Support sync-xhr feature policy
authoryouenn@apple.com <youenn@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Tue, 24 Sep 2019 06:59:52 +0000 (06:59 +0000)
committeryouenn@apple.com <youenn@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Tue, 24 Sep 2019 06:59:52 +0000 (06:59 +0000)
https://bugs.webkit.org/show_bug.cgi?id=202098

Reviewed by Alex Christensen.

LayoutTests/imported/w3c:

Update test to use hosts[alt][].

* web-platform-tests/xhr/xmlhttprequest-sync-default-feature-policy.sub-expected.txt:
* web-platform-tests/xhr/xmlhttprequest-sync-default-feature-policy.sub.html:

Source/WebCore:

Add support for sync-xhr feature policy parsing.
Use this feature policy to control use of sync XHR in documents
as per https://xhr.spec.whatwg.org/#the-send()-method step 12.

Covered by updated test.

* html/FeaturePolicy.cpp:
(WebCore::FeaturePolicy::parse):
(WebCore::FeaturePolicy::allows const):
* html/FeaturePolicy.h:
* xml/XMLHttpRequest.cpp:
(WebCore::isSyncXHRAllowedByFeaturePolicy):
(WebCore::XMLHttpRequest::createRequest):

LayoutTests:

* TestExpectations: enable test.
* platform/mac-wk1/imported/w3c/web-platform-tests/xhr/xmlhttprequest-sync-default-feature-policy.sub-expected.txt: Deleted.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@250288 268f45cc-cd09-0410-ab3c-d52691b4dbfc

LayoutTests/ChangeLog
LayoutTests/TestExpectations
LayoutTests/imported/w3c/ChangeLog
LayoutTests/imported/w3c/web-platform-tests/xhr/xmlhttprequest-sync-default-feature-policy.sub-expected.txt
LayoutTests/imported/w3c/web-platform-tests/xhr/xmlhttprequest-sync-default-feature-policy.sub.html
LayoutTests/platform/mac-wk1/imported/w3c/web-platform-tests/xhr/xmlhttprequest-sync-default-feature-policy.sub-expected.txt [deleted file]
Source/WebCore/ChangeLog
Source/WebCore/html/FeaturePolicy.cpp
Source/WebCore/html/FeaturePolicy.h
Source/WebCore/xml/XMLHttpRequest.cpp

index e43218f..fb8200a 100644 (file)
@@ -1,3 +1,13 @@
+2019-09-23  Youenn Fablet  <youenn@apple.com>
+
+        Support sync-xhr feature policy
+        https://bugs.webkit.org/show_bug.cgi?id=202098
+
+        Reviewed by Alex Christensen.
+
+        * TestExpectations: enable test.
+        * platform/mac-wk1/imported/w3c/web-platform-tests/xhr/xmlhttprequest-sync-default-feature-policy.sub-expected.txt: Deleted.
+
 2019-09-23  Alex Christensen  <achristensen@webkit.org>
 
         Fix WPT test html/browsers/offline/application-cache-api/api_swapcache_error.https.html
index f3f8957..c0b357a 100644 (file)
@@ -695,7 +695,6 @@ imported/w3c/web-platform-tests/payment-request [ Skip ]
 
 imported/w3c/web-platform-tests/xhr/send-redirect-bogus-sync.htm [ DumpJSConsoleLogInStdErr ]
 
-imported/w3c/web-platform-tests/xhr/xmlhttprequest-sync-default-feature-policy.sub.html [ Skip ]
 webkit.org/b/179607 imported/w3c/web-platform-tests/xhr/access-control-and-redirects-async.htm [ Pass Failure ]
 webkit.org/b/179607 imported/w3c/web-platform-tests/xhr/access-control-and-redirects-async-same-origin.htm [ Pass Failure ]
 webkit.org/b/179608 imported/w3c/web-platform-tests/xhr/access-control-preflight-async-header-denied.htm [ Failure ]
index 150363d..f82958a 100644 (file)
@@ -1,3 +1,15 @@
+2019-09-23  Youenn Fablet  <youenn@apple.com>
+
+        Support sync-xhr feature policy
+        https://bugs.webkit.org/show_bug.cgi?id=202098
+
+        Reviewed by Alex Christensen.
+
+        Update test to use hosts[alt][].
+
+        * web-platform-tests/xhr/xmlhttprequest-sync-default-feature-policy.sub-expected.txt:
+        * web-platform-tests/xhr/xmlhttprequest-sync-default-feature-policy.sub.html:
+
 2019-09-23  Alex Christensen  <achristensen@webkit.org>
 
         Fix WPT test html/browsers/offline/application-cache-api/api_swapcache_error.https.html
index 6e6e7e3..59e715b 100644 (file)
@@ -1,11 +1,6 @@
-Blocked access to external URL http://www.localhost:8800/XMLHttpRequest/xmlhttprequest-sync-default-feature-policy.sub.html#iframe#sync-xhr
-Blocked access to external URL http://www.localhost:8800/XMLHttpRequest/xmlhttprequest-sync-default-feature-policy.sub.html#iframe#sync-xhr
-
-
-Harness Error (TIMEOUT), message = null
 
 PASS Default "sync-xhr" feature policy ["*"] allows the top-level document. 
 PASS Default "sync-xhr" feature policy ["*"] allows same-origin iframes. 
-TIMEOUT Default "sync-xhr" feature policy ["*"] allows cross-origin iframes. Test timed out
-TIMEOUT Feature policy "sync-xhr" can be disabled in cross-origin iframes using "allow" attribute. Test timed out
+PASS Default "sync-xhr" feature policy ["*"] allows cross-origin iframes. 
+PASS Feature policy "sync-xhr" can be disabled in cross-origin iframes using "allow" attribute. 
 
index 5ad5557..ab5b78b 100644 (file)
@@ -9,7 +9,7 @@
   <script>
   'use strict';
   run_all_fp_tests_allow_all(
-      'http://{{domains[www]}}:{{ports[http][0]}}',
+      'http://{{hosts[alt][]}}:{{ports[http][0]}}',
       'sync-xhr',
       'NetworkError',
       () => {
diff --git a/LayoutTests/platform/mac-wk1/imported/w3c/web-platform-tests/xhr/xmlhttprequest-sync-default-feature-policy.sub-expected.txt b/LayoutTests/platform/mac-wk1/imported/w3c/web-platform-tests/xhr/xmlhttprequest-sync-default-feature-policy.sub-expected.txt
deleted file mode 100644 (file)
index 2e4d834..0000000
+++ /dev/null
@@ -1,11 +0,0 @@
-Blocked access to external URL http://www.localhost:8800/XMLHttpRequest/xmlhttprequest-sync-default-feature-policy.sub.html#iframe%23sync-xhr
-Blocked access to external URL http://www.localhost:8800/XMLHttpRequest/xmlhttprequest-sync-default-feature-policy.sub.html#iframe%23sync-xhr
-
-
-Harness Error (TIMEOUT), message = null
-
-PASS Default "sync-xhr" feature policy ["*"] allows the top-level document. 
-PASS Default "sync-xhr" feature policy ["*"] allows same-origin iframes. 
-TIMEOUT Default "sync-xhr" feature policy ["*"] allows cross-origin iframes. Test timed out
-TIMEOUT Feature policy "sync-xhr" can be disabled in cross-origin iframes using "allow" attribute. Test timed out
-
index 53c6146..99b0155 100644 (file)
@@ -1,3 +1,24 @@
+2019-09-23  Youenn Fablet  <youenn@apple.com>
+
+        Support sync-xhr feature policy
+        https://bugs.webkit.org/show_bug.cgi?id=202098
+
+        Reviewed by Alex Christensen.
+
+        Add support for sync-xhr feature policy parsing.
+        Use this feature policy to control use of sync XHR in documents
+        as per https://xhr.spec.whatwg.org/#the-send()-method step 12.
+
+        Covered by updated test.
+
+        * html/FeaturePolicy.cpp:
+        (WebCore::FeaturePolicy::parse):
+        (WebCore::FeaturePolicy::allows const):
+        * html/FeaturePolicy.h:
+        * xml/XMLHttpRequest.cpp:
+        (WebCore::isSyncXHRAllowedByFeaturePolicy):
+        (WebCore::XMLHttpRequest::createRequest):
+
 2019-09-23  Chris Dumez  <cdumez@apple.com>
 
         Drop unnecessary SessionID.h header includes
index 3da8742..e4342ae 100644 (file)
@@ -100,6 +100,7 @@ FeaturePolicy FeaturePolicy::parse(Document& document, StringView allowAttribute
     bool isCameraInitialized = false;
     bool isMicrophoneInitialized = false;
     bool isDisplayCaptureInitialized = false;
+    bool isSyncXHRInitialized = false;
     for (auto allowItem : allowAttributeValue.split(';')) {
         auto item = allowItem.stripLeadingAndTrailingMatchedCharacters(isHTMLSpace<UChar>);
         if (item.startsWith("camera")) {
@@ -117,6 +118,11 @@ FeaturePolicy FeaturePolicy::parse(Document& document, StringView allowAttribute
             updateList(document, policy.m_displayCaptureRule, item.substring(16));
             continue;
         }
+        if (item.startsWith("sync-xhr")) {
+            isSyncXHRInitialized = true;
+            updateList(document, policy.m_syncXHRRule, item.substring(8));
+            continue;
+        }
     }
 
     // By default, camera, microphone and display-capture policy is 'self'
@@ -127,6 +133,9 @@ FeaturePolicy FeaturePolicy::parse(Document& document, StringView allowAttribute
     if (!isDisplayCaptureInitialized)
         policy.m_displayCaptureRule.allowedList.add(document.securityOrigin().data());
 
+    if (!isSyncXHRInitialized)
+        policy.m_syncXHRRule.type = AllowRule::Type::All;
+
     return policy;
 }
 
@@ -139,6 +148,8 @@ bool FeaturePolicy::allows(Type type, const SecurityOriginData& origin) const
         return isAllowedByFeaturePolicy(m_microphoneRule, origin);
     case Type::DisplayCapture:
         return isAllowedByFeaturePolicy(m_displayCaptureRule, origin);
+    case Type::SyncXHR:
+        return isAllowedByFeaturePolicy(m_syncXHRRule, origin);
     }
     ASSERT_NOT_REACHED();
     return false;
index 3e91d94..fc71dfe 100644 (file)
@@ -37,7 +37,7 @@ class FeaturePolicy {
 public:
     static FeaturePolicy parse(Document&, StringView);
 
-    enum class Type { Camera, Microphone, DisplayCapture };
+    enum class Type { Camera, Microphone, DisplayCapture, SyncXHR };
     bool allows(Type, const SecurityOriginData&) const;
 
     struct AllowRule {
@@ -50,6 +50,7 @@ private:
     AllowRule m_cameraRule;
     AllowRule m_microphoneRule;
     AllowRule m_displayCaptureRule;
+    AllowRule m_syncXHRRule;
 };
 
 } // namespace WebCore
index 5535d7b..1117bcd 100644 (file)
@@ -33,6 +33,7 @@
 #include "EventNames.h"
 #include "File.h"
 #include "HTMLDocument.h"
+#include "HTMLIFrameElement.h"
 #include "HTTPHeaderNames.h"
 #include "HTTPHeaderValues.h"
 #include "HTTPParsers.h"
@@ -569,6 +570,23 @@ ExceptionOr<void> XMLHttpRequest::sendBytesData(const void* data, size_t length)
     return createRequest();
 }
 
+static inline bool isSyncXHRAllowedByFeaturePolicy(Document& document)
+{
+    auto& topDocument = document.topDocument();
+    if (&document != &topDocument) {
+        for (auto* ancestorDocument = &document; ancestorDocument != &topDocument; ancestorDocument = ancestorDocument->parentDocument()) {
+            auto* element = ancestorDocument->ownerElement();
+            ASSERT(element);
+            if (element && is<HTMLIFrameElement>(*element)) {
+                auto& featurePolicy = downcast<HTMLIFrameElement>(*element).featurePolicy();
+                if (!featurePolicy.allows(FeaturePolicy::Type::SyncXHR, ancestorDocument->securityOrigin().data()))
+                    return false;
+            }
+        }
+    }
+    return true;
+}
+
 ExceptionOr<void> XMLHttpRequest::createRequest()
 {
     // Only GET request is supported for blob URL.
@@ -642,6 +660,9 @@ ExceptionOr<void> XMLHttpRequest::createRequest()
         if (m_loader)
             setPendingActivity(*this);
     } else {
+        if (scriptExecutionContext()->isDocument() && !isSyncXHRAllowedByFeaturePolicy(*document()))
+            return Exception { NetworkError };
+
         request.setDomainForCachePartition(scriptExecutionContext()->domainForCachePartition());
         InspectorInstrumentation::willLoadXHRSynchronously(scriptExecutionContext());
         ThreadableLoader::loadResourceSynchronously(*scriptExecutionContext(), WTFMove(request), *this, options);