[webkit-changes] [WebKit/WebKit] bc0c37: Cherry-pick 305413.406@safari-7624-branch (95fd453...

[Roberto Rodriguez]

  Branch: refs/heads/webkitglib/2.52
  Home:   https://github.com/WebKit/WebKit
  Commit: bc0c37a1894c1aa09ad079999de5ec16cacd6a25
      
https://github.com/WebKit/WebKit/commit/bc0c37a1894c1aa09ad079999de5ec16cacd6a25
  Author: Roberto Rodriguez <roberto_rodrigu...@apple.com>
  Date:   2026-05-27 (Wed, 27 May 2026)

  Changed paths:
    M 
LayoutTests/imported/w3c/web-platform-tests/worklets/audio-worklet-csp.https-expected.txt
    R 
LayoutTests/platform/glib/imported/w3c/web-platform-tests/worklets/audio-worklet-csp.https-expected.txt
    A 
LayoutTests/security/contentSecurityPolicy/audioworklet-inherits-allows-eval-expected.txt
    A 
LayoutTests/security/contentSecurityPolicy/audioworklet-inherits-allows-eval.html
    A 
LayoutTests/security/contentSecurityPolicy/audioworklet-inherits-blocks-eval-expected.txt
    A 
LayoutTests/security/contentSecurityPolicy/audioworklet-inherits-blocks-eval.html
    A 
LayoutTests/security/contentSecurityPolicy/resources/audioworklet-inherits-allows-eval.js
    A 
LayoutTests/security/contentSecurityPolicy/resources/audioworklet-inherits-blocks-eval.js
    M Source/WebCore/Modules/webaudio/AudioWorkletGlobalScope.cpp
    M Source/WebCore/Modules/webaudio/AudioWorkletMessagingProxy.cpp
    M Source/WebCore/bindings/js/WorkerModuleScriptLoader.cpp
    M Source/WebCore/loader/FetchOptions.h
    M Source/WebCore/workers/WorkerGlobalScope.cpp
    M Source/WebCore/workers/WorkerGlobalScope.h
    M Source/WebCore/workers/WorkerOrWorkletGlobalScope.cpp
    M Source/WebCore/workers/WorkerOrWorkletGlobalScope.h
    M Source/WebCore/worklets/PaintWorkletGlobalScope.cpp
    M Source/WebCore/worklets/WorkletParameters.h
    M Source/WebKit/NetworkProcess/NetworkLoadChecker.cpp

  Log Message:
  -----------
  Cherry-pick 305413.406@safari-7624-branch (95fd4539c956). 
https://bugs.webkit.org/show_bug.cgi?id=309004

    Propagate CSP directives from the creating document to WorkletGlobalScope
    https://bugs.webkit.org/show_bug.cgi?id=309004
    rdar://170500592

    Reviewed by Ryan Reno.

    WorkletGlobalScope is initialized with an empty ContentSecurityPolicy,
    so CSP restrictions like blocking eval() are not enforced inside
    AudioWorklet or PaintWorklet.

    Fix by moving WorkerGlobalScope::applyContentSecurityPolicyResponseHeaders()
    up to WorkerOrWorkletGlobalScope base class, adding the document's CSP
    response headers to WorkletParameters and applying them in
    AudioWorkletGlobalScope/PaintWorkletGlobalScope::tryCreate().

    Fix CSP directive selection for worklet module fetches, which were
    incorrectly checked against worker-src instead of script-src.

    Tests: security/contentSecurityPolicy/audioworklet-inherits-allows-eval.html
           security/contentSecurityPolicy/audioworklet-inherits-blocks-eval.html

    * 
LayoutTests/imported/w3c/web-platform-tests/worklets/audio-worklet-csp.https-expected.txt:
    * 
LayoutTests/security/contentSecurityPolicy/audioworklet-inherits-allows-eval-expected.txt:
 Added.
    * 
LayoutTests/security/contentSecurityPolicy/audioworklet-inherits-allows-eval.html:
 Added.
    * 
LayoutTests/security/contentSecurityPolicy/audioworklet-inherits-blocks-eval-expected.txt:
 Added.
    * 
LayoutTests/security/contentSecurityPolicy/audioworklet-inherits-blocks-eval.html:
 Added.
    * 
LayoutTests/security/contentSecurityPolicy/resources/audioworklet-inherits-allows-eval.js:
 Added.
    (EvalTestProcessor):
    (EvalTestProcessor.prototype.process):
    * 
LayoutTests/security/contentSecurityPolicy/resources/audioworklet-inherits-blocks-eval.js:
 Added.
    (EvalTestProcessor):
    (EvalTestProcessor.prototype.process):
    * Source/WebCore/Modules/webaudio/AudioWorkletGlobalScope.cpp:
    (WebCore::AudioWorkletGlobalScope::tryCreate):
    * Source/WebCore/Modules/webaudio/AudioWorkletMessagingProxy.cpp:
    (WebCore::generateWorkletParameters):
    * Source/WebCore/bindings/js/WorkerModuleScriptLoader.cpp:
    (WebCore::WorkerModuleScriptLoader::load):
    * Source/WebCore/loader/FetchOptions.h:
    (WebCore::isWorkletDestination):
    (WebCore::isScriptLikeDestination):
    * Source/WebCore/workers/WorkerGlobalScope.cpp:
    (WebCore::WorkerGlobalScope::applyContentSecurityPolicyResponseHeaders): 
Deleted.
    * Source/WebCore/workers/WorkerGlobalScope.h:
    * Source/WebCore/workers/WorkerOrWorkletGlobalScope.cpp:
    
(WebCore::WorkerOrWorkletGlobalScope::applyContentSecurityPolicyResponseHeaders):
    * Source/WebCore/workers/WorkerOrWorkletGlobalScope.h:
    * Source/WebCore/worklets/PaintWorkletGlobalScope.cpp:
    (WebCore::PaintWorkletGlobalScope::tryCreate):
    * Source/WebCore/worklets/WorkletParameters.h:
    (WebCore::WorkletParameters::isolatedCopy const):
    (WebCore::WorkletParameters::isolatedCopy):
    * Source/WebKit/NetworkProcess/NetworkLoadChecker.cpp:
    (WebKit::NetworkLoadChecker::isAllowedByContentSecurityPolicy):

    Identifier: 305413.406@safari-7624-branch

Canonical link: https://commits.webkit.org/305877.686@webkitglib/2.52



To unsubscribe from these emails, change your notification settings at 
https://github.com/WebKit/WebKit/settings/notifications