Changing default website policies shouldn't change default website policies in subseq...
authorwenson_hsieh@apple.com <wenson_hsieh@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Thu, 4 Apr 2019 21:56:38 +0000 (21:56 +0000)
committerwenson_hsieh@apple.com <wenson_hsieh@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Thu, 4 Apr 2019 21:56:38 +0000 (21:56 +0000)
https://bugs.webkit.org/show_bug.cgi?id=196562
<rdar://problem/49573377>

Reviewed by Tim Horton.

Currently, changing the default WKWebpagePreferences object when deciding navigation policy causes the set of
default policies to change in subsequent navigations. Among other things, this prevents clients from passing
a modified version of the default website policies into the decision handler without impacting future
navigations. To fix this, teach API::WebsitePolicies to make a copy of itself, and then use this to pass a copy
of the default website policies to the navigation delegate when deciding navigation policies.

Test: DoNotAllowChangingDefaultWebpagePreferencesInDelegateMethod

* UIProcess/API/APIWebsitePolicies.cpp:
(API::WebsitePolicies::copy const):

Add a helper method to copy a set of website policies.

* UIProcess/API/APIWebsitePolicies.h:
* UIProcess/Cocoa/NavigationState.mm:
(WebKit::NavigationState::NavigationClient::decidePolicyForNavigationAction):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@243909 268f45cc-cd09-0410-ab3c-d52691b4dbfc

Source/WebKit/ChangeLog
Source/WebKit/UIProcess/API/APIWebsitePolicies.cpp
Source/WebKit/UIProcess/API/APIWebsitePolicies.h
Source/WebKit/UIProcess/Cocoa/NavigationState.mm

index 07cddea..503e728 100644 (file)
@@ -1,3 +1,28 @@
+2019-04-04  Wenson Hsieh  <wenson_hsieh@apple.com>
+
+        Changing default website policies shouldn't change default website policies in subsequent navigations
+        https://bugs.webkit.org/show_bug.cgi?id=196562
+        <rdar://problem/49573377>
+
+        Reviewed by Tim Horton.
+
+        Currently, changing the default WKWebpagePreferences object when deciding navigation policy causes the set of
+        default policies to change in subsequent navigations. Among other things, this prevents clients from passing
+        a modified version of the default website policies into the decision handler without impacting future
+        navigations. To fix this, teach API::WebsitePolicies to make a copy of itself, and then use this to pass a copy
+        of the default website policies to the navigation delegate when deciding navigation policies.
+
+        Test: DoNotAllowChangingDefaultWebpagePreferencesInDelegateMethod
+
+        * UIProcess/API/APIWebsitePolicies.cpp:
+        (API::WebsitePolicies::copy const):
+
+        Add a helper method to copy a set of website policies.
+
+        * UIProcess/API/APIWebsitePolicies.h:
+        * UIProcess/Cocoa/NavigationState.mm:
+        (WebKit::NavigationState::NavigationClient::decidePolicyForNavigationAction):
+
 2019-04-04  Michael Catanzaro  <mcatanzaro@igalia.com>
 
         Unreviewed, fix -Wreturn-type warning
index 723309b..b897469 100644 (file)
@@ -42,6 +42,28 @@ WebsitePolicies::WebsitePolicies(bool contentBlockersEnabled, OptionSet<WebKit::
     , m_websiteDataStore(WTFMove(websiteDataStore))
 { }
 
+Ref<WebsitePolicies> WebsitePolicies::copy() const
+{
+    auto policies = WebsitePolicies::create();
+    policies->setContentBlockersEnabled(m_contentBlockersEnabled);
+    policies->setAllowedAutoplayQuirks(m_allowedAutoplayQuirks);
+    policies->setAutoplayPolicy(m_autoplayPolicy);
+    policies->setDeviceOrientationAndMotionAccessState(m_deviceOrientationAndMotionAccessState);
+    policies->setPopUpPolicy(m_popUpPolicy);
+    policies->setWebsiteDataStore(m_websiteDataStore.get());
+    policies->setCustomUserAgent(m_customUserAgent);
+    policies->setCustomJavaScriptUserAgentAsSiteSpecificQuirks(m_customJavaScriptUserAgentAsSiteSpecificQuirks);
+    policies->setCustomNavigatorPlatform(m_customNavigatorPlatform);
+    policies->setPreferredCompatibilityMode(m_preferredCompatibilityMode);
+    policies->setMetaViewportPolicy(m_metaViewportPolicy);
+    Vector<WebCore::HTTPHeaderField> customHeaderFields;
+    customHeaderFields.reserveInitialCapacity(m_customHeaderFields.size());
+    for (auto& field : m_customHeaderFields)
+        customHeaderFields.append(WebCore::HTTPHeaderField(field));
+    policies->setCustomHeaderFields(WTFMove(customHeaderFields));
+    return policies;
+}
+
 WebsitePolicies::~WebsitePolicies()
 {
 }
index cd51bad..2ac80e4 100644 (file)
@@ -49,6 +49,8 @@ public:
     WebsitePolicies();
     ~WebsitePolicies();
 
+    Ref<WebsitePolicies> copy() const;
+
     bool contentBlockersEnabled() const { return m_contentBlockersEnabled; }
     void setContentBlockersEnabled(bool enabled) { m_contentBlockersEnabled = enabled; }
     
index d912ca2..bff649f 100644 (file)
@@ -510,7 +510,10 @@ static void tryInterceptNavigation(Ref<API::NavigationAction>&& navigationAction
 void NavigationState::NavigationClient::decidePolicyForNavigationAction(WebPageProxy& webPageProxy, Ref<API::NavigationAction>&& navigationAction, Ref<WebFramePolicyListenerProxy>&& listener, API::Object* userInfo)
 {
     bool subframeNavigation = navigationAction->targetFrame() && !navigationAction->targetFrame()->isMainFrame();
-    auto defaultWebsitePolicies = makeRefPtr(webPageProxy.configuration().defaultWebsitePolicies());
+
+    RefPtr<API::WebsitePolicies> defaultWebsitePolicies;
+    if (auto* policies = webPageProxy.configuration().defaultWebsitePolicies())
+        defaultWebsitePolicies = policies->copy();
 
     if (!m_navigationState.m_navigationDelegateMethods.webViewDecidePolicyForNavigationActionDecisionHandler
         && !m_navigationState.m_navigationDelegateMethods.webViewDecidePolicyForNavigationActionWithPreferencesDecisionHandler