Disallow loading webarchives as iframes
authorjiewen_tan@apple.com <jiewen_tan@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Tue, 27 Nov 2018 19:38:18 +0000 (19:38 +0000)
committerjiewen_tan@apple.com <jiewen_tan@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Tue, 27 Nov 2018 19:38:18 +0000 (19:38 +0000)
commit5a8ee6d2e19c07d6c5ebd847e9165e5c84f05f9a
treee4f4d51b6553930301fec982bba585fe535d8ca8
parent6877296f15c3d592eb741fae0bfb83a3eb9e9ae6
Disallow loading webarchives as iframes
https://bugs.webkit.org/show_bug.cgi?id=191728
<rdar://problem/45524528>

Reviewed by Youenn Fablet.

Source/WebCore:

Disallow loading webarchives as iframes. We don't allow loading remote webarchives.
Now, this policy is hardened to disallow loading webarchives as iframes for local
documents as well.

To allow old tests still be able to run, a flag is added to always allow loading local
webarchives in document. The flag can be set via window.internals.

Tests: webarchive/loading/test-loading-archive-subresource.html
       webarchive/loading/test-loading-top-archive.html

* dom/Document.h:
(WebCore::Document::setAlwaysAllowLocalWebarchive):
(WebCore::Document::alwaysAllowLocalWebarchive):
* loader/DocumentLoader.cpp:
(WebCore::disallowWebArchive):
(WebCore::DocumentLoader::continueAfterContentPolicy):
(WebCore::isRemoteWebArchive): Deleted.
* testing/Internals.cpp:
(WebCore::Internals::setAlwaysAllowLocalWebarchive const):
* testing/Internals.h:
* testing/Internals.idl:

Source/WebKit:

* UIProcess/WebPageProxy.cpp:
(WebKit::WebPageProxy::unableToImplementPolicy):
Add a check to prevent null pointer dereference.

LayoutTests:

* platform/mac-wk1/webarchive/loading/test-loading-archive-subresource-expected.txt: Added.
* platform/mac/fast/loader/webarchive-encoding-respected.html:
* webarchive/loading/cache-expired-subresource.html:
* webarchive/loading/mainresource-null-mimetype-crash.html:
* webarchive/loading/missing-data.html:
* webarchive/loading/resources/test-loading-archive-main.webarchive: Copied from LayoutTests/webarchive/loading/test-loading-archive.html.
* webarchive/loading/test-loading-archive-subresource-expected.txt: Added.
* webarchive/loading/test-loading-archive-subresource-null-mimetype.html:
* webarchive/loading/test-loading-archive-subresource.html: Copied from LayoutTests/webarchive/loading/test-loading-archive.html.
* webarchive/loading/test-loading-archive.html:
* webarchive/loading/test-loading-top-archive-expected.txt: Added.
* webarchive/loading/test-loading-top-archive.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@238562 268f45cc-cd09-0410-ab3c-d52691b4dbfc
22 files changed:
LayoutTests/ChangeLog
LayoutTests/platform/mac-wk1/webarchive/loading/test-loading-archive-subresource-expected.txt [new file with mode: 0644]
LayoutTests/platform/mac/fast/loader/webarchive-encoding-respected.html
LayoutTests/webarchive/loading/cache-expired-subresource.html
LayoutTests/webarchive/loading/mainresource-null-mimetype-crash.html
LayoutTests/webarchive/loading/missing-data.html
LayoutTests/webarchive/loading/resources/top.webarchive [new file with mode: 0644]
LayoutTests/webarchive/loading/test-loading-archive-subresource-expected.txt [new file with mode: 0644]
LayoutTests/webarchive/loading/test-loading-archive-subresource-null-mimetype.html
LayoutTests/webarchive/loading/test-loading-archive-subresource.html [new file with mode: 0644]
LayoutTests/webarchive/loading/test-loading-archive.html
LayoutTests/webarchive/loading/test-loading-top-archive-expected.txt [new file with mode: 0644]
LayoutTests/webarchive/loading/test-loading-top-archive.html [new file with mode: 0644]
Source/WebCore/ChangeLog
Source/WebCore/dom/Document.h
Source/WebCore/loader/DocumentLoader.cpp
Source/WebCore/loader/DocumentLoader.h
Source/WebCore/testing/Internals.cpp
Source/WebCore/testing/Internals.h
Source/WebCore/testing/Internals.idl
Source/WebKit/ChangeLog
Source/WebKit/UIProcess/WebPageProxy.cpp