Context Navigation

← Previous Changeset
Next Changeset →

Changeset 230541 in webkit

Timestamp:

Apr 11, 2018 12:05:08 PM (6 years ago)

Author:

youenn@apple.com

Message:

Pass FetchOptions and SecurityOrigin as load parameters from WebProcess to NetworkProcess
https://bugs.webkit.org/show_bug.cgi?id=184374

Reviewed by Chris Dumez.

Source/WebCore:

Add support for SecurityOrigin encode/decode routines.

page/SecurityOrigin.h:

Source/WebKit:

Pass full FetchOptions parameters as part of NetworkResourceLoadParameters.
This will allow handling redirection mode as well as credentials in case of cross origin redirections.
In case of SameOrigin credentials and there is a redirection from same-origin to cross-origin,
we will be able to stop using credentials without going to WebProcess.

To handle properly cross-origin checks, we have to be able to use SecurityOrigin as in WebProcess.
We make WebProcess sends Origin Access White list information to NetworkProcess.
This allows supporting the white list when doing loading in NetworkProcess.
This only works consistently if all WebProcesses share the same whitelist.

NetworkProcess/NetworkConnectionToWebProcess.cpp:

(WebKit::NetworkConnectionToWebProcess::loadPing):
(WebKit::NetworkConnectionToWebProcess::addOriginAccessWhitelistEntry):
(WebKit::NetworkConnectionToWebProcess::removeOriginAccessWhitelistEntry):
(WebKit::NetworkConnectionToWebProcess::resetOriginAccessWhitelists):

NetworkProcess/NetworkConnectionToWebProcess.h:
NetworkProcess/NetworkConnectionToWebProcess.messages.in:
NetworkProcess/NetworkLoadChecker.cpp:

(WebKit::NetworkLoadChecker::NetworkLoadChecker):
(WebKit::NetworkLoadChecker::checkRedirection):
(WebKit::NetworkLoadChecker::continueCheckingRequest):
(WebKit::NetworkLoadChecker::checkCORSRequest):
(WebKit::NetworkLoadChecker::checkCORSRedirectedRequest):
(WebKit::NetworkLoadChecker::checkCORSRequestWithPreflight):
(WebKit::NetworkLoadChecker::doesNotNeedCORSCheck const):

NetworkProcess/NetworkLoadChecker.h:

(WebKit::NetworkLoadChecker::create):

NetworkProcess/NetworkResourceLoadParameters.cpp:

(WebKit::NetworkResourceLoadParameters::encode const):
(WebKit::NetworkResourceLoadParameters::decode):

NetworkProcess/NetworkResourceLoadParameters.h:
NetworkProcess/PingLoad.cpp:

(WebKit::PingLoad::PingLoad):
(WebKit::PingLoad::willPerformHTTPRedirection):

NetworkProcess/PingLoad.h:
WebProcess/InjectedBundle/InjectedBundle.cpp:

(WebKit::InjectedBundle::addOriginAccessWhitelistEntry):
(WebKit::InjectedBundle::removeOriginAccessWhitelistEntry):
(WebKit::InjectedBundle::resetOriginAccessWhitelists):

WebProcess/Network/WebLoaderStrategy.cpp:

(WebKit::WebLoaderStrategy::startPingLoad):

Location:

trunk/Source

Files:

: 15 edited

WebCore/ChangeLog (modified) (1 diff)
WebCore/page/SecurityOrigin.h (modified) (2 diffs)
WebKit/ChangeLog (modified) (1 diff)
WebKit/NetworkProcess/NetworkConnectionToWebProcess.cpp (modified) (4 diffs)
WebKit/NetworkProcess/NetworkConnectionToWebProcess.h (modified) (2 diffs)
WebKit/NetworkProcess/NetworkConnectionToWebProcess.messages.in (modified) (2 diffs)
WebKit/NetworkProcess/NetworkLoadChecker.cpp (modified) (11 diffs)
WebKit/NetworkProcess/NetworkLoadChecker.h (modified) (3 diffs)
WebKit/NetworkProcess/NetworkResourceLoadParameters.cpp (modified) (2 diffs)
WebKit/NetworkProcess/NetworkResourceLoadParameters.h (modified) (1 diff)
WebKit/NetworkProcess/NetworkResourceLoader.cpp (modified) (1 diff)
WebKit/NetworkProcess/PingLoad.cpp (modified) (1 diff)
WebKit/NetworkProcess/PingLoad.h (modified) (1 diff)
WebKit/WebProcess/InjectedBundle/InjectedBundle.cpp (modified) (4 diffs)
WebKit/WebProcess/Network/WebLoaderStrategy.cpp (modified) (5 diffs)

Legend:

: Unmodified
: Added
: Removed

trunk/Source/WebCore/ChangeLog

-                      r230540
+                      r230541
+-04-11  Youenn Fablet  <youenn@apple.com>
+        Pass FetchOptions and SecurityOrigin as load parameters from WebProcess to NetworkProcess
+        https://bugs.webkit.org/show_bug.cgi?id=184374
+        Reviewed by Chris Dumez.
+        Add support for SecurityOrigin encode/decode routines.
+        * page/SecurityOrigin.h:
 -04-11  Thibault Saunier  <tsaunier@igalia.com>

trunk/Source/WebCore/page/SecurityOrigin.h

-                      r230205
+                      r230541
     const SecurityOriginData& data() const { return m_data; }
+    template<class Encoder> void encode(Encoder&) const;
+    template<class Decoder> static RefPtr<SecurityOrigin> decode(Decoder&);
 private:
     SecurityOrigin();
 …
 bool originsMatch(const SecurityOrigin*, const SecurityOrigin*);
+template<class Encoder> inline void SecurityOrigin::encode(Encoder& encoder) const
+{
+    encoder << m_data;
+    encoder << m_domain;
+    encoder << m_filePath;
+    encoder << m_isUnique;
+    encoder << m_universalAccess;
+    encoder << m_domainWasSetInDOM;
+    encoder << m_canLoadLocalResources;
+    encoder.encodeEnum(m_storageBlockingPolicy);
+    encoder << m_enforcesFilePathSeparation;
+    encoder << m_needsStorageAccessFromFileURLsQuirk;
+    encoder << m_isPotentiallyTrustworthy;
+    encoder << m_isLocal;
+}
+template<class Decoder> inline RefPtr<SecurityOrigin> SecurityOrigin::decode(Decoder& decoder)
+{
+    std::optional<SecurityOriginData> data;
+    decoder >> data;
+    if (!data)
+        return nullptr;
+    auto origin = SecurityOrigin::create(data->protocol, data->host, data->port);
+    if (!decoder.decode(origin->m_domain))
+        return nullptr;
+    if (!decoder.decode(origin->m_filePath))
+        return nullptr;
+    if (!decoder.decode(origin->m_isUnique))
+        return nullptr;
+    if (!decoder.decode(origin->m_universalAccess))
+        return nullptr;
+    if (!decoder.decode(origin->m_domainWasSetInDOM))
+        return nullptr;
+    if (!decoder.decode(origin->m_canLoadLocalResources))
+        return nullptr;
+    if (!decoder.decodeEnum(origin->m_storageBlockingPolicy))
+        return nullptr;
+    if (!decoder.decode(origin->m_enforcesFilePathSeparation))
+        return nullptr;
+    if (!decoder.decode(origin->m_needsStorageAccessFromFileURLsQuirk))
+        return nullptr;
+    if (!decoder.decode(origin->m_isPotentiallyTrustworthy))
+        return nullptr;
+    if (!decoder.decode(origin->m_isLocal))
+        return nullptr;
+    return WTFMove(origin);
+}
 } // namespace WebCore

trunk/Source/WebKit/ChangeLog

-                      r230529
+                      r230541
+-04-11  Youenn Fablet  <youenn@apple.com>
+        Pass FetchOptions and SecurityOrigin as load parameters from WebProcess to NetworkProcess
+        https://bugs.webkit.org/show_bug.cgi?id=184374
+        Reviewed by Chris Dumez.
+        Pass full FetchOptions parameters as part of NetworkResourceLoadParameters.
+        This will allow handling redirection mode as well as credentials in case of cross origin redirections.
+        In case of SameOrigin credentials and there is a redirection from same-origin to cross-origin,
+        we will be able to stop using credentials without going to WebProcess.
+        To handle properly cross-origin checks, we have to be able to use SecurityOrigin as in WebProcess.
+        We make WebProcess sends Origin Access White list information to NetworkProcess.
+        This allows supporting the white list when doing loading in NetworkProcess.
+        This only works consistently if all WebProcesses share the same whitelist.
+        * NetworkProcess/NetworkConnectionToWebProcess.cpp:
+        (WebKit::NetworkConnectionToWebProcess::loadPing):
+        (WebKit::NetworkConnectionToWebProcess::addOriginAccessWhitelistEntry):
+        (WebKit::NetworkConnectionToWebProcess::removeOriginAccessWhitelistEntry):
+        (WebKit::NetworkConnectionToWebProcess::resetOriginAccessWhitelists):
+        * NetworkProcess/NetworkConnectionToWebProcess.h:
+        * NetworkProcess/NetworkConnectionToWebProcess.messages.in:
+        * NetworkProcess/NetworkLoadChecker.cpp:
+        (WebKit::NetworkLoadChecker::NetworkLoadChecker):
+        (WebKit::NetworkLoadChecker::checkRedirection):
+        (WebKit::NetworkLoadChecker::continueCheckingRequest):
+        (WebKit::NetworkLoadChecker::checkCORSRequest):
+        (WebKit::NetworkLoadChecker::checkCORSRedirectedRequest):
+        (WebKit::NetworkLoadChecker::checkCORSRequestWithPreflight):
+        (WebKit::NetworkLoadChecker::doesNotNeedCORSCheck const):
+        * NetworkProcess/NetworkLoadChecker.h:
+        (WebKit::NetworkLoadChecker::create):
+        * NetworkProcess/NetworkResourceLoadParameters.cpp:
+        (WebKit::NetworkResourceLoadParameters::encode const):
+        (WebKit::NetworkResourceLoadParameters::decode):
+        * NetworkProcess/NetworkResourceLoadParameters.h:
+        * NetworkProcess/PingLoad.cpp:
+        (WebKit::PingLoad::PingLoad):
+        (WebKit::PingLoad::willPerformHTTPRedirection):
+        * NetworkProcess/PingLoad.h:
+        * WebProcess/InjectedBundle/InjectedBundle.cpp:
+        (WebKit::InjectedBundle::addOriginAccessWhitelistEntry):
+        (WebKit::InjectedBundle::removeOriginAccessWhitelistEntry):
+        (WebKit::InjectedBundle::resetOriginAccessWhitelists):
+        * WebProcess/Network/WebLoaderStrategy.cpp:
+        (WebKit::WebLoaderStrategy::startPingLoad):
 -04-11  Michael Catanzaro  <mcatanzaro@igalia.com>

trunk/Source/WebKit/NetworkProcess/NetworkConnectionToWebProcess.cpp

-                      r230528
+                      r230541
 #include <WebCore/ResourceLoaderOptions.h>
 #include <WebCore/ResourceRequest.h>
+#include <WebCore/SecurityPolicy.h>
 #include <pal/SessionID.h>
 …
+}
 void NetworkConnectionToWebProcess::loadPing(NetworkResourceLoadParameters&& loadParameters, HTTPHeaderMap&& originalRequestHeaders)
+void NetworkConnectionToWebProcess::loadPing(NetworkResourceLoadParameters&& loadParameters)
+{
     auto completionHandler = [this, protectedThis = makeRef(*this), identifier = loadParameters.identifier] (const ResourceError& error, const ResourceResponse& response) {
 …
     // PingLoad manages its own lifetime, deleting itself when its purpose has been fulfilled.
     new PingLoad(WTFMove(loadParameters), WTFMove(originalRequestHeaders), WTFMove(completionHandler));
+    new PingLoad(WTFMove(loadParameters), WTFMove(completionHandler));
+}
 …
+}
+void NetworkConnectionToWebProcess::addOriginAccessWhitelistEntry(const String& sourceOrigin, const String& destinationProtocol, const String& destinationHost, bool allowDestinationSubdomains)
+{
+    SecurityPolicy::addOriginAccessWhitelistEntry(SecurityOrigin::createFromString(sourceOrigin).get(), destinationProtocol, destinationHost, allowDestinationSubdomains);
+}
+void NetworkConnectionToWebProcess::removeOriginAccessWhitelistEntry(const String& sourceOrigin, const String& destinationProtocol, const String& destinationHost, bool allowDestinationSubdomains)
+{
+    SecurityPolicy::removeOriginAccessWhitelistEntry(SecurityOrigin::createFromString(sourceOrigin).get(), destinationProtocol, destinationHost, allowDestinationSubdomains);
+}
+void NetworkConnectionToWebProcess::resetOriginAccessWhitelists()
+{
+    SecurityPolicy::resetOriginAccessWhitelists();
+}
 } // namespace WebKit

trunk/Source/WebKit/NetworkProcess/NetworkConnectionToWebProcess.h

-                      r230528
+                      r230541
     void scheduleResourceLoad(NetworkResourceLoadParameters&&);
     void performSynchronousLoad(NetworkResourceLoadParameters&&, Ref<Messages::NetworkConnectionToWebProcess::PerformSynchronousLoad::DelayedReply>&&);
     void loadPing(NetworkResourceLoadParameters&&, WebCore::HTTPHeaderMap&& originalRequestHeaders);
+    void loadPing(NetworkResourceLoadParameters&&);
     void prefetchDNS(const String&);
     void preconnectTo(uint64_t preconnectionIdentifier, NetworkLoadParameters&&);
 …
     void removeStorageAccessForAllFramesOnPage(PAL::SessionID, uint64_t pageID);
+    void addOriginAccessWhitelistEntry(const String& sourceOrigin, const String& destinationProtocol, const String& destinationHost, bool allowDestinationSubdomains);
+    void removeOriginAccessWhitelistEntry(const String& sourceOrigin, const String& destinationProtocol, const String& destinationHost, bool allowDestinationSubdomains);
+    void resetOriginAccessWhitelists();
     Ref<IPC::Connection> m_connection;

trunk/Source/WebKit/NetworkProcess/NetworkConnectionToWebProcess.messages.in

-                      r226542
+                      r230541
     ScheduleResourceLoad(WebKit::NetworkResourceLoadParameters resourceLoadParameters)
     PerformSynchronousLoad(WebKit::NetworkResourceLoadParameters resourceLoadParameters) -> (WebCore::ResourceError error, WebCore::ResourceResponse response, Vector<char> data) Delayed
     LoadPing(WebKit::NetworkResourceLoadParameters resourceLoadParameters, WebCore::HTTPHeaderMap originalRequestHeaders)
+    LoadPing(WebKit::NetworkResourceLoadParameters resourceLoadParameters)
     RemoveLoadIdentifier(uint64_t resourceLoadIdentifier)
     SetDefersLoading(uint64_t resourceLoadIdentifier, bool defers)
 …
     RemoveStorageAccessForFrame(PAL::SessionID sessionID, uint64_t frameID, uint64_t pageID);
     RemoveStorageAccessForAllFramesOnPage(PAL::SessionID sessionID, uint64_t pageID);
+    AddOriginAccessWhitelistEntry(String sourceOrigin, String destinationProtocol, String destinationHost, bool allowDestinationSubdomains);
+    RemoveOriginAccessWhitelistEntry(String sourceOrigin, String destinationProtocol, String destinationHost, bool allowDestinationSubdomains);
+    ResetOriginAccessWhitelists();
+}

trunk/Source/WebKit/NetworkProcess/NetworkLoadChecker.cpp

-                      r230495
+                      r230541
 using namespace WebCore;
+NetworkLoadChecker::NetworkLoadChecker(WebCore::FetchOptions::Mode mode, bool shouldFollowRedirects, WebCore::StoredCredentialsPolicy storedCredentialsPolicy, PAL::SessionID sessionID, WebCore::HTTPHeaderMap&& originalRequestHeaders, URL&& url, RefPtr<SecurityOrigin>&& sourceOrigin)
+    : m_mode(mode)
+    , m_shouldFollowRedirects(shouldFollowRedirects)
+    , m_storedCredentialsPolicy(storedCredentialsPolicy)
+NetworkLoadChecker::NetworkLoadChecker(WebCore::FetchOptions&& options, PAL::SessionID sessionID, WebCore::HTTPHeaderMap&& originalRequestHeaders, URL&& url, RefPtr<SecurityOrigin>&& sourceOrigin)
+    : m_options(WTFMove(options))
     , m_sessionID(sessionID)
     , m_originalRequestHeaders(WTFMove(originalRequestHeaders))
 …
     , m_origin(WTFMove(sourceOrigin))
+{
+    if (m_mode == FetchOptions::Mode::Cors || m_mode == FetchOptions::Mode::SameOrigin)
+        m_isSameOriginRequest = m_origin->canRequest(m_url);
+    if (m_options.mode == FetchOptions::Mode::Cors || m_options.mode == FetchOptions::Mode::SameOrigin)
+        m_isSameOriginRequest = m_url.protocolIsData() || m_url.protocolIsBlob() || m_origin->canRequest(m_url);
+    switch (options.credentials) {
+    case FetchOptions::Credentials::Include:
+        m_storedCredentialsPolicy = StoredCredentialsPolicy::Use;
+        break;
+    case FetchOptions::Credentials::SameOrigin:
+        m_storedCredentialsPolicy = m_isSameOriginRequest ? StoredCredentialsPolicy::Use : StoredCredentialsPolicy::DoNotUse;
+        break;
+    case FetchOptions::Credentials::Omit:
+        m_storedCredentialsPolicy = StoredCredentialsPolicy::DoNotUse;
+        break;
+    }
+}
 …
     m_url = request.url();
     if (!m_shouldFollowRedirects) {
+    if (m_options.redirect != FetchOptions::Redirect::Follow) {
         handler(returnError(ASCIILiteral("Load parameters do not allow following redirections")));
         return;
 …
+    }
     if (m_mode == FetchOptions::Mode::NoCors) {
+    if (m_options.mode == FetchOptions::Mode::NoCors) {
         response.setTainting(ResourceResponse::Tainting::Opaque);
         return { };
+    }
     ASSERT(m_mode == FetchOptions::Mode::Cors);
+    ASSERT(m_options.mode == FetchOptions::Mode::Cors);
     String errorMessage;
 …
         if (isRedirected()) {
             URL url = request.url();
             auto type = m_mode == FetchOptions::Mode::Navigate ? ContentSecurityPolicy::InsecureRequestType::Navigation : ContentSecurityPolicy::InsecureRequestType::Load;
+            auto type = m_options.mode == FetchOptions::Mode::Navigate ? ContentSecurityPolicy::InsecureRequestType::Navigation : ContentSecurityPolicy::InsecureRequestType::Load;
             contentSecurityPolicy->upgradeInsecureRequestIfNeeded(url, type);
             if (url != request.url())
 …
+    }
+    if (m_options.credentials == FetchOptions::Credentials::SameOrigin)
+        m_storedCredentialsPolicy =  (m_isSameOriginRequest && m_origin->canRequest(request.url())) ? StoredCredentialsPolicy::Use : StoredCredentialsPolicy::DoNotUse;
     if (doesNotNeedCORSCheck(request.url())) {
         handler(WTFMove(request));
 …
+    }
     if (m_mode == FetchOptions::Mode::SameOrigin) {
+    if (m_options.mode == FetchOptions::Mode::SameOrigin) {
         handler(returnError(ASCIILiteral("SameOrigin mode does not allow cross origin requests")));
         return;
 …
 void NetworkLoadChecker::checkCORSRequest(ResourceRequest&& request, ValidationHandler&& handler)
+{
     ASSERT(m_mode == FetchOptions::Mode::Cors);
+    ASSERT(m_options.mode == FetchOptions::Mode::Cors);
     // Except in case where preflight is needed, loading should be able to continue on its own.
 …
 void NetworkLoadChecker::checkCORSRedirectedRequest(ResourceRequest&& request, ValidationHandler&& handler)
+{
     ASSERT(m_mode == FetchOptions::Mode::Cors);
+    ASSERT(m_options.mode == FetchOptions::Mode::Cors);
     ASSERT(isRedirected());
 …
 void NetworkLoadChecker::checkCORSRequestWithPreflight(ResourceRequest&& request, ValidationHandler&& handler)
+{
     ASSERT(m_mode == FetchOptions::Mode::Cors);
+    ASSERT(m_options.mode == FetchOptions::Mode::Cors);
     m_isSimpleRequest = false;
 …
 bool NetworkLoadChecker::doesNotNeedCORSCheck(const URL& url) const
+{
     if (m_mode == FetchOptions::Mode::NoCors || m_mode == FetchOptions::Mode::Navigate)
+    if (m_options.mode == FetchOptions::Mode::NoCors || m_options.mode == FetchOptions::Mode::Navigate)
         return true;

trunk/Source/WebKit/NetworkProcess/NetworkLoadChecker.h

-                      r230495
+                      r230541
 class NetworkLoadChecker : public RefCounted<NetworkLoadChecker> {
 public:
     static Ref<NetworkLoadChecker> create(WebCore::FetchOptions::Mode mode, bool shouldFollowRedirects, WebCore::StoredCredentialsPolicy storedCredentialsPolicy, PAL::SessionID sessionID, WebCore::HTTPHeaderMap&& originalHeaders, WebCore::URL&& url, RefPtr<WebCore::SecurityOrigin>&& sourceOrigin)
+    static Ref<NetworkLoadChecker> create(WebCore::FetchOptions&& options, PAL::SessionID sessionID, WebCore::HTTPHeaderMap&& originalHeaders, WebCore::URL&& url, RefPtr<WebCore::SecurityOrigin>&& sourceOrigin)
+    {
         return adoptRef(*new NetworkLoadChecker { mode, shouldFollowRedirects, storedCredentialsPolicy, sessionID, WTFMove(originalHeaders), WTFMove(url), WTFMove(sourceOrigin) });
+        return adoptRef(*new NetworkLoadChecker { WTFMove(options), sessionID, WTFMove(originalHeaders), WTFMove(url), WTFMove(sourceOrigin) });
+    }
     ~NetworkLoadChecker();
 …
 private:
     NetworkLoadChecker(WebCore::FetchOptions::Mode, bool shouldFollowRedirects, WebCore::StoredCredentialsPolicy, PAL::SessionID, WebCore::HTTPHeaderMap&&, WebCore::URL&&, RefPtr<WebCore::SecurityOrigin>&&);
+    NetworkLoadChecker(WebCore::FetchOptions&&, PAL::SessionID, WebCore::HTTPHeaderMap&&, WebCore::URL&&, RefPtr<WebCore::SecurityOrigin>&&);
     WebCore::ContentSecurityPolicy* contentSecurityPolicy() const;
 …
 #endif
+    WebCore::FetchOptions::Mode m_mode;
+    bool m_shouldFollowRedirects;
+    WebCore::FetchOptions m_options;
     WebCore::StoredCredentialsPolicy m_storedCredentialsPolicy;
     PAL::SessionID m_sessionID;

trunk/Source/WebKit/NetworkProcess/NetworkResourceLoadParameters.cpp

-                      r230365
+                      r230541
     encoder << static_cast<bool>(sourceOrigin);
     if (sourceOrigin)
+        encoder << sourceOrigin->data();
+    encoder.encodeEnum(mode);
+    encoder.encodeEnum(destination);
+        encoder << *sourceOrigin;
+    encoder << options;
     encoder << cspResponseHeaders;
+    encoder << originalRequestHeaders;
 #if ENABLE(CONTENT_EXTENSIONS)
 …
         return false;
     if (hasSourceOrigin) {
         std::optional<SecurityOriginData> sourceOriginData;
         decoder >> sourceOriginData;
         if (!sourceOriginData)
             return false;
+        ASSERT(!sourceOriginData->isEmpty());
         result.sourceOrigin = sourceOriginData->securityOrigin();
+    }
     if (!decoder.decodeEnum(result.mode))
         return false;
     if (!decoder.decodeEnum(result.destination))
+        return false;
+        result.sourceOrigin = SecurityOrigin::decode(decoder);
+        if (!result.sourceOrigin)
+            return false;
+    }
+    std::optional<FetchOptions> options;
+    decoder >> options;
+    if (!options)
+        return false;
+    result.options = *options;
     if (!decoder.decode(result.cspResponseHeaders))
+        return false;
+    if (!decoder.decode(result.originalRequestHeaders))
         return false;

trunk/Source/WebKit/NetworkProcess/NetworkResourceLoadParameters.h

-                      r230365
+                      r230541
     Vector<String> derivedCachedDataTypesToRetrieve;
     RefPtr<WebCore::SecurityOrigin> sourceOrigin;
+    WebCore::FetchOptions::Mode mode;
+    WebCore::FetchOptions::Destination destination;
+    WebCore::FetchOptions options;
     std::optional<WebCore::ContentSecurityPolicyResponseHeaders> cspResponseHeaders;
+    WebCore::HTTPHeaderMap originalRequestHeaders;
     bool shouldRestrictHTTPResponseAccess { false };

trunk/Source/WebKit/NetworkProcess/NetworkResourceLoader.cpp

r230528	r230541
473	473	// FIXME: We should use response tainting once computed in Network Process.
474	474	bool isSameOrigin = m_parameters.sourceOrigin ? m_parameters.sourceOrigin->canRequest(response.url()) : protocolHostAndPortAreEqual(response.url(), m_parameters.request.url());
475		if (isSameOrigin && m_parameters.destination == FetchOptions::Destination::EmptyString)
	475	if (isSameOrigin && m_parameters.options.destination == FetchOptions::Destination::EmptyString)
476	476	type = ResourceResponse::SanitizationType::RemoveCookies;
477	477	}

trunk/Source/WebKit/NetworkProcess/PingLoad.cpp

-                      r230495
+                      r230541
 using namespace WebCore;
 PingLoad::PingLoad(NetworkResourceLoadParameters&& parameters, HTTPHeaderMap&& originalRequestHeaders, WTF::CompletionHandler<void(const ResourceError&, const ResourceResponse&)>&& completionHandler)
+PingLoad::PingLoad(NetworkResourceLoadParameters&& parameters, WTF::CompletionHandler<void(const ResourceError&, const ResourceResponse&)>&& completionHandler)
     : m_parameters(WTFMove(parameters))
     , m_completionHandler(WTFMove(completionHandler))
     , m_timeoutTimer(*this, &PingLoad::timeoutTimerFired)
     , m_networkLoadChecker(NetworkLoadChecker::create(m_parameters.mode, m_parameters.shouldFollowRedirects, m_parameters.storedCredentialsPolicy, m_parameters.sessionID, WTFMove(originalRequestHeaders), URL { m_parameters.request.url() }, m_parameters.sourceOrigin.copyRef()))
+    , m_networkLoadChecker(NetworkLoadChecker::create(FetchOptions { m_parameters.options}, m_parameters.sessionID, WTFMove(m_parameters.originalRequestHeaders), URL { m_parameters.request.url() }, m_parameters.sourceOrigin.copyRef()))
+{

trunk/Source/WebKit/NetworkProcess/PingLoad.h

r230223	r230541
45	45	class PingLoad final : private NetworkDataTaskClient {
46	46	public:
47		PingLoad(NetworkResourceLoadParameters&&, W~~ebCore::HTTPHeaderMap&& originalRequestHeaders, W~~TF::CompletionHandler<void(const WebCore::ResourceError&, const WebCore::ResourceResponse&)>&&);
	47	PingLoad(NetworkResourceLoadParameters&&, WTF::CompletionHandler<void(const WebCore::ResourceError&, const WebCore::ResourceResponse&)>&&);
48	48
49	49	private:

trunk/Source/WebKit/WebProcess/InjectedBundle/InjectedBundle.cpp

r230290	r230541
30	30	#include "APIData.h"
31	31	#include "InjectedBundleScriptWorld.h"
	32	#include "NetworkConnectionToWebProcessMessages.h"
	33	#include "NetworkProcessConnection.h"
32	34	#include "NetworkSessionCreationParameters.h"
33	35	#include "NotificationPermissionRequestManager.h"
…	…
376	378	{
377	379	SecurityPolicy::addOriginAccessWhitelistEntry(SecurityOrigin::createFromString(sourceOrigin).get(), destinationProtocol, destinationHost, allowDestinationSubdomains);
	380	WebProcess::singleton().ensureNetworkProcessConnection().connection().send(Messages::NetworkConnectionToWebProcess::AddOriginAccessWhitelistEntry { sourceOrigin, destinationProtocol, destinationHost, allowDestinationSubdomains }, 0);
	381
378	382	}
379	383
…	…
381	385	{
382	386	SecurityPolicy::removeOriginAccessWhitelistEntry(SecurityOrigin::createFromString(sourceOrigin).get(), destinationProtocol, destinationHost, allowDestinationSubdomains);
	387	WebProcess::singleton().ensureNetworkProcessConnection().connection().send(Messages::NetworkConnectionToWebProcess::RemoveOriginAccessWhitelistEntry { sourceOrigin, destinationProtocol, destinationHost, allowDestinationSubdomains }, 0);
383	388	}
384	389
…	…
386	391	{
387	392	SecurityPolicy::resetOriginAccessWhitelists();
	393	WebProcess::singleton().ensureNetworkProcessConnection().connection().send(Messages::NetworkConnectionToWebProcess::ResetOriginAccessWhitelists { }, 0);
388	394	}
389	395

trunk/Source/WebKit/WebProcess/Network/WebLoaderStrategy.cpp

-                      r230365
+                      r230541
     loadParameters.maximumBufferingTime = maximumBufferingTime;
     loadParameters.derivedCachedDataTypesToRetrieve = resourceLoader.options().derivedCachedDataTypesToRetrieve;
     loadParameters.destination = resourceLoader.options().destination;
+    loadParameters.options = resourceLoader.options();
     // FIXME: We should also sanitize redirect response for navigations.
 …
     loadParameters.shouldRestrictHTTPResponseAccess = RuntimeEnabledFeatures::sharedFeatures().restrictedHTTPResponseAccess();
     // FIXME: Use the proper destination once all fetch options are passed.
     loadParameters.destination = FetchOptions::Destination::EmptyString;
+    loadParameters.options.destination = FetchOptions::Destination::EmptyString;
     data.shrink(0);
 …
     loadParameters.sessionID = frame.page() ? frame.page()->sessionID() : PAL::SessionID::defaultSessionID();
     loadParameters.storedCredentialsPolicy = options.credentials == FetchOptions::Credentials::Omit ? StoredCredentialsPolicy::DoNotUse : StoredCredentialsPolicy::Use;
     loadParameters.mode = options.mode;
     loadParameters.shouldFollowRedirects = options.redirect == FetchOptions::Redirect::Follow;
+    loadParameters.options = options;
+    loadParameters.originalRequestHeaders = originalRequestHeaders;
     loadParameters.shouldClearReferrerOnHTTPSToHTTPRedirect = shouldClearReferrerOnHTTPSToHTTPRedirect(&frame);
     loadParameters.shouldRestrictHTTPResponseAccess = RuntimeEnabledFeatures::sharedFeatures().restrictedHTTPResponseAccess();
 …
         m_pingLoadCompletionHandlers.add(loadParameters.identifier, WTFMove(completionHandler));
     WebProcess::singleton().ensureNetworkProcessConnection().connection().send(Messages::NetworkConnectionToWebProcess::LoadPing(WTFMove(loadParameters), originalRequestHeaders), 0);
+    WebProcess::singleton().ensureNetworkProcessConnection().connection().send(Messages::NetworkConnectionToWebProcess::LoadPing { loadParameters }, 0);
+}
 …
     parameters.shouldRestrictHTTPResponseAccess = RuntimeEnabledFeatures::sharedFeatures().restrictedHTTPResponseAccess();
     // FIXME: Use the proper destination once all fetch options are passed.
     parameters.destination = FetchOptions::Destination::EmptyString;
+    parameters.options.destination = FetchOptions::Destination::EmptyString;
     WebProcess::singleton().ensureNetworkProcessConnection().connection().send(Messages::NetworkConnectionToWebProcess::PreconnectTo(preconnectionIdentifier, WTFMove(parameters)), 0);

Note: See TracChangeset for help on using the changeset viewer.

Context Navigation

Changeset 230541 in webkit

Legend:

Download in other formats: