Block popups from content extensions.
authorachristensen@apple.com <achristensen@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Wed, 8 Apr 2015 20:26:41 +0000 (20:26 +0000)
committerachristensen@apple.com <achristensen@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Wed, 8 Apr 2015 20:26:41 +0000 (20:26 +0000)
https://bugs.webkit.org/show_bug.cgi?id=143497

Reviewed by Brady Eidson.

Source/WebCore:

Test: http/tests/contentextensions/popups.html

* loader/ResourceLoadInfo.cpp:
(WebCore::readResourceType):
* loader/ResourceLoadInfo.h:
* page/DOMWindow.cpp:
(WebCore::DOMWindow::open):
* page/UserContentController.cpp:
(WebCore::UserContentController::actionsForResourceLoad):
* page/UserContentController.h:
Check content extensions before opening a window.

Tools:

* TestWebKitAPI/Tests/WebCore/ContentExtensions.cpp:
(TestWebKitAPI::TEST_F):
Added popup test.

LayoutTests:

* http/tests/contentextensions/popups-expected.txt: Added.
* http/tests/contentextensions/popups.html: Added.
* http/tests/contentextensions/popups.html.json: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@182564 268f45cc-cd09-0410-ab3c-d52691b4dbfc

12 files changed:
LayoutTests/ChangeLog
LayoutTests/http/tests/contentextensions/popups-expected.txt [new file with mode: 0644]
LayoutTests/http/tests/contentextensions/popups.html [new file with mode: 0644]
LayoutTests/http/tests/contentextensions/popups.html.json [new file with mode: 0644]
Source/WebCore/ChangeLog
Source/WebCore/loader/ResourceLoadInfo.cpp
Source/WebCore/loader/ResourceLoadInfo.h
Source/WebCore/page/DOMWindow.cpp
Source/WebCore/page/UserContentController.cpp
Source/WebCore/page/UserContentController.h
Tools/ChangeLog
Tools/TestWebKitAPI/Tests/WebCore/ContentExtensions.cpp

index 2b7525d..1d222b7 100644 (file)
@@ -1,3 +1,14 @@
+2015-04-08  Alex Christensen  <achristensen@webkit.org>
+
+        Block popups from content extensions.
+        https://bugs.webkit.org/show_bug.cgi?id=143497
+
+        Reviewed by Brady Eidson.
+
+        * http/tests/contentextensions/popups-expected.txt: Added.
+        * http/tests/contentextensions/popups.html: Added.
+        * http/tests/contentextensions/popups.html.json: Added.
+
 2015-04-08  Michael Catanzaro  <mcatanzaro@igalia.com>
 
         [GTK] Unreviewed test expectation sanity-check
diff --git a/LayoutTests/http/tests/contentextensions/popups-expected.txt b/LayoutTests/http/tests/contentextensions/popups-expected.txt
new file mode 100644 (file)
index 0000000..1997344
--- /dev/null
@@ -0,0 +1,4 @@
+ALERT: about:blank successfully blocked
+ALERT: data url should not be blocked
+ALERT: data url should not be blocked
+
diff --git a/LayoutTests/http/tests/contentextensions/popups.html b/LayoutTests/http/tests/contentextensions/popups.html
new file mode 100644 (file)
index 0000000..613d5de
--- /dev/null
@@ -0,0 +1,18 @@
+<html> 
+<body>
+<script> 
+if (window.testRunner) {
+    testRunner.dumpAsText();
+    testRunner.setCanOpenWindows(true);
+    testRunner.setCloseRemainingWindowsWhenComplete(true);
+}
+
+win = window.open("about:blank");
+alert(win ? "FAIL" : "about:blank successfully blocked");
+win = window.open("data:text/html, hello");
+alert(win ? "data url should not be blocked" : "FAIL");
+win = window.open("data:text/html, about");
+alert(win ? "data url should not be blocked" : "FAIL");
+</script> 
+</body> 
+</html>
diff --git a/LayoutTests/http/tests/contentextensions/popups.html.json b/LayoutTests/http/tests/contentextensions/popups.html.json
new file mode 100644 (file)
index 0000000..9844ccd
--- /dev/null
@@ -0,0 +1,11 @@
+[
+    {
+        "action": {
+            "type": "block"
+        },
+        "trigger": {
+            "url-filter": "about",
+            "resource-type":["popup"]
+        }
+    }
+]
index 48d4653..b653608 100644 (file)
@@ -1,3 +1,22 @@
+2015-04-08  Alex Christensen  <achristensen@webkit.org>
+
+        Block popups from content extensions.
+        https://bugs.webkit.org/show_bug.cgi?id=143497
+
+        Reviewed by Brady Eidson.
+
+        Test: http/tests/contentextensions/popups.html
+
+        * loader/ResourceLoadInfo.cpp:
+        (WebCore::readResourceType):
+        * loader/ResourceLoadInfo.h:
+        * page/DOMWindow.cpp:
+        (WebCore::DOMWindow::open):
+        * page/UserContentController.cpp:
+        (WebCore::UserContentController::actionsForResourceLoad):
+        * page/UserContentController.h:
+        Check content extensions before opening a window.
+
 2015-04-08  Bem Jones-Bey  <bjonesbe@adobe.com>
 
         [CSS Shapes] Properly handle negative reference box widths and center coordinates
index 1673369..cbd5919 100644 (file)
@@ -85,6 +85,8 @@ uint16_t readResourceType(const String& name)
         return static_cast<uint16_t>(ResourceType::SVGDocument);
     if (name == "media")
         return static_cast<uint16_t>(ResourceType::Media);
+    if (name == "popup")
+        return static_cast<uint16_t>(ResourceType::Popup);
     return static_cast<uint16_t>(ResourceType::Invalid);
 }
 
index 0d3f955..f3dcd2e 100644 (file)
@@ -42,12 +42,13 @@ enum class ResourceType : uint16_t {
     SVGDocument = 0x0040,
     Media = 0x0080,
     PlugInStream = 0x0100,
+    Popup = 0x0200,
 };
 
 enum class LoadType : uint16_t {
     Invalid = 0x0000,
-    FirstParty = 0x0200,
-    ThirdParty = 0x0400,
+    FirstParty = 0x0400,
+    ThirdParty = 0x0800,
 };
 
 typedef uint16_t ResourceFlags;
index 7829403..95700b3 100644 (file)
@@ -35,6 +35,8 @@
 #include "CSSRuleList.h"
 #include "Chrome.h"
 #include "ChromeClient.h"
+#include "ContentExtensionActions.h"
+#include "ContentExtensionRule.h"
 #include "Crypto.h"
 #include "DOMApplicationCache.h"
 #include "DOMSelection.h"
@@ -81,6 +83,7 @@
 #include "PageTransitionEvent.h"
 #include "Performance.h"
 #include "PlatformScreen.h"
+#include "ResourceLoadInfo.h"
 #include "RuntimeEnabledFeatures.h"
 #include "ScheduledAction.h"
 #include "Screen.h"
@@ -2121,24 +2124,39 @@ PassRefPtr<DOMWindow> DOMWindow::open(const String& urlString, const AtomicStrin
     DOMWindow& activeWindow, DOMWindow& firstWindow)
 {
     if (!isCurrentlyDisplayedInFrame())
-        return 0;
+        return nullptr;
     Document* activeDocument = activeWindow.document();
     if (!activeDocument)
-        return 0;
+        return nullptr;
     Frame* firstFrame = firstWindow.frame();
     if (!firstFrame)
-        return 0;
+        return nullptr;
+
+#if ENABLE(CONTENT_EXTENSIONS)
+    if (firstFrame
+        && firstFrame->document()
+        && firstFrame->mainFrame().page()
+        && firstFrame->mainFrame().page()->userContentController()
+        && firstFrame->mainFrame().document()) {
+        ResourceLoadInfo resourceLoadInfo = {firstFrame->document()->completeURL(urlString), firstFrame->mainFrame().document()->url(), ResourceType::Popup};
+        Vector<ContentExtensions::Action> actions = firstFrame->mainFrame().page()->userContentController()->actionsForResourceLoad(resourceLoadInfo);
+        for (const ContentExtensions::Action& action : actions) {
+            if (action.type() == ContentExtensions::ActionType::BlockLoad)
+                return nullptr;
+        }
+    }
+#endif
 
     if (!firstWindow.allowPopUp()) {
         // Because FrameTree::find() returns true for empty strings, we must check for empty frame names.
         // Otherwise, illegitimate window.open() calls with no name will pass right through the popup blocker.
         if (frameName.isEmpty() || !m_frame->tree().find(frameName))
-            return 0;
+            return nullptr;
     }
 
     // Get the target frame for the special cases of _top and _parent.
     // In those cases, we schedule a location change right now and return early.
-    Frame* targetFrame = 0;
+    Frame* targetFrame = nullptr;
     if (frameName == "_top")
         targetFrame = &m_frame->tree().top();
     else if (frameName == "_parent") {
@@ -2149,7 +2167,7 @@ PassRefPtr<DOMWindow> DOMWindow::open(const String& urlString, const AtomicStrin
     }
     if (targetFrame) {
         if (!activeDocument->canNavigate(targetFrame))
-            return 0;
+            return nullptr;
 
         URL completedURL = firstFrame->document()->completeURL(urlString);
 
@@ -2169,7 +2187,7 @@ PassRefPtr<DOMWindow> DOMWindow::open(const String& urlString, const AtomicStrin
 
     WindowFeatures windowFeatures(windowFeaturesString);
     RefPtr<Frame> result = createWindow(urlString, frameName, windowFeatures, activeWindow, firstFrame, m_frame);
-    return result ? result->document()->domWindow() : 0;
+    return result ? result->document()->domWindow() : nullptr;
 }
 
 void DOMWindow::showModalDialog(const String& urlString, const String& dialogFeaturesString, DOMWindow& activeWindow, DOMWindow& firstWindow, std::function<void (DOMWindow&)> prepareDialogFunction)
index 9cadedb..3d6494c 100644 (file)
@@ -212,6 +212,13 @@ void UserContentController::processContentExtensionRulesForLoad(ResourceRequest&
     m_contentExtensionBackend->processContentExtensionRulesForLoad(request, resourceType, initiatingDocumentLoader);
 }
 
+Vector<ContentExtensions::Action> UserContentController::actionsForResourceLoad(const ResourceLoadInfo& resourceLoadInfo)
+{
+    if (!m_contentExtensionBackend)
+        return Vector<ContentExtensions::Action>();
+    
+    return m_contentExtensionBackend->actionsForResourceLoad(resourceLoadInfo);
+}
 #endif
 
 void UserContentController::removeAllUserContent()
index ed5cebb..663014e 100644 (file)
@@ -93,6 +93,7 @@ public:
     WEBCORE_EXPORT void removeAllUserContentExtensions();
 
     void processContentExtensionRulesForLoad(ResourceRequest&, ResourceType, DocumentLoader& initiatingDocumentLoader);
+    Vector<ContentExtensions::Action> actionsForResourceLoad(const ResourceLoadInfo&);
 #endif
 
 private:
index cde4ee4..33328eb 100644 (file)
@@ -1,3 +1,14 @@
+2015-04-08  Alex Christensen  <achristensen@webkit.org>
+
+        Block popups from content extensions.
+        https://bugs.webkit.org/show_bug.cgi?id=143497
+
+        Reviewed by Brady Eidson.
+
+        * TestWebKitAPI/Tests/WebCore/ContentExtensions.cpp:
+        (TestWebKitAPI::TEST_F):
+        Added popup test.
+
 2015-04-08  Alex Christensen  <achristensen@webkit.org> and Patrick Gansterer  <paroga@webkit.org>
 
         Add CMake build system for WinCairo port.
index 3a36c82..7e2c5ad 100644 (file)
@@ -457,7 +457,7 @@ TEST_F(ContentExtensionTest, LoadType)
 
 TEST_F(ContentExtensionTest, ResourceType)
 {
-    auto backend = makeBackend("[{\"action\":{\"type\":\"block\"},\"trigger\":{\"url-filter\":\"block_all_types.org\",\"resource-type\":[\"document\",\"image\",\"style-sheet\",\"script\",\"font\",\"raw\",\"svg-document\",\"media\"]}},"
+    auto backend = makeBackend("[{\"action\":{\"type\":\"block\"},\"trigger\":{\"url-filter\":\"block_all_types.org\",\"resource-type\":[\"document\",\"image\",\"style-sheet\",\"script\",\"font\",\"raw\",\"svg-document\",\"media\",\"popup\"]}},"
         "{\"action\":{\"type\":\"block\"},\"trigger\":{\"url-filter\":\"block_only_images\",\"resource-type\":[\"image\"]}}]");
 
     testRequest(backend, mainDocumentRequest("http://block_all_types.org", ResourceType::Document), { ContentExtensions::ActionType::BlockLoad });
@@ -468,6 +468,7 @@ TEST_F(ContentExtensionTest, ResourceType)
     testRequest(backend, mainDocumentRequest("http://block_all_types.org", ResourceType::Raw), { ContentExtensions::ActionType::BlockLoad });
     testRequest(backend, mainDocumentRequest("http://block_all_types.org", ResourceType::SVGDocument), { ContentExtensions::ActionType::BlockLoad });
     testRequest(backend, mainDocumentRequest("http://block_all_types.org", ResourceType::Media), { ContentExtensions::ActionType::BlockLoad });
+    testRequest(backend, mainDocumentRequest("http://block_all_types.org", ResourceType::Popup), { ContentExtensions::ActionType::BlockLoad });
     testRequest(backend, mainDocumentRequest("http://block_only_images.org", ResourceType::Image), { ContentExtensions::ActionType::BlockLoad });
     testRequest(backend, mainDocumentRequest("http://block_only_images.org", ResourceType::Document), { });
 }