Changeset 246872 in webkit
- Timestamp:
- Jun 26, 2019 11:33:50 PM (5 years ago)
- Location:
- trunk
- Files:
-
- 9 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/Source/WebKit/ChangeLog
r246870 r246872 1 2019-06-26 Jiewen Tan <jiewen_tan@apple.com> 2 3 SubFrameSOAuthorizationSession should preserve the referrer header when fall back to web path 4 https://bugs.webkit.org/show_bug.cgi?id=199232 5 <rdar://problem/51718328> 6 7 Reviewed by Youenn Fablet. 8 9 The fall back to web path mechanism in SubFrameSOAuthorizationSession doesn't actually resume 10 the previous navigation. Instead it starts a new one. The current implementation doesn't carry 11 any information from the previous navigation. It is problematic when it comes to http referrer 12 as the server might use that to determine what kind of responses to send back. Therefore, we 13 add that information now. 14 15 To accomplish the above, the patch teaches WebFrameProxy::loadURL to carry referrer information 16 when it is available. Then SubFrameSOAuthorizationSession can reuses the referrer from the 17 original request. 18 19 * UIProcess/Cocoa/SOAuthorization/SubFrameSOAuthorizationSession.mm: 20 (WebKit::SubFrameSOAuthorizationSession::fallBackToWebPathInternal): 21 * UIProcess/WebFrameProxy.cpp: 22 (WebKit::WebFrameProxy::loadURL): 23 * UIProcess/WebFrameProxy.h: 24 * WebProcess/WebPage/WebPage.cpp: 25 (WebKit::WebPage::loadURLInFrame): 26 * WebProcess/WebPage/WebPage.h: 27 * WebProcess/WebPage/WebPage.messages.in: 28 1 29 2019-06-26 Fujii Hironori <Hironori.Fujii@sony.com> 2 30 -
trunk/Source/WebKit/UIProcess/Cocoa/SOAuthorization/SubFrameSOAuthorizationSession.mm
r246701 r246872 69 69 page->setShouldSuppressSOAuthorizationInNextNavigationPolicyDecision(); 70 70 // Issue a new load to the original URL as the original load is aborted before start. 71 frame->loadURL(navigationActionPtr->request().url() );71 frame->loadURL(navigationActionPtr->request().url(), navigationActionPtr->request().httpReferrer()); 72 72 } 73 73 } -
trunk/Source/WebKit/UIProcess/WebFrameProxy.cpp
r246596 r246872 80 80 } 81 81 82 void WebFrameProxy::loadURL(const URL& url )83 { 84 if (!m_page) 85 return; 86 87 m_page->process().send(Messages::WebPage::LoadURLInFrame(url, m_frameID), m_page->pageID());82 void WebFrameProxy::loadURL(const URL& url, const String& referrer) 83 { 84 if (!m_page) 85 return; 86 87 m_page->process().send(Messages::WebPage::LoadURLInFrame(url, referrer, m_frameID), m_page->pageID()); 88 88 } 89 89 -
trunk/Source/WebKit/UIProcess/WebFrameProxy.h
r246596 r246872 79 79 FrameLoadState& frameLoadState() { return m_frameLoadState; } 80 80 81 void loadURL(const URL& );81 void loadURL(const URL&, const String& referrer = String()); 82 82 // Sub frames only. For main frames, use WebPageProxy::loadData. 83 83 void loadData(const IPC::DataReference&, const String& MIMEType, const String& encodingName, const URL& baseURL); -
trunk/Source/WebKit/WebProcess/WebPage/WebPage.cpp
r246701 r246872 1489 1489 } 1490 1490 1491 void WebPage::loadURLInFrame(URL&& url, uint64_t frameID)1491 void WebPage::loadURLInFrame(URL&& url, const String& referrer, uint64_t frameID) 1492 1492 { 1493 1493 WebFrame* frame = WebProcess::singleton().webFrame(frameID); … … 1495 1495 return; 1496 1496 1497 frame->coreFrame()->loader().load(FrameLoadRequest(*frame->coreFrame(), ResourceRequest(url ), ShouldOpenExternalURLsPolicy::ShouldNotAllow));1497 frame->coreFrame()->loader().load(FrameLoadRequest(*frame->coreFrame(), ResourceRequest(url, referrer), ShouldOpenExternalURLsPolicy::ShouldNotAllow)); 1498 1498 } 1499 1499 -
trunk/Source/WebKit/WebProcess/WebPage/WebPage.h
r246701 r246872 1338 1338 static bool logicalScroll(WebCore::Page*, WebCore::ScrollLogicalDirection, WebCore::ScrollGranularity); 1339 1339 1340 void loadURLInFrame(URL&&, uint64_t frameID);1340 void loadURLInFrame(URL&&, const String& referrer, uint64_t frameID); 1341 1341 void loadDataInFrame(IPC::DataReference&&, String&& MIMEType, String&& encodingName, URL&& baseURL, uint64_t frameID); 1342 1342 -
trunk/Source/WebKit/WebProcess/WebPage/WebPage.messages.in
r246677 r246872 159 159 TryRestoreScrollPosition() 160 160 161 LoadURLInFrame(URL url, uint64_t frameID)161 LoadURLInFrame(URL url, String referrer, uint64_t frameID) 162 162 LoadDataInFrame(IPC::DataReference data, String MIMEType, String encodingName, URL baseURL, uint64_t frameID) 163 163 LoadRequest(struct WebKit::LoadParameters loadParameters) -
trunk/Tools/ChangeLog
r246864 r246872 1 2019-06-26 Jiewen Tan <jiewen_tan@apple.com> 2 3 SubFrameSOAuthorizationSession should preserve the referrer header when fall back to web path 4 https://bugs.webkit.org/show_bug.cgi?id=199232 5 <rdar://problem/51718328> 6 7 Reviewed by Youenn Fablet. 8 9 * TestWebKitAPI/Tests/WebKitCocoa/TestSOAuthorization.mm: 10 (TestWebKitAPI::TEST): 11 Add a test that utilizes TCPServer as local files always omit referrer. 12 1 13 2019-06-26 Aakash Jain <aakash_jain@apple.com> 2 14 -
trunk/Tools/TestWebKitAPI/Tests/WebKitCocoa/TestSOAuthorization.mm
r246829 r246872 32 32 #import "InstanceMethodSwizzler.h" 33 33 #import "PlatformUtilities.h" 34 #import "TCPServer.h" 34 35 #import "TestWKWebView.h" 35 36 #import <WebKit/WKNavigationActionPrivate.h> 36 37 #import <WebKit/WKNavigationDelegatePrivate.h> 37 38 #import <WebKit/WKNavigationPrivate.h> 39 #import <WebKit/WKWebViewPrivate.h> 38 40 #import <pal/cocoa/AppSSOSoftLink.h> 39 41 #import <pal/spi/cocoa/AuthKitSPI.h> … … 42 44 #import <wtf/StringPrintStream.h> 43 45 #import <wtf/URL.h> 46 #import <wtf/text/StringConcatenateNumbers.h> 44 47 #import <wtf/text/WTFString.h> 45 48 … … 96 99 static const char* parentTemplate = 97 100 "<html>" 101 "<meta name='referrer' content='origin' />" 98 102 "<iframe src='%s'></iframe>" 99 103 "<script>" … … 111 115 "<script>" 112 116 "parent.postMessage('Hello.', '*');" 117 "%s" 113 118 "</script>" 114 119 "</html>"; … … 2125 2130 } 2126 2131 2132 TEST(SOAuthorizationSubFrame, InterceptionErrorWithReferrer) 2133 { 2134 resetState(); 2135 ClassMethodSwizzler swizzler1(PAL::getSOAuthorizationClass(), @selector(canPerformAuthorizationWithURL:responseCode:), reinterpret_cast<IMP>(overrideCanPerformAuthorizationWithURL)); 2136 InstanceMethodSwizzler swizzler2(PAL::getSOAuthorizationClass(), @selector(setDelegate:), reinterpret_cast<IMP>(overrideSetDelegate)); 2137 InstanceMethodSwizzler swizzler3(PAL::getSOAuthorizationClass(), @selector(beginAuthorizationWithURL:httpHeaders:httpBody:), reinterpret_cast<IMP>(overrideBeginAuthorizationWithURL)); 2138 ClassMethodSwizzler swizzler4([AKAuthorizationController class], @selector(isURLFromAppleOwnedDomain:), reinterpret_cast<IMP>(overrideIsURLFromAppleOwnedDomain)); 2139 2140 TCPServer server([parentHtml = generateHtml(parentTemplate, "simple.html"), frameHtml = generateHtml(iframeTemplate, "parent.postMessage('Referrer: ' + document.referrer, '*');")] (int socket) { 2141 NSString *firstResponse = [NSString stringWithFormat: 2142 @"HTTP/1.1 200 OK\r\n" 2143 "Content-Length: %d\r\n\r\n" 2144 "%@", 2145 parentHtml.length(), 2146 (id)parentHtml 2147 ]; 2148 NSString *secondResponse = [NSString stringWithFormat: 2149 @"HTTP/1.1 200 OK\r\n" 2150 "Content-Length: %d\r\n\r\n" 2151 "%@", 2152 frameHtml.length(), 2153 (id)frameHtml 2154 ]; 2155 2156 TCPServer::read(socket); 2157 TCPServer::write(socket, firstResponse.UTF8String, firstResponse.length); 2158 TCPServer::read(socket); 2159 TCPServer::write(socket, secondResponse.UTF8String, secondResponse.length); 2160 }); 2161 2162 auto webView = adoptNS([[TestWKWebView alloc] initWithFrame:CGRectMake(0, 0, 320, 500)]); 2163 auto delegate = adoptNS([[TestSOAuthorizationNavigationDelegate alloc] init]); 2164 configureSOAuthorizationWebView(webView.get(), delegate.get()); 2165 2166 auto origin = makeString("http://127.0.0.1:", static_cast<unsigned>(server.port())); 2167 [webView _loadRequest:[NSURLRequest requestWithURL:[NSURL URLWithString:(id)origin]] shouldOpenExternalURLs:NO]; 2168 [webView waitForMessage:(id)origin]; 2169 [webView waitForMessage:@"SOAuthorizationDidStart"]; 2170 2171 [gDelegate authorization:gAuthorization didCompleteWithError:adoptNS([[NSError alloc] initWithDomain:NSCocoaErrorDomain code:0 userInfo:nil]).get()]; 2172 [webView waitForMessage:(id)origin]; 2173 [webView waitForMessage:@"SOAuthorizationDidCancel"]; 2174 [webView waitForMessage:(id)makeString("Referrer: ", origin, "/")]; // Referrer policy requires '/' after origin. 2175 } 2176 2127 2177 } // namespace TestWebKitAPI 2128 2178
Note: See TracChangeset
for help on using the changeset viewer.