Add WebKit1 SPI for storage blocking preference
authorjpfau@apple.com <jpfau@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Tue, 25 Sep 2012 23:00:25 +0000 (23:00 +0000)
committerjpfau@apple.com <jpfau@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Tue, 25 Sep 2012 23:00:25 +0000 (23:00 +0000)
https://bugs.webkit.org/show_bug.cgi?id=97356

Reviewed by Brady Eidson.

Source/WebKit/mac:

* WebView/WebPreferenceKeysPrivate.h:
* WebView/WebPreferences.mm:
(+[WebPreferences initialize]):
(-[WebPreferences setStorageBlockingPolicy:]):
(-[WebPreferences storageBlockingPolicy]):
* WebView/WebPreferencesPrivate.h:
* WebView/WebView.mm:
(-[WebView _preferencesChanged:]):

LayoutTests:

* http/tests/security/cross-origin-local-storage-wk1-expected.txt: Added.
* http/tests/security/cross-origin-local-storage-wk1.html: Added.
* platform/chromium/TestExpectations: Test currently fails on Chromium.
* platform/mac-wk2/http/tests/security/cross-origin-local-storage-wk1-expected.txt: Added.
* platform/mac/http/tests/security/cross-origin-local-storage-wk1-expected.txt: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@129567 268f45cc-cd09-0410-ab3c-d52691b4dbfc

LayoutTests/ChangeLog
LayoutTests/http/tests/security/cross-origin-local-storage-wk1-expected.txt [new file with mode: 0644]
LayoutTests/http/tests/security/cross-origin-local-storage-wk1.html [new file with mode: 0644]
LayoutTests/platform/chromium/TestExpectations
LayoutTests/platform/mac-wk2/http/tests/security/cross-origin-local-storage-wk1-expected.txt [new file with mode: 0644]
LayoutTests/platform/mac/http/tests/security/cross-origin-local-storage-wk1-expected.txt [new file with mode: 0644]
Source/WebKit/mac/ChangeLog
Source/WebKit/mac/WebView/WebPreferenceKeysPrivate.h
Source/WebKit/mac/WebView/WebPreferences.mm
Source/WebKit/mac/WebView/WebPreferencesPrivate.h
Source/WebKit/mac/WebView/WebView.mm

index c8c56ea..7604e95 100644 (file)
@@ -1,3 +1,16 @@
+2012-09-24  Jeffrey Pfau  <jpfau@apple.com>
+
+        Add WebKit1 SPI for storage blocking preference
+        https://bugs.webkit.org/show_bug.cgi?id=97356
+
+        Reviewed by Brady Eidson.
+
+        * http/tests/security/cross-origin-local-storage-wk1-expected.txt: Added.
+        * http/tests/security/cross-origin-local-storage-wk1.html: Added.
+        * platform/chromium/TestExpectations: Test currently fails on Chromium.
+        * platform/mac-wk2/http/tests/security/cross-origin-local-storage-wk1-expected.txt: Added.
+        * platform/mac/http/tests/security/cross-origin-local-storage-wk1-expected.txt: Added.
+
 2012-09-25  Beth Dakin  <bdakin@apple.com>
 
         Moving this test which was added with
diff --git a/LayoutTests/http/tests/security/cross-origin-local-storage-wk1-expected.txt b/LayoutTests/http/tests/security/cross-origin-local-storage-wk1-expected.txt
new file mode 100644 (file)
index 0000000..407fba4
--- /dev/null
@@ -0,0 +1,16 @@
+This iframe should return a security error:
+
+
+This iframe should not return any errors:
+
+
+
+--------
+Frame: '<!--framePath //<!--frame0-->-->'
+--------
+No exception
+
+--------
+Frame: '<!--framePath //<!--frame1-->-->'
+--------
+No exception
diff --git a/LayoutTests/http/tests/security/cross-origin-local-storage-wk1.html b/LayoutTests/http/tests/security/cross-origin-local-storage-wk1.html
new file mode 100644 (file)
index 0000000..7c52e97
--- /dev/null
@@ -0,0 +1,24 @@
+<html>
+<head>
+<script>
+var frames = 2;
+if (window.testRunner) {
+       testRunner.dumpAsText();
+       testRunner.dumpChildFramesAsText();
+       testRunner.overridePreference('WebKitStorageBlockingPolicy', 1);
+}
+
+function decrement() {
+       --frames;
+       if (!frames && window.testRunner)
+               testRunner.overridePreference('WebKitStorageBlockingPolicy', 0);
+}
+</script>
+</head>
+<body>
+<p>This iframe should return a security error:</p>
+<iframe src="http://localhost:8000/security/resources/cross-origin-iframe-for-local-storage.html" onload="decrement()"></iframe>
+<p>This iframe should not return any errors:</p>
+<iframe src="http://127.0.0.1:8000/security/resources/cross-origin-iframe-for-local-storage.html" onload="decrement()"></iframe>
+</body>
+</html>
index 94ad607..6954ed5 100644 (file)
@@ -3562,6 +3562,9 @@ webkit.org/b/97179 http/tests/css/link-css-disabled-value-with-slow-loading-shee
 # The test should pass after harfbuzz transition.
 webkit.org/b/97296 [ Linux Win ] fast/text/international/hebrew-selection.html [ ImageOnlyFailure ]
 
+# Expected to fail until storage blocking settings have a WebKit1 API in Chromium.
+webkit.org/b/97491 http/tests/security/cross-origin-local-storage-wk1.html [ Failure Pass ]
+
 # Expected to fail until WebGL extension implementation lands
 webkit.org/b/96961 fast/canvas/webgl/oes-vertex-array-object.html [ Failure Pass ]
 webkit.org/b/96961 platform/chromium/virtual/gpu/fast/canvas/webgl/oes-vertex-array-object.html [ Failure Pass ]
diff --git a/LayoutTests/platform/mac-wk2/http/tests/security/cross-origin-local-storage-wk1-expected.txt b/LayoutTests/platform/mac-wk2/http/tests/security/cross-origin-local-storage-wk1-expected.txt
new file mode 100644 (file)
index 0000000..407fba4
--- /dev/null
@@ -0,0 +1,16 @@
+This iframe should return a security error:
+
+
+This iframe should not return any errors:
+
+
+
+--------
+Frame: '<!--framePath //<!--frame0-->-->'
+--------
+No exception
+
+--------
+Frame: '<!--framePath //<!--frame1-->-->'
+--------
+No exception
diff --git a/LayoutTests/platform/mac/http/tests/security/cross-origin-local-storage-wk1-expected.txt b/LayoutTests/platform/mac/http/tests/security/cross-origin-local-storage-wk1-expected.txt
new file mode 100644 (file)
index 0000000..fa7bc1c
--- /dev/null
@@ -0,0 +1,16 @@
+This iframe should return a security error:
+
+
+This iframe should not return any errors:
+
+
+
+--------
+Frame: '<!--framePath //<!--frame0-->-->'
+--------
+SECURITY_ERR
+
+--------
+Frame: '<!--framePath //<!--frame1-->-->'
+--------
+No exception
index 141896a..c999c59 100644 (file)
@@ -1,3 +1,19 @@
+2012-09-21  Jeffrey Pfau  <jpfau@apple.com>
+
+        Add WebKit1 SPI for storage blocking preference
+        https://bugs.webkit.org/show_bug.cgi?id=97356
+
+        Reviewed by Brady Eidson.
+
+        * WebView/WebPreferenceKeysPrivate.h:
+        * WebView/WebPreferences.mm:
+        (+[WebPreferences initialize]):
+        (-[WebPreferences setStorageBlockingPolicy:]):
+        (-[WebPreferences storageBlockingPolicy]):
+        * WebView/WebPreferencesPrivate.h:
+        * WebView/WebView.mm:
+        (-[WebView _preferencesChanged:]):
+
 2012-09-24  Simon Fraser  <simon.fraser@apple.com>
 
         <rdar://problem/12351906> Have DumpRenderTree and WebKitTestRunner crash logs show which test crashed
index 847956d..cb798b3 100644 (file)
 #define WebKitRequestAnimationFrameEnabledPreferenceKey @"WebKitRequestAnimationFrameEnabled"
 #define WebKitDiagnosticLoggingEnabledKey @"WebKitDiagnosticLoggingEnabled"
 #define WebKitScreenFontSubstitutionEnabledKey @"WebKitScreenFontSubstitutionEnabled"
+#define WebKitStorageBlockingPolicyKey @"WebKitStorageBlockingPolicy"
 
 // These are private both because callers should be using the cover methods and because the
 // cover methods themselves are private.
index 8c2ea6a..2f5c135 100644 (file)
@@ -400,6 +400,7 @@ public:
         [NSNumber numberWithBool:NO],   WebKitWantsBalancedSetDefersLoadingBehaviorKey,
         [NSNumber numberWithBool:NO],   WebKitDiagnosticLoggingEnabledKey,
         [NSNumber numberWithBool:YES],  WebKitScreenFontSubstitutionEnabledKey,
+        [NSNumber numberWithInt:WebAllowAllStorage], WebKitStorageBlockingPolicyKey,
 
         [NSNumber numberWithLongLong:ApplicationCacheStorage::noQuota()], WebKitApplicationCacheTotalQuota,
         [NSNumber numberWithLongLong:ApplicationCacheStorage::noQuota()], WebKitApplicationCacheDefaultOriginQuota,
@@ -1750,6 +1751,16 @@ static NSString *classIBCreatorID = nil;
     [self _setBoolValue:enabled forKey:WebKitScreenFontSubstitutionEnabledKey];
 }
 
+- (void)setStorageBlockingPolicy:(WebStorageBlockingPolicy)storageBlockingPolicy
+{
+    [self _setIntegerValue:storageBlockingPolicy forKey:WebKitStorageBlockingPolicyKey];
+}
+
+- (WebStorageBlockingPolicy)storageBlockingPolicy
+{
+    return static_cast<WebStorageBlockingPolicy>([self _integerValueForKey:WebKitStorageBlockingPolicyKey]);
+}
+
 @end
 
 @implementation WebPreferences (WebInternal)
index 1f362fe..3901717 100644 (file)
@@ -43,6 +43,12 @@ typedef enum {
     WebTextDirectionSubmenuAlwaysIncluded
 } WebTextDirectionSubmenuInclusionBehavior;
 
+typedef enum {
+    WebAllowAllStorage = 0,
+    WebBlockThirdPartyStorage,
+    WebBlockAllStorage
+} WebStorageBlockingPolicy;
+
 extern NSString *WebPreferencesChangedNotification;
 extern NSString *WebPreferencesRemovedNotification;
 extern NSString *WebPreferencesChangedInternalNotification;
@@ -308,4 +314,7 @@ extern NSString *WebPreferencesCacheModelChangedInternalNotification;
 - (BOOL)screenFontSubstitutionEnabled;
 - (void)setScreenFontSubstitutionEnabled:(BOOL)enabled;
 
+- (void)setStorageBlockingPolicy:(WebStorageBlockingPolicy)storageBlockingPolicy;
+- (WebStorageBlockingPolicy)storageBlockingPolicy;
+
 @end
index 4804640..89afd59 100644 (file)
@@ -1563,6 +1563,18 @@ static bool needsSelfRetainWhileLoadingQuirk()
     settings->setNeedsDidFinishLoadOrderQuirk(needsDidFinishLoadOrderQuirk());
     settings->setDiagnosticLoggingEnabled([preferences diagnosticLoggingEnabled]);
 
+    switch ([preferences storageBlockingPolicy]) {
+    case WebAllowAllStorage:
+        settings->setStorageBlockingPolicy(SecurityOrigin::AllowAllStorage);
+        break;
+    case WebBlockThirdPartyStorage:
+        settings->setStorageBlockingPolicy(SecurityOrigin::BlockThirdPartyStorage);
+        break;
+    case WebBlockAllStorage:
+        settings->setStorageBlockingPolicy(SecurityOrigin::BlockAllStorage);
+        break;
+    }
+
     // We have enabled this setting in WebKit2 for the sake of some ScrollingCoordinator work.
     // To avoid possible rendering differences, we should enable it for WebKit1 too.
     settings->setFixedPositionCreatesStackingContext(true);