[webkit-changes] [282084] trunk

[bfulgham]

Title: [282084] trunk

Revision

282084

Author

bfulg...@apple.com

Date

2021-09-07 07:32:47 -0700 (Tue, 07 Sep 2021)

Log Message

[wpt-improvement] Improve CSP support for window reuse
https://bugs.webkit.org/show_bug.cgi?id=229882
<rdar://78416553>

Reviewed by Chris Dumez.

LayoutTests/imported/w3c:

Rebaseline a test that now passes.

* web-platform-tests/content-security-policy/sandbox/window-reuse-sandboxed-expected.txt:

Source/WebCore:

If window.open is used to host content with a CSP sandbox header, we should always
create a new window, rather than reusing the existing one, unless the header
includes 'allow-same-site'.

This improves our WPT score.

Tested by: imported/w3c/web-platform-tests/content-security-policy/sandbox/window-reuse-sandboxed.html

* loader/DocumentLoader.cpp:
(WebCore::DocumentLoader::responseReceived): Parse the HTTP headers earlier so we can
make decisions based on their state.
* loader/DocumentWriter.cpp:
(WebCore::DocumentWriter::begin): Don't reuse the current window if 'allow-same-site'
is not allowed.

Modified Paths

• trunk/LayoutTests/imported/w3c/ChangeLog
• trunk/LayoutTests/imported/w3c/web-platform-tests/content-security-policy/sandbox/window-reuse-sandboxed-expected.txt
• trunk/Source/WebCore/ChangeLog
• trunk/Source/WebCore/loader/DocumentLoader.cpp
• trunk/Source/WebCore/loader/DocumentWriter.cpp

Diff

Modified: trunk/LayoutTests/imported/w3c/ChangeLog (282083 => 282084)

--- trunk/LayoutTests/imported/w3c/ChangeLog	2021-09-07 14:14:15 UTC (rev 282083)
+++ trunk/LayoutTests/imported/w3c/ChangeLog	2021-09-07 14:32:47 UTC (rev 282084)
@@ -1,3 +1,15 @@
+2021-09-07  Brent Fulgham  <bfulg...@apple.com>
+
+        [wpt-improvement] Improve CSP support for window reuse
+        https://bugs.webkit.org/show_bug.cgi?id=229882
+        <rdar://78416553>
+
+        Reviewed by Chris Dumez.
+
+        Rebaseline a test that now passes.
+
+        * web-platform-tests/content-security-policy/sandbox/window-reuse-sandboxed-expected.txt:
+
 2021-09-06  Commit Queue  <commit-qu...@webkit.org>
 
         Unreviewed, reverting r282058.

Modified: trunk/LayoutTests/imported/w3c/web-platform-tests/content-security-policy/sandbox/window-reuse-sandboxed-expected.txt (282083 => 282084)

--- trunk/LayoutTests/imported/w3c/web-platform-tests/content-security-policy/sandbox/window-reuse-sandboxed-expected.txt	2021-09-07 14:14:15 UTC (rev 282083)
+++ trunk/LayoutTests/imported/w3c/web-platform-tests/content-security-policy/sandbox/window-reuse-sandboxed-expected.txt	2021-09-07 14:32:47 UTC (rev 282084)
@@ -1,3 +1,3 @@
 
-FAIL Window object should not be reused assert_equals: expected (undefined) undefined but got (string) "test"
+PASS Window object should not be reused
 

Modified: trunk/Source/WebCore/ChangeLog (282083 => 282084)

--- trunk/Source/WebCore/ChangeLog	2021-09-07 14:14:15 UTC (rev 282083)
+++ trunk/Source/WebCore/ChangeLog	2021-09-07 14:32:47 UTC (rev 282084)
@@ -1,3 +1,26 @@
+2021-09-07  Brent Fulgham  <bfulg...@apple.com>
+
+        [wpt-improvement] Improve CSP support for window reuse
+        https://bugs.webkit.org/show_bug.cgi?id=229882
+        <rdar://78416553>
+
+        Reviewed by Chris Dumez.
+
+        If window.open is used to host content with a CSP sandbox header, we should always
+        create a new window, rather than reusing the existing one, unless the header
+        includes 'allow-same-site'.
+
+        This improves our WPT score.
+
+        Tested by: imported/w3c/web-platform-tests/content-security-policy/sandbox/window-reuse-sandboxed.html
+
+        * loader/DocumentLoader.cpp:
+        (WebCore::DocumentLoader::responseReceived): Parse the HTTP headers earlier so we can
+        make decisions based on their state.
+        * loader/DocumentWriter.cpp:
+        (WebCore::DocumentWriter::begin): Don't reuse the current window if 'allow-same-site'
+        is not allowed.
+
 2021-09-01  Sergio Villar Senin  <svil...@igalia.com>
 
         Do not let RenderFragmentContainers create new formatting contexts

Modified: trunk/Source/WebCore/loader/DocumentLoader.cpp (282083 => 282084)

--- trunk/Source/WebCore/loader/DocumentLoader.cpp	2021-09-07 14:14:15 UTC (rev 282083)
+++ trunk/Source/WebCore/loader/DocumentLoader.cpp	2021-09-07 14:32:47 UTC (rev 282084)
@@ -782,12 +782,6 @@
     if (!m_frame->document() || !m_frame->document()->settings().crossOriginOpenerPolicyEnabled())
         return true;
 
-    if (!response.httpHeaderField(HTTPHeaderName::ContentSecurityPolicy).isNull()) {
-        m_contentSecurityPolicy = makeUnique<ContentSecurityPolicy>(URL { response.url() }, nullptr);
-        m_contentSecurityPolicy->didReceiveHeaders(ContentSecurityPolicyResponseHeaders { response }, m_request.httpReferrer(), ContentSecurityPolicy::ReportParsingErrors::No);
-    } else
-        m_contentSecurityPolicy = nullptr;
-
     auto [responseOrigin, responseCOOP] = computeResponseOriginAndCOOP(response, *m_frame->document(), m_triggeringAction.requester(), m_contentSecurityPolicy.get());
 
     // https://html.spec.whatwg.org/multipage/browsing-the-web.html#process-a-navigate-fetch (Step 12.5.6.2)
@@ -925,6 +919,12 @@
 {
     ASSERT_UNUSED(resource, m_mainResource == &resource);
 
+    if (!response.httpHeaderField(HTTPHeaderName::ContentSecurityPolicy).isNull()) {
+        m_contentSecurityPolicy = makeUnique<ContentSecurityPolicy>(URL { response.url() }, nullptr);
+        m_contentSecurityPolicy->didReceiveHeaders(ContentSecurityPolicyResponseHeaders { response }, m_request.httpReferrer(), ContentSecurityPolicy::ReportParsingErrors::No);
+    } else
+        m_contentSecurityPolicy = nullptr;
+
 #if ENABLE(RESOURCE_LOAD_STATISTICS)
     // FIXME(218779): Remove this quirk once microsoft.com completes their login flow redesign.
     if (m_frame && m_frame->document()) {

Modified: trunk/Source/WebCore/loader/DocumentWriter.cpp (282083 => 282084)

--- trunk/Source/WebCore/loader/DocumentWriter.cpp	2021-09-07 14:14:15 UTC (rev 282083)
+++ trunk/Source/WebCore/loader/DocumentWriter.cpp	2021-09-07 14:32:47 UTC (rev 282084)
@@ -142,6 +142,12 @@
         && m_frame->document()->isSecureTransitionTo(url)
         && (m_frame->window() && !m_frame->window()->wasWrappedWithoutInitializedSecurityOrigin() && m_frame->window()->mayReuseForNavigation());
 
+    if (shouldReuseDefaultView) {
+        ASSERT(m_frame->loader().documentLoader());
+        if (auto* contentSecurityPolicy = m_frame->loader().documentLoader()->contentSecurityPolicy())
+            shouldReuseDefaultView = !(contentSecurityPolicy->sandboxFlags() & SandboxOrigin);
+    }
+
     // Temporarily extend the lifetime of the existing document so that FrameLoader::clear() doesn't destroy it as
     // we need to retain its ongoing set of upgraded requests in new navigation contexts per <http://www.w3.org/TR/upgrade-insecure-requests/>
     // and we may also need to inherit its Content Security Policy below.

_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes