Diff
Modified: trunk/Source/WebKit/ChangeLog (287275 => 287276)
--- trunk/Source/WebKit/ChangeLog 2021-12-20 21:58:38 UTC (rev 287275)
+++ trunk/Source/WebKit/ChangeLog 2021-12-20 22:04:20 UTC (rev 287276)
@@ -1,5 +1,31 @@
2021-12-20 Alex Christensen <achristen...@webkit.org>
+ Prevent test functionality in AdAttributionDaemon when not running tests
+ https://bugs.webkit.org/show_bug.cgi?id=231258
+ <rdar://84168088>
+
+ Reviewed by Brady Eidson.
+
+ adattributiond already has a private entitlement check to make sure that only the network process has permission to connect to it.
+ This makes it so that the network process can't manipulate state only intended to be manipulated for tests when told to do so by
+ an application misusing SPI.
+
+ * NetworkProcess/NetworkProcess.cpp:
+ (WebKit::NetworkProcess::allowsPrivateClickMeasurementTestFunctionality const):
+ (WebKit::NetworkProcess::setPrivateClickMeasurementOverrideTimerForTesting):
+ (WebKit::NetworkProcess::simulateResourceLoadStatisticsSessionRestart):
+ (WebKit::NetworkProcess::markAttributedPrivateClickMeasurementsAsExpiredForTesting):
+ (WebKit::NetworkProcess::setPrivateClickMeasurementEphemeralMeasurementForTesting):
+ (WebKit::NetworkProcess::setPrivateClickMeasurementTokenPublicKeyURLForTesting):
+ (WebKit::NetworkProcess::setPrivateClickMeasurementTokenSignatureURLForTesting):
+ (WebKit::NetworkProcess::setPrivateClickMeasurementAttributionReportURLsForTesting):
+ (WebKit::NetworkProcess::markPrivateClickMeasurementsAsExpiredForTesting):
+ (WebKit::NetworkProcess::setPCMFraudPreventionValuesForTesting):
+ (WebKit::NetworkProcess::setPrivateClickMeasurementAppBundleIDForTesting):
+ * NetworkProcess/NetworkProcess.h:
+
+2021-12-20 Alex Christensen <achristen...@webkit.org>
+
[ Monterey ] TestWebKitAPI.WebSocket.PageWithAttributedBundleIdentifierDestroyed (API-test) is a constant timeout
https://bugs.webkit.org/show_bug.cgi?id=233224
Modified: trunk/Source/WebKit/NetworkProcess/NetworkProcess.cpp (287275 => 287276)
--- trunk/Source/WebKit/NetworkProcess/NetworkProcess.cpp 2021-12-20 21:58:38 UTC (rev 287275)
+++ trunk/Source/WebKit/NetworkProcess/NetworkProcess.cpp 2021-12-20 22:04:20 UTC (rev 287276)
@@ -104,6 +104,7 @@
#if PLATFORM(COCOA)
#include "LaunchServicesDatabaseObserver.h"
#include "NetworkSessionCocoa.h"
+#include <wtf/cocoa/Entitlements.h>
#endif
#if USE(SOUP)
@@ -2420,8 +2421,23 @@
completionHandler();
}
+bool NetworkProcess::allowsPrivateClickMeasurementTestFunctionality() const
+{
+#if !PLATFORM(COCOA) || !USE(APPLE_INTERNAL_SDK)
+ return true;
+#else
+ auto auditToken = sourceApplicationAuditToken();
+ if (!auditToken)
+ return false;
+ return WTF::hasEntitlement(*auditToken, "com.apple.private.webkit.adattributiond.testing");
+#endif
+}
+
void NetworkProcess::setPrivateClickMeasurementOverrideTimerForTesting(PAL::SessionID sessionID, bool value, CompletionHandler<void()>&& completionHandler)
{
+ if (!allowsPrivateClickMeasurementTestFunctionality())
+ return completionHandler();
+
if (auto* session = networkSession(sessionID))
session->setPrivateClickMeasurementOverrideTimerForTesting(value);
@@ -2430,6 +2446,9 @@
void NetworkProcess::simulateResourceLoadStatisticsSessionRestart(PAL::SessionID sessionID, CompletionHandler<void()>&& completionHandler)
{
+ if (!allowsPrivateClickMeasurementTestFunctionality())
+ return completionHandler();
+
// FIXME: Rename this to simulatePrivateClickMeasurementSessionRestart.
if (auto* session = networkSession(sessionID)) {
session->recreatePrivateClickMeasurementStore([session = WeakPtr { *session }, completionHandler = WTFMove(completionHandler)] () mutable {
@@ -2444,6 +2463,9 @@
void NetworkProcess::markAttributedPrivateClickMeasurementsAsExpiredForTesting(PAL::SessionID sessionID, CompletionHandler<void()>&& completionHandler)
{
+ if (!allowsPrivateClickMeasurementTestFunctionality())
+ return completionHandler();
+
if (auto* session = networkSession(sessionID)) {
session->markAttributedPrivateClickMeasurementsAsExpiredForTesting(WTFMove(completionHandler));
return;
@@ -2453,6 +2475,9 @@
void NetworkProcess::setPrivateClickMeasurementEphemeralMeasurementForTesting(PAL::SessionID sessionID, bool value, CompletionHandler<void()>&& completionHandler)
{
+ if (!allowsPrivateClickMeasurementTestFunctionality())
+ return completionHandler();
+
if (auto* session = networkSession(sessionID))
session->setPrivateClickMeasurementEphemeralMeasurementForTesting(value);
@@ -2462,6 +2487,9 @@
void NetworkProcess::setPrivateClickMeasurementTokenPublicKeyURLForTesting(PAL::SessionID sessionID, URL&& url, CompletionHandler<void()>&& completionHandler)
{
+ if (!allowsPrivateClickMeasurementTestFunctionality())
+ return completionHandler();
+
if (auto* session = networkSession(sessionID))
session->setPrivateClickMeasurementTokenPublicKeyURLForTesting(WTFMove(url));
@@ -2470,6 +2498,9 @@
void NetworkProcess::setPrivateClickMeasurementTokenSignatureURLForTesting(PAL::SessionID sessionID, URL&& url, CompletionHandler<void()>&& completionHandler)
{
+ if (!allowsPrivateClickMeasurementTestFunctionality())
+ return completionHandler();
+
if (auto* session = networkSession(sessionID))
session->setPrivateClickMeasurementTokenSignatureURLForTesting(WTFMove(url));
@@ -2478,6 +2509,9 @@
void NetworkProcess::setPrivateClickMeasurementAttributionReportURLsForTesting(PAL::SessionID sessionID, URL&& sourceURL, URL&& destinationURL, CompletionHandler<void()>&& completionHandler)
{
+ if (!allowsPrivateClickMeasurementTestFunctionality())
+ return completionHandler();
+
if (auto* session = networkSession(sessionID))
session->setPrivateClickMeasurementAttributionReportURLsForTesting(WTFMove(sourceURL), WTFMove(destinationURL));
@@ -2486,6 +2520,9 @@
void NetworkProcess::markPrivateClickMeasurementsAsExpiredForTesting(PAL::SessionID sessionID, CompletionHandler<void()>&& completionHandler)
{
+ if (!allowsPrivateClickMeasurementTestFunctionality())
+ return completionHandler();
+
if (auto* session = networkSession(sessionID))
session->markPrivateClickMeasurementsAsExpiredForTesting();
@@ -2494,6 +2531,9 @@
void NetworkProcess::setPCMFraudPreventionValuesForTesting(PAL::SessionID sessionID, String&& unlinkableToken, String&& secretToken, String&& signature, String&& keyID, CompletionHandler<void()>&& completionHandler)
{
+ if (!allowsPrivateClickMeasurementTestFunctionality())
+ return completionHandler();
+
if (auto* session = networkSession(sessionID))
session->setPCMFraudPreventionValuesForTesting(WTFMove(unlinkableToken), WTFMove(secretToken), WTFMove(signature), WTFMove(keyID));
@@ -2502,6 +2542,9 @@
void NetworkProcess::setPrivateClickMeasurementAppBundleIDForTesting(PAL::SessionID sessionID, String&& appBundleIDForTesting, CompletionHandler<void()>&& completionHandler)
{
+ if (!allowsPrivateClickMeasurementTestFunctionality())
+ return completionHandler();
+
if (auto* session = networkSession(sessionID))
session->setPrivateClickMeasurementAppBundleIDForTesting(WTFMove(appBundleIDForTesting));
Modified: trunk/Source/WebKit/NetworkProcess/NetworkProcess.h (287275 => 287276)
--- trunk/Source/WebKit/NetworkProcess/NetworkProcess.h 2021-12-20 21:58:38 UTC (rev 287275)
+++ trunk/Source/WebKit/NetworkProcess/NetworkProcess.h 2021-12-20 22:04:20 UTC (rev 287276)
@@ -313,6 +313,7 @@
void storePrivateClickMeasurement(PAL::SessionID, WebCore::PrivateClickMeasurement&&);
void dumpPrivateClickMeasurement(PAL::SessionID, CompletionHandler<void(String)>&&);
void clearPrivateClickMeasurement(PAL::SessionID, CompletionHandler<void()>&&);
+ bool allowsPrivateClickMeasurementTestFunctionality() const;
void setPrivateClickMeasurementOverrideTimerForTesting(PAL::SessionID, bool value, CompletionHandler<void()>&&);
void markAttributedPrivateClickMeasurementsAsExpiredForTesting(PAL::SessionID, CompletionHandler<void()>&&);
void setPrivateClickMeasurementEphemeralMeasurementForTesting(PAL::SessionID, bool value, CompletionHandler<void()>&&);
Modified: trunk/Tools/ChangeLog (287275 => 287276)
--- trunk/Tools/ChangeLog 2021-12-20 21:58:38 UTC (rev 287275)
+++ trunk/Tools/ChangeLog 2021-12-20 22:04:20 UTC (rev 287276)
@@ -1,5 +1,15 @@
2021-12-20 Alex Christensen <achristen...@webkit.org>
+ Prevent test functionality in AdAttributionDaemon when not running tests
+ https://bugs.webkit.org/show_bug.cgi?id=231258
+
+ Reviewed by Brady Eidson.
+
+ * TestWebKitAPI/Configurations/TestWebKitAPI-macOS-internal.entitlements:
+ * WebKitTestRunner/Configurations/WebKitTestRunner.entitlements:
+
+2021-12-20 Alex Christensen <achristen...@webkit.org>
+
[ Monterey ] TestWebKitAPI.WebSocket.PageWithAttributedBundleIdentifierDestroyed (API-test) is a constant timeout
https://bugs.webkit.org/show_bug.cgi?id=233224
Modified: trunk/Tools/TestWebKitAPI/Configurations/TestWebKitAPI-iOS.entitlements (287275 => 287276)
--- trunk/Tools/TestWebKitAPI/Configurations/TestWebKitAPI-iOS.entitlements 2021-12-20 21:58:38 UTC (rev 287275)
+++ trunk/Tools/TestWebKitAPI/Configurations/TestWebKitAPI-iOS.entitlements 2021-12-20 22:04:20 UTC (rev 287276)
@@ -10,6 +10,8 @@
<true/>
<key>com.apple.Pasteboard.paste-unchecked</key>
<true/>
+ <key>com.apple.private.webkit.adattributiond.testing</key>
+ <true/>
<key>com.apple.private.webkit.webpush</key>
<true/>
<key>com.apple.private.webkit.webpush.inject</key>
Modified: trunk/Tools/TestWebKitAPI/Configurations/TestWebKitAPI-macOS-internal.entitlements (287275 => 287276)
--- trunk/Tools/TestWebKitAPI/Configurations/TestWebKitAPI-macOS-internal.entitlements 2021-12-20 21:58:38 UTC (rev 287275)
+++ trunk/Tools/TestWebKitAPI/Configurations/TestWebKitAPI-macOS-internal.entitlements 2021-12-20 22:04:20 UTC (rev 287276)
@@ -2,6 +2,8 @@
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
+ <key>com.apple.private.webkit.adattributiond.testing</key>
+ <true/>
<key>com.apple.private.webkit.webpush</key>
<true/>
<key>com.apple.private.webkit.webpush.inject</key>
Modified: trunk/Tools/WebKitTestRunner/Configurations/WebKitTestRunner.entitlements (287275 => 287276)
--- trunk/Tools/WebKitTestRunner/Configurations/WebKitTestRunner.entitlements 2021-12-20 21:58:38 UTC (rev 287275)
+++ trunk/Tools/WebKitTestRunner/Configurations/WebKitTestRunner.entitlements 2021-12-20 22:04:20 UTC (rev 287276)
@@ -6,6 +6,8 @@
<array>
<string>com.apple.WebKitTestRunner</string>
</array>
+ <key>com.apple.private.webkit.adattributiond.testing</key>
+ <true/>
<key>com.apple.security.temporary-exception.sbpl</key>
<array>
<string>(allow mach-issue-extension (require-all (extension-class "com.apple.webkit.extension.mach")))</string>
Modified: trunk/Tools/WebKitTestRunner/Configurations/WebKitTestRunnerApp-iOS.entitlements (287275 => 287276)
--- trunk/Tools/WebKitTestRunner/Configurations/WebKitTestRunnerApp-iOS.entitlements 2021-12-20 21:58:38 UTC (rev 287275)
+++ trunk/Tools/WebKitTestRunner/Configurations/WebKitTestRunnerApp-iOS.entitlements 2021-12-20 22:04:20 UTC (rev 287276)
@@ -10,5 +10,7 @@
<true/>
<key>com.apple.Pasteboard.paste-unchecked</key>
<true/>
+ <key>com.apple.private.webkit.adattributiond.testing</key>
+ <true/>
</dict>
</plist>