Diff
Modified: trunk/LayoutTests/ChangeLog (281054 => 281055)
--- trunk/LayoutTests/ChangeLog 2021-08-14 00:47:03 UTC (rev 281054)
+++ trunk/LayoutTests/ChangeLog 2021-08-14 02:28:19 UTC (rev 281055)
@@ -1,3 +1,14 @@
+2021-08-13 Chris Dumez <cdu...@apple.com>
+
+ Add Cross-Origin-Embedder-Policy support for Blob URLs
+ https://bugs.webkit.org/show_bug.cgi?id=229041
+
+ Reviewed by Alex Christensen.
+
+ Update test expectations to unskip tests that are now passing.
+
+ * TestExpectations:
+
2021-08-13 Wenson Hsieh <wenson_hs...@apple.com>
[iOS 15] fast/events/touch/ios/long-press-on-link.html is a constant crash
Modified: trunk/LayoutTests/TestExpectations (281054 => 281055)
--- trunk/LayoutTests/TestExpectations 2021-08-14 00:47:03 UTC (rev 281054)
+++ trunk/LayoutTests/TestExpectations 2021-08-14 02:28:19 UTC (rev 281055)
@@ -401,6 +401,7 @@
imported/w3c/web-platform-tests/html/browsers/history/the-location-interface/location-protocol-setter-non-broken-weird.html [ DumpJSConsoleLogInStdErr ]
imported/w3c/web-platform-tests/html/browsers/origin/cross-origin-objects/cross-origin-objects.html [ DumpJSConsoleLogInStdErr ]
imported/w3c/web-platform-tests/html/browsers/sandboxing/sandbox-disallow-popups.html [ DumpJSConsoleLogInStdErr ]
+imported/w3c/web-platform-tests/html/cross-origin-embedder-policy/blob.https.html [ DumpJSConsoleLogInStdErr ]
imported/w3c/web-platform-tests/html/cross-origin-opener-policy/navigate-to-aboutblank.https.html [ DumpJSConsoleLogInStdErr ]
imported/w3c/web-platform-tests/html/cross-origin-opener-policy/navigate-top-to-aboutblank.https.html [ DumpJSConsoleLogInStdErr ]
imported/w3c/web-platform-tests/html/semantics/embedded-content/the-iframe-element/iframe-network-error.sub.html [ DumpJSConsoleLogInStdErr ]
@@ -722,11 +723,6 @@
imported/w3c/web-platform-tests/html/cross-origin-opener-policy/no-https.html [ Skip ]
imported/w3c/web-platform-tests/html/cross-origin-embedder-policy/no-secure-context.html [ Skip ]
-# COEP test timing out due to lack of Blob URL support.
-imported/w3c/web-platform-tests/html/cross-origin-embedder-policy/blob.https.html [ Skip ]
-imported/w3c/web-platform-tests/html/cross-origin-embedder-policy/cross-origin-isolated-permission.https.html [ Skip ]
-imported/w3c/web-platform-tests/html/cross-origin-opener-policy/coep-blob-popup.https.html [ Skip ]
-
# This test makes the assumption that get_host_info().REMOTE_ORIGIN is same-site, which is not true for
# our layout tests. We maintain our own version of this test in http/wpt.
imported/w3c/web-platform-tests/html/cross-origin-embedder-policy/require-corp.https.html [ Skip ]
Modified: trunk/LayoutTests/imported/w3c/ChangeLog (281054 => 281055)
--- trunk/LayoutTests/imported/w3c/ChangeLog 2021-08-14 00:47:03 UTC (rev 281054)
+++ trunk/LayoutTests/imported/w3c/ChangeLog 2021-08-14 02:28:19 UTC (rev 281055)
@@ -1,3 +1,16 @@
+2021-08-13 Chris Dumez <cdu...@apple.com>
+
+ Add Cross-Origin-Embedder-Policy support for Blob URLs
+ https://bugs.webkit.org/show_bug.cgi?id=229041
+
+ Reviewed by Alex Christensen.
+
+ Rebaseline WPT tests now that more checks are passing.
+
+ * web-platform-tests/html/cross-origin-embedder-policy/blob.https-expected.txt:
+ * web-platform-tests/html/cross-origin-embedder-policy/cross-origin-isolated-permission.https-expected.txt:
+ * web-platform-tests/html/cross-origin-opener-policy/coep-blob-popup.https-expected.txt:
+
2021-08-13 Alex Christensen <achristen...@webkit.org>
Unreviewed, reverting r281009.
Modified: trunk/LayoutTests/imported/w3c/web-platform-tests/html/cross-origin-embedder-policy/blob.https-expected.txt (281054 => 281055)
--- trunk/LayoutTests/imported/w3c/web-platform-tests/html/cross-origin-embedder-policy/blob.https-expected.txt 2021-08-14 00:47:03 UTC (rev 281054)
+++ trunk/LayoutTests/imported/w3c/web-platform-tests/html/cross-origin-embedder-policy/blob.https-expected.txt 2021-08-14 02:28:19 UTC (rev 281055)
@@ -1,16 +1,10 @@
-CONSOLE MESSAGE: Refused to display 'blob:https://localhost:9443/ce752f78-9f54-4192-885f-d338222dbf89' in a frame because of Cross-Origin-Embedder-Policy.
-CONSOLE MESSAGE: Refused to display 'blob:https://127.0.0.1:9443/2d609484-fc8c-4162-b451-5e5a60ca6fb0' in a frame because of Cross-Origin-Embedder-Policy.
-CONSOLE MESSAGE: Refused to display 'blob:https://127.0.0.1:9443/d6c69b1b-b9e2-468f-afd5-3ee0ca1f26cd' in a frame because of Cross-Origin-Embedder-Policy.
-CONSOLE MESSAGE: Refused to display 'blob:https://localhost:9443/a2f48f74-c115-4535-8945-845540d08260' in a frame because of Cross-Origin-Embedder-Policy.
-CONSOLE MESSAGE: Refused to display 'blob:https://127.0.0.1:9443/e46352d8-4f39-4348-addc-cf3be4c271d5' in a frame because of Cross-Origin-Embedder-Policy.
-CONSOLE MESSAGE: Refused to display 'blob:https://127.0.0.1:9443/d4b68c8b-e74e-47a5-a08d-612bf0d709d7' in a frame because of Cross-Origin-Embedder-Policy.
-Harness Error (TIMEOUT), message = null
+Harness Error (FAIL), message = 2 duplicate test names: "Cross-Origin-Embedder-Policy and blob: URL from https://127.0.0.1:9443 in subframe via subframe", "Cross-Origin-Embedder-Policy and blob: URL from https://127.0.0.1:9443 in subframe via navigate"
-TIMEOUT Cross-Origin-Embedder-Policy and blob: URL from https://localhost:9443 in subframe via subframe Test timed out
-TIMEOUT Cross-Origin-Embedder-Policy and blob: URL from https://localhost:9443 in subframe via navigate Test timed out
-TIMEOUT Cross-Origin-Embedder-Policy and blob: URL from https://127.0.0.1:9443 in subframe via subframe Test timed out
-TIMEOUT Cross-Origin-Embedder-Policy and blob: URL from https://127.0.0.1:9443 in subframe via navigate Test timed out
-TIMEOUT Cross-Origin-Embedder-Policy and blob: URL from https://127.0.0.1:9443 in subframe via subframe Test timed out
-TIMEOUT Cross-Origin-Embedder-Policy and blob: URL from https://127.0.0.1:9443 in subframe via navigate Test timed out
+PASS Cross-Origin-Embedder-Policy and blob: URL from https://localhost:9443 in subframe via subframe
+PASS Cross-Origin-Embedder-Policy and blob: URL from https://localhost:9443 in subframe via navigate
+PASS Cross-Origin-Embedder-Policy and blob: URL from https://127.0.0.1:9443 in subframe via subframe
+PASS Cross-Origin-Embedder-Policy and blob: URL from https://127.0.0.1:9443 in subframe via navigate
+PASS Cross-Origin-Embedder-Policy and blob: URL from https://127.0.0.1:9443 in subframe via subframe
+PASS Cross-Origin-Embedder-Policy and blob: URL from https://127.0.0.1:9443 in subframe via navigate
Modified: trunk/LayoutTests/imported/w3c/web-platform-tests/html/cross-origin-embedder-policy/cross-origin-isolated-permission.https-expected.txt (281054 => 281055)
--- trunk/LayoutTests/imported/w3c/web-platform-tests/html/cross-origin-embedder-policy/cross-origin-isolated-permission.https-expected.txt 2021-08-14 00:47:03 UTC (rev 281054)
+++ trunk/LayoutTests/imported/w3c/web-platform-tests/html/cross-origin-embedder-policy/cross-origin-isolated-permission.https-expected.txt 2021-08-14 02:28:19 UTC (rev 281055)
@@ -1,19 +1,4 @@
-CONSOLE MESSAGE: Refused to load 'blob:https://localhost:9443/0626116e-3414-4f35-bd1e-007f1312b79e' worker because of Cross-Origin-Embedder-Policy.
-CONSOLE MESSAGE: Worker load was blocked by Cross-Origin-Embedder-Policy
-CONSOLE MESSAGE: Cannot load blob:https://localhost:9443/0626116e-3414-4f35-bd1e-007f1312b79e due to access control checks.
-CONSOLE MESSAGE: Refused to load 'blob:https://localhost:9443/a99eb341-4640-403a-a8f4-c2fcf28ede20' worker because of Cross-Origin-Embedder-Policy.
-CONSOLE MESSAGE: Worker load was blocked by Cross-Origin-Embedder-Policy
-CONSOLE MESSAGE: Cannot load blob:https://localhost:9443/a99eb341-4640-403a-a8f4-c2fcf28ede20 due to access control checks.
-CONSOLE MESSAGE: Refused to load 'blob:https://localhost:9443/929d633e-ce48-43ff-b89d-e4e20fca6753' worker because of Cross-Origin-Embedder-Policy.
-CONSOLE MESSAGE: Worker load was blocked by Cross-Origin-Embedder-Policy
-CONSOLE MESSAGE: Cannot load blob:https://localhost:9443/929d633e-ce48-43ff-b89d-e4e20fca6753 due to access control checks.
-CONSOLE MESSAGE: Refused to load 'blob:https://localhost:9443/0c8b6914-58db-417c-9e0c-e7ecacc4a16a' worker because of Cross-Origin-Embedder-Policy.
-CONSOLE MESSAGE: Worker load was blocked by Cross-Origin-Embedder-Policy
-CONSOLE MESSAGE: Cannot load blob:https://localhost:9443/0c8b6914-58db-417c-9e0c-e7ecacc4a16a due to access control checks.
-
-Harness Error (TIMEOUT), message = null
-
FAIL frame: origin = https://localhost:9443, value = undefined assert_equals: expected true but got false
FAIL frame: origin = https://localhost:9443, value = * assert_equals: expected true but got false
FAIL frame: origin = https://localhost:9443, value = self assert_equals: expected true but got false
@@ -30,10 +15,10 @@
PASS dedicated worker: scheme = data, value = *
PASS dedicated worker: scheme = data, value = self
PASS dedicated worker: scheme = data, value = (\)
-TIMEOUT dedicated worker: scheme = blob, value = undefined Test timed out
-TIMEOUT dedicated worker: scheme = blob, value = * Test timed out
-TIMEOUT dedicated worker: scheme = blob, value = self Test timed out
-TIMEOUT dedicated worker: scheme = blob, value = (\) Test timed out
+FAIL dedicated worker: scheme = blob, value = undefined assert_equals: expected true but got false
+FAIL dedicated worker: scheme = blob, value = * assert_equals: expected true but got false
+FAIL dedicated worker: scheme = blob, value = self assert_equals: expected true but got false
+PASS dedicated worker: scheme = blob, value = (\)
FAIL shared worker: withCoopCoep = false Can't find variable: SharedWorker
FAIL shared worker: withCoopCoep = true Can't find variable: SharedWorker
FAIL service worker: withCoopCoep = false assert_equals: expected (boolean) false but got (undefined) undefined
Modified: trunk/LayoutTests/imported/w3c/web-platform-tests/html/cross-origin-opener-policy/coep-blob-popup.https-expected.txt (281054 => 281055)
--- trunk/LayoutTests/imported/w3c/web-platform-tests/html/cross-origin-opener-policy/coep-blob-popup.https-expected.txt 2021-08-14 00:47:03 UTC (rev 281054)
+++ trunk/LayoutTests/imported/w3c/web-platform-tests/html/cross-origin-opener-policy/coep-blob-popup.https-expected.txt 2021-08-14 02:28:19 UTC (rev 281055)
@@ -1,5 +1,11 @@
+CONSOLE MESSAGE: Cancelled load to https://127.0.0.1:9443/common/blank.html because it violates the resource's Cross-Origin-Resource-Policy response header.
+CONSOLE MESSAGE: Fetch API cannot load https://127.0.0.1:9443/common/blank.html due to access control checks.
+CONSOLE MESSAGE: Cancelled load to https://127.0.0.1:9443/common/blank.html because it violates the resource's Cross-Origin-Resource-Policy response header.
+CONSOLE MESSAGE: Fetch API cannot load https://127.0.0.1:9443/common/blank.html due to access control checks.
+CONSOLE MESSAGE: Cancelled load to https://127.0.0.1:9443/common/blank.html because it violates the resource's Cross-Origin-Resource-Policy response header.
+CONSOLE MESSAGE: Fetch API cannot load https://127.0.0.1:9443/common/blank.html due to access control checks.
-FAIL COOP+COEP blob URL popup: window.open() assert_true: Cross-origin without CORP did not fail expected true got false
-FAIL COOP+COEP blob URL popup: <a> assert_true: Cross-origin without CORP did not fail expected true got false
-FAIL COOP+COEP blob URL popup: <a rel=noopener> assert_true: Cross-origin without CORP did not fail expected true got false
+PASS COOP+COEP blob URL popup: window.open()
+PASS COOP+COEP blob URL popup: <a>
+PASS COOP+COEP blob URL popup: <a rel=noopener>
Modified: trunk/LayoutTests/platform/mac-wk1/TestExpectations (281054 => 281055)
--- trunk/LayoutTests/platform/mac-wk1/TestExpectations 2021-08-14 00:47:03 UTC (rev 281054)
+++ trunk/LayoutTests/platform/mac-wk1/TestExpectations 2021-08-14 02:28:19 UTC (rev 281055)
@@ -373,6 +373,7 @@
# No Cross-Origin-Embedder-Policy in WK1.
imported/w3c/web-platform-tests/html/cross-origin-embedder-policy [ Skip ]
+imported/w3c/web-platform-tests/html/cross-origin-opener-policy/coep-blob-popup.https.html [ Skip ]
http/wpt/html/cross-origin-embedder-policy/require-corp.https.html [ Skip ]
# Quota check missing in WK1
Modified: trunk/LayoutTests/platform/win/TestExpectations (281054 => 281055)
--- trunk/LayoutTests/platform/win/TestExpectations 2021-08-14 00:47:03 UTC (rev 281054)
+++ trunk/LayoutTests/platform/win/TestExpectations 2021-08-14 02:28:19 UTC (rev 281055)
@@ -3727,6 +3727,7 @@
# No Cross-Origin-Embedder-Policy in WK1.
imported/w3c/web-platform-tests/html/cross-origin-embedder-policy [ Skip ]
+imported/w3c/web-platform-tests/html/cross-origin-opener-policy/coep-blob-popup.https.html [ Skip ]
http/wpt/html/cross-origin-embedder-policy/require-corp.https.html [ Skip ]
# No header filtering for WK1
Modified: trunk/Source/WebCore/ChangeLog (281054 => 281055)
--- trunk/Source/WebCore/ChangeLog 2021-08-14 00:47:03 UTC (rev 281054)
+++ trunk/Source/WebCore/ChangeLog 2021-08-14 02:28:19 UTC (rev 281055)
@@ -1,3 +1,48 @@
+2021-08-13 Chris Dumez <cdu...@apple.com>
+
+ Add Cross-Origin-Embedder-Policy support for Blob URLs
+ https://bugs.webkit.org/show_bug.cgi?id=229041
+
+ Reviewed by Alex Christensen.
+
+ Add Cross-Origin-Embedder-Policy (COEP) support for Blob URLs. We do the same thing as for COOP,
+ we pass the COEP policy when registering the Blob URL and store it in the BlobData. When we need
+ the construct a Blob resource response as a result of a load, we add the right COEP headers
+ based on the BlobData's COEP policy.
+
+ No new tests, rebaselined existing tests.
+
+ * Modules/fetch/FetchLoader.cpp:
+ (WebCore::FetchLoader::startLoadingBlobURL):
+ * fileapi/Blob.cpp:
+ (WebCore::BlobURLRegistry::registerURL):
+ (WebCore::Blob::Blob):
+ * fileapi/FileReaderLoader.cpp:
+ (WebCore::FileReaderLoader::start):
+ * fileapi/ThreadableBlobRegistry.cpp:
+ (WebCore::ThreadableBlobRegistry::registerBlobURL):
+ * fileapi/ThreadableBlobRegistry.h:
+ * html/HTMLMediaElement.cpp:
+ (WebCore::HTMLMediaElement::loadResource):
+ * loader/CrossOriginEmbedderPolicy.cpp:
+ (WebCore::addCrossOriginEmbedderPolicyHeaders):
+ * loader/CrossOriginEmbedderPolicy.h:
+ (WebCore::operator==):
+ * loader/CrossOriginOpenerPolicy.cpp:
+ (WebCore::addCrossOriginOpenerPolicyHeaders):
+ * loader/FrameLoader.cpp:
+ (WebCore::FrameLoader::didBeginDocument):
+ * platform/network/BlobData.h:
+ (WebCore::BlobData::crossOriginEmbedderPolicy const):
+ (WebCore::BlobData::setCrossOriginEmbedderPolicy):
+ * platform/network/BlobRegistry.h:
+ * platform/network/BlobRegistryImpl.cpp:
+ (WebCore::BlobRegistryImpl::registerBlobURL):
+ (WebCore::BlobRegistryImpl::registerBlobURLOptionallyFileBacked):
+ * platform/network/BlobRegistryImpl.h:
+ * platform/network/BlobResourceHandle.cpp:
+ (WebCore::BlobResourceHandle::notifyResponseOnSuccess):
+
2021-08-13 Brent Fulgham <bfulg...@apple.com>
Unreviewed build fix after r281012
Modified: trunk/Source/WebCore/Headers.cmake (281054 => 281055)
--- trunk/Source/WebCore/Headers.cmake 2021-08-14 00:47:03 UTC (rev 281054)
+++ trunk/Source/WebCore/Headers.cmake 2021-08-14 02:28:19 UTC (rev 281055)
@@ -809,6 +809,7 @@
loader/NetscapePlugInStreamLoader.h
loader/PingLoader.h
loader/PolicyChecker.h
+ loader/PolicyContainer.h
loader/PrivateClickMeasurement.h
loader/ProgressTracker.h
loader/ProgressTrackerClient.h
Modified: trunk/Source/WebCore/Modules/fetch/FetchLoader.cpp (281054 => 281055)
--- trunk/Source/WebCore/Modules/fetch/FetchLoader.cpp 2021-08-14 00:47:03 UTC (rev 281054)
+++ trunk/Source/WebCore/Modules/fetch/FetchLoader.cpp 2021-08-14 02:28:19 UTC (rev 281055)
@@ -65,7 +65,7 @@
return;
}
- ThreadableBlobRegistry::registerBlobURL(context.securityOrigin(), context.crossOriginOpenerPolicy(), m_urlForReading, blobURL);
+ ThreadableBlobRegistry::registerBlobURL(context.securityOrigin(), context.policyContainer(), m_urlForReading, blobURL);
ResourceRequest request(m_urlForReading);
request.setInitiatorIdentifier(context.resourceRequestIdentifier());
Modified: trunk/Source/WebCore/WebCore.xcodeproj/project.pbxproj (281054 => 281055)
--- trunk/Source/WebCore/WebCore.xcodeproj/project.pbxproj 2021-08-14 00:47:03 UTC (rev 281054)
+++ trunk/Source/WebCore/WebCore.xcodeproj/project.pbxproj 2021-08-14 02:28:19 UTC (rev 281055)
@@ -1279,6 +1279,7 @@
465307D01DB6EE4800E4137C /* JSUIEventInit.h in Headers */ = {isa = PBXBuildFile; fileRef = 83E045EF1DAA104F00B0D8B9 /* JSUIEventInit.h */; };
466172EC23A2AC1F003AB309 /* PostMessageOptions.h in Headers */ = {isa = PBXBuildFile; fileRef = 466172EB23A2ABFA003AB309 /* PostMessageOptions.h */; settings = {ATTRIBUTES = (Private, ); }; };
46658DC91FA24B8700F7DD54 /* SWContextManager.h in Headers */ = {isa = PBXBuildFile; fileRef = 4672413B1FA24B140088BD6D /* SWContextManager.h */; settings = {ATTRIBUTES = (Private, ); }; };
+ 466C2DAD26C73AFC00651931 /* PolicyContainer.h in Headers */ = {isa = PBXBuildFile; fileRef = 466C2DAB26C73AFB00651931 /* PolicyContainer.h */; settings = {ATTRIBUTES = (Private, ); }; };
466ED8D31EDE0144005E43F6 /* JSDOMRectList.h in Headers */ = {isa = PBXBuildFile; fileRef = 466ED8D21EDE0135005E43F6 /* JSDOMRectList.h */; };
4671E0661D67A59600C6B497 /* CanvasPath.h in Headers */ = {isa = PBXBuildFile; fileRef = 4671E0641D67A57B00C6B497 /* CanvasPath.h */; };
4672AA9826B0943300E6EC38 /* CrossOriginEmbedderPolicy.h in Headers */ = {isa = PBXBuildFile; fileRef = 4672AA9626B0942100E6EC38 /* CrossOriginEmbedderPolicy.h */; settings = {ATTRIBUTES = (Private, ); }; };
@@ -8280,6 +8281,7 @@
466172E923A2ABFA003AB309 /* PostMessageOptions.idl */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = text; path = PostMessageOptions.idl; sourceTree = "<group>"; };
466172EB23A2ABFA003AB309 /* PostMessageOptions.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = PostMessageOptions.h; sourceTree = "<group>"; };
466536FA264C8DD100AAD1D7 /* JSAudioNodeCustom.cpp */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.cpp.cpp; path = JSAudioNodeCustom.cpp; sourceTree = "<group>"; };
+ 466C2DAB26C73AFB00651931 /* PolicyContainer.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = PolicyContainer.h; sourceTree = "<group>"; };
466DC6AB1EDE021D00746224 /* JSDOMRectList.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = JSDOMRectList.cpp; sourceTree = "<group>"; };
466ED8D21EDE0135005E43F6 /* JSDOMRectList.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = JSDOMRectList.h; sourceTree = "<group>"; };
4671E0631D67A57B00C6B497 /* CanvasPath.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = CanvasPath.cpp; sourceTree = "<group>"; };
@@ -27358,6 +27360,7 @@
D0FF2A5C11F8C45A007E74E0 /* PingLoader.h */,
97059975107D975200A50A7C /* PolicyChecker.cpp */,
97059976107D975200A50A7C /* PolicyChecker.h */,
+ 466C2DAB26C73AFB00651931 /* PolicyContainer.h */,
6B0A07F121FA4B5C00D57391 /* PrivateClickMeasurement.cpp */,
6B0A07F021FA4B5C00D57391 /* PrivateClickMeasurement.h */,
1A2A68210B5BEDE70002A480 /* ProgressTracker.cpp */,
@@ -33990,6 +33993,7 @@
3FF813A71DBA8640009BF001 /* PointerLockController.h in Headers */,
84730D921248F0B300D3A9C9 /* PointLightSource.h in Headers */,
9705997A107D975200A50A7C /* PolicyChecker.h in Headers */,
+ 466C2DAD26C73AFC00651931 /* PolicyContainer.h in Headers */,
FD45A957175D414C00C21EC8 /* PolygonShape.h in Headers */,
5174E20A10A1F44F00F95E6F /* PopStateEvent.h in Headers */,
0668E18B0ADD9624004128E0 /* PopupMenu.h in Headers */,
Modified: trunk/Source/WebCore/dom/ScriptExecutionContext.cpp (281054 => 281055)
--- trunk/Source/WebCore/dom/ScriptExecutionContext.cpp 2021-08-14 00:47:03 UTC (rev 281054)
+++ trunk/Source/WebCore/dom/ScriptExecutionContext.cpp 2021-08-14 02:28:19 UTC (rev 281055)
@@ -336,12 +336,6 @@
});
}
-const CrossOriginOpenerPolicy& ScriptExecutionContext::crossOriginOpenerPolicy() const
-{
- static NeverDestroyed<CrossOriginOpenerPolicy> coop;
- return coop;
-}
-
void ScriptExecutionContext::suspendActiveDOMObjectIfNeeded(ActiveDOMObject& activeDOMObject)
{
ASSERT(m_activeDOMObjects.contains(&activeDOMObject));
Modified: trunk/Source/WebCore/dom/ScriptExecutionContext.h (281054 => 281055)
--- trunk/Source/WebCore/dom/ScriptExecutionContext.h 2021-08-14 00:47:03 UTC (rev 281054)
+++ trunk/Source/WebCore/dom/ScriptExecutionContext.h 2021-08-14 02:28:19 UTC (rev 281055)
@@ -78,8 +78,6 @@
enum class ReferrerPolicy : uint8_t;
enum class TaskSource : uint8_t;
-struct CrossOriginOpenerPolicy;
-
#if ENABLE(SERVICE_WORKER)
class ServiceWorker;
class ServiceWorkerContainer;
@@ -148,8 +146,6 @@
bool activeDOMObjectsAreSuspended() const { return m_activeDOMObjectsAreSuspended; }
bool activeDOMObjectsAreStopped() const { return m_activeDOMObjectsAreStopped; }
- virtual const CrossOriginOpenerPolicy& crossOriginOpenerPolicy() const;
-
JSC::ScriptExecutionStatus jscScriptExecutionStatus() const;
// Called from the constructor and destructors of ActiveDOMObject.
Modified: trunk/Source/WebCore/dom/SecurityContext.cpp (281054 => 281055)
--- trunk/Source/WebCore/dom/SecurityContext.cpp 2021-08-14 00:47:03 UTC (rev 281054)
+++ trunk/Source/WebCore/dom/SecurityContext.cpp 2021-08-14 02:28:19 UTC (rev 281055)
@@ -29,6 +29,7 @@
#include "ContentSecurityPolicy.h"
#include "HTMLParserIdioms.h"
+#include "PolicyContainer.h"
#include "SecurityOrigin.h"
#include "SecurityOriginPolicy.h"
#include <wtf/text/StringBuilder.h>
@@ -159,4 +160,18 @@
return flags;
}
+const CrossOriginOpenerPolicy& SecurityContext::crossOriginOpenerPolicy() const
+{
+ static NeverDestroyed<CrossOriginOpenerPolicy> coop;
+ return coop;
}
+
+PolicyContainer SecurityContext::policyContainer() const
+{
+ return {
+ crossOriginEmbedderPolicy(),
+ crossOriginOpenerPolicy()
+ };
+}
+
+}
Modified: trunk/Source/WebCore/dom/SecurityContext.h (281054 => 281055)
--- trunk/Source/WebCore/dom/SecurityContext.h 2021-08-14 00:47:03 UTC (rev 281054)
+++ trunk/Source/WebCore/dom/SecurityContext.h 2021-08-14 02:28:19 UTC (rev 281055)
@@ -38,6 +38,8 @@
class SecurityOrigin;
class SecurityOriginPolicy;
class ContentSecurityPolicy;
+struct CrossOriginOpenerPolicy;
+struct PolicyContainer;
enum SandboxFlag {
// See http://www.whatwg.org/specs/web-apps/current-work/#attr-iframe-sandbox for a list of the sandbox flags.
@@ -91,6 +93,10 @@
const CrossOriginEmbedderPolicy& crossOriginEmbedderPolicy() const { return m_crossOriginEmbedderPolicy; }
void setCrossOriginEmbedderPolicy(const CrossOriginEmbedderPolicy& crossOriginEmbedderPolicy) { m_crossOriginEmbedderPolicy = crossOriginEmbedderPolicy; }
+ virtual const CrossOriginOpenerPolicy& crossOriginOpenerPolicy() const;
+
+ PolicyContainer policyContainer() const;
+
WEBCORE_EXPORT SecurityOrigin* securityOrigin() const;
static SandboxFlags parseSandboxPolicy(const String& policy, String& invalidTokensErrorMessage);
Modified: trunk/Source/WebCore/fileapi/Blob.cpp (281054 => 281055)
--- trunk/Source/WebCore/fileapi/Blob.cpp 2021-08-14 00:47:03 UTC (rev 281054)
+++ trunk/Source/WebCore/fileapi/Blob.cpp 2021-08-14 02:28:19 UTC (rev 281055)
@@ -37,6 +37,7 @@
#include "BlobURL.h"
#include "File.h"
#include "JSDOMPromiseDeferred.h"
+#include "PolicyContainer.h"
#include "ReadableStream.h"
#include "ReadableStreamSource.h"
#include "ScriptExecutionContext.h"
@@ -62,7 +63,7 @@
void BlobURLRegistry::registerURL(ScriptExecutionContext& context, const URL& publicURL, URLRegistrable& blob)
{
ASSERT(&blob.registry() == this);
- ThreadableBlobRegistry::registerBlobURL(context.securityOrigin(), context.crossOriginOpenerPolicy(), publicURL, static_cast<Blob&>(blob).url());
+ ThreadableBlobRegistry::registerBlobURL(context.securityOrigin(), context.policyContainer(), publicURL, static_cast<Blob&>(blob).url());
}
void BlobURLRegistry::unregisterURL(const URL& url)
Modified: trunk/Source/WebCore/fileapi/FileReaderLoader.cpp (281054 => 281055)
--- trunk/Source/WebCore/fileapi/FileReaderLoader.cpp 2021-08-14 00:47:03 UTC (rev 281054)
+++ trunk/Source/WebCore/fileapi/FileReaderLoader.cpp 2021-08-14 02:28:19 UTC (rev 281055)
@@ -82,7 +82,7 @@
failed(SecurityError);
return;
}
- ThreadableBlobRegistry::registerBlobURL(scriptExecutionContext->securityOrigin(), scriptExecutionContext->crossOriginOpenerPolicy(), m_urlForReading, blob.url());
+ ThreadableBlobRegistry::registerBlobURL(scriptExecutionContext->securityOrigin(), scriptExecutionContext->policyContainer(), m_urlForReading, blob.url());
// Construct and load the request.
ResourceRequest request(m_urlForReading);
Modified: trunk/Source/WebCore/fileapi/ThreadableBlobRegistry.cpp (281054 => 281055)
--- trunk/Source/WebCore/fileapi/ThreadableBlobRegistry.cpp 2021-08-14 00:47:03 UTC (rev 281054)
+++ trunk/Source/WebCore/fileapi/ThreadableBlobRegistry.cpp 2021-08-14 02:28:19 UTC (rev 281055)
@@ -100,7 +100,7 @@
return url.string().substring(startIndex, endIndex - startIndex - 1) == "null";
}
-void ThreadableBlobRegistry::registerBlobURL(SecurityOrigin* origin, const CrossOriginOpenerPolicy& coop, const URL& url, const URL& srcURL)
+void ThreadableBlobRegistry::registerBlobURL(SecurityOrigin* origin, const PolicyContainer& policyContainer, const URL& url, const URL& srcURL)
{
// If the blob URL contains null origin, as in the context with unique security origin or file URL, save the mapping between url and origin so that the origin can be retrived when doing security origin check.
if (origin && isBlobURLContainsNullOrigin(url))
@@ -107,12 +107,12 @@
originMap()->add(url.string(), origin);
if (isMainThread()) {
- blobRegistry().registerBlobURL(url, srcURL, coop);
+ blobRegistry().registerBlobURL(url, srcURL, policyContainer);
return;
}
- callOnMainThread([url = "" srcURL = srcURL.isolatedCopy(), coop = crossThreadCopy(coop)] {
- blobRegistry().registerBlobURL(url, srcURL, coop);
+ callOnMainThread([url = "" srcURL = srcURL.isolatedCopy(), policyContainer = crossThreadCopy(policyContainer)] {
+ blobRegistry().registerBlobURL(url, srcURL, policyContainer);
});
}
Modified: trunk/Source/WebCore/fileapi/ThreadableBlobRegistry.h (281054 => 281055)
--- trunk/Source/WebCore/fileapi/ThreadableBlobRegistry.h 2021-08-14 00:47:03 UTC (rev 281054)
+++ trunk/Source/WebCore/fileapi/ThreadableBlobRegistry.h 2021-08-14 02:28:19 UTC (rev 281055)
@@ -38,13 +38,13 @@
class BlobPart;
class SecurityOrigin;
-struct CrossOriginOpenerPolicy;
+struct PolicyContainer;
class ThreadableBlobRegistry {
public:
static void registerFileBlobURL(const URL&, const String& path, const String& replacementPath, const String& contentType);
static void registerBlobURL(const URL&, Vector<BlobPart>&& blobParts, const String& contentType);
- static void registerBlobURL(SecurityOrigin*, const CrossOriginOpenerPolicy&, const URL&, const URL& srcURL);
+ static void registerBlobURL(SecurityOrigin*, const PolicyContainer&, const URL&, const URL& srcURL);
static void registerBlobURLOptionallyFileBacked(const URL&, const URL& srcURL, const String& fileBackedPath, const String& contentType);
static void registerBlobURLForSlice(const URL& newURL, const URL& srcURL, long long start, long long end, const String& contentType);
static void unregisterBlobURL(const URL&);
Modified: trunk/Source/WebCore/html/HTMLMediaElement.cpp (281054 => 281055)
--- trunk/Source/WebCore/html/HTMLMediaElement.cpp 2021-08-14 00:47:03 UTC (rev 281054)
+++ trunk/Source/WebCore/html/HTMLMediaElement.cpp 2021-08-14 02:28:19 UTC (rev 281055)
@@ -1552,7 +1552,7 @@
if (!m_blobURLForReading.isEmpty())
ThreadableBlobRegistry::unregisterBlobURL(m_blobURLForReading);
m_blobURLForReading = BlobURL::createPublicURL(&document().securityOrigin());
- ThreadableBlobRegistry::registerBlobURL(&document().securityOrigin(), document().crossOriginOpenerPolicy(), m_blobURLForReading, m_blob->url());
+ ThreadableBlobRegistry::registerBlobURL(&document().securityOrigin(), document().policyContainer(), m_blobURLForReading, m_blob->url());
if (!m_player->load(m_blobURLForReading, contentType, keySystem))
mediaLoadingFailed(MediaPlayer::NetworkState::FormatError);
Modified: trunk/Source/WebCore/loader/CrossOriginEmbedderPolicy.cpp (281054 => 281055)
--- trunk/Source/WebCore/loader/CrossOriginEmbedderPolicy.cpp 2021-08-14 00:47:03 UTC (rev 281054)
+++ trunk/Source/WebCore/loader/CrossOriginEmbedderPolicy.cpp 2021-08-14 02:28:19 UTC (rev 281055)
@@ -74,4 +74,22 @@
};
}
+void addCrossOriginEmbedderPolicyHeaders(ResourceResponse& response, const CrossOriginEmbedderPolicy& coep)
+{
+ if (coep.value != CrossOriginEmbedderPolicyValue::UnsafeNone) {
+ ASSERT(coep.value == CrossOriginEmbedderPolicyValue::RequireCORP);
+ if (coep.reportingEndpoint.isEmpty())
+ response.setHTTPHeaderField(HTTPHeaderName::CrossOriginEmbedderPolicy, "require-corp"_s);
+ else
+ response.setHTTPHeaderField(HTTPHeaderName::CrossOriginEmbedderPolicy, makeString("require-corp; report-to=\"", coep.reportingEndpoint, '\"'));
+ }
+ if (coep.reportOnlyValue != CrossOriginEmbedderPolicyValue::UnsafeNone) {
+ ASSERT(coep.reportOnlyValue == CrossOriginEmbedderPolicyValue::RequireCORP);
+ if (coep.reportOnlyReportingEndpoint.isEmpty())
+ response.setHTTPHeaderField(HTTPHeaderName::CrossOriginEmbedderPolicyReportOnly, "require-corp"_s);
+ else
+ response.setHTTPHeaderField(HTTPHeaderName::CrossOriginEmbedderPolicyReportOnly, makeString("require-corp; report-to=\"", coep.reportOnlyReportingEndpoint, '\"'));
+ }
+}
+
} // namespace WebCore
Modified: trunk/Source/WebCore/loader/CrossOriginEmbedderPolicy.h (281054 => 281055)
--- trunk/Source/WebCore/loader/CrossOriginEmbedderPolicy.h 2021-08-14 00:47:03 UTC (rev 281054)
+++ trunk/Source/WebCore/loader/CrossOriginEmbedderPolicy.h 2021-08-14 02:28:19 UTC (rev 281055)
@@ -50,6 +50,11 @@
template<class Decoder> static std::optional<CrossOriginEmbedderPolicy> decode(Decoder&);
};
+inline bool operator==(const CrossOriginEmbedderPolicy& a, const CrossOriginEmbedderPolicy& b)
+{
+ return a.value == b.value && a.reportingEndpoint == b.reportingEndpoint && a.reportOnlyValue == b.reportOnlyValue && a.reportOnlyReportingEndpoint == b.reportOnlyReportingEndpoint;
+}
+
template<class Encoder>
void CrossOriginEmbedderPolicy::encode(Encoder& encoder) const
{
@@ -88,6 +93,7 @@
}
CrossOriginEmbedderPolicy obtainCrossOriginEmbedderPolicy(const ResourceResponse&, const ScriptExecutionContext&);
+WEBCORE_EXPORT void addCrossOriginEmbedderPolicyHeaders(ResourceResponse&, const CrossOriginEmbedderPolicy&);
enum class IsSecureContext : bool { No, Yes };
WEBCORE_EXPORT CrossOriginEmbedderPolicy obtainCrossOriginEmbedderPolicy(const ResourceResponse&, IsSecureContext);
Modified: trunk/Source/WebCore/loader/CrossOriginOpenerPolicy.cpp (281054 => 281055)
--- trunk/Source/WebCore/loader/CrossOriginOpenerPolicy.cpp 2021-08-14 00:47:03 UTC (rev 281054)
+++ trunk/Source/WebCore/loader/CrossOriginOpenerPolicy.cpp 2021-08-14 02:28:19 UTC (rev 281055)
@@ -103,8 +103,6 @@
response.setHTTPHeaderField(HTTPHeaderName::CrossOriginOpenerPolicy, crossOriginOpenerPolicyToString(coop.value));
else
response.setHTTPHeaderField(HTTPHeaderName::CrossOriginOpenerPolicy, makeString(crossOriginOpenerPolicyToString(coop.value), "; report-to=\"", coop.reportingEndpoint, '\"'));
- if (coop.value == CrossOriginOpenerPolicyValue::SameOriginPlusCOEP)
- response.setHTTPHeaderField(HTTPHeaderName::CrossOriginEmbedderPolicy, "require-corp"_s); // FIXME: Pass in coep and set header value correctly.
}
if (coop.reportOnlyValue != CrossOriginOpenerPolicyValue::UnsafeNone) {
if (coop.reportOnlyReportingEndpoint.isEmpty())
@@ -111,8 +109,6 @@
response.setHTTPHeaderField(HTTPHeaderName::CrossOriginOpenerPolicyReportOnly, crossOriginOpenerPolicyToString(coop.reportOnlyValue));
else
response.setHTTPHeaderField(HTTPHeaderName::CrossOriginOpenerPolicyReportOnly, makeString(crossOriginOpenerPolicyToString(coop.reportOnlyValue), "; report-to=\"", coop.reportOnlyReportingEndpoint, '\"'));
- if (coop.reportOnlyValue == CrossOriginOpenerPolicyValue::SameOriginPlusCOEP)
- response.setHTTPHeaderField(HTTPHeaderName::CrossOriginEmbedderPolicyReportOnly, "require-corp"_s); // FIXME: Pass in coep and set header value correctly.
}
}
Modified: trunk/Source/WebCore/loader/FrameLoader.cpp (281054 => 281055)
--- trunk/Source/WebCore/loader/FrameLoader.cpp 2021-08-14 00:47:03 UTC (rev 281054)
+++ trunk/Source/WebCore/loader/FrameLoader.cpp 2021-08-14 02:28:19 UTC (rev 281055)
@@ -751,7 +751,7 @@
m_frame.document()->contentSecurityPolicy()->didReceiveHeaders(ContentSecurityPolicyResponseHeaders(m_documentLoader->response()), referrer(), ContentSecurityPolicy::ReportParsingErrors::No);
- if (m_frame.document()->url().protocolIsInHTTPFamily())
+ if (m_frame.document()->url().protocolIsInHTTPFamily() || m_frame.document()->url().protocolIsBlob())
m_frame.document()->setCrossOriginEmbedderPolicy(obtainCrossOriginEmbedderPolicy(m_documentLoader->response(), *m_frame.document()));
String referrerPolicy = m_documentLoader->response().httpHeaderField(HTTPHeaderName::ReferrerPolicy);
Added: trunk/Source/WebCore/loader/PolicyContainer.h (0 => 281055)
--- trunk/Source/WebCore/loader/PolicyContainer.h (rev 0)
+++ trunk/Source/WebCore/loader/PolicyContainer.h 2021-08-14 02:28:19 UTC (rev 281055)
@@ -0,0 +1,82 @@
+/*
+ * Copyright (C) 2021 Apple Inc. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS''
+ * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,
+ * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS
+ * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF
+ * THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#pragma once
+
+#include "CrossOriginEmbedderPolicy.h"
+#include "CrossOriginOpenerPolicy.h"
+
+namespace WebCore {
+
+// https://html.spec.whatwg.org/multipage/origin.html#policy-container
+struct PolicyContainer {
+ CrossOriginEmbedderPolicy crossOriginEmbedderPolicy;
+ CrossOriginOpenerPolicy crossOriginOpenerPolicy;
+ // FIXME: CSP list and referrer policy should be part of the PolicyContainer.
+
+ PolicyContainer isolatedCopy() const;
+ template<class Encoder> void encode(Encoder&) const;
+ template<class Decoder> static std::optional<PolicyContainer> decode(Decoder&);
+};
+
+inline bool operator==(const PolicyContainer& a, const PolicyContainer& b)
+{
+ return a.crossOriginEmbedderPolicy == b.crossOriginEmbedderPolicy && a.crossOriginOpenerPolicy == b.crossOriginOpenerPolicy;
+}
+
+inline PolicyContainer PolicyContainer::isolatedCopy() const
+{
+ return {
+ crossOriginEmbedderPolicy.isolatedCopy(),
+ crossOriginOpenerPolicy.isolatedCopy()
+ };
+}
+
+template<class Encoder>
+void PolicyContainer::encode(Encoder& encoder) const
+{
+ encoder << crossOriginEmbedderPolicy << crossOriginOpenerPolicy;
+}
+
+template<class Decoder>
+std::optional<PolicyContainer> PolicyContainer::decode(Decoder& decoder)
+{
+ std::optional<CrossOriginEmbedderPolicy> crossOriginEmbedderPolicy;
+ decoder >> crossOriginEmbedderPolicy;
+ if (!crossOriginEmbedderPolicy)
+ return std::nullopt;
+
+ std::optional<CrossOriginOpenerPolicy> crossOriginOpenerPolicy;
+ decoder >> crossOriginOpenerPolicy;
+ if (!crossOriginOpenerPolicy)
+ return std::nullopt;
+
+ return {{
+ WTFMove(*crossOriginEmbedderPolicy),
+ WTFMove(*crossOriginOpenerPolicy)
+ }};
+}
+
+} // namespace WebCore
Modified: trunk/Source/WebCore/platform/network/BlobData.cpp (281054 => 281055)
--- trunk/Source/WebCore/platform/network/BlobData.cpp 2021-08-14 00:47:03 UTC (rev 281054)
+++ trunk/Source/WebCore/platform/network/BlobData.cpp 2021-08-14 02:28:19 UTC (rev 281055)
@@ -81,7 +81,7 @@
Ref<BlobData> BlobData::clone() const
{
auto blobData = BlobData::create(m_contentType);
- blobData->m_coop = m_coop;
+ blobData->m_policyContainer = m_policyContainer;
blobData->m_items = m_items;
return blobData;
}
Modified: trunk/Source/WebCore/platform/network/BlobData.h (281054 => 281055)
--- trunk/Source/WebCore/platform/network/BlobData.h 2021-08-14 00:47:03 UTC (rev 281054)
+++ trunk/Source/WebCore/platform/network/BlobData.h 2021-08-14 02:28:19 UTC (rev 281055)
@@ -32,7 +32,7 @@
#define BlobData_h
#include "BlobDataFileReference.h"
-#include "CrossOriginOpenerPolicy.h"
+#include "PolicyContainer.h"
#include "ThreadSafeDataBuffer.h"
#include <wtf/Forward.h>
#include <wtf/ThreadSafeRefCounted.h>
@@ -106,8 +106,8 @@
const String& contentType() const { return m_contentType; }
- const CrossOriginOpenerPolicy& crossOriginOpenerPolicy() const { return m_coop; }
- void setCrossOriginOpenerPolicy(const CrossOriginOpenerPolicy& coop) { m_coop = coop; }
+ const PolicyContainer& policyContainer() const { return m_policyContainer; }
+ void setPolicyContainer(const PolicyContainer& policyContainer) { m_policyContainer = policyContainer; }
const BlobDataItemList& items() const { return m_items; }
void swapItems(BlobDataItemList&);
@@ -125,7 +125,7 @@
void appendFile(BlobDataFileReference*, long long offset, long long length);
String m_contentType;
- CrossOriginOpenerPolicy m_coop;
+ PolicyContainer m_policyContainer;
BlobDataItemList m_items;
};
Modified: trunk/Source/WebCore/platform/network/BlobRegistry.h (281054 => 281055)
--- trunk/Source/WebCore/platform/network/BlobRegistry.h 2021-08-14 00:47:03 UTC (rev 281054)
+++ trunk/Source/WebCore/platform/network/BlobRegistry.h 2021-08-14 02:28:19 UTC (rev 281055)
@@ -41,7 +41,7 @@
class BlobRegistry;
class BlobRegistryImpl;
-struct CrossOriginOpenerPolicy;
+struct PolicyContainer;
WEBCORE_EXPORT BlobRegistry& blobRegistry();
@@ -56,7 +56,7 @@
virtual void registerBlobURL(const URL&, Vector<BlobPart>&&, const String& contentType) = 0;
// Registers a new blob URL referring to the blob data identified by the specified srcURL.
- virtual void registerBlobURL(const URL&, const URL& srcURL, const CrossOriginOpenerPolicy&) = 0;
+ virtual void registerBlobURL(const URL&, const URL& srcURL, const PolicyContainer&) = 0;
// Registers a new blob URL referring to the blob data identified by the specified srcURL or, if none found, referring to the file found at the given path.
virtual void registerBlobURLOptionallyFileBacked(const URL&, const URL& srcURL, RefPtr<BlobDataFileReference>&&, const String& contentType) = 0;
Modified: trunk/Source/WebCore/platform/network/BlobRegistryImpl.cpp (281054 => 281055)
--- trunk/Source/WebCore/platform/network/BlobRegistryImpl.cpp 2021-08-14 00:47:03 UTC (rev 281054)
+++ trunk/Source/WebCore/platform/network/BlobRegistryImpl.cpp 2021-08-14 02:28:19 UTC (rev 281055)
@@ -35,6 +35,7 @@
#include "BlobData.h"
#include "BlobPart.h"
#include "BlobResourceHandle.h"
+#include "PolicyContainer.h"
#include "ResourceError.h"
#include "ResourceHandle.h"
#include "ResourceRequest.h"
@@ -152,12 +153,12 @@
addBlobData(url.string(), WTFMove(blobData));
}
-void BlobRegistryImpl::registerBlobURL(const URL& url, const URL& srcURL, const CrossOriginOpenerPolicy& coop)
+void BlobRegistryImpl::registerBlobURL(const URL& url, const URL& srcURL, const PolicyContainer& policyContainer)
{
- registerBlobURLOptionallyFileBacked(url, srcURL, nullptr, { }, coop);
+ registerBlobURLOptionallyFileBacked(url, srcURL, nullptr, { }, policyContainer);
}
-void BlobRegistryImpl::registerBlobURLOptionallyFileBacked(const URL& url, const URL& srcURL, RefPtr<BlobDataFileReference>&& file, const String& contentType, const CrossOriginOpenerPolicy& coop)
+void BlobRegistryImpl::registerBlobURLOptionallyFileBacked(const URL& url, const URL& srcURL, RefPtr<BlobDataFileReference>&& file, const String& contentType, const PolicyContainer& policyContainer)
{
ASSERT(isMainThread());
registerBlobResourceHandleConstructor();
@@ -164,11 +165,11 @@
BlobData* src = ""
if (src) {
- if (src->crossOriginOpenerPolicy() == coop)
+ if (src->policyContainer() == policyContainer)
addBlobData(url.string(), src);
else {
auto clone = src->clone();
- clone->setCrossOriginOpenerPolicy(coop);
+ clone->setPolicyContainer(policyContainer);
addBlobData(url.string(), WTFMove(clone));
}
return;
@@ -179,7 +180,7 @@
auto backingFile = BlobData::create(contentType);
backingFile->appendFile(file.releaseNonNull());
- backingFile->setCrossOriginOpenerPolicy(coop);
+ backingFile->setPolicyContainer(policyContainer);
addBlobData(url.string(), WTFMove(backingFile));
}
Modified: trunk/Source/WebCore/platform/network/BlobRegistryImpl.h (281054 => 281055)
--- trunk/Source/WebCore/platform/network/BlobRegistryImpl.h 2021-08-14 00:47:03 UTC (rev 281054)
+++ trunk/Source/WebCore/platform/network/BlobRegistryImpl.h 2021-08-14 02:28:19 UTC (rev 281055)
@@ -45,7 +45,7 @@
class ResourceHandleClient;
class ResourceRequest;
class ThreadSafeDataBuffer;
-struct CrossOriginOpenerPolicy;
+struct PolicyContainer;
// BlobRegistryImpl is not thread-safe. It should only be called from main thread.
class WEBCORE_EXPORT BlobRegistryImpl {
@@ -62,8 +62,8 @@
void registerFileBlobURL(const URL&, Ref<BlobDataFileReference>&&, const String& contentType);
void registerBlobURL(const URL&, Vector<BlobPart>&&, const String& contentType);
- void registerBlobURL(const URL&, const URL& srcURL, const CrossOriginOpenerPolicy&);
- void registerBlobURLOptionallyFileBacked(const URL&, const URL& srcURL, RefPtr<BlobDataFileReference>&&, const String& contentType, const CrossOriginOpenerPolicy&);
+ void registerBlobURL(const URL&, const URL& srcURL, const PolicyContainer&);
+ void registerBlobURLOptionallyFileBacked(const URL&, const URL& srcURL, RefPtr<BlobDataFileReference>&&, const String& contentType, const PolicyContainer&);
void registerBlobURLForSlice(const URL&, const URL& srcURL, long long start, long long end, const String& contentType);
void unregisterBlobURL(const URL&);
Modified: trunk/Source/WebCore/platform/network/BlobResourceHandle.cpp (281054 => 281055)
--- trunk/Source/WebCore/platform/network/BlobResourceHandle.cpp 2021-08-14 00:47:03 UTC (rev 281054)
+++ trunk/Source/WebCore/platform/network/BlobResourceHandle.cpp 2021-08-14 02:28:19 UTC (rev 281055)
@@ -34,7 +34,6 @@
#include "AsyncFileStream.h"
#include "BlobData.h"
-#include "CrossOriginOpenerPolicy.h"
#include "FileStream.h"
#include "HTTPHeaderNames.h"
#include "HTTPParsers.h"
@@ -577,7 +576,8 @@
response.setHTTPHeaderField(HTTPHeaderName::ContentType, m_blobData->contentType());
response.setHTTPHeaderField(HTTPHeaderName::ContentLength, String::number(m_totalRemainingSize));
- addCrossOriginOpenerPolicyHeaders(response, m_blobData->crossOriginOpenerPolicy());
+ addCrossOriginOpenerPolicyHeaders(response, m_blobData->policyContainer().crossOriginOpenerPolicy);
+ addCrossOriginEmbedderPolicyHeaders(response, m_blobData->policyContainer().crossOriginEmbedderPolicy);
if (isRangeRequest)
response.setHTTPHeaderField(HTTPHeaderName::ContentRange, ParsedContentRange(m_rangeOffset, m_rangeEnd, m_totalSize).headerValue());
Modified: trunk/Source/WebKit/ChangeLog (281054 => 281055)
--- trunk/Source/WebKit/ChangeLog 2021-08-14 00:47:03 UTC (rev 281054)
+++ trunk/Source/WebKit/ChangeLog 2021-08-14 02:28:19 UTC (rev 281055)
@@ -1,3 +1,23 @@
+2021-08-13 Chris Dumez <cdu...@apple.com>
+
+ Add Cross-Origin-Embedder-Policy support for Blob URLs
+ https://bugs.webkit.org/show_bug.cgi?id=229041
+
+ Reviewed by Alex Christensen.
+
+ * NetworkProcess/NetworkConnectionToWebProcess.cpp:
+ (WebKit::NetworkConnectionToWebProcess::registerBlobURLFromURL):
+ (WebKit::NetworkConnectionToWebProcess::registerBlobURLOptionallyFileBacked):
+ * NetworkProcess/NetworkConnectionToWebProcess.h:
+ * NetworkProcess/NetworkConnectionToWebProcess.messages.in:
+ * NetworkProcess/NetworkDataTaskBlob.cpp:
+ (WebKit::NetworkDataTaskBlob::dispatchDidReceiveResponse):
+ * NetworkProcess/NetworkProcessPlatformStrategies.cpp:
+ (WebKit::NetworkProcessPlatformStrategies::createBlobRegistry):
+ * WebProcess/FileAPI/BlobRegistryProxy.cpp:
+ (WebKit::BlobRegistryProxy::registerBlobURL):
+ * WebProcess/FileAPI/BlobRegistryProxy.h:
+
2021-08-13 Wenson Hsieh <wenson_hs...@apple.com>
[iOS 15] fast/events/touch/ios/long-press-on-link.html is a constant crash
Modified: trunk/Source/WebKit/NetworkProcess/NetworkConnectionToWebProcess.cpp (281054 => 281055)
--- trunk/Source/WebKit/NetworkProcess/NetworkConnectionToWebProcess.cpp 2021-08-14 00:47:03 UTC (rev 281054)
+++ trunk/Source/WebKit/NetworkProcess/NetworkConnectionToWebProcess.cpp 2021-08-14 02:28:19 UTC (rev 281055)
@@ -828,13 +828,13 @@
session->blobRegistry().registerBlobURL(url, WTFMove(blobParts), contentType);
}
-void NetworkConnectionToWebProcess::registerBlobURLFromURL(const URL& url, const URL& srcURL, CrossOriginOpenerPolicy&& coop)
+void NetworkConnectionToWebProcess::registerBlobURLFromURL(const URL& url, const URL& srcURL, PolicyContainer&& policyContainer)
{
auto* session = networkSession();
if (!session)
return;
- session->blobRegistry().registerBlobURL(url, srcURL, WTFMove(coop));
+ session->blobRegistry().registerBlobURL(url, srcURL, WTFMove(policyContainer));
}
void NetworkConnectionToWebProcess::registerBlobURLOptionallyFileBacked(const URL& url, const URL& srcURL, const String& fileBackedPath, const String& contentType)
Modified: trunk/Source/WebKit/NetworkProcess/NetworkConnectionToWebProcess.h (281054 => 281055)
--- trunk/Source/WebKit/NetworkProcess/NetworkConnectionToWebProcess.h 2021-08-14 00:47:03 UTC (rev 281054)
+++ trunk/Source/WebKit/NetworkProcess/NetworkConnectionToWebProcess.h 2021-08-14 02:28:19 UTC (rev 281055)
@@ -66,7 +66,7 @@
class ResourceRequest;
enum class StorageAccessScope : bool;
enum class ShouldAskITP : bool;
-struct CrossOriginOpenerPolicy;
+struct PolicyContainer;
struct RequestStorageAccessResult;
struct SameSiteInfo;
@@ -230,7 +230,7 @@
void registerFileBlobURL(const URL&, const String& path, const String& replacementPath, SandboxExtension::Handle&&, const String& contentType);
void registerBlobURL(const URL&, Vector<WebCore::BlobPart>&&, const String& contentType);
- void registerBlobURLFromURL(const URL&, const URL& srcURL, WebCore::CrossOriginOpenerPolicy&&);
+ void registerBlobURLFromURL(const URL&, const URL& srcURL, WebCore::PolicyContainer&&);
void registerBlobURLOptionallyFileBacked(const URL&, const URL& srcURL, const String& fileBackedPath, const String& contentType);
void registerBlobURLForSlice(const URL&, const URL& srcURL, int64_t start, int64_t end, const String& contentType);
void blobSize(const URL&, CompletionHandler<void(uint64_t)>&&);
Modified: trunk/Source/WebKit/NetworkProcess/NetworkConnectionToWebProcess.messages.in (281054 => 281055)
--- trunk/Source/WebKit/NetworkProcess/NetworkConnectionToWebProcess.messages.in 2021-08-14 00:47:03 UTC (rev 281054)
+++ trunk/Source/WebKit/NetworkProcess/NetworkConnectionToWebProcess.messages.in 2021-08-14 02:28:19 UTC (rev 281055)
@@ -50,7 +50,7 @@
RegisterFileBlobURL(URL url, String path, String replacementPath, WebKit::SandboxExtension::Handle extensionHandle, String contentType)
RegisterBlobURL(URL url, Vector<WebCore::BlobPart> blobParts, String contentType)
- RegisterBlobURLFromURL(URL url, URL srcURL, struct WebCore::CrossOriginOpenerPolicy coop)
+ RegisterBlobURLFromURL(URL url, URL srcURL, struct WebCore::PolicyContainer policyContainer)
RegisterBlobURLOptionallyFileBacked(URL url, URL srcURL, String fileBackedPath, String contentType)
RegisterBlobURLForSlice(URL url, URL srcURL, int64_t start, int64_t end, String contentType)
UnregisterBlobURL(URL url)
Modified: trunk/Source/WebKit/NetworkProcess/NetworkDataTaskBlob.cpp (281054 => 281055)
--- trunk/Source/WebKit/NetworkProcess/NetworkDataTaskBlob.cpp 2021-08-14 00:47:03 UTC (rev 281054)
+++ trunk/Source/WebKit/NetworkProcess/NetworkDataTaskBlob.cpp 2021-08-14 02:28:19 UTC (rev 281055)
@@ -41,6 +41,7 @@
#include "WebErrors.h"
#include <WebCore/AsyncFileStream.h>
#include <WebCore/BlobRegistryImpl.h>
+#include <WebCore/CrossOriginEmbedderPolicy.h>
#include <WebCore/CrossOriginOpenerPolicy.h>
#include <WebCore/HTTPParsers.h>
#include <WebCore/ParsedContentRange.h>
@@ -265,7 +266,8 @@
response.setHTTPHeaderField(HTTPHeaderName::ContentType, m_blobData->contentType());
response.setHTTPHeaderField(HTTPHeaderName::ContentLength, String::number(m_totalRemainingSize));
- addCrossOriginOpenerPolicyHeaders(response, m_blobData->crossOriginOpenerPolicy());
+ addCrossOriginOpenerPolicyHeaders(response, m_blobData->policyContainer().crossOriginOpenerPolicy);
+ addCrossOriginEmbedderPolicyHeaders(response, m_blobData->policyContainer().crossOriginEmbedderPolicy);
if (isRangeRequest)
response.setHTTPHeaderField(HTTPHeaderName::ContentRange, ParsedContentRange(m_rangeOffset, m_rangeEnd, m_totalSize).headerValue());
Modified: trunk/Source/WebKit/NetworkProcess/NetworkProcessPlatformStrategies.cpp (281054 => 281055)
--- trunk/Source/WebKit/NetworkProcess/NetworkProcessPlatformStrategies.cpp 2021-08-14 00:47:03 UTC (rev 281054)
+++ trunk/Source/WebKit/NetworkProcess/NetworkProcessPlatformStrategies.cpp 2021-08-14 02:28:19 UTC (rev 281055)
@@ -59,7 +59,7 @@
class EmptyBlobRegistry : public WebCore::BlobRegistry {
void registerFileBlobURL(const URL&, Ref<BlobDataFileReference>&&, const String& path, const String& contentType) final { ASSERT_NOT_REACHED(); }
void registerBlobURL(const URL&, Vector<BlobPart>&&, const String& contentType) final { ASSERT_NOT_REACHED(); }
- void registerBlobURL(const URL&, const URL& srcURL, const WebCore::CrossOriginOpenerPolicy&) final { ASSERT_NOT_REACHED(); }
+ void registerBlobURL(const URL&, const URL& srcURL, const PolicyContainer&) final { ASSERT_NOT_REACHED(); }
void registerBlobURLOptionallyFileBacked(const URL&, const URL& srcURL, RefPtr<BlobDataFileReference>&&, const String& contentType) final { ASSERT_NOT_REACHED(); }
void registerBlobURLForSlice(const URL&, const URL& srcURL, long long start, long long end, const String& contentType) final { ASSERT_NOT_REACHED(); }
void unregisterBlobURL(const URL&) final { ASSERT_NOT_REACHED(); }
Modified: trunk/Source/WebKit/WebProcess/FileAPI/BlobRegistryProxy.cpp (281054 => 281055)
--- trunk/Source/WebKit/WebProcess/FileAPI/BlobRegistryProxy.cpp 2021-08-14 00:47:03 UTC (rev 281054)
+++ trunk/Source/WebKit/WebProcess/FileAPI/BlobRegistryProxy.cpp 2021-08-14 02:28:19 UTC (rev 281055)
@@ -56,9 +56,9 @@
WebProcess::singleton().ensureNetworkProcessConnection().connection().send(Messages::NetworkConnectionToWebProcess::RegisterBlobURL(url, blobParts, contentType), 0);
}
-void BlobRegistryProxy::registerBlobURL(const URL& url, const URL& srcURL, const CrossOriginOpenerPolicy& coop)
+void BlobRegistryProxy::registerBlobURL(const URL& url, const URL& srcURL, const PolicyContainer& policyContainer)
{
- WebProcess::singleton().ensureNetworkProcessConnection().connection().send(Messages::NetworkConnectionToWebProcess::RegisterBlobURLFromURL { url, srcURL, coop }, 0);
+ WebProcess::singleton().ensureNetworkProcessConnection().connection().send(Messages::NetworkConnectionToWebProcess::RegisterBlobURLFromURL { url, srcURL, policyContainer }, 0);
}
void BlobRegistryProxy::registerBlobURLOptionallyFileBacked(const URL& url, const URL& srcURL, RefPtr<WebCore::BlobDataFileReference>&& file, const String& contentType)
Modified: trunk/Source/WebKit/WebProcess/FileAPI/BlobRegistryProxy.h (281054 => 281055)
--- trunk/Source/WebKit/WebProcess/FileAPI/BlobRegistryProxy.h 2021-08-14 00:47:03 UTC (rev 281054)
+++ trunk/Source/WebKit/WebProcess/FileAPI/BlobRegistryProxy.h 2021-08-14 02:28:19 UTC (rev 281055)
@@ -33,7 +33,7 @@
public:
void registerFileBlobURL(const URL&, Ref<WebCore::BlobDataFileReference>&&, const String& path, const String& contentType) final;
void registerBlobURL(const URL&, Vector<WebCore::BlobPart>&&, const String& contentType) final;
- void registerBlobURL(const URL&, const URL& srcURL, const WebCore::CrossOriginOpenerPolicy&) final;
+ void registerBlobURL(const URL&, const URL& srcURL, const WebCore::PolicyContainer&) final;
void registerBlobURLOptionallyFileBacked(const URL&, const URL& srcURL, RefPtr<WebCore::BlobDataFileReference>&&, const String& contentType) final;
void unregisterBlobURL(const URL&) final;
void registerBlobURLForSlice(const URL&, const URL& srcURL, long long start, long long end, const String& contentType) final;
Modified: trunk/Source/WebKitLegacy/mac/ChangeLog (281054 => 281055)
--- trunk/Source/WebKitLegacy/mac/ChangeLog 2021-08-14 00:47:03 UTC (rev 281054)
+++ trunk/Source/WebKitLegacy/mac/ChangeLog 2021-08-14 02:28:19 UTC (rev 281055)
@@ -1,3 +1,12 @@
+2021-08-13 Chris Dumez <cdu...@apple.com>
+
+ Add Cross-Origin-Embedder-Policy support for Blob URLs
+ https://bugs.webkit.org/show_bug.cgi?id=229041
+
+ Reviewed by Alex Christensen.
+
+ * WebCoreSupport/WebPlatformStrategies.mm:
+
2021-08-12 Chris Dumez <cdu...@apple.com>
Regression(r273194) Exception being thrown in [WebMainThreadInvoker forwardInvocation] should be autoreleased
Modified: trunk/Source/WebKitLegacy/mac/WebCoreSupport/WebPlatformStrategies.mm (281054 => 281055)
--- trunk/Source/WebKitLegacy/mac/WebCoreSupport/WebPlatformStrategies.mm 2021-08-14 00:47:03 UTC (rev 281054)
+++ trunk/Source/WebKitLegacy/mac/WebCoreSupport/WebPlatformStrategies.mm 2021-08-14 02:28:19 UTC (rev 281055)
@@ -85,7 +85,7 @@
private:
void registerFileBlobURL(const URL& url, Ref<BlobDataFileReference>&& reference, const String&, const String& contentType) final { m_blobRegistry.registerFileBlobURL(url, WTFMove(reference), contentType); }
void registerBlobURL(const URL& url, Vector<BlobPart>&& parts, const String& contentType) final { m_blobRegistry.registerBlobURL(url, WTFMove(parts), contentType); }
- void registerBlobURL(const URL& url, const URL& srcURL, const CrossOriginOpenerPolicy& coop) final { m_blobRegistry.registerBlobURL(url, srcURL, coop); }
+ void registerBlobURL(const URL& url, const URL& srcURL, const PolicyContainer& policyContainer) final { m_blobRegistry.registerBlobURL(url, srcURL, policyContainer); }
void registerBlobURLOptionallyFileBacked(const URL& url, const URL& srcURL, RefPtr<BlobDataFileReference>&& reference, const String& contentType) final { m_blobRegistry.registerBlobURLOptionallyFileBacked(url, srcURL, WTFMove(reference), contentType, { }); }
void registerBlobURLForSlice(const URL& url, const URL& srcURL, long long start, long long end, const String& contentType) final { m_blobRegistry.registerBlobURLForSlice(url, srcURL, start, end, contentType); }
void unregisterBlobURL(const URL& url) final { m_blobRegistry.unregisterBlobURL(url); }
Modified: trunk/Source/WebKitLegacy/win/ChangeLog (281054 => 281055)
--- trunk/Source/WebKitLegacy/win/ChangeLog 2021-08-14 00:47:03 UTC (rev 281054)
+++ trunk/Source/WebKitLegacy/win/ChangeLog 2021-08-14 02:28:19 UTC (rev 281055)
@@ -1,3 +1,12 @@
+2021-08-13 Chris Dumez <cdu...@apple.com>
+
+ Add Cross-Origin-Embedder-Policy support for Blob URLs
+ https://bugs.webkit.org/show_bug.cgi?id=229041
+
+ Reviewed by Alex Christensen.
+
+ * WebCoreSupport/WebPlatformStrategies.cpp:
+
2021-08-10 Chris Dumez <cdu...@apple.com>
Add Cross-Origin-Opener-Policy support for Blob URLs
Modified: trunk/Source/WebKitLegacy/win/WebCoreSupport/WebPlatformStrategies.cpp (281054 => 281055)
--- trunk/Source/WebKitLegacy/win/WebCoreSupport/WebPlatformStrategies.cpp 2021-08-14 00:47:03 UTC (rev 281054)
+++ trunk/Source/WebKitLegacy/win/WebCoreSupport/WebPlatformStrategies.cpp 2021-08-14 02:28:19 UTC (rev 281055)
@@ -81,7 +81,7 @@
private:
void registerFileBlobURL(const URL& url, Ref<BlobDataFileReference>&& reference, const String&, const String& contentType) final { m_blobRegistry.registerFileBlobURL(url, WTFMove(reference), contentType); }
void registerBlobURL(const URL& url, Vector<BlobPart>&& parts, const String& contentType) final { m_blobRegistry.registerBlobURL(url, WTFMove(parts), contentType); }
- void registerBlobURL(const URL& url, const URL& srcURL, const CrossOriginOpenerPolicy& coop) final { m_blobRegistry.registerBlobURL(url, srcURL, coop); }
+ void registerBlobURL(const URL& url, const URL& srcURL, const PolicyContainer& policyContainer) final { m_blobRegistry.registerBlobURL(url, srcURL, policyContainer); }
void registerBlobURLOptionallyFileBacked(const URL& url, const URL& srcURL, RefPtr<BlobDataFileReference>&& reference, const String& contentType) final { m_blobRegistry.registerBlobURLOptionallyFileBacked(url, srcURL, WTFMove(reference), contentType, { }); }
void registerBlobURLForSlice(const URL& url, const URL& srcURL, long long start, long long end, const String& contentType) final { m_blobRegistry.registerBlobURLForSlice(url, srcURL, start, end, contentType); }
void unregisterBlobURL(const URL& url) final { m_blobRegistry.unregisterBlobURL(url); }
