Changeset 269960 in webkit

Timestamp:

Nov 18, 2020 8:39:21 AM (3 years ago)

Author:

Chris Dumez

Message:

navigator.clipboard is not exposed on *.localhost pages
​https://bugs.webkit.org/show_bug.cgi?id=219020

Reviewed by Wenson Hsieh.

Source/WebCore:

Make sure that if the host falls within ".localhost", the security origin is treated as
potentially trustworthy, as per:

• ​https://w3c.github.io/webappsec-secure-contexts/#is-origin-trustworthy (Step 5).

This makes sure that API that are exposed only to secure context (such as navigator.clipboad)
are exposed on subdomains of localhost.

• page/SecurityOrigin.cpp:

(WebCore::SecurityOrigin::isLocalHostOrLoopbackIPAddress):

Tools:

Extend API test coverage.

• TestWebKitAPI/Tests/WebCore/SecurityOrigin.cpp:

(TestWebKitAPI::TEST_F):

Location:

trunk

Files:

• Source/WebCore/ChangeLog (modified) (1 diff)
• Source/WebCore/page/SecurityOrigin.cpp (modified) (1 diff)
• Tools/ChangeLog (modified) (1 diff)
• Tools/TestWebKitAPI/Tests/WebCore/SecurityOrigin.cpp (modified) (1 diff)

trunk/Source/WebCore/ChangeLog

@@ +1 @@
+2020-11-18  Chris Dumez  <cdumez@apple.com>
+
+        navigator.clipboard is not exposed on *.localhost pages
+        https://bugs.webkit.org/show_bug.cgi?id=219020
+
+        Reviewed by Wenson Hsieh.
+
+        Make sure that if the host falls within ".localhost", the security origin is treated as
+        potentially trustworthy, as per:
+        - https://w3c.github.io/webappsec-secure-contexts/#is-origin-trustworthy (Step 5).
+
+        This makes sure that API that are exposed only to secure context (such as navigator.clipboad)
+        are exposed on subdomains of localhost.
+
+        * page/SecurityOrigin.cpp:
+        (WebCore::SecurityOrigin::isLocalHostOrLoopbackIPAddress):
+
 2020-11-18  Chris Lord  <clord@igalia.com>
 

trunk/Source/WebCore/page/SecurityOrigin.cpp

@@ -606 +606 @@
 
     // FIXME: Ensure that localhost resolves to the loopback address.
-    if (equalLettersIgnoringASCIICase(host, "localhost"))
+    if (equalLettersIgnoringASCIICase(host, "localhost") || host.endsWithIgnoringASCIICase(".localhost"))
         return true;
 

trunk/Tools/ChangeLog

@@ +1 @@
+2020-11-18  Chris Dumez  <cdumez@apple.com>
+
+        navigator.clipboard is not exposed on *.localhost pages
+        https://bugs.webkit.org/show_bug.cgi?id=219020
+
+        Reviewed by Wenson Hsieh.
+
+        Extend API test coverage.
+
+        * TestWebKitAPI/Tests/WebCore/SecurityOrigin.cpp:
+        (TestWebKitAPI::TEST_F):
+
 2020-11-18  Aakash Jain  <aakash_jain@apple.com>
 

trunk/Tools/TestWebKitAPI/Tests/WebCore/SecurityOrigin.cpp

@@ -160 +160 @@
     EXPECT_TRUE(SecurityOrigin::createFromString("http://127.0.1.1")->isPotentiallyTrustworthy());
     EXPECT_TRUE(SecurityOrigin::createFromString("http://127.1.1.1")->isPotentiallyTrustworthy());
+    EXPECT_TRUE(SecurityOrigin::createFromString("http://localhost:8000")->isPotentiallyTrustworthy());
     EXPECT_TRUE(SecurityOrigin::createFromString("http://localhost")->isPotentiallyTrustworthy());
     EXPECT_TRUE(SecurityOrigin::createFromString("http://loCALhoST")->isPotentiallyTrustworthy());
+    EXPECT_TRUE(SecurityOrigin::createFromString("http://foo.localhost")->isPotentiallyTrustworthy());
+    EXPECT_TRUE(SecurityOrigin::createFromString("http://Foo.loCaLhOsT")->isPotentiallyTrustworthy());
+    EXPECT_TRUE(SecurityOrigin::createFromString("http://foo.localhost:8000")->isPotentiallyTrustworthy());
+    EXPECT_TRUE(SecurityOrigin::createFromString("http://foo.bar.localhost:8000")->isPotentiallyTrustworthy());
+    EXPECT_FALSE(SecurityOrigin::createFromString("http://localhost.com")->isPotentiallyTrustworthy());
+    EXPECT_FALSE(SecurityOrigin::createFromString("http://foo.localhost.com")->isPotentiallyTrustworthy());
     EXPECT_TRUE(SecurityOrigin::createFromString("http://[::1]")->isPotentiallyTrustworthy());
 #if PLATFORM(COCOA)