Changeset 246056 in webkit

Timestamp:

Jun 3, 2019 11:36:05 PM (5 years ago)

Author:

aestes@apple.com

Message:

[Apple Pay] Disable script injection when canMakePayment APIs are called and return true
​https://bugs.webkit.org/show_bug.cgi?id=198448
<rdar://problem/51323694>

Reviewed by Alex Christensen.

Source/WebCore:

Previously, only an active Apple Pay session would disable script injection in restricted
WKWebViews. However, this can result in websites rendering non-functional Apple Pay buttons
due to the race between the hosting app calling -evaluateJavaScript:completionHandler: and
the website calling canMakePayment APIs to determine whether to draw a button.

This patch makes it so that, if a website calls ApplePaySession's canMakePayments or
canMakePaymentsWithActiveCard, or PaymentRequest's canMakePayment, in a web view that has no
injected scripts, and those calls return true, future script injections from the hosting app
will be blocked.

Also, this patch removes the restrictions on the openPaymentSetup, supportsVersion, and
validatedPaymentNetwork APIs, since those APIs do not reveal transaction information and are
not used to determine whether to draw buttons.

Added new API tests.

• Modules/applepay/PaymentCoordinator.cpp:

(WebCore::PaymentCoordinator::supportsVersion const):
(WebCore::PaymentCoordinator::canMakePayments):
(WebCore::PaymentCoordinator::canMakePaymentsWithActiveCard):
(WebCore::PaymentCoordinator::openPaymentSetup):
(WebCore::PaymentCoordinator::beginPaymentSession):
(WebCore::PaymentCoordinator::validatedPaymentNetwork const):
(WebCore::PaymentCoordinator::setApplePayIsActiveIfAllowed const):
(WebCore::PaymentCoordinator::shouldAllowUserAgentScripts const):
(WebCore::PaymentCoordinator::shouldAllowApplePay const): Deleted.

• Modules/applepay/PaymentCoordinator.h:
• dom/Document.cpp:

(WebCore::Document::isApplePayActive const):
(WebCore::Document::setApplePayIsActive):
(WebCore::Document::hasStartedApplePaySession const): Deleted.
(WebCore::Document::setHasStartedApplePaySession): Deleted.

• dom/Document.h:
• testing/Internals.cpp:

(WebCore::Internals::setApplePayIsActive):
(WebCore::Internals::setHasStartedApplePaySession): Deleted.

• testing/Internals.h:
• testing/Internals.idl:

Tools:

• TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj:
• TestWebKitAPI/Tests/WebKitCocoa/ApplePay.mm:

(-[TestApplePayAvailableScriptMessageHandler userContentController:didReceiveScriptMessage:]):
(-[TestApplePayActiveSessionScriptMessageHandler userContentController:didReceiveScriptMessage:]):
(TestWebKitAPI::TEST):
(TestWebKitAPI::runActiveSessionTest):
(-[TestApplePayScriptMessageHandler initWithAPIsAvailableExpectation:canMakePaymentsExpectation:]): Deleted.
(-[TestApplePayScriptMessageHandler userContentController:didReceiveScriptMessage:]): Deleted.

• TestWebKitAPI/Tests/WebKitCocoa/apple-pay-active-session.html:
• TestWebKitAPI/Tests/WebKitCocoa/apple-pay-availability-existing-object.html: Added.
• TestWebKitAPI/Tests/WebKitCocoa/apple-pay-availability-in-iframe.html:
• TestWebKitAPI/Tests/WebKitCocoa/apple-pay-availability.html:
• TestWebKitAPI/Tests/WebKitCocoa/apple-pay-can-make-payment.html: Added.
• TestWebKitAPI/Tests/WebKitCocoa/apple-pay-can-make-payments-with-active-card.html: Added.
• TestWebKitAPI/Tests/WebKitCocoa/apple-pay-can-make-payments.html: Added.
• TestWebKitAPI/Tests/WebKitCocoa/apple-pay.js: Added.

(applePayRequestBase):
(applePayPaymentRequest):
(applePayMethod):

• TestWebKitAPI/cocoa/TestProtocol.mm:

(-[TestProtocol startLoading]):

Location:

trunk

Files:

• Source/WebCore/ChangeLog (modified) (1 diff)
• Source/WebCore/Modules/applepay/PaymentCoordinator.cpp (modified) (7 diffs)
• Source/WebCore/Modules/applepay/PaymentCoordinator.h (modified) (3 diffs)
• Source/WebCore/dom/Document.cpp (modified) (2 diffs)
• Source/WebCore/dom/Document.h (modified) (1 diff)
• Source/WebCore/testing/Internals.cpp (modified) (1 diff)
• Source/WebCore/testing/Internals.h (modified) (1 diff)
• Source/WebCore/testing/Internals.idl (modified) (1 diff)
• Tools/ChangeLog (modified) (1 diff)
• Tools/TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj (modified) (4 diffs)
• Tools/TestWebKitAPI/Tests/WebKitCocoa/ApplePay.mm (modified) (12 diffs)
• Tools/TestWebKitAPI/Tests/WebKitCocoa/Download.mm (modified) (2 diffs)
• Tools/TestWebKitAPI/Tests/WebKitCocoa/apple-pay-active-session.html (modified) (1 diff)
• Tools/TestWebKitAPI/Tests/WebKitCocoa/apple-pay-availability-existing-object.html (added)
• Tools/TestWebKitAPI/Tests/WebKitCocoa/apple-pay-availability-in-iframe.html (modified) (1 diff)
• Tools/TestWebKitAPI/Tests/WebKitCocoa/apple-pay-availability.html (modified) (3 diffs)
• Tools/TestWebKitAPI/Tests/WebKitCocoa/apple-pay-can-make-payment.html (added)
• Tools/TestWebKitAPI/Tests/WebKitCocoa/apple-pay-can-make-payments-with-active-card.html (added)
• Tools/TestWebKitAPI/Tests/WebKitCocoa/apple-pay-can-make-payments.html (added)
• Tools/TestWebKitAPI/Tests/WebKitCocoa/apple-pay.js (added)
• Tools/TestWebKitAPI/cocoa/TestProtocol.mm (modified) (3 diffs)

trunk/Source/WebCore/ChangeLog

@@ +1 @@
+2019-06-03  Andy Estes  <aestes@apple.com>
+
+        [Apple Pay] Disable script injection when canMakePayment APIs are called and return true
+        https://bugs.webkit.org/show_bug.cgi?id=198448
+        <rdar://problem/51323694>
+
+        Reviewed by Alex Christensen.
+
+        Previously, only an active Apple Pay session would disable script injection in restricted
+        WKWebViews. However, this can result in websites rendering non-functional Apple Pay buttons
+        due to the race between the hosting app calling -evaluateJavaScript:completionHandler: and
+        the website calling canMakePayment APIs to determine whether to draw a button.
+
+        This patch makes it so that, if a website calls ApplePaySession's canMakePayments or
+        canMakePaymentsWithActiveCard, or PaymentRequest's canMakePayment, in a web view that has no
+        injected scripts, and those calls return true, future script injections from the hosting app
+        will be blocked.
+
+        Also, this patch removes the restrictions on the openPaymentSetup, supportsVersion, and
+        validatedPaymentNetwork APIs, since those APIs do not reveal transaction information and are
+        not used to determine whether to draw buttons.
+
+        Added new API tests.
+
+        * Modules/applepay/PaymentCoordinator.cpp:
+        (WebCore::PaymentCoordinator::supportsVersion const):
+        (WebCore::PaymentCoordinator::canMakePayments):
+        (WebCore::PaymentCoordinator::canMakePaymentsWithActiveCard):
+        (WebCore::PaymentCoordinator::openPaymentSetup):
+        (WebCore::PaymentCoordinator::beginPaymentSession):
+        (WebCore::PaymentCoordinator::validatedPaymentNetwork const):
+        (WebCore::PaymentCoordinator::setApplePayIsActiveIfAllowed const):
+        (WebCore::PaymentCoordinator::shouldAllowUserAgentScripts const):
+        (WebCore::PaymentCoordinator::shouldAllowApplePay const): Deleted.
+        * Modules/applepay/PaymentCoordinator.h:
+        * dom/Document.cpp:
+        (WebCore::Document::isApplePayActive const):
+        (WebCore::Document::setApplePayIsActive):
+        (WebCore::Document::hasStartedApplePaySession const): Deleted.
+        (WebCore::Document::setHasStartedApplePaySession): Deleted.
+        * dom/Document.h:
+        * testing/Internals.cpp:
+        (WebCore::Internals::setApplePayIsActive):
+        (WebCore::Internals::setHasStartedApplePaySession): Deleted.
+        * testing/Internals.h:
+        * testing/Internals.idl:
+
 2019-06-03  Robin Morisset  <rmorisset@apple.com>
 

trunk/Source/WebCore/Modules/applepay/PaymentCoordinator.cpp

@@ -57 +57 @@
 }
 
-bool PaymentCoordinator::supportsVersion(Document& document, unsigned version) const
-{
-    if (!shouldAllowApplePay(document))
-        return false;
-
+bool PaymentCoordinator::supportsVersion(Document&, unsigned version) const
+{
     auto supportsVersion = m_client.supportsVersion(version);
     RELEASE_LOG_IF_ALLOWED("supportsVersion(%d) -> %d", version, supportsVersion);
@@ -69 +66 @@
 bool PaymentCoordinator::canMakePayments(Document& document)
 {
-    if (!shouldAllowApplePay(document))
-        return false;
-
     auto canMakePayments = m_client.canMakePayments();
     RELEASE_LOG_IF_ALLOWED("canMakePayments() -> %d", canMakePayments);
-    return canMakePayments;
+
+    if (!canMakePayments)
+        return false;
+
+    if (!setApplePayIsActiveIfAllowed(document))
+        return false;
+
+    return true;
 }
 
 void PaymentCoordinator::canMakePaymentsWithActiveCard(Document& document, const String& merchantIdentifier, WTF::Function<void(bool)>&& completionHandler)
 {
-    if (!shouldAllowApplePay(document))
-        return completionHandler(false);
-
-    RELEASE_LOG_IF_ALLOWED("canMakePaymentsWithActiveCard()");
-    m_client.canMakePaymentsWithActiveCard(merchantIdentifier, document.domain(), WTFMove(completionHandler));
+    m_client.canMakePaymentsWithActiveCard(merchantIdentifier, document.domain(), [this, weakThis = makeWeakPtr(*this), document = makeWeakPtr(document), completionHandler = WTFMove(completionHandler)](bool canMakePayments) {
+        if (!weakThis)
+            return completionHandler(false);
+
+        RELEASE_LOG_IF_ALLOWED("canMakePaymentsWithActiveCard() -> %d", canMakePayments);
+
+        if (!canMakePayments)
+            return completionHandler(false);
+
+        if (!document || !setApplePayIsActiveIfAllowed(*document))
+            return completionHandler(false);
+
+        completionHandler(true);
+    });
 }
 
 void PaymentCoordinator::openPaymentSetup(Document& document, const String& merchantIdentifier, WTF::Function<void(bool)>&& completionHandler)
 {
-    if (!shouldAllowApplePay(document))
-        return completionHandler(false);
-
     RELEASE_LOG_IF_ALLOWED("openPaymentSetup()");
     m_client.openPaymentSetup(merchantIdentifier, document.domain(), WTFMove(completionHandler));
@@ -99 +106 @@
     ASSERT(!m_activeSession);
 
-    if (!shouldAllowApplePay(document))
+    if (!setApplePayIsActiveIfAllowed(document))
         return false;
 
@@ -112 +119 @@
 
     m_activeSession = &paymentSession;
-    document.setHasStartedApplePaySession();
     return true;
 }
@@ -240 +246 @@
 }
 
-Optional<String> PaymentCoordinator::validatedPaymentNetwork(Document& document, unsigned version, const String& paymentNetwork) const
-{
-    if (!shouldAllowApplePay(document))
-        return WTF::nullopt;
-
+Optional<String> PaymentCoordinator::validatedPaymentNetwork(Document&, unsigned version, const String& paymentNetwork) const
+{
     if (version < 2 && equalIgnoringASCIICase(paymentNetwork, "jcb"))
         return WTF::nullopt;
@@ -270 +273 @@
 }
 
-bool PaymentCoordinator::shouldAllowApplePay(Document& document) const
-{
-    if (m_client.supportsUnrestrictedApplePay()) {
-        RELEASE_LOG_IF_ALLOWED("shouldAllowApplePay() -> true (unrestricted client)");
-        return true;
-    }
-
+bool PaymentCoordinator::setApplePayIsActiveIfAllowed(Document& document) const
+{
     auto hasEvaluatedUserAgentScripts = document.hasEvaluatedUserAgentScripts();
     auto isRunningUserScripts = document.isRunningUserScripts();
-    if (hasEvaluatedUserAgentScripts || isRunningUserScripts) {
-        ASSERT(shouldAllowUserAgentScripts(document));
-        RELEASE_LOG_IF_ALLOWED("shouldAllowApplePay() -> false (hasEvaluatedUserAgentScripts: %d, isRunningUserScripts: %d)", hasEvaluatedUserAgentScripts, isRunningUserScripts);
-        return false;
-    }
-
-    RELEASE_LOG_IF_ALLOWED("shouldAllowApplePay() -> true");
+    auto supportsUnrestrictedApplePay = m_client.supportsUnrestrictedApplePay();
+
+    if (!supportsUnrestrictedApplePay && (hasEvaluatedUserAgentScripts || isRunningUserScripts)) {
+        ASSERT(!document.isApplePayActive());
+        RELEASE_LOG_IF_ALLOWED("setApplePayIsActiveIfAllowed() -> false (hasEvaluatedUserAgentScripts: %d, isRunningUserScripts: %d)", hasEvaluatedUserAgentScripts, isRunningUserScripts);
+        return false;
+    }
+
+    RELEASE_LOG_IF_ALLOWED("setApplePayIsActiveIfAllowed() -> true (supportsUnrestrictedApplePay: %d)", supportsUnrestrictedApplePay);
+    document.setApplePayIsActive();
     return true;
 }
@@ -291 +292 @@
 bool PaymentCoordinator::shouldAllowUserAgentScripts(Document& document) const
 {
-    if (m_client.supportsUnrestrictedApplePay())
+    if (m_client.supportsUnrestrictedApplePay() || !document.isApplePayActive())
         return true;
 
-    if (document.hasStartedApplePaySession()) {
-        ASSERT(shouldAllowApplePay(document));
-        RELEASE_LOG_ERROR_IF_ALLOWED("shouldAllowUserAgentScripts() -> false (active session)");
-        return false;
-    }
-
-    return true;
+    ASSERT(!document.hasEvaluatedUserAgentScripts());
+    ASSERT(!document.isRunningUserScripts());
+    RELEASE_LOG_ERROR_IF_ALLOWED("shouldAllowUserAgentScripts() -> false (active session)");
+    return false;
 }
 

trunk/Source/WebCore/Modules/applepay/PaymentCoordinator.h

@@ -30 +30 @@
 #include "ApplePaySessionPaymentRequest.h"
 #include <wtf/Function.h>
+#include <wtf/WeakPtr.h>
 
 namespace WebCore {
@@ -46 +47 @@
 struct ShippingMethodUpdate;
 
-class PaymentCoordinator {
+class PaymentCoordinator : public CanMakeWeakPtr<PaymentCoordinator> {
     WTF_MAKE_FAST_ALLOCATED;
 public:
@@ -80 +81 @@
 
     bool shouldEnableApplePayAPIs(Document&) const;
-    WEBCORE_EXPORT bool shouldAllowApplePay(Document&) const;
     WEBCORE_EXPORT bool shouldAllowUserAgentScripts(Document&) const;
 
 private:
+    bool setApplePayIsActiveIfAllowed(Document&) const;
+
     PaymentCoordinatorClient& m_client;
-
     RefPtr<PaymentSession> m_activeSession;
 };

trunk/Source/WebCore/dom/Document.cpp

@@ -8250 +8250 @@
 #if ENABLE(APPLE_PAY)
 
-bool Document::hasStartedApplePaySession() const
+bool Document::isApplePayActive() const
 {
     auto& top = topDocument();
-    return this == &top ? m_hasStartedApplePaySession : top.hasStartedApplePaySession();
-}
-
-void Document::setHasStartedApplePaySession()
+    return this == &top ? m_hasStartedApplePaySession : top.isApplePayActive();
+}
+
+void Document::setApplePayIsActive()
 {
     auto& top = topDocument();
@@ -8262 +8262 @@
         m_hasStartedApplePaySession = true;
     else
-        top.setHasStartedApplePaySession();
+        top.setApplePayIsActive();
 }
 

trunk/Source/WebCore/dom/Document.h

@@ -1523 +1523 @@
     void setHasEvaluatedUserAgentScripts();
 #if ENABLE(APPLE_PAY)
-    WEBCORE_EXPORT bool hasStartedApplePaySession() const;
-    WEBCORE_EXPORT void setHasStartedApplePaySession();
+    WEBCORE_EXPORT bool isApplePayActive() const;
+    WEBCORE_EXPORT void setApplePayIsActive();
 #endif
 

trunk/Source/WebCore/testing/Internals.cpp

@@ -4604 +4604 @@
 
 #if ENABLE(APPLE_PAY)
-void Internals::setHasStartedApplePaySession(Document& document)
-{
-    document.setHasStartedApplePaySession();
+void Internals::setApplePayIsActive(Document& document)
+{
+    document.setApplePayIsActive();
 }
 #endif

trunk/Source/WebCore/testing/Internals.h

@@ -682 +682 @@
     void setAsRunningUserScripts(Document&);
 #if ENABLE(APPLE_PAY)
-    void setHasStartedApplePaySession(Document&);
+    void setApplePayIsActive(Document&);
 #endif
 

trunk/Source/WebCore/testing/Internals.idl

@@ -658 +658 @@
 
     [CallWith=Document] void setAsRunningUserScripts();
-    [CallWith=Document, Conditional=APPLE_PAY] void setHasStartedApplePaySession();
+    [CallWith=Document, Conditional=APPLE_PAY] void setApplePayIsActive();
 
     void disableTileSizeUpdateDelay();

trunk/Tools/ChangeLog

@@ +1 @@
+2019-06-03  Andy Estes  <aestes@apple.com>
+
+        [Apple Pay] Disable script injection when canMakePayment APIs are called and return true
+        https://bugs.webkit.org/show_bug.cgi?id=198448
+        <rdar://problem/51323694>
+
+        Reviewed by Alex Christensen.
+
+        * TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj:
+        * TestWebKitAPI/Tests/WebKitCocoa/ApplePay.mm:
+        (-[TestApplePayAvailableScriptMessageHandler userContentController:didReceiveScriptMessage:]):
+        (-[TestApplePayActiveSessionScriptMessageHandler userContentController:didReceiveScriptMessage:]):
+        (TestWebKitAPI::TEST):
+        (TestWebKitAPI::runActiveSessionTest):
+        (-[TestApplePayScriptMessageHandler initWithAPIsAvailableExpectation:canMakePaymentsExpectation:]): Deleted.
+        (-[TestApplePayScriptMessageHandler userContentController:didReceiveScriptMessage:]): Deleted.
+        * TestWebKitAPI/Tests/WebKitCocoa/apple-pay-active-session.html:
+        * TestWebKitAPI/Tests/WebKitCocoa/apple-pay-availability-existing-object.html: Added.
+        * TestWebKitAPI/Tests/WebKitCocoa/apple-pay-availability-in-iframe.html:
+        * TestWebKitAPI/Tests/WebKitCocoa/apple-pay-availability.html:
+        * TestWebKitAPI/Tests/WebKitCocoa/apple-pay-can-make-payment.html: Added.
+        * TestWebKitAPI/Tests/WebKitCocoa/apple-pay-can-make-payments-with-active-card.html: Added.
+        * TestWebKitAPI/Tests/WebKitCocoa/apple-pay-can-make-payments.html: Added.
+        * TestWebKitAPI/Tests/WebKitCocoa/apple-pay.js: Added.
+        (applePayRequestBase):
+        (applePayPaymentRequest):
+        (applePayMethod):
+        * TestWebKitAPI/cocoa/TestProtocol.mm:
+        (-[TestProtocol startLoading]):
+
 2019-06-03  Sihui Liu  <sihui_liu@apple.com>
 

trunk/Tools/TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj

@@ -731 +731 @@
                 A1DF74321C41B65800A2F4D0 /* AlwaysRevalidatedURLSchemes.mm in Sources */ = {isa = PBXBuildFile; fileRef = A1DF74301C41B65800A2F4D0 /* AlwaysRevalidatedURLSchemes.mm */; };
                 A1EC11881F42541200D0146E /* PreviewConverter.cpp in Sources */ = {isa = PBXBuildFile; fileRef = A1EC11871F42541200D0146E /* PreviewConverter.cpp */; };
+                A1FB503D22A1CBE200D4D979 /* apple-pay-availability-existing-object.html in Copy Resources */ = {isa = PBXBuildFile; fileRef = A1FB503C22A1C24400D4D979 /* apple-pay-availability-existing-object.html */; };
+                A1FB503F22A20F6400D4D979 /* apple-pay-can-make-payments.html in Copy Resources */ = {isa = PBXBuildFile; fileRef = A1FB503E22A1E3B300D4D979 /* apple-pay-can-make-payments.html */; };
+                A1FB504122A212A900D4D979 /* apple-pay-can-make-payments-with-active-card.html in Copy Resources */ = {isa = PBXBuildFile; fileRef = A1FB504022A2128400D4D979 /* apple-pay-can-make-payments-with-active-card.html */; };
+                A1FB504322A213A300D4D979 /* apple-pay-can-make-payment.html in Copy Resources */ = {isa = PBXBuildFile; fileRef = A1FB504222A2138F00D4D979 /* apple-pay-can-make-payment.html */; };
+                A1FB504522A2157100D4D979 /* apple-pay.js in Copy Resources */ = {isa = PBXBuildFile; fileRef = A1FB504422A2154B00D4D979 /* apple-pay.js */; };
                 A310827221F296FF00C28B97 /* FileSystem.cpp in Sources */ = {isa = PBXBuildFile; fileRef = A310827121F296EC00C28B97 /* FileSystem.cpp */; };
                 A57A34F216AF6B2B00C2501F /* PageVisibilityStateWithWindowChanges.html in Copy Resources */ = {isa = PBXBuildFile; fileRef = A57A34F116AF69E200C2501F /* PageVisibilityStateWithWindowChanges.html */; };
@@ -1050 +1055 @@
                                 F4A9202F1FEE34E900F59590 /* apple-data-url.html in Copy Resources */,
                                 A1798B8B224361A4000764BD /* apple-pay-active-session.html in Copy Resources */,
+                                A1FB503D22A1CBE200D4D979 /* apple-pay-availability-existing-object.html in Copy Resources */,
                                 A1798B8922435E29000764BD /* apple-pay-availability-in-iframe.html in Copy Resources */,
                                 A1798B872243449B000764BD /* apple-pay-availability.html in Copy Resources */,
+                                A1FB504322A213A300D4D979 /* apple-pay-can-make-payment.html in Copy Resources */,
+                                A1FB504122A212A900D4D979 /* apple-pay-can-make-payments-with-active-card.html in Copy Resources */,
+                                A1FB503F22A20F6400D4D979 /* apple-pay-can-make-payments.html in Copy Resources */,
+                                A1FB504522A2157100D4D979 /* apple-pay.js in Copy Resources */,
                                 F46A095A1ED8A6E600D4AA55 /* apple.gif in Copy Resources */,
                                 5C9E59411D3EB5AC00E3C62E /* ApplicationCache.db in Copy Resources */,
@@ -2029 +2039 @@
                 A1DF74301C41B65800A2F4D0 /* AlwaysRevalidatedURLSchemes.mm */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.objcpp; path = AlwaysRevalidatedURLSchemes.mm; sourceTree = "<group>"; };
                 A1EC11871F42541200D0146E /* PreviewConverter.cpp */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.cpp.cpp; path = PreviewConverter.cpp; sourceTree = "<group>"; };
+                A1FB503C22A1C24400D4D979 /* apple-pay-availability-existing-object.html */ = {isa = PBXFileReference; lastKnownFileType = text.html; path = "apple-pay-availability-existing-object.html"; sourceTree = "<group>"; };
+                A1FB503E22A1E3B300D4D979 /* apple-pay-can-make-payments.html */ = {isa = PBXFileReference; lastKnownFileType = text.html; path = "apple-pay-can-make-payments.html"; sourceTree = "<group>"; };
+                A1FB504022A2128400D4D979 /* apple-pay-can-make-payments-with-active-card.html */ = {isa = PBXFileReference; lastKnownFileType = text.html; path = "apple-pay-can-make-payments-with-active-card.html"; sourceTree = "<group>"; };
+                A1FB504222A2138F00D4D979 /* apple-pay-can-make-payment.html */ = {isa = PBXFileReference; lastKnownFileType = text.html; path = "apple-pay-can-make-payment.html"; sourceTree = "<group>"; };
+                A1FB504422A2154B00D4D979 /* apple-pay.js */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.javascript; path = "apple-pay.js"; sourceTree = "<group>"; };
                 A1FDFD2E19C288BB005148A4 /* WKImageCreateCGImageCrash.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = WKImageCreateCGImageCrash.cpp; sourceTree = "<group>"; };
                 A310827121F296EC00C28B97 /* FileSystem.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = FileSystem.cpp; sourceTree = "<group>"; };
@@ -2960 +2975 @@
                                 F4A9202E1FEE34C800F59590 /* apple-data-url.html */,
                                 A1798B8A2243611A000764BD /* apple-pay-active-session.html */,
+                                A1FB503C22A1C24400D4D979 /* apple-pay-availability-existing-object.html */,
                                 A1798B8822435D2E000764BD /* apple-pay-availability-in-iframe.html */,
                                 A1798B862243446B000764BD /* apple-pay-availability.html */,
+                                A1FB504222A2138F00D4D979 /* apple-pay-can-make-payment.html */,
+                                A1FB504022A2128400D4D979 /* apple-pay-can-make-payments-with-active-card.html */,
+                                A1FB503E22A1E3B300D4D979 /* apple-pay-can-make-payments.html */,
+                                A1FB504422A2154B00D4D979 /* apple-pay.js */,
                                 F47D30EB1ED28619000482E1 /* apple.gif */,
                                 5C9E593E1D3EB1DE00E3C62E /* ApplicationCache.db */,

trunk/Tools/TestWebKitAPI/Tests/WebKitCocoa/ApplePay.mm

@@ -38 +38 @@
 
 static bool isDone;
-
-@interface TestApplePayScriptMessageHandler : NSObject <WKScriptMessageHandler>
+static NSString * const userScriptSource = @"window.wkUserScriptInjected = true";
+
+@interface TestApplePayAvailableScriptMessageHandler : NSObject <WKScriptMessageHandler>
 
 - (instancetype)init NS_UNAVAILABLE;
@@ -49 +50 @@
 @end
 
-@implementation TestApplePayScriptMessageHandler
+@implementation TestApplePayAvailableScriptMessageHandler
 
 - (instancetype)initWithAPIsAvailableExpectation:(BOOL)apisAvailableExpectation canMakePaymentsExpectation:(BOOL)canMakePaymentsExpectation
@@ -65 +66 @@
     EXPECT_EQ(_apisAvailableExpectation, [[message.body objectForKey:@"applePaySessionAvailable"] boolValue]);
     EXPECT_EQ(_apisAvailableExpectation, [[message.body objectForKey:@"paymentRequestAvailable"] boolValue]);
-    EXPECT_EQ(_canMakePaymentsExpectation, [[message.body objectForKey:@"supportsVersion"] boolValue]);
+    EXPECT_EQ(_apisAvailableExpectation, [[message.body objectForKey:@"supportsVersion"] boolValue]);
     EXPECT_EQ(_canMakePaymentsExpectation, [[message.body objectForKey:@"canMakePayments"] boolValue]);
     EXPECT_EQ(_canMakePaymentsExpectation, [[message.body objectForKey:@"canMakePaymentsWithActiveCard"] boolValue]);
@@ -74 +75 @@
 @end
 
+@interface TestApplePayActiveSessionScriptMessageHandler : NSObject <WKScriptMessageHandler>
+@end
+
+@implementation TestApplePayActiveSessionScriptMessageHandler
+
+- (void)userContentController:(WKUserContentController *)userContentController didReceiveScriptMessage:(WKScriptMessage *)message
+{
+    isDone = true;
+}
+
+@end
+
 namespace TestWebKitAPI {
     
@@ -80 +93 @@
     [TestProtocol registerWithScheme:@"https"];
 
-    auto messageHandler = adoptNS([[TestApplePayScriptMessageHandler alloc] initWithAPIsAvailableExpectation:YES canMakePaymentsExpectation:YES]);
-
-    WKWebViewConfiguration *configuration = [WKWebViewConfiguration _test_configurationWithTestPlugInClassName:@"WebProcessPlugInWithInternals"];
-    [configuration.userContentController addScriptMessageHandler:messageHandler.get() name:@"testApplePay"];
-
-    auto webView = adoptNS([[TestWKWebView alloc] initWithFrame:CGRectZero configuration:configuration]);
-    [webView loadRequest:[NSURLRequest requestWithURL:[NSURL URLWithString:@"https://bundle-html-file/apple-pay-availability"]]];
-
-    Util::run(&isDone);
+    auto messageHandler = adoptNS([[TestApplePayAvailableScriptMessageHandler alloc] initWithAPIsAvailableExpectation:YES canMakePaymentsExpectation:YES]);
+
+    WKWebViewConfiguration *configuration = [WKWebViewConfiguration _test_configurationWithTestPlugInClassName:@"WebProcessPlugInWithInternals"];
+    [configuration.userContentController addScriptMessageHandler:messageHandler.get() name:@"testApplePay"];
+
+    auto webView = adoptNS([[TestWKWebView alloc] initWithFrame:CGRectZero configuration:configuration]);
+    [webView loadRequest:[NSURLRequest requestWithURL:[NSURL URLWithString:@"https://bundle-file/apple-pay-availability.html"]]];
+
+    Util::run(&isDone);
+
+    [TestProtocol unregister];
+}
+
+TEST(ApplePay, ApplePayAvailableInUnrestrictedClients)
+{
+    [TestProtocol registerWithScheme:@"https"];
+
+    auto messageHandler = adoptNS([[TestApplePayAvailableScriptMessageHandler alloc] initWithAPIsAvailableExpectation:YES canMakePaymentsExpectation:YES]);
+    auto userScript = adoptNS([[WKUserScript alloc] initWithSource:userScriptSource injectionTime:WKUserScriptInjectionTimeAtDocumentStart forMainFrameOnly:YES]);
+
+    WKWebViewConfiguration *configuration = [WKWebViewConfiguration _test_configurationWithTestPlugInClassName:@"WebProcessPlugInWithInternals"];
+    [configuration.userContentController addUserScript:userScript.get()];
+    [configuration.userContentController addScriptMessageHandler:messageHandler.get() name:@"testApplePay"];
+
+    auto webView = adoptNS([[TestWKWebView alloc] initWithFrame:CGRectZero configuration:configuration]);
+    [webView loadRequest:[NSURLRequest requestWithURL:[NSURL URLWithString:@"https://bundle-file/apple-pay-availability-in-iframe.html?unrestricted"]]];
+    [webView _test_waitForDidFinishNavigation];
+    [webView evaluateJavaScript:@"loadApplePayFrame();" completionHandler:nil];
+
+    Util::run(&isDone);
+
+    EXPECT_EQ(YES, [[webView objectByEvaluatingJavaScript:@"window.wkUserScriptInjected"] boolValue]);
 
     [TestProtocol unregister];
@@ -97 +133 @@
     [TestProtocol registerWithScheme:@"https"];
 
-    auto messageHandler = adoptNS([[TestApplePayScriptMessageHandler alloc] initWithAPIsAvailableExpectation:NO canMakePaymentsExpectation:NO]);
-    auto userScript = adoptNS([[WKUserScript alloc] initWithSource:@"window.wkUserScriptInjected = true" injectionTime:WKUserScriptInjectionTimeAtDocumentStart forMainFrameOnly:YES]);
+    auto messageHandler = adoptNS([[TestApplePayAvailableScriptMessageHandler alloc] initWithAPIsAvailableExpectation:NO canMakePaymentsExpectation:NO]);
+    auto userScript = adoptNS([[WKUserScript alloc] initWithSource:userScriptSource injectionTime:WKUserScriptInjectionTimeAtDocumentStart forMainFrameOnly:YES]);
 
     WKWebViewConfiguration *configuration = [WKWebViewConfiguration _test_configurationWithTestPlugInClassName:@"WebProcessPlugInWithInternals"];
@@ -105 +141 @@
 
     auto webView = adoptNS([[TestWKWebView alloc] initWithFrame:CGRectZero configuration:configuration]);
-    [webView loadRequest:[NSURLRequest requestWithURL:[NSURL URLWithString:@"https://bundle-html-file/apple-pay-availability"]]];
+    [webView loadRequest:[NSURLRequest requestWithURL:[NSURL URLWithString:@"https://bundle-file/apple-pay-availability.html"]]];
 
     Util::run(&isDone);
@@ -118 +154 @@
     [TestProtocol registerWithScheme:@"https"];
     
-    auto messageHandler = adoptNS([[TestApplePayScriptMessageHandler alloc] initWithAPIsAvailableExpectation:NO canMakePaymentsExpectation:NO]);
-    auto userScript = adoptNS([[WKUserScript alloc] initWithSource:@"window.wkUserScriptInjected = true" injectionTime:WKUserScriptInjectionTimeAtDocumentEnd forMainFrameOnly:YES]);
+    auto messageHandler = adoptNS([[TestApplePayAvailableScriptMessageHandler alloc] initWithAPIsAvailableExpectation:NO canMakePaymentsExpectation:NO]);
+    auto userScript = adoptNS([[WKUserScript alloc] initWithSource:userScriptSource injectionTime:WKUserScriptInjectionTimeAtDocumentEnd forMainFrameOnly:YES]);
     
     WKWebViewConfiguration *configuration = [WKWebViewConfiguration _test_configurationWithTestPlugInClassName:@"WebProcessPlugInWithInternals"];
@@ -126 +162 @@
     
     auto webView = adoptNS([[TestWKWebView alloc] initWithFrame:CGRectZero configuration:configuration]);
-    [webView loadRequest:[NSURLRequest requestWithURL:[NSURL URLWithString:@"https://bundle-html-file/apple-pay-availability"]]];
+    [webView loadRequest:[NSURLRequest requestWithURL:[NSURL URLWithString:@"https://bundle-file/apple-pay-availability.html"]]];
     
     Util::run(&isDone);
@@ -139 +175 @@
     [TestProtocol registerWithScheme:@"https"];
 
-    auto messageHandler = adoptNS([[TestApplePayScriptMessageHandler alloc] initWithAPIsAvailableExpectation:YES canMakePaymentsExpectation:NO]);
-
-    WKWebViewConfiguration *configuration = [WKWebViewConfiguration _test_configurationWithTestPlugInClassName:@"WebProcessPlugInWithInternals"];
-    [configuration.userContentController addScriptMessageHandler:messageHandler.get() name:@"testApplePay"];
-
-    auto webView = adoptNS([[TestWKWebView alloc] initWithFrame:CGRectZero configuration:configuration]);
-    [webView loadRequest:[NSURLRequest requestWithURL:[NSURL URLWithString:@"https://bundle-html-file/apple-pay-availability-in-iframe"]]];
+    auto messageHandler = adoptNS([[TestApplePayAvailableScriptMessageHandler alloc] initWithAPIsAvailableExpectation:YES canMakePaymentsExpectation:NO]);
+
+    WKWebViewConfiguration *configuration = [WKWebViewConfiguration _test_configurationWithTestPlugInClassName:@"WebProcessPlugInWithInternals"];
+    [configuration.userContentController addScriptMessageHandler:messageHandler.get() name:@"testApplePay"];
+
+    auto webView = adoptNS([[TestWKWebView alloc] initWithFrame:CGRectZero configuration:configuration]);
+    [webView loadRequest:[NSURLRequest requestWithURL:[NSURL URLWithString:@"https://bundle-file/apple-pay-availability-in-iframe.html"]]];
     [webView _test_waitForDidFinishNavigation];
     [webView evaluateJavaScript:@"window.wkScriptEvaluated = true; loadApplePayFrame();" completionHandler:nil];
@@ -160 +196 @@
     [TestProtocol registerWithScheme:@"https"];
 
-    auto messageHandler = adoptNS([[TestApplePayScriptMessageHandler alloc] initWithAPIsAvailableExpectation:YES canMakePaymentsExpectation:YES]);
-
-    WKWebViewConfiguration *configuration = [WKWebViewConfiguration _test_configurationWithTestPlugInClassName:@"WebProcessPlugInWithInternals"];
-    [configuration.userContentController addScriptMessageHandler:messageHandler.get() name:@"testApplePay"];
-
-    auto webView = adoptNS([[TestWKWebView alloc] initWithFrame:CGRectZero configuration:configuration]);
-    [webView loadRequest:[NSURLRequest requestWithURL:[NSURL URLWithString:@"https://bundle-html-file/apple-pay-availability"]]];
+    auto messageHandler = adoptNS([[TestApplePayAvailableScriptMessageHandler alloc] initWithAPIsAvailableExpectation:YES canMakePaymentsExpectation:NO]);
+
+    WKWebViewConfiguration *configuration = [WKWebViewConfiguration _test_configurationWithTestPlugInClassName:@"WebProcessPlugInWithInternals"];
+    [configuration.userContentController addScriptMessageHandler:messageHandler.get() name:@"testApplePay"];
+
+    auto webView = adoptNS([[TestWKWebView alloc] initWithFrame:CGRectZero configuration:configuration]);
+    [webView loadRequest:[NSURLRequest requestWithURL:[NSURL URLWithString:@"https://bundle-file/apple-pay-availability-existing-object.html"]]];
 
     Util::run(&isDone);
@@ -179 +215 @@
 }
 
-TEST(ApplePay, ActiveSessionBlocksUserAgentScripts)
-{
-    [TestProtocol registerWithScheme:@"https"];
-
-    auto userScript = adoptNS([[WKUserScript alloc] initWithSource:@"window.wkUserScriptInjected = true" injectionTime:WKUserScriptInjectionTimeAtDocumentStart forMainFrameOnly:YES]);
-
-    WKWebViewConfiguration *configuration = [WKWebViewConfiguration _test_configurationWithTestPlugInClassName:@"WebProcessPlugInWithInternals"];
-
-    auto webView = adoptNS([[TestWKWebView alloc] initWithFrame:CGRectZero configuration:configuration]);
-    [webView loadRequest:[NSURLRequest requestWithURL:[NSURL URLWithString:@"https://bundle-html-file/apple-pay-active-session"]]];
-    [webView _test_waitForDidFinishNavigation];
+static void runActiveSessionTest(NSURL *url, BOOL shouldBlockScripts)
+{
+    [TestProtocol registerWithScheme:@"https"];
+
+    auto messageHandler = adoptNS([[TestApplePayActiveSessionScriptMessageHandler alloc] init]);
+    auto userScript = adoptNS([[WKUserScript alloc] initWithSource:userScriptSource injectionTime:WKUserScriptInjectionTimeAtDocumentStart forMainFrameOnly:YES]);
+
+    WKWebViewConfiguration *configuration = [WKWebViewConfiguration _test_configurationWithTestPlugInClassName:@"WebProcessPlugInWithInternals"];
+    [configuration.userContentController addScriptMessageHandler:messageHandler.get() name:@"testApplePay"];
+
+    auto webView = adoptNS([[TestWKWebView alloc] initWithFrame:CGRectZero configuration:configuration]);
+    [webView loadRequest:[NSURLRequest requestWithURL:url]];
+    Util::run(&isDone);
 
     [configuration.userContentController _addUserScriptImmediately:userScript.get()];
     [webView evaluateJavaScript:@"window.wkUserScriptInjected" completionHandler:^(id _Nullable result, NSError * _Nullable error) {
-        EXPECT_NULL(result);
-        EXPECT_NOT_NULL(error);
+        EXPECT_EQ(shouldBlockScripts, !result);
+        EXPECT_EQ(shouldBlockScripts, !!error);
         isDone = true;
     }];
-    Util::run(&isDone);
-
-    [TestProtocol unregister];
+
+    isDone = false;
+    Util::run(&isDone);
+
+    [TestProtocol unregister];
+}
+
+TEST(ApplePay, ActiveSessionBlocksUserAgentScripts)
+{
+    runActiveSessionTest([NSURL URLWithString:@"https://bundle-file/apple-pay-active-session.html"], YES);
+}
+
+TEST(ApplePay, CanMakePaymentsBlocksUserAgentScripts)
+{
+    runActiveSessionTest([NSURL URLWithString:@"https://bundle-file/apple-pay-can-make-payments.html"], YES);
+}
+
+TEST(ApplePay, CanMakePaymentsFalseDoesNotBlockUserAgentScripts)
+{
+    runActiveSessionTest([NSURL URLWithString:@"https://bundle-file/apple-pay-can-make-payments.html?false"], NO);
+}
+
+TEST(ApplePay, CanMakePaymentsWithActiveCardBlocksUserAgentScripts)
+{
+    runActiveSessionTest([NSURL URLWithString:@"https://bundle-file/apple-pay-can-make-payments-with-active-card.html"], YES);
+}
+
+TEST(ApplePay, CanMakePaymentsWithActiveCardFalseDoesNotBlockUserAgentScripts)
+{
+    runActiveSessionTest([NSURL URLWithString:@"https://bundle-file/apple-pay-can-make-payments-with-active-card.html?false"], NO);
+}
+
+TEST(ApplePay, CanMakePaymentBlocksUserAgentScripts)
+{
+    runActiveSessionTest([NSURL URLWithString:@"https://bundle-file/apple-pay-can-make-payment.html"], YES);
+}
+
+TEST(ApplePay, CanMakePaymentFalseDoesNotBlockUserAgentScripts)
+{
+    runActiveSessionTest([NSURL URLWithString:@"https://bundle-file/apple-pay-can-make-payment.html?false"], NO);
 }
 

trunk/Tools/TestWebKitAPI/Tests/WebKitCocoa/Download.mm

@@ -974 +974 @@
     [webView configuration].processPool._downloadDelegate = delegate.get();
 
-    NSURL *firstURL = [NSURL URLWithString:@"http://bundle-html-file/simple"];
+    NSURL *firstURL = [NSURL URLWithString:@"http://bundle-file/simple.html"];
     [delegate setResponsePolicy:WKNavigationResponsePolicyAllow];
     [webView loadRequest:[NSURLRequest requestWithURL:firstURL]];
@@ -984 +984 @@
     EXPECT_WK_STREQ(firstURL.absoluteString, [webView URL].absoluteString);
 
-    NSURL *secondURL = [NSURL URLWithString:@"http://bundle-html-file/simple2"];
+    NSURL *secondURL = [NSURL URLWithString:@"http://bundle-file/simple2.html"];
     [delegate setResponsePolicy:_WKNavigationResponsePolicyBecomeDownload];
     [webView loadRequest:[NSURLRequest requestWithURL:secondURL]];

trunk/Tools/TestWebKitAPI/Tests/WebKitCocoa/apple-pay-active-session.html

@@ -3 +3 @@
 <script>
     internals.mockPaymentCoordinator.supportsUnrestrictedApplePay = false;
-    internals.setHasStartedApplePaySession();
+    internals.setApplePayIsActive();
+    window.webkit.messageHandlers.testApplePay.postMessage("done");
 </script>

trunk/Tools/TestWebKitAPI/Tests/WebKitCocoa/apple-pay-availability-in-iframe.html

@@ -2 +2 @@
 <body>
 <script>
+    internals.mockPaymentCoordinator.supportsUnrestrictedApplePay = window.location.search === "?unrestricted" ? true : false;
     loadApplePayFrame = () => {
         const iframe = document.createElement('iframe');
-        iframe.src = 'https://bundle-html-file/apple-pay-availability';
+        iframe.src = 'apple-pay-availability.html' + window.location.search;
         document.body.appendChild(iframe);
     };

trunk/Tools/TestWebKitAPI/Tests/WebKitCocoa/apple-pay-availability.html

@@ -1 +1 @@
 <!DOCTYPE html>
 <body>
+<script src="apple-pay.js"></script>
 <script>
-    const applePayRequestBase = () => {
-        return {
-            merchantCapabilities: ['supports3DS'],
-            supportedNetworks: ['visa'],
-            countryCode: 'US',
-        };
-    };
-
-    const applePayPaymentRequest = () => {
-        const request = applePayRequestBase();
-        request.total = { label: 'total', amount: '0.00' };
-        request.currencyCode = 'USD';
-        return request;
-    };
-
-    const applePayMethod = () => {
-        const request = applePayRequestBase();
-        request.version = 1;
-        request.merchantIdentifier = '';
-        return {
-            supportedMethods: 'https://apple.com/apple-pay',
-            data: request,
-        };
-    };
-
-    const eventListener = async () => {
-        internals.mockPaymentCoordinator.supportsUnrestrictedApplePay = false;
+    window.addEventListener('load', async () => {
+        internals.mockPaymentCoordinator.supportsUnrestrictedApplePay = window.location.search === "?unrestricted" ? true : false;
 
         const applePaySessionAvailable = !!window.ApplePaySession;
@@ -41 +17 @@
         const canMakePaymentsWithActiveCard = await ApplePaySession.canMakePaymentsWithActiveCard('');
 
-        if (!window.wkPaymentRequest) {
-            wkPaymentRequest = new PaymentRequest([applePayMethod()], {
-                total: {
-                    label: 'total',
-                    amount: { currency: 'USD', value: '0.00' },
-                },
-            });
-        }
-
-        const canMakePayment = await wkPaymentRequest.canMakePayment();
+        const paymentRequest = new PaymentRequest([applePayMethod()], applePayDetails);
+        const canMakePayment = await paymentRequest.canMakePayment();
 
         window.webkit.messageHandlers.testApplePay.postMessage({
@@ -60 +28 @@
             canMakePayment,
         });
-    };
-
-    window.addEventListener('load', eventListener);
-    window.addEventListener('hashchange', eventListener);
+    });
 </script>

trunk/Tools/TestWebKitAPI/cocoa/TestProtocol.mm

@@ -29 +29 @@
 #import <WebKit/WKBrowsingContextController.h>
 #import <wtf/RetainPtr.h>
+
+#if PLATFORM(IOS_FAMILY)
+#include <MobileCoreServices/MobileCoreServices.h>
+#endif
 
 static NSString *testScheme;
@@ -87 +91 @@
 }
 
+static NSString *contentTypeForFileExtension(NSString *fileExtension)
+{
+    auto identifier = adoptCF(UTTypeCreatePreferredIdentifierForTag(kUTTagClassFilenameExtension, (__bridge CFStringRef)fileExtension, nullptr));
+    auto mimeType = adoptCF(UTTypeCopyPreferredTagWithClass(identifier.get(), kUTTagClassMIMEType));
+    return (__bridge NSString *)mimeType.autorelease();
+}
+
 - (void)startLoading
 {
@@ -107 +118 @@
     }
 
+    NSString *contentType;
     NSData *data;
-    if ([requestURL.host isEqualToString:@"bundle-html-file"])
-        data = [NSData dataWithContentsOfURL:[NSBundle.mainBundle URLForResource:requestURL.lastPathComponent.stringByDeletingPathExtension withExtension:@"html" subdirectory:@"TestWebKitAPI.resources"]];
-    else
+    if ([requestURL.host isEqualToString:@"bundle-file"]) {
+        NSString *fileName = requestURL.lastPathComponent;
+        NSString *fileExtension = fileName.pathExtension;
+        contentType = contentTypeForFileExtension(fileExtension);
+        data = [NSData dataWithContentsOfURL:[NSBundle.mainBundle URLForResource:fileName.stringByDeletingPathExtension withExtension:fileExtension subdirectory:@"TestWebKitAPI.resources"]];
+    } else {
+        contentType = @"text/html";
         data = [@"PASS" dataUsingEncoding:NSASCIIStringEncoding];
+    }
 
     NSMutableDictionary *responseHeaders = [NSMutableDictionary dictionaryWithCapacity:2];
-    responseHeaders[@"Content-Type"] = @"text/html";
+    responseHeaders[@"Content-Type"] = contentType;
     responseHeaders[@"Content-Length"] = [NSString stringWithFormat:@"%tu", data.length];
     if (additionalResponseHeaders)