Title: [282084] trunk
- Revision
- 282084
- Author
- bfulg...@apple.com
- Date
- 2021-09-07 07:32:47 -0700 (Tue, 07 Sep 2021)
Log Message
[wpt-improvement] Improve CSP support for window reuse
https://bugs.webkit.org/show_bug.cgi?id=229882
<rdar://78416553>
Reviewed by Chris Dumez.
LayoutTests/imported/w3c:
Rebaseline a test that now passes.
* web-platform-tests/content-security-policy/sandbox/window-reuse-sandboxed-expected.txt:
Source/WebCore:
If window.open is used to host content with a CSP sandbox header, we should always
create a new window, rather than reusing the existing one, unless the header
includes 'allow-same-site'.
This improves our WPT score.
Tested by: imported/w3c/web-platform-tests/content-security-policy/sandbox/window-reuse-sandboxed.html
* loader/DocumentLoader.cpp:
(WebCore::DocumentLoader::responseReceived): Parse the HTTP headers earlier so we can
make decisions based on their state.
* loader/DocumentWriter.cpp:
(WebCore::DocumentWriter::begin): Don't reuse the current window if 'allow-same-site'
is not allowed.
Modified Paths
Diff
Modified: trunk/LayoutTests/imported/w3c/ChangeLog (282083 => 282084)
--- trunk/LayoutTests/imported/w3c/ChangeLog 2021-09-07 14:14:15 UTC (rev 282083)
+++ trunk/LayoutTests/imported/w3c/ChangeLog 2021-09-07 14:32:47 UTC (rev 282084)
@@ -1,3 +1,15 @@
+2021-09-07 Brent Fulgham <bfulg...@apple.com>
+
+ [wpt-improvement] Improve CSP support for window reuse
+ https://bugs.webkit.org/show_bug.cgi?id=229882
+ <rdar://78416553>
+
+ Reviewed by Chris Dumez.
+
+ Rebaseline a test that now passes.
+
+ * web-platform-tests/content-security-policy/sandbox/window-reuse-sandboxed-expected.txt:
+
2021-09-06 Commit Queue <commit-qu...@webkit.org>
Unreviewed, reverting r282058.
Modified: trunk/LayoutTests/imported/w3c/web-platform-tests/content-security-policy/sandbox/window-reuse-sandboxed-expected.txt (282083 => 282084)
--- trunk/LayoutTests/imported/w3c/web-platform-tests/content-security-policy/sandbox/window-reuse-sandboxed-expected.txt 2021-09-07 14:14:15 UTC (rev 282083)
+++ trunk/LayoutTests/imported/w3c/web-platform-tests/content-security-policy/sandbox/window-reuse-sandboxed-expected.txt 2021-09-07 14:32:47 UTC (rev 282084)
@@ -1,3 +1,3 @@
-FAIL Window object should not be reused assert_equals: expected (undefined) undefined but got (string) "test"
+PASS Window object should not be reused
Modified: trunk/Source/WebCore/ChangeLog (282083 => 282084)
--- trunk/Source/WebCore/ChangeLog 2021-09-07 14:14:15 UTC (rev 282083)
+++ trunk/Source/WebCore/ChangeLog 2021-09-07 14:32:47 UTC (rev 282084)
@@ -1,3 +1,26 @@
+2021-09-07 Brent Fulgham <bfulg...@apple.com>
+
+ [wpt-improvement] Improve CSP support for window reuse
+ https://bugs.webkit.org/show_bug.cgi?id=229882
+ <rdar://78416553>
+
+ Reviewed by Chris Dumez.
+
+ If window.open is used to host content with a CSP sandbox header, we should always
+ create a new window, rather than reusing the existing one, unless the header
+ includes 'allow-same-site'.
+
+ This improves our WPT score.
+
+ Tested by: imported/w3c/web-platform-tests/content-security-policy/sandbox/window-reuse-sandboxed.html
+
+ * loader/DocumentLoader.cpp:
+ (WebCore::DocumentLoader::responseReceived): Parse the HTTP headers earlier so we can
+ make decisions based on their state.
+ * loader/DocumentWriter.cpp:
+ (WebCore::DocumentWriter::begin): Don't reuse the current window if 'allow-same-site'
+ is not allowed.
+
2021-09-01 Sergio Villar Senin <svil...@igalia.com>
Do not let RenderFragmentContainers create new formatting contexts
Modified: trunk/Source/WebCore/loader/DocumentLoader.cpp (282083 => 282084)
--- trunk/Source/WebCore/loader/DocumentLoader.cpp 2021-09-07 14:14:15 UTC (rev 282083)
+++ trunk/Source/WebCore/loader/DocumentLoader.cpp 2021-09-07 14:32:47 UTC (rev 282084)
@@ -782,12 +782,6 @@
if (!m_frame->document() || !m_frame->document()->settings().crossOriginOpenerPolicyEnabled())
return true;
- if (!response.httpHeaderField(HTTPHeaderName::ContentSecurityPolicy).isNull()) {
- m_contentSecurityPolicy = makeUnique<ContentSecurityPolicy>(URL { response.url() }, nullptr);
- m_contentSecurityPolicy->didReceiveHeaders(ContentSecurityPolicyResponseHeaders { response }, m_request.httpReferrer(), ContentSecurityPolicy::ReportParsingErrors::No);
- } else
- m_contentSecurityPolicy = nullptr;
-
auto [responseOrigin, responseCOOP] = computeResponseOriginAndCOOP(response, *m_frame->document(), m_triggeringAction.requester(), m_contentSecurityPolicy.get());
// https://html.spec.whatwg.org/multipage/browsing-the-web.html#process-a-navigate-fetch (Step 12.5.6.2)
@@ -925,6 +919,12 @@
{
ASSERT_UNUSED(resource, m_mainResource == &resource);
+ if (!response.httpHeaderField(HTTPHeaderName::ContentSecurityPolicy).isNull()) {
+ m_contentSecurityPolicy = makeUnique<ContentSecurityPolicy>(URL { response.url() }, nullptr);
+ m_contentSecurityPolicy->didReceiveHeaders(ContentSecurityPolicyResponseHeaders { response }, m_request.httpReferrer(), ContentSecurityPolicy::ReportParsingErrors::No);
+ } else
+ m_contentSecurityPolicy = nullptr;
+
#if ENABLE(RESOURCE_LOAD_STATISTICS)
// FIXME(218779): Remove this quirk once microsoft.com completes their login flow redesign.
if (m_frame && m_frame->document()) {
Modified: trunk/Source/WebCore/loader/DocumentWriter.cpp (282083 => 282084)
--- trunk/Source/WebCore/loader/DocumentWriter.cpp 2021-09-07 14:14:15 UTC (rev 282083)
+++ trunk/Source/WebCore/loader/DocumentWriter.cpp 2021-09-07 14:32:47 UTC (rev 282084)
@@ -142,6 +142,12 @@
&& m_frame->document()->isSecureTransitionTo(url)
&& (m_frame->window() && !m_frame->window()->wasWrappedWithoutInitializedSecurityOrigin() && m_frame->window()->mayReuseForNavigation());
+ if (shouldReuseDefaultView) {
+ ASSERT(m_frame->loader().documentLoader());
+ if (auto* contentSecurityPolicy = m_frame->loader().documentLoader()->contentSecurityPolicy())
+ shouldReuseDefaultView = !(contentSecurityPolicy->sandboxFlags() & SandboxOrigin);
+ }
+
// Temporarily extend the lifetime of the existing document so that FrameLoader::clear() doesn't destroy it as
// we need to retain its ongoing set of upgraded requests in new navigation contexts per <http://www.w3.org/TR/upgrade-insecure-requests/>
// and we may also need to inherit its Content Security Policy below.
_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes