Changeset 256761 in webkit


Ignore:
Timestamp:
Feb 17, 2020 12:42:21 PM (4 years ago)
Author:
youenn@apple.com
Message:

Validate scopeURL is valid when reading it from the database
https://bugs.webkit.org/show_bug.cgi?id=207721

Reviewed by Darin Adler.

  • workers/service/server/RegistrationDatabase.cpp:

(WebCore::RegistrationDatabase::importRecords):
In case scopeURL is not good, skip the registration, as done for other registration parameters.

Location:
trunk/Source/WebCore
Files:
2 edited

Legend:

Unmodified
Added
Removed
  • trunk/Source/WebCore/ChangeLog

    r256760 r256761  
     12020-02-17  Youenn Fablet  <youenn@apple.com>
     2
     3        Validate scopeURL is valid when reading it from the database
     4        https://bugs.webkit.org/show_bug.cgi?id=207721
     5
     6        Reviewed by Darin Adler.
     7
     8        * workers/service/server/RegistrationDatabase.cpp:
     9        (WebCore::RegistrationDatabase::importRecords):
     10        In case scopeURL is not good, skip the registration, as done for other registration parameters.
     11
    1122020-02-17  Zalan Bujtas  <zalan@apple.com>
    213
  • trunk/Source/WebCore/workers/service/server/RegistrationDatabase.cpp

    r256745 r256761  
    382382        auto originURL = URL { URL(), sql.getColumnText(1) };
    383383        auto scopePath = sql.getColumnText(2);
     384        auto scopeURL = URL { originURL, scopePath };
    384385        auto topOrigin = SecurityOriginData::fromDatabaseIdentifier(sql.getColumnText(3));
    385386        auto lastUpdateCheckTime = WallTime::fromRawSeconds(sql.getColumnDouble(4));
     
    411412        // If any part of this input is invalid, let's skip this registration.
    412413        // FIXME: Should we return an error skipping *all* registrations?
    413         if (!key || !originURL.isValid() || !topOrigin || !updateViaCache || !scriptURL.isValid() || !workerType)
     414        if (!key || !originURL.isValid() || !topOrigin || !updateViaCache || !scriptURL.isValid() || !workerType || !scopeURL.isValid())
    414415            continue;
    415416
     
    417418        auto registrationIdentifier = ServiceWorkerRegistrationIdentifier::generate();
    418419        auto serviceWorkerData = ServiceWorkerData { workerIdentifier, scriptURL, ServiceWorkerState::Activated, *workerType, registrationIdentifier };
    419         auto registration = ServiceWorkerRegistrationData { WTFMove(*key), registrationIdentifier, URL(originURL, scopePath), *updateViaCache, lastUpdateCheckTime, WTF::nullopt, WTF::nullopt, WTFMove(serviceWorkerData) };
     420        auto registration = ServiceWorkerRegistrationData { WTFMove(*key), registrationIdentifier, WTFMove(scopeURL), *updateViaCache, lastUpdateCheckTime, WTF::nullopt, WTF::nullopt, WTFMove(serviceWorkerData) };
    420421        auto contextData = ServiceWorkerContextData { WTF::nullopt, WTFMove(registration), workerIdentifier, WTFMove(script), WTFMove(contentSecurityPolicy), WTFMove(referrerPolicy), WTFMove(scriptURL), *workerType, true, WTFMove(scriptResourceMap) };
    421422
Note: See TracChangeset for help on using the changeset viewer.