Deny third-party cookie creation for prevalent resources without interaction
[WebKit-https.git] / Source / WebKit / NetworkProcess / NetworkProcess.h
1 /*
2  * Copyright (C) 2012-2017 Apple Inc. All rights reserved.
3  *
4  * Redistribution and use in source and binary forms, with or without
5  * modification, are permitted provided that the following conditions
6  * are met:
7  * 1. Redistributions of source code must retain the above copyright
8  *    notice, this list of conditions and the following disclaimer.
9  * 2. Redistributions in binary form must reproduce the above copyright
10  *    notice, this list of conditions and the following disclaimer in the
11  *    documentation and/or other materials provided with the distribution.
12  *
13  * THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS''
14  * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,
15  * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
16  * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS
17  * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
18  * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
19  * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
20  * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
21  * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
22  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF
23  * THE POSSIBILITY OF SUCH DAMAGE.
24  */
25
26 #pragma once
27
28 #include "CacheModel.h"
29 #include "ChildProcess.h"
30 #include "DownloadManager.h"
31 #include "MessageReceiverMap.h"
32 #include <WebCore/DiagnosticLoggingClient.h>
33 #include <memory>
34 #include <pal/SessionID.h>
35 #include <wtf/Forward.h>
36 #include <wtf/Function.h>
37 #include <wtf/MemoryPressureHandler.h>
38 #include <wtf/NeverDestroyed.h>
39 #include <wtf/RetainPtr.h>
40
41 #if PLATFORM(IOS)
42 #include "WebSQLiteDatabaseTracker.h"
43 #endif
44
45 namespace PAL {
46 class SessionID;
47 }
48
49 namespace WebCore {
50 class DownloadID;
51 class CertificateInfo;
52 class NetworkStorageSession;
53 class ProtectionSpace;
54 class SecurityOrigin;
55 struct SecurityOriginData;
56 struct SoupNetworkProxySettings;
57 }
58
59 namespace WebKit {
60 class AuthenticationManager;
61 class NetworkConnectionToWebProcess;
62 class NetworkProcessSupplement;
63 class NetworkResourceLoader;
64 enum class WebsiteDataFetchOption;
65 enum class WebsiteDataType;
66 struct NetworkProcessCreationParameters;
67 struct WebsiteDataStoreParameters;
68
69 namespace NetworkCache {
70 class Cache;
71 }
72
73 class NetworkProcess : public ChildProcess, private DownloadManager::Client {
74     WTF_MAKE_NONCOPYABLE(NetworkProcess);
75     friend class NeverDestroyed<NetworkProcess>;
76     friend class NeverDestroyed<DownloadManager>;
77 public:
78     static NetworkProcess& singleton();
79
80     template <typename T>
81     T* supplement()
82     {
83         return static_cast<T*>(m_supplements.get(T::supplementName()));
84     }
85
86     template <typename T>
87     void addSupplement()
88     {
89         m_supplements.add(T::supplementName(), std::make_unique<T>(this));
90     }
91
92     void removeNetworkConnectionToWebProcess(NetworkConnectionToWebProcess*);
93
94     AuthenticationManager& authenticationManager();
95     DownloadManager& downloadManager();
96
97 #if ENABLE(NETWORK_CACHE)
98     NetworkCache::Cache* cache() { return m_cache.get(); }
99 #endif
100
101     bool canHandleHTTPSServerTrustEvaluation() const { return m_canHandleHTTPSServerTrustEvaluation; }
102
103     void processWillSuspendImminently(bool& handled);
104     void prepareToSuspend();
105     void cancelPrepareToSuspend();
106     void processDidResume();
107
108     // Diagnostic messages logging.
109     void logDiagnosticMessage(uint64_t webPageID, const String& message, const String& description, WebCore::ShouldSample);
110     void logDiagnosticMessageWithResult(uint64_t webPageID, const String& message, const String& description, WebCore::DiagnosticLoggingResultType, WebCore::ShouldSample);
111     void logDiagnosticMessageWithValue(uint64_t webPageID, const String& message, const String& description, double value, unsigned significantFigures, WebCore::ShouldSample);
112
113 #if PLATFORM(COCOA)
114     RetainPtr<CFDataRef> sourceApplicationAuditData() const;
115     void clearHSTSCache(WebCore::NetworkStorageSession&, std::chrono::system_clock::time_point modifiedSince);
116 #endif
117
118 #if USE(NETWORK_SESSION)
119     void findPendingDownloadLocation(NetworkDataTask&, ResponseCompletionHandler&&, const WebCore::ResourceResponse&);
120 #endif
121
122 #if USE(PROTECTION_SPACE_AUTH_CALLBACK)
123     void canAuthenticateAgainstProtectionSpace(NetworkResourceLoader&, const WebCore::ProtectionSpace&);
124 #endif
125
126     void prefetchDNS(const String&);
127
128     void ensurePrivateBrowsingSession(WebsiteDataStoreParameters&&);
129
130     void grantSandboxExtensionsToStorageProcessForBlobs(const Vector<String>& filenames, Function<void ()>&& completionHandler);
131
132 #if HAVE(CFNETWORK_STORAGE_PARTITIONING)
133     void updatePrevalentDomainsWithAndWithoutInteraction(PAL::SessionID, const Vector<String>& domainsWithInteraction, const Vector<String>& domainsWithoutInteraction, bool shouldClearFirst);
134     void removePrevalentDomains(PAL::SessionID, const Vector<String>& domains);
135 #endif
136
137     Seconds loadThrottleLatency() const { return m_loadThrottleLatency; }
138     String cacheStorageDirectory(PAL::SessionID) const;
139
140 private:
141     NetworkProcess();
142     ~NetworkProcess();
143
144     void platformInitializeNetworkProcess(const NetworkProcessCreationParameters&);
145
146     void terminate() override;
147     void platformTerminate();
148
149     void lowMemoryHandler(Critical);
150
151     enum class ShouldAcknowledgeWhenReadyToSuspend { No, Yes };
152     void actualPrepareToSuspend(ShouldAcknowledgeWhenReadyToSuspend);
153
154     // ChildProcess
155     void initializeProcess(const ChildProcessInitializationParameters&) override;
156     void initializeProcessName(const ChildProcessInitializationParameters&) override;
157     void initializeSandbox(const ChildProcessInitializationParameters&, SandboxInitializationParameters&) override;
158     void initializeConnection(IPC::Connection*) override;
159     bool shouldTerminate() override;
160
161     // IPC::Connection::Client
162     void didReceiveMessage(IPC::Connection&, IPC::Decoder&) override;
163     void didReceiveSyncMessage(IPC::Connection&, IPC::Decoder&, std::unique_ptr<IPC::Encoder>&) override;
164     void didClose(IPC::Connection&) override;
165
166     // DownloadManager::Client
167     void didCreateDownload() override;
168     void didDestroyDownload() override;
169     IPC::Connection* downloadProxyConnection() override;
170     AuthenticationManager& downloadsAuthenticationManager() override;
171 #if USE(NETWORK_SESSION)
172     void pendingDownloadCanceled(DownloadID) override;
173 #endif
174
175     // Message Handlers
176     void didReceiveNetworkProcessMessage(IPC::Connection&, IPC::Decoder&);
177     void didReceiveSyncNetworkProcessMessage(IPC::Connection&, IPC::Decoder&, std::unique_ptr<IPC::Encoder>&);
178     void initializeNetworkProcess(NetworkProcessCreationParameters&&);
179     void createNetworkConnectionToWebProcess();
180     void addWebsiteDataStore(WebsiteDataStoreParameters&&);
181     void destroySession(PAL::SessionID);
182
183     void fetchWebsiteData(PAL::SessionID, OptionSet<WebsiteDataType>, OptionSet<WebsiteDataFetchOption>, uint64_t callbackID);
184     void deleteWebsiteData(PAL::SessionID, OptionSet<WebsiteDataType>, std::chrono::system_clock::time_point modifiedSince, uint64_t callbackID);
185     void deleteWebsiteDataForOrigins(PAL::SessionID, OptionSet<WebsiteDataType>, const Vector<WebCore::SecurityOriginData>& origins, const Vector<String>& cookieHostNames, uint64_t callbackID);
186
187     void clearCachedCredentials();
188
189     // FIXME: This should take a session ID so we can identify which disk cache to delete.
190     void clearDiskCache(std::chrono::system_clock::time_point modifiedSince, Function<void ()>&& completionHandler);
191
192     void downloadRequest(PAL::SessionID, DownloadID, const WebCore::ResourceRequest&, const String& suggestedFilename);
193     void resumeDownload(PAL::SessionID, DownloadID, const IPC::DataReference& resumeData, const String& path, const SandboxExtension::Handle&);
194     void cancelDownload(DownloadID);
195 #if USE(PROTECTION_SPACE_AUTH_CALLBACK)
196     void continueCanAuthenticateAgainstProtectionSpace(uint64_t resourceLoadIdentifier, bool canAuthenticate);
197 #endif
198 #if USE(NETWORK_SESSION)
199 #if USE(PROTECTION_SPACE_AUTH_CALLBACK)
200     void continueCanAuthenticateAgainstProtectionSpaceDownload(DownloadID, bool canAuthenticate);
201 #endif
202     void continueWillSendRequest(DownloadID, WebCore::ResourceRequest&&);
203 #endif
204     void continueDecidePendingDownloadDestination(DownloadID, String destination, const SandboxExtension::Handle& sandboxExtensionHandle, bool allowOverwrite);
205
206     void setCacheModel(uint32_t);
207     void allowSpecificHTTPSCertificateForHost(const WebCore::CertificateInfo&, const String& host);
208     void setCanHandleHTTPSServerTrustEvaluation(bool);
209     void getNetworkProcessStatistics(uint64_t callbackID);
210     void clearCacheForAllOrigins(uint32_t cachesToClear);
211     void setAllowsAnySSLCertificateForWebSocket(bool);
212     void syncAllCookies();
213
214     void didGrantSandboxExtensionsToStorageProcessForBlobs(uint64_t requestID);
215
216 #if USE(SOUP)
217     void setIgnoreTLSErrors(bool);
218     void userPreferredLanguagesChanged(const Vector<String>&);
219     void setNetworkProxySettings(const WebCore::SoupNetworkProxySettings&);
220 #endif
221
222     // Platform Helpers
223     void platformSetURLCacheSize(unsigned urlCacheMemoryCapacity, uint64_t urlCacheDiskCapacity);
224
225     // Connections to WebProcesses.
226     Vector<RefPtr<NetworkConnectionToWebProcess>> m_webProcessConnections;
227
228     String m_cacheStorageDirectory;
229     String m_diskCacheDirectory;
230     bool m_hasSetCacheModel;
231     CacheModel m_cacheModel;
232     int64_t m_diskCacheSizeOverride { -1 };
233     bool m_suppressMemoryPressureHandler { false };
234     bool m_diskCacheIsDisabledForTesting;
235     bool m_canHandleHTTPSServerTrustEvaluation;
236     Seconds m_loadThrottleLatency;
237
238 #if ENABLE(NETWORK_CACHE)
239     RefPtr<NetworkCache::Cache> m_cache;
240 #endif
241
242     typedef HashMap<const char*, std::unique_ptr<NetworkProcessSupplement>, PtrHash<const char*>> NetworkProcessSupplementMap;
243     NetworkProcessSupplementMap m_supplements;
244
245     HashMap<uint64_t, Function<void ()>> m_sandboxExtensionForBlobsCompletionHandlers;
246     HashMap<uint64_t, Ref<NetworkResourceLoader>> m_waitingNetworkResourceLoaders;
247
248 #if PLATFORM(COCOA)
249     void platformInitializeNetworkProcessCocoa(const NetworkProcessCreationParameters&);
250     void setCookieStoragePartitioningEnabled(bool);
251
252     // FIXME: We'd like to be able to do this without the #ifdef, but WorkQueue + BinarySemaphore isn't good enough since
253     // multiple requests to clear the cache can come in before previous requests complete, and we need to wait for all of them.
254     // In the future using WorkQueue and a counting semaphore would work, as would WorkQueue supporting the libdispatch concept of "work groups".
255     dispatch_group_t m_clearCacheDispatchGroup;
256 #endif
257
258 #if PLATFORM(IOS)
259     WebSQLiteDatabaseTracker m_webSQLiteDatabaseTracker;
260 #endif
261 };
262
263 } // namespace WebKit