Disable access to secure cookies if an HTTPS site loads mixed content (Part 2: Header...
authorbfulgham@apple.com <bfulgham@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Mon, 28 Aug 2017 22:08:34 +0000 (22:08 +0000)
committerbfulgham@apple.com <bfulgham@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Mon, 28 Aug 2017 22:08:34 +0000 (22:08 +0000)
https://bugs.webkit.org/show_bug.cgi?id=175992
<rdar://problem/34086613>

Reviewed by Daniel Bates.

Source/WebCore:

The original work in Bug 157053 did not properly handle the case of websockets. This patch completes
the changes to secure cookie handling to make sure websockets are also protected.

Tests: http/tests/websocket/tests/hybi/secure-cookie-insecure-connection.pl
       http/tests/websocket/tests/hybi/secure-cookie-secure-connection.pl

* Modules/websockets/WebSocketChannel.cpp:
(WebCore::WebSocketChannel::clientHandshakeRequest): Remove 'const' declaration so we can work with
a mutable Document object. This allows us to mark the Document as having accessed secure cookies.
(WebCore::WebSocketChannel::clientHandshakeRequest const): Deleted.
* Modules/websockets/WebSocketChannel.h:
* Modules/websockets/WebSocketHandshake.cpp:
(WebCore::WebSocketHandshake::clientHandshakeMessage): Ditto.
(WebCore::WebSocketHandshake::clientHandshakeRequest): Ditto.
(WebCore::WebSocketHandshake::clientHandshakeMessage const): Deleted.
(WebCore::WebSocketHandshake::clientHandshakeRequest const): Deleted.
* Modules/websockets/WebSocketHandshake.h:
* loader/CookieJar.cpp:
(WebCore::cookies): Small naming cleanup.
(WebCore::cookieRequestHeaderFieldValue): Pass a flag indicating whether secure cookies should be
included in the result or not. Set the document flag indicating secure cookies were accessed (if
they were), and return the resulting cookie string.
* loader/CookieJar.h:
* platform/CookiesStrategy.h:
* platform/network/CacheValidation.cpp:
(WebCore::headerValueForVary): Revise to pass a flag indicating whether secure cookies should be included
or not.
* platform/network/PlatformCookieJar.h:
* platform/network/cf/CookieJarCFNet.cpp:
(WebCore::doesContainSecureCookies): Added helper method.
(WebCore::cookiesForDOM): Revise to use new helper function.
(WebCore::cookieRequestHeaderFieldValue): Revise to accept a flag indicating if secure cookies should
be included in the result. Return a pair consisting of the cookie string, and a flag indicating whether
secure cookies were accessed or not.
* platform/network/curl/CookieJarCurl.cpp:
(WebCore::CookieJarCurlFileSystem::cookieRequestHeaderFieldValue): Ditto.
(WebCore::cookieRequestHeaderFieldValue): Ditto.
* platform/network/curl/CookieJarCurl.h:
* platform/network/mac/CookieJarMac.mm:
(WebCore::cookiesForSession): Ditto.
(WebCore::cookiesForDOM): Update for new 'cookiesForSession' signature.
(WebCore::cookieRequestHeaderFieldValue): Ditto.
* platform/network/soup/CookieJarSoup.cpp:
(WebCore::cookieRequestHeaderFieldValue): Revise to accept a flag indicating if secure cookies should
be included in the result. Return a pair consisting of the cookie string, and a flag indicating whether
secure cookies were accessed or not.

Source/WebKit:

* NetworkProcess/NetworkConnectionToWebProcess.cpp:
(WebKit::NetworkConnectionToWebProcess::cookiesForDOM): Use a better label than 'result'.
(WebKit::NetworkConnectionToWebProcess::cookieRequestHeaderFieldValue): Modify to accept a flag
indicating if secure cookies should be included, and return a pair containing the resulting
cookie string and a boolean indicating if secure cookies were accessed.
* NetworkProcess/NetworkConnectionToWebProcess.h:
* NetworkProcess/NetworkConnectionToWebProcess.messages.in: Ditto.
* Shared/mac/CookieStorageShim.mm:
(WebKit::webKitCookieStorageCopyRequestHeaderFieldsForURL): Ditto.
* WebProcess/WebCoreSupport/WebPlatformStrategies.cpp:
(WebKit::WebPlatformStrategies::cookieRequestHeaderFieldValue): Ditto.
* WebProcess/WebCoreSupport/WebPlatformStrategies.h:

Source/WebKitLegacy/mac:

* WebCoreSupport/WebPlatformStrategies.h:
* WebCoreSupport/WebPlatformStrategies.mm:
(WebPlatformStrategies::cookieRequestHeaderFieldValue): Modify to accept a flag indicating if secure
cookies should be included, and return a pair containing the resulting cookie string and a boolean
indicating if secure cookies were accessed.

LayoutTests:

* http/tests/websocket/tests/hybi/secure-cookie-insecure-connection-expected.txt: Added.
* http/tests/websocket/tests/hybi/secure-cookie-insecure-connection.pl: Added.
* http/tests/websocket/tests/hybi/secure-cookie-secure-connection-expected.txt: Added.
* http/tests/websocket/tests/hybi/secure-cookie-secure-connection.pl: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@221275 268f45cc-cd09-0410-ab3c-d52691b4dbfc

30 files changed:
LayoutTests/ChangeLog
LayoutTests/http/tests/websocket/tests/hybi/secure-cookie-insecure-connection-expected.txt [new file with mode: 0644]
LayoutTests/http/tests/websocket/tests/hybi/secure-cookie-insecure-connection.pl [new file with mode: 0755]
LayoutTests/http/tests/websocket/tests/hybi/secure-cookie-secure-connection-expected.txt [new file with mode: 0644]
LayoutTests/http/tests/websocket/tests/hybi/secure-cookie-secure-connection.pl [new file with mode: 0755]
Source/WebCore/ChangeLog
Source/WebCore/Modules/websockets/WebSocketChannel.cpp
Source/WebCore/Modules/websockets/WebSocketChannel.h
Source/WebCore/Modules/websockets/WebSocketHandshake.cpp
Source/WebCore/Modules/websockets/WebSocketHandshake.h
Source/WebCore/loader/CookieJar.cpp
Source/WebCore/loader/CookieJar.h
Source/WebCore/platform/CookiesStrategy.h
Source/WebCore/platform/network/CacheValidation.cpp
Source/WebCore/platform/network/PlatformCookieJar.h
Source/WebCore/platform/network/cf/CookieJarCFNet.cpp
Source/WebCore/platform/network/curl/CookieJarCurl.cpp
Source/WebCore/platform/network/curl/CookieJarCurl.h
Source/WebCore/platform/network/mac/CookieJarMac.mm
Source/WebCore/platform/network/soup/CookieJarSoup.cpp
Source/WebKit/ChangeLog
Source/WebKit/NetworkProcess/NetworkConnectionToWebProcess.cpp
Source/WebKit/NetworkProcess/NetworkConnectionToWebProcess.h
Source/WebKit/NetworkProcess/NetworkConnectionToWebProcess.messages.in
Source/WebKit/Shared/mac/CookieStorageShim.mm
Source/WebKit/WebProcess/WebCoreSupport/WebPlatformStrategies.cpp
Source/WebKit/WebProcess/WebCoreSupport/WebPlatformStrategies.h
Source/WebKitLegacy/mac/ChangeLog
Source/WebKitLegacy/mac/WebCoreSupport/WebPlatformStrategies.h
Source/WebKitLegacy/mac/WebCoreSupport/WebPlatformStrategies.mm

index af650c3..4d66ddf 100644 (file)
@@ -1,3 +1,16 @@
+2017-08-28  Brent Fulgham  <bfulgham@apple.com>
+
+        Disable access to secure cookies if an HTTPS site loads mixed content (Part 2: Header Requests)
+        https://bugs.webkit.org/show_bug.cgi?id=175992
+        <rdar://problem/34086613>
+
+        Reviewed by Daniel Bates.
+
+        * http/tests/websocket/tests/hybi/secure-cookie-insecure-connection-expected.txt: Added.
+        * http/tests/websocket/tests/hybi/secure-cookie-insecure-connection.pl: Added.
+        * http/tests/websocket/tests/hybi/secure-cookie-secure-connection-expected.txt: Added.
+        * http/tests/websocket/tests/hybi/secure-cookie-secure-connection.pl: Added.
+
 2017-08-28  Ryan Haddad  <ryanhaddad@apple.com>
 
         Unreviewed, remove duplicated TestExpectation entry.
diff --git a/LayoutTests/http/tests/websocket/tests/hybi/secure-cookie-insecure-connection-expected.txt b/LayoutTests/http/tests/websocket/tests/hybi/secure-cookie-insecure-connection-expected.txt
new file mode 100644 (file)
index 0000000..59bbdc8
--- /dev/null
@@ -0,0 +1,11 @@
+Test WebSocket does not send Secure cookies over an insecure connection.
+
+On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".
+
+WebSocket open
+WebSocket closed
+PASS cookie is "WK-websocket-test=1"
+PASS successfullyParsed is true
+
+TEST COMPLETE
+
diff --git a/LayoutTests/http/tests/websocket/tests/hybi/secure-cookie-insecure-connection.pl b/LayoutTests/http/tests/websocket/tests/hybi/secure-cookie-insecure-connection.pl
new file mode 100755 (executable)
index 0000000..aed80a3
--- /dev/null
@@ -0,0 +1,65 @@
+#!/usr/bin/perl -wT
+use strict;
+
+if ($ENV{"QUERY_STRING"} eq "clear=1") {
+    print "Content-Type: text/plain\r\n";
+    print "Set-Cookie: WK-websocket-test=0; Max-Age=-1\r\n";
+    print "Set-Cookie: WK-websocket-test-secure=0; Secure; Max-Age=-1\r\n";
+    print "\r\n";
+    print "Cookies are cleared.";
+    exit;
+}
+
+print "Content-Type: text/html\r\n";
+print "Set-Cookie: WK-websocket-test=1\r\n";
+print "Set-Cookie: WK-websocket-test-secure=1; Secure\r\n";
+print "\r\n";
+print <<HTML
+<html>
+<head>
+<script src="../../../../js-test-resources/js-test-pre.js"></script>
+</head>
+<body>
+<p>Test WebSocket does not send Secure cookies over an insecure connection.</p>
+<p>On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".</p>
+<div id="console"></div>
+<script>
+window.jsTestIsAsync = true;
+
+var cookie;
+
+// Normalize a cookie string
+function normalizeCookie(cookie)
+{
+    // Split the cookie string, sort it and then put it back together.
+    return cookie.split('; ').sort().join('; ');
+}
+
+function clearCookies()
+{
+    var xhr = new XMLHttpRequest();
+    xhr.open("GET", "secure-cookie-insecure-connection.pl?clear=1", false);
+    xhr.send(null);
+}
+
+var ws = new WebSocket("ws://127.0.0.1:8880/websocket/tests/hybi/echo-cookie");
+ws.onopen = function() {
+    debug("WebSocket open");
+};
+ws.onmessage = function(evt) {
+    cookie = evt.data;
+    ws.close();
+};
+ws.onclose = function() {
+    debug("WebSocket closed");
+    cookie = normalizeCookie(cookie);
+    shouldBe("cookie", '"WK-websocket-test=1"');
+    clearCookies();
+    finishJSTest();
+};
+
+</script>
+<script src="../../../../js-test-resources/js-test-post.js"></script>
+</body>
+</html>
+HTML
diff --git a/LayoutTests/http/tests/websocket/tests/hybi/secure-cookie-secure-connection-expected.txt b/LayoutTests/http/tests/websocket/tests/hybi/secure-cookie-secure-connection-expected.txt
new file mode 100644 (file)
index 0000000..272f364
--- /dev/null
@@ -0,0 +1,15 @@
+Test WebSocket sends Secure cookies over secure connections.
+
+On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".
+
+Note: mod_pywebsocket does not send secure cookies ('see FIXMEs in mod_pywebsocket code'), so this test is expected to FAIL to return WK-websocket-test-secure=1 until that bug is fixed.
+
+See pywebsocket Bug 150 for details.
+
+WebSocket open
+WebSocket closed
+FAIL cookie should be WK-websocket-test-secure=1; WK-websocket-test=1. Was WK-websocket-test=1.
+PASS successfullyParsed is true
+
+TEST COMPLETE
+
diff --git a/LayoutTests/http/tests/websocket/tests/hybi/secure-cookie-secure-connection.pl b/LayoutTests/http/tests/websocket/tests/hybi/secure-cookie-secure-connection.pl
new file mode 100755 (executable)
index 0000000..1e9454a
--- /dev/null
@@ -0,0 +1,70 @@
+#!/usr/bin/perl -wT
+use strict;
+
+if ($ENV{"QUERY_STRING"} eq "clear=1") {
+    print "Content-Type: text/plain\r\n";
+    print "Set-Cookie: WK-websocket-test=0; Max-Age=-1\r\n";
+    print "Set-Cookie: WK-websocket-test-secure=0; Secure; HttpOnly; Max-Age=-1\r\n";
+    print "\r\n";
+    print "Cookies are cleared.";
+    exit;
+}
+
+print "Content-Type: text/html\r\n";
+print "Set-Cookie: WK-websocket-test=1\r\n";
+print "Set-Cookie: WK-websocket-test-secure=1; Secure; HttpOnly\r\n";
+print "\r\n";
+print <<HTML
+<html>
+<head>
+<script src="../../../../js-test-resources/js-test-pre.js"></script>
+</head>
+<body>
+<p>Test WebSocket sends Secure cookies over secure connections.</p>
+<p>On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".</p>
+<p>Note: mod_pywebsocket does not send secure cookies ('see FIXMEs in mod_pywebsocket code'), so this test is expected to FAIL to return WK-websocket-test-secure=1 until that bug is fixed.</p>
+<p>See <a href="https://github.com/google/pywebsocket/issues/150">pywebsocket Bug 150</a> for details.</p>
+<div id="console"></div>
+<script>
+window.jsTestIsAsync = true;
+
+if (window.testRunner)
+    testRunner.setAllowsAnySSLCertificate(true);
+
+var cookie;
+
+// Normalize a cookie string
+function normalizeCookie(cookie)
+{
+    // Split the cookie string, sort it and then put it back together.
+    return cookie.split('; ').sort().join('; ');
+}
+
+function clearCookies()
+{
+    var xhr = new XMLHttpRequest();
+    xhr.open("GET", "secure-cookie-secure-connection.pl?clear=1", false);
+    xhr.send(null);
+}
+
+var ws = new WebSocket("wss://127.0.0.1:9323/websocket/tests/hybi/echo-cookie");
+ws.onopen = function() {
+    debug("WebSocket open");
+};
+ws.onmessage = function(evt) {
+    cookie = evt.data;
+    ws.close();
+};
+ws.onclose = function() {
+    debug("WebSocket closed");
+    cookie = normalizeCookie(cookie);
+    shouldBe("cookie", '"WK-websocket-test-secure=1; WK-websocket-test=1"');
+    clearCookies();
+    finishJSTest();
+};
+
+</script>
+<script src="../../../../js-test-resources/js-test-post.js"></script>
+</body>
+</html>
+HTML
index 19aa780..d3511fd 100644 (file)
@@ -1,3 +1,58 @@
+2017-08-28  Brent Fulgham  <bfulgham@apple.com>
+
+        Disable access to secure cookies if an HTTPS site loads mixed content (Part 2: Header Requests)
+        https://bugs.webkit.org/show_bug.cgi?id=175992
+        <rdar://problem/34086613>
+
+        Reviewed by Daniel Bates.
+
+        The original work in Bug 157053 did not properly handle the case of websockets. This patch completes
+        the changes to secure cookie handling to make sure websockets are also protected.
+
+        Tests: http/tests/websocket/tests/hybi/secure-cookie-insecure-connection.pl
+               http/tests/websocket/tests/hybi/secure-cookie-secure-connection.pl
+
+        * Modules/websockets/WebSocketChannel.cpp:
+        (WebCore::WebSocketChannel::clientHandshakeRequest): Remove 'const' declaration so we can work with
+        a mutable Document object. This allows us to mark the Document as having accessed secure cookies.
+        (WebCore::WebSocketChannel::clientHandshakeRequest const): Deleted.
+        * Modules/websockets/WebSocketChannel.h:
+        * Modules/websockets/WebSocketHandshake.cpp:
+        (WebCore::WebSocketHandshake::clientHandshakeMessage): Ditto.
+        (WebCore::WebSocketHandshake::clientHandshakeRequest): Ditto.
+        (WebCore::WebSocketHandshake::clientHandshakeMessage const): Deleted.
+        (WebCore::WebSocketHandshake::clientHandshakeRequest const): Deleted.
+        * Modules/websockets/WebSocketHandshake.h:
+        * loader/CookieJar.cpp:
+        (WebCore::cookies): Small naming cleanup.
+        (WebCore::cookieRequestHeaderFieldValue): Pass a flag indicating whether secure cookies should be
+        included in the result or not. Set the document flag indicating secure cookies were accessed (if
+        they were), and return the resulting cookie string.
+        * loader/CookieJar.h:
+        * platform/CookiesStrategy.h:
+        * platform/network/CacheValidation.cpp:
+        (WebCore::headerValueForVary): Revise to pass a flag indicating whether secure cookies should be included
+        or not.
+        * platform/network/PlatformCookieJar.h:
+        * platform/network/cf/CookieJarCFNet.cpp:
+        (WebCore::doesContainSecureCookies): Added helper method.
+        (WebCore::cookiesForDOM): Revise to use new helper function.
+        (WebCore::cookieRequestHeaderFieldValue): Revise to accept a flag indicating if secure cookies should
+        be included in the result. Return a pair consisting of the cookie string, and a flag indicating whether
+        secure cookies were accessed or not.
+        * platform/network/curl/CookieJarCurl.cpp:
+        (WebCore::CookieJarCurlFileSystem::cookieRequestHeaderFieldValue): Ditto.
+        (WebCore::cookieRequestHeaderFieldValue): Ditto.
+        * platform/network/curl/CookieJarCurl.h:
+        * platform/network/mac/CookieJarMac.mm:
+        (WebCore::cookiesForSession): Ditto.
+        (WebCore::cookiesForDOM): Update for new 'cookiesForSession' signature.
+        (WebCore::cookieRequestHeaderFieldValue): Ditto.
+        * platform/network/soup/CookieJarSoup.cpp:
+        (WebCore::cookieRequestHeaderFieldValue): Revise to accept a flag indicating if secure cookies should
+        be included in the result. Return a pair consisting of the cookie string, and a flag indicating whether
+        secure cookies were accessed or not.
+
 2017-08-28  Carlos Alberto Lopez Perez  <clopez@igalia.com>
 
         [GTK] [WPE] Rename EventHandlerGlib to EventHandlerGLib
index 7b51ec3..0cc9e2b 100644 (file)
@@ -828,7 +828,7 @@ void WebSocketChannel::sendFrame(WebSocketFrame::OpCode opCode, const char* data
     m_handle->sendData(frameData.data(), frameData.size(), WTFMove(completionHandler));
 }
 
-ResourceRequest WebSocketChannel::clientHandshakeRequest() const
+ResourceRequest WebSocketChannel::clientHandshakeRequest()
 {
     return m_handshake->clientHandshakeRequest();
 }
index 1e8fdb6..1131ea6 100644 (file)
@@ -116,7 +116,7 @@ public:
     void didFail(int errorCode) override;
 
     unsigned identifier() const { return m_identifier; }
-    ResourceRequest clientHandshakeRequest() const;
+    ResourceRequest clientHandshakeRequest();
     const ResourceResponse& serverHandshakeResponse() const;
     WebSocketHandshake::Mode handshakeMode() const;
 
index cd0c431..15a3b73 100644 (file)
@@ -179,7 +179,7 @@ String WebSocketHandshake::clientLocation() const
     return builder.toString();
 }
 
-CString WebSocketHandshake::clientHandshakeMessage() const
+CString WebSocketHandshake::clientHandshakeMessage()
 {
     // Keep the following consistent with clientHandshakeRequest().
     StringBuilder builder;
@@ -233,7 +233,7 @@ CString WebSocketHandshake::clientHandshakeMessage() const
     return builder.toString().utf8();
 }
 
-ResourceRequest WebSocketHandshake::clientHandshakeRequest() const
+ResourceRequest WebSocketHandshake::clientHandshakeRequest()
 {
     // Keep the following consistent with clientHandshakeMessage().
     ResourceRequest request(m_url);
index fcc8bbc..0b9030e 100644 (file)
@@ -62,8 +62,8 @@ public:
     String clientOrigin() const;
     String clientLocation() const;
 
-    CString clientHandshakeMessage() const;
-    ResourceRequest clientHandshakeRequest() const;
+    CString clientHandshakeMessage();
+    ResourceRequest clientHandshakeRequest();
 
     void reset();
     void clearDocument();
index effec44..6af3f6a 100644 (file)
@@ -58,8 +58,8 @@ String cookies(Document& document, const URL& url)
 {
     TraceScope scope(FetchCookiesStart, FetchCookiesEnd);
 
-    auto includeSecureCookiesOrNot = (url.protocolIs("https") && !document.foundMixedContent()) ? IncludeSecureCookies::Yes : IncludeSecureCookies::No;
-    auto result = platformStrategies()->cookiesStrategy()->cookiesForDOM(storageSession(document), document.firstPartyForCookies(), url, includeSecureCookiesOrNot);
+    auto includeSecureCookies = (url.protocolIs("https") && !document.foundMixedContent()) ? IncludeSecureCookies::Yes : IncludeSecureCookies::No;
+    auto result = platformStrategies()->cookiesStrategy()->cookiesForDOM(storageSession(document), document.firstPartyForCookies(), url, includeSecureCookies);
     if (result.second)
         document.setSecureCookiesAccessed();
 
@@ -76,9 +76,14 @@ bool cookiesEnabled(const Document& document)
     return platformStrategies()->cookiesStrategy()->cookiesEnabled(storageSession(document), document.firstPartyForCookies(), document.cookieURL());
 }
 
-String cookieRequestHeaderFieldValue(const Document& document, const URL& url)
+String cookieRequestHeaderFieldValue(Document& document, const URL& url)
 {
-    return platformStrategies()->cookiesStrategy()->cookieRequestHeaderFieldValue(storageSession(document), document.firstPartyForCookies(), url);
+    auto includeSecureCookies = (url.protocolIs("https") && !document.foundMixedContent()) ? IncludeSecureCookies::Yes : IncludeSecureCookies::No;
+    auto result = platformStrategies()->cookiesStrategy()->cookieRequestHeaderFieldValue(storageSession(document), document.firstPartyForCookies(), url, includeSecureCookies);
+    if (result.second)
+        document.setSecureCookiesAccessed();
+
+    return result.first;
 }
 
 bool getRawCookies(const Document& document, const URL& url, Vector<Cookie>& cookies)
index a9ec14a..128491b 100644 (file)
@@ -42,7 +42,7 @@ WEBCORE_EXPORT String cookies(Document&, const URL&);
 WEBCORE_EXPORT void setCookies(Document&, const URL&, const String& cookieString);
 
 WEBCORE_EXPORT bool cookiesEnabled(const Document&);
-WEBCORE_EXPORT String cookieRequestHeaderFieldValue(const Document&, const URL&);
+WEBCORE_EXPORT String cookieRequestHeaderFieldValue(Document&, const URL&);
 WEBCORE_EXPORT bool getRawCookies(const Document&, const URL&, Vector<Cookie>&);
 WEBCORE_EXPORT void deleteCookie(const Document&, const URL&, const String& cookieName);
 
index 9c2e44c..c24dddc 100644 (file)
@@ -44,8 +44,8 @@ public:
     virtual std::pair<String, bool> cookiesForDOM(const NetworkStorageSession&, const URL& firstParty, const URL&, IncludeSecureCookies) = 0;
     virtual void setCookiesFromDOM(const NetworkStorageSession&, const URL& firstParty, const URL&, const String& cookieString) = 0;
     virtual bool cookiesEnabled(const NetworkStorageSession&, const URL& firstParty, const URL&) = 0;
-    virtual String cookieRequestHeaderFieldValue(const NetworkStorageSession&, const URL& firstParty, const URL&) = 0;
-    virtual String cookieRequestHeaderFieldValue(PAL::SessionID, const URL& firstParty, const URL&) = 0;
+    virtual std::pair<String, bool> cookieRequestHeaderFieldValue(const NetworkStorageSession&, const URL& firstParty, const URL&, IncludeSecureCookies) = 0;
+    virtual std::pair<String, bool> cookieRequestHeaderFieldValue(PAL::SessionID, const URL& firstParty, const URL&, IncludeSecureCookies) = 0;
     virtual bool getRawCookies(const NetworkStorageSession&, const URL& firstParty, const URL&, Vector<Cookie>&) = 0;
     virtual void deleteCookie(const NetworkStorageSession&, const URL&, const String& cookieName) = 0;
 
index 22b8333..7b223e7 100644 (file)
@@ -1,5 +1,5 @@
 /*
- * Copyright (C) 2014-2016 Apple Inc. All rights reserved.
+ * Copyright (C) 2014-2017 Apple Inc. All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -346,12 +346,13 @@ static String headerValueForVary(const ResourceRequest& request, const String& h
     // We could fetch the cookie when making the request but that seems overkill as the case is very rare and it
     // is a blocking operation. This should be sufficient to cover reasonable cases.
     if (headerName == httpHeaderNameString(HTTPHeaderName::Cookie)) {
+        auto includeSecureCookies = request.url().protocolIs("https") ? IncludeSecureCookies::Yes : IncludeSecureCookies::No;
         auto* cookieStrategy = platformStrategies() ? platformStrategies()->cookiesStrategy() : nullptr;
         if (!cookieStrategy) {
             ASSERT(sessionID == PAL::SessionID::defaultSessionID());
-            return cookieRequestHeaderFieldValue(NetworkStorageSession::defaultStorageSession(), request.firstPartyForCookies(), request.url());
+            return cookieRequestHeaderFieldValue(NetworkStorageSession::defaultStorageSession(), request.firstPartyForCookies(), request.url(), includeSecureCookies).first;
         }
-        return cookieStrategy->cookieRequestHeaderFieldValue(sessionID, request.firstPartyForCookies(), request.url());
+        return cookieStrategy->cookieRequestHeaderFieldValue(sessionID, request.firstPartyForCookies(), request.url(), includeSecureCookies).first;
     }
     return request.httpHeaderField(headerName);
 }
index d9da61f..e8ce508 100644 (file)
@@ -45,7 +45,7 @@ enum class IncludeSecureCookies;
 WEBCORE_EXPORT std::pair<String, bool> cookiesForDOM(const NetworkStorageSession&, const URL& firstParty, const URL&, IncludeSecureCookies);
 WEBCORE_EXPORT void setCookiesFromDOM(const NetworkStorageSession&, const URL& firstParty, const URL&, const String&);
 WEBCORE_EXPORT bool cookiesEnabled(const NetworkStorageSession&, const URL& firstParty, const URL&);
-WEBCORE_EXPORT String cookieRequestHeaderFieldValue(const NetworkStorageSession&, const URL& firstParty, const URL&);
+WEBCORE_EXPORT std::pair<String, bool> cookieRequestHeaderFieldValue(const NetworkStorageSession&, const URL& firstParty, const URL&, IncludeSecureCookies);
 WEBCORE_EXPORT bool getRawCookies(const NetworkStorageSession&, const URL& firstParty, const URL&, Vector<Cookie>&);
 WEBCORE_EXPORT void deleteCookie(const NetworkStorageSession&, const URL&, const String&);
 WEBCORE_EXPORT void getHostnamesWithCookies(const NetworkStorageSession&, HashSet<String>& hostnames);
index fe3e781..9576a78 100644 (file)
@@ -168,34 +168,39 @@ void setCookiesFromDOM(const NetworkStorageSession& session, const URL& firstPar
     CFHTTPCookieStorageSetCookies(session.cookieStorage().get(), filterCookies(unfilteredCookies.get()).get(), urlCF.get(), firstPartyForCookiesCF.get());
 }
 
+static bool containsSecureCookies(CFArrayRef cookies)
+{
+    CFIndex cookieCount = CFArrayGetCount(cookies);
+    while (cookieCount--) {
+        if (CFHTTPCookieIsSecure(checked_cf_cast<CFHTTPCookieRef>(CFArrayGetValueAtIndex(cookies, cookieCount))))
+            return true;
+    }
+
+    return false;
+}
+
 std::pair<String, bool> cookiesForDOM(const NetworkStorageSession& session, const URL& firstParty, const URL& url, IncludeSecureCookies includeSecureCookies)
 {
     RetainPtr<CFArrayRef> cookiesCF = copyCookiesForURLWithFirstPartyURL(session, firstParty, url, includeSecureCookies);
 
     auto filteredCookies = filterCookies(cookiesCF.get());
 
-    bool didAccessSecureCookies = false;
-
-    CFIndex cookieCount = CFArrayGetCount(filteredCookies.get());
-    while (cookieCount--) {
-        if (CFHTTPCookieIsSecure(checked_cf_cast<CFHTTPCookieRef>(CFArrayGetValueAtIndex(filteredCookies.get(), cookieCount)))) {
-            didAccessSecureCookies = true;
-            break;
-        }
-    }
+    bool didAccessSecureCookies = containsSecureCookies(filteredCookies.get());
 
     RetainPtr<CFDictionaryRef> headerCF = adoptCF(CFHTTPCookieCopyRequestHeaderFields(kCFAllocatorDefault, filteredCookies.get()));
     String cookieString = checked_cf_cast<CFStringRef>(CFDictionaryGetValue(headerCF.get(), s_cookieCF));
     return { cookieString, didAccessSecureCookies };
 }
 
-String cookieRequestHeaderFieldValue(const NetworkStorageSession& session, const URL& firstParty, const URL& url)
+std::pair<String, bool> cookieRequestHeaderFieldValue(const NetworkStorageSession& session, const URL& firstParty, const URL& url, IncludeSecureCookies includeSecureCookies)
 {
-    auto includeSecureCookies = url.protocolIs("https") ? IncludeSecureCookies::Yes : IncludeSecureCookies::No;
-
     RetainPtr<CFArrayRef> cookiesCF = copyCookiesForURLWithFirstPartyURL(session, firstParty, url, includeSecureCookies);
+
+    bool didAccessSecureCookies = containsSecureCookies(cookiesCF.get());
+
     RetainPtr<CFDictionaryRef> headerCF = adoptCF(CFHTTPCookieCopyRequestHeaderFields(kCFAllocatorDefault, cookiesCF.get()));
-    return checked_cf_cast<CFStringRef>(CFDictionaryGetValue(headerCF.get(), s_cookieCF));
+    String cookieString = checked_cf_cast<CFStringRef>(CFDictionaryGetValue(headerCF.get(), s_cookieCF));
+    return { cookieString, didAccessSecureCookies };
 }
 
 bool cookiesEnabled(const NetworkStorageSession& session, const URL& /*firstParty*/, const URL& /*url*/)
index 791fdcd..5951677 100644 (file)
@@ -293,9 +293,10 @@ std::pair<String, bool> CookieJarCurlFileSystem::cookiesForDOM(const NetworkStor
     return { cookiesForSession(session, firstParty, url, false), false };
 }
 
-String CookieJarCurlFileSystem::cookieRequestHeaderFieldValue(const NetworkStorageSession& session, const URL& firstParty, const URL& url)
+std::pair<String, bool> CookieJarCurlFileSystem::cookieRequestHeaderFieldValue(const NetworkStorageSession& session, const URL& firstParty, const URL& url, IncludeSecureCookies)
 {
-    return cookiesForSession(session, firstParty, url, true);
+    // FIXME: This should filter secure cookies out if the caller requests it.
+    return { cookiesForSession(session, firstParty, url, true), false };
 }
 
 bool CookieJarCurlFileSystem::cookiesEnabled(const NetworkStorageSession&, const URL& firstParty, const URL&)
@@ -347,9 +348,9 @@ void setCookiesFromDOM(const NetworkStorageSession& session, const URL& firstPar
     CurlContext::singleton().cookieJar().setCookiesFromDOM(session, firstParty, url, value);
 }
 
-String cookieRequestHeaderFieldValue(const NetworkStorageSession& session, const URL& firstParty, const URL& url)
+std::pair<String, bool> cookieRequestHeaderFieldValue(const NetworkStorageSession& session, const URL& firstParty, const URL& url, IncludeSecureCookies includeSecureCookies)
 {
-    return CurlContext::singleton().cookieJar().cookieRequestHeaderFieldValue(session, firstParty, url);
+    return CurlContext::singleton().cookieJar().cookieRequestHeaderFieldValue(session, firstParty, url, includeSecureCookies);
 }
 
 bool cookiesEnabled(const NetworkStorageSession& session, const URL& firstParty, const URL& url)
index 7156831..de6006d 100644 (file)
@@ -31,7 +31,7 @@ public:
     virtual std::pair<String, bool> cookiesForDOM(const NetworkStorageSession&, const URL& firstParty, const URL&, IncludeSecureCookies) = 0;
     virtual void setCookiesFromDOM(const NetworkStorageSession&, const URL& firstParty, const URL&, const String&) = 0;
     virtual bool cookiesEnabled(const NetworkStorageSession&, const URL& firstParty, const URL&) = 0;
-    virtual String cookieRequestHeaderFieldValue(const NetworkStorageSession&, const URL& firstParty, const URL&) = 0;
+    virtual std::pair<String, bool> cookieRequestHeaderFieldValue(const NetworkStorageSession&, const URL& firstParty, const URL&, IncludeSecureCookies) = 0;
     virtual bool getRawCookies(const NetworkStorageSession&, const URL& firstParty, const URL&, Vector<Cookie>&) = 0;
     virtual void deleteCookie(const NetworkStorageSession&, const URL&, const String&) = 0;
     virtual void getHostnamesWithCookies(const NetworkStorageSession&, HashSet<String>& hostnames) = 0;
@@ -44,7 +44,7 @@ class CookieJarCurlFileSystem : public CookieJarCurl {
     std::pair<String, bool> cookiesForDOM(const NetworkStorageSession&, const URL& firstParty, const URL&, IncludeSecureCookies) override;
     void setCookiesFromDOM(const NetworkStorageSession&, const URL& firstParty, const URL&, const String&) override;
     bool cookiesEnabled(const NetworkStorageSession&, const URL& firstParty, const URL&) override;
-    String cookieRequestHeaderFieldValue(const NetworkStorageSession&, const URL& firstParty, const URL&) override;
+    std::pair<String, bool> cookieRequestHeaderFieldValue(const NetworkStorageSession&, const URL& firstParty, const URL&, IncludeSecureCookies) override;
     bool getRawCookies(const NetworkStorageSession&, const URL& firstParty, const URL&, Vector<Cookie>&) override;
     void deleteCookie(const NetworkStorageSession&, const URL&, const String&) override;
     void getHostnamesWithCookies(const NetworkStorageSession&, HashSet<String>& hostnames) override;
index c2b5690..be7c5db 100644 (file)
@@ -133,15 +133,16 @@ static NSArray *cookiesForURL(const NetworkStorageSession& session, const URL& f
 }
 
 enum IncludeHTTPOnlyOrNot { DoNotIncludeHTTPOnly, IncludeHTTPOnly };
-static String cookiesForSession(const NetworkStorageSession& session, const URL& firstParty, const URL& url, IncludeHTTPOnlyOrNot includeHTTPOnly, IncludeSecureCookies includeSecureCookies, bool& didAccessSecureCookies)
+static std::pair<String, bool> cookiesForSession(const NetworkStorageSession& session, const URL& firstParty, const URL& url, IncludeHTTPOnlyOrNot includeHTTPOnly, IncludeSecureCookies includeSecureCookies)
 {
     BEGIN_BLOCK_OBJC_EXCEPTIONS;
 
     NSArray *cookies = cookiesForURL(session, firstParty, url);
     if (![cookies count])
-        return String(); // Return a null string, not an empty one that StringBuilder would create below.
+        return { String(), false }; // Return a null string, not an empty one that StringBuilder would create below.
 
     StringBuilder cookiesBuilder;
+    bool didAccessSecureCookies = false;
     for (NSHTTPCookie *cookie in cookies) {
         if (![[cookie name] length])
             continue;
@@ -162,24 +163,20 @@ static String cookiesForSession(const NetworkStorageSession& session, const URL&
         cookiesBuilder.append('=');
         cookiesBuilder.append([cookie value]);
     }
-    return cookiesBuilder.toString();
+    return { cookiesBuilder.toString(), didAccessSecureCookies };
 
     END_BLOCK_OBJC_EXCEPTIONS;
-    return String();
+    return { String(), false };
 }
 
 std::pair<String, bool> cookiesForDOM(const NetworkStorageSession& session, const URL& firstParty, const URL& url, IncludeSecureCookies includeSecureCookies)
 {
-    bool didAccessSecureCookies = false;
-    auto cookieString = cookiesForSession(session, firstParty, url, DoNotIncludeHTTPOnly, includeSecureCookies, didAccessSecureCookies);
-    return { cookieString, didAccessSecureCookies };
+    return cookiesForSession(session, firstParty, url, DoNotIncludeHTTPOnly, includeSecureCookies);
 }
 
-String cookieRequestHeaderFieldValue(const NetworkStorageSession& session, const URL& firstParty, const URL& url)
+std::pair<String, bool> cookieRequestHeaderFieldValue(const NetworkStorageSession& session, const URL& firstParty, const URL& url, IncludeSecureCookies includeSecureCookies)
 {
-    bool ignore = false;
-    auto includeSecureCookies = url.protocolIs("https") ? IncludeSecureCookies::Yes : IncludeSecureCookies::No;
-    return cookiesForSession(session, firstParty, url, IncludeHTTPOnly, includeSecureCookies, ignore);
+    return cookiesForSession(session, firstParty, url, IncludeHTTPOnly, includeSecureCookies);
 }
 
 void setCookiesFromDOM(const NetworkStorageSession& session, const URL& firstParty, const URL& url, const String& cookieStr)
index e47480a..107b871 100644 (file)
@@ -118,10 +118,10 @@ std::pair<String, bool> cookiesForDOM(const NetworkStorageSession& session, cons
     return cookiesForSession(session, url, false, includeSecureCookies);
 }
 
-String cookieRequestHeaderFieldValue(const NetworkStorageSession& session, const URL& /*firstParty*/, const URL& url)
+std::pair<String, bool> cookieRequestHeaderFieldValue(const NetworkStorageSession& session, const URL& /*firstParty*/, const URL& url, IncludeSecureCookies includeSecureCookies)
 {
     // Secure cookies will still only be included if url's protocol is https.
-    return cookiesForSession(session, url, true, IncludeSecureCookies::Yes).first;
+    return cookiesForSession(session, url, true, includeSecureCookies);
 }
 
 bool cookiesEnabled(const NetworkStorageSession& session, const URL& /*firstParty*/, const URL& /*url*/)
index d2879df..0d68f95 100644 (file)
@@ -1,3 +1,24 @@
+2017-08-28  Brent Fulgham  <bfulgham@apple.com>
+
+        Disable access to secure cookies if an HTTPS site loads mixed content (Part 2: Header Requests)
+        https://bugs.webkit.org/show_bug.cgi?id=175992
+        <rdar://problem/34086613>
+
+        Reviewed by Daniel Bates.
+
+        * NetworkProcess/NetworkConnectionToWebProcess.cpp:
+        (WebKit::NetworkConnectionToWebProcess::cookiesForDOM): Use a better label than 'result'.
+        (WebKit::NetworkConnectionToWebProcess::cookieRequestHeaderFieldValue): Modify to accept a flag
+        indicating if secure cookies should be included, and return a pair containing the resulting
+        cookie string and a boolean indicating if secure cookies were accessed.
+        * NetworkProcess/NetworkConnectionToWebProcess.h:
+        * NetworkProcess/NetworkConnectionToWebProcess.messages.in: Ditto.
+        * Shared/mac/CookieStorageShim.mm:
+        (WebKit::webKitCookieStorageCopyRequestHeaderFieldsForURL): Ditto.
+        * WebProcess/WebCoreSupport/WebPlatformStrategies.cpp:
+        (WebKit::WebPlatformStrategies::cookieRequestHeaderFieldValue): Ditto.
+        * WebProcess/WebCoreSupport/WebPlatformStrategies.h:
+
 2017-08-28  Alex Christensen  <achristensen@webkit.org>
 
         Add WKUIDelegatePrivate equivalent of WKPageUIClient's didExceedBackgroundResourceLimitWhileInForeground
index b2a7420..c0ff3de 100644 (file)
@@ -323,9 +323,9 @@ void NetworkConnectionToWebProcess::convertMainResourceLoadToDownload(PAL::Sessi
     loader->convertToDownload(downloadID, request, response);
 }
 
-void NetworkConnectionToWebProcess::cookiesForDOM(PAL::SessionID sessionID, const URL& firstParty, const URL& url, IncludeSecureCookies includeSecureCookies, String& result, bool& secureCookiesAccessed)
+void NetworkConnectionToWebProcess::cookiesForDOM(PAL::SessionID sessionID, const URL& firstParty, const URL& url, IncludeSecureCookies includeSecureCookies, String& cookieString, bool& secureCookiesAccessed)
 {
-    std::tie(result, secureCookiesAccessed) = WebCore::cookiesForDOM(storageSession(sessionID), firstParty, url, includeSecureCookies);
+    std::tie(cookieString, secureCookiesAccessed) = WebCore::cookiesForDOM(storageSession(sessionID), firstParty, url, includeSecureCookies);
 }
 
 void NetworkConnectionToWebProcess::setCookiesFromDOM(PAL::SessionID sessionID, const URL& firstParty, const URL& url, const String& cookieString)
@@ -338,9 +338,9 @@ void NetworkConnectionToWebProcess::cookiesEnabled(PAL::SessionID sessionID, con
     result = WebCore::cookiesEnabled(storageSession(sessionID), firstParty, url);
 }
 
-void NetworkConnectionToWebProcess::cookieRequestHeaderFieldValue(PAL::SessionID sessionID, const URL& firstParty, const URL& url, String& result)
+void NetworkConnectionToWebProcess::cookieRequestHeaderFieldValue(PAL::SessionID sessionID, const URL& firstParty, const URL& url, IncludeSecureCookies includeSecureCookies, String& cookieString, bool& secureCookiesAccessed)
 {
-    result = WebCore::cookieRequestHeaderFieldValue(storageSession(sessionID), firstParty, url);
+    std::tie(cookieString, secureCookiesAccessed) = WebCore::cookieRequestHeaderFieldValue(storageSession(sessionID), firstParty, url, includeSecureCookies);
 }
 
 void NetworkConnectionToWebProcess::getRawCookies(PAL::SessionID sessionID, const URL& firstParty, const URL& url, Vector<Cookie>& result)
index d671b90..cd28042 100644 (file)
@@ -97,10 +97,10 @@ private:
     void startDownload(PAL::SessionID, DownloadID, const WebCore::ResourceRequest&, const String& suggestedName = { });
     void convertMainResourceLoadToDownload(PAL::SessionID, uint64_t mainResourceLoadIdentifier, DownloadID, const WebCore::ResourceRequest&, const WebCore::ResourceResponse&);
 
-    void cookiesForDOM(PAL::SessionID, const WebCore::URL& firstParty, const WebCore::URL&, WebCore::IncludeSecureCookies, String& result, bool& secureCookiesAccessed);
+    void cookiesForDOM(PAL::SessionID, const WebCore::URL& firstParty, const WebCore::URL&, WebCore::IncludeSecureCookies, String& cookieString, bool& secureCookiesAccessed);
     void setCookiesFromDOM(PAL::SessionID, const WebCore::URL& firstParty, const WebCore::URL&, const String&);
     void cookiesEnabled(PAL::SessionID, const WebCore::URL& firstParty, const WebCore::URL&, bool& result);
-    void cookieRequestHeaderFieldValue(PAL::SessionID, const WebCore::URL& firstParty, const WebCore::URL&, String& result);
+    void cookieRequestHeaderFieldValue(PAL::SessionID, const WebCore::URL& firstParty, const WebCore::URL&, WebCore::IncludeSecureCookies, String& cookieString, bool& secureCookiesAccessed);
     void getRawCookies(PAL::SessionID, const WebCore::URL& firstParty, const WebCore::URL&, Vector<WebCore::Cookie>&);
     void deleteCookie(PAL::SessionID, const WebCore::URL&, const String& cookieName);
 
index 02c4735..abf0fcc 100644 (file)
@@ -32,10 +32,10 @@ messages -> NetworkConnectionToWebProcess LegacyReceiver {
     StartDownload(PAL::SessionID sessionID, WebKit::DownloadID downloadID, WebCore::ResourceRequest request, String suggestedName)
     ConvertMainResourceLoadToDownload(PAL::SessionID sessionID, uint64_t mainResourceLoadIdentifier, WebKit::DownloadID downloadID, WebCore::ResourceRequest request, WebCore::ResourceResponse response)
 
-    CookiesForDOM(PAL::SessionID sessionID, WebCore::URL firstParty, WebCore::URL url, enum WebCore::IncludeSecureCookies includeSecureCookies) -> (String result, bool didAccessSecureCookies)
+    CookiesForDOM(PAL::SessionID sessionID, WebCore::URL firstParty, WebCore::URL url, enum WebCore::IncludeSecureCookies includeSecureCookies) -> (String cookieString, bool didAccessSecureCookies)
     SetCookiesFromDOM(PAL::SessionID sessionID, WebCore::URL firstParty, WebCore::URL url, String cookieString)
     CookiesEnabled(PAL::SessionID sessionID, WebCore::URL firstParty, WebCore::URL url) -> (bool enabled)
-    CookieRequestHeaderFieldValue(PAL::SessionID sessionID, WebCore::URL firstParty, WebCore::URL url) -> (String result)
+    CookieRequestHeaderFieldValue(PAL::SessionID sessionID, WebCore::URL firstParty, WebCore::URL url, enum WebCore::IncludeSecureCookies includeSecureCookies) -> (String cookieString, bool didAccessSecureCookies)
     GetRawCookies(PAL::SessionID sessionID, WebCore::URL firstParty, WebCore::URL url) -> (Vector<WebCore::Cookie> cookies)
     DeleteCookie(PAL::SessionID sessionID, WebCore::URL url, String cookieName)
 
index e2ea876..d76e3e1 100644 (file)
@@ -31,6 +31,7 @@
 #include "NetworkProcessConnection.h"
 #include "WebCoreArgumentCoders.h"
 #include "WebProcess.h"
+#include <WebCore/CookiesStrategy.h>
 #include <WebCore/URL.h>
 #include <dlfcn.h>
 #include <pal/SessionID.h>
@@ -55,9 +56,12 @@ namespace WebKit {
 
 static CFDictionaryRef webKitCookieStorageCopyRequestHeaderFieldsForURL(CFHTTPCookieStorageRef inCookieStorage, CFURLRef inRequestURL)
 {
+    IncludeSecureCookies includeSecureCookies = URL(inRequestURL).protocolIs("https") ? IncludeSecureCookies::Yes : IncludeSecureCookies::No;
+
     String cookies;
+    bool secureCookiesAccessed = false;
     URL firstPartyForCookiesURL;
-    if (!WebProcess::singleton().networkConnection().connection().sendSync(Messages::NetworkConnectionToWebProcess::CookieRequestHeaderFieldValue(PAL::SessionID::defaultSessionID(), firstPartyForCookiesURL, inRequestURL), Messages::NetworkConnectionToWebProcess::CookieRequestHeaderFieldValue::Reply(cookies), 0))
+    if (!WebProcess::singleton().networkConnection().connection().sendSync(Messages::NetworkConnectionToWebProcess::CookieRequestHeaderFieldValue(PAL::SessionID::defaultSessionID(), firstPartyForCookiesURL, inRequestURL, includeSecureCookies), Messages::NetworkConnectionToWebProcess::CookieRequestHeaderFieldValue::Reply(cookies, secureCookiesAccessed), 0))
         return 0;
 
     if (cookies.isNull())
index 81bc4b3..69b7f94 100644 (file)
@@ -132,17 +132,18 @@ bool WebPlatformStrategies::cookiesEnabled(const NetworkStorageSession& session,
     return result;
 }
 
-String WebPlatformStrategies::cookieRequestHeaderFieldValue(const NetworkStorageSession& session, const URL& firstParty, const URL& url)
+std::pair<String, bool> WebPlatformStrategies::cookieRequestHeaderFieldValue(const NetworkStorageSession& session, const URL& firstParty, const URL& url, IncludeSecureCookies includeSecureCookies)
 {
-    return cookieRequestHeaderFieldValue(session.sessionID(), firstParty, url);
+    return cookieRequestHeaderFieldValue(session.sessionID(), firstParty, url, includeSecureCookies);
 }
 
-String WebPlatformStrategies::cookieRequestHeaderFieldValue(PAL::SessionID sessionID, const URL& firstParty, const URL& url)
+std::pair<String, bool> WebPlatformStrategies::cookieRequestHeaderFieldValue(PAL::SessionID sessionID, const URL& firstParty, const URL& url, IncludeSecureCookies includeSecureCookies)
 {
-    String result;
-    if (!WebProcess::singleton().networkConnection().connection().sendSync(Messages::NetworkConnectionToWebProcess::CookieRequestHeaderFieldValue(sessionID, firstParty, url), Messages::NetworkConnectionToWebProcess::CookieRequestHeaderFieldValue::Reply(result), 0))
-        return String();
-    return result;
+    String cookieString;
+    bool secureCookiesAccessed = false;
+    if (!WebProcess::singleton().networkConnection().connection().sendSync(Messages::NetworkConnectionToWebProcess::CookieRequestHeaderFieldValue(sessionID, firstParty, url, includeSecureCookies), Messages::NetworkConnectionToWebProcess::CookieRequestHeaderFieldValue::Reply(cookieString, secureCookiesAccessed), 0))
+        return { String(), false };
+    return { cookieString, secureCookiesAccessed };
 }
 
 bool WebPlatformStrategies::getRawCookies(const NetworkStorageSession& session, const URL& firstParty, const URL& url, Vector<Cookie>& rawCookies)
index 69aaaf9..d48dbc3 100644 (file)
@@ -50,8 +50,8 @@ private:
     std::pair<String, bool> cookiesForDOM(const WebCore::NetworkStorageSession&, const WebCore::URL& firstParty, const WebCore::URL&, WebCore::IncludeSecureCookies) override;
     void setCookiesFromDOM(const WebCore::NetworkStorageSession&, const WebCore::URL& firstParty, const WebCore::URL&, const String&) override;
     bool cookiesEnabled(const WebCore::NetworkStorageSession&, const WebCore::URL& firstParty, const WebCore::URL&) override;
-    String cookieRequestHeaderFieldValue(const WebCore::NetworkStorageSession&, const WebCore::URL& firstParty, const WebCore::URL&) override;
-    String cookieRequestHeaderFieldValue(PAL::SessionID, const WebCore::URL& firstParty, const WebCore::URL&) override;
+    std::pair<String, bool> cookieRequestHeaderFieldValue(const WebCore::NetworkStorageSession&, const WebCore::URL& firstParty, const WebCore::URL&, WebCore::IncludeSecureCookies) override;
+    std::pair<String, bool> cookieRequestHeaderFieldValue(PAL::SessionID, const WebCore::URL& firstParty, const WebCore::URL&, WebCore::IncludeSecureCookies) override;
     bool getRawCookies(const WebCore::NetworkStorageSession&, const WebCore::URL& firstParty, const WebCore::URL&, Vector<WebCore::Cookie>&) override;
     void deleteCookie(const WebCore::NetworkStorageSession&, const WebCore::URL&, const String&) override;
 
index 97b4df8..2e5b3dc 100644 (file)
@@ -1,3 +1,17 @@
+2017-08-28  Brent Fulgham  <bfulgham@apple.com>
+
+        Disable access to secure cookies if an HTTPS site loads mixed content (Part 2: Header Requests)
+        https://bugs.webkit.org/show_bug.cgi?id=175992
+        <rdar://problem/34086613>
+
+        Reviewed by Daniel Bates.
+
+        * WebCoreSupport/WebPlatformStrategies.h:
+        * WebCoreSupport/WebPlatformStrategies.mm:
+        (WebPlatformStrategies::cookieRequestHeaderFieldValue): Modify to accept a flag indicating if secure
+        cookies should be included, and return a pair containing the resulting cookie string and a boolean
+        indicating if secure cookies were accessed.
+
 2017-08-27  Wenson Hsieh  <wenson_hsieh@apple.com>
 
         Picking an emoji via the emoji dialog (Ctrl+Cmd+Space) fires inconsistent beforeinput events.
index 6d3767a..de17dfc 100644 (file)
@@ -50,8 +50,8 @@ private:
     std::pair<String, bool> cookiesForDOM(const WebCore::NetworkStorageSession&, const WebCore::URL& firstParty, const WebCore::URL&, WebCore::IncludeSecureCookies) override;
     void setCookiesFromDOM(const WebCore::NetworkStorageSession&, const WebCore::URL& firstParty, const WebCore::URL&, const String&) override;
     bool cookiesEnabled(const WebCore::NetworkStorageSession&, const WebCore::URL& firstParty, const WebCore::URL&) override;
-    String cookieRequestHeaderFieldValue(const WebCore::NetworkStorageSession&, const WebCore::URL& firstParty, const WebCore::URL&) override;
-    String cookieRequestHeaderFieldValue(PAL::SessionID, const WebCore::URL& firstParty, const WebCore::URL&) override;
+    std::pair<String, bool> cookieRequestHeaderFieldValue(const WebCore::NetworkStorageSession&, const WebCore::URL& firstParty, const WebCore::URL&, WebCore::IncludeSecureCookies) override;
+    std::pair<String, bool> cookieRequestHeaderFieldValue(PAL::SessionID, const WebCore::URL& firstParty, const WebCore::URL&, WebCore::IncludeSecureCookies) override;
     bool getRawCookies(const WebCore::NetworkStorageSession&, const WebCore::URL& firstParty, const WebCore::URL&, Vector<WebCore::Cookie>&) override;
     void deleteCookie(const WebCore::NetworkStorageSession&, const WebCore::URL&, const String&) override;
 
index b148b9f..849ddb6 100644 (file)
@@ -88,15 +88,15 @@ bool WebPlatformStrategies::cookiesEnabled(const NetworkStorageSession& session,
     return WebCore::cookiesEnabled(session, firstParty, url);
 }
 
-String WebPlatformStrategies::cookieRequestHeaderFieldValue(const NetworkStorageSession& session, const URL& firstParty, const URL& url)
+std::pair<String, bool> WebPlatformStrategies::cookieRequestHeaderFieldValue(const NetworkStorageSession& session, const URL& firstParty, const URL& url, IncludeSecureCookies includeSecureCookies)
 {
-    return WebCore::cookieRequestHeaderFieldValue(session, firstParty, url);
+    return WebCore::cookieRequestHeaderFieldValue(session, firstParty, url, includeSecureCookies);
 }
 
-String WebPlatformStrategies::cookieRequestHeaderFieldValue(PAL::SessionID sessionID, const URL& firstParty, const URL& url)
+std::pair<String, bool> WebPlatformStrategies::cookieRequestHeaderFieldValue(PAL::SessionID sessionID, const URL& firstParty, const URL& url, IncludeSecureCookies includeSecureCookies)
 {
     auto& session = sessionID.isEphemeral() ? WebFrameNetworkingContext::ensurePrivateBrowsingSession() : NetworkStorageSession::defaultStorageSession();
-    return WebCore::cookieRequestHeaderFieldValue(session, firstParty, url);
+    return WebCore::cookieRequestHeaderFieldValue(session, firstParty, url, includeSecureCookies);
 }
 
 bool WebPlatformStrategies::getRawCookies(const NetworkStorageSession& session, const URL& firstParty, const URL& url, Vector<Cookie>& rawCookies)