Changeset 129143 in webkit
- Timestamp:
- Sep 20, 2012 11:11:19 AM (12 years ago)
- Location:
- trunk
- Files:
-
- 4 added
- 8 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/LayoutTests/ChangeLog
r129142 r129143 1 2012-09-20 Mike West <mkwst@chromium.org> 2 3 Support paths in Content Security Policy directives. 4 https://bugs.webkit.org/show_bug.cgi?id=89750 5 6 Reviewed by Adam Barth. 7 8 * http/tests/security/contentSecurityPolicy/source-list-parsing-05-expected.txt: 9 * http/tests/security/contentSecurityPolicy/source-list-parsing-05.html: 10 * http/tests/security/contentSecurityPolicy/source-list-parsing-06-expected.txt: 11 * http/tests/security/contentSecurityPolicy/source-list-parsing-06.html: 12 The behavior of these tests changes based on the new functionality. 13 * http/tests/security/contentSecurityPolicy/source-list-parsing-paths-01-expected.txt: Added. 14 * http/tests/security/contentSecurityPolicy/source-list-parsing-paths-01.html: Added. 15 * http/tests/security/contentSecurityPolicy/source-list-parsing-paths-02-expected.txt: Added. 16 * http/tests/security/contentSecurityPolicy/source-list-parsing-paths-02.html: Added. 17 New tests for various path cases. 18 1 19 2012-09-20 Joshua Bell <jsbell@chromium.org> 2 20 -
trunk/LayoutTests/http/tests/security/contentSecurityPolicy/source-list-parsing-05-expected.txt
r125047 r129143 1 CONSOLE MESSAGE: The source list for Content Security Policy directive 'script-src' contains the source '127.0.0.1:*/'. Content Security Policy 1.0 supports only schemes, hosts, and ports. Paths might be supported in the future, but for now, '/' is being ignored. Be careful. 2 CONSOLE MESSAGE: The source list for Content Security Policy directive 'script-src' contains the source '127.0.0.1:*/path'. Content Security Policy 1.0 supports only schemes, hosts, and ports. Paths might be supported in the future, but for now, '/path' is being ignored. Be careful. 3 CONSOLE MESSAGE: The source list for Content Security Policy directive 'script-src' contains the source '127.0.0.1:*/path?query=string'. Content Security Policy 1.0 supports only schemes, hosts, and ports. Paths might be supported in the future, but for now, '/path?query=string' is being ignored. Be careful. 4 CONSOLE MESSAGE: The source list for Content Security Policy directive 'script-src' contains the source '127.0.0.1:*/path#anchor'. Content Security Policy 1.0 supports only schemes, hosts, and ports. Paths might be supported in the future, but for now, '/path#anchor' is being ignored. Be careful. 5 CONSOLE MESSAGE: The source list for Content Security Policy directive 'script-src' contains the source '127.0.0.1:8000/'. Content Security Policy 1.0 supports only schemes, hosts, and ports. Paths might be supported in the future, but for now, '/' is being ignored. Be careful. 6 CONSOLE MESSAGE: The source list for Content Security Policy directive 'script-src' contains the source '127.0.0.1:8000/path'. Content Security Policy 1.0 supports only schemes, hosts, and ports. Paths might be supported in the future, but for now, '/path' is being ignored. Be careful. 7 CONSOLE MESSAGE: The source list for Content Security Policy directive 'script-src' contains the source '127.0.0.1:8000/path?query=string'. Content Security Policy 1.0 supports only schemes, hosts, and ports. Paths might be supported in the future, but for now, '/path?query=string' is being ignored. Be careful. 8 CONSOLE MESSAGE: The source list for Content Security Policy directive 'script-src' contains the source '127.0.0.1:8000/path#anchor'. Content Security Policy 1.0 supports only schemes, hosts, and ports. Paths might be supported in the future, but for now, '/path#anchor' is being ignored. Be careful. 9 CONSOLE MESSAGE: The source list for Content Security Policy directive 'script-src' contains the source '127.0.0.1:8000/thisisa'. Content Security Policy 1.0 supports only schemes, hosts, and ports. Paths might be supported in the future, but for now, '/thisisa' is being ignored. Be careful. 1 CONSOLE MESSAGE: Refused to load the script 'http://127.0.0.1:8000/security/contentSecurityPolicy/resources/script.js' because it violates the following Content Security Policy directive: "script-src 127.0.0.1:*/path". 2 3 CONSOLE MESSAGE: The source list for Content Security Policy directive 'script-src' contains an invalid source: '127.0.0.1:*/path?query=string'. It will be ignored. 4 CONSOLE MESSAGE: Refused to load the script 'http://127.0.0.1:8000/security/contentSecurityPolicy/resources/script.js' because it violates the following Content Security Policy directive: "script-src 127.0.0.1:*/path?query=string". 5 6 CONSOLE MESSAGE: The source list for Content Security Policy directive 'script-src' contains an invalid source: '127.0.0.1:*/path#anchor'. It will be ignored. 7 CONSOLE MESSAGE: Refused to load the script 'http://127.0.0.1:8000/security/contentSecurityPolicy/resources/script.js' because it violates the following Content Security Policy directive: "script-src 127.0.0.1:*/path#anchor". 8 9 CONSOLE MESSAGE: Refused to load the script 'http://127.0.0.1:8000/security/contentSecurityPolicy/resources/script.js' because it violates the following Content Security Policy directive: "script-src 127.0.0.1:8000/path". 10 11 CONSOLE MESSAGE: The source list for Content Security Policy directive 'script-src' contains an invalid source: '127.0.0.1:8000/path?query=string'. It will be ignored. 12 CONSOLE MESSAGE: Refused to load the script 'http://127.0.0.1:8000/security/contentSecurityPolicy/resources/script.js' because it violates the following Content Security Policy directive: "script-src 127.0.0.1:8000/path?query=string". 13 14 CONSOLE MESSAGE: The source list for Content Security Policy directive 'script-src' contains an invalid source: '127.0.0.1:8000/path#anchor'. It will be ignored. 15 CONSOLE MESSAGE: Refused to load the script 'http://127.0.0.1:8000/security/contentSecurityPolicy/resources/script.js' because it violates the following Content Security Policy directive: "script-src 127.0.0.1:8000/path#anchor". 16 10 17 CONSOLE MESSAGE: Unrecognized Content-Security-Policy directive 'pathwithasemicolon'. 11 18 12 CONSOLE MESSAGE: The source list for Content Security Policy directive 'script-src' contains the source '127.0.0.1:8000/this'. Content Security Policy 1.0 supports only schemes, hosts, and ports. Paths might be supported in the future, but for now, '/this' is being ignored. Be careful. 19 CONSOLE MESSAGE: Refused to load the script 'http://127.0.0.1:8000/security/contentSecurityPolicy/resources/script.js' because it violates the following Content Security Policy directive: "script-src 127.0.0.1:8000/thisisa". 20 21 CONSOLE MESSAGE: Refused to load the script 'http://127.0.0.1:8000/security/contentSecurityPolicy/resources/script.js' because it violates the following Content Security Policy directive: "script-src 127.0.0.1:8000/this is a path with spaces". 22 13 23 Paths should be ignored when evaluating sources. This test passes if FAIL does not appear in the output, and each of the tests generates a warning about the path component. 14 24 -
trunk/LayoutTests/http/tests/security/contentSecurityPolicy/source-list-parsing-05.html
r125047 r129143 6 6 var tests = [ 7 7 ['yes', 'script-src 127.0.0.1:*/', 'resources/script.js'], 8 [' yes', 'script-src 127.0.0.1:*/path', 'resources/script.js'],9 [' yes', 'script-src 127.0.0.1:*/path?query=string', 'resources/script.js'],10 [' yes', 'script-src 127.0.0.1:*/path#anchor', 'resources/script.js'],8 ['no', 'script-src 127.0.0.1:*/path', 'resources/script.js'], 9 ['no', 'script-src 127.0.0.1:*/path?query=string', 'resources/script.js'], 10 ['no', 'script-src 127.0.0.1:*/path#anchor', 'resources/script.js'], 11 11 ['yes', 'script-src 127.0.0.1:8000/', 'resources/script.js'], 12 [' yes', 'script-src 127.0.0.1:8000/path', 'resources/script.js'],13 [' yes', 'script-src 127.0.0.1:8000/path?query=string', 'resources/script.js'],14 [' yes', 'script-src 127.0.0.1:8000/path#anchor', 'resources/script.js'],15 [' yes', 'script-src 127.0.0.1:8000/thisisa;pathwithasemicolon', 'resources/script.js'],16 [' yes', 'script-src 127.0.0.1:8000/this is a path with spaces', 'resources/script.js'],12 ['no', 'script-src 127.0.0.1:8000/path', 'resources/script.js'], 13 ['no', 'script-src 127.0.0.1:8000/path?query=string', 'resources/script.js'], 14 ['no', 'script-src 127.0.0.1:8000/path#anchor', 'resources/script.js'], 15 ['no', 'script-src 127.0.0.1:8000/thisisa;pathwithasemicolon', 'resources/script.js'], 16 ['no', 'script-src 127.0.0.1:8000/this is a path with spaces', 'resources/script.js'], 17 17 ]; 18 18 </script> -
trunk/LayoutTests/http/tests/security/contentSecurityPolicy/source-list-parsing-06-expected.txt
r125047 r129143 1 CONSOLE MESSAGE: The source list for Content Security Policy directive 'script-src' contains the source 'http://127.0.0.1:*/'. Content Security Policy 1.0 supports only schemes, hosts, and ports. Paths might be supported in the future, but for now, '/' is being ignored. Be careful. 2 CONSOLE MESSAGE: The source list for Content Security Policy directive 'script-src' contains the source 'http://127.0.0.1:*/path'. Content Security Policy 1.0 supports only schemes, hosts, and ports. Paths might be supported in the future, but for now, '/path' is being ignored. Be careful. 3 CONSOLE MESSAGE: The source list for Content Security Policy directive 'script-src' contains the source 'http://127.0.0.1:*/path?query=string'. Content Security Policy 1.0 supports only schemes, hosts, and ports. Paths might be supported in the future, but for now, '/path?query=string' is being ignored. Be careful. 4 CONSOLE MESSAGE: The source list for Content Security Policy directive 'script-src' contains the source 'http://127.0.0.1:*/path#anchor'. Content Security Policy 1.0 supports only schemes, hosts, and ports. Paths might be supported in the future, but for now, '/path#anchor' is being ignored. Be careful. 5 CONSOLE MESSAGE: The source list for Content Security Policy directive 'script-src' contains the source 'http://127.0.0.1:8000/'. Content Security Policy 1.0 supports only schemes, hosts, and ports. Paths might be supported in the future, but for now, '/' is being ignored. Be careful. 6 CONSOLE MESSAGE: The source list for Content Security Policy directive 'script-src' contains the source 'http://127.0.0.1:8000/path'. Content Security Policy 1.0 supports only schemes, hosts, and ports. Paths might be supported in the future, but for now, '/path' is being ignored. Be careful. 7 CONSOLE MESSAGE: The source list for Content Security Policy directive 'script-src' contains the source 'http://127.0.0.1:8000/path?query=string'. Content Security Policy 1.0 supports only schemes, hosts, and ports. Paths might be supported in the future, but for now, '/path?query=string' is being ignored. Be careful. 8 CONSOLE MESSAGE: The source list for Content Security Policy directive 'script-src' contains the source 'http://127.0.0.1:8000/path#anchor'. Content Security Policy 1.0 supports only schemes, hosts, and ports. Paths might be supported in the future, but for now, '/path#anchor' is being ignored. Be careful. 9 CONSOLE MESSAGE: The source list for Content Security Policy directive 'script-src' contains the source 'http://127.0.0.1:8000/thisisa'. Content Security Policy 1.0 supports only schemes, hosts, and ports. Paths might be supported in the future, but for now, '/thisisa' is being ignored. Be careful. 1 CONSOLE MESSAGE: Refused to load the script 'http://127.0.0.1:8000/security/contentSecurityPolicy/resources/script.js' because it violates the following Content Security Policy directive: "script-src http://127.0.0.1:*/path". 2 3 CONSOLE MESSAGE: The source list for Content Security Policy directive 'script-src' contains an invalid source: 'http://127.0.0.1:*/path?query=string'. It will be ignored. 4 CONSOLE MESSAGE: Refused to load the script 'http://127.0.0.1:8000/security/contentSecurityPolicy/resources/script.js' because it violates the following Content Security Policy directive: "script-src http://127.0.0.1:*/path?query=string". 5 6 CONSOLE MESSAGE: The source list for Content Security Policy directive 'script-src' contains an invalid source: 'http://127.0.0.1:*/path#anchor'. It will be ignored. 7 CONSOLE MESSAGE: Refused to load the script 'http://127.0.0.1:8000/security/contentSecurityPolicy/resources/script.js' because it violates the following Content Security Policy directive: "script-src http://127.0.0.1:*/path#anchor". 8 9 CONSOLE MESSAGE: Refused to load the script 'http://127.0.0.1:8000/security/contentSecurityPolicy/resources/script.js' because it violates the following Content Security Policy directive: "script-src http://127.0.0.1:8000/path". 10 11 CONSOLE MESSAGE: The source list for Content Security Policy directive 'script-src' contains an invalid source: 'http://127.0.0.1:8000/path?query=string'. It will be ignored. 12 CONSOLE MESSAGE: Refused to load the script 'http://127.0.0.1:8000/security/contentSecurityPolicy/resources/script.js' because it violates the following Content Security Policy directive: "script-src http://127.0.0.1:8000/path?query=string". 13 14 CONSOLE MESSAGE: The source list for Content Security Policy directive 'script-src' contains an invalid source: 'http://127.0.0.1:8000/path#anchor'. It will be ignored. 15 CONSOLE MESSAGE: Refused to load the script 'http://127.0.0.1:8000/security/contentSecurityPolicy/resources/script.js' because it violates the following Content Security Policy directive: "script-src http://127.0.0.1:8000/path#anchor". 16 10 17 CONSOLE MESSAGE: Unrecognized Content-Security-Policy directive 'pathwithasemicolon'. 11 18 12 CONSOLE MESSAGE: The source list for Content Security Policy directive 'script-src' contains the source 'http://127.0.0.1:8000/this'. Content Security Policy 1.0 supports only schemes, hosts, and ports. Paths might be supported in the future, but for now, '/this' is being ignored. Be careful. 19 CONSOLE MESSAGE: Refused to load the script 'http://127.0.0.1:8000/security/contentSecurityPolicy/resources/script.js' because it violates the following Content Security Policy directive: "script-src http://127.0.0.1:8000/thisisa". 20 21 CONSOLE MESSAGE: Refused to load the script 'http://127.0.0.1:8000/security/contentSecurityPolicy/resources/script.js' because it violates the following Content Security Policy directive: "script-src http://127.0.0.1:8000/this is a path with spaces". 22 13 23 Paths should be ignored when evaluating sources. This test passes if FAIL does not appear in the output, and each of the tests generates a warning about the path component. 14 24 -
trunk/LayoutTests/http/tests/security/contentSecurityPolicy/source-list-parsing-06.html
r125047 r129143 6 6 var tests = [ 7 7 ['yes', 'script-src http://127.0.0.1:*/', 'resources/script.js'], 8 [' yes', 'script-src http://127.0.0.1:*/path', 'resources/script.js'],9 [' yes', 'script-src http://127.0.0.1:*/path?query=string', 'resources/script.js'],10 [' yes', 'script-src http://127.0.0.1:*/path#anchor', 'resources/script.js'],8 ['no', 'script-src http://127.0.0.1:*/path', 'resources/script.js'], 9 ['no', 'script-src http://127.0.0.1:*/path?query=string', 'resources/script.js'], 10 ['no', 'script-src http://127.0.0.1:*/path#anchor', 'resources/script.js'], 11 11 ['yes', 'script-src http://127.0.0.1:8000/', 'resources/script.js'], 12 [' yes', 'script-src http://127.0.0.1:8000/path', 'resources/script.js'],13 [' yes', 'script-src http://127.0.0.1:8000/path?query=string', 'resources/script.js'],14 [' yes', 'script-src http://127.0.0.1:8000/path#anchor', 'resources/script.js'],15 [' yes', 'script-src http://127.0.0.1:8000/thisisa;pathwithasemicolon', 'resources/script.js'],16 [' yes', 'script-src http://127.0.0.1:8000/this is a path with spaces', 'resources/script.js'],12 ['no', 'script-src http://127.0.0.1:8000/path', 'resources/script.js'], 13 ['no', 'script-src http://127.0.0.1:8000/path?query=string', 'resources/script.js'], 14 ['no', 'script-src http://127.0.0.1:8000/path#anchor', 'resources/script.js'], 15 ['no', 'script-src http://127.0.0.1:8000/thisisa;pathwithasemicolon', 'resources/script.js'], 16 ['no', 'script-src http://127.0.0.1:8000/this is a path with spaces', 'resources/script.js'], 17 17 ]; 18 18 </script> -
trunk/Source/WebCore/ChangeLog
r129141 r129143 1 2012-09-20 Mike West <mkwst@chromium.org> 2 3 Support paths in Content Security Policy directives. 4 https://bugs.webkit.org/show_bug.cgi?id=89750 5 6 Reviewed by Adam Barth. 7 8 In CSP 1.0, paths are simply ignored: 'script-src 9 http://example.com/path/to/a/file' would allow script to be loaded from 10 http://example.com/path/to/a/file/javascript.js, but also from 11 http://example.com/javascript.js. 12 13 This patch is an experimental implementation of more granular path 14 support in CSP source lists as proposed in the current editor's draft of 15 CSP 1.1. Paths are treated as specifying directories in which resources 16 can be found, and are implicitly terminated with a '/': in other words, 17 'script-src http://a.com/path' is the same as 18 'script-src http://a.com/path/'. Moreover, paths cannot contain either 19 '?' or '#' characters. 20 21 This is implemented outside the CSP_NEXT flag. All ports will be 22 effected. 23 24 Spec: https://dvcs.w3.org/hg/content-security-policy/raw-file/tip/csp-specification.dev.html#matching 25 26 Tests: http/tests/security/contentSecurityPolicy/source-list-parsing-paths-01.html 27 http/tests/security/contentSecurityPolicy/source-list-parsing-paths-02.html 28 29 * page/ContentSecurityPolicy.cpp: 30 (WebCore::CSPSource::CSPSource): 31 Store a path along with each CSP source. 32 (WebCore::CSPSource::matches): 33 Check the path when comparing a URL to the source. 34 (WebCore::CSPSource::pathMatches): 35 Compare the URL-decoded version of the resource to validate against 36 the source's stored path. If the resource's path begins with the 37 stored path, then it matches! If not, it doesn't. 38 (CSPSource): 39 Store a path along with each CSP source. 40 (WebCore::CSPSourceList::parse): 41 Pass a 'path' in when creating CSPSource objects. 42 (WebCore::CSPSourceList::parsePath): 43 Actually parse the path, flagging errors if '?' or '#' are present, 44 URL-decoding the result, and ensuring that a terminal '/' is 45 added if necessary. 46 (WebCore::CSPSourceList::addSourceSelf): 47 Ensure that 'self' sources have an empty path. 48 * page/ContentSecurityPolicy.h: 49 Dropping the "ignored path component" console warning. 50 1 51 2012-09-20 Joanmarie Diggs <jdiggs@igalia.com> 2 52 -
trunk/Source/WebCore/page/ContentSecurityPolicy.cpp
r128703 r129143 72 72 } 73 73 74 bool isPathComponentCharacter(UChar c) 75 { 76 return c != '?' && c != '#'; 77 } 78 74 79 bool isHostCharacter(UChar c) 75 80 { … … 133 138 class CSPSource { 134 139 public: 135 CSPSource(const String& scheme, const String& host, int port, bool hostHasWildcard, bool portHasWildcard)140 CSPSource(const String& scheme, const String& host, int port, const String& path, bool hostHasWildcard, bool portHasWildcard) 136 141 : m_scheme(scheme) 137 142 , m_host(host) 138 143 , m_port(port) 144 , m_path(path) 139 145 , m_hostHasWildcard(hostHasWildcard) 140 146 , m_portHasWildcard(portHasWildcard) … … 148 154 if (isSchemeOnly()) 149 155 return true; 150 return hostMatches(url) && portMatches(url) ;156 return hostMatches(url) && portMatches(url) && pathMatches(url); 151 157 } 152 158 … … 166 172 } 167 173 174 bool pathMatches(const KURL& url) const 175 { 176 if (m_path.isEmpty()) 177 return true; 178 179 String path = decodeURLEscapeSequences(url.path()); 180 181 return path.startsWith(m_path, false); 182 } 183 168 184 bool portMatches(const KURL& url) const 169 185 { … … 190 206 String m_host; 191 207 int m_port; 208 String m_path; 192 209 193 210 bool m_hostHasWildcard; … … 288 305 if (scheme.isEmpty()) 289 306 scheme = m_policy->securityOrigin()->protocol(); 290 if (!path.isEmpty()) 291 m_policy->reportIgnoredPathComponent(m_directiveName, String(beginSource, position - beginSource), path); 292 m_list.append(CSPSource(scheme, host, port, hostHasWildcard, portHasWildcard)); 307 m_list.append(CSPSource(scheme, host, port, path, hostHasWildcard, portHasWildcard)); 293 308 } else 294 309 m_policy->reportInvalidSourceExpression(m_directiveName, String(beginSource, position - beginSource)); … … 475 490 } 476 491 477 // FIXME: Deal with an actual path. This just sucks up everything to the end of the string.478 492 bool CSPSourceList::parsePath(const UChar* begin, const UChar* end, String& path) 479 493 { … … 481 495 ASSERT(path.isEmpty()); 482 496 483 if (begin == end) 484 return false; 485 486 path = String(begin, end - begin); 497 const UChar* position = begin; 498 skipWhile<isPathComponentCharacter>(position, end); 499 // path/to/file.js?query=string || path/to/file.js#anchor 500 // ^ ^ 501 if (position < end) 502 return false; 503 504 path = decodeURLEscapeSequences(String(begin, end - begin)); 505 if (!path.endsWith('/')) 506 path = path + '/'; 507 508 ASSERT(position == end && path.endsWith('/')); 487 509 return true; 488 510 } … … 521 543 void CSPSourceList::addSourceSelf() 522 544 { 523 m_list.append(CSPSource(m_policy->securityOrigin()->protocol(), m_policy->securityOrigin()->host(), m_policy->securityOrigin()->port(), false, false));545 m_list.append(CSPSource(m_policy->securityOrigin()->protocol(), m_policy->securityOrigin()->host(), m_policy->securityOrigin()->port(), String(), false, false)); 524 546 } 525 547 … … 1551 1573 } 1552 1574 1553 void ContentSecurityPolicy::reportIgnoredPathComponent(const String& directiveName, const String& completeSource, const String& path) const1554 {1555 String message = makeString("The source list for Content Security Policy directive '", directiveName, "' contains the source '", completeSource, "'. Content Security Policy 1.0 supports only schemes, hosts, and ports. Paths might be supported in the future, but for now, '", path, "' is being ignored. Be careful.");1556 logToConsole(message);1557 }1558 1559 1575 void ContentSecurityPolicy::reportInvalidSourceExpression(const String& directiveName, const String& source) const 1560 1576 { -
trunk/Source/WebCore/page/ContentSecurityPolicy.h
r128703 r129143 101 101 102 102 void reportDuplicateDirective(const String&) const; 103 void reportIgnoredPathComponent(const String& directiveName, const String& completeSource, const String& path) const;104 103 void reportInvalidDirectiveValueCharacter(const String& directiveName, const String& value) const; 105 104 void reportInvalidNonce(const String&) const;
Note: See TracChangeset
for help on using the changeset viewer.