Changeset 255668 in webkit
- Timestamp:
- Feb 4, 2020 2:57:44 AM (4 years ago)
- Location:
- trunk
- Files:
-
- 2 added
- 26 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/LayoutTests/ChangeLog
r255663 r255668 1 2020-02-04 youenn fablet <youenn@apple.com> 2 3 MediaDevices should handle changes of iframe allow attribute value 4 https://bugs.webkit.org/show_bug.cgi?id=207112 5 6 Reviewed by Eric Carlson. 7 8 * TestExpectations: 9 * fullscreen/full-screen-enabled-expected.txt: 10 * fullscreen/full-screen-enabled-prefixed-expected.txt: 11 * fullscreen/full-screen-iframe-not-allowed-expected.txt: 12 * fullscreen/full-screen-iframe-without-allow-attribute-allowed-from-parent-expected.txt: 13 * fullscreen/full-screen-restrictions-expected.txt: 14 * http/tests/fullscreen/fullscreen-feature-policy-expected.txt: 15 * http/tests/media/media-stream/enumerate-devices-iframe-allow-attribute-expected.txt: 16 * http/tests/media/media-stream/get-display-media-iframe-allow-attribute-expected.txt: 17 * http/tests/ssl/media-stream/get-user-media-different-host-expected.txt: 18 * http/tests/ssl/media-stream/get-user-media-nested-expected.txt: 19 * http/tests/webrtc/enumerateDevicesInFrames-expected.txt: Added. 20 * http/tests/webrtc/enumerateDevicesInFrames.html: Added. 21 1 22 2020-02-03 Antti Koivisto <antti@apple.com> 2 23 -
trunk/LayoutTests/TestExpectations
r255532 r255668 771 771 webkit.org/b/189905 imported/w3c/web-platform-tests/resource-timing/resource_initiator_types.html [ Pass Failure ] 772 772 webkit.org/b/190523 imported/w3c/web-platform-tests/resource-timing/resource_timing_cross_origin_redirect_chain.html [ Pass Failure ] 773 774 imported/w3c/web-platform-tests/mediacapture-streams/MediaStream-default-feature-policy.https.html [ DumpJSConsoleLogInStdErr ] 773 775 774 776 # These fetch tests are flaky or fail. -
trunk/LayoutTests/fullscreen/full-screen-enabled-expected.txt
r111028 r255668 1 CONSOLE MESSAGE: line 56: Feature policy 'Fullscreen' check failed for iframe with origin '' and allow attribute 'fullscreen 'none''. 1 2 This tests the fullscreenEnabled property laid out in section 4 of the W3C Full Screen API 2 3 EXPECTED (iframe.contentDocument.webkitFullscreenEnabled == 'true') OK -
trunk/LayoutTests/fullscreen/full-screen-enabled-prefixed-expected.txt
r143533 r255668 1 CONSOLE MESSAGE: line 56: Feature policy 'Fullscreen' check failed for iframe with origin '' and allow attribute 'fullscreen 'none''. 1 2 This tests the fullscreenEnabled property laid out in section 4 of the W3C Full Screen API 2 3 EXPECTED (iframe.contentDocument.webkitFullscreenEnabled == 'true') OK -
trunk/LayoutTests/fullscreen/full-screen-iframe-not-allowed-expected.txt
r104838 r255668 1 CONSOLE MESSAGE: Feature policy 'Fullscreen' check failed for iframe with origin '' and allow attribute 'fullscreen 'none''. 1 2 Test for bug 56264: Handle entering full screen security restrictions 2 3 -
trunk/LayoutTests/fullscreen/full-screen-iframe-without-allow-attribute-allowed-from-parent-expected.txt
r123005 r255668 1 CONSOLE MESSAGE: line 1: Feature policy 'Fullscreen' check failed for iframe with origin 'null' and allow attribute ''. 1 2 Test entering full screen security restrictions. An iframe without an allow attribute is still permitted to fullscreen if the request comes from the containing document. 2 3 -
trunk/LayoutTests/fullscreen/full-screen-restrictions-expected.txt
r111028 r255668 1 CONSOLE MESSAGE: Feature policy 'Fullscreen' check failed for iframe with origin '' and allow attribute 'fullscreen 'none''. 1 2 This tests the restrictions to entering full screen mode laid out in section 4.1 of the W3C Full Screen API 2 3 "The context object is not in a document." -
trunk/LayoutTests/http/tests/fullscreen/fullscreen-feature-policy-expected.txt
r255162 r255668 1 CONSOLE MESSAGE: line 9: Feature policy 'Fullscreen' check failed for iframe with origin 'http://localhost:8000' and allow attribute ''. 2 CONSOLE MESSAGE: line 9: Feature policy 'Fullscreen' check failed for iframe with origin 'http://localhost:8000' and allow attribute 'fullscreen 'none''. 3 CONSOLE MESSAGE: line 9: Feature policy 'Fullscreen' check failed for iframe with origin 'http://127.0.0.1:8000' and allow attribute 'fullscreen 'none''. 4 CONSOLE MESSAGE: line 9: Feature policy 'Fullscreen' check failed for iframe with origin 'http://localhost:8000' and allow attribute 'fullscreen 'self''. 5 CONSOLE MESSAGE: line 9: Feature policy 'Fullscreen' check failed for iframe with origin 'http://127.0.0.1:8000' and allow attribute 'fullscreen http://localhost:8000'. 6 CONSOLE MESSAGE: line 9: Feature policy 'Fullscreen' check failed for iframe with origin 'http://localhost:8000' and allow attribute 'fullscreen 'none''. 7 CONSOLE MESSAGE: line 9: Feature policy 'Fullscreen' check failed for iframe with origin 'http://127.0.0.1:8000' and allow attribute 'fullscreen 'none''. 8 CONSOLE MESSAGE: line 9: Feature policy 'Fullscreen' check failed for iframe with origin 'http://localhost:8000' and allow attribute 'fullscreen 'self''. 9 CONSOLE MESSAGE: line 9: Feature policy 'Fullscreen' check failed for iframe with origin 'http://localhost:8000' and allow attribute 'fullscreen 'none''. 10 CONSOLE MESSAGE: line 9: Feature policy 'Fullscreen' check failed for iframe with origin 'http://127.0.0.1:8000' and allow attribute 'fullscreen 'none''. 11 CONSOLE MESSAGE: line 9: Feature policy 'Fullscreen' check failed for iframe with origin 'http://localhost:8000' and allow attribute 'fullscreen 'self''. 1 12 PASS iframe with src="http://loc..." should have document.webkitFullscreenEnabled === false. 2 13 PASS iframe with src="../resourc..." should have document.webkitFullscreenEnabled === true. -
trunk/LayoutTests/http/tests/media/media-stream/enumerate-devices-iframe-allow-attribute-expected.txt
r238091 r255668 1 CONSOLE MESSAGE: line 4: Trying to call enumerateDevices from a frame without correct 'allow' attribute. 1 CONSOLE MESSAGE: line 4: Feature policy 'Camera' check failed for iframe with origin 'http://localhost:8000' and allow attribute ''. 2 CONSOLE MESSAGE: line 4: Feature policy 'Microphone' check failed for iframe with origin 'http://localhost:8000' and allow attribute ''. 3 CONSOLE MESSAGE: line 4: Not allowed to call enumerateDevices. 2 4 3 5 PASS: "allow" attribute respected in all iframes -
trunk/LayoutTests/http/tests/media/media-stream/get-display-media-iframe-allow-attribute-expected.txt
r252046 r255668 1 CONSOLE MESSAGE: line 6: Trying to call getDisplayMedia from a frame without correct 'allow' attribute.2 CONSOLE MESSAGE: line 6: Trying to call getDisplayMedia from a frame without correct 'allow' attribute.3 CONSOLE MESSAGE: line 6: Trying to call getDisplayMedia from a frame without correct 'allow' attribute.4 1 5 2 -
trunk/LayoutTests/http/tests/media/media-stream/get-display-media-iframe-allow-attribute.html
r245625 r255668 1 <!doctype html> 1 <!doctype html><!-- webkit-test-runner [ dumpJSConsoleLogInStdErr=true ] --> 2 2 <html> 3 3 <script src="../../../../resources/js-test-pre.js"></script> -
trunk/LayoutTests/http/tests/ssl/media-stream/get-user-media-different-host-expected.txt
r238091 r255668 1 CONSOLE MESSAGE: line 52: Trying to call getUserMedia from a frame without correct 'allow' attribute. 1 CONSOLE MESSAGE: line 52: Feature policy 'Microphone' check failed for iframe with origin 'https://localhost:8443' and allow attribute ''. 2 CONSOLE MESSAGE: line 52: Not allowed to call getUserMedia. 2 3 Tests that getUserMedia fails when the top level document and iframe do not have the same domain. 3 4 -
trunk/LayoutTests/http/tests/ssl/media-stream/get-user-media-nested-expected.txt
r238091 r255668 1 CONSOLE MESSAGE: line 52: Trying to call getUserMedia from a frame without correct 'allow' attribute. 1 CONSOLE MESSAGE: line 52: Feature policy 'Microphone' check failed for iframe with origin 'https://localhost:8443' and allow attribute ''. 2 CONSOLE MESSAGE: line 52: Not allowed to call getUserMedia. 2 3 Tests that getUserMedia fails when the top level document and iframe do not have the same domain. 3 4 -
trunk/LayoutTests/imported/w3c/ChangeLog
r255549 r255668 1 2020-02-04 youenn fablet <youenn@apple.com> 2 3 MediaDevices should handle changes of iframe allow attribute value 4 https://bugs.webkit.org/show_bug.cgi?id=207112 5 6 Reviewed by Eric Carlson. 7 8 * web-platform-tests/mediacapture-streams/MediaStream-default-feature-policy.https-expected.txt: 9 * web-platform-tests/mediacapture-streams/MediaStream-feature-policy-none.https-expected.txt: 10 1 11 2020-02-02 Rob Buis <rbuis@igalia.com> 2 12 -
trunk/LayoutTests/imported/w3c/web-platform-tests/mediacapture-streams/MediaStream-default-feature-policy.https-expected.txt
r252335 r255668 1 CONSOLE MESSAGE: line 13: Trying to call getUserMedia from a frame without correct 'allow' attribute.2 CONSOLE MESSAGE: line 13: Trying to call getUserMedia from a frame without correct 'allow' attribute.3 CONSOLE MESSAGE: line 13: Trying to call getUserMedia from a frame without correct 'allow' attribute.4 CONSOLE MESSAGE: line 13: Trying to call getUserMedia from a frame without correct 'allow' attribute.5 CONSOLE MESSAGE: line 13: Trying to call getUserMedia from a frame without correct 'allow' attribute.6 CONSOLE MESSAGE: line 13: Trying to call getUserMedia from a frame without correct 'allow' attribute.7 CONSOLE MESSAGE: line 13: Trying to call getUserMedia from a frame without correct 'allow' attribute.8 CONSOLE MESSAGE: line 13: Trying to call getUserMedia from a frame without correct 'allow' attribute.9 CONSOLE MESSAGE: line 13: Trying to call getUserMedia from a frame without correct 'allow' attribute.10 1 11 2 -
trunk/LayoutTests/imported/w3c/web-platform-tests/mediacapture-streams/MediaStream-feature-policy-none.https-expected.txt
r245625 r255668 1 CONSOLE MESSAGE: line 43: Trying to call getUserMedia from a frame without correct 'allow' attribute. 2 CONSOLE MESSAGE: line 49: Trying to call getUserMedia from a frame without correct 'allow' attribute. 3 CONSOLE MESSAGE: line 37: Trying to call getUserMedia from a frame without correct 'allow' attribute. 4 CONSOLE MESSAGE: line 43: Trying to call getUserMedia from a frame without correct 'allow' attribute. 5 CONSOLE MESSAGE: line 49: Trying to call getUserMedia from a frame without correct 'allow' attribute. 6 CONSOLE MESSAGE: line 37: Trying to call getUserMedia from a frame without correct 'allow' attribute. 7 CONSOLE MESSAGE: line 49: Trying to call getUserMedia from a frame without correct 'allow' attribute. 8 CONSOLE MESSAGE: line 37: Trying to call getUserMedia from a frame without correct 'allow' attribute. 9 CONSOLE MESSAGE: line 43: Trying to call getUserMedia from a frame without correct 'allow' attribute. 10 CONSOLE MESSAGE: line 49: Trying to call getUserMedia from a frame without correct 'allow' attribute. 11 CONSOLE MESSAGE: line 37: Trying to call getUserMedia from a frame without correct 'allow' attribute. 12 CONSOLE MESSAGE: line 49: Trying to call getUserMedia from a frame without correct 'allow' attribute. 13 CONSOLE MESSAGE: line 37: Trying to call getUserMedia from a frame without correct 'allow' attribute. 14 CONSOLE MESSAGE: line 49: Trying to call getUserMedia from a frame without correct 'allow' attribute. 15 CONSOLE MESSAGE: line 43: Trying to call getUserMedia from a frame without correct 'allow' attribute. 16 CONSOLE MESSAGE: line 49: Trying to call getUserMedia from a frame without correct 'allow' attribute. 17 CONSOLE MESSAGE: line 37: Trying to call getUserMedia from a frame without correct 'allow' attribute. 18 CONSOLE MESSAGE: line 49: Trying to call getUserMedia from a frame without correct 'allow' attribute. 19 CONSOLE MESSAGE: line 43: Trying to call getUserMedia from a frame without correct 'allow' attribute. 20 CONSOLE MESSAGE: line 49: Trying to call getUserMedia from a frame without correct 'allow' attribute. 21 CONSOLE MESSAGE: line 43: Trying to call getUserMedia from a frame without correct 'allow' attribute. 22 CONSOLE MESSAGE: line 49: Trying to call getUserMedia from a frame without correct 'allow' attribute. 23 CONSOLE MESSAGE: line 43: Trying to call getUserMedia from a frame without correct 'allow' attribute. 24 CONSOLE MESSAGE: line 49: Trying to call getUserMedia from a frame without correct 'allow' attribute. 25 CONSOLE MESSAGE: line 37: Trying to call getUserMedia from a frame without correct 'allow' attribute. 26 CONSOLE MESSAGE: line 49: Trying to call getUserMedia from a frame without correct 'allow' attribute. 27 CONSOLE MESSAGE: line 43: Trying to call getUserMedia from a frame without correct 'allow' attribute. 28 CONSOLE MESSAGE: line 49: Trying to call getUserMedia from a frame without correct 'allow' attribute. 1 CONSOLE MESSAGE: line 43: Feature policy 'Camera' check failed for iframe with origin 'https://localhost:9443' and allow attribute 'camera 'none''. 2 CONSOLE MESSAGE: line 43: Not allowed to call getUserMedia. 3 CONSOLE MESSAGE: line 49: Feature policy 'Camera' check failed for iframe with origin 'https://localhost:9443' and allow attribute 'camera 'none''. 4 CONSOLE MESSAGE: line 49: Not allowed to call getUserMedia. 5 CONSOLE MESSAGE: line 37: Feature policy 'Microphone' check failed for iframe with origin 'https://127.0.0.1:9443' and allow attribute 'camera 'none''. 6 CONSOLE MESSAGE: line 37: Not allowed to call getUserMedia. 7 CONSOLE MESSAGE: line 43: Feature policy 'Camera' check failed for iframe with origin 'https://127.0.0.1:9443' and allow attribute 'camera 'none''. 8 CONSOLE MESSAGE: line 43: Not allowed to call getUserMedia. 9 CONSOLE MESSAGE: line 49: Feature policy 'Microphone' check failed for iframe with origin 'https://127.0.0.1:9443' and allow attribute 'camera 'none''. 10 CONSOLE MESSAGE: line 49: Not allowed to call getUserMedia. 11 CONSOLE MESSAGE: line 37: Feature policy 'Microphone' check failed for iframe with origin 'https://localhost:9443' and allow attribute 'microphone 'none''. 12 CONSOLE MESSAGE: line 37: Not allowed to call getUserMedia. 13 CONSOLE MESSAGE: line 49: Feature policy 'Microphone' check failed for iframe with origin 'https://localhost:9443' and allow attribute 'microphone 'none''. 14 CONSOLE MESSAGE: line 49: Not allowed to call getUserMedia. 15 CONSOLE MESSAGE: line 37: Feature policy 'Microphone' check failed for iframe with origin 'https://localhost:9443' and allow attribute 'microphone 'none';camera 'none''. 16 CONSOLE MESSAGE: line 37: Not allowed to call getUserMedia. 17 CONSOLE MESSAGE: line 43: Feature policy 'Camera' check failed for iframe with origin 'https://localhost:9443' and allow attribute 'microphone 'none';camera 'none''. 18 CONSOLE MESSAGE: line 43: Not allowed to call getUserMedia. 19 CONSOLE MESSAGE: line 49: Feature policy 'Microphone' check failed for iframe with origin 'https://localhost:9443' and allow attribute 'microphone 'none';camera 'none''. 20 CONSOLE MESSAGE: line 49: Not allowed to call getUserMedia. 21 CONSOLE MESSAGE: line 37: Feature policy 'Microphone' check failed for iframe with origin 'https://localhost:9443' and allow attribute 'camera *;microphone 'none''. 22 CONSOLE MESSAGE: line 37: Not allowed to call getUserMedia. 23 CONSOLE MESSAGE: line 49: Feature policy 'Microphone' check failed for iframe with origin 'https://localhost:9443' and allow attribute 'camera *;microphone 'none''. 24 CONSOLE MESSAGE: line 49: Not allowed to call getUserMedia. 25 CONSOLE MESSAGE: line 37: Feature policy 'Microphone' check failed for iframe with origin 'https://127.0.0.1:9443' and allow attribute 'camera *;microphone 'none''. 26 CONSOLE MESSAGE: line 37: Not allowed to call getUserMedia. 27 CONSOLE MESSAGE: line 49: Feature policy 'Microphone' check failed for iframe with origin 'https://127.0.0.1:9443' and allow attribute 'camera *;microphone 'none''. 28 CONSOLE MESSAGE: line 49: Not allowed to call getUserMedia. 29 CONSOLE MESSAGE: line 43: Feature policy 'Camera' check failed for iframe with origin 'https://localhost:9443' and allow attribute 'camera 'none';microphone *'. 30 CONSOLE MESSAGE: line 43: Not allowed to call getUserMedia. 31 CONSOLE MESSAGE: line 49: Feature policy 'Camera' check failed for iframe with origin 'https://localhost:9443' and allow attribute 'camera 'none';microphone *'. 32 CONSOLE MESSAGE: line 49: Not allowed to call getUserMedia. 33 CONSOLE MESSAGE: line 37: Feature policy 'Microphone' check failed for iframe with origin 'https://localhost:9443' and allow attribute 'microphone *; microphone 'none''. 34 CONSOLE MESSAGE: line 37: Not allowed to call getUserMedia. 35 CONSOLE MESSAGE: line 49: Feature policy 'Microphone' check failed for iframe with origin 'https://localhost:9443' and allow attribute 'microphone *; microphone 'none''. 36 CONSOLE MESSAGE: line 49: Not allowed to call getUserMedia. 37 CONSOLE MESSAGE: line 43: Feature policy 'Camera' check failed for iframe with origin 'https://127.0.0.1:9443' and allow attribute 'microphone *; camera 'self''. 38 CONSOLE MESSAGE: line 43: Not allowed to call getUserMedia. 39 CONSOLE MESSAGE: line 49: Feature policy 'Camera' check failed for iframe with origin 'https://127.0.0.1:9443' and allow attribute 'microphone *; camera 'self''. 40 CONSOLE MESSAGE: line 49: Not allowed to call getUserMedia. 41 CONSOLE MESSAGE: line 43: Feature policy 'Camera' check failed for iframe with origin 'https://localhost:9443' and allow attribute 'microphone *; camera http:/example.org self'. 42 CONSOLE MESSAGE: line 43: Not allowed to call getUserMedia. 43 CONSOLE MESSAGE: line 49: Feature policy 'Camera' check failed for iframe with origin 'https://localhost:9443' and allow attribute 'microphone *; camera http:/example.org self'. 44 CONSOLE MESSAGE: line 49: Not allowed to call getUserMedia. 45 CONSOLE MESSAGE: line 43: Feature policy 'Camera' check failed for iframe with origin 'https://127.0.0.1:9443' and allow attribute 'microphone *; camera http:/example.org 'self''. 46 CONSOLE MESSAGE: line 43: Not allowed to call getUserMedia. 47 CONSOLE MESSAGE: line 49: Feature policy 'Camera' check failed for iframe with origin 'https://127.0.0.1:9443' and allow attribute 'microphone *; camera http:/example.org 'self''. 48 CONSOLE MESSAGE: line 49: Not allowed to call getUserMedia. 49 CONSOLE MESSAGE: line 37: Feature policy 'Microphone' check failed for iframe with origin 'https://localhost:9443' and allow attribute 'microphone https://127.0.0.1:9443'. 50 CONSOLE MESSAGE: line 37: Not allowed to call getUserMedia. 51 CONSOLE MESSAGE: line 49: Feature policy 'Microphone' check failed for iframe with origin 'https://localhost:9443' and allow attribute 'microphone https://127.0.0.1:9443'. 52 CONSOLE MESSAGE: line 49: Not allowed to call getUserMedia. 53 CONSOLE MESSAGE: line 43: Feature policy 'Camera' check failed for iframe with origin 'https://127.0.0.1:9443' and allow attribute 'microphone https://127.0.0.1:9443'. 54 CONSOLE MESSAGE: line 43: Not allowed to call getUserMedia. 55 CONSOLE MESSAGE: line 49: Feature policy 'Camera' check failed for iframe with origin 'https://127.0.0.1:9443' and allow attribute 'microphone https://127.0.0.1:9443'. 56 CONSOLE MESSAGE: line 49: Not allowed to call getUserMedia. 29 57 30 58 PASS "camera 'none'" - same origin iframe -
trunk/Source/WebCore/ChangeLog
r255665 r255668 1 2020-02-04 youenn fablet <youenn@apple.com> 2 3 MediaDevices should handle changes of iframe allow attribute value 4 https://bugs.webkit.org/show_bug.cgi?id=207112 5 6 Reviewed by Eric Carlson. 7 8 MediaDevices was computing whether it could access camera or microphone at creation time. 9 Since the iframe allow attribute can be modified, we cannot do that. 10 Instead, we get the feature policy everytime this is needed. 11 12 Refactor code to use the newly added routine to check for feature policy. 13 Update logging to give origin and allow attribute value of the frame that fail the feature policy check. 14 15 Test: http/tests/webrtc/enumerateDevicesInFrames.html 16 17 * Modules/mediastream/MediaDevices.cpp: 18 (WebCore::MediaDevices::MediaDevices): 19 (WebCore::MediaDevices::refreshDevices): 20 (WebCore::MediaDevices::enumerateDevices): 21 (WebCore::MediaDevices::listenForDeviceChanges): 22 * Modules/mediastream/MediaDevices.h: 23 * Modules/mediastream/UserMediaController.cpp: 24 (WebCore::UserMediaController::logGetUserMediaDenial): 25 (WebCore::UserMediaController::logGetDisplayMediaDenial): 26 (WebCore::UserMediaController::logEnumerateDevicesDenial): 27 * Modules/mediastream/UserMediaController.h: 28 * Modules/mediastream/UserMediaRequest.cpp: 29 (WebCore::UserMediaRequest::start): 30 * html/FeaturePolicy.cpp: 31 (WebCore::policyTypeName): 32 (WebCore::isFeaturePolicyAllowedByDocumentAndAllOwners): 33 * html/FeaturePolicy.h: 34 * page/DOMWindow.cpp: 35 (WebCore::DOMWindow::printErrorMessage const): 36 * page/DOMWindow.h: 37 1 38 2020-02-03 Fujii Hironori <Hironori.Fujii@sony.com> 2 39 -
trunk/Source/WebCore/Modules/mediastream/MediaDevices.cpp
r255582 r255668 63 63 static_assert(static_cast<size_t>(MediaDevices::DisplayCaptureSurfaceType::Application) == static_cast<size_t>(RealtimeMediaSourceSettings::DisplaySurfaceType::Application), "MediaDevices::DisplayCaptureSurfaceType::Application is not RealtimeMediaSourceSettings::DisplaySurfaceType::Application as expected"); 64 64 static_assert(static_cast<size_t>(MediaDevices::DisplayCaptureSurfaceType::Browser) == static_cast<size_t>(RealtimeMediaSourceSettings::DisplaySurfaceType::Browser), "MediaDevices::DisplayCaptureSurfaceType::Browser is not RealtimeMediaSourceSettings::DisplaySurfaceType::Browser as expected"); 65 66 if (auto* controller = UserMediaController::from(document.page())) {67 m_canAccessCamera = controller->canCallGetUserMedia(document, { UserMediaController::CaptureType::Camera }) == UserMediaController::GetUserMediaAccess::CanCall;68 m_canAccessMicrophone = controller->canCallGetUserMedia(document, { UserMediaController::CaptureType::Microphone }) == UserMediaController::GetUserMediaAccess::CanCall;69 }70 65 } 71 66 … … 161 156 } 162 157 158 static inline bool checkCameraAccess(const Document& document) 159 { 160 return isFeaturePolicyAllowedByDocumentAndAllOwners(FeaturePolicy::Type::Camera, document, LogFeaturePolicyFailure::No); 161 } 162 163 static inline bool checkMicrophoneAccess(const Document& document) 164 { 165 return isFeaturePolicyAllowedByDocumentAndAllOwners(FeaturePolicy::Type::Microphone, document, LogFeaturePolicyFailure::No); 166 } 167 163 168 void MediaDevices::refreshDevices(const Vector<CaptureDevice>& newDevices) 164 169 { 170 auto* document = this->document(); 171 if (!document) 172 return; 173 174 bool canAccessCamera = checkCameraAccess(*document); 175 bool canAccessMicrophone = checkMicrophoneAccess(*document); 176 165 177 Vector<Ref<MediaDeviceInfo>> devices; 166 178 for (auto& newDevice : newDevices) { 167 if (! m_canAccessMicrophone && newDevice.type() == CaptureDevice::DeviceType::Microphone)179 if (!canAccessMicrophone && newDevice.type() == CaptureDevice::DeviceType::Microphone) 168 180 continue; 169 if (! m_canAccessCamera && newDevice.type() == CaptureDevice::DeviceType::Camera)181 if (!canAccessCamera && newDevice.type() == CaptureDevice::DeviceType::Camera) 170 182 continue; 171 183 … … 195 207 return; 196 208 } 197 if (!m_canAccessCamera && !m_canAccessMicrophone) { 198 controller->logGetUserMediaDenial(*document, UserMediaController::GetUserMediaAccess::BlockedByFeaturePolicy, UserMediaController::BlockedCaller::EnumerateDevices); 209 210 if (!checkCameraAccess(*document) && !checkMicrophoneAccess(*document)) { 211 controller->logEnumerateDevicesDenial(*document); 199 212 promise.resolve({ }); 200 213 return; … … 248 261 void MediaDevices::listenForDeviceChanges() 249 262 { 250 if (m_listeningForDeviceChanges || (!m_canAccessCamera && !m_canAccessMicrophone))251 return;252 253 m_listeningForDeviceChanges = true;254 255 263 auto* document = this->document(); 256 264 auto* controller = document ? UserMediaController::from(document->page()) : nullptr; 257 265 if (!controller) 258 266 return; 267 268 bool canAccessCamera = isFeaturePolicyAllowedByDocumentAndAllOwners(FeaturePolicy::Type::Camera, *document, LogFeaturePolicyFailure::No); 269 bool canAccessMicrophone = isFeaturePolicyAllowedByDocumentAndAllOwners(FeaturePolicy::Type::Microphone, *document, LogFeaturePolicyFailure::No); 270 271 if (m_listeningForDeviceChanges || (!canAccessCamera && !canAccessMicrophone)) 272 return; 273 274 m_listeningForDeviceChanges = true; 259 275 260 276 m_deviceChangeToken = controller->addDeviceChangeObserver([weakThis = makeWeakPtr(*this), this]() { -
trunk/Source/WebCore/Modules/mediastream/MediaDevices.h
r255582 r255668 122 122 123 123 Vector<Ref<MediaDeviceInfo>> m_devices; 124 bool m_canAccessCamera { false };125 bool m_canAccessMicrophone { false };126 124 127 125 OptionSet<GestureAllowedRequest> m_requestTypesForCurrentGesture; -
trunk/Source/WebCore/Modules/mediastream/UserMediaController.cpp
r253827 r255668 29 29 #if ENABLE(MEDIA_STREAM) 30 30 31 #include "CustomHeaderFields.h"32 31 #include "DOMWindow.h" 33 32 #include "Document.h" 34 #include "DocumentLoader.h"35 33 #include "Frame.h" 36 34 #include "HTMLIFrameElement.h" 37 #include "HTMLParserIdioms.h"38 #include "LegacySchemeRegistry.h"39 #include "Settings.h"40 35 #include "UserMediaRequest.h" 41 36 … … 62 57 } 63 58 64 static inline bool isAllowedByFeaturePolicy(const FeaturePolicy& featurePolicy, const SecurityOriginData& origin, OptionSet<UserMediaController::CaptureType> types)59 void UserMediaController::logGetUserMediaDenial(Document& document) 65 60 { 66 if ((types & UserMediaController::CaptureType::Camera) && !featurePolicy.allows(FeaturePolicy::Type::Camera, origin)) 67 return false; 68 69 if ((types & UserMediaController::CaptureType::Microphone) && !featurePolicy.allows(FeaturePolicy::Type::Microphone, origin)) 70 return false; 71 72 if ((types & UserMediaController::CaptureType::Display) && !featurePolicy.allows(FeaturePolicy::Type::DisplayCapture, origin)) 73 return false; 74 75 return true; 61 if (auto* window = document.domWindow()) 62 window->printErrorMessage(makeString("Not allowed to call getUserMedia.")); 76 63 } 77 64 78 static UserMediaController::GetUserMediaAccess isAllowedToUse(const Document& document, const Document& topDocument, OptionSet<UserMediaController::CaptureType> types)65 void UserMediaController::logGetDisplayMediaDenial(Document& document) 79 66 { 80 if (&document == &topDocument) 81 return UserMediaController::GetUserMediaAccess::CanCall; 82 83 auto* parentDocument = document.parentDocument(); 84 if (!parentDocument) 85 return UserMediaController::GetUserMediaAccess::BlockedByParent; 86 87 auto* element = document.ownerElement(); 88 ASSERT(element); 89 if (!element || !is<HTMLIFrameElement>(*element)) 90 return UserMediaController::GetUserMediaAccess::BlockedByParent; 91 92 auto& featurePolicy = downcast<HTMLIFrameElement>(*element).featurePolicy(); 93 if (isAllowedByFeaturePolicy(featurePolicy, document.securityOrigin().data(), types)) 94 return UserMediaController::GetUserMediaAccess::CanCall; 95 96 return UserMediaController::GetUserMediaAccess::BlockedByFeaturePolicy; 67 if (auto* window = document.domWindow()) 68 window->printErrorMessage(makeString("Not allowed to call getDisplayMedia.")); 97 69 } 98 70 99 UserMediaController::GetUserMediaAccess UserMediaController::canCallGetUserMedia(const Document& document, OptionSet<UserMediaController::CaptureType> types) const 71 void UserMediaController::logEnumerateDevicesDenial(Document& document) 100 72 { 101 ASSERT(!types.isEmpty()); 102 103 auto& topDocument = document.topDocument(); 104 if (&document != &topDocument) { 105 for (auto* ancestorDocument = &document; ancestorDocument != &topDocument; ancestorDocument = ancestorDocument->parentDocument()) { 106 auto status = isAllowedToUse(*ancestorDocument, topDocument, types); 107 if (status != GetUserMediaAccess::CanCall) 108 return status; 109 } 110 } 111 112 return GetUserMediaAccess::CanCall; 113 } 114 115 void UserMediaController::logGetUserMediaDenial(Document& document, GetUserMediaAccess access, BlockedCaller caller) 116 { 117 auto& domWindow = *document.domWindow(); 118 const char* callerName; 119 120 switch (caller) { 121 case BlockedCaller::GetUserMedia: 122 callerName = "getUserMedia"; 123 break; 124 case BlockedCaller::GetDisplayMedia: 125 callerName = "getDisplayMedia"; 126 break; 127 case BlockedCaller::EnumerateDevices: 128 callerName = "enumerateDevices"; 129 break; 130 } 131 132 switch (access) { 133 case UserMediaController::GetUserMediaAccess::BlockedByParent: 134 domWindow.printErrorMessage(makeString("The top-level frame has prevented a document with a different security origin from calling ", callerName, ".")); 135 break; 136 case GetUserMediaAccess::BlockedByFeaturePolicy: 137 domWindow.printErrorMessage(makeString("Trying to call ", callerName, " from a frame without correct 'allow' attribute.")); 138 break; 139 case UserMediaController::GetUserMediaAccess::CanCall: 140 break; 141 } 73 // We redo the check to print to the console log. 74 isFeaturePolicyAllowedByDocumentAndAllOwners(FeaturePolicy::Type::Camera, document, LogFeaturePolicyFailure::Yes); 75 isFeaturePolicyAllowedByDocumentAndAllOwners(FeaturePolicy::Type::Microphone, document, LogFeaturePolicyFailure::Yes); 76 if (auto* window = document.domWindow()) 77 window->printErrorMessage(makeString("Not allowed to call enumerateDevices.")); 142 78 } 143 79 -
trunk/Source/WebCore/Modules/mediastream/UserMediaController.h
r253827 r255668 28 28 #if ENABLE(MEDIA_STREAM) 29 29 30 #include "FeaturePolicy.h" 30 31 #include "Page.h" 31 32 #include "UserMediaClient.h" … … 52 53 void removeDeviceChangeObserver(UserMediaClient::DeviceChangeObserverToken); 53 54 54 enum class GetUserMediaAccess { 55 CanCall, 56 BlockedByParent, 57 BlockedByFeaturePolicy, 58 }; 59 enum class CaptureType { 60 Microphone = 1 << 0, 61 Camera = 1 << 1, 62 Display = 1 << 3 63 }; 64 GetUserMediaAccess canCallGetUserMedia(const Document&, OptionSet<CaptureType>) const; 65 66 enum class BlockedCaller { 67 GetUserMedia, 68 GetDisplayMedia, 69 EnumerateDevices, 70 }; 71 void logGetUserMediaDenial(Document&, GetUserMediaAccess, BlockedCaller); 55 void logGetUserMediaDenial(Document&); 56 void logGetDisplayMediaDenial(Document&); 57 void logEnumerateDevicesDenial(Document&); 72 58 73 59 WEBCORE_EXPORT static const char* supplementName(); -
trunk/Source/WebCore/Modules/mediastream/UserMediaRequest.cpp
r253288 r255668 199 199 // the value NotAllowedError. 200 200 201 OptionSet<UserMediaController::CaptureType> types; 202 UserMediaController::BlockedCaller caller; 203 if (m_request.type == MediaStreamRequest::Type::DisplayMedia) { 204 types.add(UserMediaController::CaptureType::Display); 205 caller = UserMediaController::BlockedCaller::GetDisplayMedia; 206 } else { 207 if (m_request.audioConstraints.isValid) 208 types.add(UserMediaController::CaptureType::Microphone); 209 if (m_request.videoConstraints.isValid) 210 types.add(UserMediaController::CaptureType::Camera); 211 caller = UserMediaController::BlockedCaller::GetUserMedia; 212 } 213 auto access = controller->canCallGetUserMedia(document, types); 214 if (access != UserMediaController::GetUserMediaAccess::CanCall) { 215 deny(MediaAccessDenialReason::PermissionDenied); 216 controller->logGetUserMediaDenial(document, access, caller); 217 return; 201 switch (m_request.type) { 202 case MediaStreamRequest::Type::DisplayMedia: 203 if (!isFeaturePolicyAllowedByDocumentAndAllOwners(FeaturePolicy::Type::DisplayCapture, document)) { 204 deny(MediaAccessDenialReason::PermissionDenied); 205 controller->logGetDisplayMediaDenial(document); 206 return; 207 } 208 break; 209 case MediaStreamRequest::Type::UserMedia: 210 if (m_request.audioConstraints.isValid && !isFeaturePolicyAllowedByDocumentAndAllOwners(FeaturePolicy::Type::Microphone, document)) { 211 deny(MediaAccessDenialReason::PermissionDenied); 212 controller->logGetUserMediaDenial(document); 213 return; 214 } 215 if (m_request.videoConstraints.isValid && !isFeaturePolicyAllowedByDocumentAndAllOwners(FeaturePolicy::Type::Camera, document)) { 216 deny(MediaAccessDenialReason::PermissionDenied); 217 controller->logGetUserMediaDenial(document); 218 return; 219 } 220 break; 218 221 } 219 222 -
trunk/Source/WebCore/html/FeaturePolicy.cpp
r255562 r255668 27 27 #include "FeaturePolicy.h" 28 28 29 #include "DOMWindow.h" 29 30 #include "Document.h" 30 31 #include "HTMLIFrameElement.h" … … 37 38 using namespace HTMLNames; 38 39 39 bool isFeaturePolicyAllowedByDocumentAndAllOwners(FeaturePolicy::Type type, const Document& document) 40 static const char* policyTypeName(FeaturePolicy::Type type) 41 { 42 switch (type) { 43 case FeaturePolicy::Type::Camera: 44 return "Camera"; 45 case FeaturePolicy::Type::Microphone: 46 return "Microphone"; 47 case FeaturePolicy::Type::DisplayCapture: 48 return "DisplayCapture"; 49 case FeaturePolicy::Type::SyncXHR: 50 return "SyncXHR"; 51 case FeaturePolicy::Type::Fullscreen: 52 return "Fullscreen"; 53 } 54 ASSERT_NOT_REACHED(); 55 return ""; 56 } 57 58 bool isFeaturePolicyAllowedByDocumentAndAllOwners(FeaturePolicy::Type type, const Document& document, LogFeaturePolicyFailure logFailure) 40 59 { 41 60 auto& topDocument = document.topDocument(); 42 61 auto* ancestorDocument = &document; 43 62 while (ancestorDocument != &topDocument) { 44 if (!ancestorDocument) 63 if (!ancestorDocument) { 64 if (logFailure == LogFeaturePolicyFailure::Yes && document.domWindow()) 65 document.domWindow()->printErrorMessage(makeString("Feature policy '", policyTypeName(type), "' check failed.")); 45 66 return false; 67 } 46 68 47 69 auto* ownerElement = ancestorDocument->ownerElement(); 48 70 if (is<HTMLIFrameElement>(ownerElement)) { 49 71 const auto& featurePolicy = downcast<HTMLIFrameElement>(ownerElement)->featurePolicy(); 50 if (!featurePolicy.allows(type, ancestorDocument->securityOrigin().data())) 72 if (!featurePolicy.allows(type, ancestorDocument->securityOrigin().data())) { 73 if (logFailure == LogFeaturePolicyFailure::Yes && document.domWindow()) { 74 auto& allowValue = downcast<HTMLIFrameElement>(ownerElement)->attributeWithoutSynchronization(HTMLNames::allowAttr); 75 document.domWindow()->printErrorMessage(makeString("Feature policy '", policyTypeName(type), "' check failed for iframe with origin '", document.securityOrigin().toString(), "' and allow attribute '", allowValue, "'.")); 76 } 51 77 return false; 78 } 52 79 } 53 80 -
trunk/Source/WebCore/html/FeaturePolicy.h
r255162 r255668 56 56 }; 57 57 58 extern bool isFeaturePolicyAllowedByDocumentAndAllOwners(FeaturePolicy::Type, const Document&); 58 enum class LogFeaturePolicyFailure { No, Yes }; 59 extern bool isFeaturePolicyAllowedByDocumentAndAllOwners(FeaturePolicy::Type, const Document&, LogFeaturePolicyFailure = LogFeaturePolicyFailure::Yes); 59 60 60 61 } // namespace WebCore -
trunk/Source/WebCore/page/DOMWindow.cpp
r255334 r255668 2369 2369 } 2370 2370 2371 void DOMWindow::printErrorMessage(const String& message) 2371 void DOMWindow::printErrorMessage(const String& message) const 2372 2372 { 2373 2373 if (message.isEmpty()) -
trunk/Source/WebCore/page/DOMWindow.h
r254857 r255668 267 267 PageConsoleClient* console() const; 268 268 269 void printErrorMessage(const String&) ;269 void printErrorMessage(const String&) const; 270 270 271 271 String crossDomainAccessErrorMessage(const DOMWindow& activeWindow, IncludeTargetOrigin);
Note: See TracChangeset
for help on using the changeset viewer.