Branch: refs/heads/main Home: https://github.com/WebKit/WebKit Commit: c33df2d323602a9e7693b18d53a40887995fe942 https://github.com/WebKit/WebKit/commit/c33df2d323602a9e7693b18d53a40887995fe942 Author: Wenson Hsieh <wenson_hs...@apple.com> Date: 2024-05-24 (Fri, 24 May 2024)
Changed paths: M Source/WebCore/Modules/webaudio/AudioWorkletMessagingProxy.cpp M Source/WebCore/dom/Document.cpp M Source/WebCore/dom/Document.h M Source/WebCore/dom/EmptyScriptExecutionContext.h M Source/WebCore/dom/ScriptExecutionContext.h M Source/WebCore/page/Page.cpp M Source/WebCore/page/Page.h M Source/WebCore/workers/Worker.cpp M Source/WebCore/workers/WorkerGlobalScope.cpp M Source/WebCore/workers/WorkerInitializationData.h M Source/WebCore/workers/WorkerMessagingProxy.cpp M Source/WebCore/workers/WorkerOrWorkletGlobalScope.cpp M Source/WebCore/workers/WorkerOrWorkletGlobalScope.h M Source/WebCore/workers/WorkerScriptLoader.cpp M Source/WebCore/workers/WorkerScriptLoader.h M Source/WebCore/workers/WorkerThread.cpp M Source/WebCore/workers/WorkerThread.h M Source/WebCore/workers/service/ServiceWorkerClientData.cpp M Source/WebCore/workers/service/ServiceWorkerClientData.h M Source/WebCore/workers/service/context/ServiceWorkerThread.cpp M Source/WebCore/workers/service/context/ServiceWorkerThread.h M Source/WebCore/workers/service/context/ServiceWorkerThreadProxy.cpp M Source/WebCore/workers/service/server/SWServer.cpp M Source/WebCore/workers/service/server/SWServer.h M Source/WebCore/workers/service/server/SWServerToContextConnection.h M Source/WebCore/workers/shared/SharedWorkerScriptLoader.cpp M Source/WebCore/workers/shared/context/SharedWorkerThreadProxy.cpp M Source/WebCore/worklets/WorkletGlobalScope.cpp M Source/WebCore/worklets/WorkletParameters.h M Source/WebKit/NetworkProcess/ServiceWorker/WebSWServerConnection.cpp M Source/WebKit/NetworkProcess/ServiceWorker/WebSWServerToContextConnection.cpp M Source/WebKit/NetworkProcess/ServiceWorker/WebSWServerToContextConnection.h M Source/WebKit/Shared/WebCoreArgumentCoders.serialization.in M Source/WebKit/WebProcess/Storage/WebSWContextManagerConnection.cpp M Source/WebKit/WebProcess/Storage/WebSWContextManagerConnection.h M Source/WebKit/WebProcess/Storage/WebSWContextManagerConnection.messages.in M Source/WebKit/WebProcess/Storage/WebSharedWorkerContextManagerConnection.cpp M Tools/TestWebKitAPI/Tests/WebKit/AdvancedPrivacyProtections.mm Log Message: ----------- [Private Browsing] Noise injection doesn't apply when using OffscreenCanvas in shared/service workers https://bugs.webkit.org/show_bug.cgi?id=271159 rdar://124702163 Reviewed by Sihui Liu and Chris Dumez. In Private Browsing mode in Safari 17, each `ScriptExecutionContext` has a noise injection hash salt (unique by security origin) and `AdvancedPrivacyProtections` flags, sourced from the document loader. These are used to generate noise when reading pixels back from `canvas` or `OffscreenCanvas`. For dedicated workers, plumbing already exists to propagate the hash salt via `WorkerParameters` to `WorkerGlobalScope`, where they apply to `OffscreenCanvas`. However, for both shared workers and service workers, this is insufficient, since the `OffscreenCanvas` APIs are called in a separate, potentially-remote `Page` (which currently has neither a hash salt nor the requisite `AdvancedPrivacyProtections` flags). To fix this, we extend `AdvancedPrivacyProtection` flag plumbing to work for these two remaining types of workers; see below for more details. Test: AdvancedPrivacyProtections.NoiseInjectionForOffscreenCanvasInSharedWorker * Source/WebCore/Modules/webaudio/AudioWorkletMessagingProxy.cpp: (WebCore::generateWorkletParameters): * Source/WebCore/dom/Document.cpp: (WebCore::Document::noiseInjectionPolicy const): (WebCore::Document::advancedPrivacyProtections const): * Source/WebCore/dom/Document.h: * Source/WebCore/dom/EmptyScriptExecutionContext.h: * Source/WebCore/dom/ScriptExecutionContext.h: Add an override point to return the set of active advanced privacy protection flags. For `Document`, this goes through the top document's loader. For worklets and workers, this state is passed in via `WorkerParameters` and `WorkletParameters`. * Source/WebCore/page/Page.cpp: (WebCore::Page::setupForRemoteWorker): Allow shared/service workers to pass in privacy protections when initializing the remote `Page`. * Source/WebCore/page/Page.h: * Source/WebCore/workers/Worker.cpp: (WebCore::Worker::notifyFinished): * Source/WebCore/workers/WorkerGlobalScope.cpp: (WebCore::WorkerGlobalScope::WorkerGlobalScope): * Source/WebCore/workers/WorkerInitializationData.h: (WebCore::WorkerInitializationData::isolatedCopy const): * Source/WebCore/workers/WorkerMessagingProxy.cpp: (WebCore::WorkerMessagingProxy::startWorkerGlobalScope): * Source/WebCore/workers/WorkerOrWorkletGlobalScope.cpp: (WebCore::WorkerOrWorkletGlobalScope::WorkerOrWorkletGlobalScope): * Source/WebCore/workers/WorkerOrWorkletGlobalScope.h: (WebCore::WorkerOrWorkletGlobalScope::WorkerOrWorkletGlobalScope): * Source/WebCore/workers/WorkerScriptLoader.cpp: (WebCore::WorkerScriptLoader::loadSynchronously): (WebCore::WorkerScriptLoader::loadAsynchronously): * Source/WebCore/workers/WorkerScriptLoader.h: (WebCore::WorkerScriptLoader::advancedPrivacyProtections const): Add a member as well as a getter to keep track of the active privacy protections for the currently loading (or loaded) worker. Later consulted in `SharedWorkerScriptLoader` to plumb the protection options into `WorkerInitializationData`, when spinning up shared workers. * Source/WebCore/workers/WorkerThread.cpp: (WebCore::WorkerParameters::isolatedCopy const): * Source/WebCore/workers/WorkerThread.h: * Source/WebCore/workers/service/ServiceWorkerClientData.cpp: (WebCore::ServiceWorkerClientData::isolatedCopy const): (WebCore::ServiceWorkerClientData::isolatedCopy): (WebCore::ServiceWorkerClientData::from): * Source/WebCore/workers/service/ServiceWorkerClientData.h: * Source/WebCore/workers/service/context/ServiceWorkerThread.cpp: (WebCore::generateWorkerParameters): (WebCore::ServiceWorkerThread::ServiceWorkerThread): * Source/WebCore/workers/service/context/ServiceWorkerThread.h: * Source/WebCore/workers/service/context/ServiceWorkerThreadProxy.cpp: (WebCore::ServiceWorkerThreadProxy::ServiceWorkerThreadProxy): * Source/WebCore/workers/service/server/SWServer.cpp: (WebCore::forEachClientForOriginImpl): (WebCore::SWServer::forEachClientForOrigin const): (WebCore::SWServer::forEachClientForOrigin): (WebCore::SWServer::advancedPrivacyProtectionsFromClient const): When installing a new service worker, consult the set of matching clients (by client origin), to check if any clients of the service worker have active privacy protections; pass along the union of these active policies when installing the service worker. (WebCore::SWServer::installContextData): Pass in `AdvancedPrivacyProtections` when spinning up a new service worker. (WebCore::SWServer::runServiceWorker): * Source/WebCore/workers/service/server/SWServer.h: * Source/WebCore/workers/service/server/SWServerToContextConnection.h: * Source/WebCore/workers/shared/SharedWorkerScriptLoader.cpp: (WebCore::SharedWorkerScriptLoader::notifyFinished): * Source/WebCore/workers/shared/context/SharedWorkerThreadProxy.cpp: (WebCore::generateWorkerParameters): * Source/WebCore/worklets/WorkletGlobalScope.cpp: (WebCore::WorkletGlobalScope::WorkletGlobalScope): * Source/WebCore/worklets/WorkletParameters.h: (WebCore::WorkletParameters::isolatedCopy const): (WebCore::WorkletParameters::isolatedCopy): * Source/WebKit/NetworkProcess/ServiceWorker/WebSWServerConnection.cpp: (WebKit::WebSWServerConnection::controlClient): * Source/WebKit/NetworkProcess/ServiceWorker/WebSWServerToContextConnection.cpp: (WebKit::WebSWServerToContextConnection::installServiceWorkerContext): * Source/WebKit/NetworkProcess/ServiceWorker/WebSWServerToContextConnection.h: * Source/WebKit/Shared/WebCoreArgumentCoders.serialization.in: * Source/WebKit/WebProcess/Storage/WebSWContextManagerConnection.cpp: (WebKit::WebSWContextManagerConnection::installServiceWorker): Call `setupForRemoteWorker` with the privacy protection flags. * Source/WebKit/WebProcess/Storage/WebSWContextManagerConnection.h: * Source/WebKit/WebProcess/Storage/WebSWContextManagerConnection.messages.in: * Source/WebKit/WebProcess/Storage/WebSharedWorkerContextManagerConnection.cpp: (WebKit::WebSharedWorkerContextManagerConnection::launchSharedWorker): Call `setupForRemoteWorker` with the privacy protection flags. * Tools/TestWebKitAPI/Tests/WebKit/AdvancedPrivacyProtections.mm: (TestWebKitAPI::sharedWorkerMainBytes): Add a new API test. Originally-landed-as: 272448.764@safari-7618-branch (e285de6f4a70). rdar://128550109 Canonical link: https://commits.webkit.org/279267@main Commit: 58066bfb9d6324a8e43bd42068e9d756c1986b52 https://github.com/WebKit/WebKit/commit/58066bfb9d6324a8e43bd42068e9d756c1986b52 Author: Antoine Quint <grao...@webkit.org> Date: 2024-05-24 (Fri, 24 May 2024) Changed paths: M Source/WebKit/WebProcess/WebPage/RemoteLayerTree/PlatformCAAnimationRemote.mm M Source/WebKit/WebProcess/WebPage/RemoteLayerTree/PlatformCAAnimationRemoteProperties.serialization.in Log Message: ----------- Validate key paths of animations in an animation group sent over IPC https://bugs.webkit.org/show_bug.cgi?id=271476 rdar://125216664 Reviewed by Simon Fraser. Assert that the key path of animations created within an animation group is valid when receiving them from an IPC connection in the same spirit as 259066@main. Additionally, we add a `Validator` for the `PlatformCAAnimationRemoteProperties::animationType` member such that it calls `PlatformCAAnimation::isValidKeyPath()` during the decoding process and trigger a `MESSAGE_CHECK` if the key is not valid. It is important to do this for `animationType` and not `keyPath` since we need both members to have been decoded first. * Source/WebKit/WebProcess/WebPage/RemoteLayerTree/PlatformCAAnimationRemote.mm: (WebKit::createAnimation): * Source/WebKit/WebProcess/WebPage/RemoteLayerTree/PlatformCAAnimationRemoteProperties.serialization.in: Originally-landed-as: 272448.858@safari-7618-branch (ce10225c6802). rdar://128551814 Canonical link: https://commits.webkit.org/279268@main Commit: e3408806f2e78e22f157d8b15f0b37215732cd8f https://github.com/WebKit/WebKit/commit/e3408806f2e78e22f157d8b15f0b37215732cd8f Author: Charlie Wolfe <charl...@apple.com> Date: 2024-05-24 (Fri, 24 May 2024) Changed paths: M LayoutTests/ipc/dirty-region-overflow.html Log Message: ----------- Running `ipc/dirty-region-overflow.html` and `ipc/invalid-message-to-web-process.html` in succession causes a crash https://bugs.webkit.org/show_bug.cgi?id=272126 rdar://125851088 Reviewed by Kimmo Kinnunen. Receive and set semaphores after creating a rendering backend. * LayoutTests/ipc/dirty-region-overflow.html: Originally-landed-as: 272448.863@safari-7618-branch (21771a7de8c8). rdar://128551814 Canonical link: https://commits.webkit.org/279269@main Compare: https://github.com/WebKit/WebKit/compare/4aea4a2555b9...e3408806f2e7 To unsubscribe from these emails, change your notification settings at https://github.com/WebKit/WebKit/settings/notifications _______________________________________________ webkit-changes mailing list webkit-changes@lists.webkit.org https://lists.webkit.org/mailman/listinfo/webkit-changes