Changeset 194323 in webkit
- Timestamp:
- Dec 20, 2015 5:19:41 PM (8 years ago)
- Location:
- trunk/Source
- Files:
-
- 7 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/Source/WTF/ChangeLog
r194318 r194323 1 2015-12-20 Michael Catanzaro <mcatanzaro@igalia.com> 2 3 [SOUP] Performs DNS prefetch when a proxy is configured (information leak) 4 https://bugs.webkit.org/show_bug.cgi?id=145542 5 6 Reviewed by Darin Adler. 7 8 Specialize GUniquePtr<char*>, using g_strfreev. 9 10 * wtf/glib/GUniquePtr.h: 11 1 12 2015-12-19 Dan Bernstein <mitz@apple.com> 2 13 -
trunk/Source/WTF/wtf/glib/GUniquePtr.h
r185818 r194323 44 44 macro(GDir, g_dir_close) \ 45 45 macro(GTimer, g_timer_destroy) \ 46 macro(GKeyFile, g_key_file_free) 46 macro(GKeyFile, g_key_file_free) \ 47 macro(char*, g_strfreev) 47 48 48 49 #define WTF_DEFINE_GPTR_DELETER(typeName, deleterFunc) \ -
trunk/Source/WebCore/ChangeLog
r194322 r194323 1 2015-12-20 Michael Catanzaro <mcatanzaro@igalia.com> 2 3 [SOUP] Performs DNS prefetch when a proxy is configured (information leak) 4 https://bugs.webkit.org/show_bug.cgi?id=145542 5 6 Reviewed by Darin Adler. 7 8 Perform DNS prefetch only when no proxy is configured. 9 10 No new tests. Test this manually with Wireshark. Run the simple-proxy example program found 11 in libsoup's examples directory, set that as your system HTTP proxy, and see if DNS queries 12 show up in Wireshark when refreshing a page sent over HTTP. They should appear only when the 13 proxy is not configured. 14 15 * platform/network/DNSResolveQueue.cpp: 16 (WebCore::DNSResolveQueue::DNSResolveQueue): 17 (WebCore::DNSResolveQueue::isUsingProxy): 18 * platform/network/DNSResolveQueue.h: 19 * platform/network/cf/DNSCFNet.cpp: 20 (WebCore::DNSResolveQueue::updateIsUsingProxy): 21 (WebCore::DNSResolveQueue::platformProxyIsEnabledInSystemPreferences): Deleted. 22 * platform/network/soup/DNSSoup.cpp: 23 (WebCore::didResolveProxy): 24 (WebCore::proxyResolvedForHttpUriCallback): 25 (WebCore::proxyResolvedForHttpsUriCallback): 26 (WebCore::DNSResolveQueue::updateIsUsingProxy): 27 (WebCore::DNSResolveQueue::platformProxyIsEnabledInSystemPreferences): Deleted. 28 1 29 2015-12-20 Dan Bernstein <mitz@apple.com> 2 30 -
trunk/Source/WebCore/platform/network/DNSResolveQueue.cpp
r185818 r194323 61 61 : m_timer(*this, &DNSResolveQueue::timerFired) 62 62 , m_requestsInFlight(0) 63 , m_ cachedProxyEnabledStatus(false)63 , m_isUsingProxy(true) 64 64 , m_lastProxyEnabledStatusCheckTime(0) 65 65 { 66 // isUsingProxy will return the initial value of m_isUsingProxy at first on 67 // platforms that have an asynchronous implementation of updateIsUsingProxy, 68 // so initialize it to true so we won't prefetch before we know if we are using a proxy. 66 69 } 67 70 71 // Don't do DNS prefetch if proxies are involved. For many proxy types, the user agent is never 72 // exposed to the IP address during normal operation. Querying an internal DNS server may not help 73 // performance, as it doesn't necessarily look up the actual external IP. Also, if DNS returns a 74 // fake internal address, local caches may keep it even after re-connecting to another network. 68 75 bool DNSResolveQueue::isUsingProxy() 69 76 { … … 72 79 if (time - m_lastProxyEnabledStatusCheckTime > minimumProxyCheckDelay) { 73 80 m_lastProxyEnabledStatusCheckTime = time; 74 m_cachedProxyEnabledStatus = platformProxyIsEnabledInSystemPreferences();81 updateIsUsingProxy(); 75 82 } 76 return m_ cachedProxyEnabledStatus;83 return m_isUsingProxy; 77 84 } 78 85 -
trunk/Source/WebCore/platform/network/DNSResolveQueue.h
r185818 r194323 53 53 bool isUsingProxy(); 54 54 55 bool platformProxyIsEnabledInSystemPreferences();55 void updateIsUsingProxy(); 56 56 void platformResolve(const String&); 57 57 … … 62 62 HashSet<String> m_names; 63 63 std::atomic<int> m_requestsInFlight; 64 bool m_ cachedProxyEnabledStatus;64 bool m_isUsingProxy; 65 65 double m_lastProxyEnabledStatusCheckTime; 66 66 }; -
trunk/Source/WebCore/platform/network/cf/DNSCFNet.cpp
r185818 r194323 49 49 namespace WebCore { 50 50 51 bool DNSResolveQueue::platformProxyIsEnabledInSystemPreferences()51 void DNSResolveQueue::updateIsUsingProxy() 52 52 { 53 // Don't do DNS prefetch if proxies are involved. For many proxy types, the user agent is never exposed54 // to the IP address during normal operation. Querying an internal DNS server may not help performance,55 // as it doesn't necessarily look up the actual external IP. Also, if DNS returns a fake internal address,56 // local caches may keep it even after re-connecting to another network.57 58 53 RetainPtr<CFDictionaryRef> proxySettings = adoptCF(CFNetworkCopySystemProxySettings()); 59 if (!proxySettings) 60 return false; 54 if (!proxySettings) { 55 m_isUsingProxy = false; 56 return; 57 } 61 58 62 59 RetainPtr<CFURLRef> httpCFURL = URL(ParsedURLString, "http://example.com/").createCFURL(); … … 73 70 httpsProxyCount = 0; 74 71 75 returnhttpProxyCount || httpsProxyCount;72 m_isUsingProxy = httpProxyCount || httpsProxyCount; 76 73 } 77 74 -
trunk/Source/WebCore/platform/network/soup/DNSSoup.cpp
r185819 r194323 34 34 #include <libsoup/soup.h> 35 35 #include <wtf/MainThread.h> 36 #include <wtf/glib/GUniquePtr.h> 36 37 #include <wtf/text/CString.h> 37 38 38 39 namespace WebCore { 39 40 40 // There is no current reliable way to know if we're behind a proxy at 41 // this level. We'll have to implement it in 42 // SoupSession/SoupProxyURIResolver/GProxyResolver 43 bool DNSResolveQueue::platformProxyIsEnabledInSystemPreferences() 41 // Initially true to ensure prefetch stays disabled until we have proxy settings. 42 static bool isUsingHttpProxy = true; 43 static bool isUsingHttpsProxy = true; 44 45 static bool didResolveProxy(char** uris) 44 46 { 45 return false; 47 // We have a list of possible proxies to use for the URI. If the first item in the list is 48 // direct:// (the usual case), then the user prefers not to use a proxy. This is similar to 49 // resolving hostnames: there could be many possibilities returned in order of preference, and 50 // if we're trying to connect we should attempt each one in order, but here we are not trying 51 // to connect, merely to decide whether a proxy "should" be used. 52 return uris && *uris && strcmp(*uris, "direct://"); 53 } 54 55 static void didResolveProxy(GProxyResolver* resolver, GAsyncResult* result, bool* isUsingProxyType, bool* isUsingProxy) 56 { 57 GUniqueOutPtr<GError> error; 58 GUniquePtr<char*> uris(g_proxy_resolver_lookup_finish(resolver, result, &error.outPtr())); 59 if (error) { 60 WTFLogAlways("Error determining system proxy settings: %s", error->message); 61 return; 62 } 63 64 *isUsingProxyType = didResolveProxy(uris.get()); 65 *isUsingProxy = isUsingHttpProxy || isUsingHttpsProxy; 66 } 67 68 static void proxyResolvedForHttpUriCallback(GObject* source, GAsyncResult* result, void* userData) 69 { 70 didResolveProxy(G_PROXY_RESOLVER(source), result, &isUsingHttpProxy, static_cast<bool*>(userData)); 71 } 72 73 static void proxyResolvedForHttpsUriCallback(GObject* source, GAsyncResult* result, void* userData) 74 { 75 didResolveProxy(G_PROXY_RESOLVER(source), result, &isUsingHttpsProxy, static_cast<bool*>(userData)); 76 } 77 78 void DNSResolveQueue::updateIsUsingProxy() 79 { 80 GRefPtr<GProxyResolver> resolver; 81 g_object_get(SoupNetworkSession::defaultSession().soupSession(), "proxy-resolver", &resolver.outPtr(), nullptr); 82 ASSERT(resolver); 83 84 g_proxy_resolver_lookup_async(resolver.get(), "http://example.com/", nullptr, proxyResolvedForHttpUriCallback, &m_isUsingProxy); 85 g_proxy_resolver_lookup_async(resolver.get(), "https://example.com/", nullptr, proxyResolvedForHttpsUriCallback, &m_isUsingProxy); 46 86 } 47 87
Note: See TracChangeset
for help on using the changeset viewer.