Changeset 214309 in webkit

Timestamp:

Mar 23, 2017 12:06:31 PM (7 years ago)

Author:

beidson@apple.com

Message:

WebSQL databases should not openable in private browsing.
<rdar://problem/30383335> and ​https://bugs.webkit.org/show_bug.cgi?id=170013

Reviewed by Alex Christensen.

Source/WebCore:

Test: storage/websql/private-browsing-open-disabled.html

• Modules/webdatabase/DatabaseManager.cpp:

(WebCore::DatabaseManager::openDatabaseBackend):
(WebCore::DatabaseManager::tryToOpenDatabaseBackend): Throw an exception if in private browsing.

• Modules/webdatabase/DatabaseManager.h:

LayoutTests:

• storage/websql/private-browsing-open-disabled-expected.txt: Added.
• storage/websql/private-browsing-open-disabled.html: Added.

Location:

trunk

Files:

• LayoutTests/ChangeLog (modified) (1 diff)
• LayoutTests/storage/websql/private-browsing-open-disabled-expected.txt (added)
• LayoutTests/storage/websql/private-browsing-open-disabled.html (added)
• Source/WebCore/ChangeLog (modified) (1 diff)
• Source/WebCore/Modules/webdatabase/DatabaseManager.cpp (modified) (4 diffs)
• Source/WebCore/Modules/webdatabase/DatabaseManager.h (modified) (1 diff)

trunk/LayoutTests/ChangeLog

@@ +1 @@
+2017-03-23  Brady Eidson  <beidson@apple.com>
+
+        WebSQL databases should not openable in private browsing.
+        <rdar://problem/30383335> and https://bugs.webkit.org/show_bug.cgi?id=170013
+
+        Reviewed by Alex Christensen.
+
+        * storage/websql/private-browsing-open-disabled-expected.txt: Added.
+        * storage/websql/private-browsing-open-disabled.html: Added.
+
 2017-03-23  Ryan Haddad  <ryanhaddad@apple.com>
 

trunk/Source/WebCore/ChangeLog

@@ +1 @@
+2017-03-23  Brady Eidson  <beidson@apple.com>
+
+        WebSQL databases should not openable in private browsing.
+        <rdar://problem/30383335> and https://bugs.webkit.org/show_bug.cgi?id=170013
+
+        Reviewed by Alex Christensen.
+
+        Test: storage/websql/private-browsing-open-disabled.html
+
+        * Modules/webdatabase/DatabaseManager.cpp:
+        (WebCore::DatabaseManager::openDatabaseBackend):
+        (WebCore::DatabaseManager::tryToOpenDatabaseBackend): Throw an exception if in private browsing.
+        * Modules/webdatabase/DatabaseManager.h:
+
 2017-03-22  Dean Jackson  <dino@apple.com>
 

trunk/Source/WebCore/Modules/webdatabase/DatabaseManager.cpp

@@ -122 +122 @@
 ExceptionOr<Ref<Database>> DatabaseManager::openDatabaseBackend(ScriptExecutionContext& context, const String& name, const String& expectedVersion, const String& displayName, unsigned estimatedSize, bool setVersionInNewDatabase)
 {
-    auto databaseContext = this->databaseContext(context);
-
-    auto backend = tryToOpenDatabaseBackend(databaseContext, name, expectedVersion, displayName, estimatedSize, setVersionInNewDatabase, FirstTryToOpenDatabase);
+    auto backend = tryToOpenDatabaseBackend(context, name, expectedVersion, displayName, estimatedSize, setVersionInNewDatabase, FirstTryToOpenDatabase);
 
     if (backend.hasException()) {
@@ -134 +132 @@
                 // FIXME: What guarantees context.securityOrigin() is non-null?
                 ProposedDatabase proposedDatabase { *this, *context.securityOrigin(), name, displayName, estimatedSize };
-                databaseContext->databaseExceededQuota(name, proposedDatabase.details());
+                this->databaseContext(context)->databaseExceededQuota(name, proposedDatabase.details());
             }
-            backend = tryToOpenDatabaseBackend(databaseContext, name, expectedVersion, displayName, estimatedSize, setVersionInNewDatabase, RetryOpenDatabase);
+            backend = tryToOpenDatabaseBackend(context, name, expectedVersion, displayName, estimatedSize, setVersionInNewDatabase, RetryOpenDatabase);
         }
     }
@@ -150 +148 @@
 }
 
-ExceptionOr<Ref<Database>> DatabaseManager::tryToOpenDatabaseBackend(DatabaseContext& backendContext, const String& name, const String& expectedVersion, const String& displayName, unsigned estimatedSize, bool setVersionInNewDatabase,
+ExceptionOr<Ref<Database>> DatabaseManager::tryToOpenDatabaseBackend(ScriptExecutionContext& scriptContext, const String& name, const String& expectedVersion, const String& displayName, unsigned estimatedSize, bool setVersionInNewDatabase,
     OpenAttempt attempt)
 {
+    if (is<Document>(&scriptContext)) {
+        auto* page = downcast<Document>(scriptContext).page();
+        if (!page || page->usesEphemeralSession())
+            return Exception { SECURITY_ERR };
+    }
+
+    if (scriptContext.isWorkerGlobalScope()) {
+        ASSERT_NOT_REACHED();
+        return Exception { SECURITY_ERR };
+    }
+
+    auto backendContext = this->databaseContext(scriptContext);
+
     ExceptionOr<void> preflightResult;
     switch (attempt) {
@@ -172 +183 @@
 
     // FIXME: What guarantees backendContext.securityOrigin() is non-null?
-    DatabaseTracker::singleton().setDatabaseDetails(backendContext.securityOrigin(), name, displayName, estimatedSize);
+    DatabaseTracker::singleton().setDatabaseDetails(backendContext->securityOrigin(), name, displayName, estimatedSize);
     return WTFMove(database);
 }

trunk/Source/WebCore/Modules/webdatabase/DatabaseManager.h

@@ -77 +77 @@
     enum OpenAttempt { FirstTryToOpenDatabase, RetryOpenDatabase };
     ExceptionOr<Ref<Database>> openDatabaseBackend(ScriptExecutionContext&, const String& name, const String& expectedVersion, const String& displayName, unsigned estimatedSize, bool setVersionInNewDatabase);
-    static ExceptionOr<Ref<Database>> tryToOpenDatabaseBackend(DatabaseContext&, const String& name, const String& expectedVersion, const String& displayName, unsigned estimatedSize, bool setVersionInNewDatabase, OpenAttempt);
+    ExceptionOr<Ref<Database>> tryToOpenDatabaseBackend(ScriptExecutionContext&, const String& name, const String& expectedVersion, const String& displayName, unsigned estimatedSize, bool setVersionInNewDatabase, OpenAttempt);
 
     class ProposedDatabase;