HLS resources with remote subresources will not taint canvasses.
authorjer.noble@apple.com <jer.noble@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Fri, 20 Jul 2018 17:59:47 +0000 (17:59 +0000)
committerjer.noble@apple.com <jer.noble@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Fri, 20 Jul 2018 17:59:47 +0000 (17:59 +0000)
commit257853976e085235b81217c1b7c1bc1b8b9d8efe
tree9fcbc893a7f5fc541c1d6747aaad113adc742bec
parent8c6d800158835730647ac8a4a2e23af976394d45
HLS resources with remote subresources will not taint canvasses.
https://bugs.webkit.org/show_bug.cgi?id=187731
<rdar://problem/42290703>

Reviewed by Brady Eidson.

Source/WebCore:

Test: http/tests/security/canvas-remote-read-remote-video-hls.html

Most media sources are single-resource; they are accessed from a single origin. HLS manifests can contain many
subresources from arbitrary origins, and canvases should be tainted when painted from media elements whose
subresources were retrieved from tainting origins.

Add a new method to HTMLMediaElement, wouldTaintOrigin(), taking a SecurityOrigin, and returning whether the
media element would taint that origin. This gets piped all the way down to MediaPlayerPrivateAVFoundationObjC
which uses WebCoreNSURLSession to track all the origins of all the responses which resulted from the media
element's load.

Drive-by fix: also fix this issue for media elements which render to an AudioContext.

Drive-by fix #2: CanvasRenderingContext2DBase::createPattern() needs to check the return value of
ImageBuffer::create() before using it.

* Modules/webaudio/MediaElementAudioSourceNode.cpp:
(WebCore::MediaElementAudioSourceNode::wouldTaintOrigin):
* html/HTMLMediaElement.cpp:
(WebCore::HTMLMediaElement::didAttachRenderers):
(WebCore::HTMLMediaElement::didDetachRenderers):
(WebCore::HTMLMediaElement::scheduleUpdateShouldAutoplay):
* html/HTMLMediaElement.h:
(WebCore::HTMLMediaElement::wouldTaintOrigin const):
* html/canvas/CanvasRenderingContext.cpp:
(WebCore::CanvasRenderingContext::wouldTaintOrigin):
* html/canvas/CanvasRenderingContext2DBase.cpp:
(WebCore::CanvasRenderingContext2DBase::createPattern):
* platform/graphics/MediaPlayer.cpp:
(WebCore::MediaPlayer::wouldTaintOrigin const):
* platform/graphics/MediaPlayer.h:
* platform/graphics/MediaPlayerPrivate.h:
(WebCore::MediaPlayerPrivateInterface::hasSingleSecurityOrigin const):
(WebCore::MediaPlayerPrivateInterface::wouldTaintOrigin const):
* platform/graphics/avfoundation/objc/CDMSessionAVContentKeySession.mm:
(WebCore::CDMSessionAVContentKeySession::update):
* platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.h:
* platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
(WebCore::MediaPlayerPrivateAVFoundationObjC::wouldTaintOrigin const):
* platform/network/cocoa/WebCoreNSURLSession.h:
* platform/network/cocoa/WebCoreNSURLSession.mm:
(-[WebCoreNSURLSession task:didReceiveResponseFromOrigin:]):
(-[WebCoreNSURLSession wouldTaintOrigin:]):
(-[WebCoreNSURLSessionDataTask resource:receivedResponse:]):

LayoutTests:

* http/tests/media/resources/hls/test-vod-localhost.m3u8: Added.
* http/tests/security/canvas-remote-read-remote-video-hls-expected.txt: Added.
* http/tests/security/canvas-remote-read-remote-video-hls.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@234055 268f45cc-cd09-0410-ab3c-d52691b4dbfc
17 files changed:
LayoutTests/ChangeLog
LayoutTests/http/tests/media/resources/hls/test-vod-localhost.m3u8 [new file with mode: 0644]
LayoutTests/http/tests/security/canvas-remote-read-remote-video-hls-expected.txt [new file with mode: 0644]
LayoutTests/http/tests/security/canvas-remote-read-remote-video-hls.html [new file with mode: 0644]
Source/WebCore/ChangeLog
Source/WebCore/Modules/webaudio/MediaElementAudioSourceNode.cpp
Source/WebCore/html/HTMLMediaElement.h
Source/WebCore/html/canvas/CanvasRenderingContext.cpp
Source/WebCore/html/canvas/CanvasRenderingContext2DBase.cpp
Source/WebCore/platform/graphics/MediaPlayer.cpp
Source/WebCore/platform/graphics/MediaPlayer.h
Source/WebCore/platform/graphics/MediaPlayerPrivate.h
Source/WebCore/platform/graphics/avfoundation/objc/CDMSessionAVContentKeySession.mm
Source/WebCore/platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.h
Source/WebCore/platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm
Source/WebCore/platform/network/cocoa/WebCoreNSURLSession.h
Source/WebCore/platform/network/cocoa/WebCoreNSURLSession.mm