Changeset 247270 in webkit


Ignore:
Timestamp:
Jul 9, 2019 12:25:57 PM (5 years ago)
Author:
sihui_liu@apple.com
Message:

Only allow fetching and removing session credentials from WebsiteDataStore
https://bugs.webkit.org/show_bug.cgi?id=199385
<rdar://problem/52622080>

Reviewed by Alex Christensen.

Source/WebCore:

Fetch and remove only session credentials from NSURLCredentialStorage.

Modified existing API tests: WKWebsiteDataStore.FetchPersistentCredentials

  • platform/network/CredentialStorage.cpp:

(WebCore::CredentialStorage::originsWithCredentials const):
(WebCore::CredentialStorage::originsWithSessionCredentials):
(WebCore::CredentialStorage::removeSessionCredentialsWithOrigins):
(WebCore::CredentialStorage::clearSessionCredentials):
(WebCore::CredentialStorage::clearPermanentCredentialsForProtectionSpace):

  • platform/network/CredentialStorage.h:
  • platform/network/mac/CredentialStorageMac.mm:

(WebCore::CredentialStorage::originsWithSessionCredentials):
(WebCore::CredentialStorage::removeSessionCredentialsWithOrigins):
(WebCore::CredentialStorage::clearSessionCredentials):
(WebCore::CredentialStorage::clearPermanentCredentialsForProtectionSpace):
(WebCore::CredentialStorage::originsWithPersistentCredentials): Deleted.

Source/WebKit:

Stop sending an extra message to network process for fetching or removing persistent credentials.

Also introduce a new SPI for clearing persistent credentials created in test.

  • NetworkProcess/NetworkProcess.cpp:

(WebKit::NetworkProcess::clearPermanentCredentialsForProtectionSpace):
(WebKit::NetworkProcess::fetchWebsiteData):
(WebKit::NetworkProcess::deleteWebsiteData):
(WebKit::NetworkProcess::deleteWebsiteDataForOrigins):
(WebKit::NetworkProcess::deleteWebsiteDataForRegistrableDomains):
(WebKit::NetworkProcess::originsWithPersistentCredentials): Deleted.
(WebKit::NetworkProcess::removeCredentialsWithOrigins): Deleted.

  • NetworkProcess/NetworkProcess.h:
  • NetworkProcess/NetworkProcess.messages.in:
  • NetworkProcess/cocoa/NetworkProcessCocoa.mm:

(WebKit::NetworkProcess::originsWithPersistentCredentials): Deleted.
(WebKit::NetworkProcess::removeCredentialsWithOrigins): Deleted.

  • UIProcess/API/Cocoa/WKProcessPool.mm:

(-[WKProcessPool _clearPermanentCredentialsForProtectionSpace:completionHandler:]):

  • UIProcess/API/Cocoa/WKProcessPoolPrivate.h:
  • UIProcess/WebProcessPool.cpp:

(WebKit::WebProcessPool::clearPermanentCredentialsForProtectionSpace):

  • UIProcess/WebProcessPool.h:
  • UIProcess/WebsiteData/WebsiteDataStore.cpp:

(WebKit::WebsiteDataStore::fetchDataAndApply):
(WebKit::computeWebProcessAccessTypeForDataRemoval):
(WebKit::WebsiteDataStore::removeData):

Tools:

removeDataOfTypes will no longer remove persistent credentials. We should clear persistent credentials using
the new SPI after each test that creates persistent credentials, otherwise the later tests may use credentials
left by previous tests and didReceiveAuthenticationChallenge will not be invoked.

  • TestWebKitAPI/Tests/WebKitCocoa/Challenge.mm:

(TEST):

  • TestWebKitAPI/Tests/WebKitCocoa/WKWebsiteDatastore.mm:

(TestWebKitAPI::TEST):

Location:
trunk
Files:
17 edited

Legend:

Unmodified
Added
Removed
  • trunk/Source/WebCore/ChangeLog

    r247266 r247270  
     12019-07-09  Sihui Liu  <sihui_liu@apple.com>
     2
     3        Only allow fetching and removing session credentials from WebsiteDataStore
     4        https://bugs.webkit.org/show_bug.cgi?id=199385
     5        <rdar://problem/52622080>
     6
     7        Reviewed by Alex Christensen.
     8
     9        Fetch and remove only session credentials from NSURLCredentialStorage.
     10
     11        Modified existing API tests: WKWebsiteDataStore.FetchPersistentCredentials
     12
     13        * platform/network/CredentialStorage.cpp:
     14        (WebCore::CredentialStorage::originsWithCredentials const):
     15        (WebCore::CredentialStorage::originsWithSessionCredentials):
     16        (WebCore::CredentialStorage::removeSessionCredentialsWithOrigins):
     17        (WebCore::CredentialStorage::clearSessionCredentials):
     18        (WebCore::CredentialStorage::clearPermanentCredentialsForProtectionSpace):
     19        * platform/network/CredentialStorage.h:
     20        * platform/network/mac/CredentialStorageMac.mm:
     21        (WebCore::CredentialStorage::originsWithSessionCredentials):
     22        (WebCore::CredentialStorage::removeSessionCredentialsWithOrigins):
     23        (WebCore::CredentialStorage::clearSessionCredentials):
     24        (WebCore::CredentialStorage::clearPermanentCredentialsForProtectionSpace):
     25        (WebCore::CredentialStorage::originsWithPersistentCredentials): Deleted.
     26
    1272019-07-09  Alex Christensen  <achristensen@webkit.org>
    228
  • trunk/Source/WebCore/platform/network/CredentialStorage.cpp

    r247162 r247270  
    103103}
    104104
    105 Vector<SecurityOriginData> CredentialStorage::originsWithCredentials() const
    106 {
    107     Vector<SecurityOriginData> origins;
     105HashSet<SecurityOriginData> CredentialStorage::originsWithCredentials() const
     106{
     107    HashSet<SecurityOriginData> origins;
    108108    for (auto& keyValuePair : m_protectionSpaceToCredentialMap) {
    109109        auto& protectionSpace = keyValuePair.key.second;
     
    130130
    131131        SecurityOriginData origin { protocol, protectionSpace.host(), static_cast<uint16_t>(protectionSpace.port())};
    132         origins.append(WTFMove(origin));
     132        origins.add(WTFMove(origin));
    133133    }
    134134    return origins;
     
    188188}
    189189
     190#if !PLATFORM(COCOA)
     191HashSet<SecurityOriginData> CredentialStorage::originsWithSessionCredentials()
     192{
     193    return { };
     194}
     195
     196void CredentialStorage::removeSessionCredentialsWithOrigins(const Vector<SecurityOriginData>&)
     197{
     198}
     199
     200void CredentialStorage::clearSessionCredentials()
     201{
     202}
     203
     204void CredentialStorage::clearPermanentCredentialsForProtectionSpace(const ProtectionSpace&)
     205{
     206}
     207#endif
     208
    190209} // namespace WebCore
  • trunk/Source/WebCore/platform/network/CredentialStorage.h

    r247162 r247270  
    4646    WEBCORE_EXPORT void removeCredentialsWithOrigin(const SecurityOriginData&);
    4747
    48     // OS persistent storage.
     48    // OS credential storage.
    4949    WEBCORE_EXPORT static Credential getFromPersistentStorage(const ProtectionSpace&);
    50     WEBCORE_EXPORT static Vector<SecurityOriginData> originsWithPersistentCredentials();
     50    WEBCORE_EXPORT static HashSet<SecurityOriginData> originsWithSessionCredentials();
     51    WEBCORE_EXPORT static void removeSessionCredentialsWithOrigins(const Vector<SecurityOriginData>& origins);
     52    WEBCORE_EXPORT static void clearSessionCredentials();
     53    WEBCORE_EXPORT static void clearPermanentCredentialsForProtectionSpace(const ProtectionSpace&);
    5154
    5255    WEBCORE_EXPORT void clearCredentials();
     
    5760    WEBCORE_EXPORT Credential get(const String&, const URL&);
    5861
    59     WEBCORE_EXPORT Vector<SecurityOriginData> originsWithCredentials() const;
     62    WEBCORE_EXPORT HashSet<SecurityOriginData> originsWithCredentials() const;
    6063
    6164private:
  • trunk/Source/WebCore/platform/network/mac/CredentialStorageMac.mm

    r247162 r247270  
    3939}
    4040
    41 Vector<WebCore::SecurityOriginData> CredentialStorage::originsWithPersistentCredentials()
     41HashSet<SecurityOriginData> CredentialStorage::originsWithSessionCredentials()
    4242{
    43     Vector<WebCore::SecurityOriginData> origins;
     43    HashSet<SecurityOriginData> origins;
    4444    auto allCredentials = [[NSURLCredentialStorage sharedCredentialStorage] allCredentials];
    45     for (NSURLProtectionSpace* key in allCredentials.keyEnumerator)
    46         origins.append(WebCore::SecurityOriginData { String(key.protocol), String(key.host), key.port });
     45    for (NSURLProtectionSpace* key in allCredentials.keyEnumerator) {
     46        for (NSURLProtectionSpace* space in allCredentials) {
     47            auto credentials = allCredentials[space];
     48            for (NSString* user in credentials) {
     49                if (credentials[user].persistence == NSURLCredentialPersistenceForSession) {
     50                    origins.add(WebCore::SecurityOriginData { String(key.protocol), String(key.host), key.port });
     51                    break;
     52                }
     53            }
     54        }
     55    }
    4756    return origins;
    4857}
    4958
     59void CredentialStorage::removeSessionCredentialsWithOrigins(const Vector<SecurityOriginData>& origins)
     60{
     61    auto sharedStorage = [NSURLCredentialStorage sharedCredentialStorage];
     62    auto allCredentials = [sharedStorage allCredentials];
     63    for (auto& origin : origins) {
     64        for (NSURLProtectionSpace* space in allCredentials) {
     65            if (origin.protocol == String(space.protocol)
     66                && origin.host == String(space.host)
     67                && origin.port
     68                && *origin.port == space.port) {
     69                    auto credentials = allCredentials[space];
     70                    for (NSString* user in credentials) {
     71                        auto credential = credentials[user];
     72                        if (credential.persistence == NSURLCredentialPersistenceForSession)
     73                            [sharedStorage removeCredential:credential forProtectionSpace:space];
     74                }
     75            }
     76        }
     77    }
     78}
     79
     80void CredentialStorage::clearSessionCredentials()
     81{
     82    auto sharedStorage = [NSURLCredentialStorage sharedCredentialStorage];
     83    auto allCredentials = [sharedStorage allCredentials];
     84    for (NSURLProtectionSpace* space in allCredentials.keyEnumerator) {
     85        auto credentials = allCredentials[space];
     86        for (NSString* user in credentials) {
     87            auto credential = credentials[user];
     88            if (credential.persistence == NSURLCredentialPersistenceForSession)
     89                [sharedStorage removeCredential:credential forProtectionSpace:space];
     90        }
     91    }
     92}
     93
     94void CredentialStorage::clearPermanentCredentialsForProtectionSpace(const ProtectionSpace& protectionSpace)
     95{
     96    auto sharedStorage = [NSURLCredentialStorage sharedCredentialStorage];
     97    auto allCredentials = [sharedStorage allCredentials];
     98    auto credentials = allCredentials[protectionSpace.nsSpace()];
     99    for (NSString* user in credentials) {
     100        auto credential = credentials[user];
     101        if (credential.persistence == NSURLCredentialPersistencePermanent)
     102            [sharedStorage removeCredential:credentials[user] forProtectionSpace:protectionSpace.nsSpace()];
     103    }
     104}
     105
    50106} // namespace WebCore
  • trunk/Source/WebKit/ChangeLog

    r247265 r247270  
     12019-07-09  Sihui Liu  <sihui_liu@apple.com>
     2
     3        Only allow fetching and removing session credentials from WebsiteDataStore
     4        https://bugs.webkit.org/show_bug.cgi?id=199385
     5        <rdar://problem/52622080>
     6
     7        Reviewed by Alex Christensen.
     8
     9        Stop sending an extra message to network process for fetching or removing persistent credentials.
     10
     11        Also introduce a new SPI for clearing persistent credentials created in test.
     12
     13        * NetworkProcess/NetworkProcess.cpp:
     14        (WebKit::NetworkProcess::clearPermanentCredentialsForProtectionSpace):
     15        (WebKit::NetworkProcess::fetchWebsiteData):
     16        (WebKit::NetworkProcess::deleteWebsiteData):
     17        (WebKit::NetworkProcess::deleteWebsiteDataForOrigins):
     18        (WebKit::NetworkProcess::deleteWebsiteDataForRegistrableDomains):
     19        (WebKit::NetworkProcess::originsWithPersistentCredentials): Deleted.
     20        (WebKit::NetworkProcess::removeCredentialsWithOrigins): Deleted.
     21        * NetworkProcess/NetworkProcess.h:
     22        * NetworkProcess/NetworkProcess.messages.in:
     23        * NetworkProcess/cocoa/NetworkProcessCocoa.mm:
     24        (WebKit::NetworkProcess::originsWithPersistentCredentials): Deleted.
     25        (WebKit::NetworkProcess::removeCredentialsWithOrigins): Deleted.
     26        * UIProcess/API/Cocoa/WKProcessPool.mm:
     27        (-[WKProcessPool _clearPermanentCredentialsForProtectionSpace:completionHandler:]):
     28        * UIProcess/API/Cocoa/WKProcessPoolPrivate.h:
     29        * UIProcess/WebProcessPool.cpp:
     30        (WebKit::WebProcessPool::clearPermanentCredentialsForProtectionSpace):
     31        * UIProcess/WebProcessPool.h:
     32        * UIProcess/WebsiteData/WebsiteDataStore.cpp:
     33        (WebKit::WebsiteDataStore::fetchDataAndApply):
     34        (WebKit::computeWebProcessAccessTypeForDataRemoval):
     35        (WebKit::WebsiteDataStore::removeData):
     36
    1372019-07-09  Antoine Quint  <graouts@apple.com>
    238
  • trunk/Source/WebKit/NetworkProcess/NetworkProcess.cpp

    r247230 r247270  
    456456}
    457457
     458void NetworkProcess::clearPermanentCredentialsForProtectionSpace(const ProtectionSpace& protectionSpace, CompletionHandler<void()>&& completionHandler)
     459{
     460    WebCore::CredentialStorage::clearPermanentCredentialsForProtectionSpace(protectionSpace);
     461    completionHandler();
     462}
     463
    458464void NetworkProcess::addWebsiteDataStore(WebsiteDataStoreParameters&& parameters)
    459465{
     
    12971303                callbackAggregator->m_websiteData.entries.append({ securityOrigin, WebsiteDataType::Credentials, 0 });
    12981304        }
     1305        auto securityOrigins = WebCore::CredentialStorage::originsWithSessionCredentials();
     1306        for (auto& securityOrigin : securityOrigins)
     1307            callbackAggregator->m_websiteData.entries.append({ securityOrigin, WebsiteDataType::Credentials, 0 });
    12991308    }
    13001309
     
    13781387        if (auto* session = storageSession(sessionID))
    13791388            session->credentialStorage().clearCredentials();
     1389        WebCore::CredentialStorage::clearSessionCredentials();
    13801390    }
    13811391
     
    15151525                session->credentialStorage().removeCredentialsWithOrigin(originData);
    15161526        }
     1527        WebCore::CredentialStorage::removeSessionCredentialsWithOrigins(originDatas);
    15171528    }
    15181529
     
    16591670#endif
    16601671
    1661     /*
    1662     // FIXME: No API to delete credentials by origin
    1663     HashSet<String> originsWithCredentials;
    16641672    if (websiteDataTypes.contains(WebsiteDataType::Credentials)) {
    1665         if (storageSession(sessionID))
    1666             originsWithCredentials = storageSession(sessionID)->credentialStorage().originsWithCredentials();
    1667     }
    1668     */
     1673        if (auto* session = storageSession(sessionID)) {
     1674            auto origins = session->credentialStorage().originsWithCredentials();
     1675            auto originsToDelete = filterForRegistrableDomains(origins, domainsToDeleteAllButCookiesFor, callbackAggregator->m_domains);
     1676            for (auto& origin : originsToDelete)
     1677                session->credentialStorage().removeCredentialsWithOrigin(origin);
     1678        }
     1679
     1680        auto origins = WebCore::CredentialStorage::originsWithSessionCredentials();
     1681        auto originsToDelete = filterForRegistrableDomains(origins, domainsToDeleteAllButCookiesFor, callbackAggregator->m_domains);
     1682        WebCore::CredentialStorage::removeSessionCredentialsWithOrigins(originsToDelete);
     1683    }
    16691684   
    16701685    if (websiteDataTypes.contains(WebsiteDataType::DOMCache)) {
     
    25622577
    25632578#if !PLATFORM(COCOA)
    2564 void NetworkProcess::originsWithPersistentCredentials(CompletionHandler<void(Vector<WebCore::SecurityOriginData>)>&& completionHandler)
    2565 {
    2566     completionHandler(Vector<WebCore::SecurityOriginData>());
    2567 }
    2568 
    2569 void NetworkProcess::removeCredentialsWithOrigins(const Vector<WebCore::SecurityOriginData>&, CompletionHandler<void()>&& completionHandler)
    2570 {
    2571     completionHandler();
    2572 }
    2573 
    25742579void NetworkProcess::initializeProcess(const AuxiliaryProcessInitializationParameters&)
    25752580{
  • trunk/Source/WebKit/NetworkProcess/NetworkProcess.h

    r247162 r247270  
    394394
    395395    void clearCachedCredentials();
     396    void clearPermanentCredentialsForProtectionSpace(const WebCore::ProtectionSpace&, CompletionHandler<void()>&&);
    396397
    397398    void setCacheStorageParameters(PAL::SessionID, String&& cacheStorageDirectory, SandboxExtension::Handle&&);
     
    437438
    438439    void platformSyncAllCookies(CompletionHandler<void()>&&);
    439 
    440     void originsWithPersistentCredentials(CompletionHandler<void(Vector<WebCore::SecurityOriginData>)>&&);
    441     void removeCredentialsWithOrigins(const Vector<WebCore::SecurityOriginData>& origins, CompletionHandler<void()>&&);
    442440   
    443441    void registerURLSchemeAsSecure(const String&) const;
  • trunk/Source/WebKit/NetworkProcess/NetworkProcess.messages.in

    r247162 r247270  
    3939
    4040    ClearCachedCredentials()
     41    ClearPermanentCredentialsForProtectionSpace(WebCore::ProtectionSpace protectionSpace) -> () Async
    4142
    4243    AddWebsiteDataStore(struct WebKit::WebsiteDataStoreParameters websiteDataStoreParameters);
     
    169170    SetAdClickAttributionConversionURLForTesting(PAL::SessionID sessionID, URL url) -> () Async
    170171    MarkAdClickAttributionsAsExpiredForTesting(PAL::SessionID sessionID) -> () Async
    171     OriginsWithPersistentCredentials() -> (Vector<WebCore::SecurityOriginData> origins) Async
    172     RemoveCredentialsWithOrigins(Vector<WebCore::SecurityOriginData> origins) -> () Async
    173172    GetLocalStorageOriginDetails(PAL::SessionID sessionID) -> (Vector<WebKit::LocalStorageDatabaseTracker::OriginDetails> details) Async
    174173}
  • trunk/Source/WebKit/NetworkProcess/cocoa/NetworkProcessCocoa.mm

    r247162 r247270  
    213213}
    214214
    215 void NetworkProcess::originsWithPersistentCredentials(CompletionHandler<void(Vector<WebCore::SecurityOriginData>)>&& completionHandler)
    216 {
    217     completionHandler(WebCore::CredentialStorage::originsWithPersistentCredentials());
    218 }
    219 
    220 void NetworkProcess::removeCredentialsWithOrigins(const Vector<WebCore::SecurityOriginData>& origins, CompletionHandler<void()>&& completionHandler)
    221 {
    222     for (auto& origin : origins) {
    223         auto allCredentials = [[NSURLCredentialStorage sharedCredentialStorage] allCredentials];
    224         for (NSURLProtectionSpace* space in allCredentials) {
    225             if (origin.protocol == String(space.protocol)
    226                 && origin.host == String(space.host)
    227                 && origin.port
    228                 && *origin.port == space.port) {
    229                 auto credentials = allCredentials[space];
    230                 for (NSString* user in credentials) {
    231                     auto credential = credentials[user];
    232                     [[NSURLCredentialStorage sharedCredentialStorage] removeCredential:credential forProtectionSpace:space];
    233                 }
    234             }
    235         }
    236     }
    237     completionHandler();
    238 }
    239 
    240215#if PLATFORM(MAC)
    241216void NetworkProcess::setSharedHTTPCookieStorage(const Vector<uint8_t>& identifier)
  • trunk/Source/WebKit/UIProcess/API/Cocoa/WKProcessPool.mm

    r246807 r247270  
    632632}
    633633
     634- (void)_clearPermanentCredentialsForProtectionSpace:(NSURLProtectionSpace *)protectionSpace completionHandler:(void(^)())completionHandler
     635{
     636    _processPool->clearPermanentCredentialsForProtectionSpace(WebCore::ProtectionSpace(protectionSpace), [completionHandler = makeBlockPtr(completionHandler)] {
     637        completionHandler();
     638    });
     639}
     640
    634641@end
  • trunk/Source/WebKit/UIProcess/API/Cocoa/WKProcessPoolPrivate.h

    r245294 r247270  
    121121- (void)_getActivePagesOriginsInWebProcessForTesting:(pid_t)pid completionHandler:(void(^)(NSArray<NSString *> *))completionHandler WK_API_AVAILABLE(macos(10.14.4), ios(12.2));
    122122- (BOOL)_networkProcessHasEntitlementForTesting:(NSString *)entitlement WK_API_AVAILABLE(macos(10.14.4), ios(12.2));
     123- (void)_clearPermanentCredentialsForProtectionSpace:(NSURLProtectionSpace *)protectionSpace completionHandler:(void(^)(void))completionHandler WK_API_AVAILABLE(macos(WK_MAC_TBA), ios(WK_IOS_TBA));
    123124
    124125@property (nonatomic, getter=_isCookieStoragePartitioningEnabled, setter=_setCookieStoragePartitioningEnabled:) BOOL _cookieStoragePartitioningEnabled WK_API_DEPRECATED("Partitioned cookies are no longer supported", macos(10.12.3, 10.14.4), ios(10.3, 12.2));
  • trunk/Source/WebKit/UIProcess/WebProcessPool.cpp

    r246955 r247270  
    17451745}
    17461746
     1747void WebProcessPool::clearPermanentCredentialsForProtectionSpace(WebCore::ProtectionSpace&& protectionSpace, CompletionHandler<void()>&& completionHandler)
     1748{
     1749    if (m_networkProcess)
     1750        m_networkProcess->sendWithAsyncReply(Messages::NetworkProcess::ClearPermanentCredentialsForProtectionSpace(protectionSpace), WTFMove(completionHandler));
     1751}
     1752
    17471753void WebProcessPool::terminateNetworkProcess()
    17481754{
  • trunk/Source/WebKit/UIProcess/WebProcessPool.h

    r247058 r247270  
    311311
    312312    void clearCachedCredentials();
     313    void clearPermanentCredentialsForProtectionSpace(WebCore::ProtectionSpace&&, CompletionHandler<void()>&&);
    313314    void terminateNetworkProcess();
    314315    void sendNetworkProcessWillSuspendImminently();
  • trunk/Source/WebKit/UIProcess/WebsiteData/WebsiteDataStore.cpp

    r247162 r247270  
    521521    }
    522522
    523 #if PLATFORM(COCOA)
    524     if (dataTypes.contains(WebsiteDataType::Credentials) && isPersistent()) {
    525         for (auto& processPool : processPools()) {
    526             if (!processPool->networkProcess())
    527                 continue;
    528            
    529             callbackAggregator->addPendingCallback();
    530             WTF::CompletionHandler<void(Vector<WebCore::SecurityOriginData>&&)> completionHandler = [callbackAggregator](Vector<WebCore::SecurityOriginData>&& origins) mutable {
    531                 WebsiteData websiteData;
    532                 for (auto& origin : origins)
    533                     websiteData.entries.append(WebsiteData::Entry { origin, WebsiteDataType::Credentials, 0 });
    534                 callbackAggregator->removePendingCallback(WTFMove(websiteData));
    535             };
    536             processPool->networkProcess()->sendWithAsyncReply(Messages::NetworkProcess::OriginsWithPersistentCredentials(), WTFMove(completionHandler));
    537         }
    538     }
    539 #endif
    540 
    541523#if ENABLE(NETSCAPE_PLUGIN_API)
    542524    if (dataTypes.contains(WebsiteDataType::PlugInData) && isPersistent()) {
     
    645627        processAccessType = std::max(processAccessType, ProcessAccessType::OnlyIfLaunched);
    646628
    647     if (dataTypes.contains(WebsiteDataType::Credentials))
    648         processAccessType = std::max(processAccessType, ProcessAccessType::OnlyIfLaunched);
    649 
    650629    return processAccessType;
    651630}
     
    10941073    }
    10951074
    1096     if (dataTypes.contains(WebsiteDataType::Credentials) && isPersistent()) {
    1097         for (auto& processPool : processPools()) {
    1098             if (!processPool->networkProcess())
    1099                 continue;
    1100            
    1101             callbackAggregator->addPendingCallback();
    1102             WTF::CompletionHandler<void()> completionHandler = [callbackAggregator]() mutable {
    1103                 callbackAggregator->removePendingCallback();
    1104             };
    1105             processPool->networkProcess()->sendWithAsyncReply(Messages::NetworkProcess::RemoveCredentialsWithOrigins(origins), WTFMove(completionHandler));
    1106         }
    1107     }
    1108 
    11091075#if ENABLE(NETSCAPE_PLUGIN_API)
    11101076    if (dataTypes.contains(WebsiteDataType::PlugInData) && isPersistent()) {
  • trunk/Tools/ChangeLog

    r247269 r247270  
     12019-07-09  Sihui Liu  <sihui_liu@apple.com>
     2
     3        Only allow fetching and removing session credentials from WebsiteDataStore
     4        https://bugs.webkit.org/show_bug.cgi?id=199385
     5        <rdar://problem/52622080>
     6
     7        Reviewed by Alex Christensen.
     8
     9        removeDataOfTypes will no longer remove persistent credentials. We should clear persistent credentials using
     10        the new SPI after each test that creates persistent credentials, otherwise the later tests may use credentials
     11        left by previous tests and didReceiveAuthenticationChallenge will not be invoked.
     12
     13        * TestWebKitAPI/Tests/WebKitCocoa/Challenge.mm:
     14        (TEST):
     15        * TestWebKitAPI/Tests/WebKitCocoa/WKWebsiteDatastore.mm:
     16        (TestWebKitAPI::TEST):
     17
    1182019-07-09  Alex Christensen  <achristensen@webkit.org>
    219
  • trunk/Tools/TestWebKitAPI/Tests/WebKitCocoa/Challenge.mm

    r246605 r247270  
    104104
    105105    Util::run(&navigationFinished);
     106
     107    // Clear persistent credentials created by this test.
     108    NSURLProtectionSpace *protectionSpace = [[[NSURLProtectionSpace alloc] initWithHost:@"127.0.0.1" port:server.port() protocol:NSURLProtectionSpaceHTTP realm:@"testrealm" authenticationMethod:NSURLAuthenticationMethodHTTPBasic] autorelease];
     109    __block bool removedCredential = false;
     110    [[webView configuration].processPool _clearPermanentCredentialsForProtectionSpace:protectionSpace completionHandler:^{
     111        removedCredential = true;
     112    }];
     113    Util::run(&removedCredential);
    106114}
    107115
     
    199207    Util::run(&navigationFinished);
    200208    EXPECT_TRUE(receivedSecondChallenge);
    201    
     209
     210    // Clear persistent credentials created by this test.
     211    NSURLProtectionSpace *protectionSpace = [[[NSURLProtectionSpace alloc] initWithHost:@"127.0.0.1" port:server.port() protocol:NSURLProtectionSpaceHTTP realm:@"testrealm" authenticationMethod:NSURLAuthenticationMethodHTTPBasic] autorelease];
    202212    __block bool removedCredential = false;
    203     WKWebsiteDataStore *websiteDataStore = [webView configuration].websiteDataStore;
    204     [websiteDataStore fetchDataRecordsOfTypes:[NSSet setWithObject:_WKWebsiteDataTypeCredentials] completionHandler:^(NSArray<WKWebsiteDataRecord *> *dataRecords) {
    205         [websiteDataStore removeDataOfTypes:[NSSet setWithObject:_WKWebsiteDataTypeCredentials] forDataRecords:dataRecords completionHandler:^(void) {
    206             removedCredential = true;
    207         }];
     213    [[webView configuration].processPool _clearPermanentCredentialsForProtectionSpace:protectionSpace completionHandler:^{
     214        removedCredential = true;
    208215    }];
    209216    Util::run(&removedCredential);
  • trunk/Tools/TestWebKitAPI/Tests/WebKitCocoa/WKWebsiteDatastore.mm

    r247162 r247270  
    9393    readyToContinue = false;
    9494    [[WKWebsiteDataStore defaultDataStore] fetchDataRecordsOfTypes:[WKWebsiteDataStore _allWebsiteDataTypesIncludingPrivate] completionHandler:^(NSArray<WKWebsiteDataRecord *> *dataRecords) {
    95         ASSERT_EQ(0u, dataRecords.count);
     95        EXPECT_EQ(0u, dataRecords.count);
    9696        readyToContinue = true;
    9797    }];
     
    140140{
    141141    TCPServer server(TCPServer::respondWithChallengeThenOK);
    142    
     142
    143143    usePersistentCredentialStorage = true;
    144144    auto websiteDataStore = [WKWebsiteDataStore defaultDataStore];
     
    152152    [websiteDataStore fetchDataRecordsOfTypes:[NSSet setWithObject:_WKWebsiteDataTypeCredentials] completionHandler:^(NSArray<WKWebsiteDataRecord *> *dataRecords) {
    153153        int credentialCount = dataRecords.count;
    154         ASSERT_GT(credentialCount, 0);
    155         bool foundExpectedRecord = false;
    156         for (WKWebsiteDataRecord *record in dataRecords) {
    157             auto name = [record displayName];
    158             if ([name isEqualToString:@"127.0.0.1"]) {
    159                 foundExpectedRecord = true;
    160                 break;
    161             }
    162         }
    163         EXPECT_TRUE(foundExpectedRecord);
    164         done = true;
    165     }];
    166     TestWebKitAPI::Util::run(&done);
    167    
     154        EXPECT_EQ(credentialCount, 0);
     155        done = true;
     156    }];
     157    TestWebKitAPI::Util::run(&done);
     158
     159    // Clear persistent credentials created by this test.
     160    NSURLProtectionSpace *protectionSpace = [[[NSURLProtectionSpace alloc] initWithHost:@"127.0.0.1" port:server.port() protocol:NSURLProtectionSpaceHTTP realm:@"testrealm" authenticationMethod:NSURLAuthenticationMethodHTTPBasic] autorelease];
    168161    __block bool removedCredential = false;
    169     [websiteDataStore fetchDataRecordsOfTypes:[NSSet setWithObject:_WKWebsiteDataTypeCredentials] completionHandler:^(NSArray<WKWebsiteDataRecord *> *dataRecords) {
    170         [websiteDataStore removeDataOfTypes:[NSSet setWithObject:_WKWebsiteDataTypeCredentials] forDataRecords:dataRecords completionHandler:^(void) {
    171             removedCredential = true;
    172         }];
    173     }];
    174     TestWebKitAPI::Util::run(&removedCredential);
    175 }
    176 
    177 TEST(WKWebsiteDataStore, RemovePersistentCredentials)
     162    [[webView configuration].processPool _clearPermanentCredentialsForProtectionSpace:protectionSpace completionHandler:^{
     163        removedCredential = true;
     164    }];
     165    Util::run(&removedCredential);
     166}
     167
     168TEST(WKWebsiteDataStore, RemoveNonPersistentCredentials)
    178169{
    179170    TCPServer server(TCPServer::respondWithChallengeThenOK);
    180171
    181     usePersistentCredentialStorage = true;
    182     auto websiteDataStore = [WKWebsiteDataStore defaultDataStore];
     172    usePersistentCredentialStorage = false;
     173    auto configuration = adoptNS([WKWebViewConfiguration new]);
     174    auto websiteDataStore = [WKWebsiteDataStore nonPersistentDataStore];
     175    [configuration setWebsiteDataStore:websiteDataStore];
    183176    auto navigationDelegate = adoptNS([[NavigationTestDelegate alloc] init]);
    184     auto webView = adoptNS([[WKWebView alloc] initWithFrame:NSMakeRect(0, 0, 800, 600)]);
     177    auto webView = adoptNS([[WKWebView alloc] initWithFrame:NSMakeRect(0, 0, 800, 600) configuration:configuration.get()]);
    185178    [webView setNavigationDelegate:navigationDelegate.get()];
    186179    [webView loadRequest:[NSURLRequest requestWithURL:[NSURL URLWithString:[NSString stringWithFormat:@"http://127.0.0.1:%d/", server.port()]]]];
     
    226219}
    227220
    228 TEST(WKWebsiteDataStore, RemoveNonPersistentCredentials)
    229 {
    230     TCPServer server(TCPServer::respondWithChallengeThenOK);
    231 
    232     usePersistentCredentialStorage = false;
    233     auto configuration = adoptNS([WKWebViewConfiguration new]);
    234     auto websiteDataStore = [WKWebsiteDataStore nonPersistentDataStore];
    235     [configuration setWebsiteDataStore:websiteDataStore];
    236     auto navigationDelegate = adoptNS([[NavigationTestDelegate alloc] init]);
    237     auto webView = adoptNS([[WKWebView alloc] initWithFrame:NSMakeRect(0, 0, 800, 600) configuration:configuration.get()]);
    238     [webView setNavigationDelegate:navigationDelegate.get()];
    239     [webView loadRequest:[NSURLRequest requestWithURL:[NSURL URLWithString:[NSString stringWithFormat:@"http://127.0.0.1:%d/", server.port()]]]];
    240     [navigationDelegate waitForDidFinishNavigation];
    241 
    242     __block bool done = false;
    243     __block RetainPtr<WKWebsiteDataRecord> expectedRecord;
    244     [websiteDataStore fetchDataRecordsOfTypes:[NSSet setWithObject:_WKWebsiteDataTypeCredentials] completionHandler:^(NSArray<WKWebsiteDataRecord *> *dataRecords) {
    245         int credentialCount = dataRecords.count;
    246         ASSERT_GT(credentialCount, 0);
    247         for (WKWebsiteDataRecord *record in dataRecords) {
    248             auto name = [record displayName];
    249             if ([name isEqualToString:@"127.0.0.1"]) {
    250                 expectedRecord = record;
    251                 break;
    252             }
    253         }
    254         EXPECT_TRUE(expectedRecord);
    255         done = true;
    256     }];
    257     TestWebKitAPI::Util::run(&done);
    258 
    259     done = false;
    260     [websiteDataStore removeDataOfTypes:[NSSet setWithObject:_WKWebsiteDataTypeCredentials] forDataRecords:[NSArray arrayWithObject:expectedRecord.get()] completionHandler:^(void) {
    261         done = true;
    262     }];
    263     TestWebKitAPI::Util::run(&done);
    264 
    265     done = false;
    266     [websiteDataStore fetchDataRecordsOfTypes:[NSSet setWithObject:_WKWebsiteDataTypeCredentials] completionHandler:^(NSArray<WKWebsiteDataRecord *> *dataRecords) {
    267         bool foundLocalHostRecord = false;
    268         for (WKWebsiteDataRecord *record in dataRecords) {
    269             auto name = [record displayName];
    270             if ([name isEqualToString:@"127.0.0.1"]) {
    271                 foundLocalHostRecord = true;
    272                 break;
    273             }
    274         }
    275         EXPECT_FALSE(foundLocalHostRecord);
    276         done = true;
    277     }];
    278     TestWebKitAPI::Util::run(&done);
    279 }
    280 
    281221TEST(WebKit, SettingNonPersistentDataStorePathsThrowsException)
    282222{
Note: See TracChangeset for help on using the changeset viewer.