Changeset 125335 in webkit


Ignore:
Timestamp:
Aug 10, 2012 4:13:37 PM (12 years ago)
Author:
jpfau@apple.com
Message:

Allow blocking of third-party localStorage and sessionStorage
https://bugs.webkit.org/show_bug.cgi?id=93390

Reviewed by Adam Barth.

Source/WebCore:

Add checks for if a page is third-party and third-party storage blocking is enabled while accessing storage.

Tests: http/tests/security/cross-origin-local-storage-allowed.html

http/tests/security/cross-origin-local-storage.html
http/tests/security/cross-origin-session-storage-allowed.html
http/tests/security/cross-origin-session-storage.html
http/tests/security/same-origin-document-domain-storage-allowed.html

  • dom/Document.cpp:

(WebCore::Document::initSecurityContext): Initialize securityOrigin with knowledge of if we should block third-party storage.

  • page/DOMWindow.cpp: Check if the origin trying to access storage is third-party relative to the top document.

(WebCore::DOMWindow::sessionStorage):
(WebCore::DOMWindow::localStorage):

  • page/SecurityOrigin.cpp: Add a call in Security origin to see if another origin counts as a third-party.

(WebCore::SecurityOrigin::SecurityOrigin):
(WebCore::SecurityOrigin::canAccessLocalStorage):
(WebCore):
(WebCore::SecurityOrigin::isThirdParty):

  • page/SecurityOrigin.h:

(WebCore::SecurityOrigin::blockThirdPartyStorage):
(SecurityOrigin):

  • testing/InternalSettings.cpp: Add an internals.settings hook for setting third-party storage blocking enabled.

(WebCore::InternalSettings::setThirdPartyStorageBlockingEnabled):
(WebCore):

  • testing/InternalSettings.h:

(InternalSettings):

  • testing/InternalSettings.idl:

LayoutTests:

Created tests for testing accessing localStorage and selfStorage from a third party and first party when third-party blocking is on and off.

  • http/tests/security/cross-origin-local-storage-allowed-expected.txt: Added.
  • http/tests/security/cross-origin-local-storage-allowed.html: Added.
  • http/tests/security/cross-origin-local-storage-expected.txt: Added.
  • http/tests/security/cross-origin-local-storage.html: Added.
  • http/tests/security/cross-origin-session-storage-allowed-expected.txt: Added.
  • http/tests/security/cross-origin-session-storage-allowed.html: Added.
  • http/tests/security/cross-origin-session-storage-expected.txt: Added.
  • http/tests/security/cross-origin-session-storage.html: Added.
  • http/tests/security/same-origin-document-domain-storage-allowed-expected.html: Added.
  • http/tests/security/same-origin-document-domain-storage-allowed.html: Added.
  • http/tests/security/resources/document-domain-iframe-for-local-storage.html: Added.
  • http/tests/security/resources/cross-origin-iframe-for-local-storage.html: Added.
  • http/tests/security/resources/cross-origin-iframe-for-session-storage.html: Added.
Location:
trunk
Files:
13 added
9 edited

Legend:

Unmodified
Added
Removed
  • trunk/LayoutTests/ChangeLog

    r125334 r125335  
     12012-08-09  Jeffrey Pfau  <jpfau@apple.com>
     2
     3        Allow blocking of third-party localStorage and sessionStorage
     4        https://bugs.webkit.org/show_bug.cgi?id=93390
     5
     6        Reviewed by Adam Barth.
     7
     8        Created tests for testing accessing localStorage and selfStorage from a third party and first party when third-party blocking is on and off.
     9
     10        * http/tests/security/cross-origin-local-storage-allowed-expected.txt: Added.
     11        * http/tests/security/cross-origin-local-storage-allowed.html: Added.
     12        * http/tests/security/cross-origin-local-storage-expected.txt: Added.
     13        * http/tests/security/cross-origin-local-storage.html: Added.
     14        * http/tests/security/cross-origin-session-storage-allowed-expected.txt: Added.
     15        * http/tests/security/cross-origin-session-storage-allowed.html: Added.
     16        * http/tests/security/cross-origin-session-storage-expected.txt: Added.
     17        * http/tests/security/cross-origin-session-storage.html: Added.
     18        * http/tests/security/same-origin-document-domain-storage-allowed-expected.html: Added.
     19        * http/tests/security/same-origin-document-domain-storage-allowed.html: Added.
     20        * http/tests/security/resources/document-domain-iframe-for-local-storage.html: Added.
     21        * http/tests/security/resources/cross-origin-iframe-for-local-storage.html: Added.
     22        * http/tests/security/resources/cross-origin-iframe-for-session-storage.html: Added.
     23
    1242012-08-10  Arko Saha  <arko@motorola.com>
    225
  • trunk/Source/WebCore/ChangeLog

    r125334 r125335  
     12012-08-09  Jeffrey Pfau  <jpfau@apple.com>
     2
     3        Allow blocking of third-party localStorage and sessionStorage
     4        https://bugs.webkit.org/show_bug.cgi?id=93390
     5
     6        Reviewed by Adam Barth.
     7
     8        Add checks for if a page is third-party and third-party storage blocking is enabled while accessing storage.
     9
     10        Tests: http/tests/security/cross-origin-local-storage-allowed.html
     11               http/tests/security/cross-origin-local-storage.html
     12               http/tests/security/cross-origin-session-storage-allowed.html
     13               http/tests/security/cross-origin-session-storage.html
     14               http/tests/security/same-origin-document-domain-storage-allowed.html
     15
     16        * dom/Document.cpp:
     17        (WebCore::Document::initSecurityContext): Initialize securityOrigin with knowledge of if we should block third-party storage.
     18        * page/DOMWindow.cpp: Check if the origin trying to access storage is third-party relative to the top document.
     19        (WebCore::DOMWindow::sessionStorage):
     20        (WebCore::DOMWindow::localStorage):
     21        * page/SecurityOrigin.cpp: Add a call in Security origin to see if another origin counts as a third-party.
     22        (WebCore::SecurityOrigin::SecurityOrigin):
     23        (WebCore::SecurityOrigin::canAccessLocalStorage):
     24        (WebCore):
     25        (WebCore::SecurityOrigin::isThirdParty):
     26        * page/SecurityOrigin.h:
     27        (WebCore::SecurityOrigin::blockThirdPartyStorage):
     28        (SecurityOrigin):
     29        * testing/InternalSettings.cpp: Add an internals.settings hook for setting third-party storage blocking enabled.
     30        (WebCore::InternalSettings::setThirdPartyStorageBlockingEnabled):
     31        (WebCore):
     32        * testing/InternalSettings.h:
     33        (InternalSettings):
     34        * testing/InternalSettings.idl:
     35
    1362012-08-10  Arko Saha  <arko@motorola.com>
    237
  • trunk/Source/WebCore/dom/Document.cpp

    r125265 r125335  
    50165016            }
    50175017        }
     5018        if (settings->thirdPartyStorageBlockingEnabled())
     5019            securityOrigin()->blockThirdPartyStorage();
    50185020    }
    50195021
  • trunk/Source/WebCore/page/DOMWindow.cpp

    r125149 r125335  
    744744        return 0;
    745745
    746     if (!document->securityOrigin()->canAccessLocalStorage()) {
     746    if (!document->securityOrigin()->canAccessLocalStorage(document->topDocument()->securityOrigin())) {
    747747        ec = SECURITY_ERR;
    748748        return 0;
     
    771771        return 0;
    772772
    773     if (!document->securityOrigin()->canAccessLocalStorage()) {
     773    if (!document->securityOrigin()->canAccessLocalStorage(document->topDocument()->securityOrigin())) {
    774774        ec = SECURITY_ERR;
    775775        return 0;
  • trunk/Source/WebCore/page/SecurityOrigin.cpp

    r120855 r125335  
    134134    , m_universalAccess(false)
    135135    , m_domainWasSetInDOM(false)
     136    , m_blockThirdPartyStorage(false)
    136137    , m_enforceFilePathSeparation(false)
    137138    , m_needsDatabaseIdentifierQuirkForFiles(false)
     
    159160    , m_domainWasSetInDOM(false)
    160161    , m_canLoadLocalResources(false)
     162    , m_blockThirdPartyStorage(false)
    161163    , m_enforceFilePathSeparation(false)
    162164    , m_needsDatabaseIdentifierQuirkForFiles(false)
     
    175177    , m_domainWasSetInDOM(other->m_domainWasSetInDOM)
    176178    , m_canLoadLocalResources(other->m_canLoadLocalResources)
     179    , m_blockThirdPartyStorage(other->m_blockThirdPartyStorage)
    177180    , m_enforceFilePathSeparation(other->m_enforceFilePathSeparation)
    178181    , m_needsDatabaseIdentifierQuirkForFiles(other->m_needsDatabaseIdentifierQuirkForFiles)
     
    389392}
    390393
     394bool SecurityOrigin::canAccessLocalStorage(const SecurityOrigin* topOrigin) const
     395{
     396    if (isUnique())
     397        return false;
     398
     399    if (m_blockThirdPartyStorage && topOrigin->isThirdParty(this))
     400        return false;
     401
     402    return true;
     403}
     404
    391405SecurityOrigin::Policy SecurityOrigin::canShowNotifications() const
    392406{
     
    396410        return AlwaysDeny;
    397411    return Ask;
     412}
     413
     414bool SecurityOrigin::isThirdParty(const SecurityOrigin* child) const
     415{
     416    if (child->m_universalAccess)
     417        return false;
     418
     419    if (this == child)
     420        return false;
     421
     422    if (isUnique() || child->isUnique())
     423        return true;
     424
     425    return !isSameSchemeHostPort(child);
    398426}
    399427
  • trunk/Source/WebCore/page/SecurityOrigin.h

    r119883 r125335  
    122122    void grantUniversalAccess();
    123123
     124    void blockThirdPartyStorage() { m_blockThirdPartyStorage = true; }
     125
    124126    bool canAccessDatabase() const { return !isUnique(); }
    125     bool canAccessLocalStorage() const { return !isUnique(); }
     127    bool canAccessLocalStorage(const SecurityOrigin* topOrigin) const;
    126128    bool canAccessCookies() const { return !isUnique(); }
    127129    bool canAccessPasswordManager() const { return !isUnique(); }
     
    190192    // FIXME: Rename this function to something more semantic.
    191193    bool passesFileCheck(const SecurityOrigin*) const;
     194    bool isThirdParty(const SecurityOrigin*) const;
    192195
    193196    String m_protocol;
     
    201204    bool m_domainWasSetInDOM;
    202205    bool m_canLoadLocalResources;
     206    bool m_blockThirdPartyStorage;
    203207    bool m_enforceFilePathSeparation;
    204208    bool m_needsDatabaseIdentifierQuirkForFiles;
  • trunk/Source/WebCore/testing/InternalSettings.cpp

    r124372 r125335  
    621621}
    622622
    623 }
     623void InternalSettings::setThirdPartyStorageBlockingEnabled(bool enabled, ExceptionCode& ec)
     624{
     625    InternalSettingsGuardForSettings();
     626    settings()->setThirdPartyStorageBlockingEnabled(enabled);
     627}
     628
     629}
  • trunk/Source/WebCore/testing/InternalSettings.h

    r124372 r125335  
    140140    String configurationForViewport(float devicePixelRatio, int deviceWidth, int deviceHeight, int availableWidth, int availableHeight, ExceptionCode&);
    141141    void setMemoryInfoEnabled(bool, ExceptionCode&);
     142    void setThirdPartyStorageBlockingEnabled(bool, ExceptionCode&);
    142143private:
    143144    explicit InternalSettings(Page*);
  • trunk/Source/WebCore/testing/InternalSettings.idl

    r124372 r125335  
    7979#endif
    8080        void setMemoryInfoEnabled(in boolean enabled) raises(DOMException);
     81        void setThirdPartyStorageBlockingEnabled(in boolean enabled) raises(DOMException);
    8182    };
    8283}
Note: See TracChangeset for help on using the changeset viewer.