Diff
Modified: releases/WebKitGTK/webkit-2.28/Source/WTF/ChangeLog (255920 => 255921)
--- releases/WebKitGTK/webkit-2.28/Source/WTF/ChangeLog 2020-02-06 15:09:38 UTC (rev 255920)
+++ releases/WebKitGTK/webkit-2.28/Source/WTF/ChangeLog 2020-02-06 15:09:54 UTC (rev 255921)
@@ -1,3 +1,17 @@
+2020-02-05 Alex Christensen <achristen...@webkit.org>
+
+ Make WKWebView._negotiatedLegacyTLS accurate when loading main resouorce from network or cache
+ https://bugs.webkit.org/show_bug.cgi?id=207207
+
+ Reviewed by Chris Dumez.
+
+ * wtf/persistence/PersistentDecoder.cpp:
+ (WTF::Persistence::Decoder::decode):
+ * wtf/persistence/PersistentDecoder.h:
+ * wtf/persistence/PersistentEncoder.cpp:
+ (WTF::Persistence::Encoder::encode):
+ * wtf/persistence/PersistentEncoder.h:
+
2020-02-04 Adrian Perez de Castro <ape...@igalia.com>
Non-unified build fixes early February 2020 edition
Modified: releases/WebKitGTK/webkit-2.28/Source/WTF/wtf/persistence/PersistentDecoder.cpp (255920 => 255921)
--- releases/WebKitGTK/webkit-2.28/Source/WTF/wtf/persistence/PersistentDecoder.cpp 2020-02-06 15:09:38 UTC (rev 255920)
+++ releases/WebKitGTK/webkit-2.28/Source/WTF/wtf/persistence/PersistentDecoder.cpp 2020-02-06 15:09:54 UTC (rev 255921)
@@ -87,6 +87,11 @@
return decodeNumber(result);
}
+bool Decoder::decode(int16_t& result)
+{
+ return decodeNumber(result);
+}
+
bool Decoder::decode(uint32_t& result)
{
return decodeNumber(result);
Modified: releases/WebKitGTK/webkit-2.28/Source/WTF/wtf/persistence/PersistentDecoder.h (255920 => 255921)
--- releases/WebKitGTK/webkit-2.28/Source/WTF/wtf/persistence/PersistentDecoder.h 2020-02-06 15:09:38 UTC (rev 255920)
+++ releases/WebKitGTK/webkit-2.28/Source/WTF/wtf/persistence/PersistentDecoder.h 2020-02-06 15:09:54 UTC (rev 255921)
@@ -50,6 +50,7 @@
WTF_EXPORT_PRIVATE bool decode(uint16_t&);
WTF_EXPORT_PRIVATE bool decode(uint32_t&);
WTF_EXPORT_PRIVATE bool decode(uint64_t&);
+ WTF_EXPORT_PRIVATE bool decode(int16_t&);
WTF_EXPORT_PRIVATE bool decode(int32_t&);
WTF_EXPORT_PRIVATE bool decode(int64_t&);
WTF_EXPORT_PRIVATE bool decode(float&);
Modified: releases/WebKitGTK/webkit-2.28/Source/WTF/wtf/persistence/PersistentEncoder.cpp (255920 => 255921)
--- releases/WebKitGTK/webkit-2.28/Source/WTF/wtf/persistence/PersistentEncoder.cpp 2020-02-06 15:09:38 UTC (rev 255920)
+++ releases/WebKitGTK/webkit-2.28/Source/WTF/wtf/persistence/PersistentEncoder.cpp 2020-02-06 15:09:54 UTC (rev 255921)
@@ -85,6 +85,11 @@
encodeNumber(value);
}
+void Encoder::encode(int16_t value)
+{
+ encodeNumber(value);
+}
+
void Encoder::encode(uint32_t value)
{
encodeNumber(value);
Modified: releases/WebKitGTK/webkit-2.28/Source/WTF/wtf/persistence/PersistentEncoder.h (255920 => 255921)
--- releases/WebKitGTK/webkit-2.28/Source/WTF/wtf/persistence/PersistentEncoder.h 2020-02-06 15:09:38 UTC (rev 255920)
+++ releases/WebKitGTK/webkit-2.28/Source/WTF/wtf/persistence/PersistentEncoder.h 2020-02-06 15:09:54 UTC (rev 255921)
@@ -85,6 +85,7 @@
WTF_EXPORT_PRIVATE void encode(uint16_t);
WTF_EXPORT_PRIVATE void encode(uint32_t);
WTF_EXPORT_PRIVATE void encode(uint64_t);
+ WTF_EXPORT_PRIVATE void encode(int16_t);
WTF_EXPORT_PRIVATE void encode(int32_t);
WTF_EXPORT_PRIVATE void encode(int64_t);
WTF_EXPORT_PRIVATE void encode(float);
@@ -110,6 +111,7 @@
template <> struct Encoder::Salt<float> { static constexpr unsigned value = 23; };
template <> struct Encoder::Salt<double> { static constexpr unsigned value = 29; };
template <> struct Encoder::Salt<uint8_t*> { static constexpr unsigned value = 101; };
+template <> struct Encoder::Salt<int16_t> { static constexpr unsigned value = 103; };
template <typename Type>
void Encoder::updateChecksumForNumber(SHA1& sha1, Type value)
Modified: releases/WebKitGTK/webkit-2.28/Source/WebCore/ChangeLog (255920 => 255921)
--- releases/WebKitGTK/webkit-2.28/Source/WebCore/ChangeLog 2020-02-06 15:09:38 UTC (rev 255920)
+++ releases/WebKitGTK/webkit-2.28/Source/WebCore/ChangeLog 2020-02-06 15:09:54 UTC (rev 255921)
@@ -1,3 +1,17 @@
+2020-02-05 Alex Christensen <achristen...@webkit.org>
+
+ Make WKWebView._negotiatedLegacyTLS accurate when loading main resouorce from network or cache
+ https://bugs.webkit.org/show_bug.cgi?id=207207
+
+ Reviewed by Chris Dumez.
+
+ * platform/network/ResourceResponseBase.cpp:
+ (WebCore::ResourceResponseBase::includeCertificateInfo const):
+ * platform/network/ResourceResponseBase.h:
+ (WebCore::ResourceResponseBase::usedLegacyTLS const):
+ (WebCore::ResourceResponseBase::encode const):
+ (WebCore::ResourceResponseBase::decode):
+
2020-02-05 Michael Catanzaro <mcatanz...@gnome.org>
[GTK] Cannot perform most local loads with sandbox enabled
Modified: releases/WebKitGTK/webkit-2.28/Source/WebCore/platform/network/ResourceResponseBase.cpp (255920 => 255921)
--- releases/WebKitGTK/webkit-2.28/Source/WebCore/platform/network/ResourceResponseBase.cpp 2020-02-06 15:09:38 UTC (rev 255920)
+++ releases/WebKitGTK/webkit-2.28/Source/WebCore/platform/network/ResourceResponseBase.cpp 2020-02-06 15:09:54 UTC (rev 255921)
@@ -261,11 +261,12 @@
m_type = type;
}
-void ResourceResponseBase::includeCertificateInfo() const
+void ResourceResponseBase::includeCertificateInfo(UsedLegacyTLS usedLegacyTLS) const
{
if (m_certificateInfo)
return;
m_certificateInfo = static_cast<const ResourceResponse*>(this)->platformCertificateInfo();
+ m_usedLegacyTLS = usedLegacyTLS;
}
String ResourceResponseBase::suggestedFilename() const
Modified: releases/WebKitGTK/webkit-2.28/Source/WebCore/platform/network/ResourceResponseBase.h (255920 => 255921)
--- releases/WebKitGTK/webkit-2.28/Source/WebCore/platform/network/ResourceResponseBase.h 2020-02-06 15:09:38 UTC (rev 255920)
+++ releases/WebKitGTK/webkit-2.28/Source/WebCore/platform/network/ResourceResponseBase.h 2020-02-06 15:09:54 UTC (rev 255921)
@@ -41,6 +41,8 @@
bool isScriptAllowedByNosniff(const ResourceResponse&);
+enum class UsedLegacyTLS : bool { No, Yes };
+
// Do not use this class directly, use the class ResourceResponse instead
class ResourceResponseBase {
WTF_MAKE_FAST_ALLOCATED;
@@ -127,8 +129,9 @@
WEBCORE_EXPORT String suggestedFilename() const;
WEBCORE_EXPORT static String sanitizeSuggestedFilename(const String&);
- WEBCORE_EXPORT void includeCertificateInfo() const;
+ WEBCORE_EXPORT void includeCertificateInfo(UsedLegacyTLS = UsedLegacyTLS::No) const;
const Optional<CertificateInfo>& certificateInfo() const { return m_certificateInfo; };
+ bool usedLegacyTLS() const { return m_usedLegacyTLS == UsedLegacyTLS::Yes; }
// These functions return parsed values of the corresponding response headers.
WEBCORE_EXPORT bool cacheControlContainsNoCache() const;
@@ -246,7 +249,8 @@
bool m_isRangeRequested { false };
protected:
- int m_httpStatusCode { 0 };
+ short m_httpStatusCode { 0 };
+ mutable UsedLegacyTLS m_usedLegacyTLS { UsedLegacyTLS::No };
};
inline bool operator==(const ResourceResponse& a, const ResourceResponse& b) { return ResourceResponseBase::compare(a, b); }
@@ -279,6 +283,7 @@
encoder.encodeEnum(m_type);
encoder.encodeEnum(m_tainting);
encoder << m_isRedirected;
+ encoder << m_usedLegacyTLS;
encoder << m_isRangeRequested;
}
@@ -327,7 +332,8 @@
if (!decoder.decode(isRedirected))
return false;
response.m_isRedirected = isRedirected;
-
+ if (!decoder.decode(response.m_usedLegacyTLS))
+ return false;
bool isRangeRequested = false;
if (!decoder.decode(isRangeRequested))
return false;
Modified: releases/WebKitGTK/webkit-2.28/Source/WebKit/ChangeLog (255920 => 255921)
--- releases/WebKitGTK/webkit-2.28/Source/WebKit/ChangeLog 2020-02-06 15:09:38 UTC (rev 255920)
+++ releases/WebKitGTK/webkit-2.28/Source/WebKit/ChangeLog 2020-02-06 15:09:54 UTC (rev 255921)
@@ -1,3 +1,69 @@
+2020-02-05 Alex Christensen <achristen...@webkit.org>
+
+ Make WKWebView._negotiatedLegacyTLS accurate when loading main resouorce from network or cache
+ https://bugs.webkit.org/show_bug.cgi?id=207207
+
+ Reviewed by Chris Dumez.
+
+ In PageLoadState::didCommitLoad, I was resetting the value of _negotiatedLegacyTLS to false.
+ That created a race condition when loading the main resource because the NetworkProcess would
+ message the UIProcess setting _negotiatedLegacyTLS to false, while the NetworkProcess would
+ message the WebProcess which would message the UIProcess to call PageLoadState::didCommitLoad
+ which would reset it to false. Now it resets it to the correct value, whatever it is.
+
+ Updating the ResourceResponseBase serialization code has the desirable side effect that the disk
+ cache will remember whether legacy TLS was used to fetch each resource. This will make it so
+ _negotiatedLegacyTLS is true if we read content from the disk cache that was originally fetched
+ using legacy TLS.
+
+ In order to not increase the memory footprint of ResourceResponse, I changed m_httpStatusCode from
+ an int to a short. It just needs to be able to cover the values 0-600 or so, which really only needs 10 bits.
+
+ Covered by new API tests.
+
+ * NetworkProcess/NetworkCORSPreflightChecker.cpp:
+ (WebKit::NetworkCORSPreflightChecker::didReceiveResponse):
+ * NetworkProcess/NetworkCORSPreflightChecker.h:
+ * NetworkProcess/NetworkDataTask.cpp:
+ (WebKit::NetworkDataTask::didReceiveResponse):
+ (WebKit::NetworkDataTask::negotiatedLegacyTLS const): Deleted.
+ * NetworkProcess/NetworkDataTask.h:
+ (WebKit::NetworkDataTaskClient::negotiatedLegacyTLS const): Deleted.
+ * NetworkProcess/NetworkDataTaskBlob.cpp:
+ (WebKit::NetworkDataTaskBlob::dispatchDidReceiveResponse):
+ * NetworkProcess/NetworkLoad.cpp:
+ (WebKit::NetworkLoad::didReceiveResponse):
+ (WebKit::NetworkLoad::notifyDidReceiveResponse):
+ (WebKit::NetworkLoad::throttleDelayCompleted):
+ (WebKit::NetworkLoad::negotiatedLegacyTLS const): Deleted.
+ * NetworkProcess/NetworkLoad.h:
+ * NetworkProcess/NetworkResourceLoader.h:
+ * NetworkProcess/PingLoad.cpp:
+ (WebKit::PingLoad::didReceiveResponse):
+ * NetworkProcess/PingLoad.h:
+ * NetworkProcess/cocoa/NetworkDataTaskCocoa.h:
+ * NetworkProcess/cocoa/NetworkDataTaskCocoa.mm:
+ (WebKit::NetworkDataTaskCocoa::didReceiveResponse):
+ * NetworkProcess/cocoa/NetworkSessionCocoa.mm:
+ (-[WKNetworkSessionDelegate URLSession:dataTask:didReceiveResponse:completionHandler:]):
+ * NetworkProcess/curl/NetworkDataTaskCurl.cpp:
+ (WebKit::NetworkDataTaskCurl::invokeDidReceiveResponse):
+ * NetworkProcess/soup/NetworkDataTaskSoup.cpp:
+ (WebKit::NetworkDataTaskSoup::dispatchDidReceiveResponse):
+ * UIProcess/PageLoadState.cpp:
+ (WebKit::PageLoadState::didCommitLoad):
+ * UIProcess/PageLoadState.h:
+ * UIProcess/ProvisionalPageProxy.cpp:
+ (WebKit::ProvisionalPageProxy::didCommitLoadForFrame):
+ * UIProcess/ProvisionalPageProxy.h:
+ * UIProcess/WebPageProxy.cpp:
+ (WebKit::WebPageProxy::commitProvisionalPage):
+ (WebKit::WebPageProxy::didCommitLoadForFrame):
+ * UIProcess/WebPageProxy.h:
+ * UIProcess/WebPageProxy.messages.in:
+ * WebProcess/WebCoreSupport/WebFrameLoaderClient.cpp:
+ (WebKit::WebFrameLoaderClient::dispatchDidCommitLoad):
+
2020-02-05 Chris Dumez <cdu...@apple.com>
Unreviewed, rolling out r255706.
Modified: releases/WebKitGTK/webkit-2.28/Source/WebKit/NetworkProcess/NetworkCORSPreflightChecker.cpp (255920 => 255921)
--- releases/WebKitGTK/webkit-2.28/Source/WebKit/NetworkProcess/NetworkCORSPreflightChecker.cpp 2020-02-06 15:09:38 UTC (rev 255920)
+++ releases/WebKitGTK/webkit-2.28/Source/WebKit/NetworkProcess/NetworkCORSPreflightChecker.cpp 2020-02-06 15:09:54 UTC (rev 255921)
@@ -104,7 +104,7 @@
m_networkProcess->authenticationManager().didReceiveAuthenticationChallenge(m_parameters.sessionID, m_parameters.webPageProxyID, m_parameters.topOrigin ? &m_parameters.topOrigin->data() : nullptr, challenge, negotiatedLegacyTLS, WTFMove(completionHandler));
}
-void NetworkCORSPreflightChecker::didReceiveResponse(WebCore::ResourceResponse&& response, ResponseCompletionHandler&& completionHandler)
+void NetworkCORSPreflightChecker::didReceiveResponse(WebCore::ResourceResponse&& response, NegotiatedLegacyTLS, ResponseCompletionHandler&& completionHandler)
{
RELEASE_LOG_IF_ALLOWED("didReceiveResponse");
Modified: releases/WebKitGTK/webkit-2.28/Source/WebKit/NetworkProcess/NetworkCORSPreflightChecker.h (255920 => 255921)
--- releases/WebKitGTK/webkit-2.28/Source/WebKit/NetworkProcess/NetworkCORSPreflightChecker.h 2020-02-06 15:09:38 UTC (rev 255920)
+++ releases/WebKitGTK/webkit-2.28/Source/WebKit/NetworkProcess/NetworkCORSPreflightChecker.h 2020-02-06 15:09:54 UTC (rev 255921)
@@ -69,7 +69,7 @@
private:
void willPerformHTTPRedirection(WebCore::ResourceResponse&&, WebCore::ResourceRequest&&, RedirectCompletionHandler&&) final;
void didReceiveChallenge(WebCore::AuthenticationChallenge&&, NegotiatedLegacyTLS, ChallengeCompletionHandler&&) final;
- void didReceiveResponse(WebCore::ResourceResponse&&, ResponseCompletionHandler&&) final;
+ void didReceiveResponse(WebCore::ResourceResponse&&, NegotiatedLegacyTLS, ResponseCompletionHandler&&) final;
void didReceiveData(Ref<WebCore::SharedBuffer>&&) final;
void didCompleteWithError(const WebCore::ResourceError&, const WebCore::NetworkLoadMetrics&) final;
void didSendData(uint64_t totalBytesSent, uint64_t totalBytesExpectedToSend) final;
Modified: releases/WebKitGTK/webkit-2.28/Source/WebKit/NetworkProcess/NetworkDataTask.cpp (255920 => 255921)
--- releases/WebKitGTK/webkit-2.28/Source/WebKit/NetworkProcess/NetworkDataTask.cpp 2020-02-06 15:09:38 UTC (rev 255920)
+++ releases/WebKitGTK/webkit-2.28/Source/WebKit/NetworkProcess/NetworkDataTask.cpp 2020-02-06 15:09:54 UTC (rev 255921)
@@ -97,7 +97,7 @@
m_failureTimer.startOneShot(0_s);
}
-void NetworkDataTask::didReceiveResponse(ResourceResponse&& response, ResponseCompletionHandler&& completionHandler)
+void NetworkDataTask::didReceiveResponse(ResourceResponse&& response, NegotiatedLegacyTLS negotiatedLegacyTLS, ResponseCompletionHandler&& completionHandler)
{
if (response.isHTTP09()) {
auto url = ""
@@ -111,17 +111,11 @@
}
}
if (m_client)
- m_client->didReceiveResponse(WTFMove(response), WTFMove(completionHandler));
+ m_client->didReceiveResponse(WTFMove(response), negotiatedLegacyTLS, WTFMove(completionHandler));
else
completionHandler(PolicyAction::Ignore);
}
-void NetworkDataTask::negotiatedLegacyTLS() const
-{
- if (m_client)
- m_client->negotiatedLegacyTLS();
-}
-
bool NetworkDataTask::shouldCaptureExtraNetworkLoadMetrics() const
{
return m_client ? m_client->shouldCaptureExtraNetworkLoadMetrics() : false;
Modified: releases/WebKitGTK/webkit-2.28/Source/WebKit/NetworkProcess/NetworkDataTask.h (255920 => 255921)
--- releases/WebKitGTK/webkit-2.28/Source/WebKit/NetworkProcess/NetworkDataTask.h 2020-02-06 15:09:38 UTC (rev 255920)
+++ releases/WebKitGTK/webkit-2.28/Source/WebKit/NetworkProcess/NetworkDataTask.h 2020-02-06 15:09:54 UTC (rev 255921)
@@ -62,7 +62,7 @@
public:
virtual void willPerformHTTPRedirection(WebCore::ResourceResponse&&, WebCore::ResourceRequest&&, RedirectCompletionHandler&&) = 0;
virtual void didReceiveChallenge(WebCore::AuthenticationChallenge&&, NegotiatedLegacyTLS, ChallengeCompletionHandler&&) = 0;
- virtual void didReceiveResponse(WebCore::ResourceResponse&&, ResponseCompletionHandler&&) = 0;
+ virtual void didReceiveResponse(WebCore::ResourceResponse&&, NegotiatedLegacyTLS, ResponseCompletionHandler&&) = 0;
virtual void didReceiveData(Ref<WebCore::SharedBuffer>&&) = 0;
virtual void didCompleteWithError(const WebCore::ResourceError&, const WebCore::NetworkLoadMetrics&) = 0;
virtual void didSendData(uint64_t totalBytesSent, uint64_t totalBytesExpectedToSend) = 0;
@@ -70,7 +70,6 @@
virtual void cannotShowURL() = 0;
virtual void wasBlockedByRestrictions() = 0;
- virtual void negotiatedLegacyTLS() const { }
virtual bool shouldCaptureExtraNetworkLoadMetrics() const { return false; }
void didCompleteWithError(const WebCore::ResourceError& error)
@@ -92,8 +91,7 @@
virtual void resume() = 0;
virtual void invalidateAndCancel() = 0;
- void didReceiveResponse(WebCore::ResourceResponse&&, ResponseCompletionHandler&&);
- void negotiatedLegacyTLS() const;
+ void didReceiveResponse(WebCore::ResourceResponse&&, NegotiatedLegacyTLS, ResponseCompletionHandler&&);
bool shouldCaptureExtraNetworkLoadMetrics() const;
enum class State {
Modified: releases/WebKitGTK/webkit-2.28/Source/WebKit/NetworkProcess/NetworkDataTaskBlob.cpp (255920 => 255921)
--- releases/WebKitGTK/webkit-2.28/Source/WebKit/NetworkProcess/NetworkDataTaskBlob.cpp 2020-02-06 15:09:38 UTC (rev 255920)
+++ releases/WebKitGTK/webkit-2.28/Source/WebKit/NetworkProcess/NetworkDataTaskBlob.cpp 2020-02-06 15:09:54 UTC (rev 255921)
@@ -290,7 +290,7 @@
break;
}
- didReceiveResponse(WTFMove(response), [this, protectedThis = WTFMove(protectedThis), errorCode](PolicyAction policyAction) {
+ didReceiveResponse(WTFMove(response), NegotiatedLegacyTLS::No, [this, protectedThis = WTFMove(protectedThis), errorCode](PolicyAction policyAction) {
LOG(NetworkSession, "%p - NetworkDataTaskBlob::didReceiveResponse completionHandler (%u)", this, static_cast<unsigned>(policyAction));
if (m_state == State::Canceling || m_state == State::Completed) {
Modified: releases/WebKitGTK/webkit-2.28/Source/WebKit/NetworkProcess/NetworkLoad.cpp (255920 => 255921)
--- releases/WebKitGTK/webkit-2.28/Source/WebKit/NetworkProcess/NetworkLoad.cpp 2020-02-06 15:09:38 UTC (rev 255920)
+++ releases/WebKitGTK/webkit-2.28/Source/WebKit/NetworkProcess/NetworkLoad.cpp 2020-02-06 15:09:54 UTC (rev 255921)
@@ -206,13 +206,8 @@
m_networkProcess->authenticationManager().didReceiveAuthenticationChallenge(m_task->sessionID(), m_parameters.webPageProxyID, m_parameters.topOrigin ? &m_parameters.topOrigin->data() : nullptr, challenge, negotiatedLegacyTLS, WTFMove(completionHandler));
}
-void NetworkLoad::negotiatedLegacyTLS() const
+void NetworkLoad::didReceiveResponse(ResourceResponse&& response, NegotiatedLegacyTLS negotiatedLegacyTLS, ResponseCompletionHandler&& completionHandler)
{
- m_networkProcess->authenticationManager().negotiatedLegacyTLS(m_parameters.webPageProxyID);
-}
-
-void NetworkLoad::didReceiveResponse(ResourceResponse&& response, ResponseCompletionHandler&& completionHandler)
-{
ASSERT(RunLoop::isMain());
ASSERT(!m_throttle);
@@ -226,16 +221,19 @@
return;
}
- notifyDidReceiveResponse(WTFMove(response), WTFMove(completionHandler));
+ if (negotiatedLegacyTLS == NegotiatedLegacyTLS::Yes)
+ m_networkProcess->authenticationManager().negotiatedLegacyTLS(m_parameters.webPageProxyID);
+
+ notifyDidReceiveResponse(WTFMove(response), negotiatedLegacyTLS, WTFMove(completionHandler));
}
-void NetworkLoad::notifyDidReceiveResponse(ResourceResponse&& response, ResponseCompletionHandler&& completionHandler)
+void NetworkLoad::notifyDidReceiveResponse(ResourceResponse&& response, NegotiatedLegacyTLS negotiatedLegacyTLS, ResponseCompletionHandler&& completionHandler)
{
ASSERT(RunLoop::isMain());
response.setSource(ResourceResponse::Source::Network);
if (m_parameters.needsCertificateInfo)
- response.includeCertificateInfo();
+ response.includeCertificateInfo(negotiatedLegacyTLS == NegotiatedLegacyTLS::Yes ? UsedLegacyTLS::Yes : UsedLegacyTLS::No);
m_client.get().didReceiveResponse(WTFMove(response), WTFMove(completionHandler));
}
@@ -265,7 +263,7 @@
auto throttle = WTFMove(m_throttle);
- notifyDidReceiveResponse(WTFMove(throttle->response), WTFMove(throttle->responseCompletionHandler));
+ notifyDidReceiveResponse(WTFMove(throttle->response), NegotiatedLegacyTLS::No, WTFMove(throttle->responseCompletionHandler));
}
void NetworkLoad::didSendData(uint64_t totalBytesSent, uint64_t totalBytesExpectedToSend)
Modified: releases/WebKitGTK/webkit-2.28/Source/WebKit/NetworkProcess/NetworkLoad.h (255920 => 255921)
--- releases/WebKitGTK/webkit-2.28/Source/WebKit/NetworkProcess/NetworkLoad.h 2020-02-06 15:09:38 UTC (rev 255920)
+++ releases/WebKitGTK/webkit-2.28/Source/WebKit/NetworkProcess/NetworkLoad.h 2020-02-06 15:09:54 UTC (rev 255921)
@@ -74,7 +74,7 @@
// NetworkDataTaskClient
void willPerformHTTPRedirection(WebCore::ResourceResponse&&, WebCore::ResourceRequest&&, RedirectCompletionHandler&&) final;
void didReceiveChallenge(WebCore::AuthenticationChallenge&&, NegotiatedLegacyTLS, ChallengeCompletionHandler&&) final;
- void didReceiveResponse(WebCore::ResourceResponse&&, ResponseCompletionHandler&&) final;
+ void didReceiveResponse(WebCore::ResourceResponse&&, NegotiatedLegacyTLS, ResponseCompletionHandler&&) final;
void didReceiveData(Ref<WebCore::SharedBuffer>&&) final;
void didCompleteWithError(const WebCore::ResourceError&, const WebCore::NetworkLoadMetrics&) final;
void didSendData(uint64_t totalBytesSent, uint64_t totalBytesExpectedToSend) final;
@@ -81,9 +81,8 @@
void wasBlocked() final;
void cannotShowURL() final;
void wasBlockedByRestrictions() final;
- void negotiatedLegacyTLS() const final;
- void notifyDidReceiveResponse(WebCore::ResourceResponse&&, ResponseCompletionHandler&&);
+ void notifyDidReceiveResponse(WebCore::ResourceResponse&&, NegotiatedLegacyTLS, ResponseCompletionHandler&&);
void throttleDelayCompleted();
std::reference_wrapper<NetworkLoadClient> m_client;
Modified: releases/WebKitGTK/webkit-2.28/Source/WebKit/NetworkProcess/NetworkResourceLoader.h (255920 => 255921)
--- releases/WebKitGTK/webkit-2.28/Source/WebKit/NetworkProcess/NetworkResourceLoader.h 2020-02-06 15:09:38 UTC (rev 255920)
+++ releases/WebKitGTK/webkit-2.28/Source/WebKit/NetworkProcess/NetworkResourceLoader.h 2020-02-06 15:09:54 UTC (rev 255921)
@@ -55,6 +55,8 @@
class ServiceWorkerFetchTask;
class WebSWServerConnection;
+enum class NegotiatedLegacyTLS : bool;
+
struct ResourceLoadInfo;
namespace NetworkCache {
Modified: releases/WebKitGTK/webkit-2.28/Source/WebKit/NetworkProcess/PingLoad.cpp (255920 => 255921)
--- releases/WebKitGTK/webkit-2.28/Source/WebKit/NetworkProcess/PingLoad.cpp 2020-02-06 15:09:38 UTC (rev 255920)
+++ releases/WebKitGTK/webkit-2.28/Source/WebKit/NetworkProcess/PingLoad.cpp 2020-02-06 15:09:54 UTC (rev 255921)
@@ -160,7 +160,7 @@
didFinish(ResourceError { String(), 0, currentURL(), "Failed HTTP authentication"_s, ResourceError::Type::AccessControl });
}
-void PingLoad::didReceiveResponse(ResourceResponse&& response, ResponseCompletionHandler&& completionHandler)
+void PingLoad::didReceiveResponse(ResourceResponse&& response, NegotiatedLegacyTLS, ResponseCompletionHandler&& completionHandler)
{
RELEASE_LOG_IF_ALLOWED("didReceiveResponse - httpStatusCode: %d", response.httpStatusCode());
auto weakThis = makeWeakPtr(*this);
Modified: releases/WebKitGTK/webkit-2.28/Source/WebKit/NetworkProcess/PingLoad.h (255920 => 255921)
--- releases/WebKitGTK/webkit-2.28/Source/WebKit/NetworkProcess/PingLoad.h 2020-02-06 15:09:38 UTC (rev 255920)
+++ releases/WebKitGTK/webkit-2.28/Source/WebKit/NetworkProcess/PingLoad.h 2020-02-06 15:09:54 UTC (rev 255921)
@@ -53,7 +53,7 @@
void willPerformHTTPRedirection(WebCore::ResourceResponse&&, WebCore::ResourceRequest&&, RedirectCompletionHandler&&) final;
void didReceiveChallenge(WebCore::AuthenticationChallenge&&, NegotiatedLegacyTLS, ChallengeCompletionHandler&&) final;
- void didReceiveResponse(WebCore::ResourceResponse&&, ResponseCompletionHandler&&) final;
+ void didReceiveResponse(WebCore::ResourceResponse&&, NegotiatedLegacyTLS, ResponseCompletionHandler&&) final;
void didReceiveData(Ref<WebCore::SharedBuffer>&&) final;
void didCompleteWithError(const WebCore::ResourceError&, const WebCore::NetworkLoadMetrics&) final;
void didSendData(uint64_t totalBytesSent, uint64_t totalBytesExpectedToSend) final;
Modified: releases/WebKitGTK/webkit-2.28/Source/WebKit/NetworkProcess/cache/NetworkCacheStorage.h (255920 => 255921)
--- releases/WebKitGTK/webkit-2.28/Source/WebKit/NetworkProcess/cache/NetworkCacheStorage.h 2020-02-06 15:09:38 UTC (rev 255920)
+++ releases/WebKitGTK/webkit-2.28/Source/WebKit/NetworkProcess/cache/NetworkCacheStorage.h 2020-02-06 15:09:54 UTC (rev 255921)
@@ -107,7 +107,7 @@
size_t approximateSize() const;
// Incrementing this number will delete all existing cache content for everyone. Do you really need to do it?
- static const unsigned version = 15;
+ static const unsigned version = 16;
String basePathIsolatedCopy() const;
String versionPath() const;
Modified: releases/WebKitGTK/webkit-2.28/Source/WebKit/NetworkProcess/cocoa/NetworkDataTaskCocoa.h (255920 => 255921)
--- releases/WebKitGTK/webkit-2.28/Source/WebKit/NetworkProcess/cocoa/NetworkDataTaskCocoa.h 2020-02-06 15:09:38 UTC (rev 255920)
+++ releases/WebKitGTK/webkit-2.28/Source/WebKit/NetworkProcess/cocoa/NetworkDataTaskCocoa.h 2020-02-06 15:09:54 UTC (rev 255921)
@@ -54,7 +54,7 @@
void didSendData(uint64_t totalBytesSent, uint64_t totalBytesExpectedToSend);
void didReceiveChallenge(WebCore::AuthenticationChallenge&&, NegotiatedLegacyTLS, ChallengeCompletionHandler&&);
void didCompleteWithError(const WebCore::ResourceError&, const WebCore::NetworkLoadMetrics&);
- void didReceiveResponse(WebCore::ResourceResponse&&, ResponseCompletionHandler&&);
+ void didReceiveResponse(WebCore::ResourceResponse&&, NegotiatedLegacyTLS, ResponseCompletionHandler&&);
void didReceiveData(Ref<WebCore::SharedBuffer>&&);
void willPerformHTTPRedirection(WebCore::ResourceResponse&&, WebCore::ResourceRequest&&, RedirectCompletionHandler&&);
Modified: releases/WebKitGTK/webkit-2.28/Source/WebKit/NetworkProcess/cocoa/NetworkDataTaskCocoa.mm (255920 => 255921)
--- releases/WebKitGTK/webkit-2.28/Source/WebKit/NetworkProcess/cocoa/NetworkDataTaskCocoa.mm 2020-02-06 15:09:38 UTC (rev 255920)
+++ releases/WebKitGTK/webkit-2.28/Source/WebKit/NetworkProcess/cocoa/NetworkDataTaskCocoa.mm 2020-02-06 15:09:54 UTC (rev 255921)
@@ -373,10 +373,10 @@
m_client->didReceiveData(WTFMove(data));
}
-void NetworkDataTaskCocoa::didReceiveResponse(WebCore::ResourceResponse&& response, WebKit::ResponseCompletionHandler&& completionHandler)
+void NetworkDataTaskCocoa::didReceiveResponse(WebCore::ResourceResponse&& response, NegotiatedLegacyTLS negotiatedLegacyTLS, WebKit::ResponseCompletionHandler&& completionHandler)
{
EMIT_SIGNPOST(m_task, "received response headers");
- NetworkDataTask::didReceiveResponse(WTFMove(response), WTFMove(completionHandler));
+ NetworkDataTask::didReceiveResponse(WTFMove(response), negotiatedLegacyTLS, WTFMove(completionHandler));
}
void NetworkDataTaskCocoa::willPerformHTTPRedirection(WebCore::ResourceResponse&& redirectResponse, WebCore::ResourceRequest&& request, RedirectCompletionHandler&& completionHandler)
Modified: releases/WebKitGTK/webkit-2.28/Source/WebKit/NetworkProcess/cocoa/NetworkSessionCocoa.mm (255920 => 255921)
--- releases/WebKitGTK/webkit-2.28/Source/WebKit/NetworkProcess/cocoa/NetworkSessionCocoa.mm 2020-02-06 15:09:38 UTC (rev 255920)
+++ releases/WebKitGTK/webkit-2.28/Source/WebKit/NetworkProcess/cocoa/NetworkSessionCocoa.mm 2020-02-06 15:09:54 UTC (rev 255921)
@@ -818,12 +818,12 @@
if (auto* networkDataTask = [self existingTask:dataTask]) {
ASSERT(RunLoop::isMain());
- bool negotiatedLegacyTLS = false;
+ NegotiatedLegacyTLS negotiatedLegacyTLS = NegotiatedLegacyTLS::No;
#if HAVE(TLS_PROTOCOL_VERSION_T)
NSURLSessionTaskTransactionMetrics *metrics = dataTask._incompleteTaskMetrics.transactionMetrics.lastObject;
auto tlsVersion = (tls_protocol_version_t)metrics.negotiatedTLSProtocolVersion.unsignedShortValue;
if (tlsVersion == tls_protocol_version_TLSv10 || tlsVersion == tls_protocol_version_TLSv11)
- negotiatedLegacyTLS = true;
+ negotiatedLegacyTLS = NegotiatedLegacyTLS::Yes;
UNUSED_PARAM(metrics);
#else // We do not need to check _TLSNegotiatedProtocolVersion if we have metrics.negotiatedTLSProtocolVersion because it works at response time even before rdar://problem/56522601
ALLOW_DEPRECATED_DECLARATIONS_BEGIN
@@ -830,12 +830,10 @@
if ([dataTask respondsToSelector:@selector(_TLSNegotiatedProtocolVersion)]) {
SSLProtocol tlsVersion = [dataTask _TLSNegotiatedProtocolVersion];
if (tlsVersion == kTLSProtocol11 || tlsVersion == kTLSProtocol1)
- negotiatedLegacyTLS = true;
+ negotiatedLegacyTLS = NegotiatedLegacyTLS::Yes;
}
ALLOW_DEPRECATED_DECLARATIONS_END
#endif
- if (negotiatedLegacyTLS)
- networkDataTask->negotiatedLegacyTLS();
// Avoid MIME type sniffing if the response comes back as 304 Not Modified.
int statusCode = [response isKindOfClass:NSHTTPURLResponse.class] ? [(NSHTTPURLResponse *)response statusCode] : 0;
@@ -854,7 +852,7 @@
copyTimingData([dataTask _timingData], resourceResponse.deprecatedNetworkLoadMetrics());
auto completionHandlerCopy = Block_copy(completionHandler);
- networkDataTask->didReceiveResponse(WTFMove(resourceResponse), [completionHandlerCopy, taskIdentifier](WebCore::PolicyAction policyAction) {
+ networkDataTask->didReceiveResponse(WTFMove(resourceResponse), negotiatedLegacyTLS, [completionHandlerCopy, taskIdentifier](WebCore::PolicyAction policyAction) {
#if !LOG_DISABLED
LOG(NetworkSession, "%llu didReceiveResponse completionHandler (%d)", taskIdentifier, policyAction);
#else
Modified: releases/WebKitGTK/webkit-2.28/Source/WebKit/NetworkProcess/curl/NetworkDataTaskCurl.cpp (255920 => 255921)
--- releases/WebKitGTK/webkit-2.28/Source/WebKit/NetworkProcess/curl/NetworkDataTaskCurl.cpp 2020-02-06 15:09:38 UTC (rev 255920)
+++ releases/WebKitGTK/webkit-2.28/Source/WebKit/NetworkProcess/curl/NetworkDataTaskCurl.cpp 2020-02-06 15:09:54 UTC (rev 255921)
@@ -224,7 +224,7 @@
void NetworkDataTaskCurl::invokeDidReceiveResponse()
{
- didReceiveResponse(ResourceResponse(m_response), [this, protectedThis = makeRef(*this)](PolicyAction policyAction) {
+ didReceiveResponse(ResourceResponse(m_response), NegotiatedLegacyTLS::No, [this, protectedThis = makeRef(*this)](PolicyAction policyAction) {
if (m_state == State::Canceling || m_state == State::Completed)
return;
Modified: releases/WebKitGTK/webkit-2.28/Source/WebKit/NetworkProcess/soup/NetworkDataTaskSoup.cpp (255920 => 255921)
--- releases/WebKitGTK/webkit-2.28/Source/WebKit/NetworkProcess/soup/NetworkDataTaskSoup.cpp 2020-02-06 15:09:38 UTC (rev 255920)
+++ releases/WebKitGTK/webkit-2.28/Source/WebKit/NetworkProcess/soup/NetworkDataTaskSoup.cpp 2020-02-06 15:09:54 UTC (rev 255921)
@@ -378,7 +378,7 @@
deprecatedResponseMetrics.requestStart = m_networkLoadMetrics.requestStart;
deprecatedResponseMetrics.responseStart = m_networkLoadMetrics.responseStart;
- didReceiveResponse(ResourceResponse(m_response), [this, protectedThis = makeRef(*this)](PolicyAction policyAction) {
+ didReceiveResponse(ResourceResponse(m_response), NegotiatedLegacyTLS::No, [this, protectedThis = makeRef(*this)](PolicyAction policyAction) {
if (m_state == State::Canceling || m_state == State::Completed) {
clearRequest();
return;
Modified: releases/WebKitGTK/webkit-2.28/Source/WebKit/UIProcess/PageLoadState.cpp (255920 => 255921)
--- releases/WebKitGTK/webkit-2.28/Source/WebKit/UIProcess/PageLoadState.cpp 2020-02-06 15:09:38 UTC (rev 255920)
+++ releases/WebKitGTK/webkit-2.28/Source/WebKit/UIProcess/PageLoadState.cpp 2020-02-06 15:09:54 UTC (rev 255921)
@@ -317,7 +317,7 @@
m_uncommittedState.unreachableURL = m_lastUnreachableURL;
}
-void PageLoadState::didCommitLoad(const Transaction::Token& token, WebCertificateInfo& certificateInfo, bool hasInsecureContent)
+void PageLoadState::didCommitLoad(const Transaction::Token& token, WebCertificateInfo& certificateInfo, bool hasInsecureContent, bool usedLegacyTLS)
{
ASSERT_UNUSED(token, &token.m_pageLoadState == this);
ASSERT(m_uncommittedState.state == State::Provisional);
@@ -328,7 +328,7 @@
m_uncommittedState.url = ""
m_uncommittedState.provisionalURL = String();
- m_uncommittedState.negotiatedLegacyTLS = false;
+ m_uncommittedState.negotiatedLegacyTLS = usedLegacyTLS;
m_uncommittedState.title = String();
}
Modified: releases/WebKitGTK/webkit-2.28/Source/WebKit/UIProcess/PageLoadState.h (255920 => 255921)
--- releases/WebKitGTK/webkit-2.28/Source/WebKit/UIProcess/PageLoadState.h 2020-02-06 15:09:38 UTC (rev 255920)
+++ releases/WebKitGTK/webkit-2.28/Source/WebKit/UIProcess/PageLoadState.h 2020-02-06 15:09:54 UTC (rev 255921)
@@ -163,7 +163,7 @@
void didReceiveServerRedirectForProvisionalLoad(const Transaction::Token&, const String& url);
void didFailProvisionalLoad(const Transaction::Token&);
- void didCommitLoad(const Transaction::Token&, WebCertificateInfo&, bool hasInsecureContent);
+ void didCommitLoad(const Transaction::Token&, WebCertificateInfo&, bool hasInsecureContent, bool usedLegacyTLS);
void didFinishLoad(const Transaction::Token&);
void didFailLoad(const Transaction::Token&);
Modified: releases/WebKitGTK/webkit-2.28/Source/WebKit/UIProcess/ProvisionalPageProxy.cpp (255920 => 255921)
--- releases/WebKitGTK/webkit-2.28/Source/WebKit/UIProcess/ProvisionalPageProxy.cpp 2020-02-06 15:09:38 UTC (rev 255920)
+++ releases/WebKitGTK/webkit-2.28/Source/WebKit/UIProcess/ProvisionalPageProxy.cpp 2020-02-06 15:09:54 UTC (rev 255921)
@@ -264,7 +264,7 @@
m_page.didFailProvisionalLoadForFrameShared(m_process.copyRef(), frameID, WTFMove(frameSecurityOrigin), navigationID, provisionalURL, error, willContinueLoading, userData); // May delete |this|.
}
-void ProvisionalPageProxy::didCommitLoadForFrame(FrameIdentifier frameID, uint64_t navigationID, const String& mimeType, bool frameHasCustomContentProvider, uint32_t frameLoadType, const WebCore::CertificateInfo& certificateInfo, bool containsPluginDocument, Optional<WebCore::HasInsecureContent> forcedHasInsecureContent, const UserData& userData)
+void ProvisionalPageProxy::didCommitLoadForFrame(FrameIdentifier frameID, uint64_t navigationID, const String& mimeType, bool frameHasCustomContentProvider, uint32_t frameLoadType, const WebCore::CertificateInfo& certificateInfo, bool usedLegacyTLS, bool containsPluginDocument, Optional<WebCore::HasInsecureContent> forcedHasInsecureContent, const UserData& userData)
{
if (!validateInput(frameID, navigationID))
return;
@@ -274,7 +274,7 @@
m_process->removeMessageReceiver(Messages::WebPageProxy::messageReceiverName(), m_webPageID);
m_wasCommitted = true;
- m_page.commitProvisionalPage(frameID, navigationID, mimeType, frameHasCustomContentProvider, frameLoadType, certificateInfo, containsPluginDocument, forcedHasInsecureContent, userData); // Will delete |this|.
+ m_page.commitProvisionalPage(frameID, navigationID, mimeType, frameHasCustomContentProvider, frameLoadType, certificateInfo, usedLegacyTLS, containsPluginDocument, forcedHasInsecureContent, userData); // Will delete |this|.
}
void ProvisionalPageProxy::didNavigateWithNavigationData(const WebNavigationDataStore& store, FrameIdentifier frameID)
Modified: releases/WebKitGTK/webkit-2.28/Source/WebKit/UIProcess/ProvisionalPageProxy.h (255920 => 255921)
--- releases/WebKitGTK/webkit-2.28/Source/WebKit/UIProcess/ProvisionalPageProxy.h 2020-02-06 15:09:38 UTC (rev 255920)
+++ releases/WebKitGTK/webkit-2.28/Source/WebKit/UIProcess/ProvisionalPageProxy.h 2020-02-06 15:09:54 UTC (rev 255921)
@@ -122,7 +122,7 @@
void didPerformClientRedirect(const String& sourceURLString, const String& destinationURLString, WebCore::FrameIdentifier);
void didCreateMainFrame(WebCore::FrameIdentifier);
void didStartProvisionalLoadForFrame(WebCore::FrameIdentifier, uint64_t navigationID, URL&&, URL&& unreachableURL, const UserData&);
- void didCommitLoadForFrame(WebCore::FrameIdentifier, uint64_t navigationID, const String& mimeType, bool frameHasCustomContentProvider, uint32_t frameLoadType, const WebCore::CertificateInfo&, bool containsPluginDocument, Optional<WebCore::HasInsecureContent> forcedHasInsecureContent, const UserData&);
+ void didCommitLoadForFrame(WebCore::FrameIdentifier, uint64_t navigationID, const String& mimeType, bool frameHasCustomContentProvider, uint32_t frameLoadType, const WebCore::CertificateInfo&, bool usedLegacyTLS, bool containsPluginDocument, Optional<WebCore::HasInsecureContent> forcedHasInsecureContent, const UserData&);
void didFailProvisionalLoadForFrame(WebCore::FrameIdentifier, WebCore::SecurityOriginData&& frameSecurityOrigin, uint64_t navigationID, const String& provisionalURL, const WebCore::ResourceError&, WebCore::WillContinueLoading, const UserData&);
void startURLSchemeTask(URLSchemeTaskParameters&&);
void backForwardGoToItem(const WebCore::BackForwardItemIdentifier&, CompletionHandler<void(SandboxExtension::Handle&&, const WebBackForwardListCounts&)>&&);
Modified: releases/WebKitGTK/webkit-2.28/Source/WebKit/UIProcess/WebPageProxy.cpp (255920 => 255921)
--- releases/WebKitGTK/webkit-2.28/Source/WebKit/UIProcess/WebPageProxy.cpp 2020-02-06 15:09:38 UTC (rev 255920)
+++ releases/WebKitGTK/webkit-2.28/Source/WebKit/UIProcess/WebPageProxy.cpp 2020-02-06 15:09:54 UTC (rev 255921)
@@ -3161,7 +3161,7 @@
sender->send(action, navigation ? navigation->navigationID() : 0, downloadID, WTFMove(websitePolicies));
}
-void WebPageProxy::commitProvisionalPage(FrameIdentifier frameID, uint64_t navigationID, const String& mimeType, bool frameHasCustomContentProvider, uint32_t frameLoadType, const WebCore::CertificateInfo& certificateInfo, bool containsPluginDocument, Optional<WebCore::HasInsecureContent> forcedHasInsecureContent, const UserData& userData)
+void WebPageProxy::commitProvisionalPage(FrameIdentifier frameID, uint64_t navigationID, const String& mimeType, bool frameHasCustomContentProvider, uint32_t frameLoadType, const WebCore::CertificateInfo& certificateInfo, bool usedLegacyTLS, bool containsPluginDocument, Optional<WebCore::HasInsecureContent> forcedHasInsecureContent, const UserData& userData)
{
ASSERT(m_provisionalPage);
RELEASE_LOG_IF_ALLOWED(Loading, "commitProvisionalPage: newPID = %i", m_provisionalPage->process().processIdentifier());
@@ -3195,7 +3195,7 @@
const auto oldWebPageID = m_webPageID;
swapToProvisionalPage(std::exchange(m_provisionalPage, nullptr));
- didCommitLoadForFrame(frameID, navigationID, mimeType, frameHasCustomContentProvider, frameLoadType, certificateInfo, containsPluginDocument, forcedHasInsecureContent, userData);
+ didCommitLoadForFrame(frameID, navigationID, mimeType, frameHasCustomContentProvider, frameLoadType, certificateInfo, usedLegacyTLS, containsPluginDocument, forcedHasInsecureContent, userData);
m_inspectorController->didCommitProvisionalPage(oldWebPageID, m_webPageID);
}
@@ -4481,7 +4481,7 @@
}
#endif
-void WebPageProxy::didCommitLoadForFrame(FrameIdentifier frameID, uint64_t navigationID, const String& mimeType, bool frameHasCustomContentProvider, uint32_t opaqueFrameLoadType, const WebCore::CertificateInfo& certificateInfo, bool containsPluginDocument, Optional<HasInsecureContent> hasInsecureContent, const UserData& userData)
+void WebPageProxy::didCommitLoadForFrame(FrameIdentifier frameID, uint64_t navigationID, const String& mimeType, bool frameHasCustomContentProvider, uint32_t opaqueFrameLoadType, const WebCore::CertificateInfo& certificateInfo, bool usedLegacyTLS, bool containsPluginDocument, Optional<HasInsecureContent> hasInsecureContent, const UserData& userData)
{
LOG(Loading, "(Loading) WebPageProxy %" PRIu64 " didCommitLoadForFrame in navigation %" PRIu64, m_identifier.toUInt64(), navigationID);
LOG(BackForward, "(Back/Forward) After load commit, back/forward list is now:%s", m_backForwardList->loggingString());
@@ -4523,7 +4523,7 @@
bool markPageInsecure = hasInsecureContent ? hasInsecureContent.value() == HasInsecureContent::Yes : m_treatsSHA1CertificatesAsInsecure && certificateInfo.containsNonRootSHA1SignedCertificate();
if (frame->isMainFrame()) {
- m_pageLoadState.didCommitLoad(transaction, webCertificateInfo, markPageInsecure);
+ m_pageLoadState.didCommitLoad(transaction, webCertificateInfo, markPageInsecure, usedLegacyTLS);
m_shouldSuppressNextAutomaticNavigationSnapshot = false;
} else if (markPageInsecure)
m_pageLoadState.didDisplayOrRunInsecureContent(transaction);
Modified: releases/WebKitGTK/webkit-2.28/Source/WebKit/UIProcess/WebPageProxy.h (255920 => 255921)
--- releases/WebKitGTK/webkit-2.28/Source/WebKit/UIProcess/WebPageProxy.h 2020-02-06 15:09:38 UTC (rev 255920)
+++ releases/WebKitGTK/webkit-2.28/Source/WebKit/UIProcess/WebPageProxy.h 2020-02-06 15:09:54 UTC (rev 255921)
@@ -1587,7 +1587,7 @@
#endif
ProvisionalPageProxy* provisionalPageProxy() const { return m_provisionalPage.get(); }
- void commitProvisionalPage(WebCore::FrameIdentifier, uint64_t navigationID, const String& mimeType, bool frameHasCustomContentProvider, uint32_t frameLoadType, const WebCore::CertificateInfo&, bool containsPluginDocument, Optional<WebCore::HasInsecureContent> forcedHasInsecureContent, const UserData&);
+ void commitProvisionalPage(WebCore::FrameIdentifier, uint64_t navigationID, const String& mimeType, bool frameHasCustomContentProvider, uint32_t frameLoadType, const WebCore::CertificateInfo&, bool usedLegacyTLS, bool containsPluginDocument, Optional<WebCore::HasInsecureContent> forcedHasInsecureContent, const UserData&);
// Logic shared between the WebPageProxy and the ProvisionalPageProxy.
void didStartProvisionalLoadForFrameShared(Ref<WebProcessProxy>&&, WebCore::FrameIdentifier, uint64_t navigationID, URL&&, URL&& unreachableURL, const UserData&);
@@ -1737,7 +1737,7 @@
void didCancelClientRedirectForFrame(WebCore::FrameIdentifier);
void didChangeProvisionalURLForFrame(WebCore::FrameIdentifier, uint64_t navigationID, URL&&);
void didFailProvisionalLoadForFrame(WebCore::FrameIdentifier, WebCore::SecurityOriginData&& frameSecurityOrigin, uint64_t navigationID, const String& provisionalURL, const WebCore::ResourceError&, WebCore::WillContinueLoading, const UserData&);
- void didCommitLoadForFrame(WebCore::FrameIdentifier, uint64_t navigationID, const String& mimeType, bool frameHasCustomContentProvider, uint32_t frameLoadType, const WebCore::CertificateInfo&, bool containsPluginDocument, Optional<WebCore::HasInsecureContent> forcedHasInsecureContent, const UserData&);
+ void didCommitLoadForFrame(WebCore::FrameIdentifier, uint64_t navigationID, const String& mimeType, bool frameHasCustomContentProvider, uint32_t frameLoadType, const WebCore::CertificateInfo&, bool usedLegacyTLS, bool containsPluginDocument, Optional<WebCore::HasInsecureContent> forcedHasInsecureContent, const UserData&);
void didFinishDocumentLoadForFrame(WebCore::FrameIdentifier, uint64_t navigationID, const UserData&);
void didFinishLoadForFrame(WebCore::FrameIdentifier, uint64_t navigationID, const UserData&);
void didFailLoadForFrame(WebCore::FrameIdentifier, uint64_t navigationID, const WebCore::ResourceError&, const UserData&);
Modified: releases/WebKitGTK/webkit-2.28/Source/WebKit/UIProcess/WebPageProxy.messages.in (255920 => 255921)
--- releases/WebKitGTK/webkit-2.28/Source/WebKit/UIProcess/WebPageProxy.messages.in 2020-02-06 15:09:38 UTC (rev 255920)
+++ releases/WebKitGTK/webkit-2.28/Source/WebKit/UIProcess/WebPageProxy.messages.in 2020-02-06 15:09:54 UTC (rev 255921)
@@ -126,7 +126,7 @@
DidCancelClientRedirectForFrame(WebCore::FrameIdentifier frameID)
DidChangeProvisionalURLForFrame(WebCore::FrameIdentifier frameID, uint64_t navigationID, URL url)
DidFailProvisionalLoadForFrame(WebCore::FrameIdentifier frameID, struct WebCore::SecurityOriginData frameSecurityOrigin, uint64_t navigationID, String provisionalURL, WebCore::ResourceError error, enum:bool WebCore::WillContinueLoading willContinueLoading, WebKit::UserData userData)
- DidCommitLoadForFrame(WebCore::FrameIdentifier frameID, uint64_t navigationID, String mimeType, bool hasCustomContentProvider, uint32_t loadType, WebCore::CertificateInfo certificateInfo, bool containsPluginDocument, Optional<WebCore::HasInsecureContent> forcedHasInsecureContent, WebKit::UserData userData)
+ DidCommitLoadForFrame(WebCore::FrameIdentifier frameID, uint64_t navigationID, String mimeType, bool hasCustomContentProvider, uint32_t loadType, WebCore::CertificateInfo certificateInfo, bool usedLegacyTLS, bool containsPluginDocument, Optional<WebCore::HasInsecureContent> forcedHasInsecureContent, WebKit::UserData userData)
DidFailLoadForFrame(WebCore::FrameIdentifier frameID, uint64_t navigationID, WebCore::ResourceError error, WebKit::UserData userData)
DidFinishDocumentLoadForFrame(WebCore::FrameIdentifier frameID, uint64_t navigationID, WebKit::UserData userData)
DidFinishLoadForFrame(WebCore::FrameIdentifier frameID, uint64_t navigationID, WebKit::UserData userData)
Modified: releases/WebKitGTK/webkit-2.28/Source/WebKit/WebProcess/WebCoreSupport/WebFrameLoaderClient.cpp (255920 => 255921)
--- releases/WebKitGTK/webkit-2.28/Source/WebKit/WebProcess/WebCoreSupport/WebFrameLoaderClient.cpp 2020-02-06 15:09:38 UTC (rev 255920)
+++ releases/WebKitGTK/webkit-2.28/Source/WebKit/WebProcess/WebCoreSupport/WebFrameLoaderClient.cpp 2020-02-06 15:09:54 UTC (rev 255921)
@@ -560,7 +560,7 @@
webPage->sandboxExtensionTracker().didCommitProvisionalLoad(m_frame);
// Notify the UIProcess.
- webPage->send(Messages::WebPageProxy::DidCommitLoadForFrame(m_frame->frameID(), documentLoader.navigationID(), documentLoader.response().mimeType(), m_frameHasCustomContentProvider, static_cast<uint32_t>(m_frame->coreFrame()->loader().loadType()), valueOrCompute(documentLoader.response().certificateInfo(), [] { return CertificateInfo(); }), m_frame->coreFrame()->document()->isPluginDocument(), hasInsecureContent, UserData(WebProcess::singleton().transformObjectsToHandles(userData.get()).get())));
+ webPage->send(Messages::WebPageProxy::DidCommitLoadForFrame(m_frame->frameID(), documentLoader.navigationID(), documentLoader.response().mimeType(), m_frameHasCustomContentProvider, static_cast<uint32_t>(m_frame->coreFrame()->loader().loadType()), valueOrCompute(documentLoader.response().certificateInfo(), [] { return CertificateInfo(); }), documentLoader.response().usedLegacyTLS(), m_frame->coreFrame()->document()->isPluginDocument(), hasInsecureContent, UserData(WebProcess::singleton().transformObjectsToHandles(userData.get()).get())));
webPage->didCommitLoad(m_frame);
}
Modified: releases/WebKitGTK/webkit-2.28/Tools/ChangeLog (255920 => 255921)
--- releases/WebKitGTK/webkit-2.28/Tools/ChangeLog 2020-02-06 15:09:38 UTC (rev 255920)
+++ releases/WebKitGTK/webkit-2.28/Tools/ChangeLog 2020-02-06 15:09:54 UTC (rev 255921)
@@ -1,3 +1,24 @@
+2020-02-05 Alex Christensen <achristen...@webkit.org>
+
+ Make WKWebView._negotiatedLegacyTLS accurate when loading main resouorce from network or cache
+ https://bugs.webkit.org/show_bug.cgi?id=207207
+
+ Reviewed by Chris Dumez.
+
+ HTTPServer now supports HTTPS. Tell your friends!
+
+ * TestWebKitAPI/Tests/WebKitCocoa/Challenge.mm:
+ (testCertificate):
+ (testIdentity):
+ (credentialWithIdentity):
+ * TestWebKitAPI/Tests/WebKitCocoa/TLSDeprecation.mm:
+ (TestWebKitAPI::webViewWithNavigationDelegate):
+ (TestWebKitAPI::TEST):
+ * TestWebKitAPI/cocoa/HTTPServer.h:
+ * TestWebKitAPI/cocoa/HTTPServer.mm:
+ (TestWebKitAPI::HTTPServer::HTTPServer):
+ (TestWebKitAPI::HTTPServer::request const):
+
2020-02-05 Xabier Rodriguez Calvar <calva...@igalia.com>
[GTK] Fix dependencies build
Modified: releases/WebKitGTK/webkit-2.28/Tools/TestWebKitAPI/Tests/WebKitCocoa/Challenge.mm (255920 => 255921)
--- releases/WebKitGTK/webkit-2.28/Tools/TestWebKitAPI/Tests/WebKitCocoa/Challenge.mm 2020-02-06 15:09:38 UTC (rev 255920)
+++ releases/WebKitGTK/webkit-2.28/Tools/TestWebKitAPI/Tests/WebKitCocoa/Challenge.mm 2020-02-06 15:09:54 UTC (rev 255921)
@@ -25,6 +25,7 @@
#import "config.h"
+#import "HTTPServer.h"
#import "PlatformUtilities.h"
#import "TCPServer.h"
#import "Test.h"
@@ -43,11 +44,14 @@
static bool navigationFinished;
-static RetainPtr<NSURLCredential> credentialWithIdentity()
+static RetainPtr<SecCertificateRef> testCertificate()
{
auto certificateBytes = TestWebKitAPI::TCPServer::testCertificate();
- auto certificate = adoptCF(SecCertificateCreateWithData(nullptr, (__bridge CFDataRef)[NSData dataWithBytes:certificateBytes.data() length:certificateBytes.size()]));
-
+ return adoptCF(SecCertificateCreateWithData(nullptr, (__bridge CFDataRef)[NSData dataWithBytes:certificateBytes.data() length:certificateBytes.size()]));
+}
+
+RetainPtr<SecIdentityRef> testIdentity()
+{
auto privateKeyBytes = TestWebKitAPI::TCPServer::testPrivateKey();
NSData *derEncodedPrivateKey = [NSData dataWithBytes:privateKeyBytes.data() length:privateKeyBytes.size()];
NSDictionary* options = @{
@@ -61,10 +65,15 @@
EXPECT_NULL(error);
EXPECT_NOT_NULL(privateKey.get());
- auto identity = adoptCF(SecIdentityCreate(kCFAllocatorDefault, certificate.get(), privateKey.get()));
+ return adoptCF(SecIdentityCreate(kCFAllocatorDefault, testCertificate().get(), privateKey.get()));
+}
+
+static RetainPtr<NSURLCredential> credentialWithIdentity()
+{
+ auto identity = testIdentity();
EXPECT_NOT_NULL(identity);
- return [NSURLCredential credentialWithIdentity:identity.get() certificates:@[(id)certificate.get()] persistence:NSURLCredentialPersistenceNone];
+ return [NSURLCredential credentialWithIdentity:identity.get() certificates:@[(id)testCertificate().get()] persistence:NSURLCredentialPersistenceNone];
}
@interface ChallengeDelegate : NSObject <WKNavigationDelegate>
Modified: releases/WebKitGTK/webkit-2.28/Tools/TestWebKitAPI/Tests/WebKitCocoa/TLSDeprecation.mm (255920 => 255921)
--- releases/WebKitGTK/webkit-2.28/Tools/TestWebKitAPI/Tests/WebKitCocoa/TLSDeprecation.mm 2020-02-06 15:09:38 UTC (rev 255920)
+++ releases/WebKitGTK/webkit-2.28/Tools/TestWebKitAPI/Tests/WebKitCocoa/TLSDeprecation.mm 2020-02-06 15:09:54 UTC (rev 255921)
@@ -27,6 +27,7 @@
#if HAVE(SSL)
+#import "HTTPServer.h"
#import "PlatformUtilities.h"
#import "TCPServer.h"
#import "TestNavigationDelegate.h"
@@ -37,6 +38,7 @@
#import <WebKit/WebKit.h>
#import <WebKit/_WKWebsiteDataStoreConfiguration.h>
#import <wtf/RetainPtr.h>
+#import <wtf/text/StringConcatenateNumbers.h>
#if PLATFORM(IOS_FAMILY)
#import <WebKit/WebUIKitSupport.h>
@@ -43,7 +45,7 @@
#import <WebKit/WebCoreThread.h>
#endif
-#if HAVE(TLS_PROTOCOL_VERSION_T)
+#if HAVE(TLS_PROTOCOL_VERSION_T) || HAVE(NETWORK_FRAMEWORK)
@interface TLSObserver : NSObject
- (void)waitUntilNegotiatedLegacyTLSChanged;
@end
@@ -228,13 +230,9 @@
}
#if HAVE(TLS_PROTOCOL_VERSION_T)
-TEST(TLSVersion, NegotiatedLegacyTLS)
+
+static std::pair<RetainPtr<WKWebView>, RetainPtr<TestNavigationDelegate>> webViewWithNavigationDelegate()
{
- TCPServer server(TCPServer::Protocol::HTTPS, [] (SSL *ssl) {
- TCPServer::respondWithOK(ssl);
- TCPServer::respondWithOK(ssl);
- }, tls1_1);
-
auto delegate = adoptNS([TestNavigationDelegate new]);
auto webView = adoptNS([WKWebView new]);
[webView setNavigationDelegate:delegate.get()];
@@ -242,6 +240,20 @@
EXPECT_WK_STREQ(challenge.protectionSpace.authenticationMethod, NSURLAuthenticationMethodServerTrust);
callback(NSURLSessionAuthChallengeUseCredential, [NSURLCredential credentialForTrust:challenge.protectionSpace.serverTrust]);
}];
+ return { webView, delegate };
+}
+
+#endif // HAVE(TLS_PROTOCOL_VERSION_T) || HAVE(NETWORK_FRAMEWORK)
+
+#if HAVE(TLS_PROTOCOL_VERSION_T)
+
+TEST(TLSVersion, NegotiatedLegacyTLS)
+{
+ HTTPServer server({
+ { "/", { "hello" } }
+ }, HTTPServer::Protocol::HttpsWithLegacyTLS);
+
+ auto [webView, delegate] = webViewWithNavigationDelegate();
NSURLRequest *request = [NSURLRequest requestWithURL:[NSURL URLWithString:[NSString stringWithFormat:@"https://127.0.0.1:%d/", server.port()]]];
[webView loadRequest:request];
@@ -262,8 +274,65 @@
[webView removeObserver:observer.get() forKeyPath:@"_negotiatedLegacyTLS"];
}
-#endif
+#endif // HAVE(TLS_PROTOCOL_VERSION_T)
+
+#if HAVE(NETWORK_FRAMEWORK) && HAVE(TLS_PROTOCOL_VERSION_T)
+
+TEST(TLSVersion, NavigateBack)
+{
+ HTTPServer legacyTLSServer({
+ { "/", { "hello" } }
+ }, HTTPServer::Protocol::HttpsWithLegacyTLS);
+
+ HTTPServer modernTLSServer({
+ { "/", { "hello" } }
+ }, HTTPServer::Protocol::Https);
+
+ auto [webView, delegate] = webViewWithNavigationDelegate();
+ auto observer = adoptNS([TLSObserver new]);
+ [webView addObserver:observer.get() forKeyPath:@"_negotiatedLegacyTLS" options:NSKeyValueObservingOptionNew context:nil];
+
+ [webView loadRequest:legacyTLSServer.request()];
+ EXPECT_FALSE([webView _negotiatedLegacyTLS]);
+ [delegate waitForDidFinishNavigation];
+ EXPECT_TRUE([webView _negotiatedLegacyTLS]);
+
+ [webView loadRequest:modernTLSServer.request()];
+ [delegate waitForDidFinishNavigation];
+ EXPECT_FALSE([webView _negotiatedLegacyTLS]);
+
+ [webView goBack];
+ [observer waitUntilNegotiatedLegacyTLSChanged];
+ EXPECT_TRUE([webView _negotiatedLegacyTLS]);
+
+ [webView removeObserver:observer.get() forKeyPath:@"_negotiatedLegacyTLS"];
+}
+
+TEST(TLSVersion, Subresource)
+{
+ HTTPServer legacyTLSServer({
+ { "/", { "hello" } }
+ }, HTTPServer::Protocol::HttpsWithLegacyTLS);
+
+ HTTPServer modernTLSServer({
+ { "/", { makeString("<script>fetch('https://127.0.0.1:", static_cast<unsigned>(legacyTLSServer.port()), "/',{mode:'no-cors'})</script>") } }
+ }, HTTPServer::Protocol::Https);
+
+ auto [webView, delegate] = webViewWithNavigationDelegate();
+ auto observer = adoptNS([TLSObserver new]);
+ [webView addObserver:observer.get() forKeyPath:@"_negotiatedLegacyTLS" options:NSKeyValueObservingOptionNew context:nil];
+
+ EXPECT_FALSE([webView _negotiatedLegacyTLS]);
+ [webView loadRequest:modernTLSServer.request()];
+ while (![webView _negotiatedLegacyTLS])
+ [observer waitUntilNegotiatedLegacyTLSChanged];
+
+ [webView removeObserver:observer.get() forKeyPath:@"_negotiatedLegacyTLS"];
+}
+
+#endif // HAVE(NETWORK_FRAMEWORK) && HAVE(TLS_PROTOCOL_VERSION_T)
+
// FIXME: Add some tests for WKWebView.hasOnlySecureContent
}
Modified: releases/WebKitGTK/webkit-2.28/Tools/TestWebKitAPI/cocoa/HTTPServer.h (255920 => 255921)
--- releases/WebKitGTK/webkit-2.28/Tools/TestWebKitAPI/cocoa/HTTPServer.h 2020-02-06 15:09:38 UTC (rev 255920)
+++ releases/WebKitGTK/webkit-2.28/Tools/TestWebKitAPI/cocoa/HTTPServer.h 2020-02-06 15:09:54 UTC (rev 255921)
@@ -38,7 +38,8 @@
class HTTPServer {
public:
struct HTTPResponse;
- HTTPServer(std::initializer_list<std::pair<String, HTTPResponse>>);
+ enum class Protocol : uint8_t { Http, Https, HttpsWithLegacyTLS };
+ HTTPServer(std::initializer_list<std::pair<String, HTTPResponse>>, Protocol = Protocol::Http);
uint16_t port() const;
NSURLRequest *request() const;
@@ -46,6 +47,7 @@
void respondToRequests(nw_connection_t);
RetainPtr<nw_listener_t> m_listener;
+ const Protocol m_protocol;
const HashMap<String, HTTPResponse> m_requestResponseMap;
};
@@ -74,3 +76,5 @@
} // namespace TestWebKitAPI
#endif // HAVE(NETWORK_FRAMEWORK)
+
+RetainPtr<SecIdentityRef> testIdentity();
Modified: releases/WebKitGTK/webkit-2.28/Tools/TestWebKitAPI/cocoa/HTTPServer.mm (255920 => 255921)
--- releases/WebKitGTK/webkit-2.28/Tools/TestWebKitAPI/cocoa/HTTPServer.mm 2020-02-06 15:09:38 UTC (rev 255920)
+++ releases/WebKitGTK/webkit-2.28/Tools/TestWebKitAPI/cocoa/HTTPServer.mm 2020-02-06 15:09:54 UTC (rev 255921)
@@ -33,8 +33,9 @@
namespace TestWebKitAPI {
-HTTPServer::HTTPServer(std::initializer_list<std::pair<String, HTTPResponse>> responses)
- : m_requestResponseMap([](std::initializer_list<std::pair<String, HTTPServer::HTTPResponse>> list) {
+HTTPServer::HTTPServer(std::initializer_list<std::pair<String, HTTPResponse>> responses, Protocol protocol)
+ : m_protocol(protocol)
+ , m_requestResponseMap([](std::initializer_list<std::pair<String, HTTPServer::HTTPResponse>> list) {
HashMap<String, HTTPServer::HTTPResponse> map;
for (auto& pair : list)
map.add(pair.first, pair.second);
@@ -41,7 +42,19 @@
return map;
}(responses))
{
- auto parameters = adoptNS(nw_parameters_create_secure_tcp(NW_PARAMETERS_DISABLE_PROTOCOL, NW_PARAMETERS_DEFAULT_CONFIGURATION));
+ auto configureTLS = protocol == Protocol::Http ? NW_PARAMETERS_DISABLE_PROTOCOL : ^(nw_protocol_options_t protocolOptions) {
+#if HAVE(TLS_PROTOCOL_VERSION_T)
+ auto options = adoptNS(nw_tls_copy_sec_protocol_options(protocolOptions));
+ auto identity = adoptNS(sec_identity_create(testIdentity().get()));
+ sec_protocol_options_set_local_identity(options.get(), identity.get());
+ if (protocol == Protocol::HttpsWithLegacyTLS)
+ sec_protocol_options_set_max_tls_protocol_version(options.get(), tls_protocol_version_TLSv10);
+#else
+ UNUSED_PARAM(protocolOptions);
+ ASSERT(protocol != Protocol::HttpsWithLegacyTLS);
+#endif
+ };
+ auto parameters = adoptNS(nw_parameters_create_secure_tcp(configureTLS, NW_PARAMETERS_DEFAULT_CONFIGURATION));
m_listener = adoptNS(nw_listener_create(parameters.get()));
nw_listener_set_queue(m_listener.get(), dispatch_get_main_queue());
nw_listener_set_new_connection_handler(m_listener.get(), ^(nw_connection_t connection) {
@@ -127,7 +140,17 @@
NSURLRequest *HTTPServer::request() const
{
- return [NSURLRequest requestWithURL:[NSURL URLWithString:[NSString stringWithFormat:@"http://127.0.0.1:%d/", port()]]];
+ NSString *format;
+ switch (m_protocol) {
+ case Protocol::Http:
+ format = @"http://127.0.0.1:%d/";
+ break;
+ case Protocol::Https:
+ case Protocol::HttpsWithLegacyTLS:
+ format = @"https://127.0.0.1:%d/";
+ break;
+ }
+ return [NSURLRequest requestWithURL:[NSURL URLWithString:[NSString stringWithFormat:format, port()]]];
}
} // namespace TestWebKitAPI