Diff
Modified: trunk/LayoutTests/ChangeLog (191210 => 191211)
--- trunk/LayoutTests/ChangeLog 2015-10-16 21:10:58 UTC (rev 191210)
+++ trunk/LayoutTests/ChangeLog 2015-10-16 21:25:52 UTC (rev 191211)
@@ -1,3 +1,16 @@
+2015-10-16 Brent Fulgham <bfulg...@apple.com>
+
+ Hide all plugin names except Flash, Java, and QuickTime
+ https://bugs.webkit.org/show_bug.cgi?id=149014
+
+ Reviewed by Darin Adler.
+
+ Update tests to notify internals that all plugins should be shown, not
+ just the publicly available ones.
+
+ * plugins/plugin-_javascript_-access.html:
+ * plugins/script-tests/navigator-mimeTypes-length.js:
+
2015-10-16 Michael Saboff <msab...@apple.com>
REGRESSION (r191175): Still crashing when clicking back button on netflix.com
Modified: trunk/LayoutTests/plugins/plugin-_javascript_-access.html (191210 => 191211)
--- trunk/LayoutTests/plugins/plugin-_javascript_-access.html 2015-10-16 21:10:58 UTC (rev 191210)
+++ trunk/LayoutTests/plugins/plugin-_javascript_-access.html 2015-10-16 21:25:52 UTC (rev 191211)
@@ -8,6 +8,9 @@
if (window.testRunner)
testRunner.dumpAsText()
+if (window.internals)
+ internals.setShowAllPlugins(true);
+
navigator.plugins.refresh(false); // Supposedly helps if new plug-ins were added.
var foundTestPlugin = false;
Modified: trunk/LayoutTests/plugins/script-tests/navigator-mimeTypes-length.js (191210 => 191211)
--- trunk/LayoutTests/plugins/script-tests/navigator-mimeTypes-length.js 2015-10-16 21:10:58 UTC (rev 191210)
+++ trunk/LayoutTests/plugins/script-tests/navigator-mimeTypes-length.js 2015-10-16 21:25:52 UTC (rev 191211)
@@ -2,6 +2,9 @@
"Test for bug 10038: REGRESSION: Length of navigator.mimeTypes collection returns number of installed plugins, not number of registered mime types."
);
+if (window.internals)
+ internals.setShowAllPlugins(true);
+
var numberOfMimeTypes = 0;
for (var i = 0; i < navigator.plugins.length; ++i) {
var plugin = navigator.plugins[i];
Modified: trunk/Source/WebCore/ChangeLog (191210 => 191211)
--- trunk/Source/WebCore/ChangeLog 2015-10-16 21:10:58 UTC (rev 191210)
+++ trunk/Source/WebCore/ChangeLog 2015-10-16 21:25:52 UTC (rev 191211)
@@ -1,3 +1,24 @@
+2015-10-16 Brent Fulgham <bfulg...@apple.com>
+
+ Hide all plugin names except Flash, Java, and QuickTime
+ https://bugs.webkit.org/show_bug.cgi?id=149014
+
+ Reviewed by Darin Adler.
+
+ Revise plugin interface so that sites cannot iterate over all plugins to obtain
+ a list of installed plugins for fingerprinting purposes. Sites need to ask for
+ specific plugins by name, rather than iterating and comparing to avoid making
+ this information accessible for fingerprinting purposes.
+
+ * plugins/DOMPluginArray.cpp:
+ (WebCore::DOMPluginArray::length): Only return length of the plugins we are
+ allowing to be seen.
+ (WebCore::DOMPluginArray::item): Only iterate through the plugins we are
+ allowing to be seen.
+ * plugins/PluginData.cpp:
+ (WebCore::PluginData::publiclyVisiblePlugins): Added.
+ * plugins/PluginData.h:
+
2015-10-16 Brady Eidson <beid...@apple.com>
"enum class" some IDB enums.
Modified: trunk/Source/WebCore/page/Page.h (191210 => 191211)
--- trunk/Source/WebCore/page/Page.h 2015-10-16 21:10:58 UTC (rev 191210)
+++ trunk/Source/WebCore/page/Page.h 2015-10-16 21:25:52 UTC (rev 191211)
@@ -471,6 +471,9 @@
IDBClient::IDBConnectionToServer& idbConnection();
#endif
+ void setShowAllPlugins(bool showAll) { m_showAllPlugins = showAll; }
+ bool showAllPlugins() const { return m_showAllPlugins; }
+
private:
WEBCORE_EXPORT void initGroup();
@@ -634,6 +637,7 @@
MediaProducer::MediaStateFlags m_mediaState { MediaProducer::IsNotPlaying };
bool m_allowsMediaDocumentInlinePlayback { false };
+ bool m_showAllPlugins { false };
};
inline PageGroup& Page::group()
Modified: trunk/Source/WebCore/plugins/DOMPluginArray.cpp (191210 => 191211)
--- trunk/Source/WebCore/plugins/DOMPluginArray.cpp 2015-10-16 21:10:58 UTC (rev 191210)
+++ trunk/Source/WebCore/plugins/DOMPluginArray.cpp 2015-10-16 21:25:52 UTC (rev 191211)
@@ -1,6 +1,6 @@
/*
* Copyright (C) 2008 Nokia Corporation and/or its subsidiary(-ies)
- * Copyright (C) 2008 Apple Inc. All rights reserved.
+ * Copyright (C) 2008, 2015 Apple Inc. All rights reserved.
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public
@@ -49,7 +49,7 @@
if (!data)
return 0;
- return data->webVisiblePlugins().size();
+ return data->publiclyVisiblePlugins().size();
}
RefPtr<DOMPlugin> DOMPluginArray::item(unsigned index)
@@ -58,7 +58,7 @@
if (!data)
return nullptr;
- const Vector<PluginInfo>& plugins = data->webVisiblePlugins();
+ const Vector<PluginInfo>& plugins = data->publiclyVisiblePlugins();
if (index >= plugins.size())
return nullptr;
return DOMPlugin::create(data, m_frame, plugins[index]);
Modified: trunk/Source/WebCore/plugins/PluginData.cpp (191210 => 191211)
--- trunk/Source/WebCore/plugins/PluginData.cpp 2015-10-16 21:10:58 UTC (rev 191210)
+++ trunk/Source/WebCore/plugins/PluginData.cpp 2015-10-16 21:25:52 UTC (rev 191211)
@@ -24,6 +24,7 @@
#include "config.h"
#include "PluginData.h"
+#include "Page.h"
#include "PlatformStrategies.h"
#include "PluginStrategy.h"
@@ -44,6 +45,36 @@
return plugins;
}
+static bool shouldBePubliclyVisible(const PluginInfo& plugin)
+{
+ // For practical website compatibility, there are a few plugins that need to be
+ // visible. We are matching the set of plugins that Mozilla has been using since
+ // there is a good track record that this does not harm compatibility.
+ return plugin.name.containsIgnoringASCIICase("Shockwave")
+ || plugin.name.containsIgnoringASCIICase("QuickTime")
+ || plugin.name.containsIgnoringASCIICase("Java");
+}
+
+Vector<PluginInfo> PluginData::publiclyVisiblePlugins() const
+{
+ if (m_page->showAllPlugins())
+ return webVisiblePlugins();
+
+ Vector<PluginInfo> allPlugins;
+ platformStrategies()->pluginStrategy()->getWebVisiblePluginInfo(m_page, allPlugins);
+
+ Vector<PluginInfo> plugins;
+ for (auto&& plugin : allPlugins) {
+ if (shouldBePubliclyVisible(plugin))
+ plugins.append(WTF::move(plugin));
+ }
+
+ std::sort(plugins.begin(), plugins.end(), [](const PluginInfo& a, const PluginInfo& b) {
+ return codePointCompareLessThan(a.name, b.name);
+ });
+ return plugins;
+}
+
void PluginData::getWebVisibleMimesAndPluginIndices(Vector<MimeClassInfo>& mimes, Vector<size_t>& mimePluginIndices) const
{
getMimesAndPluginIndiciesForPlugins(webVisiblePlugins(), mimes, mimePluginIndices);
Modified: trunk/Source/WebCore/plugins/PluginData.h (191210 => 191211)
--- trunk/Source/WebCore/plugins/PluginData.h 2015-10-16 21:10:58 UTC (rev 191210)
+++ trunk/Source/WebCore/plugins/PluginData.h 2015-10-16 21:25:52 UTC (rev 191211)
@@ -1,5 +1,6 @@
/*
Copyright (C) 2008 Nokia Corporation and/or its subsidiary(-ies)
+ Copyright (C) 2015 Apple Inc. All rights reserved.
This library is free software; you can redistribute it and/or
modify it under the terms of the GNU Library General Public
@@ -89,6 +90,7 @@
const Vector<PluginInfo>& plugins() const { return m_plugins; }
Vector<PluginInfo> webVisiblePlugins() const;
+ Vector<PluginInfo> publiclyVisiblePlugins() const;
WEBCORE_EXPORT void getWebVisibleMimesAndPluginIndices(Vector<MimeClassInfo>&, Vector<size_t>&) const;
enum AllowedPluginTypes {
Modified: trunk/Source/WebCore/testing/Internals.cpp (191210 => 191211)
--- trunk/Source/WebCore/testing/Internals.cpp 2015-10-16 21:10:58 UTC (rev 191210)
+++ trunk/Source/WebCore/testing/Internals.cpp 2015-10-16 21:25:52 UTC (rev 191211)
@@ -385,6 +385,8 @@
#if ENABLE(CONTENT_FILTERING)
MockContentFilterSettings::reset();
#endif
+
+ page->setShowAllPlugins(false);
}
Internals::Internals(Document* document)
@@ -3148,4 +3150,17 @@
}
#endif
+void Internals::setShowAllPlugins(bool show)
+{
+ Document* document = contextDocument();
+ if (!document)
+ return;
+
+ Page* page = document->page();
+ if (!page)
+ return;
+
+ page->setShowAllPlugins(show);
}
+
+}
Modified: trunk/Source/WebCore/testing/Internals.h (191210 => 191211)
--- trunk/Source/WebCore/testing/Internals.h 2015-10-16 21:10:58 UTC (rev 191210)
+++ trunk/Source/WebCore/testing/Internals.h 2015-10-16 21:25:52 UTC (rev 191211)
@@ -436,6 +436,7 @@
String getCurrentMediaControlsStatusForElement(HTMLMediaElement*);
String userVisibleString(const DOMURL*);
+ void setShowAllPlugins(bool);
private:
explicit Internals(Document*);
Modified: trunk/Source/WebCore/testing/Internals.idl (191210 => 191211)
--- trunk/Source/WebCore/testing/Internals.idl 2015-10-16 21:10:58 UTC (rev 191210)
+++ trunk/Source/WebCore/testing/Internals.idl 2015-10-16 21:25:52 UTC (rev 191211)
@@ -1,6 +1,6 @@
/*
* Copyright (C) 2012 Google Inc. All rights reserved.
- * Copyright (C) 2013, 2014 Apple Inc. All rights reserved.
+ * Copyright (C) 2013-2015 Apple Inc. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -406,4 +406,6 @@
[Conditional=VIDEO] DOMString getCurrentMediaControlsStatusForElement(HTMLMediaElement element);
DOMString userVisibleString(DOMURL url);
+
+ void setShowAllPlugins(boolean showAll);
};
