Changeset 228386 in webkit
- Timestamp:
- Feb 12, 2018 11:52:00 AM (6 years ago)
- Location:
- branches/safari-605-branch
- Files:
-
- 9 added
- 19 edited
Legend:
- Unmodified
- Added
- Removed
-
branches/safari-605-branch/LayoutTests/ChangeLog
r228364 r228386 1 2018-02-12 Jason Marcell <jmarcell@apple.com> 2 3 Cherry-pick r228231. rdar://problem/37408885 4 5 2018-02-07 Daniel Bates <dabates@apple.com> 6 7 Log error when authentication challenge is blocked due to an insecure request 8 https://bugs.webkit.org/show_bug.cgi?id=182358 9 10 Reviewed by Andy Estes. 11 12 Add more tests and update expected results of existing tests now that we emit console messages. 13 14 Also fixed a typo in LayoutTests/http/tests/security/mixedContent/secure-redirect-to-secure-redirect-to-basic-auth-insecure-image.https.html 15 so that it tests what it actually claims to test and made the test programmatically load the image 16 to avoid output flakiness caused by the preload scanner preloading it. The preload scanner performs 17 mixed content checks and this can cause duplicate mixed content warnings in the test output. 18 19 * http/tests/security/mixedContent/insecure-basic-auth-image.https-expected.txt: Added. 20 * http/tests/security/mixedContent/insecure-basic-auth-image.https.html: Copied from LayoutTests/http/tests/security/mixedContent/secure-redirect-to-secure-redirect-to-basic-auth-insecure-image.https.html. 21 * http/tests/security/mixedContent/insecure-download-redirects-to-basic-auth-secure-download.https-expected.txt: 22 * http/tests/security/mixedContent/insecure-image-redirects-to-basic-auth-secure-image-expected.txt: 23 * http/tests/security/mixedContent/resources/subresource/protected-page.php: Added. 24 * http/tests/security/mixedContent/resources/subresource2/protected-image.php: Added. 25 * http/tests/security/mixedContent/secure-page-navigates-to-basic-auth-insecure-page.https-expected.txt: Added. 26 * http/tests/security/mixedContent/secure-page-navigates-to-basic-auth-insecure-page.https.html: Added. 27 * http/tests/security/mixedContent/secure-page-navigates-to-basic-auth-secure-page-via-insecure-redirect.https-expected.txt: Added. 28 * http/tests/security/mixedContent/secure-page-navigates-to-basic-auth-secure-page-via-insecure-redirect.https.html: Added. 29 * http/tests/security/mixedContent/secure-redirect-to-insecure-redirect-to-basic-auth-secure-image.https-expected.txt: 30 * http/tests/security/mixedContent/secure-redirect-to-secure-redirect-to-basic-auth-insecure-image.https-expected.txt: 31 * http/tests/security/mixedContent/secure-redirect-to-secure-redirect-to-basic-auth-insecure-image.https.html: 32 1 33 2018-02-09 Jason Marcell <jmarcell@apple.com> 2 34 -
branches/safari-605-branch/LayoutTests/http/tests/security/mixedContent/insecure-download-redirects-to-basic-auth-secure-download.https-expected.txt
r224134 r228386 1 CONSOLE MESSAGE: Blocked https://localhost:8443/security/mixedContent/resources/subresource/protected-pdf.php from asking for credentials because it was loaded via an insecure redirect from http://127.0.0.1:8080/resources/redirect.php?url=https://localhost:8443/security/mixedContent/resources/subresource/protected-pdf.php. 2 CONSOLE MESSAGE: Blocked https://localhost:8443/security/mixedContent/resources/subresource/protected-pdf.php from asking for credentials because it was navigated to from a secure page or went through an insecure redirect. 1 3 ALERT: Unauthorized 2 4 -
branches/safari-605-branch/LayoutTests/http/tests/security/mixedContent/insecure-image-redirects-to-basic-auth-secure-image-expected.txt
r224134 r228386 1 1 CONSOLE MESSAGE: line 17: The page at https://127.0.0.1:8443/security/mixedContent/resources/frame-with-insecure-image-redirects-to-basic-auth-secure-image.html was allowed to display insecure content from http://127.0.0.1:8080/resources/redirect.php?url=https://localhost:8443/security/mixedContent/resources/subresource/protected-image.php. 2 2 3 CONSOLE MESSAGE: Blocked https://localhost:8443/security/mixedContent/resources/subresource/protected-image.php from asking for credentials because it was loaded via an insecure redirect from http://127.0.0.1:8080/resources/redirect.php?url=https://localhost:8443/security/mixedContent/resources/subresource/protected-image.php. 3 4 This test opens a new window to a secure page that loads an insecure image that redirects to a secure image guarded by basic authentication. The secure image should be blocked because it requires credentials and was loaded via an insecure redirect. 4 5 -
branches/safari-605-branch/LayoutTests/http/tests/security/mixedContent/secure-redirect-to-insecure-redirect-to-basic-auth-secure-image.https-expected.txt
r224134 r228386 1 1 CONSOLE MESSAGE: The page at https://127.0.0.1:8443/security/mixedContent/secure-redirect-to-insecure-redirect-to-basic-auth-secure-image.https.html was allowed to display insecure content from http://127.0.0.1:8080/resources/redirect.php?url=https://localhost:8443/security/mixedContent/resources/subresource/protected-image.php. 2 2 3 CONSOLE MESSAGE: Blocked https://localhost:8443/security/mixedContent/resources/subresource/protected-image.php from asking for credentials because it was loaded via an insecure redirect from https://127.0.0.1:8443/resources/redirect.php?url=http%3A//127.0.0.1%3A8080/resources/redirect.php%3Furl%3Dhttps%3A//localhost%3A8443/security/mixedContent/resources/subresource/protected-image.php. 3 4 This test loads a secure image that redirects to an insecure image that redirects to a secure image guarded by basic authentication. The secure image should be blocked because it requires credentials and was loaded via an insecure redirect. 4 5 -
branches/safari-605-branch/LayoutTests/http/tests/security/mixedContent/secure-redirect-to-secure-redirect-to-basic-auth-insecure-image.https-expected.txt
r224134 r228386 1 CONSOLE MESSAGE: The page at https://127.0.0.1:8443/security/mixedContent/secure-redirect-to-secure-redirect-to-basic-auth-insecure-image.https.html was allowed to display insecure content from http:// 127.0.0.1:8443/resources/redirect.php?url=http://localhost:8080/security/mixedContent/resources/subresource/protected-image.php.1 CONSOLE MESSAGE: The page at https://127.0.0.1:8443/security/mixedContent/secure-redirect-to-secure-redirect-to-basic-auth-insecure-image.https.html was allowed to display insecure content from http://localhost:8080/security/mixedContent/resources/subresource/protected-image.php. 2 2 3 CONSOLE MESSAGE: Blocked http://localhost:8080/security/mixedContent/resources/subresource/protected-image.php from asking for credentials because it is insecure content that was loaded via a redirect from https://127.0.0.1:8443/resources/redirect.php?url=https%3A//localhost%3A8443/resources/redirect.php%3Furl%3Dhttp%3A//localhost%3A8080/security/mixedContent/resources/subresource/protected-image.php. 3 4 This test loads a secure image that redirects to an secure image that redirects to an insecure image guarded by basic authentication. The insecure image should be blocked because it requires credentials. 4 5 -
branches/safari-605-branch/LayoutTests/http/tests/security/mixedContent/secure-redirect-to-secure-redirect-to-basic-auth-insecure-image.https.html
r224134 r228386 23 23 finishJSTest(); 24 24 } 25 26 function runTest() 27 { 28 // Load the image programmatically instead of declaratively to avoid output flakiness caused by 29 // the preload scanner performing mixed content checks as part of preloading the image. 30 let image = new Image; 31 image.onload = fail; 32 image.onerror = pass; 33 image.src = "https://127.0.0.1:8443/resources/redirect.php?url=https%3A//localhost%3A8443/resources/redirect.php%3Furl%3Dhttp%3A//localhost%3A8080/security/mixedContent/resources/subresource/protected-image.php"; 34 document.body.appendChild(image); 35 } 36 37 window.onload = runTest; 25 38 </script> 26 39 <script> 27 40 description("This test loads a secure image that redirects to an secure image that redirects to an insecure image guarded by basic authentication. The insecure image should be blocked because it requires credentials."); 28 41 </script> 29 <img src="https://127.0.0.1:8443/resources/redirect.php?url=http%3A//127.0.0.1%3A8443/resources/redirect.php%3Furl%3Dhttp%3A//localhost%3A8080/security/mixedContent/resources/subresource/protected-image.php" onerror="pass()" onload="fail()">30 42 </body> 31 43 </html> -
branches/safari-605-branch/Source/WebCore/ChangeLog
r228385 r228386 1 2018-02-12 Jason Marcell <jmarcell@apple.com> 2 3 Cherry-pick r228231. rdar://problem/37408885 4 5 2018-02-07 Daniel Bates <dabates@apple.com> 6 7 Log error when authentication challenge is blocked due to an insecure request 8 https://bugs.webkit.org/show_bug.cgi?id=182358 9 10 Reviewed by Andy Estes. 11 12 Emit an error message to Web Inspector console that explains why an authentication 13 challenge was blocked so that a developer can fix up their site. 14 15 Tests: http/tests/security/mixedContent/insecure-basic-auth-image.https.html 16 http/tests/security/mixedContent/secure-page-navigates-to-basic-auth-insecure-page.https.html 17 http/tests/security/mixedContent/secure-page-navigates-to-basic-auth-secure-page-via-insecure-redirect.https.html 18 19 * loader/FrameLoader.cpp: 20 (WebCore::FrameLoader::receivedFirstData): Log to the console an error message 21 if the document we are loading was forbidden from prompting for credentials. 22 Also removed duplicate assertion to ensure document is non-null and update 23 call to LinkLoader::loadLinksFromHeader() to use local variable to access 24 the document we are loading instead of asking the frame for it, again. 25 (WebCore::FrameLoader::reportAuthenticationChallengeBlocked): Added. 26 * loader/FrameLoader.h: 27 28 * loader/ResourceLoader.cpp: 29 (WebCore::ResourceLoader::init): 30 (WebCore::ResourceLoader::willSendRequestInternal): 31 Track the decision to forbid asking for credentials due to Fetch spec. requirements (m_canAskClientForCredentials) 32 independently from the decision to forbid them due to making an insecure request (m_wasInsecureRequestSeen) 33 so that we know the reason why we blocked asking for credentials when we receive an authentication challenge. 34 35 (WebCore::ResourceLoader::didBlockAuthenticationChallenge): Added. 36 (WebCore::ResourceLoader::isAllowedToAskUserForCredentials const): Modified code now that we track 37 whether we have seen an insecure request so far independently from decision to forbid prompting for 38 credentials due to a Fetch spec. requirement. 39 40 (WebCore::ResourceLoader::didReceiveAuthenticationChallenge): 41 Store a bit whether we have seen an insecure request when loading the resource so far. Disallow 42 asking for credentials if we have seen an insecure request so far. Once we receive a response 43 44 * loader/ResourceLoader.h: 45 (WebCore::ResourceLoader::wasAuthenticationChallengeBlocked const): Added. 46 (WebCore::ResourceLoader::wasInsecureRequestSeen const): Added. 47 1 48 2018-02-12 Jason Marcell <jmarcell@apple.com> 2 49 -
branches/safari-605-branch/Source/WebCore/loader/FrameLoader.cpp
r228385 r228386 116 116 #include "Settings.h" 117 117 #include "SubframeLoader.h" 118 #include "SubresourceLoader.h" 118 119 #include "TextResourceDecoder.h" 119 120 #include "UserContentController.h" … … 679 680 auto& document = *m_frame.document(); 680 681 682 auto* mainResourceLoader = documentLoader.mainResourceLoader(); 683 if (mainResourceLoader && mainResourceLoader->wasAuthenticationChallengeBlocked() && mainResourceLoader->wasInsecureRequestSeen()) 684 reportAuthenticationChallengeBlocked(&m_frame, document.url(), ASCIILiteral { "it was navigated to from a secure page or went through an insecure redirect" }); 685 681 686 LinkLoader::loadLinksFromHeader(documentLoader.response().httpHeaderField(HTTPHeaderName::Link), document.url(), document, LinkLoader::MediaAttributeCheck::MediaAttributeEmpty); 682 687 … … 1551 1556 1552 1557 frame->document()->addConsoleMessage(MessageSource::Security, MessageLevel::Error, "Not allowed to use restricted network port: " + url); 1558 } 1559 1560 void FrameLoader::reportAuthenticationChallengeBlocked(Frame* frame, const URL& url, const String& reason) 1561 { 1562 if (!frame) 1563 return; 1564 1565 frame->document()->addConsoleMessage(MessageSource::Security, MessageLevel::Error, makeString("Blocked ", url.stringCenterEllipsizedToLength(), " from asking for credentials because ", reason, '.')); 1553 1566 } 1554 1567 -
branches/safari-605-branch/Source/WebCore/loader/FrameLoader.h
r228058 r228386 132 132 static void reportLocalLoadFailed(Frame*, const String& url); 133 133 static void reportBlockedPortFailed(Frame*, const String& url); 134 static void reportAuthenticationChallengeBlocked(Frame*, const URL&, const String& reason); 134 135 135 136 // FIXME: These are all functions which stop loads. We have too many. -
branches/safari-605-branch/Source/WebCore/loader/ResourceLoader.cpp
r224846 r228386 134 134 135 135 m_defersLoading = m_options.defersLoadingPolicy == DefersLoadingPolicy::AllowDefersLoading && m_frame->page()->defersLoading(); 136 m_canAskClientForCredentials = m_options.clientCredentialPolicy == ClientCredentialPolicy::MayAskClientForCredentials && !isMixedContent(clientRequest.url()); 136 m_canAskClientForCredentials = m_options.clientCredentialPolicy == ClientCredentialPolicy::MayAskClientForCredentials; 137 m_wasInsecureRequestSeen = isMixedContent(clientRequest.url()); 137 138 138 139 if (m_options.securityCheck == DoSecurityCheck && !m_frame->document()->securityOrigin().canDisplay(clientRequest.url())) { … … 405 406 406 407 if (isMixedContent(m_request.url()) || (isRedirect && isMixedContent(request.url()))) 407 m_ canAskClientForCredentials = false;408 m_wasInsecureRequestSeen = true; 408 409 409 410 if (isRedirect) … … 463 464 } 464 465 466 void ResourceLoader::didBlockAuthenticationChallenge() 467 { 468 m_wasAuthenticationChallengeBlocked = true; 469 470 if (!m_canAskClientForCredentials) 471 return; 472 473 if (!m_wasInsecureRequestSeen) 474 return; 475 476 // Comparing the initial request URL and final request URL does not tell us whether a redirect happened or not since 477 // a server can serve a redirect to the same URL that was requested. However, this is good enough for our purpose. 478 bool wasRedirected = m_request.url() != originalRequest().url(); 479 480 bool isMixedContent = this->isMixedContent(m_request.url()); 481 String reason; 482 if (isMixedContent && wasRedirected) 483 reason = makeString("it is insecure content that was loaded via a redirect from ", originalRequest().url().stringCenterEllipsizedToLength()); 484 else if (isMixedContent) 485 reason = ASCIILiteral { "it is insecure content" }; 486 else 487 reason = makeString("it was loaded via an insecure redirect from ", originalRequest().url().stringCenterEllipsizedToLength()); 488 FrameLoader::reportAuthenticationChallengeBlocked(m_frame.get(), m_request.url(), reason); 489 } 490 465 491 void ResourceLoader::didReceiveResponse(const ResourceResponse& r) 466 492 { … … 714 740 if (!m_canAskClientForCredentials) 715 741 return false; 742 if (m_wasInsecureRequestSeen) 743 return false; 716 744 return m_options.credentials == FetchOptions::Credentials::Include || (m_options.credentials == FetchOptions::Credentials::SameOrigin && m_frame->document()->securityOrigin().canRequest(originalRequest().url())); 717 745 } … … 730 758 return; 731 759 } 760 didBlockAuthenticationChallenge(); 732 761 } 733 762 challenge.authenticationClient()->receivedRequestToContinueWithoutCredential(challenge); -
branches/safari-605-branch/Source/WebCore/loader/ResourceLoader.h
r224846 r228386 90 90 unsigned long identifier() const { return m_identifier; } 91 91 92 bool wasAuthenticationChallengeBlocked() const { return m_wasAuthenticationChallengeBlocked; } 93 bool wasInsecureRequestSeen() const { return m_wasInsecureRequestSeen; } 94 92 95 virtual void releaseResources(); 93 96 const ResourceResponse& response() const { return m_response; } … … 107 110 virtual void didRetrieveDerivedDataFromCache(const String& type, SharedBuffer&); 108 111 112 WEBCORE_EXPORT void didBlockAuthenticationChallenge(); 113 109 114 virtual bool shouldUseCredentialStorage(); 110 115 virtual void didReceiveAuthenticationChallenge(const AuthenticationChallenge&); … … 150 155 protected: 151 156 ResourceLoader(Frame&, ResourceLoaderOptions); 157 158 bool isMixedContent(const URL&) const; 152 159 153 160 void didFinishLoadingOnePart(const NetworkLoadMetrics&); … … 205 212 #endif 206 213 207 bool isMixedContent(const URL&) const;208 209 214 ResourceRequest m_request; 210 215 ResourceRequest m_originalRequest; // Before redirects. … … 226 231 bool m_defersLoading; 227 232 bool m_canAskClientForCredentials; 233 bool m_wasInsecureRequestSeen { false }; 234 bool m_wasAuthenticationChallengeBlocked { false }; 228 235 ResourceRequest m_deferredRequest; 229 236 ResourceLoaderOptions m_options; -
branches/safari-605-branch/Source/WebKit/ChangeLog
r228355 r228386 1 2018-02-12 Jason Marcell <jmarcell@apple.com> 2 3 Cherry-pick r228231. rdar://problem/37408885 4 5 2018-02-07 Daniel Bates <dabates@apple.com> 6 7 Log error when authentication challenge is blocked due to an insecure request 8 https://bugs.webkit.org/show_bug.cgi?id=182358 9 10 Reviewed by Andy Estes. 11 12 Have network process notify the web process when it blocks an authentication challenge. 13 14 * NetworkProcess/NetworkLoad.cpp: 15 (WebKit::NetworkLoad::completeAuthenticationChallenge): 16 * NetworkProcess/NetworkLoadClient.h: 17 (WebKit::NetworkLoadClient::didBlockAuthenticationChallenge): 18 * NetworkProcess/NetworkResourceLoader.cpp: 19 (WebKit::NetworkResourceLoader::didBlockAuthenticationChallenge): 20 * NetworkProcess/NetworkResourceLoader.h: 21 * WebProcess/Network/WebResourceLoader.cpp: 22 (WebKit::WebResourceLoader::didBlockAuthenticationChallenge): 23 * WebProcess/Network/WebResourceLoader.h: 24 * WebProcess/Network/WebResourceLoader.messages.in: 25 1 26 2018-02-09 Jason Marcell <jmarcell@apple.com> 2 27 -
branches/safari-605-branch/Source/WebKit/NetworkProcess/NetworkLoad.cpp
r227831 r228386 338 338 bool isServerTrustEvaluation = m_challenge->protectionSpace().authenticationScheme() == ProtectionSpaceAuthenticationSchemeServerTrustEvaluationRequested; 339 339 if (!isAllowedToAskUserForCredentials() && !isServerTrustEvaluation) { 340 m_client.get().didBlockAuthenticationChallenge(); 340 341 completionHandler(AuthenticationChallengeDisposition::UseCredential, { }); 341 342 return; -
branches/safari-605-branch/Source/WebKit/NetworkProcess/NetworkLoadClient.h
r224373 r228386 57 57 virtual void didFinishLoading(const WebCore::NetworkLoadMetrics&) = 0; 58 58 virtual void didFailLoading(const WebCore::ResourceError&) = 0; 59 virtual void didBlockAuthenticationChallenge() { }; 59 60 virtual bool shouldCaptureExtraNetworkLoadMetrics() const { return false; } 60 61 }; -
branches/safari-605-branch/Source/WebKit/NetworkProcess/NetworkResourceLoader.cpp
r227890 r228386 443 443 } 444 444 445 void NetworkResourceLoader::didBlockAuthenticationChallenge() 446 { 447 send(Messages::WebResourceLoader::DidBlockAuthenticationChallenge()); 448 } 449 445 450 void NetworkResourceLoader::willSendRedirectedRequest(ResourceRequest&& request, WebCore::ResourceRequest&& redirectRequest, ResourceResponse&& redirectResponse) 446 451 { -
branches/safari-605-branch/Source/WebKit/NetworkProcess/NetworkResourceLoader.h
r226226 r228386 97 97 void didFinishLoading(const WebCore::NetworkLoadMetrics&) override; 98 98 void didFailLoading(const WebCore::ResourceError&) override; 99 void didBlockAuthenticationChallenge() override; 99 100 bool shouldCaptureExtraNetworkLoadMetrics() const override; 100 101 -
branches/safari-605-branch/Source/WebKit/WebProcess/Network/WebResourceLoader.cpp
r225282 r228386 161 161 } 162 162 163 void WebResourceLoader::didBlockAuthenticationChallenge() 164 { 165 LOG(Network, "(WebProcess) WebResourceLoader::didBlockAuthenticationChallenge for '%s'", m_coreLoader->url().string().latin1().data()); 166 RELEASE_LOG_IF_ALLOWED("didBlockAuthenticationChallenge: (pageID = %" PRIu64 ", frameID = %" PRIu64 ", resourceID = %" PRIu64 ")", m_trackingParameters.pageID, m_trackingParameters.frameID, m_trackingParameters.resourceID); 167 168 m_coreLoader->didBlockAuthenticationChallenge(); 169 } 170 163 171 #if ENABLE(SHAREABLE_RESOURCE) 164 172 void WebResourceLoader::didReceiveResource(const ShareableResource::Handle& handle) -
branches/safari-605-branch/Source/WebKit/WebProcess/Network/WebResourceLoader.h
r215397 r228386 82 82 void didFinishResourceLoad(const WebCore::NetworkLoadMetrics&); 83 83 void didFailResourceLoad(const WebCore::ResourceError&); 84 void didBlockAuthenticationChallenge(); 84 85 #if ENABLE(SHAREABLE_RESOURCE) 85 86 void didReceiveResource(const ShareableResource::Handle&); -
branches/safari-605-branch/Source/WebKit/WebProcess/Network/WebResourceLoader.messages.in
r212993 r228386 29 29 DidRetrieveDerivedData(String type, IPC::DataReference data) 30 30 DidFailResourceLoad(WebCore::ResourceError error) 31 DidBlockAuthenticationChallenge() 31 32 32 33 #if ENABLE(SHAREABLE_RESOURCE)
Note: See TracChangeset
for help on using the changeset viewer.