Diff
Modified: trunk/LayoutTests/ChangeLog (239086 => 239087)
--- trunk/LayoutTests/ChangeLog 2018-12-11 21:13:32 UTC (rev 239086)
+++ trunk/LayoutTests/ChangeLog 2018-12-11 21:49:51 UTC (rev 239087)
@@ -1,3 +1,21 @@
+2018-12-11 Chris Dumez <cdu...@apple.com>
+
+ Restrict DeviceMotion / DeviceOrientation APIs to secure contexts
+ https://bugs.webkit.org/show_bug.cgi?id=192595
+ <rdar://problem/46382603>
+
+ Reviewed by Dean Jackson.
+
+ Add layout test coverage. Note however that we currently do not have mock data providers
+ for these APIs.
+
+ * http/tests/events/device-orientation-motion-non-secure-context-expected.txt: Added.
+ * http/tests/events/device-orientation-motion-non-secure-context.html: Added.
+ * http/tests/events/device-orientation-motion-secure-context-expected.txt: Added.
+ * http/tests/events/device-orientation-motion-secure-context.html: Added.
+ * platform/ios/http/tests/events/device-orientation-motion-non-secure-context-expected.txt: Added.
+ * platform/ios/http/tests/events/device-orientation-motion-secure-context-expected.txt: Added.
+
2018-12-10 Brent Fulgham <bfulg...@apple.com>
SVGViewSpec objects should mark relevant SVG elements
Added: trunk/LayoutTests/http/tests/events/device-orientation-motion-non-secure-context-expected.txt (0 => 239087)
--- trunk/LayoutTests/http/tests/events/device-orientation-motion-non-secure-context-expected.txt (rev 0)
+++ trunk/LayoutTests/http/tests/events/device-orientation-motion-non-secure-context-expected.txt 2018-12-11 21:49:51 UTC (rev 239087)
@@ -0,0 +1,11 @@
+CONSOLE MESSAGE: line 38: Device Orientation API is not supported
+CONSOLE MESSAGE: line 20: Device Motion API is not supported
+Tests that trying to set an event listener for deviceorientation and deviceorientation logs an error in non-secure contexts.
+
+On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".
+
+
+PASS successfullyParsed is true
+
+TEST COMPLETE
+
Added: trunk/LayoutTests/http/tests/events/device-orientation-motion-non-secure-context.html (0 => 239087)
--- trunk/LayoutTests/http/tests/events/device-orientation-motion-non-secure-context.html (rev 0)
+++ trunk/LayoutTests/http/tests/events/device-orientation-motion-non-secure-context.html 2018-12-11 21:49:51 UTC (rev 239087)
@@ -0,0 +1,55 @@
+<!DOCTYPE html>
+<html>
+<body>
+<script src=""
+<script>
+description("Tests that trying to set an event listener for deviceorientation and deviceorientation logs an error in non-secure contexts.");
+jsTestIsAsync = true;
+
+// localhost is secure by default.
+internals.markContextAsInsecure();
+
+let lastConsoleMessage = null;
+internals.setConsoleMessageListener((message) => {
+ lastConsoleMessage = message;
+});
+
+function runDeviceMotionTest()
+{
+ if (!window.DeviceMotionEvent) {
+ console.log("Device Motion API is not supported");
+ finishJSTest();
+ return;
+ }
+
+ lastConsoleMessage = null;
+ debug("");
+ debug("* Registering device motion listener");
+ addEventListener("devicemotion", function() { });
+ internals.postTask(() => {
+ shouldBeEqualToString("lastConsoleMessage", "Blocked attempt add device motion or orientation listener because the browsing context is not secure.");
+ finishJSTest();
+ });
+}
+
+function runDeviceOrientationTest()
+{
+ if (!window.DeviceOrientationEvent) {
+ console.log("Device Orientation API is not supported");
+ runDeviceMotionTest();
+ return;
+ }
+
+ lastConsoleMessage = null;
+ debug("* Registering device orientation listener");
+ addEventListener("deviceorientation", function() { });
+ internals.postTask(() => {
+ shouldBeEqualToString("lastConsoleMessage", "Blocked attempt add device motion or orientation listener because the browsing context is not secure.");
+ runDeviceMotionTest();
+ });
+}
+
+_onload_ = runDeviceOrientationTest;
+</script>
+</body>
+</html>
Added: trunk/LayoutTests/http/tests/events/device-orientation-motion-secure-context-expected.txt (0 => 239087)
--- trunk/LayoutTests/http/tests/events/device-orientation-motion-secure-context-expected.txt (rev 0)
+++ trunk/LayoutTests/http/tests/events/device-orientation-motion-secure-context-expected.txt 2018-12-11 21:49:51 UTC (rev 239087)
@@ -0,0 +1,11 @@
+CONSOLE MESSAGE: line 37: Device Orientation API is not supported
+CONSOLE MESSAGE: line 19: Device Motion API is not supported
+Tests that trying to set an event listener for deviceorientation and deviceorientation does not log an error in secure contexts.
+
+On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".
+
+
+PASS successfullyParsed is true
+
+TEST COMPLETE
+
Added: trunk/LayoutTests/http/tests/events/device-orientation-motion-secure-context.html (0 => 239087)
--- trunk/LayoutTests/http/tests/events/device-orientation-motion-secure-context.html (rev 0)
+++ trunk/LayoutTests/http/tests/events/device-orientation-motion-secure-context.html 2018-12-11 21:49:51 UTC (rev 239087)
@@ -0,0 +1,54 @@
+<!DOCTYPE html>
+<html>
+<body>
+<script src=""
+<script>
+description("Tests that trying to set an event listener for deviceorientation and deviceorientation does not log an error in secure contexts.");
+jsTestIsAsync = true;
+
+// localhost is secure by default.
+
+let lastConsoleMessage = null;
+internals.setConsoleMessageListener((message) => {
+ lastConsoleMessage = message;
+});
+
+function runDeviceMotionTest()
+{
+ if (!window.DeviceMotionEvent) {
+ console.log("Device Motion API is not supported");
+ finishJSTest();
+ return;
+ }
+
+ lastConsoleMessage = null;
+ debug("");
+ debug("* Registering device motion listener");
+ addEventListener("devicemotion", function() { });
+ internals.postTask(() => {
+ shouldBeNull("lastConsoleMessage");
+ finishJSTest();
+ });
+}
+
+function runDeviceOrientationTest()
+{
+ if (!window.DeviceOrientationEvent) {
+ console.log("Device Orientation API is not supported");
+ runDeviceMotionTest();
+ return;
+ }
+
+ lastConsoleMessage = null;
+ debug("* Registering device orientation listener");
+ addEventListener("deviceorientation", function() { });
+ internals.postTask(() => {
+ shouldBeNull("lastConsoleMessage");
+ runDeviceMotionTest();
+ });
+}
+
+_onload_ = runDeviceOrientationTest;
+</script>
+</body>
+</html>
Added: trunk/LayoutTests/platform/ios/http/tests/events/device-orientation-motion-non-secure-context-expected.txt (0 => 239087)
--- trunk/LayoutTests/platform/ios/http/tests/events/device-orientation-motion-non-secure-context-expected.txt (rev 0)
+++ trunk/LayoutTests/platform/ios/http/tests/events/device-orientation-motion-non-secure-context-expected.txt 2018-12-11 21:49:51 UTC (rev 239087)
@@ -0,0 +1,16 @@
+CONSOLE MESSAGE: line 45: Blocked attempt add device motion or orientation listener because the browsing context is not secure.
+CONSOLE MESSAGE: line 28: Blocked attempt add device motion or orientation listener because the browsing context is not secure.
+Tests that trying to set an event listener for deviceorientation and deviceorientation logs an error in non-secure contexts.
+
+On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".
+
+
+* Registering device orientation listener
+PASS lastConsoleMessage is "Blocked attempt add device motion or orientation listener because the browsing context is not secure."
+
+* Registering device motion listener
+PASS lastConsoleMessage is "Blocked attempt add device motion or orientation listener because the browsing context is not secure."
+PASS successfullyParsed is true
+
+TEST COMPLETE
+
Added: trunk/LayoutTests/platform/ios/http/tests/events/device-orientation-motion-secure-context-expected.txt (0 => 239087)
--- trunk/LayoutTests/platform/ios/http/tests/events/device-orientation-motion-secure-context-expected.txt (rev 0)
+++ trunk/LayoutTests/platform/ios/http/tests/events/device-orientation-motion-secure-context-expected.txt 2018-12-11 21:49:51 UTC (rev 239087)
@@ -0,0 +1,14 @@
+Tests that trying to set an event listener for deviceorientation and deviceorientation does not log an error in secure contexts.
+
+On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".
+
+
+* Registering device orientation listener
+PASS lastConsoleMessage is null
+
+* Registering device motion listener
+PASS lastConsoleMessage is null
+PASS successfullyParsed is true
+
+TEST COMPLETE
+
Modified: trunk/Source/WebCore/ChangeLog (239086 => 239087)
--- trunk/Source/WebCore/ChangeLog 2018-12-11 21:13:32 UTC (rev 239086)
+++ trunk/Source/WebCore/ChangeLog 2018-12-11 21:49:51 UTC (rev 239087)
@@ -1,3 +1,24 @@
+2018-12-11 Chris Dumez <cdu...@apple.com>
+
+ Restrict DeviceMotion / DeviceOrientation APIs to secure contexts
+ https://bugs.webkit.org/show_bug.cgi?id=192595
+ <rdar://problem/46382603>
+
+ Reviewed by Dean Jackson.
+
+ Tests: http/tests/events/device-orientation-motion-non-secure-context.html
+ http/tests/events/device-orientation-motion-secure-context.html
+
+ * page/DOMWindow.cpp:
+ (WebCore::DOMWindow::addEventListener):
+ * page/SecurityOrigin.h:
+ (WebCore::SecurityOrigin::setIsPotentiallyTrustworthy):
+ * testing/Internals.cpp:
+ (WebCore::Internals::markContextAsInsecure):
+ (WebCore::Internals::postTask):
+ * testing/Internals.h:
+ * testing/Internals.idl:
+
2018-12-11 Wenson Hsieh <wenson_hs...@apple.com>
[iOS] Send the full list of file upload URLs and types in PasteboardItemInfo
Modified: trunk/Source/WebCore/page/DOMWindow.cpp (239086 => 239087)
--- trunk/Source/WebCore/page/DOMWindow.cpp 2018-12-11 21:13:32 UTC (rev 239086)
+++ trunk/Source/WebCore/page/DOMWindow.cpp 2018-12-11 21:49:51 UTC (rev 239087)
@@ -1824,27 +1824,35 @@
#if ENABLE(DEVICE_ORIENTATION)
#if PLATFORM(IOS_FAMILY)
else if ((eventType == eventNames().devicemotionEvent || eventType == eventNames().deviceorientationEvent) && document()) {
- if (isSameSecurityOriginAsMainFrame()) {
+ if (isSameSecurityOriginAsMainFrame() && isSecureContext()) {
if (eventType == eventNames().deviceorientationEvent)
document()->deviceOrientationController()->addDeviceEventListener(this);
else
document()->deviceMotionController()->addDeviceEventListener(this);
- } else if (document())
- document()->addConsoleMessage(MessageSource::JS, MessageLevel::Warning, "Blocked attempt add device motion or orientation listener from child frame that wasn't the same security origin as the main page."_s);
+ } else if (document()) {
+ if (isSecureContext())
+ document()->addConsoleMessage(MessageSource::JS, MessageLevel::Warning, "Blocked attempt add device motion or orientation listener from child frame that wasn't the same security origin as the main page."_s);
+ else
+ document()->addConsoleMessage(MessageSource::JS, MessageLevel::Warning, "Blocked attempt add device motion or orientation listener because the browsing context is not secure."_s);
+ }
}
#else
else if (eventType == eventNames().devicemotionEvent) {
- if (isSameSecurityOriginAsMainFrame()) {
+ if (isSameSecurityOriginAsMainFrame() && isSecureContext()) {
if (DeviceMotionController* controller = DeviceMotionController::from(page()))
controller->addDeviceEventListener(this);
} else if (document())
document()->addConsoleMessage(MessageSource::JS, MessageLevel::Warning, "Blocked attempt add device motion listener from child frame that wasn't the same security origin as the main page."_s);
} else if (eventType == eventNames().deviceorientationEvent) {
- if (isSameSecurityOriginAsMainFrame()) {
+ if (isSameSecurityOriginAsMainFrame() && isSecureContext()) {
if (DeviceOrientationController* controller = DeviceOrientationController::from(page()))
controller->addDeviceEventListener(this);
- } else if (document())
- document()->addConsoleMessage(MessageSource::JS, MessageLevel::Warning, "Blocked attempt add device orientation listener from child frame that wasn't the same security origin as the main page."_s);
+ } else if (document()) {
+ if (isSecureContext())
+ document()->addConsoleMessage(MessageSource::JS, MessageLevel::Warning, "Blocked attempt add device orientation listener from child frame that wasn't the same security origin as the main page."_s);
+ else
+ document()->addConsoleMessage(MessageSource::JS, MessageLevel::Warning, "Blocked attempt add device motion or orientation listener because the browsing context is not secure."_s);
+ }
}
#endif // PLATFORM(IOS_FAMILY)
#endif // ENABLE(DEVICE_ORIENTATION)
Modified: trunk/Source/WebCore/page/SecurityOrigin.h (239086 => 239087)
--- trunk/Source/WebCore/page/SecurityOrigin.h 2018-12-11 21:13:32 UTC (rev 239086)
+++ trunk/Source/WebCore/page/SecurityOrigin.h 2018-12-11 21:49:51 UTC (rev 239087)
@@ -199,6 +199,7 @@
WEBCORE_EXPORT bool isSameOriginAs(const SecurityOrigin&) const;
bool isPotentiallyTrustworthy() const { return m_isPotentiallyTrustworthy; }
+ void setIsPotentiallyTrustworthy(bool value) { m_isPotentiallyTrustworthy = value; }
static bool isLocalHostOrLoopbackIPAddress(StringView);
Modified: trunk/Source/WebCore/testing/Internals.cpp (239086 => 239087)
--- trunk/Source/WebCore/testing/Internals.cpp 2018-12-11 21:13:32 UTC (rev 239086)
+++ trunk/Source/WebCore/testing/Internals.cpp 2018-12-11 21:49:51 UTC (rev 239087)
@@ -4380,6 +4380,28 @@
}
#endif
+void Internals::markContextAsInsecure()
+{
+ auto* document = contextDocument();
+ if (!document)
+ return;
+
+ document->securityOrigin().setIsPotentiallyTrustworthy(false);
+}
+
+void Internals::postTask(RefPtr<VoidCallback>&& callback)
+{
+ auto* document = contextDocument();
+ if (!document) {
+ callback->handleEvent();
+ return;
+ }
+
+ document->postTask([callback = WTFMove(callback)](ScriptExecutionContext&) {
+ callback->handleEvent();
+ });
+}
+
Vector<String> Internals::accessKeyModifiers() const
{
Vector<String> accessKeyModifierStrings;
Modified: trunk/Source/WebCore/testing/Internals.h (239086 => 239087)
--- trunk/Source/WebCore/testing/Internals.h 2018-12-11 21:13:32 UTC (rev 239086)
+++ trunk/Source/WebCore/testing/Internals.h 2018-12-11 21:49:51 UTC (rev 239087)
@@ -714,6 +714,9 @@
bool isSystemPreviewLink(Element&) const;
bool isSystemPreviewImage(Element&) const;
+ void postTask(RefPtr<VoidCallback>&&);
+ void markContextAsInsecure();
+
bool usingAppleInternalSDK() const;
struct NowPlayingState {
Modified: trunk/Source/WebCore/testing/Internals.idl (239086 => 239087)
--- trunk/Source/WebCore/testing/Internals.idl 2018-12-11 21:13:32 UTC (rev 239086)
+++ trunk/Source/WebCore/testing/Internals.idl 2018-12-11 21:49:51 UTC (rev 239087)
@@ -699,6 +699,9 @@
boolean usingAppleInternalSDK();
+ void postTask(VoidCallback callback);
+ void markContextAsInsecure();
+
[Conditional=VIDEO, MayThrowException] readonly attribute NowPlayingState nowPlayingState;
[Conditional=VIDEO] HTMLMediaElement bestMediaElementForShowingPlaybackControlsManager(PlaybackControlsPurpose purpose);