Changeset 216553 in webkit
- Timestamp:
- May 9, 2017 3:53:13 PM (7 years ago)
- Location:
- trunk
- Files:
-
- 9 added
- 14 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/LayoutTests/ChangeLog
r216552 r216553 1 2017-05-09 Sam Weinig <sam@webkit.org> 2 3 Implement Subresource Integrity (SRI) 4 https://bugs.webkit.org/show_bug.cgi?id=148363 5 <rdar://problem/18945879> 6 7 Reviewed by Youenn Fablet. 8 9 Add tests for Subresource Integrity for Fetch based off the ones from Web 10 Platform Tests. Additional tests for more CORS combinations have been added. 11 12 * http/tests/subresource-integrity/resources/crossorigin-anon-resource.txt: Added. 13 * http/tests/subresource-integrity/resources/crossorigin-creds-resource.txt: Added. 14 * http/tests/subresource-integrity/resources/crossorigin-ineligible-resource.txt: Added. 15 * http/tests/subresource-integrity/resources/resource.txt: Added. 16 * http/tests/subresource-integrity/sri-fetch-expected.txt: Added. 17 * http/tests/subresource-integrity/sri-fetch-worker-expected.txt: Added. 18 * http/tests/subresource-integrity/sri-fetch-worker.html: Added. 19 * http/tests/subresource-integrity/sri-fetch.html: Added. 20 * http/tests/subresource-integrity/sri-fetch.js: Added. 21 1 22 2017-05-09 Matt Lewis <jlewis3@apple.com> 2 23 -
trunk/LayoutTests/http/tests/subresource-integrity/sri-script.html
r216347 r216553 163 163 164 164 // WebKit additions to the web-platform-tests test cases. 165 // FIXME: Upstream these additional tests to the official web-platform-tests repository. 165 166 166 167 new SRIScriptTest( -
trunk/LayoutTests/imported/w3c/ChangeLog
r216537 r216553 1 2017-05-09 Sam Weinig <sam@webkit.org> 2 3 Implement Subresource Integrity (SRI) 4 https://bugs.webkit.org/show_bug.cgi?id=148363 5 <rdar://problem/18945879> 6 7 Reviewed by Youenn Fablet. 8 9 * web-platform-tests/fetch/api/basic/integrity-expected.txt: 10 * web-platform-tests/fetch/api/basic/integrity-worker-expected.txt: 11 Update results now that integrity is implemented. 12 1 13 2017-05-09 Youenn Fablet <youenn@apple.com> 2 14 -
trunk/LayoutTests/imported/w3c/web-platform-tests/fetch/api/basic/integrity-expected.txt
r211930 r216553 1 CONSOLE MESSAGE: Fetch API cannot load http://localhost:8800/fetch/api/resources/top.txt. Failed integrity metadata check. 2 CONSOLE MESSAGE: Fetch API cannot load http://localhost:8800/fetch/api/resources/top.txt. Failed integrity metadata check. 3 CONSOLE MESSAGE: Fetch API cannot load http://localhost:8800/fetch/api/resources/top.txt. Failed integrity metadata check. 4 CONSOLE MESSAGE: Fetch API cannot load http://localhost:8801/fetch/api/resources/top.txt?pipe=header(Access-Control-Allow-Origin,*). Failed integrity metadata check. 1 5 2 6 PASS Empty string integrity … … 4 8 PASS SHA-384 integrity 5 9 PASS SHA-512 integrity 6 FAIL Invalid integrity assert_unreached: Should have rejected: undefined Reached unreachable code 10 PASS Invalid integrity 7 11 PASS Multiple integrities: valid stronger than invalid 8 FAIL Multiple integrities: invalid stronger than valid assert_unreached: Should have rejected: undefined Reached unreachable code 12 PASS Multiple integrities: invalid stronger than valid 9 13 PASS Multiple integrities: invalid as strong as valid 10 14 PASS Multiple integrities: both are valid 11 FAIL Multiple integrities: both are invalid assert_unreached: Should have rejected: undefined Reached unreachable code 15 PASS Multiple integrities: both are invalid 12 16 PASS CORS empty integrity 13 17 PASS CORS SHA-512 integrity 14 FAIL CORS invalid integrity assert_unreached: Should have rejected: undefined Reached unreachable code 18 PASS CORS invalid integrity 15 19 -
trunk/LayoutTests/imported/w3c/web-platform-tests/fetch/api/basic/integrity-worker-expected.txt
r211930 r216553 4 4 PASS SHA-384 integrity 5 5 PASS SHA-512 integrity 6 FAIL Invalid integrity assert_unreached: Should have rejected: undefined Reached unreachable code 6 PASS Invalid integrity 7 7 PASS Multiple integrities: valid stronger than invalid 8 FAIL Multiple integrities: invalid stronger than valid assert_unreached: Should have rejected: undefined Reached unreachable code 8 PASS Multiple integrities: invalid stronger than valid 9 9 PASS Multiple integrities: invalid as strong as valid 10 10 PASS Multiple integrities: both are valid 11 FAIL Multiple integrities: both are invalid assert_unreached: Should have rejected: undefined Reached unreachable code 11 PASS Multiple integrities: both are invalid 12 12 PASS CORS empty integrity 13 13 PASS CORS SHA-512 integrity 14 FAIL CORS invalid integrity assert_unreached: Should have rejected: undefined Reached unreachable code 14 PASS CORS invalid integrity 15 15 -
trunk/Source/WebCore/ChangeLog
r216550 r216553 1 2017-05-09 Sam Weinig <sam@webkit.org> 2 3 Implement Subresource Integrity (SRI) [Part 2 - Fetch] 4 https://bugs.webkit.org/show_bug.cgi?id=148363 5 <rdar://problem/18945879> 6 7 Reviewed by Youenn Fablet. 8 9 Tests: http/tests/subresource-integrity/sri-fetch-worker.html 10 http/tests/subresource-integrity/sri-fetch.html 11 12 * loader/FetchOptions.h: 13 * loader/ThreadableLoader.cpp: 14 (WebCore::ThreadableLoaderOptions::isolatedCopy): 15 * loader/ThreadableLoader.h: 16 * loader/WorkerThreadableLoader.cpp: 17 (WebCore::LoaderTaskOptions::LoaderTaskOptions): 18 Add integrity metadata to the fetch options, and fix the implementation of 19 ThreadableLoaderOptions::isolatedCopy to work correctly (it was missing isolated 20 copy derivedCachedDataTypesToRetrieve). 21 22 * Modules/fetch/FetchRequest.cpp: 23 (WebCore::buildOptions): 24 (WebCore::FetchRequest::initializeOptions): 25 * Modules/fetch/FetchRequest.h: 26 Switch to using the integrity metadata on the fetchOptions, removing the need to 27 store them directly on the internal request. 28 29 * loader/DocumentThreadableLoader.cpp: 30 (WebCore::DocumentThreadableLoader::DocumentThreadableLoader): 31 (WebCore::DocumentThreadableLoader::didReceiveResponse): 32 (WebCore::DocumentThreadableLoader::didReceiveData): 33 (WebCore::DocumentThreadableLoader::didFinishLoading): 34 (WebCore::DocumentThreadableLoader::loadRequest): 35 (WebCore::DocumentThreadableLoader::reportIntegrityMetadataError): 36 * loader/DocumentThreadableLoader.h: 37 Add a new flag, m_delayCallbacksForIntegrityCheck, which is used when integrity metadata 38 is present, so we can implement the 'wait' concept from the fetch spec, and delay informing 39 the clients until we have validated the integrity metadata. 40 1 41 2017-05-09 Commit Queue <commit-queue@webkit.org> 2 42 -
trunk/Source/WebCore/Modules/fetch/FetchRequest.cpp
r209629 r216553 106 106 107 107 if (!init.integrity.isNull()) 108 request. integrity = init.integrity;108 request.options.integrity = init.integrity; 109 109 110 110 if (!init.method.isNull()) { … … 133 133 if (method != "GET" && method != "POST" && method != "HEAD") 134 134 return Exception { TypeError, ASCIILiteral("Method must be GET, POST or HEAD in no-cors mode.") }; 135 if (!m_internalRequest. integrity.isEmpty())135 if (!m_internalRequest.options.integrity.isEmpty()) 136 136 return Exception { TypeError, ASCIILiteral("There cannot be an integrity in no-cors mode.") }; 137 137 m_headers->setGuard(FetchHeaders::Guard::RequestNoCors); -
trunk/Source/WebCore/Modules/fetch/FetchRequest.h
r210860 r216553 84 84 Redirect redirect() const; 85 85 86 const String& integrity() const { return m_internalRequest. integrity; }86 const String& integrity() const { return m_internalRequest.options.integrity; } 87 87 88 88 ExceptionOr<Ref<FetchRequest>> clone(ScriptExecutionContext&); … … 92 92 FetchOptions options; 93 93 String referrer; 94 String integrity;95 94 }; 96 95 -
trunk/Source/WebCore/loader/DocumentThreadableLoader.cpp
r216051 r216553 53 53 #include "SchemeRegistry.h" 54 54 #include "SecurityOrigin.h" 55 #include "SubresourceIntegrity.h" 55 56 #include "SubresourceLoader.h" 56 57 #include "ThreadableLoaderClient.h" … … 96 97 , m_simpleRequest(true) 97 98 , m_async(blockingBehavior == LoadAsynchronously) 99 , m_delayCallbacksForIntegrityCheck(!m_options.integrity.isEmpty()) 98 100 , m_contentSecurityPolicy(WTFMove(contentSecurityPolicy)) 99 101 , m_shouldLogError(shouldLogError) … … 297 299 InspectorInstrumentation::didReceiveThreadableLoaderResponse(*this, identifier); 298 300 301 if (m_delayCallbacksForIntegrityCheck) 302 return; 303 299 304 if (options().filteringPolicy == ResponseFilteringPolicy::Disable) { 300 305 m_client->didReceiveResponse(identifier, response); … … 325 330 ASSERT(m_client); 326 331 332 if (m_delayCallbacksForIntegrityCheck) 333 return; 334 327 335 m_client->didReceiveData(data, dataLength); 328 336 } … … 362 370 { 363 371 ASSERT(m_client); 372 373 if (m_delayCallbacksForIntegrityCheck) { 374 if (!matchIntegrityMetadata(*m_resource, m_options.integrity)) { 375 reportIntegrityMetadataError(m_resource->url()); 376 return; 377 } 378 379 auto response = m_resource->response(); 380 381 if (options().filteringPolicy == ResponseFilteringPolicy::Disable) { 382 m_client->didReceiveResponse(identifier, response); 383 m_client->didReceiveData(m_resource->resourceBuffer()->data(), m_resource->resourceBuffer()->size()); 384 } else { 385 ASSERT(response.type() == ResourceResponse::Type::Default); 386 387 auto tainting = m_resource->responseTainting(); 388 m_client->didReceiveResponse(identifier, ResourceResponse::filterResponse(response, tainting)); 389 m_client->didReceiveData(m_resource->resourceBuffer()->data(), m_resource->resourceBuffer()->size()); 390 } 391 } 392 364 393 m_client->didFinishLoading(identifier); 365 394 } … … 408 437 options.clientCredentialPolicy = m_sameOriginRequest ? ClientCredentialPolicy::MayAskClientForCredentials : ClientCredentialPolicy::CannotAskClientForCredentials; 409 438 options.contentSecurityPolicyImposition = ContentSecurityPolicyImposition::SkipPolicyCheck; 439 440 // If there is integrity metadata to validate, we must buffer. 441 if (!m_options.integrity.isEmpty()) 442 options.dataBufferingPolicy = BufferData; 410 443 411 444 request.setAllowCookies(m_options.allowCredentials == AllowStoredCredentials); … … 575 608 } 576 609 610 void DocumentThreadableLoader::reportIntegrityMetadataError(const URL& url) 611 { 612 logErrorAndFail(ResourceError(errorDomainWebKitInternal, 0, url, "Failed integrity metadata check.", ResourceError::Type::General)); 613 } 614 577 615 void DocumentThreadableLoader::logErrorAndFail(const ResourceError& error) 578 616 { -
trunk/Source/WebCore/loader/DocumentThreadableLoader.h
r212993 r216553 119 119 void reportContentSecurityPolicyError(const URL&); 120 120 void reportCrossOriginResourceSharingError(const URL&); 121 void reportIntegrityMetadataError(const URL&); 121 122 void logErrorAndFail(const ResourceError&); 122 123 … … 130 131 bool m_simpleRequest; 131 132 bool m_async; 133 bool m_delayCallbacksForIntegrityCheck; 132 134 std::unique_ptr<ContentSecurityPolicy> m_contentSecurityPolicy; 133 135 std::optional<CrossOriginPreflightChecker> m_preflightChecker; -
trunk/Source/WebCore/loader/FetchOptions.h
r207086 r216553 29 29 #pragma once 30 30 31 #include <wtf/text/WTFString.h> 32 31 33 namespace WebCore { 32 34 … … 52 54 enum class ReferrerPolicy { EmptyString, NoReferrer, NoReferrerWhenDowngrade, Origin, OriginWhenCrossOrigin, UnsafeUrl }; 53 55 ReferrerPolicy referrerPolicy { ReferrerPolicy::EmptyString }; 56 57 String integrity; 54 58 }; 55 59 -
trunk/Source/WebCore/loader/ThreadableLoader.cpp
r210828 r216553 61 61 } 62 62 63 ThreadableLoaderOptions ThreadableLoaderOptions::isolatedCopy() const 64 { 65 ThreadableLoaderOptions copy; 66 67 // FetchOptions 68 copy.type = this->type; 69 copy.destination = this->destination; 70 copy.mode = this->mode; 71 copy.credentials = this->credentials; 72 copy.cache = this->cache; 73 copy.redirect = this->redirect; 74 copy.referrerPolicy = this->referrerPolicy; 75 copy.integrity = this->integrity.isolatedCopy(); 76 77 // ResourceLoaderOptions 78 copy.sendLoadCallbacks = this->sendLoadCallbacks; 79 copy.sniffContent = this->sniffContent; 80 copy.dataBufferingPolicy = this->dataBufferingPolicy; 81 copy.allowCredentials = this->allowCredentials; 82 copy.securityCheck = this->securityCheck; 83 copy.certificateInfoPolicy = this->certificateInfoPolicy; 84 copy.contentSecurityPolicyImposition = this->contentSecurityPolicyImposition; 85 copy.defersLoadingPolicy = this->defersLoadingPolicy; 86 copy.cachingPolicy = this->cachingPolicy; 87 copy.sameOriginDataURLFlag = this->sameOriginDataURLFlag; 88 copy.initiatorContext = this->initiatorContext; 89 copy.clientCredentialPolicy = this->clientCredentialPolicy; 90 copy.maxRedirectCount = this->maxRedirectCount; 91 copy.derivedCachedDataTypesToRetrieve.reserveInitialCapacity(this->derivedCachedDataTypesToRetrieve.size()); 92 for (auto& derivedCachedDataType : this->derivedCachedDataTypesToRetrieve) 93 copy.derivedCachedDataTypesToRetrieve.uncheckedAppend(derivedCachedDataType.isolatedCopy()); 94 95 // ThreadableLoaderOptions 96 copy.preflightPolicy = this->preflightPolicy; 97 copy.contentSecurityPolicyEnforcement = this->contentSecurityPolicyEnforcement; 98 copy.initiator = this->initiator.isolatedCopy(); 99 copy.filteringPolicy = this->filteringPolicy; 100 101 return copy; 102 } 103 104 63 105 RefPtr<ThreadableLoader> ThreadableLoader::create(ScriptExecutionContext& context, ThreadableLoaderClient& client, ResourceRequest&& request, const ThreadableLoaderOptions& options, String&& referrer) 64 106 { -
trunk/Source/WebCore/loader/ThreadableLoader.h
r210828 r216553 67 67 ~ThreadableLoaderOptions(); 68 68 69 ThreadableLoaderOptions isolatedCopy() const; 70 69 71 PreflightPolicy preflightPolicy { ConsiderPreflight }; 70 72 ContentSecurityPolicyEnforcement contentSecurityPolicyEnforcement { ContentSecurityPolicyEnforcement::EnforceConnectSrcDirective }; -
trunk/Source/WebCore/loader/WorkerThreadableLoader.cpp
r212993 r216553 95 95 96 96 LoaderTaskOptions::LoaderTaskOptions(const ThreadableLoaderOptions& options, const String& referrer, Ref<SecurityOrigin>&& origin) 97 : options(options , options.preflightPolicy, options.contentSecurityPolicyEnforcement, options.initiator.isolatedCopy(), options.filteringPolicy)97 : options(options.isolatedCopy()) 98 98 , referrer(referrer.isolatedCopy()) 99 99 , origin(WTFMove(origin))
Note: See TracChangeset
for help on using the changeset viewer.