebCore::FrameLoader::didBeginDocument):
    Blob inheritance effectively happens here. We parse the HTTP headers 
returned from the Network process
    and update our security origin to the origin of the blob URL. The SO that 
CSP needs for 'self' in
    the case of the document having an opaque origin should be the blob's 
origin [0].
* Source/WebCore/loader/PolicyContainer.cpp: Copied from 
Source/WebCore/page/csp/ContentSecurityPolicyResponseHeaders.cpp.
(WebCore::addPolicyContainerHeaders):
* Source/WebCore/loader/PolicyContainer.h:
* Source/WebCore/page/csp/ContentSecurityPolicyResponseHeaders.cpp:
(WebCore::ContentSecurityPolicyResponseHeaders::addPolicyHeadersTo const):
* Source/WebCore/page/csp/ContentSecurityPolicyResponseHeaders.h:
* Source/WebCore/platform/network/BlobResourceHandle.cpp:
(WebCore::BlobResourceHandle::notifyResponseOnSuccess):
* Source/WebKit/NetworkProcess/NetworkDataTaskBlob.cpp:
(WebKit::NetworkDataTaskBlob::dispatchDidReceiveResponse):

[0] https://w3c.github.io/webappsec-csp/#framework-policy

Canonical link: https://commits.webkit.org/255352@main


_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes

Reply via email to