Provide a way for Injected Bundles to indicate classes approved for NSSecureCoding
authorbfulgham@apple.com <bfulgham@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Tue, 26 Jun 2018 18:16:57 +0000 (18:16 +0000)
committerbfulgham@apple.com <bfulgham@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Tue, 26 Jun 2018 18:16:57 +0000 (18:16 +0000)
commit123650867d43feb806adc5853e7a3e704e9c76ff
tree063ac312adb8879bc8f66d8e35e732bce829ef5b
parent489642441503fe64b520d9f1e07ca6515dfacf5d
Provide a way for Injected Bundles to indicate classes approved for NSSecureCoding
https://bugs.webkit.org/show_bug.cgi?id=186788
<rdar://problem/41094167>

Reviewed by Chris Dumez.

Source/WebKit:

InjectedBundles support a mechanism to serialize data between the UIProcess and the
WebContent process hosting the bundle. In some cases, we want to be able to serialize
a custom data object that is not part of WebKit's native data types.

After switching to strict NSSecureCoding, WebKit clients attempting to serialize these
custom objects trigger a failure.

This patch makes it possible for the InjectedBundle author to specify one (or more) data
classes that are allowed to be serialized between the two processes.

* WebProcess/InjectedBundle/API/c/WKBundle.cpp:
(WKBundleExtendClassesForParameterCoder): Added.
* WebProcess/InjectedBundle/API/c/WKBundlePrivate.h:
* WebProcess/InjectedBundle/API/mac/WKWebProcessPlugIn.h:
* WebProcess/InjectedBundle/API/mac/WKWebProcessPlugIn.mm:
(createWKArray): Added.
(-[WKWebProcessPlugInController extendClassesForParameterCoder:]): Added.
* WebProcess/InjectedBundle/InjectedBundle.h:
* WebProcess/InjectedBundle/mac/InjectedBundleMac.mm:
(WebKit::InjectedBundle::extendClassesForParameterCoder): Added.
(WebKit::InjectedBundle::classesForCoder): New helper function.
(WebKit::InjectedBundle::setBundleParameter): Modified to use the new set of valid
classes for NSSecureCoding.

Tools:

Add a new test case to exercise the class check during NSSecureCoding.

* TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj:
* TestWebKitAPI/Tests/WebKit/mac/CustomBundleObject.h: Added.
* TestWebKitAPI/Tests/WebKit/mac/CustomBundleObject.mm: Added.
(-[CustomBundleObject initWithValue:]):
(+[CustomBundleObject supportsSecureCoding]):
(-[CustomBundleObject copyWithZone:]):
(-[CustomBundleObject initWithCoder:]):
(-[CustomBundleObject encodeWithCoder:]):
* TestWebKitAPI/Tests/WebKit/mac/CustomBundleParameter.mm: Added.
(TestWebKitAPI::didReceiveMessageFromInjectedBundle):
(TestWebKitAPI::didFinishLoadForFrame):
* TestWebKitAPI/Tests/WebKit/mac/CustomBundleParameter_Bundle.mm: Added.
(TestWebKitAPI::CustomBundleParameterTest::CustomBundleParameterTest):
(TestWebKitAPI::CustomBundleParameterTest::didCreatePage):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@233207 268f45cc-cd09-0410-ab3c-d52691b4dbfc
13 files changed:
Source/WebKit/ChangeLog
Source/WebKit/WebProcess/InjectedBundle/API/c/WKBundle.cpp
Source/WebKit/WebProcess/InjectedBundle/API/c/WKBundlePrivate.h
Source/WebKit/WebProcess/InjectedBundle/API/mac/WKWebProcessPlugIn.h
Source/WebKit/WebProcess/InjectedBundle/API/mac/WKWebProcessPlugIn.mm
Source/WebKit/WebProcess/InjectedBundle/InjectedBundle.h
Source/WebKit/WebProcess/InjectedBundle/mac/InjectedBundleMac.mm
Tools/ChangeLog
Tools/TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj
Tools/TestWebKitAPI/Tests/WebKit/mac/CustomBundleObject.h [new file with mode: 0644]
Tools/TestWebKitAPI/Tests/WebKit/mac/CustomBundleObject.mm [new file with mode: 0644]
Tools/TestWebKitAPI/Tests/WebKit/mac/CustomBundleParameter.mm [new file with mode: 0644]
Tools/TestWebKitAPI/Tests/WebKit/mac/CustomBundleParameter_Bundle.mm [new file with mode: 0644]