Branch: refs/heads/main
Home: https://github.com/WebKit/WebKit
Commit: aabff0b8adf8165f88b48632222ad3d6e1c88b9f
https://github.com/WebKit/WebKit/commit/aabff0b8adf8165f88b48632222ad3d6e1c88b9f
Author: Elijah Sawyers <[email protected]>
Date: 2025-04-02 (Wed, 02 Apr 2025)
Changed paths:
M
Source/WebKit/UIProcess/Extensions/Cocoa/API/WebExtensionContextAPIPermissionsCocoa.mm
M Source/WebKit/UIProcess/Extensions/WebExtension.h
M Tools/TestWebKitAPI/Tests/WebKitCocoa/WKWebExtensionAPIPermissions.mm
Log Message:
-----------
Return the correct origins in permissions.getAll() if all urls and/or hosts
match pattern(s) have been granted
https://bugs.webkit.org/show_bug.cgi?id=290812
rdar://147872012
Reviewed by Timothy Hatcher.
This patch fixes a bug where we'd always return the all hosts match pattern,
*://*/*, from permissions.getAll() after Safari grants an extension access to
all websites. This is problematic if, for example, an extension specifies the
all URLs match pattern, <all_urls>, in their manifest and checks for it with
permissions.getAll().
This is happening because Safari is just explicitly granting the all hosts
match pattern when allowing all website access. I looked into fixing this bug
on the Safari-side, but I think it's riskier. If an extension already has the
all hosts match pattern granted, but really specifies the all URLs match pattern
in its manifest, it'd put permissions in a bad state unless we also wrote some
sort of migration code to fix the quirk.
As such, I've decided to fix the bug on the WebKit-side. To do so, we need to
update the permissions.getAll() method to return the all URLs and/or all hosts
match pattern(s) if it's been granted access to one or both of the patterns. To
decide which pattern(s) to return, we look in the manifest.
I wrote a bunch of new unit tests to validate this fix.
*
Source/WebKit/UIProcess/Extensions/Cocoa/API/WebExtensionContextAPIPermissionsCocoa.mm:
(WebKit::WebExtensionContext::permissionsGetAll):
Modify this method to behave as described in the commit message summary.
* Source/WebKit/UIProcess/Extensions/WebExtension.h:
(WebKit::WebExtension::combinedPermissionMatchPatterns):
Introduce a new method that returns both optional and requested host
permissions, used by
permissionsGetAll().
* Tools/TestWebKitAPI/Tests/WebKitCocoa/WKWebExtensionAPIPermissions.mm:
(TestWebKitAPI::TEST(WKWebExtensionAPIPermissions, Basics)):
(TestWebKitAPI::TEST(WKWebExtensionAPIPermissions,
GetAllOriginsMatchesManifest)):
Write new tests to validate the patch.
Canonical link: https://commits.webkit.org/293133@main
To unsubscribe from these emails, change your notification settings at
https://github.com/WebKit/WebKit/settings/notifications
_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes
