Changeset 149422 in webkit

Timestamp:

Apr 30, 2013, 10:16:04 PM (12 years ago)

Author:

ap@apple.com

Message:

<rdar://problem/13574729> Implement file path restrictions in WebKit Objective C API
​https://bugs.webkit.org/show_bug.cgi?id=115321

Reviewed by Darin Adler.

• UIProcess/API/C/WKPage.cpp:
• UIProcess/API/C/WKPage.h:
• UIProcess/WebPageProxy.cpp: (WebKit::WebPageProxy::loadFile):
• UIProcess/WebPageProxy.h: Added and implemented a C API to load a file while only opening sandbox for a specific directory.

• UIProcess/API/mac/WKBrowsingContextController.h: Fixed a typo in a comment.

• UIProcess/API/mac/WKBrowsingContextController.mm: (-[WKBrowsingContextController loadFileURL:restrictToFilesWithin:]): Respect allowedDirectory argument. Updated the function to raise an exception for incorrect input, as decribed in header file.

Location:

trunk/Source/WebKit2

Files:

• ChangeLog (modified) (1 diff)
• UIProcess/API/C/WKPage.cpp (modified) (1 diff)
• UIProcess/API/C/WKPage.h (modified) (1 diff)
• UIProcess/API/mac/WKBrowsingContextController.h (modified) (1 diff)
• UIProcess/API/mac/WKBrowsingContextController.mm (modified) (1 diff)
• UIProcess/WebPageProxy.cpp (modified) (1 diff)
• UIProcess/WebPageProxy.h (modified) (1 diff)

trunk/Source/WebKit2/ChangeLog

@@ +1 @@
+2013-04-28  Alexey Proskuryakov  <ap@apple.com>
+
+        <rdar://problem/13574729> Implement file path restrictions in WebKit Objective C API
+        https://bugs.webkit.org/show_bug.cgi?id=115321
+
+        Reviewed by Darin Adler.
+
+        * UIProcess/API/C/WKPage.cpp:
+        * UIProcess/API/C/WKPage.h: 
+        * UIProcess/WebPageProxy.cpp: (WebKit::WebPageProxy::loadFile):
+        * UIProcess/WebPageProxy.h:
+        Added and implemented a C API to load a file while only opening sandbox for
+        a specific directory.
+
+        * UIProcess/API/mac/WKBrowsingContextController.h: Fixed a typo in a comment.
+
+        * UIProcess/API/mac/WKBrowsingContextController.mm:
+        (-[WKBrowsingContextController loadFileURL:restrictToFilesWithin:]):
+        Respect allowedDirectory argument. Updated the function to raise an exception for
+        incorrect input, as decribed in header file.
+
 2013-04-29  Sam Weinig  <sam@webkit.org>
 

trunk/Source/WebKit2/UIProcess/API/C/WKPage.cpp

@@ -93 +93 @@
 }
 
+void WKPageLoadFile(WKPageRef pageRef, WKURLRef fileURL, WKURLRef resourceDirectoryURL)
+{
+    toImpl(pageRef)->loadFile(toWTFString(fileURL), toWTFString(resourceDirectoryURL));
+}
+
 void WKPageStopLoading(WKPageRef pageRef)
 {

trunk/Source/WebKit2/UIProcess/API/C/WKPage.h

@@ -363 +363 @@
 WK_EXPORT void WKPageLoadPlainTextString(WKPageRef page, WKStringRef plainTextString);
 WK_EXPORT void WKPageLoadWebArchiveData(WKPageRef page, WKDataRef webArchiveData);
+WK_EXPORT void WKPageLoadFile(WKPageRef page, WKURLRef fileURL, WKURLRef resourceDirectoryURL);
 
 WK_EXPORT void WKPageStopLoading(WKPageRef page);

trunk/Source/WebKit2/UIProcess/API/mac/WKBrowsingContextController.h

@@ -51 +51 @@
 
 /* Load a file: URL. Opens the sandbox only for files within allowedDirectory.
-    - Passing a non-file: URL to either parameter will yeild an exception.
+    - Passing a non-file: URL to either parameter will yield an exception.
     - Passing nil as the allowedDirectory will open the entire file-system for
-      reading. 
+      reading.
 */
 - (void)loadFileURL:(NSURL *)URL restrictToFilesWithin:(NSURL *)allowedDirectory;

trunk/Source/WebKit2/UIProcess/API/mac/WKBrowsingContextController.mm

@@ -120 +120 @@
 - (void)loadFileURL:(NSURL *)URL restrictToFilesWithin:(NSURL *)allowedDirectory
 {
-    if (![URL isFileURL])
-        return;
-
-    /* FIXME: Implement restrictions. */
+    if (![URL isFileURL] || (allowedDirectory && ![allowedDirectory isFileURL]))
+        [NSException raise:NSInvalidArgumentException format:@"Attempted to load a non-file URL"];
 
     WKRetainPtr<WKURLRef> wkURL = adoptWK(WKURLCreateWithCFURL((CFURLRef)URL));
-    WKPageLoadURL(self._pageRef, wkURL.get());
+    WKRetainPtr<WKURLRef> wkAllowedDirectory = adoptWK(WKURLCreateWithCFURL((CFURLRef)allowedDirectory));
+    
+    WKPageLoadFile(self._pageRef, wkURL.get(), wkAllowedDirectory.get());
 }
 

trunk/Source/WebKit2/UIProcess/WebPageProxy.cpp

@@ -732 +732 @@
 }
 
+void WebPageProxy::loadFile(const String& fileURLString, const String& resourceDirectoryURLString)
+{
+    if (!isValid())
+        reattachToWebProcess();
+
+    KURL fileURL = KURL(KURL(), fileURLString);
+    if (!fileURL.isLocalFile())
+        return;
+
+    String resourceDirectoryPath;
+    if (!resourceDirectoryURLString.isNull()) {
+        KURL resourceDirectoryURL = KURL(KURL(), resourceDirectoryURLString);
+        if (!resourceDirectoryURL.isLocalFile())
+            return;
+        resourceDirectoryPath = resourceDirectoryURL.fileSystemPath();
+    } else
+        resourceDirectoryPath = ASCIILiteral("/");
+
+    SandboxExtension::Handle sandboxExtensionHandle;
+    SandboxExtension::createHandle(resourceDirectoryPath, SandboxExtension::ReadOnly, sandboxExtensionHandle);
+    m_process->assumeReadAccessToBaseURL(resourceDirectoryPath);
+    m_process->send(Messages::WebPage::LoadURL(fileURL, sandboxExtensionHandle), m_pageID);
+    m_process->responsivenessTimer()->start();
+}
+
 void WebPageProxy::stopLoading()
 {

trunk/Source/WebKit2/UIProcess/WebPageProxy.h

@@ -289 +289 @@
     void loadPlainTextString(const String& string);
     void loadWebArchiveData(const WebData*);
+    void loadFile(const String& fileURL, const String& resourceDirectoryURL);
 
     void stopLoading();