Changeset 220996 in webkit

Timestamp:

Aug 21, 2017 6:32:24 PM (7 years ago)

Author:

Chris Dumez

Message:

[Beacon] Content extensions should be able to intercept Beacon / Ping redirects
​https://bugs.webkit.org/show_bug.cgi?id=175746
<rdar://problem/33946050>

Reviewed by Alex Christensen.

Source/WebCore:

Update PingLoad to process content extension rules upon redirect. This allows content
extensions to block and upgrade to HTTPS beacon / ping loads.

Because ping loads can outlive the WebProcess, the content extensions rules are passed
to the NetworkProcess when starting the Ping load. The PingLoad can then consult those
rules upon redirect, on the NetworkProcess side.

Tests: http/wpt/beacon/contentextensions/beacon-blocked.html

http/wpt/beacon/contentextensions/beacon-redirect-blocked.html

• contentextensions/ContentExtensionActions.h:
• contentextensions/ContentExtensionsBackend.cpp:

(WebCore::ContentExtensions::ContentExtensionsBackend::forEach):
(WebCore::ContentExtensions::ContentExtensionsBackend::processContentExtensionRulesForPingLoad):

• contentextensions/ContentExtensionsBackend.h:
• page/Page.h:
• page/UserContentProvider.cpp:

(WebCore::UserContentProvider::forEachContentExtension):

• page/UserContentProvider.h:

Source/WebKit:

Update PingLoad to process content extension rules upon redirect. This allows content
extensions to block and upgrade to HTTPS beacon / ping loads.

Because ping loads can outlive the WebProcess, the content extensions rules are passed
to the NetworkProcess when starting the Ping load. The PingLoad can then consult those
rules upon redirect, on the NetworkProcess side.

• NetworkProcess/NetworkResourceLoadParameters.cpp:

(WebKit::NetworkResourceLoadParameters::encode const):
(WebKit::NetworkResourceLoadParameters::decode):

• NetworkProcess/NetworkResourceLoadParameters.h:
• NetworkProcess/PingLoad.cpp:

(WebKit::PingLoad::willPerformHTTPRedirection):
(WebKit::PingLoad::contentExtensionsBackend):
(WebKit::PingLoad::processContentExtensionRulesForLoad):

• NetworkProcess/PingLoad.h:
• WebProcess/Network/WebLoaderStrategy.cpp:

(WebKit::WebLoaderStrategy::startPingLoad):

LayoutTests:

Add layout test coverage for blocking beacon loads via content extensions.

• http/wpt/beacon/connect-src-beacon-redirect-blocked.sub-expected.txt:
• http/wpt/beacon/connect-src-beacon-redirect-blocked.sub.html:
• http/wpt/beacon/contentextensions/beacon-blocked-expected.txt: Added.
• http/wpt/beacon/contentextensions/beacon-blocked.html: Added.
• http/wpt/beacon/contentextensions/beacon-blocked.html.json: Added.
• http/wpt/beacon/contentextensions/beacon-redirect-blocked-expected.txt: Added.
• http/wpt/beacon/contentextensions/beacon-redirect-blocked.html: Added.
• http/wpt/beacon/contentextensions/beacon-redirect-blocked.html.json: Added.

Location:

trunk

Files:

• LayoutTests/ChangeLog (modified) (1 diff)
• LayoutTests/http/wpt/beacon/connect-src-beacon-redirect-blocked.sub-expected.txt (modified) (1 diff)
• LayoutTests/http/wpt/beacon/connect-src-beacon-redirect-blocked.sub.html (modified) (1 diff)
• LayoutTests/http/wpt/beacon/contentextensions (added)
• LayoutTests/http/wpt/beacon/contentextensions/beacon-blocked-expected.txt (added)
• LayoutTests/http/wpt/beacon/contentextensions/beacon-blocked.html (added)
• LayoutTests/http/wpt/beacon/contentextensions/beacon-blocked.html.json (added)
• LayoutTests/http/wpt/beacon/contentextensions/beacon-redirect-blocked-expected.txt (added)
• LayoutTests/http/wpt/beacon/contentextensions/beacon-redirect-blocked.html (added)
• LayoutTests/http/wpt/beacon/contentextensions/beacon-redirect-blocked.html.json (added)
• Source/WebCore/ChangeLog (modified) (1 diff)
• Source/WebCore/contentextensions/ContentExtensionActions.h (modified) (1 diff)
• Source/WebCore/contentextensions/ContentExtensionsBackend.cpp (modified) (2 diffs)
• Source/WebCore/contentextensions/ContentExtensionsBackend.h (modified) (1 diff)
• Source/WebCore/page/Page.h (modified) (1 diff)
• Source/WebCore/page/UserContentProvider.cpp (modified) (1 diff)
• Source/WebCore/page/UserContentProvider.h (modified) (1 diff)
• Source/WebKit/ChangeLog (modified) (1 diff)
• Source/WebKit/NetworkProcess/NetworkResourceLoadParameters.cpp (modified) (2 diffs)
• Source/WebKit/NetworkProcess/NetworkResourceLoadParameters.h (modified) (2 diffs)
• Source/WebKit/NetworkProcess/PingLoad.cpp (modified) (4 diffs)
• Source/WebKit/NetworkProcess/PingLoad.h (modified) (3 diffs)
• Source/WebKit/WebProcess/Network/WebLoaderStrategy.cpp (modified) (3 diffs)

trunk/LayoutTests/ChangeLog

@@ +1 @@
+2017-08-21  Chris Dumez  <cdumez@apple.com>
+
+        [Beacon] Content extensions should be able to intercept Beacon / Ping redirects
+        https://bugs.webkit.org/show_bug.cgi?id=175746
+        <rdar://problem/33946050>
+
+        Reviewed by Alex Christensen.
+
+        Add layout test coverage for blocking beacon loads via content extensions.
+
+        * http/wpt/beacon/connect-src-beacon-redirect-blocked.sub-expected.txt:
+        * http/wpt/beacon/connect-src-beacon-redirect-blocked.sub.html:
+        * http/wpt/beacon/contentextensions/beacon-blocked-expected.txt: Added.
+        * http/wpt/beacon/contentextensions/beacon-blocked.html: Added.
+        * http/wpt/beacon/contentextensions/beacon-blocked.html.json: Added.
+        * http/wpt/beacon/contentextensions/beacon-redirect-blocked-expected.txt: Added.
+        * http/wpt/beacon/contentextensions/beacon-redirect-blocked.html: Added.
+        * http/wpt/beacon/contentextensions/beacon-redirect-blocked.html.json: Added.
+
 2017-08-21  Matt Lewis  <jlewis3@apple.com>
 

trunk/LayoutTests/http/wpt/beacon/connect-src-beacon-redirect-blocked.sub-expected.txt

@@ +1 @@
+CONSOLE MESSAGE: Beacon API cannot load http://127.0.0.1:8800/WebKit/beacon/resources/beacon-preflight.py?allowCors=1&cmd=put&id=2539e883-7dfb-4dde-a227-a41c670d5fe1&redirect_status=307&location=http%3A%2F%2F127.0.0.1%3A8800%2FWebKit%2Fbeacon%2Fresources%2Fbeacon-preflight.py%3FallowCors%3D1%26cmd%3Dput%26id%3D2539e883-7dfb-4dde-a227-a41c670d5fe1&count=1. Blocked by Content Security Policy
 
 PASS Redirect is blocked by CSP 

trunk/LayoutTests/http/wpt/beacon/connect-src-beacon-redirect-blocked.sub.html

@@ -30 +30 @@
 function testCORSPreflightRedirectSuccess(what) {
   var testBase = get_host_info().HTTP_REMOTE_ORIGIN + RESOURCES_DIR;
-  var id = self.token();
+  var id = "2539e883-7dfb-4dde-a227-a41c670d5fe1"; // Use a static token because the URL is logged.
   var target = encodeURIComponent(testBase + "beacon-preflight.py?allowCors=1&cmd=put&id=" + id);
 

trunk/Source/WebCore/ChangeLog

@@ +1 @@
+2017-08-21  Chris Dumez  <cdumez@apple.com>
+
+        [Beacon] Content extensions should be able to intercept Beacon / Ping redirects
+        https://bugs.webkit.org/show_bug.cgi?id=175746
+        <rdar://problem/33946050>
+
+        Reviewed by Alex Christensen.
+
+        Update PingLoad to process content extension rules upon redirect. This allows content
+        extensions to block and upgrade to HTTPS beacon / ping loads.
+
+        Because ping loads can outlive the WebProcess, the content extensions rules are passed
+        to the NetworkProcess when starting the Ping load. The PingLoad can then consult those
+        rules upon redirect, on the NetworkProcess side.
+
+        Tests: http/wpt/beacon/contentextensions/beacon-blocked.html
+               http/wpt/beacon/contentextensions/beacon-redirect-blocked.html
+
+        * contentextensions/ContentExtensionActions.h:
+        * contentextensions/ContentExtensionsBackend.cpp:
+        (WebCore::ContentExtensions::ContentExtensionsBackend::forEach):
+        (WebCore::ContentExtensions::ContentExtensionsBackend::processContentExtensionRulesForPingLoad):
+        * contentextensions/ContentExtensionsBackend.h:
+        * page/Page.h:
+        * page/UserContentProvider.cpp:
+        (WebCore::UserContentProvider::forEachContentExtension):
+        * page/UserContentProvider.h:
+
 2017-08-21  Brady Eidson  <beidson@apple.com>
 

trunk/Source/WebCore/contentextensions/ContentExtensionActions.h

@@ -52 +52 @@
 };
 
-void applyBlockedStatusToRequest(const BlockedStatus&, ResourceRequest&);
+WEBCORE_EXPORT void applyBlockedStatusToRequest(const BlockedStatus&, ResourceRequest&);
 
 } // namespace ContentExtensions

trunk/Source/WebCore/contentextensions/ContentExtensionsBackend.cpp

@@ -135 +135 @@
 }
 
+void ContentExtensionsBackend::forEach(const WTF::Function<void(const String&, ContentExtension&)>& apply)
+{
+    for (auto& pair : m_contentExtensions)
+        apply(pair.key, pair.value);
+}
+
 StyleSheetContents* ContentExtensionsBackend::globalDisplayNoneStyleSheet(const String& identifier) const
 {
@@ -214 +220 @@
 }
 
+BlockedStatus ContentExtensionsBackend::processContentExtensionRulesForPingLoad(const URL& url, const URL& mainDocumentURL)
+{
+    if (m_contentExtensions.isEmpty())
+        return { };
+
+    ResourceLoadInfo resourceLoadInfo = { url, mainDocumentURL, ResourceType::Raw };
+    Vector<ContentExtensions::Action> actions = actionsForResourceLoad(resourceLoadInfo);
+
+    bool willBlockLoad = false;
+    bool willBlockCookies = false;
+    bool willMakeHTTPS = false;
+    for (const auto& action : actions) {
+        switch (action.type()) {
+        case ContentExtensions::ActionType::BlockLoad:
+            willBlockLoad = true;
+            break;
+        case ContentExtensions::ActionType::BlockCookies:
+            willBlockCookies = true;
+            break;
+        case ContentExtensions::ActionType::MakeHTTPS:
+            if ((url.protocolIs("http") || url.protocolIs("ws")) && (!url.port() || isDefaultPortForProtocol(url.port().value(), url.protocol())))
+                willMakeHTTPS = true;
+            break;
+        case ContentExtensions::ActionType::CSSDisplayNoneSelector:
+        case ContentExtensions::ActionType::CSSDisplayNoneStyleSheet:
+            break;
+        case ContentExtensions::ActionType::IgnorePreviousRules:
+        case ContentExtensions::ActionType::InvalidAction:
+            RELEASE_ASSERT_NOT_REACHED();
+        }
+    }
+
+    return { willBlockLoad, willBlockCookies, willMakeHTTPS };
+}
+
 const String& ContentExtensionsBackend::displayNoneCSSRule()
 {

trunk/Source/WebCore/contentextensions/ContentExtensionsBackend.h

@@ -66 +66 @@
 
     BlockedStatus processContentExtensionRulesForLoad(const URL&, ResourceType, DocumentLoader& initiatingDocumentLoader);
+    WEBCORE_EXPORT BlockedStatus processContentExtensionRulesForPingLoad(const URL&, const URL& mainDocumentURL);
 
     static const String& displayNoneCSSRule();
+
+    void forEach(const WTF::Function<void(const String&, ContentExtension&)>&);
 
 private:

trunk/Source/WebCore/page/Page.h

@@ -505 +505 @@
     PluginInfoProvider& pluginInfoProvider();
 
-    UserContentProvider& userContentProvider();
+    WEBCORE_EXPORT UserContentProvider& userContentProvider();
     WEBCORE_EXPORT void setUserContentProvider(Ref<UserContentProvider>&&);
 

trunk/Source/WebCore/page/UserContentProvider.cpp

@@ -117 +117 @@
     return userContentExtensionBackend().actionsForResourceLoad(resourceLoadInfo);
 }
+
+void UserContentProvider::forEachContentExtension(const WTF::Function<void(const String&, ContentExtensions::ContentExtension&)>& apply, DocumentLoader& initiatingDocumentLoader)
+{
+    if (!contentExtensionsEnabled(initiatingDocumentLoader))
+        return;
+
+    userContentExtensionBackend().forEach(apply);
+}
+
 #endif
 

trunk/Source/WebCore/page/UserContentProvider.h

@@ -93 +93 @@
     ContentExtensions::BlockedStatus processContentExtensionRulesForLoad(const URL&, ResourceType, DocumentLoader& initiatingDocumentLoader);
     Vector<ContentExtensions::Action> actionsForResourceLoad(const ResourceLoadInfo&, DocumentLoader& initiatingDocumentLoader);
+    WEBCORE_EXPORT void forEachContentExtension(const WTF::Function<void(const String&, ContentExtensions::ContentExtension&)>&, DocumentLoader& initiatingDocumentLoader);
 #endif
 

trunk/Source/WebKit/ChangeLog

@@ +1 @@
+2017-08-21  Chris Dumez  <cdumez@apple.com>
+
+        [Beacon] Content extensions should be able to intercept Beacon / Ping redirects
+        https://bugs.webkit.org/show_bug.cgi?id=175746
+        <rdar://problem/33946050>
+
+        Reviewed by Alex Christensen.
+
+        Update PingLoad to process content extension rules upon redirect. This allows content
+        extensions to block and upgrade to HTTPS beacon / ping loads.
+
+        Because ping loads can outlive the WebProcess, the content extensions rules are passed
+        to the NetworkProcess when starting the Ping load. The PingLoad can then consult those
+        rules upon redirect, on the NetworkProcess side.
+
+        * NetworkProcess/NetworkResourceLoadParameters.cpp:
+        (WebKit::NetworkResourceLoadParameters::encode const):
+        (WebKit::NetworkResourceLoadParameters::decode):
+        * NetworkProcess/NetworkResourceLoadParameters.h:
+        * NetworkProcess/PingLoad.cpp:
+        (WebKit::PingLoad::willPerformHTTPRedirection):
+        (WebKit::PingLoad::contentExtensionsBackend):
+        (WebKit::PingLoad::processContentExtensionRulesForLoad):
+        * NetworkProcess/PingLoad.h:
+        * WebProcess/Network/WebLoaderStrategy.cpp:
+        (WebKit::WebLoaderStrategy::startPingLoad):
+
 2017-08-21  Adrian Perez de Castro  <aperez@igalia.com>
 

trunk/Source/WebKit/NetworkProcess/NetworkResourceLoadParameters.cpp

@@ -89 +89 @@
     encoder.encodeEnum(mode);
     encoder << cspResponseHeaders;
+
+#if ENABLE(CONTENT_EXTENSIONS)
+    encoder << mainDocumentURL;
+    encoder << contentRuleLists;
+#endif
 }
 
@@ -168 +173 @@
         return false;
 
+#if ENABLE(CONTENT_EXTENSIONS)
+    if (!decoder.decode(result.mainDocumentURL))
+        return false;
+
+    if (!decoder.decode(result.contentRuleLists))
+        return false;
+#endif
+
     return true;
 }

trunk/Source/WebKit/NetworkProcess/NetworkResourceLoadParameters.h

@@ -29 +29 @@
 #include "NetworkLoadParameters.h"
 #include "SandboxExtension.h"
+#include "WebCompiledContentRuleListData.h"
 #include <WebCore/ContentSecurityPolicyResponseHeaders.h>
 #include <WebCore/FetchOptions.h>
@@ -60 +61 @@
     WebCore::FetchOptions::Mode mode;
     std::optional<WebCore::ContentSecurityPolicyResponseHeaders> cspResponseHeaders;
+
+#if ENABLE(CONTENT_EXTENSIONS)
+    WebCore::URL mainDocumentURL;
+    Vector<std::pair<String, WebCompiledContentRuleListData>> contentRuleLists;
+#endif
 };
 

trunk/Source/WebKit/NetworkProcess/PingLoad.cpp

@@ -34 +34 @@
 #include "NetworkConnectionToWebProcess.h"
 #include "SessionTracker.h"
+#include "WebCompiledContentRuleList.h"
 #include "WebErrors.h"
 #include <WebCore/ContentSecurityPolicy.h>
@@ -103 +104 @@
 void PingLoad::willPerformHTTPRedirection(ResourceResponse&& redirectResponse, ResourceRequest&& request, RedirectCompletionHandler&& completionHandler)
 {
-    m_lastRedirectionRequest = request;
-
     RELEASE_LOG_IF_ALLOWED("willPerformHTTPRedirection - shouldFollowRedirects? %d", m_parameters.shouldFollowRedirects);
     if (!m_parameters.shouldFollowRedirects) {
         completionHandler({ });
-        return;
-    }
+        didFinish(ResourceError { String(), 0, currentRequest().url(), ASCIILiteral("Not allowed to follow redirects"), ResourceError::Type::AccessControl });
+        return;
+    }
+
+#if ENABLE(CONTENT_EXTENSIONS)
+    if (processContentExtensionRulesForLoad(request)) {
+        RELEASE_LOG_IF_ALLOWED("willPerformHTTPRedirection - Redirect was blocked by content extensions");
+        m_lastRedirectionRequest = request;
+        completionHandler({ });
+        didFinish(ResourceError { String(), 0, currentRequest().url(), ASCIILiteral("Blocked by content extension"), ResourceError::Type::AccessControl });
+        return;
+    }
+#endif
+
+    m_lastRedirectionRequest = request;
 
     if (auto* contentSecurityPolicy = this->contentSecurityPolicy()) {
@@ -115 +127 @@
             RELEASE_LOG_IF_ALLOWED("willPerformHTTPRedirection - Redirect was blocked by CSP");
             completionHandler({ });
+            didFinish(ResourceError { String(), 0, currentRequest().url(), ASCIILiteral("Blocked by Content Security Policy"), ResourceError::Type::AccessControl });
             return;
         }
@@ -297 +310 @@
 }
 
+#if ENABLE(CONTENT_EXTENSIONS)
+
+ContentExtensions::ContentExtensionsBackend& PingLoad::contentExtensionsBackend()
+{
+    if (!m_contentExtensionsBackend) {
+        m_contentExtensionsBackend = std::make_unique<ContentExtensions::ContentExtensionsBackend>();
+        for (auto& pair : m_parameters.contentRuleLists)
+            m_contentExtensionsBackend->addContentExtension(pair.first, WebCompiledContentRuleList::create(WTFMove(pair.second)));
+    }
+    return *m_contentExtensionsBackend;
+}
+
+// Returns true if we should block the load.
+bool PingLoad::processContentExtensionRulesForLoad(ResourceRequest& request)
+{
+    auto status = contentExtensionsBackend().processContentExtensionRulesForPingLoad(request.url(), m_parameters.mainDocumentURL);
+    applyBlockedStatusToRequest(status, request);
+    return status.blockedLoad;
+}
+
+#endif // ENABLE(CONTENT_EXTENSIONS)
+
 } // namespace WebKit
 

trunk/Source/WebKit/NetworkProcess/PingLoad.h

@@ -30 +30 @@
 #include "NetworkDataTask.h"
 #include "NetworkResourceLoadParameters.h"
+#include <WebCore/ContentExtensionsBackend.h>
 #include <WebCore/ResourceError.h>
 
@@ -69 +70 @@
     void preflightSuccess(WebCore::ResourceRequest&&);
 
+#if ENABLE(CONTENT_EXTENSIONS)
+    WebCore::ContentExtensions::ContentExtensionsBackend& contentExtensionsBackend();
+    bool processContentExtensionRulesForLoad(WebCore::ResourceRequest&);
+#endif
+
     WebCore::SecurityOrigin& securityOrigin() const;
 
@@ -85 +91 @@
     RedirectCompletionHandler m_redirectHandler;
     mutable std::unique_ptr<WebCore::ContentSecurityPolicy> m_contentSecurityPolicy;
+#if ENABLE(CONTENT_EXTENSIONS)
+    std::unique_ptr<WebCore::ContentExtensions::ContentExtensionsBackend> m_contentExtensionsBackend;
+#endif
     std::optional<WebCore::ResourceRequest> m_lastRedirectionRequest;
 };

trunk/Source/WebKit/WebProcess/Network/WebLoaderStrategy.cpp

@@ -34 +34 @@
 #include "NetworkResourceLoadParameters.h"
 #include "SessionTracker.h"
+#include "WebCompiledContentRuleList.h"
 #include "WebCoreArgumentCoders.h"
 #include "WebErrors.h"
@@ -62 +63 @@
 #include <WebCore/Settings.h>
 #include <WebCore/SubresourceLoader.h>
+#include <WebCore/UserContentProvider.h>
 #include <pal/SessionID.h>
 #include <wtf/text/CString.h>
@@ -434 +436 @@
     }
 
+#if ENABLE(CONTENT_EXTENSIONS)
+    loadParameters.mainDocumentURL = document->topDocument().url();
+
+    if (auto* documentLoader = frame.loader().documentLoader()) {
+        if (auto* page = frame.page()) {
+            page->userContentProvider().forEachContentExtension([&loadParameters](const String& identifier, ContentExtensions::ContentExtension& contentExtension) {
+                loadParameters.contentRuleLists.append(std::make_pair(identifier, static_cast<const WebCompiledContentRuleList&>(contentExtension.compiledExtension()).data()));
+            }, *documentLoader);
+        }
+    }
+#endif
+
     if (completionHandler)
         m_pingLoadCompletionHandlers.add(loadParameters.identifier, WTFMove(completionHandler));