WebKit1: Add a way to blacklist specific plug-ins/plug-in versions
authorandersca@apple.com <andersca@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Thu, 10 May 2012 22:45:41 +0000 (22:45 +0000)
committerandersca@apple.com <andersca@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Thu, 10 May 2012 22:45:41 +0000 (22:45 +0000)
https://bugs.webkit.org/show_bug.cgi?id=86150
<rdar://problem/9551196>

Reviewed by Sam Weinig.

Source/WebCore:

* English.lproj/Localizable.strings:
Update.

* loader/SubframeLoader.cpp:
(WebCore::SubframeLoader::loadPlugin):
It is possible that the client has already set the unavailability reason so don't try to set it twice.

* platform/LocalizedStrings.cpp:
(WebCore::insecurePluginVersionText):
* platform/LocalizedStrings.h:
Add insecure plug-in version text.

* rendering/RenderEmbeddedObject.cpp:
(WebCore::RenderEmbeddedObject::unavailablePluginReplacementText):
* rendering/RenderEmbeddedObject.h:
Add InsecurePluginVersion unavailability reason.

Source/WebKit/mac:

* Misc/WebKitErrors.h:
Add WebKitErrorInsecurePlugInVersion enum.

* Plugins/WebBasePluginPackage.h:
* Plugins/WebBasePluginPackage.mm:
(-[WebBasePluginPackage bundleIdentifier]):
(-[WebBasePluginPackage bundleVersion]):
Add bundleIdentifier and bundleVersion getters.

* WebCoreSupport/WebFrameLoaderClient.mm:
(WebFrameLoaderClient::createPlugin):
Check if the plug-in is blocked. If it is, set the unavailability reason and the error code.

WebKitLibraries:

Add WKShouldBlockPlugin.

* WebKitSystemInterface.h:
* libWebKitSystemInterfaceLion.a:
* libWebKitSystemInterfaceSnowLeopard.a:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@116695 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 files changed:
Source/WebCore/ChangeLog
Source/WebCore/English.lproj/Localizable.strings
Source/WebCore/loader/SubframeLoader.cpp
Source/WebCore/platform/LocalizedStrings.cpp
Source/WebCore/platform/LocalizedStrings.h
Source/WebCore/rendering/RenderEmbeddedObject.cpp
Source/WebCore/rendering/RenderEmbeddedObject.h
Source/WebKit/mac/ChangeLog
Source/WebKit/mac/Misc/WebKitErrors.h
Source/WebKit/mac/Plugins/WebBasePluginPackage.h
Source/WebKit/mac/Plugins/WebBasePluginPackage.mm
Source/WebKit/mac/WebCoreSupport/WebFrameLoaderClient.mm
WebKitLibraries/ChangeLog
WebKitLibraries/WebKitSystemInterface.h
WebKitLibraries/libWebKitSystemInterfaceLion.a
WebKitLibraries/libWebKitSystemInterfaceSnowLeopard.a

index d0a5aec..6ff81e2 100644 (file)
@@ -1,3 +1,28 @@
+2012-05-10  Anders Carlsson  <andersca@apple.com>
+
+        WebKit1: Add a way to blacklist specific plug-ins/plug-in versions
+        https://bugs.webkit.org/show_bug.cgi?id=86150
+        <rdar://problem/9551196>
+
+        Reviewed by Sam Weinig.
+
+        * English.lproj/Localizable.strings:
+        Update.
+
+        * loader/SubframeLoader.cpp:
+        (WebCore::SubframeLoader::loadPlugin):
+        It is possible that the client has already set the unavailability reason so don't try to set it twice.
+
+        * platform/LocalizedStrings.cpp:
+        (WebCore::insecurePluginVersionText):
+        * platform/LocalizedStrings.h:
+        Add insecure plug-in version text.
+
+        * rendering/RenderEmbeddedObject.cpp:
+        (WebCore::RenderEmbeddedObject::unavailablePluginReplacementText):
+        * rendering/RenderEmbeddedObject.h:
+        Add InsecurePluginVersion unavailability reason.
+
 2012-05-10  Eric Seidel  <eric@webkit.org>
 
         Make IFRAME_SEAMLESS child documents inherit styles from their parent iframe element
index ca3e1e9..6a3864a 100644 (file)
Binary files a/Source/WebCore/English.lproj/Localizable.strings and b/Source/WebCore/English.lproj/Localizable.strings differ
index a23c462..5153f4e 100644 (file)
@@ -376,7 +376,8 @@ bool SubframeLoader::loadPlugin(HTMLPlugInImageElement* pluginElement, const KUR
         pluginElement, url, paramNames, paramValues, mimeType, loadManually);
 
     if (!widget) {
-        renderer->setPluginUnavailabilityReason(RenderEmbeddedObject::PluginMissing);
+        if (!renderer->showsUnavailablePluginIndicator())
+            renderer->setPluginUnavailabilityReason(RenderEmbeddedObject::PluginMissing);
         return false;
     }
 
index 24c9aa4..3cb519c 100644 (file)
@@ -673,6 +673,11 @@ String crashedPluginText()
     return WEB_UI_STRING("Plug-in Failure", "Label text to be used if plugin host process has crashed");
 }
 
+String insecurePluginVersionText()
+{
+    return WEB_UI_STRING("Insecure Plug-In Version", "Label text to be used when an insecure plug-in version was blocked from loading");
+}
+
 String multipleFileUploadText(unsigned numberOfFiles)
 {
     return formatLocalizedString(WEB_UI_STRING("%d files", "Label to describe the number of files selected in a file upload control that allows multiple files"), numberOfFiles);
index cda8bd6..fe6686d 100644 (file)
@@ -167,6 +167,7 @@ namespace WebCore {
 
     String missingPluginText();
     String crashedPluginText();
+    String insecurePluginVersionText();
     String multipleFileUploadText(unsigned numberOfFiles);
     String unknownFileSizeText();
 
index d0f14bd..55cfcfd 100644 (file)
@@ -214,6 +214,8 @@ String RenderEmbeddedObject::unavailablePluginReplacementText() const
         return missingPluginText();
     case PluginCrashed:
         return crashedPluginText();
+    case InsecurePluginVersion:
+        return insecurePluginVersionText();
     }
 
     ASSERT_NOT_REACHED();
index f7428f4..3564ff2 100644 (file)
@@ -39,6 +39,7 @@ public:
     enum PluginUnavailabilityReason {
         PluginMissing,
         PluginCrashed,
+        InsecurePluginVersion
     };
     void setPluginUnavailabilityReason(PluginUnavailabilityReason);
     bool showsUnavailablePluginIndicator() const;
index cb19b0e..d234ade 100644 (file)
@@ -1,5 +1,26 @@
 2012-05-10  Anders Carlsson  <andersca@apple.com>
 
+        WebKit1: Add a way to blacklist specific plug-ins/plug-in versions
+        https://bugs.webkit.org/show_bug.cgi?id=86150
+        <rdar://problem/9551196>
+
+        Reviewed by Sam Weinig.
+
+        * Misc/WebKitErrors.h:
+        Add WebKitErrorInsecurePlugInVersion enum.
+
+        * Plugins/WebBasePluginPackage.h:
+        * Plugins/WebBasePluginPackage.mm:
+        (-[WebBasePluginPackage bundleIdentifier]):
+        (-[WebBasePluginPackage bundleVersion]):
+        Add bundleIdentifier and bundleVersion getters.
+
+        * WebCoreSupport/WebFrameLoaderClient.mm:
+        (WebFrameLoaderClient::createPlugin):
+        Check if the plug-in is blocked. If it is, set the unavailability reason and the error code.
+
+2012-05-10  Anders Carlsson  <andersca@apple.com>
+
         Rename the missing plug-in indicator to the unavailable plug-in indicator
         https://bugs.webkit.org/show_bug.cgi?id=86136
 
index e4cbdcc..ec47fe6 100644 (file)
@@ -56,4 +56,5 @@ enum {
     WebKitErrorCannotFindPlugIn =                               200,
     WebKitErrorCannotLoadPlugIn =                               201,
     WebKitErrorJavaUnavailable =                                202,
+    WebKitErrorInsecurePlugInVersion =                          203,
 };
index a42a82e..cf88464 100644 (file)
@@ -77,7 +77,8 @@ typedef void (*BP_CreatePluginMIMETypesPreferencesFuncPtr)(void);
 
 - (const WebCore::PluginInfo&)pluginInfo;
 
-- (WTF::String)bundleIdentifier;
+- (String)bundleIdentifier;
+- (String)bundleVersion;
 
 - (BOOL)supportsExtension:(const WTF::String&)extension;
 - (BOOL)supportsMIMEType:(const WTF::String&)MIMEType;
index 1d1409e..e4cd858 100644 (file)
@@ -463,11 +463,24 @@ static inline void swapIntsInHeader(uint32_t* rawData, size_t length)
     [pluginDatabases removeObject:database];
 }
 
-- (WTF::String)bundleIdentifier
+- (String)bundleIdentifier
 {
     return CFBundleGetIdentifier(cfBundle.get());
 }
 
+- (String)bundleVersion
+{
+    CFDictionaryRef infoDictionary = CFBundleGetInfoDictionary(cfBundle.get());
+    if (!infoDictionary)
+        return String();
+
+    CFTypeRef bundleVersionString = CFDictionaryGetValue(infoDictionary, kCFBundleVersionKey);
+    if (!bundleVersionString || CFGetTypeID(bundleVersionString) != CFStringGetTypeID())
+        return String();
+
+    return reinterpret_cast<CFStringRef>(bundleVersionString);
+}
+
 @end
 
 @implementation NSArray (WebPluginExtensions)
index b8ac274..f787bfb 100644 (file)
@@ -1665,25 +1665,31 @@ PassRefPtr<Widget> WebFrameLoaderClient::createPlugin(const IntSize& size, HTMLP
     NSView *view = nil;
 
     if (pluginPackage) {
-        if ([pluginPackage isKindOfClass:[WebPluginPackage class]])
-            view = pluginView(m_webFrame.get(), (WebPluginPackage *)pluginPackage, attributeKeys, kit(paramValues), baseURL, kit(element), loadManually);
-            
+        if (!WKShouldBlockPlugin([pluginPackage bundleIdentifier], [pluginPackage bundleVersion])) {
+            if ([pluginPackage isKindOfClass:[WebPluginPackage class]])
+                view = pluginView(m_webFrame.get(), (WebPluginPackage *)pluginPackage, attributeKeys, kit(paramValues), baseURL, kit(element), loadManually);
+
 #if ENABLE(NETSCAPE_PLUGIN_API)
-        else if ([pluginPackage isKindOfClass:[WebNetscapePluginPackage class]]) {
-            WebBaseNetscapePluginView *pluginView = [[[NETSCAPE_PLUGIN_VIEW alloc]
-                initWithFrame:NSMakeRect(0, 0, size.width(), size.height())
-                pluginPackage:(WebNetscapePluginPackage *)pluginPackage
-                URL:pluginURL
-                baseURL:baseURL
-                MIMEType:MIMEType
-                attributeKeys:attributeKeys
-                attributeValues:kit(paramValues)
-                loadManually:loadManually
-                element:element] autorelease];
-            
-            return adoptRef(new NetscapePluginWidget(pluginView));
-        } 
+            else if ([pluginPackage isKindOfClass:[WebNetscapePluginPackage class]]) {
+                WebBaseNetscapePluginView *pluginView = [[[NETSCAPE_PLUGIN_VIEW alloc]
+                    initWithFrame:NSMakeRect(0, 0, size.width(), size.height())
+                    pluginPackage:(WebNetscapePluginPackage *)pluginPackage
+                    URL:pluginURL
+                    baseURL:baseURL
+                    MIMEType:MIMEType
+                    attributeKeys:attributeKeys
+                    attributeValues:kit(paramValues)
+                    loadManually:loadManually
+                    element:element] autorelease];
+
+                return adoptRef(new NetscapePluginWidget(pluginView));
+            }
 #endif
+        } else {
+            errorCode = WebKitErrorInsecurePlugInVersion;
+            if (element->renderer()->isEmbeddedObject())
+                toRenderEmbeddedObject(element->renderer())->setPluginUnavailabilityReason(RenderEmbeddedObject::InsecurePluginVersion);
+        }
     } else
         errorCode = WebKitErrorCannotFindPlugIn;
 
index 2f63236..e8f0584 100644 (file)
@@ -1,3 +1,17 @@
+2012-05-10  Anders Carlsson  <andersca@apple.com>
+
+        WebKit1: Add a way to blacklist specific plug-ins/plug-in versions
+        https://bugs.webkit.org/show_bug.cgi?id=86150
+        <rdar://problem/9551196>
+
+        Reviewed by Sam Weinig.
+
+        Add WKShouldBlockPlugin.
+
+        * WebKitSystemInterface.h:
+        * libWebKitSystemInterfaceLion.a:
+        * libWebKitSystemInterfaceSnowLeopard.a:
+
 2012-05-08  Jon Lee  <jonlee@apple.com>
 
         Safari warns that it needs to resend the form in an iFrame when going back
index f43b30d..0351a8e 100644 (file)
@@ -92,6 +92,7 @@ void WKAccessibilityHandleFocusChanged(void);
 AXUIElementRef WKCreateAXUIElementRef(id element);
 void WKUnregisterUniqueIdForElement(id element);
 
+BOOL WKShouldBlockPlugin(NSString *bundleIdentifier, NSString *bundleVersionString);
 
 #if MAC_OS_X_VERSION_MIN_REQUIRED >= 1060
 // Remote Accessibility API.
index 43cdad5..0252234 100644 (file)
Binary files a/WebKitLibraries/libWebKitSystemInterfaceLion.a and b/WebKitLibraries/libWebKitSystemInterfaceLion.a differ
index baff54a..c59fc98 100644 (file)
Binary files a/WebKitLibraries/libWebKitSystemInterfaceSnowLeopard.a and b/WebKitLibraries/libWebKitSystemInterfaceSnowLeopard.a differ