Context Navigation

← Previous Changeset
Next Changeset →

Changeset 228919 in webkit

Timestamp:

Feb 22, 2018 8:55:53 AM (6 years ago)

Author:

Chris Dumez

Message:

Add release asserts for service worker fetch and postMessage events
https://bugs.webkit.org/show_bug.cgi?id=183025
rdar://problem/37765052

Patch by Youenn Fablet <youenn@apple.com> on 2018-02-22
Reviewed by Daniel Bates.

Source/WebCore:

Add release assertion so that a service worker will only dispatch a message event
for clients and service workers with the same origin.
No change of behavior.

platform/network/ResourceRequestBase.h:
workers/service/context/ServiceWorkerThread.cpp:

(WebCore::ServiceWorkerThread::postMessageToServiceWorker):

workers/service/context/ServiceWorkerThreadProxy.h:

Source/WebKit:

Add assertion to protect interception of a fetch load by a service worker with
a different origin from the page.

WebProcess/Storage/WebSWContextManagerConnection.cpp:

(WebKit::WebSWContextManagerConnection::startFetch):

Location:

trunk/Source

Files:

: 6 edited

WebCore/ChangeLog (modified) (1 diff)
WebCore/platform/network/ResourceRequestBase.h (modified) (1 diff)
WebCore/workers/service/context/ServiceWorkerThread.cpp (modified) (1 diff)
WebCore/workers/service/context/ServiceWorkerThreadProxy.h (modified) (1 diff)
WebKit/ChangeLog (modified) (1 diff)
WebKit/WebProcess/Storage/WebSWContextManagerConnection.cpp (modified) (1 diff)

Legend:

: Unmodified
: Added
: Removed

trunk/Source/WebCore/ChangeLog

-                      r228917
+                      r228919
+-02-22  Youenn Fablet  <youenn@apple.com>
+        Add release asserts for service worker fetch and postMessage events
+        https://bugs.webkit.org/show_bug.cgi?id=183025
+        rdar://problem/37765052
+        Reviewed by Daniel Bates.
+        Add release assertion so that a service worker will only dispatch a message event
+        for clients and service workers with the same origin.
+        No change of behavior.
+        * platform/network/ResourceRequestBase.h:
+        * workers/service/context/ServiceWorkerThread.cpp:
+        (WebCore::ServiceWorkerThread::postMessageToServiceWorker):
+        * workers/service/context/ServiceWorkerThreadProxy.h:
 -02-22  Miguel Gomez  <magomez@igalia.com>

trunk/Source/WebCore/platform/network/ResourceRequestBase.h

r228239	r228919
114	114	WEBCORE_EXPORT void clearHTTPReferrer();
115	115
116		String httpOrigin() const;
	116	WEBCORE_EXPORT String httpOrigin() const;
117	117	bool hasHTTPOrigin() const;
118	118	void setHTTPOrigin(const String&);

trunk/Source/WebCore/workers/service/context/ServiceWorkerThread.cpp

-                      r228218
+                      r228919
         if (WTF::holds_alternative<ServiceWorkerClientData>(sourceData)) {
             RefPtr<ServiceWorkerClient> sourceClient = ServiceWorkerClient::getOrCreate(serviceWorkerGlobalScope, WTFMove(WTF::get<ServiceWorkerClientData>(sourceData)));
+            RELEASE_ASSERT(!sourceClient->url().protocolIsInHTTPFamily() || !serviceWorkerGlobalScope.url().protocolIsInHTTPFamily() || protocolHostAndPortAreEqual(serviceWorkerGlobalScope.url(), sourceClient->url()));
             sourceOrigin = SecurityOrigin::create(sourceClient->url());
             source = WTFMove(sourceClient);
         } else {
             RefPtr<ServiceWorker> sourceWorker = ServiceWorker::getOrCreate(serviceWorkerGlobalScope, WTFMove(WTF::get<ServiceWorkerData>(sourceData)));
+            RELEASE_ASSERT(!sourceWorker->scriptURL().protocolIsInHTTPFamily() || !serviceWorkerGlobalScope.url().protocolIsInHTTPFamily() || protocolHostAndPortAreEqual(serviceWorkerGlobalScope.url(), sourceWorker->scriptURL()));
             sourceOrigin = SecurityOrigin::create(sourceWorker->scriptURL());
             source = WTFMove(sourceWorker);

trunk/Source/WebCore/workers/service/context/ServiceWorkerThreadProxy.h

r226510	r228919
66	66	WEBCORE_EXPORT std::unique_ptr<FetchLoader> createBlobLoader(FetchLoaderClient&, const URL&);
67	67
	68	const URL& scriptURL() const { return m_document->url(); }
	69
68	70	// Public only for testing purposes.
69	71	WEBCORE_TESTSUPPORT_EXPORT void notifyNetworkStateChange(bool isOnline);

trunk/Source/WebKit/ChangeLog

-                      r228915
+                      r228919
+-02-22  Youenn Fablet  <youenn@apple.com>
+        Add release asserts for service worker fetch and postMessage events
+        https://bugs.webkit.org/show_bug.cgi?id=183025
+        rdar://problem/37765052
+        Reviewed by Daniel Bates.
+        Add assertion to protect interception of a fetch load by a service worker with
+        a different origin from the page.
+        * WebProcess/Storage/WebSWContextManagerConnection.cpp:
+        (WebKit::WebSWContextManagerConnection::startFetch):
 -02-22  Ms2ger  <Ms2ger@igalia.com>

trunk/Source/WebKit/WebProcess/Storage/WebSWContextManagerConnection.cpp

-                      r228915
+                      r228919
+    }
+    String origin = request.httpOrigin();
+    URL url { URL(), origin.isEmpty() ? referrer : origin };
+    URL serviceWorkerURL = serviceWorkerThreadProxy->scriptURL();
+    RELEASE_ASSERT(!url.protocolIsInHTTPFamily() || !serviceWorkerURL.protocolIsInHTTPFamily() || protocolHostAndPortAreEqual(url, serviceWorkerURL));
     auto client = WebServiceWorkerFetchTaskClient::create(m_connectionToStorageProcess.copyRef(), serviceWorkerIdentifier, serverConnectionIdentifier, fetchIdentifier);
     std::optional<ServiceWorkerClientIdentifier> clientId;

Note: See TracChangeset for help on using the changeset viewer.