Diff
Modified: trunk/Source/WTF/ChangeLog (266085 => 266086)
--- trunk/Source/WTF/ChangeLog 2020-08-24 21:35:54 UTC (rev 266085)
+++ trunk/Source/WTF/ChangeLog 2020-08-24 21:41:43 UTC (rev 266086)
@@ -1,3 +1,12 @@
+2020-08-24 Alex Christensen <achristen...@webkit.org>
+
+ Make _WKWebsiteDataStoreConfiguration SPI for HSTS storage to replace _WKProcessPoolConfiguration.hstsStorageDirectory
+ https://bugs.webkit.org/show_bug.cgi?id=213048
+
+ Reviewed by Youenn Fablet.
+
+ * wtf/PlatformHave.h:
+
2020-08-22 Yusuke Suzuki <ysuz...@apple.com>
[JSC] Add Intl.Segmenter
Modified: trunk/Source/WTF/wtf/PlatformHave.h (266085 => 266086)
--- trunk/Source/WTF/wtf/PlatformHave.h 2020-08-24 21:35:54 UTC (rev 266085)
+++ trunk/Source/WTF/wtf/PlatformHave.h 2020-08-24 21:41:43 UTC (rev 266086)
@@ -411,6 +411,14 @@
#define HAVE_BROKEN_DOWNLOAD_RESUME_UNLINK 1
#endif
+#if (PLATFORM(MAC) && __MAC_OS_X_VERSION_MIN_REQUIRED >= 110000) \
+ || ((PLATFORM(IOS) || PLATFORM(MACCATALYST)) && __IPHONE_OS_VERSION_MIN_REQUIRED >= 140000) \
+ || (PLATFORM(WATCHOS) && __WATCH_OS_VERSION_MIN_REQUIRED >= 70000) \
+ || (PLATFORM(APPLETV) && __TV_OS_VERSION_MIN_REQUIRED >= 140000) \
+ || PLATFORM(MACCATALYST)
+#define HAVE_HSTS_STORAGE 1
+#endif
+
#if (PLATFORM(MAC) && __MAC_OS_X_VERSION_MIN_REQUIRED >= 110000) || (PLATFORM(IOS_FAMILY) && __IPHONE_OS_VERSION_MIN_REQUIRED >= 140000)
#define HAVE_CFNETWORK_METRICS_APIS_V4 1
#endif
Modified: trunk/Source/WebCore/PAL/ChangeLog (266085 => 266086)
--- trunk/Source/WebCore/PAL/ChangeLog 2020-08-24 21:35:54 UTC (rev 266085)
+++ trunk/Source/WebCore/PAL/ChangeLog 2020-08-24 21:41:43 UTC (rev 266086)
@@ -1,3 +1,12 @@
+2020-08-24 Alex Christensen <achristen...@webkit.org>
+
+ Make _WKWebsiteDataStoreConfiguration SPI for HSTS storage to replace _WKProcessPoolConfiguration.hstsStorageDirectory
+ https://bugs.webkit.org/show_bug.cgi?id=213048
+
+ Reviewed by Youenn Fablet.
+
+ * pal/spi/cf/CFNetworkSPI.h:
+
2020-08-20 Per Arne Vollan <pvol...@apple.com>
[macOS] Web pages are not responding correctly to changes in "Reduce motion" setting
Modified: trunk/Source/WebCore/PAL/pal/spi/cf/CFNetworkSPI.h (266085 => 266086)
--- trunk/Source/WebCore/PAL/pal/spi/cf/CFNetworkSPI.h 2020-08-24 21:35:54 UTC (rev 266085)
+++ trunk/Source/WebCore/PAL/pal/spi/cf/CFNetworkSPI.h 2020-08-24 21:41:43 UTC (rev 266086)
@@ -200,6 +200,16 @@
@class _NSHTTPAlternativeServicesStorage;
#endif
+#if HAVE(HSTS_STORAGE)
+@interface _NSHSTSStorage : NSObject
+- (instancetype)initPersistentStoreWithURL:(nullable NSURL*)path;
+- (BOOL)shouldPromoteHostToHTTPS:(NSString *)host;
+- (NSArray<NSString *> *)nonPreloadedHosts;
+- (void)resetHSTSForHost:(NSString *)host;
+- (void)resetHSTSHostsSinceDate:(NSDate *)date;
+@end
+#endif
+
@interface NSURLSessionConfiguration ()
@property (assign) _TimingDataOptions _timingDataOptions;
@property (copy) NSData *_sourceApplicationAuditTokenData;
@@ -228,6 +238,9 @@
@property (nullable, retain) _NSHTTPAlternativeServicesStorage *_alternativeServicesStorage;
@property (readwrite, assign) BOOL _allowsHTTP3;
#endif
+#if HAVE(HSTS_STORAGE)
+@property (nullable, retain) _NSHSTSStorage *_hstsStorage;
+#endif
@end
@interface NSURLSessionTask ()
@@ -395,12 +408,14 @@
CFDataRef _CFNetworkCopyATSContext(void);
Boolean _CFNetworkSetATSContext(CFDataRef);
+Boolean _CFNetworkIsKnownHSTSHostWithSession(CFURLRef, CFURLStorageSessionRef);
+#if !HAVE(HSTS_STORAGE)
extern const CFStringRef _kCFNetworkHSTSPreloaded;
CFDictionaryRef _CFNetworkCopyHSTSPolicies(CFURLStorageSessionRef);
void _CFNetworkResetHSTS(CFURLRef, CFURLStorageSessionRef);
void _CFNetworkResetHSTSHostsSinceDate(CFURLStorageSessionRef, CFDateRef);
-Boolean _CFNetworkIsKnownHSTSHostWithSession(CFURLRef, CFURLStorageSessionRef);
void _CFNetworkResetHSTSHostsWithSession(CFURLStorageSessionRef);
+#endif
CFDataRef CFHTTPCookieStorageCreateIdentifyingData(CFAllocatorRef inAllocator, CFHTTPCookieStorageRef inStorage);
CFHTTPCookieStorageRef CFHTTPCookieStorageCreateFromIdentifyingData(CFAllocatorRef inAllocator, CFDataRef inData);
Modified: trunk/Source/WebKit/ChangeLog (266085 => 266086)
--- trunk/Source/WebKit/ChangeLog 2020-08-24 21:35:54 UTC (rev 266085)
+++ trunk/Source/WebKit/ChangeLog 2020-08-24 21:41:43 UTC (rev 266086)
@@ -1,3 +1,65 @@
+2020-08-24 Alex Christensen <achristen...@webkit.org>
+
+ Make _WKWebsiteDataStoreConfiguration SPI for HSTS storage to replace _WKProcessPoolConfiguration.hstsStorageDirectory
+ https://bugs.webkit.org/show_bug.cgi?id=213048
+
+ Reviewed by Youenn Fablet.
+
+ This uses CFNetwork SPI introduced in rdar://problem/50109631 to allow HSTS storage per NSURLSession.
+ To be complete, I also deprecated our UI process HSTS state removal attempt SPIs, WKContextResetHSTSHosts and
+ WKContextResetHSTSHostsAddedAfterDate, which had their last use removed in rdar://problem/64220838.
+
+ I manually verified that this new SPI puts HSTS data in the specified location, and I also verified that HSTS
+ state querying and removal works with the new CFNetwork SPI as it did with the old one.
+
+ * NetworkProcess/NetworkProcess.cpp:
+ (WebKit::NetworkProcess::fetchWebsiteData):
+ (WebKit::NetworkProcess::deleteWebsiteData):
+ (WebKit::NetworkProcess::deleteWebsiteDataForOrigins):
+ (WebKit::NetworkProcess::deleteAndRestrictWebsiteDataForRegistrableDomains):
+ (WebKit::NetworkProcess::registrableDomainsWithWebsiteData):
+ * NetworkProcess/NetworkProcess.h:
+ * NetworkProcess/NetworkSessionCreationParameters.cpp:
+ (WebKit::NetworkSessionCreationParameters::encode const):
+ (WebKit::NetworkSessionCreationParameters::decode):
+ * NetworkProcess/NetworkSessionCreationParameters.h:
+ * NetworkProcess/cocoa/NetworkProcessCocoa.mm:
+ (WebKit::NetworkProcess::hostNamesWithHSTSCache const):
+ (WebKit::NetworkProcess::deleteHSTSCacheForHostNames):
+ (WebKit::NetworkProcess::clearHSTSCache):
+ (WebKit::NetworkProcess::getHostNamesWithHSTSCache): Deleted.
+ * NetworkProcess/cocoa/NetworkSessionCocoa.h:
+ * NetworkProcess/cocoa/NetworkSessionCocoa.mm:
+ (WebKit::NetworkSessionCocoa::hstsStorage const):
+ (WebKit::NetworkSessionCocoa::NetworkSessionCocoa):
+ * NetworkProcess/soup/NetworkProcessSoup.cpp:
+ (WebKit::NetworkProcess::hostNamesWithHSTSCache const):
+ (WebKit::NetworkProcess::deleteHSTSCacheForHostNames):
+ (WebKit::NetworkProcess::clearHSTSCache):
+ (WebKit::NetworkProcess::getHostNamesWithHSTSCache): Deleted.
+ * UIProcess/API/C/mac/WKContextPrivateMac.h:
+ * UIProcess/API/C/mac/WKContextPrivateMac.mm:
+ (WKContextResetHSTSHosts):
+ (WKContextResetHSTSHostsAddedAfterDate):
+ * UIProcess/API/Cocoa/_WKProcessPoolConfiguration.h:
+ * UIProcess/API/Cocoa/_WKWebsiteDataStoreConfiguration.h:
+ * UIProcess/API/Cocoa/_WKWebsiteDataStoreConfiguration.mm:
+ (-[_WKWebsiteDataStoreConfiguration hstsStorageDirectory]):
+ (-[_WKWebsiteDataStoreConfiguration setHSTSStorageDirectory:]):
+ * UIProcess/Cocoa/WebProcessPoolCocoa.mm:
+ (WebKit::privateBrowsingSession): Deleted.
+ (WebKit::WebProcessPool::resetHSTSHosts): Deleted.
+ (WebKit::WebProcessPool::resetHSTSHostsAddedAfterDate): Deleted.
+ * UIProcess/WebProcessPool.h:
+ * UIProcess/WebsiteData/WebsiteDataStore.cpp:
+ (WebKit::WebsiteDataStore::resolveDirectoriesIfNecessary):
+ (WebKit::WebsiteDataStore::parameters):
+ * UIProcess/WebsiteData/WebsiteDataStore.h:
+ (WebKit::WebsiteDataStore::resolvedHSTSStorageDirectory const):
+ * UIProcess/WebsiteData/WebsiteDataStoreConfiguration.cpp:
+ (WebKit::WebsiteDataStoreConfiguration::copy const):
+ * UIProcess/WebsiteData/WebsiteDataStoreConfiguration.h:
+
2020-08-24 Aditya Keerthi <akeer...@apple.com>
[macOS] Show picker for date and datetime-local input types
Modified: trunk/Source/WebKit/NetworkProcess/NetworkProcess.cpp (266085 => 266086)
--- trunk/Source/WebKit/NetworkProcess/NetworkProcess.cpp 2020-08-24 21:35:54 UTC (rev 266085)
+++ trunk/Source/WebKit/NetworkProcess/NetworkProcess.cpp 2020-08-24 21:41:43 UTC (rev 266086)
@@ -1553,10 +1553,8 @@
}
#if PLATFORM(COCOA) || USE(SOUP)
- if (websiteDataTypes.contains(WebsiteDataType::HSTSCache)) {
- if (auto* networkStorageSession = storageSession(sessionID))
- getHostNamesWithHSTSCache(*networkStorageSession, callbackAggregator->m_websiteData.hostNamesWithHSTSCache);
- }
+ if (websiteDataTypes.contains(WebsiteDataType::HSTSCache))
+ callbackAggregator->m_websiteData.hostNamesWithHSTSCache = hostNamesWithHSTSCache(sessionID);
#endif
#if ENABLE(INDEXED_DATABASE)
@@ -1615,10 +1613,8 @@
void NetworkProcess::deleteWebsiteData(PAL::SessionID sessionID, OptionSet<WebsiteDataType> websiteDataTypes, WallTime modifiedSince, CallbackID callbackID)
{
#if PLATFORM(COCOA) || USE(SOUP)
- if (websiteDataTypes.contains(WebsiteDataType::HSTSCache)) {
- if (auto* networkStorageSession = storageSession(sessionID))
- clearHSTSCache(*networkStorageSession, modifiedSince);
- }
+ if (websiteDataTypes.contains(WebsiteDataType::HSTSCache))
+ clearHSTSCache(sessionID, modifiedSince);
#endif
if (websiteDataTypes.contains(WebsiteDataType::Cookies)) {
@@ -1720,10 +1716,8 @@
}
#if PLATFORM(COCOA) || USE(SOUP)
- if (websiteDataTypes.contains(WebsiteDataType::HSTSCache)) {
- if (auto* networkStorageSession = storageSession(sessionID))
- deleteHSTSCacheForHostNames(*networkStorageSession, HSTSCacheHostNames);
- }
+ if (websiteDataTypes.contains(WebsiteDataType::HSTSCache))
+ deleteHSTSCacheForHostNames(sessionID, HSTSCacheHostNames);
#endif
#if HAVE(CFNETWORK_ALTERNATIVE_SERVICE)
@@ -1891,15 +1885,13 @@
Vector<String> hostnamesWithHSTSToDelete;
#if PLATFORM(COCOA) || USE(SOUP)
if (websiteDataTypes.contains(WebsiteDataType::HSTSCache)) {
- if (auto* networkStorageSession = storageSession(sessionID)) {
- getHostNamesWithHSTSCache(*networkStorageSession, hostNamesWithHSTSCache);
- hostnamesWithHSTSToDelete = filterForRegistrableDomains(domainsToDeleteAllNonCookieWebsiteDataFor, hostNamesWithHSTSCache);
+ hostNamesWithHSTSCache = this->hostNamesWithHSTSCache(sessionID);
+ hostnamesWithHSTSToDelete = filterForRegistrableDomains(domainsToDeleteAllNonCookieWebsiteDataFor, hostNamesWithHSTSCache);
- for (const auto& host : hostnamesWithHSTSToDelete)
- callbackAggregator->m_domains.add(RegistrableDomain::uncheckedCreateFromHost(host));
+ for (const auto& host : hostnamesWithHSTSToDelete)
+ callbackAggregator->m_domains.add(RegistrableDomain::uncheckedCreateFromHost(host));
- deleteHSTSCacheForHostNames(*networkStorageSession, hostnamesWithHSTSToDelete);
- }
+ deleteHSTSCacheForHostNames(sessionID, hostnamesWithHSTSToDelete);
}
#endif
@@ -2082,18 +2074,16 @@
});
}));
- auto& websiteDataStore = callbackAggregator->m_websiteData;
+ auto& websiteData = callbackAggregator->m_websiteData;
if (websiteDataTypes.contains(WebsiteDataType::Cookies)) {
if (auto* networkStorageSession = storageSession(sessionID))
- networkStorageSession->getHostnamesWithCookies(websiteDataStore.hostNamesWithCookies);
+ networkStorageSession->getHostnamesWithCookies(websiteData.hostNamesWithCookies);
}
#if PLATFORM(COCOA) || USE(SOUP)
- if (websiteDataTypes.contains(WebsiteDataType::HSTSCache)) {
- if (auto* networkStorageSession = storageSession(sessionID))
- getHostNamesWithHSTSCache(*networkStorageSession, websiteDataStore.hostNamesWithHSTSCache);
- }
+ if (websiteDataTypes.contains(WebsiteDataType::HSTSCache))
+ websiteData.hostNamesWithHSTSCache = hostNamesWithHSTSCache(sessionID);
#endif
if (websiteDataTypes.contains(WebsiteDataType::Credentials)) {
Modified: trunk/Source/WebKit/NetworkProcess/NetworkProcess.h (266085 => 266086)
--- trunk/Source/WebKit/NetworkProcess/NetworkProcess.h 2020-08-24 21:35:54 UTC (rev 266085)
+++ trunk/Source/WebKit/NetworkProcess/NetworkProcess.h 2020-08-24 21:41:43 UTC (rev 266086)
@@ -194,9 +194,9 @@
RetainPtr<CFDataRef> sourceApplicationAuditData() const;
#endif
#if PLATFORM(COCOA) || USE(SOUP)
- void getHostNamesWithHSTSCache(WebCore::NetworkStorageSession&, HashSet<String>&);
- void deleteHSTSCacheForHostNames(WebCore::NetworkStorageSession&, const Vector<String>&);
- void clearHSTSCache(WebCore::NetworkStorageSession&, WallTime modifiedSince);
+ HashSet<String> hostNamesWithHSTSCache(PAL::SessionID) const;
+ void deleteHSTSCacheForHostNames(PAL::SessionID, const Vector<String>&);
+ void clearHSTSCache(PAL::SessionID, WallTime modifiedSince);
#endif
void findPendingDownloadLocation(NetworkDataTask&, ResponseCompletionHandler&&, const WebCore::ResourceResponse&);
Modified: trunk/Source/WebKit/NetworkProcess/NetworkSessionCreationParameters.cpp (266085 => 266086)
--- trunk/Source/WebKit/NetworkProcess/NetworkSessionCreationParameters.cpp 2020-08-24 21:35:54 UTC (rev 266085)
+++ trunk/Source/WebKit/NetworkProcess/NetworkSessionCreationParameters.cpp 2020-08-24 21:41:43 UTC (rev 266086)
@@ -57,6 +57,8 @@
encoder << alternativeServiceDirectoryExtensionHandle;
encoder << http3Enabled;
#endif
+ encoder << hstsStorageDirectory;
+ encoder << hstsStorageDirectoryExtensionHandle;
#if USE(SOUP)
encoder << cookiePersistentStoragePath;
encoder << cookiePersistentStorageType;
@@ -154,6 +156,16 @@
return WTF::nullopt;
#endif
+ Optional<String> hstsStorageDirectory;
+ decoder >> hstsStorageDirectory;
+ if (!hstsStorageDirectory)
+ return WTF::nullopt;
+
+ Optional<SandboxExtension::Handle> hstsStorageDirectoryExtensionHandle;
+ decoder >> hstsStorageDirectoryExtensionHandle;
+ if (!hstsStorageDirectoryExtensionHandle)
+ return WTF::nullopt;
+
#if USE(SOUP)
Optional<String> cookiePersistentStoragePath;
decoder >> cookiePersistentStoragePath;
@@ -281,6 +293,8 @@
, WTFMove(*alternativeServiceDirectoryExtensionHandle)
, WTFMove(*http3Enabled)
#endif
+ , WTFMove(*hstsStorageDirectory)
+ , WTFMove(*hstsStorageDirectoryExtensionHandle)
#if USE(SOUP)
, WTFMove(*cookiePersistentStoragePath)
, WTFMove(*cookiePersistentStorageType)
Modified: trunk/Source/WebKit/NetworkProcess/NetworkSessionCreationParameters.h (266085 => 266086)
--- trunk/Source/WebKit/NetworkProcess/NetworkSessionCreationParameters.h 2020-08-24 21:35:54 UTC (rev 266085)
+++ trunk/Source/WebKit/NetworkProcess/NetworkSessionCreationParameters.h 2020-08-24 21:41:43 UTC (rev 266086)
@@ -69,6 +69,8 @@
SandboxExtension::Handle alternativeServiceDirectoryExtensionHandle;
bool http3Enabled { false };
#endif
+ String hstsStorageDirectory;
+ SandboxExtension::Handle hstsStorageDirectoryExtensionHandle;
#if USE(SOUP)
String cookiePersistentStoragePath;
SoupCookiePersistentStorageType cookiePersistentStorageType { SoupCookiePersistentStorageType::Text };
Modified: trunk/Source/WebKit/NetworkProcess/cocoa/NetworkProcessCocoa.mm (266085 => 266086)
--- trunk/Source/WebKit/NetworkProcess/cocoa/NetworkProcessCocoa.mm 2020-08-24 21:35:54 UTC (rev 266085)
+++ trunk/Source/WebKit/NetworkProcess/cocoa/NetworkProcessCocoa.mm 2020-08-24 21:41:43 UTC (rev 266086)
@@ -134,6 +134,7 @@
#endif
}
+#if !HAVE(HSTS_STORAGE)
static void filterPreloadHSTSEntry(const void* key, const void* value, void* context)
{
RELEASE_ASSERT(context);
@@ -152,27 +153,53 @@
if (CFDictionaryGetValue(val, _kCFNetworkHSTSPreloaded) != kCFBooleanTrue)
hostnames->add((CFStringRef)key);
}
+#endif
-void NetworkProcess::getHostNamesWithHSTSCache(WebCore::NetworkStorageSession& session, HashSet<String>& hostNames)
+HashSet<String> NetworkProcess::hostNamesWithHSTSCache(PAL::SessionID sessionID) const
{
- if (auto HSTSPolicies = adoptCF(_CFNetworkCopyHSTSPolicies(session.platformSession())))
- CFDictionaryApplyFunction(HSTSPolicies.get(), filterPreloadHSTSEntry, &hostNames);
+ HashSet<String> hostNames;
+#if HAVE(HSTS_STORAGE)
+ if (auto* networkSession = static_cast<NetworkSessionCocoa*>(this->networkSession(sessionID))) {
+ for (NSString *host in networkSession->hstsStorage().nonPreloadedHosts)
+ hostNames.add(host);
+ }
+#else
+ if (auto* session = storageSession(sessionID)) {
+ if (auto HSTSPolicies = adoptCF(_CFNetworkCopyHSTSPolicies(session->platformSession())))
+ CFDictionaryApplyFunction(HSTSPolicies.get(), filterPreloadHSTSEntry, &hostNames);
+ }
+#endif
+ return hostNames;
}
-void NetworkProcess::deleteHSTSCacheForHostNames(WebCore::NetworkStorageSession& session, const Vector<String>& hostNames)
+void NetworkProcess::deleteHSTSCacheForHostNames(PAL::SessionID sessionID, const Vector<String>& hostNames)
{
- for (auto& hostName : hostNames) {
- auto url = "" }, makeString("https://", hostName));
- _CFNetworkResetHSTS(url.createCFURL().get(), session.platformSession());
+#if HAVE(HSTS_STORAGE)
+ if (auto* networkSession = static_cast<NetworkSessionCocoa*>(this->networkSession(sessionID))) {
+ for (auto& hostName : hostNames)
+ [networkSession->hstsStorage() resetHSTSForHost:hostName];
}
+#else
+ if (auto* session = storageSession(sessionID)) {
+ for (auto& hostName : hostNames) {
+ auto url = "" }, makeString("https://", hostName));
+ _CFNetworkResetHSTS(url.createCFURL().get(), session->platformSession());
+ }
+ }
+#endif
}
-void NetworkProcess::clearHSTSCache(WebCore::NetworkStorageSession& session, WallTime modifiedSince)
+void NetworkProcess::clearHSTSCache(PAL::SessionID sessionID, WallTime modifiedSince)
{
NSTimeInterval timeInterval = modifiedSince.secondsSinceEpoch().seconds();
NSDate *date = [NSDate dateWithTimeIntervalSince1970:timeInterval];
-
- _CFNetworkResetHSTSHostsSinceDate(session.platformSession(), (__bridge CFDateRef)date);
+#if HAVE(HSTS_STORAGE)
+ if (auto* networkSession = static_cast<NetworkSessionCocoa*>(this->networkSession(sessionID)))
+ [networkSession->hstsStorage() resetHSTSHostsSinceDate:date];
+#else
+ if (auto* session = storageSession(sessionID))
+ _CFNetworkResetHSTSHostsSinceDate(session->platformSession(), (__bridge CFDateRef)date);
+#endif
}
void NetworkProcess::clearDiskCache(WallTime modifiedSince, CompletionHandler<void()>&& completionHandler)
Modified: trunk/Source/WebKit/NetworkProcess/cocoa/NetworkSessionCocoa.h (266085 => 266086)
--- trunk/Source/WebKit/NetworkProcess/cocoa/NetworkSessionCocoa.h 2020-08-24 21:35:54 UTC (rev 266085)
+++ trunk/Source/WebKit/NetworkProcess/cocoa/NetworkSessionCocoa.h 2020-08-24 21:41:43 UTC (rev 266086)
@@ -33,6 +33,7 @@
OBJC_CLASS NSOperationQueue;
OBJC_CLASS WKNetworkSessionDelegate;
OBJC_CLASS WKNetworkSessionWebSocketDelegate;
+OBJC_CLASS _NSHSTSStorage;
#include "DownloadID.h"
#include "NetworkDataTaskCocoa.h"
@@ -104,6 +105,7 @@
void taskServerConnectionSucceeded(NetworkDataTaskCocoa::TaskIdentifier);
void taskFailed(NetworkDataTaskCocoa::TaskIdentifier);
NSURLCredential *successfulClientCertificateForHost(const String& host, uint16_t port) const;
+ _NSHSTSStorage *hstsStorage() const;
private:
void invalidateAndCancel() override;
Modified: trunk/Source/WebKit/NetworkProcess/cocoa/NetworkSessionCocoa.mm (266085 => 266086)
--- trunk/Source/WebKit/NetworkProcess/cocoa/NetworkSessionCocoa.mm 2020-08-24 21:35:54 UTC (rev 266085)
+++ trunk/Source/WebKit/NetworkProcess/cocoa/NetworkSessionCocoa.mm 2020-08-24 21:41:43 UTC (rev 266086)
@@ -68,6 +68,10 @@
#import "DeviceManagementSoftLink.h"
+// FIXME: Remove this soft link once rdar://problem/50109631 is in a build and bots are updated.
+SOFT_LINK_FRAMEWORK(CFNetwork)
+SOFT_LINK_CLASS_OPTIONAL(CFNetwork, _NSHSTSStorage)
+
using namespace WebKit;
CFStringRef const WebKit2HTTPProxyDefaultsKey = static_cast<CFStringRef>(@"WebKit2HTTPProxy");
@@ -1097,6 +1101,17 @@
return m_successfulClientCertificates.get(key).get();
}
+_NSHSTSStorage *NetworkSessionCocoa::hstsStorage() const
+{
+#if HAVE(HSTS_STORAGE)
+ NSURLSessionConfiguration *configuration = m_sessionWithCredentialStorage.session.get().configuration;
+ // FIXME: Remove this respondsToSelector check once rdar://problem/50109631 is in a build and bots are updated.
+ if ([configuration respondsToSelector:@selector(_hstsStorage)])
+ return m_sessionWithCredentialStorage.session.get().configuration._hstsStorage;
+#endif
+ return nil;
+}
+
const String& NetworkSessionCocoa::boundInterfaceIdentifier() const
{
return m_boundInterfaceIdentifier;
@@ -1200,6 +1215,15 @@
NSURLSessionConfiguration *configuration = configurationForSessionID(m_sessionID);
+#if HAVE(HSTS_STORAGE)
+ if (!!parameters.hstsStorageDirectory && !m_sessionID.isEphemeral()) {
+ SandboxExtension::consumePermanently(parameters.hstsStorageDirectoryExtensionHandle);
+ // FIXME: Remove this respondsToSelector check once rdar://problem/50109631 is in a build and bots are updated.
+ if ([configuration respondsToSelector:@selector(_hstsStorage)])
+ configuration._hstsStorage = [[alloc_NSHSTSStorageInstance() initPersistentStoreWithURL:[NSURL fileURLWithPath:parameters.hstsStorageDirectory isDirectory:YES]] autorelease];
+ }
+#endif
+
#if HAVE(APP_SSO) || PLATFORM(MACCATALYST)
configuration._preventsAppSSO = true;
#endif
Modified: trunk/Source/WebKit/NetworkProcess/soup/NetworkProcessSoup.cpp (266085 => 266086)
--- trunk/Source/WebKit/NetworkProcess/soup/NetworkProcessSoup.cpp 2020-08-24 21:35:54 UTC (rev 266085)
+++ trunk/Source/WebKit/NetworkProcess/soup/NetworkProcessSoup.cpp 2020-08-24 21:41:43 UTC (rev 266086)
@@ -94,21 +94,23 @@
return builder.toString().utf8();
}
-void NetworkProcess::getHostNamesWithHSTSCache(WebCore::NetworkStorageSession& storageSession, HashSet<String>& hostNames)
+HashSet<String> NetworkProcess::hostNamesWithHSTSCache(PAL::SessionID sessionID) const
{
- const auto* session = static_cast<NetworkSessionSoup*>(networkSession(storageSession.sessionID()));
+ HashSet<String> hostNames;
+ const auto* session = static_cast<NetworkSessionSoup*>(networkSession(sessionID));
session->soupNetworkSession().getHostNamesWithHSTSCache(hostNames);
+ return hostNames;
}
-void NetworkProcess::deleteHSTSCacheForHostNames(WebCore::NetworkStorageSession& storageSession, const Vector<String>& hostNames)
+void NetworkProcess::deleteHSTSCacheForHostNames(PAL::SessionID sessionID, const Vector<String>& hostNames)
{
- const auto* session = static_cast<NetworkSessionSoup*>(networkSession(storageSession.sessionID()));
+ const auto* session = static_cast<NetworkSessionSoup*>(networkSession(sessionID));
session->soupNetworkSession().deleteHSTSCacheForHostNames(hostNames);
}
-void NetworkProcess::clearHSTSCache(WebCore::NetworkStorageSession& storageSession, WallTime modifiedSince)
+void NetworkProcess::clearHSTSCache(PAL::SessionID sessionID, WallTime modifiedSince)
{
- const auto* session = static_cast<NetworkSessionSoup*>(networkSession(storageSession.sessionID()));
+ const auto* session = static_cast<NetworkSessionSoup*>(networkSession(sessionID));
session->soupNetworkSession().clearHSTSCache(modifiedSince);
}
Modified: trunk/Source/WebKit/UIProcess/API/C/mac/WKContextPrivateMac.h (266085 => 266086)
--- trunk/Source/WebKit/UIProcess/API/C/mac/WKContextPrivateMac.h 2020-08-24 21:35:54 UTC (rev 266085)
+++ trunk/Source/WebKit/UIProcess/API/C/mac/WKContextPrivateMac.h 2020-08-24 21:41:43 UTC (rev 266086)
@@ -27,6 +27,7 @@
#define WKContextPrivateMac_h
#include <WebKit/WKBase.h>
+#include <WebKit/WKDeprecated.h>
#include <WebKit/WKPluginLoadPolicy.h>
#ifdef __cplusplus
@@ -43,11 +44,9 @@
typedef void (^WKContextGetInfoForInstalledPlugInsBlock)(WKArrayRef, WKErrorRef);
WK_EXPORT void WKContextGetInfoForInstalledPlugIns(WKContextRef context, WKContextGetInfoForInstalledPlugInsBlock block);
-WK_EXPORT void WKContextResetHSTSHosts(WKContextRef context);
+WK_EXPORT void WKContextResetHSTSHosts(WKContextRef context) WK_C_API_DEPRECATED;
+WK_EXPORT void WKContextResetHSTSHostsAddedAfterDate(WKContextRef context, double startDateIntervalSince1970) WK_C_API_DEPRECATED;
-// The time here is relative to the Unix epoch.
-WK_EXPORT void WKContextResetHSTSHostsAddedAfterDate(WKContextRef context, double startDateIntervalSince1970);
-
WK_EXPORT void WKContextRegisterSchemeForCustomProtocol(WKContextRef context, WKStringRef scheme);
WK_EXPORT void WKContextUnregisterSchemeForCustomProtocol(WKContextRef context, WKStringRef scheme);
Modified: trunk/Source/WebKit/UIProcess/API/C/mac/WKContextPrivateMac.mm (266085 => 266086)
--- trunk/Source/WebKit/UIProcess/API/C/mac/WKContextPrivateMac.mm 2020-08-24 21:35:54 UTC (rev 266085)
+++ trunk/Source/WebKit/UIProcess/API/C/mac/WKContextPrivateMac.mm 2020-08-24 21:41:43 UTC (rev 266086)
@@ -101,14 +101,12 @@
#endif
}
-void WKContextResetHSTSHosts(WKContextRef context)
+void WKContextResetHSTSHosts(WKContextRef)
{
- return WebKit::toImpl(context)->resetHSTSHosts();
}
-void WKContextResetHSTSHostsAddedAfterDate(WKContextRef context, double startDateIntervalSince1970)
+void WKContextResetHSTSHostsAddedAfterDate(WKContextRef, double)
{
- return WebKit::toImpl(context)->resetHSTSHostsAddedAfterDate(startDateIntervalSince1970);
}
void WKContextRegisterSchemeForCustomProtocol(WKContextRef context, WKStringRef scheme)
Modified: trunk/Source/WebKit/UIProcess/API/Cocoa/_WKProcessPoolConfiguration.h (266085 => 266086)
--- trunk/Source/WebKit/UIProcess/API/Cocoa/_WKProcessPoolConfiguration.h 2020-08-24 21:35:54 UTC (rev 266085)
+++ trunk/Source/WebKit/UIProcess/API/Cocoa/_WKProcessPoolConfiguration.h 2020-08-24 21:41:43 UTC (rev 266086)
@@ -68,7 +68,7 @@
@property (nonatomic) BOOL usesWebProcessCache WK_API_AVAILABLE(macos(10.14.4), ios(12.2));
@property (nonatomic) BOOL pageCacheEnabled WK_API_AVAILABLE(macos(10.14), ios(12.0));
@property (nonatomic, getter=isJITEnabled) BOOL JITEnabled WK_API_AVAILABLE(macos(10.14.4), ios(12.2));
-@property (nonatomic, nullable, copy, setter=setHSTSStorageDirectory:) NSURL *hstsStorageDirectory WK_API_AVAILABLE(macos(10.15), ios(13.0));
+@property (nonatomic, nullable, copy, setter=setHSTSStorageDirectory:) NSURL *hstsStorageDirectory WK_API_DEPRECATED_WITH_REPLACEMENT("_WKWebsiteDataStoreConfiguration.hstsStorageDirectory", macos(10.15, WK_MAC_TBA), ios(13.0, WK_IOS_TBA));
@property (nonatomic) BOOL configureJSCForTesting WK_API_AVAILABLE(macos(WK_MAC_TBA), ios(WK_IOS_TBA));
Modified: trunk/Source/WebKit/UIProcess/API/Cocoa/_WKWebsiteDataStoreConfiguration.h (266085 => 266086)
--- trunk/Source/WebKit/UIProcess/API/Cocoa/_WKWebsiteDataStoreConfiguration.h 2020-08-24 21:35:54 UTC (rev 266085)
+++ trunk/Source/WebKit/UIProcess/API/Cocoa/_WKWebsiteDataStoreConfiguration.h 2020-08-24 21:41:43 UTC (rev 266086)
@@ -72,6 +72,7 @@
@property (nonatomic) NSUInteger testSpeedMultiplier WK_API_AVAILABLE(macos(WK_MAC_TBA), ios(WK_IOS_TBA));
@property (nonatomic) BOOL suppressesConnectionTerminationOnSystemChange WK_API_AVAILABLE(macos(WK_MAC_TBA), ios(WK_IOS_TBA));
@property (nonatomic) BOOL allowsServerPreconnect WK_API_AVAILABLE(macos(WK_MAC_TBA), ios(WK_IOS_TBA));
+@property (nonatomic, nullable, copy, setter=setHSTSStorageDirectory:) NSURL *hstsStorageDirectory WK_API_AVAILABLE(macos(WK_MAC_TBA), ios(WK_IOS_TBA));
@property (nonatomic, nullable, copy) NSURL *alternativeServicesStorageDirectory WK_API_AVAILABLE(macos(WK_MAC_TBA), ios(WK_IOS_TBA));
Modified: trunk/Source/WebKit/UIProcess/API/Cocoa/_WKWebsiteDataStoreConfiguration.mm (266085 => 266086)
--- trunk/Source/WebKit/UIProcess/API/Cocoa/_WKWebsiteDataStoreConfiguration.mm 2020-08-24 21:35:54 UTC (rev 266085)
+++ trunk/Source/WebKit/UIProcess/API/Cocoa/_WKWebsiteDataStoreConfiguration.mm 2020-08-24 21:41:43 UTC (rev 266086)
@@ -290,6 +290,19 @@
_configuration->setMediaKeysStorageDirectory(url.path);
}
+- (NSURL *)hstsStorageDirectory
+{
+ return [NSURL fileURLWithPath:_configuration->hstsStorageDirectory() isDirectory:YES];
+}
+
+- (void)setHSTSStorageDirectory:(NSURL *)url
+{
+ if (!_configuration->isPersistent())
+ [NSException raise:NSInvalidArgumentException format:@"Cannot set hstsStorageDirectory on a non-persistent _WKWebsiteDataStoreConfiguration."];
+ checkURLArgument(url);
+ _configuration->setHSTSStorageDirectory(url.path);
+}
+
- (NSURL *)alternativeServicesStorageDirectory
{
return [NSURL fileURLWithPath:_configuration->alternativeServicesDirectory() isDirectory:YES];
Modified: trunk/Source/WebKit/UIProcess/Cocoa/WebProcessPoolCocoa.mm (266085 => 266086)
--- trunk/Source/WebKit/UIProcess/Cocoa/WebProcessPoolCocoa.mm 2020-08-24 21:35:54 UTC (rev 266085)
+++ trunk/Source/WebKit/UIProcess/Cocoa/WebProcessPoolCocoa.mm 2020-08-24 21:41:43 UTC (rev 266086)
@@ -755,18 +755,6 @@
m_powerSourceNotifier = nullptr;
}
-static CFURLStorageSessionRef privateBrowsingSession()
-{
- static CFURLStorageSessionRef session;
- static dispatch_once_t once;
- dispatch_once(&once, ^{
- NSString *identifier = [NSString stringWithFormat:@"%@.PrivateBrowsing", [[NSBundle mainBundle] bundleIdentifier]];
- session = createPrivateStorageSession((__bridge CFStringRef)identifier);
- });
-
- return session;
-}
-
bool WebProcessPool::isURLKnownHSTSHost(const String& urlString) const
{
RetainPtr<CFURLRef> url = "" urlString).createCFURL();
@@ -774,19 +762,6 @@
return _CFNetworkIsKnownHSTSHostWithSession(url.get(), nullptr);
}
-void WebProcessPool::resetHSTSHosts()
-{
- _CFNetworkResetHSTSHostsWithSession(nullptr);
- _CFNetworkResetHSTSHostsWithSession(privateBrowsingSession());
-}
-
-void WebProcessPool::resetHSTSHostsAddedAfterDate(double startDateIntervalSince1970)
-{
- NSDate *startDate = [NSDate dateWithTimeIntervalSince1970:startDateIntervalSince1970];
- _CFNetworkResetHSTSHostsSinceDate(nullptr, (__bridge CFDateRef)startDate);
- _CFNetworkResetHSTSHostsSinceDate(privateBrowsingSession(), (__bridge CFDateRef)startDate);
-}
-
#if PLATFORM(MAC) && ENABLE(WEBPROCESS_WINDOWSERVER_BLOCKING)
Optional<unsigned> WebProcessPool::nominalFramesPerSecondForDisplay(WebCore::PlatformDisplayID displayID)
{
Modified: trunk/Source/WebKit/UIProcess/WebProcessPool.h (266085 => 266086)
--- trunk/Source/WebKit/UIProcess/WebProcessPool.h 2020-08-24 21:35:54 UTC (rev 266085)
+++ trunk/Source/WebKit/UIProcess/WebProcessPool.h 2020-08-24 21:41:43 UTC (rev 266086)
@@ -434,8 +434,6 @@
static void didReceiveInvalidMessage(IPC::MessageName);
bool isURLKnownHSTSHost(const String& urlString) const;
- void resetHSTSHosts();
- void resetHSTSHostsAddedAfterDate(double startDateIntervalSince1970);
static void registerGlobalURLSchemeAsHavingCustomProtocolHandlers(const String&);
static void unregisterGlobalURLSchemeAsHavingCustomProtocolHandlers(const String&);
Modified: trunk/Source/WebKit/UIProcess/WebsiteData/WebsiteDataStore.cpp (266085 => 266086)
--- trunk/Source/WebKit/UIProcess/WebsiteData/WebsiteDataStore.cpp 2020-08-24 21:35:54 UTC (rev 266085)
+++ trunk/Source/WebKit/UIProcess/WebsiteData/WebsiteDataStore.cpp 2020-08-24 21:41:43 UTC (rev 266086)
@@ -232,6 +232,8 @@
m_resolvedConfiguration->setJavaScriptConfigurationDirectory(resolvePathForSandboxExtension(m_configuration->_javascript_ConfigurationDirectory()));
if (!m_configuration->cacheStorageDirectory().isEmpty() && m_resolvedConfiguration->cacheStorageDirectory().isEmpty())
m_resolvedConfiguration->setCacheStorageDirectory(resolvePathForSandboxExtension(m_configuration->cacheStorageDirectory()));
+ if (!m_configuration->hstsStorageDirectory().isEmpty() && m_resolvedConfiguration->hstsStorageDirectory().isEmpty())
+ m_resolvedConfiguration->setHSTSStorageDirectory(resolvePathForSandboxExtension(m_configuration->hstsStorageDirectory()));
// Resolve directories for file paths.
if (!m_configuration->cookieStorageFile().isEmpty()) {
@@ -2283,6 +2285,11 @@
if (!networkCacheDirectory.isEmpty())
SandboxExtension::createHandleForReadWriteDirectory(networkCacheDirectory, networkCacheDirectoryExtensionHandle);
+ auto hstsStorageDirectory = resolvedHSTSStorageDirectory();
+ SandboxExtension::Handle hstsStorageDirectoryExtensionHandle;
+ if (!hstsStorageDirectory.isEmpty())
+ SandboxExtension::createHandleForReadWriteDirectory(hstsStorageDirectory, hstsStorageDirectoryExtensionHandle);
+
bool shouldIncludeLocalhostInResourceLoadStatistics = false;
bool enableResourceLoadStatisticsDebugMode = false;
auto firstPartyWebsiteDataRemovalMode = WebCore::FirstPartyWebsiteDataRemovalMode::AllButCookies;
@@ -2325,6 +2332,8 @@
networkSessionParameters.allLoadsBlockedByDeviceManagementRestrictionsForTesting = m_configuration->allLoadsBlockedByDeviceManagementRestrictionsForTesting();
networkSessionParameters.networkCacheDirectory = WTFMove(networkCacheDirectory);
networkSessionParameters.networkCacheDirectoryExtensionHandle = WTFMove(networkCacheDirectoryExtensionHandle);
+ networkSessionParameters.hstsStorageDirectory = WTFMove(hstsStorageDirectory);
+ networkSessionParameters.hstsStorageDirectoryExtensionHandle = WTFMove(hstsStorageDirectoryExtensionHandle);
networkSessionParameters.dataConnectionServiceType = m_configuration->dataConnectionServiceType();
networkSessionParameters.fastServerTrustEvaluationEnabled = m_configuration->fastServerTrustEvaluationEnabled();
networkSessionParameters.networkCacheSpeculativeValidationEnabled = m_configuration->networkCacheSpeculativeValidationEnabled();
Modified: trunk/Source/WebKit/UIProcess/WebsiteData/WebsiteDataStore.h (266085 => 266086)
--- trunk/Source/WebKit/UIProcess/WebsiteData/WebsiteDataStore.h 2020-08-24 21:35:54 UTC (rev 266085)
+++ trunk/Source/WebKit/UIProcess/WebsiteData/WebsiteDataStore.h 2020-08-24 21:41:43 UTC (rev 266086)
@@ -225,6 +225,7 @@
const String& resolvedIndexedDatabaseDirectory() const { return m_resolvedConfiguration->indexedDBDatabaseDirectory(); }
const String& resolvedServiceWorkerRegistrationDirectory() const { return m_resolvedConfiguration->serviceWorkerRegistrationDirectory(); }
const String& resolvedResourceLoadStatisticsDirectory() const { return m_resolvedConfiguration->resourceLoadStatisticsDirectory(); }
+ const String& resolvedHSTSStorageDirectory() const { return m_resolvedConfiguration->hstsStorageDirectory(); }
DeviceIdHashSaltStorage& deviceIdHashSaltStorage() { return m_deviceIdHashSaltStorage.get(); }
Modified: trunk/Source/WebKit/UIProcess/WebsiteData/WebsiteDataStoreConfiguration.cpp (266085 => 266086)
--- trunk/Source/WebKit/UIProcess/WebsiteData/WebsiteDataStoreConfiguration.cpp 2020-08-24 21:35:54 UTC (rev 266085)
+++ trunk/Source/WebKit/UIProcess/WebsiteData/WebsiteDataStoreConfiguration.cpp 2020-08-24 21:41:43 UTC (rev 266086)
@@ -67,9 +67,7 @@
copy->m_indexedDBDatabaseDirectory = this->m_indexedDBDatabaseDirectory;
copy->m_serviceWorkerRegistrationDirectory = this->m_serviceWorkerRegistrationDirectory;
copy->m_webSQLDatabaseDirectory = this->m_webSQLDatabaseDirectory;
-#if USE(GLIB)
copy->m_hstsStorageDirectory = this->m_hstsStorageDirectory;
-#endif
copy->m_localStorageDirectory = this->m_localStorageDirectory;
copy->m_mediaKeysStorageDirectory = this->m_mediaKeysStorageDirectory;
copy->m_alternativeServicesDirectory = this->m_alternativeServicesDirectory;
Modified: trunk/Source/WebKit/UIProcess/WebsiteData/WebsiteDataStoreConfiguration.h (266085 => 266086)
--- trunk/Source/WebKit/UIProcess/WebsiteData/WebsiteDataStoreConfiguration.h 2020-08-24 21:35:54 UTC (rev 266085)
+++ trunk/Source/WebKit/UIProcess/WebsiteData/WebsiteDataStoreConfiguration.h 2020-08-24 21:41:43 UTC (rev 266086)
@@ -67,10 +67,10 @@
const String& webSQLDatabaseDirectory() const { return m_webSQLDatabaseDirectory; }
void setWebSQLDatabaseDirectory(String&& directory) { m_webSQLDatabaseDirectory = WTFMove(directory); }
-#if USE(GLIB) // According to r245075 this will eventually move here.
+
const String& hstsStorageDirectory() const { return m_hstsStorageDirectory; }
void setHSTSStorageDirectory(String&& directory) { m_hstsStorageDirectory = WTFMove(directory); }
-#endif
+
const String& localStorageDirectory() const { return m_localStorageDirectory; }
void setLocalStorageDirectory(String&& directory) { m_localStorageDirectory = WTFMove(directory); }
@@ -175,8 +175,8 @@
String m_indexedDBDatabaseDirectory;
String m_serviceWorkerRegistrationDirectory;
String m_webSQLDatabaseDirectory;
+ String m_hstsStorageDirectory;
#if USE(GLIB)
- String m_hstsStorageDirectory;
bool m_networkCacheSpeculativeValidationEnabled { true };
#else
bool m_networkCacheSpeculativeValidationEnabled { false };