Changeset 247123 in webkit
- Timestamp:
- Jul 3, 2019 5:58:43 PM (5 years ago)
- Location:
- trunk
- Files:
-
- 12 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/Source/WebCore/ChangeLog
r247121 r247123 1 2019-07-03 Sihui Liu <sihui_liu@apple.com> 2 3 Only allow fetching and removing session credentials from WebsiteDataStore 4 https://bugs.webkit.org/show_bug.cgi?id=199385 5 6 Reviewed by Alex Christensen. 7 8 Fetch and remove only session credentials from NSURLCredentialStorage. 9 10 Modified existing API tests: WKWebsiteDataStore.FetchPersistentCredentials 11 12 * platform/network/CredentialStorage.cpp: 13 (WebCore::CredentialStorage::originsWithCredentials const): 14 (WebCore::CredentialStorage::originsWithSessionCredentials): 15 (WebCore::CredentialStorage::removeSessionCredentialsWithOrigins): 16 (WebCore::CredentialStorage::clearSessionCredentials): 17 * platform/network/CredentialStorage.h: 18 * platform/network/mac/CredentialStorageMac.mm: 19 (WebCore::CredentialStorage::originsWithSessionCredentials): 20 (WebCore::CredentialStorage::removeSessionCredentialsWithOrigins): 21 (WebCore::CredentialStorage::clearSessionCredentials): 22 (WebCore::CredentialStorage::originsWithPersistentCredentials): Deleted. 23 1 24 2019-07-03 Said Abou-Hallawa <sabouhallawa@apple.com> 2 25 -
trunk/Source/WebCore/platform/network/CredentialStorage.cpp
r246775 r247123 103 103 } 104 104 105 Vector<SecurityOriginData> CredentialStorage::originsWithCredentials() const106 { 107 Vector<SecurityOriginData> origins;105 HashSet<SecurityOriginData> CredentialStorage::originsWithCredentials() const 106 { 107 HashSet<SecurityOriginData> origins; 108 108 for (auto& keyValuePair : m_protectionSpaceToCredentialMap) { 109 109 auto& protectionSpace = keyValuePair.key.second; … … 130 130 131 131 SecurityOriginData origin { protocol, protectionSpace.host(), static_cast<uint16_t>(protectionSpace.port())}; 132 origins.a ppend(WTFMove(origin));132 origins.add(WTFMove(origin)); 133 133 } 134 134 return origins; … … 188 188 } 189 189 190 #if !PLATFORM(COCOA) 191 HashSet<SecurityOriginData> CredentialStorage::originsWithSessionCredentials() 192 { 193 return { }; 194 } 195 196 void CredentialStorage::removeSessionCredentialsWithOrigins(const Vector<SecurityOriginData>&) 197 { 198 } 199 200 void CredentialStorage::clearSessionCredentials() 201 { 202 } 203 #endif 204 190 205 } // namespace WebCore -
trunk/Source/WebCore/platform/network/CredentialStorage.h
r246775 r247123 46 46 WEBCORE_EXPORT void removeCredentialsWithOrigin(const SecurityOriginData&); 47 47 48 // OS persistentstorage.48 // OS credential storage. 49 49 WEBCORE_EXPORT static Credential getFromPersistentStorage(const ProtectionSpace&); 50 WEBCORE_EXPORT static Vector<SecurityOriginData> originsWithPersistentCredentials(); 50 WEBCORE_EXPORT static HashSet<SecurityOriginData> originsWithSessionCredentials(); 51 WEBCORE_EXPORT static void removeSessionCredentialsWithOrigins(const Vector<SecurityOriginData>& origins); 52 WEBCORE_EXPORT static void clearSessionCredentials(); 51 53 52 54 WEBCORE_EXPORT void clearCredentials(); … … 57 59 WEBCORE_EXPORT Credential get(const String&, const URL&); 58 60 59 WEBCORE_EXPORT Vector<SecurityOriginData> originsWithCredentials() const;61 WEBCORE_EXPORT HashSet<SecurityOriginData> originsWithCredentials() const; 60 62 61 63 private: -
trunk/Source/WebCore/platform/network/mac/CredentialStorageMac.mm
r246775 r247123 39 39 } 40 40 41 Vector<WebCore::SecurityOriginData> CredentialStorage::originsWithPersistentCredentials()41 HashSet<SecurityOriginData> CredentialStorage::originsWithSessionCredentials() 42 42 { 43 Vector<WebCore::SecurityOriginData> origins;43 HashSet<SecurityOriginData> origins; 44 44 auto allCredentials = [[NSURLCredentialStorage sharedCredentialStorage] allCredentials]; 45 for (NSURLProtectionSpace* key in allCredentials.keyEnumerator) 46 origins.append(WebCore::SecurityOriginData { String(key.protocol), String(key.host), key.port }); 45 for (NSURLProtectionSpace* key in allCredentials.keyEnumerator) { 46 for (NSURLProtectionSpace* space in allCredentials) { 47 auto credentials = allCredentials[space]; 48 for (NSString* user in credentials) { 49 if (credentials[user].persistence == NSURLCredentialPersistenceForSession) { 50 origins.add(WebCore::SecurityOriginData { String(key.protocol), String(key.host), key.port }); 51 break; 52 } 53 } 54 } 55 } 47 56 return origins; 48 57 } 49 58 59 void CredentialStorage::removeSessionCredentialsWithOrigins(const Vector<SecurityOriginData>& origins) 60 { 61 auto sharedStorage = [NSURLCredentialStorage sharedCredentialStorage]; 62 auto allCredentials = [sharedStorage allCredentials]; 63 for (auto& origin : origins) { 64 for (NSURLProtectionSpace* space in allCredentials) { 65 if (origin.protocol == String(space.protocol) 66 && origin.host == String(space.host) 67 && origin.port 68 && *origin.port == space.port) { 69 auto credentials = allCredentials[space]; 70 for (NSString* user in credentials) { 71 auto credential = credentials[user]; 72 if (credential.persistence == NSURLCredentialPersistenceForSession) 73 [sharedStorage removeCredential:credential forProtectionSpace:space]; 74 } 75 } 76 } 77 } 78 } 79 80 void CredentialStorage::clearSessionCredentials() 81 { 82 auto sharedStorage = [NSURLCredentialStorage sharedCredentialStorage]; 83 auto allCredentials = [sharedStorage allCredentials]; 84 for (NSURLProtectionSpace* space in allCredentials.keyEnumerator) { 85 auto credentials = allCredentials[space]; 86 for (NSString* user in credentials) { 87 auto credential = credentials[user]; 88 if (credential.persistence == NSURLCredentialPersistenceForSession) 89 [sharedStorage removeCredential:credential forProtectionSpace:space]; 90 } 91 } 92 } 93 50 94 } // namespace WebCore -
trunk/Source/WebKit/ChangeLog
r247120 r247123 1 2019-07-03 Sihui Liu <sihui_liu@apple.com> 2 3 Only allow fetching and removing session credentials from WebsiteDataStore 4 https://bugs.webkit.org/show_bug.cgi?id=199385 5 6 Reviewed by Alex Christensen. 7 8 Stop sending an extra message to network process for fetching or removing persistent credentials. 9 10 * NetworkProcess/NetworkProcess.cpp: 11 (WebKit::NetworkProcess::fetchWebsiteData): 12 (WebKit::NetworkProcess::deleteWebsiteData): 13 (WebKit::NetworkProcess::deleteWebsiteDataForOrigins): 14 (WebKit::NetworkProcess::deleteWebsiteDataForRegistrableDomains): 15 (WebKit::NetworkProcess::originsWithPersistentCredentials): Deleted. 16 (WebKit::NetworkProcess::removeCredentialsWithOrigins): Deleted. 17 * NetworkProcess/NetworkProcess.h: 18 * NetworkProcess/NetworkProcess.messages.in: 19 * NetworkProcess/cocoa/NetworkProcessCocoa.mm: 20 (WebKit::NetworkProcess::originsWithPersistentCredentials): Deleted. 21 (WebKit::NetworkProcess::removeCredentialsWithOrigins): Deleted. 22 * UIProcess/WebsiteData/WebsiteDataStore.cpp: 23 (WebKit::WebsiteDataStore::fetchDataAndApply): 24 (WebKit::computeWebProcessAccessTypeForDataRemoval): 25 (WebKit::WebsiteDataStore::removeData): 26 1 27 2019-07-03 Tim Horton <timothy_horton@apple.com> 2 28 -
trunk/Source/WebKit/NetworkProcess/NetworkProcess.cpp
r247094 r247123 1299 1299 callbackAggregator->m_websiteData.entries.append({ securityOrigin, WebsiteDataType::Credentials, 0 }); 1300 1300 } 1301 auto securityOrigins = WebCore::CredentialStorage::originsWithSessionCredentials(); 1302 for (auto& securityOrigin : securityOrigins) 1303 callbackAggregator->m_websiteData.entries.append({ securityOrigin, WebsiteDataType::Credentials, 0 }); 1301 1304 } 1302 1305 … … 1380 1383 if (auto* session = storageSession(sessionID)) 1381 1384 session->credentialStorage().clearCredentials(); 1385 WebCore::CredentialStorage::clearSessionCredentials(); 1382 1386 } 1383 1387 … … 1517 1521 session->credentialStorage().removeCredentialsWithOrigin(originData); 1518 1522 } 1523 WebCore::CredentialStorage::removeSessionCredentialsWithOrigins(originDatas); 1519 1524 } 1520 1525 … … 1661 1666 #endif 1662 1667 1663 /*1664 // FIXME: No API to delete credentials by origin1665 HashSet<String> originsWithCredentials;1666 1668 if (websiteDataTypes.contains(WebsiteDataType::Credentials)) { 1667 if (storageSession(sessionID)) 1668 originsWithCredentials = storageSession(sessionID)->credentialStorage().originsWithCredentials(); 1669 } 1670 */ 1669 if (auto* session = storageSession(sessionID)) { 1670 auto origins = session->credentialStorage().originsWithCredentials(); 1671 auto originsToDelete = filterForRegistrableDomains(origins, domainsToDeleteAllButCookiesFor, callbackAggregator->m_domains); 1672 for (auto& origin : originsToDelete) 1673 session->credentialStorage().removeCredentialsWithOrigin(origin); 1674 } 1675 1676 auto origins = WebCore::CredentialStorage::originsWithSessionCredentials(); 1677 auto originsToDelete = filterForRegistrableDomains(origins, domainsToDeleteAllButCookiesFor, callbackAggregator->m_domains); 1678 WebCore::CredentialStorage::removeSessionCredentialsWithOrigins(originsToDelete); 1679 } 1671 1680 1672 1681 if (websiteDataTypes.contains(WebsiteDataType::DOMCache)) { … … 2564 2573 2565 2574 #if !PLATFORM(COCOA) 2566 void NetworkProcess::originsWithPersistentCredentials(CompletionHandler<void(Vector<WebCore::SecurityOriginData>)>&& completionHandler)2567 {2568 completionHandler(Vector<WebCore::SecurityOriginData>());2569 }2570 2571 void NetworkProcess::removeCredentialsWithOrigins(const Vector<WebCore::SecurityOriginData>&, CompletionHandler<void()>&& completionHandler)2572 {2573 completionHandler();2574 }2575 2576 2575 void NetworkProcess::initializeProcess(const AuxiliaryProcessInitializationParameters&) 2577 2576 { -
trunk/Source/WebKit/NetworkProcess/NetworkProcess.h
r247072 r247123 437 437 438 438 void platformSyncAllCookies(CompletionHandler<void()>&&); 439 440 void originsWithPersistentCredentials(CompletionHandler<void(Vector<WebCore::SecurityOriginData>)>&&);441 void removeCredentialsWithOrigins(const Vector<WebCore::SecurityOriginData>& origins, CompletionHandler<void()>&&);442 439 443 440 void registerURLSchemeAsSecure(const String&) const; -
trunk/Source/WebKit/NetworkProcess/NetworkProcess.messages.in
r246775 r247123 169 169 SetAdClickAttributionConversionURLForTesting(PAL::SessionID sessionID, URL url) -> () Async 170 170 MarkAdClickAttributionsAsExpiredForTesting(PAL::SessionID sessionID) -> () Async 171 OriginsWithPersistentCredentials() -> (Vector<WebCore::SecurityOriginData> origins) Async172 RemoveCredentialsWithOrigins(Vector<WebCore::SecurityOriginData> origins) -> () Async173 171 GetLocalStorageOriginDetails(PAL::SessionID sessionID) -> (Vector<WebKit::LocalStorageDatabaseTracker::OriginDetails> details) Async 174 172 } -
trunk/Source/WebKit/NetworkProcess/cocoa/NetworkProcessCocoa.mm
r246775 r247123 213 213 } 214 214 215 void NetworkProcess::originsWithPersistentCredentials(CompletionHandler<void(Vector<WebCore::SecurityOriginData>)>&& completionHandler)216 {217 completionHandler(WebCore::CredentialStorage::originsWithPersistentCredentials());218 }219 220 void NetworkProcess::removeCredentialsWithOrigins(const Vector<WebCore::SecurityOriginData>& origins, CompletionHandler<void()>&& completionHandler)221 {222 for (auto& origin : origins) {223 auto allCredentials = [[NSURLCredentialStorage sharedCredentialStorage] allCredentials];224 for (NSURLProtectionSpace* space in allCredentials) {225 if (origin.protocol == String(space.protocol)226 && origin.host == String(space.host)227 && origin.port228 && *origin.port == space.port) {229 auto credentials = allCredentials[space];230 for (NSString* user in credentials) {231 auto credential = credentials[user];232 [[NSURLCredentialStorage sharedCredentialStorage] removeCredential:credential forProtectionSpace:space];233 }234 }235 }236 }237 completionHandler();238 }239 240 215 #if PLATFORM(MAC) 241 216 void NetworkProcess::setSharedHTTPCookieStorage(const Vector<uint8_t>& identifier) -
trunk/Source/WebKit/UIProcess/WebsiteData/WebsiteDataStore.cpp
r247058 r247123 518 518 } 519 519 520 #if PLATFORM(COCOA)521 if (dataTypes.contains(WebsiteDataType::Credentials) && isPersistent()) {522 for (auto& processPool : processPools()) {523 if (!processPool->networkProcess())524 continue;525 526 callbackAggregator->addPendingCallback();527 WTF::CompletionHandler<void(Vector<WebCore::SecurityOriginData>&&)> completionHandler = [callbackAggregator](Vector<WebCore::SecurityOriginData>&& origins) mutable {528 WebsiteData websiteData;529 for (auto& origin : origins)530 websiteData.entries.append(WebsiteData::Entry { origin, WebsiteDataType::Credentials, 0 });531 callbackAggregator->removePendingCallback(WTFMove(websiteData));532 };533 processPool->networkProcess()->sendWithAsyncReply(Messages::NetworkProcess::OriginsWithPersistentCredentials(), WTFMove(completionHandler));534 }535 }536 #endif537 538 520 #if ENABLE(NETSCAPE_PLUGIN_API) 539 521 if (dataTypes.contains(WebsiteDataType::PlugInData) && isPersistent()) { … … 642 624 processAccessType = std::max(processAccessType, ProcessAccessType::OnlyIfLaunched); 643 625 644 if (dataTypes.contains(WebsiteDataType::Credentials))645 processAccessType = std::max(processAccessType, ProcessAccessType::OnlyIfLaunched);646 647 626 return processAccessType; 648 627 } … … 1091 1070 } 1092 1071 1093 if (dataTypes.contains(WebsiteDataType::Credentials) && isPersistent()) {1094 for (auto& processPool : processPools()) {1095 if (!processPool->networkProcess())1096 continue;1097 1098 callbackAggregator->addPendingCallback();1099 WTF::CompletionHandler<void()> completionHandler = [callbackAggregator]() mutable {1100 callbackAggregator->removePendingCallback();1101 };1102 processPool->networkProcess()->sendWithAsyncReply(Messages::NetworkProcess::RemoveCredentialsWithOrigins(origins), WTFMove(completionHandler));1103 }1104 }1105 1106 1072 #if ENABLE(NETSCAPE_PLUGIN_API) 1107 1073 if (dataTypes.contains(WebsiteDataType::PlugInData) && isPersistent()) { -
trunk/Tools/ChangeLog
r247120 r247123 1 2019-07-03 Sihui Liu <sihui_liu@apple.com> 2 3 Only allow fetching and removing session credentials from WebsiteDataStore 4 https://bugs.webkit.org/show_bug.cgi?id=199385 5 6 Reviewed by Alex Christensen. 7 8 * TestWebKitAPI/Tests/WebKitCocoa/WKWebsiteDatastore.mm: 9 (TestWebKitAPI::TEST): 10 1 11 2019-07-03 Tim Horton <timothy_horton@apple.com> 2 12 -
trunk/Tools/TestWebKitAPI/Tests/WebKitCocoa/WKWebsiteDatastore.mm
r246775 r247123 93 93 readyToContinue = false; 94 94 [[WKWebsiteDataStore defaultDataStore] fetchDataRecordsOfTypes:[WKWebsiteDataStore _allWebsiteDataTypesIncludingPrivate] completionHandler:^(NSArray<WKWebsiteDataRecord *> *dataRecords) { 95 ASSERT_EQ(0u, dataRecords.count);95 EXPECT_EQ(0u, dataRecords.count); 96 96 readyToContinue = true; 97 97 }]; … … 140 140 { 141 141 TCPServer server(TCPServer::respondWithChallengeThenOK); 142 142 143 143 usePersistentCredentialStorage = true; 144 144 auto websiteDataStore = [WKWebsiteDataStore defaultDataStore]; … … 152 152 [websiteDataStore fetchDataRecordsOfTypes:[NSSet setWithObject:_WKWebsiteDataTypeCredentials] completionHandler:^(NSArray<WKWebsiteDataRecord *> *dataRecords) { 153 153 int credentialCount = dataRecords.count; 154 ASSERT_GT(credentialCount, 0); 155 bool foundExpectedRecord = false; 156 for (WKWebsiteDataRecord *record in dataRecords) { 157 auto name = [record displayName]; 158 if ([name isEqualToString:@"127.0.0.1"]) { 159 foundExpectedRecord = true; 160 break; 161 } 162 } 163 EXPECT_TRUE(foundExpectedRecord); 164 done = true; 165 }]; 166 TestWebKitAPI::Util::run(&done); 167 168 __block bool removedCredential = false; 169 [websiteDataStore fetchDataRecordsOfTypes:[NSSet setWithObject:_WKWebsiteDataTypeCredentials] completionHandler:^(NSArray<WKWebsiteDataRecord *> *dataRecords) { 170 [websiteDataStore removeDataOfTypes:[NSSet setWithObject:_WKWebsiteDataTypeCredentials] forDataRecords:dataRecords completionHandler:^(void) { 171 removedCredential = true; 172 }]; 173 }]; 174 TestWebKitAPI::Util::run(&removedCredential); 175 } 176 177 TEST(WKWebsiteDataStore, RemovePersistentCredentials) 154 EXPECT_EQ(credentialCount, 0); 155 done = true; 156 }]; 157 TestWebKitAPI::Util::run(&done); 158 } 159 160 TEST(WKWebsiteDataStore, RemoveNonPersistentCredentials) 178 161 { 179 162 TCPServer server(TCPServer::respondWithChallengeThenOK); 180 163 181 usePersistentCredentialStorage = true; 182 auto websiteDataStore = [WKWebsiteDataStore defaultDataStore]; 164 usePersistentCredentialStorage = false; 165 auto configuration = adoptNS([WKWebViewConfiguration new]); 166 auto websiteDataStore = [WKWebsiteDataStore nonPersistentDataStore]; 167 [configuration setWebsiteDataStore:websiteDataStore]; 183 168 auto navigationDelegate = adoptNS([[NavigationTestDelegate alloc] init]); 184 auto webView = adoptNS([[WKWebView alloc] initWithFrame:NSMakeRect(0, 0, 800, 600) ]);169 auto webView = adoptNS([[WKWebView alloc] initWithFrame:NSMakeRect(0, 0, 800, 600) configuration:configuration.get()]); 185 170 [webView setNavigationDelegate:navigationDelegate.get()]; 186 171 [webView loadRequest:[NSURLRequest requestWithURL:[NSURL URLWithString:[NSString stringWithFormat:@"http://127.0.0.1:%d/", server.port()]]]]; … … 226 211 } 227 212 228 TEST(WKWebsiteDataStore, RemoveNonPersistentCredentials)229 {230 TCPServer server(TCPServer::respondWithChallengeThenOK);231 232 usePersistentCredentialStorage = false;233 auto configuration = adoptNS([WKWebViewConfiguration new]);234 auto websiteDataStore = [WKWebsiteDataStore nonPersistentDataStore];235 [configuration setWebsiteDataStore:websiteDataStore];236 auto navigationDelegate = adoptNS([[NavigationTestDelegate alloc] init]);237 auto webView = adoptNS([[WKWebView alloc] initWithFrame:NSMakeRect(0, 0, 800, 600) configuration:configuration.get()]);238 [webView setNavigationDelegate:navigationDelegate.get()];239 [webView loadRequest:[NSURLRequest requestWithURL:[NSURL URLWithString:[NSString stringWithFormat:@"http://127.0.0.1:%d/", server.port()]]]];240 [navigationDelegate waitForDidFinishNavigation];241 242 __block bool done = false;243 __block RetainPtr<WKWebsiteDataRecord> expectedRecord;244 [websiteDataStore fetchDataRecordsOfTypes:[NSSet setWithObject:_WKWebsiteDataTypeCredentials] completionHandler:^(NSArray<WKWebsiteDataRecord *> *dataRecords) {245 int credentialCount = dataRecords.count;246 ASSERT_GT(credentialCount, 0);247 for (WKWebsiteDataRecord *record in dataRecords) {248 auto name = [record displayName];249 if ([name isEqualToString:@"127.0.0.1"]) {250 expectedRecord = record;251 break;252 }253 }254 EXPECT_TRUE(expectedRecord);255 done = true;256 }];257 TestWebKitAPI::Util::run(&done);258 259 done = false;260 [websiteDataStore removeDataOfTypes:[NSSet setWithObject:_WKWebsiteDataTypeCredentials] forDataRecords:[NSArray arrayWithObject:expectedRecord.get()] completionHandler:^(void) {261 done = true;262 }];263 TestWebKitAPI::Util::run(&done);264 265 done = false;266 [websiteDataStore fetchDataRecordsOfTypes:[NSSet setWithObject:_WKWebsiteDataTypeCredentials] completionHandler:^(NSArray<WKWebsiteDataRecord *> *dataRecords) {267 bool foundLocalHostRecord = false;268 for (WKWebsiteDataRecord *record in dataRecords) {269 auto name = [record displayName];270 if ([name isEqualToString:@"127.0.0.1"]) {271 foundLocalHostRecord = true;272 break;273 }274 }275 EXPECT_FALSE(foundLocalHostRecord);276 done = true;277 }];278 TestWebKitAPI::Util::run(&done);279 }280 281 213 TEST(WebKit, SettingNonPersistentDataStorePathsThrowsException) 282 214 {
Note: See TracChangeset
for help on using the changeset viewer.