Changeset 196242 in webkit
- Timestamp:
- Feb 7, 2016 2:26:46 PM (8 years ago)
- Location:
- trunk
- Files:
-
- 6 added
- 26 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/LayoutTests/ChangeLog
r196238 r196242 1 2016-02-07 Daniel Bates <dabates@apple.com> 2 3 CSP: Allow Web Workers initiated from an isolated world to bypass the main world Content Security Policy 4 https://bugs.webkit.org/show_bug.cgi?id=153622 5 <rdar://problem/24400023> 6 7 Reviewed by Gavin Barraclough and Andy Estes. 8 9 Add tests to ensure that a Web Worker initiated from an isolated world can bypass the main world 10 Content Security Policy. 11 12 * http/tests/security/isolatedWorld/bypass-main-world-csp-worker-blob-eval-expected.txt: Added. 13 * http/tests/security/isolatedWorld/bypass-main-world-csp-worker-blob-eval.html: Added. 14 * http/tests/security/isolatedWorld/bypass-main-world-csp-worker-blob-xhr-expected.txt: Added. 15 * http/tests/security/isolatedWorld/bypass-main-world-csp-worker-blob-xhr.html: Added. 16 * http/tests/security/isolatedWorld/bypass-main-world-csp-worker-expected.txt: Added. 17 * http/tests/security/isolatedWorld/bypass-main-world-csp-worker.html: Added. 18 1 19 2016-02-07 Carlos Garcia Campos <cgarcia@igalia.com> 2 20 -
trunk/Source/WebCore/ChangeLog
r196239 r196242 1 2016-02-07 Daniel Bates <dabates@apple.com> 2 3 CSP: Allow Web Workers initiated from an isolated world to bypass the main world Content Security Policy 4 https://bugs.webkit.org/show_bug.cgi?id=153622 5 <rdar://problem/24400023> 6 7 Reviewed by Gavin Barraclough. 8 9 Fixes an issue where Web Workers initiated from an isolated world (say, a Safari Content Script Extension) 10 would be subject to the Content Security Policy of the page. 11 12 Currently code in an isolated world that does not execute in a Web Worker is exempt from the CSP of 13 the page. However, code that runs inside a Web Worker that was initiated from an isolated world is 14 subject to the CSP of the page. Instead, such Web Worker code should also be exempt from the CSP of 15 the page. 16 17 Tests: http/tests/security/isolatedWorld/bypass-main-world-csp-worker-blob-eval.html 18 http/tests/security/isolatedWorld/bypass-main-world-csp-worker-blob-xhr.html 19 http/tests/security/isolatedWorld/bypass-main-world-csp-worker.html 20 21 * Modules/websockets/WebSocket.cpp: 22 (WebCore::WebSocket::connect): Modified to ask the script execution context whether to bypass the 23 main world Content Security Policy now that script execution context knows this information. 24 * bindings/js/ScriptController.cpp: 25 (WebCore::ScriptController::shouldBypassMainWorldContentSecurityPolicy): Deleted; moved logic from here... 26 * bindings/js/ScriptController.h: 27 * dom/Document.cpp: 28 (WebCore::Document::shouldBypassMainWorldContentSecurityPolicy): ...to here. 29 * dom/Document.h: 30 * dom/ScriptExecutionContext.h: 31 (WebCore::ScriptExecutionContext::shouldBypassMainWorldContentSecurityPolicy): Added; defaults to false - 32 do not bypass the main world Content Security Policy. 33 * page/EventSource.cpp: 34 (WebCore::EventSource::create): Modified to ask the script execution context whether to bypass the 35 main world Content Security Policy now that script execution context knows this information. 36 * page/csp/ContentSecurityPolicy.cpp: 37 (WebCore::ContentSecurityPolicy::shouldBypassMainWorldContentSecurityPolicy): Deleted. 38 * page/csp/ContentSecurityPolicy.h: 39 * workers/AbstractWorker.cpp: 40 (WebCore::AbstractWorker::resolveURL): Bypass the main world Content Security Policy if applicable. 41 Added FIXME comment to enforce the child-src directive of the document's CSP (as opposed to the script-src 42 directive) on the worker's script URL. Also, scriptExecutionContext()->contentSecurityPolicy() should 43 always be non-null just as we expect scriptExecutionContext()->securityOrigin() to be non-null. Assert 44 this invariant to catch cases where a ScriptExecutionContext is not properly initialized. 45 * workers/DedicatedWorkerGlobalScope.cpp: 46 (WebCore::DedicatedWorkerGlobalScope::create): Modified to take boolean argument shouldBypassMainWorldContentSecurityPolicy 47 as to whether to bypass the main world Content Security Policy and only apply the Content Security 48 Policy headers when shouldBypassMainWorldContentSecurityPolicy is false. 49 (WebCore::DedicatedWorkerGlobalScope::DedicatedWorkerGlobalScope): Pass through a boolean argument shouldBypassMainWorldContentSecurityPolicy 50 as to whether to bypass the main world Content Security Policy. 51 * workers/DedicatedWorkerGlobalScope.h: 52 * workers/DedicatedWorkerThread.cpp: 53 (WebCore::DedicatedWorkerThread::DedicatedWorkerThread): Ditto. 54 (WebCore::DedicatedWorkerThread::createWorkerGlobalScope): Ditto. 55 * workers/DedicatedWorkerThread.h: 56 * workers/Worker.cpp: 57 (WebCore::Worker::create): Store whether we should bypass the main world Content Security Policy so 58 that we can pass it to WorkerMessagingProxy::startWorkerGlobalScope() in Worker::notifyFinished(). 59 We need to store this decision here as opposed to determining it at any later time (say, in Worker::notifyFinished()) 60 because it is dependent on the current JavaScript program stack at the time this function is invoked. 61 (WebCore::Worker::notifyFinished): Pass whether to bypass the main world Content Security Policy. 62 * workers/Worker.h: 63 * workers/WorkerGlobalScope.cpp: 64 (WebCore::WorkerGlobalScope::WorkerGlobalScope): Modified to take a boolean as to whether to bypass the 65 main world Content Security Policy and store it in a member field. Also, always instantiate a Content 66 Security Policy object as our current code assumes that one is always created. 67 * workers/WorkerGlobalScope.h: 68 * workers/WorkerGlobalScopeProxy.h: 69 * workers/WorkerMessagingProxy.cpp: 70 (WebCore::WorkerMessagingProxy::startWorkerGlobalScope): Pass through a boolean argument shouldBypassMainWorldContentSecurityPolicy 71 as to whether to bypass the main world Content Security Policy. 72 * workers/WorkerMessagingProxy.h: 73 * workers/WorkerThread.cpp: 74 (WebCore::WorkerThreadStartupData::WorkerThreadStartupData): Modified to take a boolean argument as to 75 whether to bypass the main world Content Security Policy and store it in a member field. 76 (WebCore::WorkerThread::WorkerThread): Pass through a boolean argument shouldBypassMainWorldContentSecurityPolicy 77 as to whether to bypass the main world Content Security Policy. 78 (WebCore::WorkerThread::workerThread): Ditto. 79 * workers/WorkerThread.h: 80 * xml/XMLHttpRequest.cpp: 81 (WebCore::XMLHttpRequest::open): Modified to ask the script execution context whether to bypass the 82 main world Content Security Policy now that script execution context knows this information. 83 1 84 2016-02-07 Dan Bernstein <mitz@apple.com> 2 85 -
trunk/Source/WebCore/Modules/websockets/WebSocket.cpp
r194496 r196242 239 239 240 240 // FIXME: Convert this to check the isolated world's Content Security Policy once webkit.org/b/104520 is solved. 241 bool shouldBypassMainWorldContentSecurityPolicy = ContentSecurityPolicy::shouldBypassMainWorldContentSecurityPolicy(*scriptExecutionContext()); 242 if (!scriptExecutionContext()->contentSecurityPolicy()->allowConnectToSource(m_url, shouldBypassMainWorldContentSecurityPolicy)) { 241 if (!scriptExecutionContext()->contentSecurityPolicy()->allowConnectToSource(m_url, scriptExecutionContext()->shouldBypassMainWorldContentSecurityPolicy())) { 243 242 m_state = CLOSED; 244 243 -
trunk/Source/WebCore/bindings/js/ScriptController.cpp
r194871 r196242 520 520 } 521 521 522 bool ScriptController::shouldBypassMainWorldContentSecurityPolicy()523 {524 CallFrame* callFrame = JSDOMWindow::commonVM().topCallFrame;525 if (callFrame == CallFrame::noCaller())526 return false;527 DOMWrapperWorld& domWrapperWorld = currentWorld(callFrame);528 if (domWrapperWorld.isNormal())529 return false;530 return true;531 }532 533 522 bool ScriptController::canExecuteScripts(ReasonForCallingCanExecuteScripts reason) 534 523 { -
trunk/Source/WebCore/bindings/js/ScriptController.h
r191543 r196242 167 167 #endif 168 168 169 bool shouldBypassMainWorldContentSecurityPolicy();170 171 169 private: 172 170 WEBCORE_EXPORT JSDOMWindowShell* initScript(DOMWrapperWorld&); -
trunk/Source/WebCore/dom/Document.cpp
r196223 r196242 2432 2432 } 2433 2433 2434 bool Document::shouldBypassMainWorldContentSecurityPolicy() const 2435 { 2436 JSC::CallFrame* callFrame = JSDOMWindow::commonVM().topCallFrame; 2437 if (callFrame == JSC::CallFrame::noCaller()) 2438 return false; 2439 DOMWrapperWorld& domWrapperWorld = currentWorld(callFrame); 2440 if (domWrapperWorld.isNormal()) 2441 return false; 2442 return true; 2443 } 2444 2434 2445 void Document::platformSuspendOrStopActiveDOMObjects() 2435 2446 { -
trunk/Source/WebCore/dom/Document.h
r196223 r196242 604 604 605 605 // Override ScriptExecutionContext methods to do additional work 606 bool shouldBypassMainWorldContentSecurityPolicy() const override final; 606 607 virtual void suspendActiveDOMObjects(ActiveDOMObject::ReasonForSuspension) override final; 607 608 virtual void resumeActiveDOMObjects(ActiveDOMObject::ReasonForSuspension) override final; -
trunk/Source/WebCore/dom/ScriptExecutionContext.h
r194496 r196242 83 83 virtual SecurityOrigin* topOrigin() const = 0; 84 84 85 virtual bool shouldBypassMainWorldContentSecurityPolicy() const { return false; } 86 85 87 PublicURLManager& publicURLManager(); 86 88 -
trunk/Source/WebCore/page/EventSource.cpp
r195452 r196242 86 86 87 87 // FIXME: Convert this to check the isolated world's Content Security Policy once webkit.org/b/104520 is solved. 88 bool shouldBypassMainWorldContentSecurityPolicy = ContentSecurityPolicy::shouldBypassMainWorldContentSecurityPolicy(context); 89 if (!context.contentSecurityPolicy()->allowConnectToSource(fullURL, shouldBypassMainWorldContentSecurityPolicy)) { 88 if (!context.contentSecurityPolicy()->allowConnectToSource(fullURL, context.shouldBypassMainWorldContentSecurityPolicy())) { 90 89 // FIXME: Should this be throwing an exception? 91 90 ec = SECURITY_ERR; -
trunk/Source/WebCore/page/csp/ContentSecurityPolicy.cpp
r196012 r196242 1776 1776 #endif 1777 1777 } 1778 1779 bool ContentSecurityPolicy::shouldBypassMainWorldContentSecurityPolicy(ScriptExecutionContext& context)1780 {1781 if (is<Document>(context)) {1782 auto& document = downcast<Document>(context);1783 return document.frame() && document.frame()->script().shouldBypassMainWorldContentSecurityPolicy();1784 }1785 1778 1786 return false; 1787 } 1788 1789 } 1779 } -
trunk/Source/WebCore/page/csp/ContentSecurityPolicy.h
r196012 r196242 103 103 bool experimentalFeaturesEnabled() const; 104 104 105 static bool shouldBypassMainWorldContentSecurityPolicy(ScriptExecutionContext&);106 107 105 // The following functions are used by internal data structures to call back into this object when parsing, validating, 108 106 // and applying a Content Security Policy. -
trunk/Source/WebCore/workers/AbstractWorker.cpp
r191531 r196242 63 63 } 64 64 65 if (scriptExecutionContext()->contentSecurityPolicy() && !scriptExecutionContext()->contentSecurityPolicy()->allowScriptFromSource(scriptURL)) { 65 // FIXME: Enforce the child-src directive instead of script-src per <https://w3c.github.io/webappsec-csp/2/#directive-child-src-workers> (29 August 2015). 66 // See <https://bugs.webkit.org/show_bug.cgi?id=153562>. 67 ASSERT(scriptExecutionContext()->contentSecurityPolicy()); 68 if (!scriptExecutionContext()->contentSecurityPolicy()->allowScriptFromSource(scriptURL, scriptExecutionContext()->shouldBypassMainWorldContentSecurityPolicy())) { 66 69 ec = SECURITY_ERR; 67 70 return URL(); -
trunk/Source/WebCore/workers/DedicatedWorkerGlobalScope.cpp
r195948 r196242 41 41 namespace WebCore { 42 42 43 Ref<DedicatedWorkerGlobalScope> DedicatedWorkerGlobalScope::create(const URL& url, const String& userAgent, DedicatedWorkerThread& thread, const ContentSecurityPolicyResponseHeaders& contentSecurityPolicyResponseHeaders, PassRefPtr<SecurityOrigin> topOrigin)43 Ref<DedicatedWorkerGlobalScope> DedicatedWorkerGlobalScope::create(const URL& url, const String& userAgent, DedicatedWorkerThread& thread, const ContentSecurityPolicyResponseHeaders& contentSecurityPolicyResponseHeaders, bool shouldBypassMainWorldContentSecurityPolicy, PassRefPtr<SecurityOrigin> topOrigin) 44 44 { 45 Ref<DedicatedWorkerGlobalScope> context = adoptRef(*new DedicatedWorkerGlobalScope(url, userAgent, thread, topOrigin)); 46 context->applyContentSecurityPolicyResponseHeaders(contentSecurityPolicyResponseHeaders); 45 Ref<DedicatedWorkerGlobalScope> context = adoptRef(*new DedicatedWorkerGlobalScope(url, userAgent, thread, shouldBypassMainWorldContentSecurityPolicy, topOrigin)); 46 if (!shouldBypassMainWorldContentSecurityPolicy) 47 context->applyContentSecurityPolicyResponseHeaders(contentSecurityPolicyResponseHeaders); 47 48 return context; 48 49 } 49 50 50 DedicatedWorkerGlobalScope::DedicatedWorkerGlobalScope(const URL& url, const String& userAgent, DedicatedWorkerThread& thread, PassRefPtr<SecurityOrigin> topOrigin)51 : WorkerGlobalScope(url, userAgent, thread, topOrigin)51 DedicatedWorkerGlobalScope::DedicatedWorkerGlobalScope(const URL& url, const String& userAgent, DedicatedWorkerThread& thread, bool shouldBypassMainWorldContentSecurityPolicy, PassRefPtr<SecurityOrigin> topOrigin) 52 : WorkerGlobalScope(url, userAgent, thread, shouldBypassMainWorldContentSecurityPolicy, topOrigin) 52 53 { 53 54 } -
trunk/Source/WebCore/workers/DedicatedWorkerGlobalScope.h
r195948 r196242 43 43 public: 44 44 typedef WorkerGlobalScope Base; 45 static Ref<DedicatedWorkerGlobalScope> create(const URL&, const String& userAgent, DedicatedWorkerThread&, const ContentSecurityPolicyResponseHeaders&, PassRefPtr<SecurityOrigin> topOrigin);45 static Ref<DedicatedWorkerGlobalScope> create(const URL&, const String& userAgent, DedicatedWorkerThread&, const ContentSecurityPolicyResponseHeaders&, bool shouldBypassMainWorldContentSecurityPolicy, PassRefPtr<SecurityOrigin> topOrigin); 46 46 virtual ~DedicatedWorkerGlobalScope(); 47 47 … … 61 61 62 62 private: 63 DedicatedWorkerGlobalScope(const URL&, const String& userAgent, DedicatedWorkerThread&, PassRefPtr<SecurityOrigin> topOrigin);63 DedicatedWorkerGlobalScope(const URL&, const String& userAgent, DedicatedWorkerThread&, bool shouldBypassMainWorldContentSecurityPolicy, PassRefPtr<SecurityOrigin> topOrigin); 64 64 }; 65 65 -
trunk/Source/WebCore/workers/DedicatedWorkerThread.cpp
r195948 r196242 39 39 namespace WebCore { 40 40 41 DedicatedWorkerThread::DedicatedWorkerThread(const URL& url, const String& userAgent, const String& sourceCode, WorkerLoaderProxy& workerLoaderProxy, WorkerObjectProxy& workerObjectProxy, WorkerThreadStartMode startMode, const ContentSecurityPolicyResponseHeaders& contentSecurityPolicyResponseHeaders, const SecurityOrigin* topOrigin)42 : WorkerThread(url, userAgent, sourceCode, workerLoaderProxy, workerObjectProxy, startMode, contentSecurityPolicyResponseHeaders, topOrigin)41 DedicatedWorkerThread::DedicatedWorkerThread(const URL& url, const String& userAgent, const String& sourceCode, WorkerLoaderProxy& workerLoaderProxy, WorkerObjectProxy& workerObjectProxy, WorkerThreadStartMode startMode, const ContentSecurityPolicyResponseHeaders& contentSecurityPolicyResponseHeaders, bool shouldBypassMainWorldContentSecurityPolicy, const SecurityOrigin* topOrigin) 42 : WorkerThread(url, userAgent, sourceCode, workerLoaderProxy, workerObjectProxy, startMode, contentSecurityPolicyResponseHeaders, shouldBypassMainWorldContentSecurityPolicy, topOrigin) 43 43 , m_workerObjectProxy(workerObjectProxy) 44 44 { … … 49 49 } 50 50 51 Ref<WorkerGlobalScope> DedicatedWorkerThread::createWorkerGlobalScope(const URL& url, const String& userAgent, const ContentSecurityPolicyResponseHeaders& contentSecurityPolicyResponseHeaders, PassRefPtr<SecurityOrigin> topOrigin)51 Ref<WorkerGlobalScope> DedicatedWorkerThread::createWorkerGlobalScope(const URL& url, const String& userAgent, const ContentSecurityPolicyResponseHeaders& contentSecurityPolicyResponseHeaders, bool shouldBypassMainWorldContentSecurityPolicy, PassRefPtr<SecurityOrigin> topOrigin) 52 52 { 53 return DedicatedWorkerGlobalScope::create(url, userAgent, *this, contentSecurityPolicyResponseHeaders, topOrigin);53 return DedicatedWorkerGlobalScope::create(url, userAgent, *this, contentSecurityPolicyResponseHeaders, shouldBypassMainWorldContentSecurityPolicy, topOrigin); 54 54 } 55 55 -
trunk/Source/WebCore/workers/DedicatedWorkerThread.h
r195948 r196242 49 49 50 50 protected: 51 virtual Ref<WorkerGlobalScope> createWorkerGlobalScope(const URL&, const String& userAgent, const ContentSecurityPolicyResponseHeaders&, PassRefPtr<SecurityOrigin> topOrigin) override;51 virtual Ref<WorkerGlobalScope> createWorkerGlobalScope(const URL&, const String& userAgent, const ContentSecurityPolicyResponseHeaders&, bool shouldBypassMainWorldContentSecurityPolicy, PassRefPtr<SecurityOrigin> topOrigin) override; 52 52 virtual void runEventLoop() override; 53 53 54 54 private: 55 DedicatedWorkerThread(const URL&, const String& userAgent, const String& sourceCode, WorkerLoaderProxy&, WorkerObjectProxy&, WorkerThreadStartMode, const ContentSecurityPolicyResponseHeaders&, const SecurityOrigin* topOrigin);55 DedicatedWorkerThread(const URL&, const String& userAgent, const String& sourceCode, WorkerLoaderProxy&, WorkerObjectProxy&, WorkerThreadStartMode, const ContentSecurityPolicyResponseHeaders&, bool shouldBypassMainWorldContentSecurityPolicy, const SecurityOrigin* topOrigin); 56 56 57 57 WorkerObjectProxy& m_workerObjectProxy; -
trunk/Source/WebCore/workers/Worker.cpp
r195948 r196242 88 88 return nullptr; 89 89 90 worker->m_shouldBypassMainWorldContentSecurityPolicy = context.shouldBypassMainWorldContentSecurityPolicy(); 91 90 92 // The worker context does not exist while loading, so we must ensure that the worker object is not collected, nor are its event listeners. 91 93 worker->setPendingActivity(worker.ptr()); … … 167 169 else { 168 170 const ContentSecurityPolicyResponseHeaders& contentSecurityPolicyResponseHeaders = m_contentSecurityPolicyResponseHeaders ? m_contentSecurityPolicyResponseHeaders.value() : scriptExecutionContext()->contentSecurityPolicy()->responseHeaders(); 169 m_contextProxy->startWorkerGlobalScope(m_scriptLoader->url(), scriptExecutionContext()->userAgent(m_scriptLoader->url()), m_scriptLoader->script(), contentSecurityPolicyResponseHeaders, DontPauseWorkerGlobalScopeOnStart);171 m_contextProxy->startWorkerGlobalScope(m_scriptLoader->url(), scriptExecutionContext()->userAgent(m_scriptLoader->url()), m_scriptLoader->script(), contentSecurityPolicyResponseHeaders, m_shouldBypassMainWorldContentSecurityPolicy, DontPauseWorkerGlobalScopeOnStart); 170 172 InspectorInstrumentation::scriptImported(scriptExecutionContext(), m_scriptLoader->identifier(), m_scriptLoader->script()); 171 173 } -
trunk/Source/WebCore/workers/Worker.h
r195948 r196242 87 87 WorkerGlobalScopeProxy* m_contextProxy; // The proxy outlives the worker to perform thread shutdown. 88 88 Optional<ContentSecurityPolicyResponseHeaders> m_contentSecurityPolicyResponseHeaders; 89 bool m_shouldBypassMainWorldContentSecurityPolicy { false }; 89 90 }; 90 91 -
trunk/Source/WebCore/workers/WorkerGlobalScope.cpp
r196012 r196242 63 63 namespace WebCore { 64 64 65 WorkerGlobalScope::WorkerGlobalScope(const URL& url, const String& userAgent, WorkerThread& thread, PassRefPtr<SecurityOrigin> topOrigin)65 WorkerGlobalScope::WorkerGlobalScope(const URL& url, const String& userAgent, WorkerThread& thread, bool shouldBypassMainWorldContentSecurityPolicy, PassRefPtr<SecurityOrigin> topOrigin) 66 66 : m_url(url) 67 67 , m_userAgent(userAgent) … … 69 69 , m_thread(thread) 70 70 , m_closing(false) 71 , m_shouldBypassMainWorldContentSecurityPolicy(shouldBypassMainWorldContentSecurityPolicy) 71 72 , m_eventQueue(*this) 72 73 , m_topOrigin(topOrigin) -
trunk/Source/WebCore/workers/WorkerGlobalScope.h
r195948 r196242 68 68 virtual void disableEval(const String& errorMessage) override; 69 69 70 bool shouldBypassMainWorldContentSecurityPolicy() const override final { return m_shouldBypassMainWorldContentSecurityPolicy; } 71 70 72 WorkerScriptController* script() { return m_script.get(); } 71 73 void clearScript() { m_script = nullptr; } … … 131 133 132 134 protected: 133 WorkerGlobalScope(const URL&, const String& userAgent, WorkerThread&, PassRefPtr<SecurityOrigin> topOrigin);135 WorkerGlobalScope(const URL&, const String& userAgent, WorkerThread&, bool shouldBypassMainWorldContentSecurityPolicy, PassRefPtr<SecurityOrigin> topOrigin); 134 136 void applyContentSecurityPolicyResponseHeaders(const ContentSecurityPolicyResponseHeaders&); 135 137 … … 160 162 161 163 bool m_closing; 164 bool m_shouldBypassMainWorldContentSecurityPolicy; 162 165 163 166 HashSet<Observer*> m_workerObservers; -
trunk/Source/WebCore/workers/WorkerGlobalScopeProxy.h
r195948 r196242 50 50 virtual ~WorkerGlobalScopeProxy() { } 51 51 52 virtual void startWorkerGlobalScope(const URL& scriptURL, const String& userAgent, const String& sourceCode, const ContentSecurityPolicyResponseHeaders&, WorkerThreadStartMode) = 0;52 virtual void startWorkerGlobalScope(const URL& scriptURL, const String& userAgent, const String& sourceCode, const ContentSecurityPolicyResponseHeaders&, bool shouldBypassMainWorldContentSecurityPolicy, WorkerThreadStartMode) = 0; 53 53 54 54 virtual void terminateWorkerGlobalScope() = 0; -
trunk/Source/WebCore/workers/WorkerMessagingProxy.cpp
r195948 r196242 73 73 } 74 74 75 void WorkerMessagingProxy::startWorkerGlobalScope(const URL& scriptURL, const String& userAgent, const String& sourceCode, const ContentSecurityPolicyResponseHeaders& contentSecurityPolicyResponseHeaders, WorkerThreadStartMode startMode)75 void WorkerMessagingProxy::startWorkerGlobalScope(const URL& scriptURL, const String& userAgent, const String& sourceCode, const ContentSecurityPolicyResponseHeaders& contentSecurityPolicyResponseHeaders, bool shouldBypassMainWorldContentSecurityPolicy, WorkerThreadStartMode startMode) 76 76 { 77 77 // FIXME: This need to be revisited when we support nested worker one day 78 78 ASSERT(m_scriptExecutionContext); 79 79 Document& document = downcast<Document>(*m_scriptExecutionContext); 80 RefPtr<DedicatedWorkerThread> thread = DedicatedWorkerThread::create(scriptURL, userAgent, sourceCode, *this, *this, startMode, contentSecurityPolicyResponseHeaders, document.topOrigin());80 RefPtr<DedicatedWorkerThread> thread = DedicatedWorkerThread::create(scriptURL, userAgent, sourceCode, *this, *this, startMode, contentSecurityPolicyResponseHeaders, shouldBypassMainWorldContentSecurityPolicy, document.topOrigin()); 81 81 workerThreadCreated(thread); 82 82 thread->start(); -
trunk/Source/WebCore/workers/WorkerMessagingProxy.h
r195948 r196242 53 53 // Implementations of WorkerGlobalScopeProxy. 54 54 // (Only use these methods in the worker object thread.) 55 virtual void startWorkerGlobalScope(const URL& scriptURL, const String& userAgent, const String& sourceCode, const ContentSecurityPolicyResponseHeaders&, WorkerThreadStartMode) override;55 virtual void startWorkerGlobalScope(const URL& scriptURL, const String& userAgent, const String& sourceCode, const ContentSecurityPolicyResponseHeaders&, bool shouldBypassMainWorldContentSecurityPolicy, WorkerThreadStartMode) override; 56 56 virtual void terminateWorkerGlobalScope() override; 57 57 virtual void postMessageToWorkerGlobalScope(PassRefPtr<SerializedScriptValue>, std::unique_ptr<MessagePortChannelArray>) override; -
trunk/Source/WebCore/workers/WorkerThread.cpp
r195948 r196242 71 71 WTF_MAKE_NONCOPYABLE(WorkerThreadStartupData); WTF_MAKE_FAST_ALLOCATED; 72 72 public: 73 WorkerThreadStartupData(const URL& scriptURL, const String& userAgent, const String& sourceCode, WorkerThreadStartMode, const ContentSecurityPolicyResponseHeaders&, const SecurityOrigin* topOrigin);73 WorkerThreadStartupData(const URL& scriptURL, const String& userAgent, const String& sourceCode, WorkerThreadStartMode, const ContentSecurityPolicyResponseHeaders&, bool shouldBypassMainWorldContentSecurityPolicy, const SecurityOrigin* topOrigin); 74 74 75 75 URL m_scriptURL; … … 78 78 WorkerThreadStartMode m_startMode; 79 79 ContentSecurityPolicyResponseHeaders m_contentSecurityPolicyResponseHeaders; 80 bool m_shouldBypassMainWorldContentSecurityPolicy; 80 81 RefPtr<SecurityOrigin> m_topOrigin; 81 82 }; 82 83 83 WorkerThreadStartupData::WorkerThreadStartupData(const URL& scriptURL, const String& userAgent, const String& sourceCode, WorkerThreadStartMode startMode, const ContentSecurityPolicyResponseHeaders& contentSecurityPolicyResponseHeaders, const SecurityOrigin* topOrigin)84 WorkerThreadStartupData::WorkerThreadStartupData(const URL& scriptURL, const String& userAgent, const String& sourceCode, WorkerThreadStartMode startMode, const ContentSecurityPolicyResponseHeaders& contentSecurityPolicyResponseHeaders, bool shouldBypassMainWorldContentSecurityPolicy, const SecurityOrigin* topOrigin) 84 85 : m_scriptURL(scriptURL.isolatedCopy()) 85 86 , m_userAgent(userAgent.isolatedCopy()) … … 87 88 , m_startMode(startMode) 88 89 , m_contentSecurityPolicyResponseHeaders(contentSecurityPolicyResponseHeaders.isolatedCopy()) 90 , m_shouldBypassMainWorldContentSecurityPolicy(shouldBypassMainWorldContentSecurityPolicy) 89 91 , m_topOrigin(topOrigin ? &topOrigin->isolatedCopy().get() : nullptr) 90 92 { 91 93 } 92 94 93 WorkerThread::WorkerThread(const URL& scriptURL, const String& userAgent, const String& sourceCode, WorkerLoaderProxy& workerLoaderProxy, WorkerReportingProxy& workerReportingProxy, WorkerThreadStartMode startMode, const ContentSecurityPolicyResponseHeaders& contentSecurityPolicyResponseHeaders, const SecurityOrigin* topOrigin)95 WorkerThread::WorkerThread(const URL& scriptURL, const String& userAgent, const String& sourceCode, WorkerLoaderProxy& workerLoaderProxy, WorkerReportingProxy& workerReportingProxy, WorkerThreadStartMode startMode, const ContentSecurityPolicyResponseHeaders& contentSecurityPolicyResponseHeaders, bool shouldBypassMainWorldContentSecurityPolicy, const SecurityOrigin* topOrigin) 94 96 : m_threadID(0) 95 97 , m_workerLoaderProxy(workerLoaderProxy) 96 98 , m_workerReportingProxy(workerReportingProxy) 97 , m_startupData(std::make_unique<WorkerThreadStartupData>(scriptURL, userAgent, sourceCode, startMode, contentSecurityPolicyResponseHeaders, topOrigin))99 , m_startupData(std::make_unique<WorkerThreadStartupData>(scriptURL, userAgent, sourceCode, startMode, contentSecurityPolicyResponseHeaders, shouldBypassMainWorldContentSecurityPolicy, topOrigin)) 98 100 #if ENABLE(NOTIFICATIONS) || ENABLE(LEGACY_NOTIFICATIONS) 99 101 , m_notificationClient(0) … … 145 147 { 146 148 LockHolder lock(m_threadCreationMutex); 147 m_workerGlobalScope = createWorkerGlobalScope(m_startupData->m_scriptURL, m_startupData->m_userAgent, m_startupData->m_contentSecurityPolicyResponseHeaders, m_startupData->m_ topOrigin.release());149 m_workerGlobalScope = createWorkerGlobalScope(m_startupData->m_scriptURL, m_startupData->m_userAgent, m_startupData->m_contentSecurityPolicyResponseHeaders, m_startupData->m_shouldBypassMainWorldContentSecurityPolicy, m_startupData->m_topOrigin.release()); 148 150 149 151 if (m_runLoop.terminated()) { -
trunk/Source/WebCore/workers/WorkerThread.h
r195948 r196242 69 69 70 70 protected: 71 WorkerThread(const URL&, const String& userAgent, const String& sourceCode, WorkerLoaderProxy&, WorkerReportingProxy&, WorkerThreadStartMode, const ContentSecurityPolicyResponseHeaders&, const SecurityOrigin* topOrigin);71 WorkerThread(const URL&, const String& userAgent, const String& sourceCode, WorkerLoaderProxy&, WorkerReportingProxy&, WorkerThreadStartMode, const ContentSecurityPolicyResponseHeaders&, bool shouldBypassMainWorldContentSecurityPolicy, const SecurityOrigin* topOrigin); 72 72 73 73 // Factory method for creating a new worker context for the thread. 74 virtual Ref<WorkerGlobalScope> createWorkerGlobalScope(const URL&, const String& userAgent, const ContentSecurityPolicyResponseHeaders&, PassRefPtr<SecurityOrigin> topOrigin) = 0;74 virtual Ref<WorkerGlobalScope> createWorkerGlobalScope(const URL&, const String& userAgent, const ContentSecurityPolicyResponseHeaders&, bool shouldBypassMainWorldContentSecurityPolicy, PassRefPtr<SecurityOrigin> topOrigin) = 0; 75 75 76 76 // Executes the event loop for the worker thread. Derived classes can override to perform actions before/after entering the event loop. -
trunk/Source/WebCore/xml/XMLHttpRequest.cpp
r196223 r196242 499 499 500 500 // FIXME: Convert this to check the isolated world's Content Security Policy once webkit.org/b/104520 is solved. 501 bool shouldBypassMainWorldContentSecurityPolicy = ContentSecurityPolicy::shouldBypassMainWorldContentSecurityPolicy(*scriptExecutionContext()); 502 if (!scriptExecutionContext()->contentSecurityPolicy()->allowConnectToSource(url, shouldBypassMainWorldContentSecurityPolicy)) { 501 if (!scriptExecutionContext()->contentSecurityPolicy()->allowConnectToSource(url, scriptExecutionContext()->shouldBypassMainWorldContentSecurityPolicy())) { 503 502 // FIXME: Should this be throwing an exception? 504 503 ec = SECURITY_ERR;
Note: See TracChangeset
for help on using the changeset viewer.