Use PlatformStrategies to switch between WebKit and WebKitLegacy checking of CSP...
authordbates@webkit.org <dbates@webkit.org@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Fri, 11 May 2018 05:34:20 +0000 (05:34 +0000)
committerdbates@webkit.org <dbates@webkit.org@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Fri, 11 May 2018 05:34:20 +0000 (05:34 +0000)
https://bugs.webkit.org/show_bug.cgi?id=185412

Reviewed by Ryosuke Niwa.

Source/WebCore:

Consolidate the knowledge on how to determine whether security checks were performed on a ResourceResponse
into LoaderStrategy::havePerformedSecurityChecks() (default implementation returns false) and query it
to determine whether CSP frame-ancestors and X-Frame-Options need to be checked for a ResourceResponse.

Additionally, rename LoaderStrategy::isDoingLoadingSecurityChecks() to shouldPerformSecurityChecks()
for consistency with havePerformedSecurityChecks(). Querying shouldPerformSecurityChecks() answers the
question of whether the loader strategy is responsible for performing security checks when building up
a ResourceRequest to have the loader strategy load. And LoaderStrategy::havePerformedSecurityChecks()
is used to determine whether the loader strategy performed these security checks for a given ResourceResponse.

* inspector/agents/InspectorNetworkAgent.cpp:
(WebCore::InspectorNetworkAgent::didReceiveResponse):
(WebCore::InspectorNetworkAgent::didFinishLoading):
(WebCore::isResponseProbablyComingFromNetworkProcess): Deleted.
* loader/DocumentLoader.cpp:
(WebCore::DocumentLoader::responseReceived):
* loader/DocumentThreadableLoader.cpp:
(WebCore::shouldPerformSecurityChecks):
(WebCore::DocumentThreadableLoader::shouldSetHTTPHeadersToKeep const):
(WebCore::DocumentThreadableLoader::makeCrossOriginAccessRequest):
(WebCore::DocumentThreadableLoader::makeSimpleCrossOriginAccessRequest):
(WebCore::DocumentThreadableLoader::redirectReceived):
(WebCore::DocumentThreadableLoader::didFail):
(WebCore::DocumentThreadableLoader::loadRequest):
(WebCore::isDoingSecurityChecksInNetworkProcess): Deleted.
(WebCore::isResponseComingFromNetworkProcess): Deleted.
* loader/LoaderStrategy.cpp:
* loader/LoaderStrategy.h:
* page/Settings.yaml: Remove setting networkProcessCSPFrameAncestorsCheckingEnabled as we now make
use of the loader strategy to determine whether to perform CSP frame-ancestors and X-Frame-Options
checking in DocumentLoader.
* platform/network/ResourceResponseBase.h:
(WebCore::ResourceResponseBase::setSource): Added an ASSERT to catch the programming error of setting
source to ResourceResponse::Source::Unknown. This source type represents an uninitialized ResourceResponse.

Source/WebKit:

Update code for renaming and write in terms of WebLoaderStrategy::shouldPerformSecurityChecks()
instead of explicitly querying RuntimeEnabledFeatures::sharedFeatures().restrictedHTTPResponseAccess().

* WebProcess/Network/WebLoaderStrategy.cpp:
(WebKit::WebLoaderStrategy::scheduleLoadFromNetworkProcess):
(WebKit::WebLoaderStrategy::loadResourceSynchronously):
(WebKit::WebLoaderStrategy::startPingLoad):
(WebKit::WebLoaderStrategy::preconnectTo):
(WebKit::WebLoaderStrategy::shouldPerformSecurityChecks const):
(WebKit::WebLoaderStrategy::havePerformedSecurityChecks const):
(WebKit::WebLoaderStrategy::isDoingLoadingSecurityChecks const): Deleted.
* WebProcess/Network/WebLoaderStrategy.h:
* WebProcess/WebPage/WebPage.cpp:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@231692 268f45cc-cd09-0410-ab3c-d52691b4dbfc

12 files changed:
Source/WebCore/ChangeLog
Source/WebCore/inspector/agents/InspectorNetworkAgent.cpp
Source/WebCore/loader/DocumentLoader.cpp
Source/WebCore/loader/DocumentThreadableLoader.cpp
Source/WebCore/loader/LoaderStrategy.cpp
Source/WebCore/loader/LoaderStrategy.h
Source/WebCore/page/Settings.yaml
Source/WebCore/platform/network/ResourceResponseBase.h
Source/WebKit/ChangeLog
Source/WebKit/WebProcess/Network/WebLoaderStrategy.cpp
Source/WebKit/WebProcess/Network/WebLoaderStrategy.h
Source/WebKit/WebProcess/WebPage/WebPage.cpp

index 9211176..2132b6b 100644 (file)
@@ -1,3 +1,45 @@
+2018-05-10  Daniel Bates  <dabates@apple.com>
+
+        Use PlatformStrategies to switch between WebKit and WebKitLegacy checking of CSP frame-ancestors and X-Frame-Options
+        https://bugs.webkit.org/show_bug.cgi?id=185412
+
+        Reviewed by Ryosuke Niwa.
+
+        Consolidate the knowledge on how to determine whether security checks were performed on a ResourceResponse
+        into LoaderStrategy::havePerformedSecurityChecks() (default implementation returns false) and query it
+        to determine whether CSP frame-ancestors and X-Frame-Options need to be checked for a ResourceResponse.
+
+        Additionally, rename LoaderStrategy::isDoingLoadingSecurityChecks() to shouldPerformSecurityChecks()
+        for consistency with havePerformedSecurityChecks(). Querying shouldPerformSecurityChecks() answers the
+        question of whether the loader strategy is responsible for performing security checks when building up
+        a ResourceRequest to have the loader strategy load. And LoaderStrategy::havePerformedSecurityChecks()
+        is used to determine whether the loader strategy performed these security checks for a given ResourceResponse.
+
+        * inspector/agents/InspectorNetworkAgent.cpp:
+        (WebCore::InspectorNetworkAgent::didReceiveResponse):
+        (WebCore::InspectorNetworkAgent::didFinishLoading):
+        (WebCore::isResponseProbablyComingFromNetworkProcess): Deleted.
+        * loader/DocumentLoader.cpp:
+        (WebCore::DocumentLoader::responseReceived):
+        * loader/DocumentThreadableLoader.cpp:
+        (WebCore::shouldPerformSecurityChecks):
+        (WebCore::DocumentThreadableLoader::shouldSetHTTPHeadersToKeep const):
+        (WebCore::DocumentThreadableLoader::makeCrossOriginAccessRequest):
+        (WebCore::DocumentThreadableLoader::makeSimpleCrossOriginAccessRequest):
+        (WebCore::DocumentThreadableLoader::redirectReceived):
+        (WebCore::DocumentThreadableLoader::didFail):
+        (WebCore::DocumentThreadableLoader::loadRequest):
+        (WebCore::isDoingSecurityChecksInNetworkProcess): Deleted.
+        (WebCore::isResponseComingFromNetworkProcess): Deleted.
+        * loader/LoaderStrategy.cpp:
+        * loader/LoaderStrategy.h:
+        * page/Settings.yaml: Remove setting networkProcessCSPFrameAncestorsCheckingEnabled as we now make
+        use of the loader strategy to determine whether to perform CSP frame-ancestors and X-Frame-Options
+        checking in DocumentLoader.
+        * platform/network/ResourceResponseBase.h:
+        (WebCore::ResourceResponseBase::setSource): Added an ASSERT to catch the programming error of setting
+        source to ResourceResponse::Source::Unknown. This source type represents an uninitialized ResourceResponse.
+
 2018-05-10  Tim Horton  <timothy_horton@apple.com>
 
         Lookup sometimes shows a second yellow highlight on top of WebKit's TextIndicator
index 46e4afe..c95397a 100644 (file)
@@ -1,6 +1,6 @@
 /*
  * Copyright (C) 2011 Google Inc. All rights reserved.
- * Copyright (C) 2015 Apple Inc. All rights reserved.
+ * Copyright (C) 2015-2018 Apple Inc. All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions are
@@ -421,23 +421,6 @@ void InspectorNetworkAgent::willSendRequestOfType(unsigned long identifier, Docu
     willSendRequest(identifier, loader, request, ResourceResponse(), resourceTypeForLoadType(loadType));
 }
 
-static inline bool isResponseProbablyComingFromNetworkProcess(ResourceResponse::Source source)
-{
-    switch (source) {
-    case ResourceResponse::Source::MemoryCache:
-    case ResourceResponse::Source::MemoryCacheAfterValidation:
-    case ResourceResponse::Source::ServiceWorker:
-    case ResourceResponse::Source::ApplicationCache:
-        return false;
-    case ResourceResponse::Source::Unknown:
-    case ResourceResponse::Source::Network:
-    case ResourceResponse::Source::DiskCache:
-    case ResourceResponse::Source::DiskCacheAfterValidation:
-        return true;
-    }
-    return true;
-}
-
 void InspectorNetworkAgent::didReceiveResponse(unsigned long identifier, DocumentLoader* loader, const ResourceResponse& response, ResourceLoader* resourceLoader)
 {
     if (m_hiddenRequestIdentifiers.contains(identifier))
@@ -446,7 +429,7 @@ void InspectorNetworkAgent::didReceiveResponse(unsigned long identifier, Documen
     String requestId = IdentifiersFactory::requestId(identifier);
 
     std::optional<ResourceResponse> realResponse;
-    if (RuntimeEnabledFeatures::sharedFeatures().restrictedHTTPResponseAccess() && isResponseProbablyComingFromNetworkProcess(response.source())) {
+    if (platformStrategies()->loaderStrategy()->havePerformedSecurityChecks(response)) {
         callOnMainThreadAndWait([&] {
             // We do not need to isolate response since it comes straight from IPC, but we might want to isolate it for extra safety.
             auto response = platformStrategies()->loaderStrategy()->responseFromResourceLoadIdentifier(identifier);
@@ -534,7 +517,7 @@ void InspectorNetworkAgent::didFinishLoading(unsigned long identifier, DocumentL
         sourceMappingURL = InspectorPageAgent::sourceMapURLForResource(resourceData->cachedResource());
 
     std::optional<NetworkLoadMetrics> realMetrics;
-    if (RuntimeEnabledFeatures::sharedFeatures().restrictedHTTPResponseAccess() && !networkLoadMetrics.isComplete()) {
+    if (platformStrategies()->loaderStrategy()->shouldPerformSecurityChecks() && !networkLoadMetrics.isComplete()) {
         callOnMainThreadAndWait([&] {
             realMetrics = platformStrategies()->loaderStrategy()->networkMetricsFromResourceLoadIdentifier(identifier).isolatedCopy();
         });
index 2e2b763..8352e95 100644 (file)
 #include "InspectorInstrumentation.h"
 #include "LinkIconCollector.h"
 #include "LinkIconType.h"
+#include "LoaderStrategy.h"
 #include "Logging.h"
 #include "MemoryCache.h"
 #include "NetworkLoadMetrics.h"
 #include "Page.h"
 #include "PingLoader.h"
+#include "PlatformStrategies.h"
 #include "PolicyChecker.h"
 #include "ProgressTracker.h"
 #include "ResourceHandle.h"
@@ -768,7 +770,7 @@ void DocumentLoader::responseReceived(const ResourceResponse& response, Completi
     unsigned long identifier = m_identifierForLoadWithoutResourceLoader ? m_identifierForLoadWithoutResourceLoader : m_mainResource->identifier();
     ASSERT(identifier);
 
-    if (m_substituteData.isValid() || !m_frame->settings().networkProcessCSPFrameAncestorsCheckingEnabled() || !RuntimeEnabledFeatures::sharedFeatures().restrictedHTTPResponseAccess()) {
+    if (m_substituteData.isValid() || !platformStrategies()->loaderStrategy()->havePerformedSecurityChecks(response)) {
         auto url = response.url();
         ContentSecurityPolicy contentSecurityPolicy(URL { url }, this);
         contentSecurityPolicy.didReceiveHeaders(ContentSecurityPolicyResponseHeaders { response }, m_request.httpReferrer());
index 79ae616..7e1b0d8 100644 (file)
@@ -89,14 +89,14 @@ RefPtr<DocumentThreadableLoader> DocumentThreadableLoader::create(Document& docu
     return create(document, client, WTFMove(request), options, nullptr, nullptr, WTFMove(referrer), ShouldLogError::Yes);
 }
 
-static inline bool isDoingSecurityChecksInNetworkProcess()
+static inline bool shouldPerformSecurityChecks()
 {
-    return platformStrategies()->loaderStrategy()->isDoingLoadingSecurityChecks();
+    return platformStrategies()->loaderStrategy()->shouldPerformSecurityChecks();
 }
 
 bool DocumentThreadableLoader::shouldSetHTTPHeadersToKeep() const
 {
-    if (m_options.mode == FetchOptions::Mode::Cors && isDoingSecurityChecksInNetworkProcess())
+    if (m_options.mode == FetchOptions::Mode::Cors && shouldPerformSecurityChecks())
         return true;
 
 #if ENABLE(SERVICE_WORKER)
@@ -179,7 +179,7 @@ void DocumentThreadableLoader::makeCrossOriginAccessRequest(ResourceRequest&& re
 {
     ASSERT(m_options.mode == FetchOptions::Mode::Cors);
 
-    if ((m_options.preflightPolicy == PreflightPolicy::Consider && isSimpleCrossOriginAccessRequest(request.httpMethod(), request.httpHeaderFields())) || m_options.preflightPolicy == PreflightPolicy::Prevent || isDoingSecurityChecksInNetworkProcess()) {
+    if ((m_options.preflightPolicy == PreflightPolicy::Consider && isSimpleCrossOriginAccessRequest(request.httpMethod(), request.httpHeaderFields())) || m_options.preflightPolicy == PreflightPolicy::Prevent || shouldPerformSecurityChecks()) {
         if (checkURLSchemeAsCORSEnabled(request.url()))
             makeSimpleCrossOriginAccessRequest(WTFMove(request));
     } else {
@@ -207,8 +207,8 @@ void DocumentThreadableLoader::makeCrossOriginAccessRequest(ResourceRequest&& re
 
 void DocumentThreadableLoader::makeSimpleCrossOriginAccessRequest(ResourceRequest&& request)
 {
-    ASSERT(m_options.preflightPolicy != PreflightPolicy::Force || isDoingSecurityChecksInNetworkProcess());
-    ASSERT(m_options.preflightPolicy == PreflightPolicy::Prevent || isSimpleCrossOriginAccessRequest(request.httpMethod(), request.httpHeaderFields()) || isDoingSecurityChecksInNetworkProcess());
+    ASSERT(m_options.preflightPolicy != PreflightPolicy::Force || shouldPerformSecurityChecks());
+    ASSERT(m_options.preflightPolicy == PreflightPolicy::Prevent || isSimpleCrossOriginAccessRequest(request.httpMethod(), request.httpHeaderFields()) || shouldPerformSecurityChecks());
 
     updateRequestForAccessControl(request, securityOrigin(), m_options.storedCredentialsPolicy);
     loadRequest(WTFMove(request), DoSecurityCheck);
@@ -266,12 +266,6 @@ void DocumentThreadableLoader::clearResource()
         m_preflightChecker = std::nullopt;
 }
 
-static inline bool isResponseComingFromNetworkProcess(const ResourceResponse& response)
-{
-    auto source = response.source();
-    return source == ResourceResponse::Source::Network || source == ResourceResponse::Source::DiskCache || source == ResourceResponse::Source::DiskCacheAfterValidation;
-}
-
 void DocumentThreadableLoader::redirectReceived(CachedResource& resource, ResourceRequest&& request, const ResourceResponse& redirectResponse, CompletionHandler<void(ResourceRequest&&)>&& completionHandler)
 {
     ASSERT(m_client);
@@ -295,7 +289,7 @@ void DocumentThreadableLoader::redirectReceived(CachedResource& resource, Resour
         return completionHandler(WTFMove(request));
     }
 
-    if (isDoingSecurityChecksInNetworkProcess() && isResponseComingFromNetworkProcess(redirectResponse)) {
+    if (platformStrategies()->loaderStrategy()->havePerformedSecurityChecks(redirectResponse)) {
         completionHandler(WTFMove(request));
         return;
     }
@@ -470,7 +464,7 @@ void DocumentThreadableLoader::didFail(unsigned long, const ResourceError& error
     // NetworkProcess might return a CSP violation as an AccessControl error in case of redirection.
     // Let's recheck CSP to generate the report if needed.
     // FIXME: We should introduce an error dedicated to CSP violation.
-    if (isDoingSecurityChecksInNetworkProcess() && error.isAccessControl() && error.failingURL().protocolIsInHTTPFamily() && !isAllowedByContentSecurityPolicy(error.failingURL(), ContentSecurityPolicy::RedirectResponseReceived::Yes)) {
+    if (shouldPerformSecurityChecks() && error.isAccessControl() && error.failingURL().protocolIsInHTTPFamily() && !isAllowedByContentSecurityPolicy(error.failingURL(), ContentSecurityPolicy::RedirectResponseReceived::Yes)) {
         reportContentSecurityPolicyError(m_resource->resourceRequest().url());
         return;
     }
@@ -579,7 +573,7 @@ void DocumentThreadableLoader::loadRequest(ResourceRequest&& request, SecurityCh
         return;
     }
 
-    if (!isDoingSecurityChecksInNetworkProcess()) {
+    if (!shouldPerformSecurityChecks()) {
         // FIXME: FrameLoader::loadSynchronously() does not tell us whether a redirect happened or not, so we guess by comparing the
         // request and response URLs. This isn't a perfect test though, since a server can serve a redirect to the same URL that was
         // requested. Also comparing the request and response URLs as strings will fail if the requestURL still has its credentials.
index 9af1cc3..838642d 100644 (file)
@@ -27,7 +27,6 @@
 #include "LoaderStrategy.h"
 
 #include "NetworkLoadMetrics.h"
-#include "PlatformStrategies.h"
 #include "ResourceResponse.h"
 
 namespace WebCore {
index 2f5efeb..f142b57 100644 (file)
@@ -81,7 +81,8 @@ public:
     virtual bool isOnLine() const = 0;
     virtual void addOnlineStateChangeListener(WTF::Function<void(bool)>&&) = 0;
 
-    virtual bool isDoingLoadingSecurityChecks() const { return false; }
+    virtual bool shouldPerformSecurityChecks() const { return false; }
+    virtual bool havePerformedSecurityChecks(const ResourceResponse&) const { return false; }
 
     virtual ResourceResponse responseFromResourceLoadIdentifier(uint64_t resourceLoadIdentifier);
     virtual NetworkLoadMetrics networkMetricsFromResourceLoadIdentifier(uint64_t resourceLoadIdentifier);
index a032340..01bc6c8 100644 (file)
@@ -313,8 +313,6 @@ forceUpdateScrollbarsOnMainThreadForPerformanceTesting:
   initial: false
 notificationsEnabled:
   initial: true
-networkProcessCSPFrameAncestorsCheckingEnabled:
-  initial: false
 
 # Some apps needs isLoadingInAPISense to account for active subresource loaders.
 needsIsLoadingInAPISenseQuirk:
index ebeb30b..0321767 100644 (file)
@@ -144,7 +144,11 @@ public:
 
     enum class Source { Unknown, Network, DiskCache, DiskCacheAfterValidation, MemoryCache, MemoryCacheAfterValidation, ServiceWorker, ApplicationCache };
     WEBCORE_EXPORT Source source() const;
-    void setSource(Source source) { m_source = source; }
+    void setSource(Source source)
+    {
+        ASSERT(source != Source::Unknown);
+        m_source = source;
+    }
 
     const std::optional<SHA1::Digest>& cacheBodyKey() const { return m_cacheBodyKey; }
     void setCacheBodyKey(const SHA1::Digest& key) { m_cacheBodyKey = key; }
index 2384cd1..2973bf9 100644 (file)
@@ -1,3 +1,24 @@
+2018-05-10  Daniel Bates  <dabates@apple.com>
+
+        Use PlatformStrategies to switch between WebKit and WebKitLegacy checking of CSP frame-ancestors and X-Frame-Options
+        https://bugs.webkit.org/show_bug.cgi?id=185412
+
+        Reviewed by Ryosuke Niwa.
+
+        Update code for renaming and write in terms of WebLoaderStrategy::shouldPerformSecurityChecks()
+        instead of explicitly querying RuntimeEnabledFeatures::sharedFeatures().restrictedHTTPResponseAccess().
+
+        * WebProcess/Network/WebLoaderStrategy.cpp:
+        (WebKit::WebLoaderStrategy::scheduleLoadFromNetworkProcess):
+        (WebKit::WebLoaderStrategy::loadResourceSynchronously):
+        (WebKit::WebLoaderStrategy::startPingLoad):
+        (WebKit::WebLoaderStrategy::preconnectTo):
+        (WebKit::WebLoaderStrategy::shouldPerformSecurityChecks const):
+        (WebKit::WebLoaderStrategy::havePerformedSecurityChecks const):
+        (WebKit::WebLoaderStrategy::isDoingLoadingSecurityChecks const): Deleted.
+        * WebProcess/Network/WebLoaderStrategy.h:
+        * WebProcess/WebPage/WebPage.cpp:
+
 2018-05-10  Timothy Horton  <timothy_horton@apple.com>
 
         Fix the build after r231393
index 314b124..63aebcc 100644 (file)
@@ -59,6 +59,7 @@
 #include <WebCore/PlatformStrategies.h>
 #include <WebCore/ReferrerPolicy.h>
 #include <WebCore/ResourceLoader.h>
+#include <WebCore/ResourceResponse.h>
 #include <WebCore/RuntimeEnabledFeatures.h>
 #include <WebCore/SecurityOrigin.h>
 #include <WebCore/Settings.h>
@@ -322,7 +323,7 @@ void WebLoaderStrategy::scheduleLoadFromNetworkProcess(ResourceLoader& resourceL
         }
     }
 
-    loadParameters.shouldRestrictHTTPResponseAccess = RuntimeEnabledFeatures::sharedFeatures().restrictedHTTPResponseAccess();
+    loadParameters.shouldRestrictHTTPResponseAccess = shouldPerformSecurityChecks();
 
     loadParameters.isMainFrameNavigation = resourceLoader.frame() && resourceLoader.frame()->isMainFrame() && resourceLoader.options().mode == FetchOptions::Mode::Navigate;
 
@@ -493,7 +494,7 @@ void WebLoaderStrategy::loadResourceSynchronously(FrameLoader& frameLoader, unsi
     loadParameters.storedCredentialsPolicy = options.credentials == FetchOptions::Credentials::Omit ? StoredCredentialsPolicy::DoNotUse : StoredCredentialsPolicy::Use;
     loadParameters.clientCredentialPolicy = clientCredentialPolicy;
     loadParameters.shouldClearReferrerOnHTTPSToHTTPRedirect = shouldClearReferrerOnHTTPSToHTTPRedirect(webFrame ? webFrame->coreFrame() : nullptr);
-    loadParameters.shouldRestrictHTTPResponseAccess = RuntimeEnabledFeatures::sharedFeatures().restrictedHTTPResponseAccess();
+    loadParameters.shouldRestrictHTTPResponseAccess = shouldPerformSecurityChecks();
 
     loadParameters.options = options;
     loadParameters.sourceOrigin = &document->securityOrigin();
@@ -545,7 +546,7 @@ void WebLoaderStrategy::startPingLoad(Frame& frame, ResourceRequest& request, co
     loadParameters.options = options;
     loadParameters.originalRequestHeaders = originalRequestHeaders;
     loadParameters.shouldClearReferrerOnHTTPSToHTTPRedirect = shouldClearReferrerOnHTTPSToHTTPRedirect(&frame);
-    loadParameters.shouldRestrictHTTPResponseAccess = RuntimeEnabledFeatures::sharedFeatures().restrictedHTTPResponseAccess();
+    loadParameters.shouldRestrictHTTPResponseAccess = shouldPerformSecurityChecks();
     if (!document->shouldBypassMainWorldContentSecurityPolicy()) {
         if (auto * contentSecurityPolicy = document->contentSecurityPolicy())
             loadParameters.cspResponseHeaders = contentSecurityPolicy->responseHeaders();
@@ -602,7 +603,7 @@ void WebLoaderStrategy::preconnectTo(FrameLoader& frameLoader, const WebCore::UR
     parameters.sessionID = webPage ? webPage->sessionID() : PAL::SessionID::defaultSessionID();
     parameters.storedCredentialsPolicy = storedCredentialsPolicy;
     parameters.shouldPreconnectOnly = PreconnectOnly::Yes;
-    parameters.shouldRestrictHTTPResponseAccess = RuntimeEnabledFeatures::sharedFeatures().restrictedHTTPResponseAccess();
+    parameters.shouldRestrictHTTPResponseAccess = shouldPerformSecurityChecks();
     // FIXME: Use the proper destination once all fetch options are passed.
     parameters.options.destination = FetchOptions::Destination::EmptyString;
 
@@ -662,9 +663,29 @@ NetworkLoadMetrics WebLoaderStrategy::networkMetricsFromResourceLoadIdentifier(u
     return networkMetrics;
 }
 
-bool WebLoaderStrategy::isDoingLoadingSecurityChecks() const
+bool WebLoaderStrategy::shouldPerformSecurityChecks() const
 {
     return RuntimeEnabledFeatures::sharedFeatures().restrictedHTTPResponseAccess();
 }
 
+bool WebLoaderStrategy::havePerformedSecurityChecks(const ResourceResponse& response) const
+{
+    if (!shouldPerformSecurityChecks())
+        return false;
+    switch (response.source()) {
+    case ResourceResponse::Source::ApplicationCache:
+    case ResourceResponse::Source::MemoryCache:
+    case ResourceResponse::Source::MemoryCacheAfterValidation:
+    case ResourceResponse::Source::ServiceWorker:
+        return false;
+    case ResourceResponse::Source::DiskCache:
+    case ResourceResponse::Source::DiskCacheAfterValidation:
+    case ResourceResponse::Source::Network:
+    case ResourceResponse::Source::Unknown:
+        return true;
+    }
+    ASSERT_NOT_REACHED();
+    return false;
+}
+
 } // namespace WebKit
index 507216b..ed023fc 100644 (file)
@@ -94,7 +94,8 @@ private:
     WebCore::ResourceResponse responseFromResourceLoadIdentifier(uint64_t resourceLoadIdentifier) final;
     WebCore::NetworkLoadMetrics networkMetricsFromResourceLoadIdentifier(uint64_t resourceLoadIdentifier) final;
 
-    bool isDoingLoadingSecurityChecks() const final;
+    bool shouldPerformSecurityChecks() const final;
+    bool havePerformedSecurityChecks(const WebCore::ResourceResponse&) const final;
 
     HashSet<RefPtr<WebCore::ResourceLoader>> m_internallyFailedResourceLoaders;
     RunLoop::Timer<WebLoaderStrategy> m_internallyFailedLoadTimer;
index 788aa6f..c0bc4de 100644 (file)
@@ -471,8 +471,6 @@ WebPage::WebPage(uint64_t pageID, WebPageCreationParameters&& parameters)
     WebCore::provideUserMediaTo(m_page.get(), new WebUserMediaClient(*this));
 #endif
 
-    m_page->settings().setNetworkProcessCSPFrameAncestorsCheckingEnabled(true);
-
     m_page->setControlledByAutomation(parameters.controlledByAutomation);
 
 #if ENABLE(REMOTE_INSPECTOR)