[GTK][WPE] Move TLS errors API from WebKitContext to WebKitWebsiteDataManager
authorcommit-queue@webkit.org <commit-queue@webkit.org@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Wed, 23 Sep 2020 22:14:15 +0000 (22:14 +0000)
committercommit-queue@webkit.org <commit-queue@webkit.org@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Wed, 23 Sep 2020 22:14:15 +0000 (22:14 +0000)
https://bugs.webkit.org/show_bug.cgi?id=216822

Patch by Carlos Garcia Campos <cgarcia@igalia.com> on 2020-09-23
Reviewed by Alex Christensen.

Source/WebCore:

Make ignoreTLSErrors a member of SoupNetworkSession, instead of being global.

* platform/network/soup/SoupNetworkSession.cpp:
(WebCore::SoupNetworkSession::setIgnoreTLSErrors):
(WebCore::SoupNetworkSession::checkTLSErrors):
(WebCore::SoupNetworkSession::setShouldIgnoreTLSErrors): Deleted.
* platform/network/soup/SoupNetworkSession.h:
* testing/InternalSettings.cpp:
(WebCore::InternalSettings::setAllowsAnySSLCertificate): Do not use SoupNetworkSession in the web process.

Source/WebKit:

Make TLS errors policy per session instead of global to the network process. The web context API now simply
forwards the request to the website data manager. The website data manager created for an ephemeral web view
will inherit the network settings from the web context website data manager. This ensures backwards
compatibility, but it's also convenient, since it's the desired behavior in most of the cases. Apps can still
change the network settings of the web view by getting the website data manager.

* NetworkProcess/NetworkProcess.h:
* NetworkProcess/NetworkProcess.messages.in:
* NetworkProcess/NetworkProcessCreationParameters.cpp:
(WebKit::NetworkProcessCreationParameters::encode const):
(WebKit::NetworkProcessCreationParameters::decode):
* NetworkProcess/NetworkProcessCreationParameters.h:
* NetworkProcess/NetworkSessionCreationParameters.cpp:
(WebKit::NetworkSessionCreationParameters::encode const):
(WebKit::NetworkSessionCreationParameters::decode):
* NetworkProcess/NetworkSessionCreationParameters.h:
* NetworkProcess/soup/NetworkDataTaskSoup.cpp:
(WebKit::NetworkDataTaskSoup::tlsConnectionAcceptCertificate):
* NetworkProcess/soup/NetworkProcessSoup.cpp:
(WebKit::NetworkProcess::platformInitializeNetworkProcess):
(WebKit::NetworkProcess::setIgnoreTLSErrors):
* NetworkProcess/soup/NetworkSessionSoup.cpp:
(WebKit::NetworkSessionSoup::NetworkSessionSoup):
(WebKit::webSocketAcceptCertificateCallback):
(WebKit::webSocketMessageNetworkEventCallback):
(WebKit::NetworkSessionSoup::createWebSocketTask):
(WebKit::NetworkSessionSoup::setIgnoreTLSErrors):
* NetworkProcess/soup/NetworkSessionSoup.h:
* UIProcess/API/glib/WebKitAutomationSession.cpp:
(webkitAutomationSessionCreate):
* UIProcess/API/glib/WebKitWebContext.cpp:
(webkitWebContextConstructed):
(webkit_web_context_set_tls_errors_policy):
(webkit_web_context_get_tls_errors_policy):
* UIProcess/API/glib/WebKitWebView.cpp:
(webkitWebViewConstructed):
(webkit_web_view_class_init):
(webkitWebViewLoadFailedWithTLSErrors):
* UIProcess/API/glib/WebKitWebsiteDataManager.cpp:
(webkitWebsiteDataManagerConstructed):
(webkitWebsiteDataManagerGetDataStore):
(webkit_website_data_manager_set_tls_errors_policy):
(webkit_website_data_manager_get_tls_errors_policy):
* UIProcess/API/gtk/WebKitWebContext.h:
* UIProcess/API/gtk/WebKitWebsiteDataManager.h:
* UIProcess/API/gtk/docs/webkit2gtk-4.0-sections.txt:
* UIProcess/API/wpe/WebKitWebContext.h:
* UIProcess/API/wpe/WebKitWebsiteDataManager.h:
* UIProcess/API/wpe/docs/wpe-1.0-sections.txt:
* UIProcess/WebProcessPool.h:
* UIProcess/WebsiteData/WebsiteDataStore.h:
(WebKit::WebsiteDataStore::ignoreTLSErrors const):
* UIProcess/WebsiteData/soup/WebsiteDataStoreSoup.cpp:
(WebKit::WebsiteDataStore::setIgnoreTLSErrors):
* UIProcess/soup/WebProcessPoolSoup.cpp:
(WebKit::WebProcessPool::platformInitializeNetworkProcess):
(WebKit::WebProcessPool::setIgnoreTLSErrors): Deleted.

Tools:

Update tests to use the new API instead of the deprecated one. Also update the TLSErrorsPolicy test to also
check that ephemeral web views inherit the network settings from its web context.

* TestWebKitAPI/Tests/WebKitGLib/TestSSL.cpp:
(testSSL):
(testInsecureContent):
(testTLSErrorsPolicy):
(testTLSErrorsRedirect):
(testTLSErrorsHTTPAuth):
(testLoadFailedWithTLSErrors):
(testSubresourceLoadFailedWithTLSErrors):
(testWebSocketTLSErrors):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@267502 268f45cc-cd09-0410-ab3c-d52691b4dbfc

31 files changed:
Source/WebCore/ChangeLog
Source/WebCore/platform/network/soup/SoupNetworkSession.cpp
Source/WebCore/platform/network/soup/SoupNetworkSession.h
Source/WebCore/testing/InternalSettings.cpp
Source/WebKit/ChangeLog
Source/WebKit/NetworkProcess/NetworkProcess.h
Source/WebKit/NetworkProcess/NetworkProcess.messages.in
Source/WebKit/NetworkProcess/NetworkProcessCreationParameters.cpp
Source/WebKit/NetworkProcess/NetworkProcessCreationParameters.h
Source/WebKit/NetworkProcess/NetworkSessionCreationParameters.cpp
Source/WebKit/NetworkProcess/NetworkSessionCreationParameters.h
Source/WebKit/NetworkProcess/soup/NetworkDataTaskSoup.cpp
Source/WebKit/NetworkProcess/soup/NetworkProcessSoup.cpp
Source/WebKit/NetworkProcess/soup/NetworkSessionSoup.cpp
Source/WebKit/NetworkProcess/soup/NetworkSessionSoup.h
Source/WebKit/UIProcess/API/glib/WebKitAutomationSession.cpp
Source/WebKit/UIProcess/API/glib/WebKitWebContext.cpp
Source/WebKit/UIProcess/API/glib/WebKitWebView.cpp
Source/WebKit/UIProcess/API/glib/WebKitWebsiteDataManager.cpp
Source/WebKit/UIProcess/API/gtk/WebKitWebContext.h
Source/WebKit/UIProcess/API/gtk/WebKitWebsiteDataManager.h
Source/WebKit/UIProcess/API/gtk/docs/webkit2gtk-4.0-sections.txt
Source/WebKit/UIProcess/API/wpe/WebKitWebContext.h
Source/WebKit/UIProcess/API/wpe/WebKitWebsiteDataManager.h
Source/WebKit/UIProcess/API/wpe/docs/wpe-1.0-sections.txt
Source/WebKit/UIProcess/WebProcessPool.h
Source/WebKit/UIProcess/WebsiteData/WebsiteDataStore.h
Source/WebKit/UIProcess/WebsiteData/soup/WebsiteDataStoreSoup.cpp
Source/WebKit/UIProcess/soup/WebProcessPoolSoup.cpp
Tools/ChangeLog
Tools/TestWebKitAPI/Tests/WebKitGLib/TestSSL.cpp

index 5957aba..9ae291a 100644 (file)
@@ -1,3 +1,20 @@
+2020-09-23  Carlos Garcia Campos  <cgarcia@igalia.com>
+
+        [GTK][WPE] Move TLS errors API from WebKitContext to WebKitWebsiteDataManager
+        https://bugs.webkit.org/show_bug.cgi?id=216822
+
+        Reviewed by Alex Christensen.
+
+        Make ignoreTLSErrors a member of SoupNetworkSession, instead of being global.
+
+        * platform/network/soup/SoupNetworkSession.cpp:
+        (WebCore::SoupNetworkSession::setIgnoreTLSErrors):
+        (WebCore::SoupNetworkSession::checkTLSErrors):
+        (WebCore::SoupNetworkSession::setShouldIgnoreTLSErrors): Deleted.
+        * platform/network/soup/SoupNetworkSession.h:
+        * testing/InternalSettings.cpp:
+        (WebCore::InternalSettings::setAllowsAnySSLCertificate): Do not use SoupNetworkSession in the web process.
+
 2020-09-23  Tim Horton  <timothy_horton@apple.com>
 
         Fix some typo'd wheel event listener logging
index 64795f4..c89f805 100644 (file)
@@ -44,8 +44,6 @@
 
 namespace WebCore {
 
-static bool gIgnoreTLSErrors;
-
 static CString& initialAcceptLanguages()
 {
     static NeverDestroyed<CString> storage;
@@ -325,17 +323,14 @@ void SoupNetworkSession::setAcceptLanguages(const CString& languages)
     g_object_set(m_soupSession.get(), "accept-language", languages.data(), nullptr);
 }
 
-void SoupNetworkSession::setShouldIgnoreTLSErrors(bool ignoreTLSErrors)
+void SoupNetworkSession::setIgnoreTLSErrors(bool ignoreTLSErrors)
 {
-    gIgnoreTLSErrors = ignoreTLSErrors;
+    m_ignoreTLSErrors = ignoreTLSErrors;
 }
 
 Optional<ResourceError> SoupNetworkSession::checkTLSErrors(const URL& requestURL, GTlsCertificate* certificate, GTlsCertificateFlags tlsErrors)
 {
-    if (gIgnoreTLSErrors)
-        return WTF::nullopt;
-
-    if (!tlsErrors)
+    if (m_ignoreTLSErrors || !tlsErrors)
         return WTF::nullopt;
 
     auto it = allowedCertificates().find(requestURL.host().toStringWithoutCopying());
index 9b9cb87..d06d77e 100644 (file)
@@ -66,8 +66,8 @@ public:
     static void setInitialAcceptLanguages(const CString&);
     void setAcceptLanguages(const CString&);
 
-    WEBCORE_EXPORT static void setShouldIgnoreTLSErrors(bool);
-    static Optional<ResourceError> checkTLSErrors(const URL&, GTlsCertificate*, GTlsCertificateFlags);
+    WEBCORE_EXPORT void setIgnoreTLSErrors(bool);
+    Optional<ResourceError> checkTLSErrors(const URL&, GTlsCertificate*, GTlsCertificateFlags);
     static void allowSpecificHTTPSCertificateForHost(const CertificateInfo&, const String& host);
 
     void getHostNamesWithHSTSCache(HashSet<String>&);
@@ -79,6 +79,7 @@ private:
 
     GRefPtr<SoupSession> m_soupSession;
     PAL::SessionID m_sessionID;
+    bool m_ignoreTLSErrors { false };
 };
 
 } // namespace WebCore
index 6a5b6f4..6b26b50 100644 (file)
 #include "ColorChooser.h"
 #endif
 
-#if USE(SOUP)
-#include "SoupNetworkSession.h"
-#endif
-
 #if ENABLE(WEB_AUDIO)
 #include "AudioContext.h"
 #endif
@@ -898,9 +894,6 @@ ExceptionOr<void> InternalSettings::setFrameFlattening(FrameFlatteningValue fram
 void InternalSettings::setAllowsAnySSLCertificate(bool allowsAnyCertificate)
 {
     DeprecatedGlobalSettings::setAllowsAnySSLCertificate(allowsAnyCertificate);
-#if USE(SOUP)
-    SoupNetworkSession::setShouldIgnoreTLSErrors(allowsAnyCertificate);
-#endif
 }
 
 ExceptionOr<bool> InternalSettings::deferredCSSParserEnabled()
index 9f5fbbe..0ed7b3c 100644 (file)
@@ -1,3 +1,68 @@
+2020-09-23  Carlos Garcia Campos  <cgarcia@igalia.com>
+
+        [GTK][WPE] Move TLS errors API from WebKitContext to WebKitWebsiteDataManager
+        https://bugs.webkit.org/show_bug.cgi?id=216822
+
+        Reviewed by Alex Christensen.
+
+        Make TLS errors policy per session instead of global to the network process. The web context API now simply
+        forwards the request to the website data manager. The website data manager created for an ephemeral web view
+        will inherit the network settings from the web context website data manager. This ensures backwards
+        compatibility, but it's also convenient, since it's the desired behavior in most of the cases. Apps can still
+        change the network settings of the web view by getting the website data manager.
+
+        * NetworkProcess/NetworkProcess.h:
+        * NetworkProcess/NetworkProcess.messages.in:
+        * NetworkProcess/NetworkProcessCreationParameters.cpp:
+        (WebKit::NetworkProcessCreationParameters::encode const):
+        (WebKit::NetworkProcessCreationParameters::decode):
+        * NetworkProcess/NetworkProcessCreationParameters.h:
+        * NetworkProcess/NetworkSessionCreationParameters.cpp:
+        (WebKit::NetworkSessionCreationParameters::encode const):
+        (WebKit::NetworkSessionCreationParameters::decode):
+        * NetworkProcess/NetworkSessionCreationParameters.h:
+        * NetworkProcess/soup/NetworkDataTaskSoup.cpp:
+        (WebKit::NetworkDataTaskSoup::tlsConnectionAcceptCertificate):
+        * NetworkProcess/soup/NetworkProcessSoup.cpp:
+        (WebKit::NetworkProcess::platformInitializeNetworkProcess):
+        (WebKit::NetworkProcess::setIgnoreTLSErrors):
+        * NetworkProcess/soup/NetworkSessionSoup.cpp:
+        (WebKit::NetworkSessionSoup::NetworkSessionSoup):
+        (WebKit::webSocketAcceptCertificateCallback):
+        (WebKit::webSocketMessageNetworkEventCallback):
+        (WebKit::NetworkSessionSoup::createWebSocketTask):
+        (WebKit::NetworkSessionSoup::setIgnoreTLSErrors):
+        * NetworkProcess/soup/NetworkSessionSoup.h:
+        * UIProcess/API/glib/WebKitAutomationSession.cpp:
+        (webkitAutomationSessionCreate):
+        * UIProcess/API/glib/WebKitWebContext.cpp:
+        (webkitWebContextConstructed):
+        (webkit_web_context_set_tls_errors_policy):
+        (webkit_web_context_get_tls_errors_policy):
+        * UIProcess/API/glib/WebKitWebView.cpp:
+        (webkitWebViewConstructed):
+        (webkit_web_view_class_init):
+        (webkitWebViewLoadFailedWithTLSErrors):
+        * UIProcess/API/glib/WebKitWebsiteDataManager.cpp:
+        (webkitWebsiteDataManagerConstructed):
+        (webkitWebsiteDataManagerGetDataStore):
+        (webkit_website_data_manager_set_tls_errors_policy):
+        (webkit_website_data_manager_get_tls_errors_policy):
+        * UIProcess/API/gtk/WebKitWebContext.h:
+        * UIProcess/API/gtk/WebKitWebsiteDataManager.h:
+        * UIProcess/API/gtk/docs/webkit2gtk-4.0-sections.txt:
+        * UIProcess/API/wpe/WebKitWebContext.h:
+        * UIProcess/API/wpe/WebKitWebsiteDataManager.h:
+        * UIProcess/API/wpe/docs/wpe-1.0-sections.txt:
+        * UIProcess/WebProcessPool.h:
+        * UIProcess/WebsiteData/WebsiteDataStore.h:
+        (WebKit::WebsiteDataStore::ignoreTLSErrors const):
+        * UIProcess/WebsiteData/soup/WebsiteDataStoreSoup.cpp:
+        (WebKit::WebsiteDataStore::setIgnoreTLSErrors):
+        * UIProcess/soup/WebProcessPoolSoup.cpp:
+        (WebKit::WebProcessPool::platformInitializeNetworkProcess):
+        (WebKit::WebProcessPool::setIgnoreTLSErrors): Deleted.
+
 2020-09-23  Per Arne Vollan  <pvollan@apple.com>
 
         [macOS] Issue sandbox extension for the diagnostic daemon
index aa73377..df4fcfd 100644 (file)
@@ -445,7 +445,7 @@ private:
     void flushCookies(const PAL::SessionID&, CompletionHandler<void()>&&);
 
 #if USE(SOUP)
-    void setIgnoreTLSErrors(bool);
+    void setIgnoreTLSErrors(PAL::SessionID, bool);
     void userPreferredLanguagesChanged(const Vector<String>&);
     void setNetworkProxySettings(const WebCore::SoupNetworkProxySettings&);
     void setPersistentCredentialStorageEnabled(PAL::SessionID, bool);
index d9ddde4..84e3340 100644 (file)
@@ -28,7 +28,7 @@ messages -> NetworkProcess LegacyReceiver {
     CreateNetworkConnectionToWebProcess(WebCore::ProcessIdentifier processIdentifier, PAL::SessionID sessionID) -> (Optional<IPC::Attachment> connectionIdentifier, enum:uint8_t WebCore::HTTPCookieAcceptPolicy cookieAcceptPolicy) Async
 
 #if USE(SOUP)
-    SetIgnoreTLSErrors(bool ignoreTLSErrors)
+    SetIgnoreTLSErrors(PAL::SessionID sessionID, bool ignoreTLSErrors)
     UserPreferredLanguagesChanged(Vector<String> languages)
     SetNetworkProxySettings(struct WebCore::SoupNetworkProxySettings settings)
     PrefetchDNS(String hostname)
index 9901c5c..0f84fd6 100644 (file)
@@ -58,7 +58,6 @@ void NetworkProcessCreationParameters::encode(IPC::Encoder& encoder) const
     encoder << defaultDataStoreParameters;
 #if USE(SOUP)
     encoder << cookieAcceptPolicy;
-    encoder << ignoreTLSErrors;
     encoder << languages;
     encoder << proxySettings;
 #endif
@@ -125,8 +124,6 @@ bool NetworkProcessCreationParameters::decode(IPC::Decoder& decoder, NetworkProc
 #if USE(SOUP)
     if (!decoder.decode(result.cookieAcceptPolicy))
         return false;
-    if (!decoder.decode(result.ignoreTLSErrors))
-        return false;
     if (!decoder.decode(result.languages))
         return false;
     if (!decoder.decode(result.proxySettings))
index 11ca5a1..7762182 100644 (file)
@@ -75,7 +75,6 @@ struct NetworkProcessCreationParameters {
     
 #if USE(SOUP)
     WebCore::HTTPCookieAcceptPolicy cookieAcceptPolicy { WebCore::HTTPCookieAcceptPolicy::AlwaysAccept };
-    bool ignoreTLSErrors { false };
     Vector<String> languages;
     WebCore::SoupNetworkProxySettings proxySettings;
 #endif
index 1ad5ae7..78ef099 100644 (file)
@@ -63,6 +63,7 @@ void NetworkSessionCreationParameters::encode(IPC::Encoder& encoder) const
     encoder << cookiePersistentStoragePath;
     encoder << cookiePersistentStorageType;
     encoder << persistentCredentialStorageEnabled;
+    encoder << ignoreTLSErrors;
 #endif
 #if USE(CURL)
     encoder << cookiePersistentStorageFile;
@@ -181,6 +182,11 @@ Optional<NetworkSessionCreationParameters> NetworkSessionCreationParameters::dec
     decoder >> persistentCredentialStorageEnabled;
     if (!persistentCredentialStorageEnabled)
         return WTF::nullopt;
+
+    Optional<bool> ignoreTLSErrors;
+    decoder >> ignoreTLSErrors;
+    if (!ignoreTLSErrors)
+        return WTF::nullopt;
 #endif
 
 #if USE(CURL)
@@ -299,6 +305,7 @@ Optional<NetworkSessionCreationParameters> NetworkSessionCreationParameters::dec
         , WTFMove(*cookiePersistentStoragePath)
         , WTFMove(*cookiePersistentStorageType)
         , WTFMove(*persistentCredentialStorageEnabled)
+        , WTFMove(*ignoreTLSErrors)
 #endif
 #if USE(CURL)
         , WTFMove(*cookiePersistentStorageFile)
index 1eb2290..fb0ef16 100644 (file)
@@ -75,6 +75,7 @@ struct NetworkSessionCreationParameters {
     String cookiePersistentStoragePath;
     SoupCookiePersistentStorageType cookiePersistentStorageType { SoupCookiePersistentStorageType::Text };
     bool persistentCredentialStorageEnabled { true };
+    bool ignoreTLSErrors { false };
 #endif
 #if USE(CURL)
     String cookiePersistentStorageFile;
index baa6783..545626c 100644 (file)
@@ -444,7 +444,7 @@ bool NetworkDataTaskSoup::tlsConnectionAcceptCertificate(GTlsCertificate* certif
 {
     ASSERT(m_soupRequest);
     URL url = soupURIToURL(soup_request_get_uri(m_soupRequest.get()));
-    auto error = SoupNetworkSession::checkTLSErrors(url, certificate, tlsErrors);
+    auto error = static_cast<NetworkSessionSoup&>(*m_session).soupNetworkSession().checkTLSErrors(url, certificate, tlsErrors);
     if (!error)
         return true;
 
index 41afdcc..64b1a77 100644 (file)
@@ -136,8 +136,6 @@ void NetworkProcess::platformInitializeNetworkProcess(const NetworkProcessCreati
 
     if (!parameters.languages.isEmpty())
         userPreferredLanguagesChanged(parameters.languages);
-
-    setIgnoreTLSErrors(parameters.ignoreTLSErrors);
 }
 
 std::unique_ptr<WebCore::NetworkStorageSession> NetworkProcess::platformCreateDefaultStorageSession() const
@@ -145,9 +143,10 @@ std::unique_ptr<WebCore::NetworkStorageSession> NetworkProcess::platformCreateDe
     return makeUnique<WebCore::NetworkStorageSession>(PAL::SessionID::defaultSessionID());
 }
 
-void NetworkProcess::setIgnoreTLSErrors(bool ignoreTLSErrors)
+void NetworkProcess::setIgnoreTLSErrors(PAL::SessionID sessionID, bool ignoreTLSErrors)
 {
-    SoupNetworkSession::setShouldIgnoreTLSErrors(ignoreTLSErrors);
+    if (auto* session = networkSession(sessionID))
+        static_cast<NetworkSessionSoup&>(*session).setIgnoreTLSErrors(ignoreTLSErrors);
 }
 
 void NetworkProcess::allowSpecificHTTPSCertificateForHost(const CertificateInfo& certificateInfo, const String& host)
index f575f3b..2ef3fcb 100644 (file)
@@ -47,6 +47,8 @@ NetworkSessionSoup::NetworkSessionSoup(NetworkProcess& networkProcess, NetworkSe
     auto* storageSession = networkStorageSession();
     ASSERT(storageSession);
 
+    setIgnoreTLSErrors(parameters.ignoreTLSErrors);
+
     if (!parameters.cookiePersistentStoragePath.isEmpty())
         setCookiePersistentStorage(parameters.cookiePersistentStoragePath, parameters.cookiePersistentStorageType);
     else
@@ -98,20 +100,22 @@ void NetworkSessionSoup::clearCredentials()
 #endif
 }
 
-static gboolean webSocketAcceptCertificateCallback(GTlsConnection*, GTlsCertificate* certificate, GTlsCertificateFlags errors, SoupMessage* soupMessage)
+static gboolean webSocketAcceptCertificateCallback(GTlsConnection* connection, GTlsCertificate* certificate, GTlsCertificateFlags errors, NetworkSessionSoup* session)
 {
     if (DeprecatedGlobalSettings::allowsAnySSLCertificate())
         return TRUE;
 
-    return !SoupNetworkSession::checkTLSErrors(soupURIToURL(soup_message_get_uri(soupMessage)), certificate, errors);
+    auto* soupMessage = static_cast<SoupMessage*>(g_object_get_data(G_OBJECT(connection), "wk-soup-message"));
+    return !session->soupNetworkSession().checkTLSErrors(soupURIToURL(soup_message_get_uri(soupMessage)), certificate, errors);
 }
 
-static void webSocketMessageNetworkEventCallback(SoupMessage* soupMessage, GSocketClientEvent event, GIOStream* connection)
+static void webSocketMessageNetworkEventCallback(SoupMessage* soupMessage, GSocketClientEvent event, GIOStream* connection, NetworkSessionSoup* session)
 {
     if (event != G_SOCKET_CLIENT_TLS_HANDSHAKING)
         return;
 
-    g_signal_connect(connection, "accept-certificate", G_CALLBACK(webSocketAcceptCertificateCallback), soupMessage);
+    g_object_set_data(G_OBJECT(connection), "wk-soup-message", soupMessage);
+    g_signal_connect(connection, "accept-certificate", G_CALLBACK(webSocketAcceptCertificateCallback), session);
 }
 
 std::unique_ptr<WebSocketTask> NetworkSessionSoup::createWebSocketTask(NetworkSocketChannel& channel, const ResourceRequest& request, const String& protocol)
@@ -123,8 +127,13 @@ std::unique_ptr<WebSocketTask> NetworkSessionSoup::createWebSocketTask(NetworkSo
     GRefPtr<SoupMessage> soupMessage = adoptGRef(soup_message_new_from_uri(SOUP_METHOD_GET, soupURI.get()));
     request.updateSoupMessage(soupMessage.get(), blobRegistry());
     if (request.url().protocolIs("wss"))
-        g_signal_connect(soupMessage.get(), "network-event", G_CALLBACK(webSocketMessageNetworkEventCallback), nullptr);
+        g_signal_connect(soupMessage.get(), "network-event", G_CALLBACK(webSocketMessageNetworkEventCallback), this);
     return makeUnique<WebSocketTask>(channel, soupSession(), soupMessage.get(), protocol);
 }
 
+void NetworkSessionSoup::setIgnoreTLSErrors(bool ignoreTLSErrors)
+{
+    m_networkSession->setIgnoreTLSErrors(ignoreTLSErrors);
+}
+
 } // namespace WebKit
index ebdac59..ac34fe9 100644 (file)
@@ -57,6 +57,8 @@ public:
     void setPersistentCredentialStorageEnabled(bool enabled) { m_persistentCredentialStorageEnabled = enabled; }
     bool persistentCredentialStorageEnabled() const { return m_persistentCredentialStorageEnabled; }
 
+    void setIgnoreTLSErrors(bool);
+
 private:
     std::unique_ptr<WebSocketTask> createWebSocketTask(NetworkSocketChannel&, const WebCore::ResourceRequest&, const String& protocol) final;
     void clearCredentials() final;
index dbbf5e9..37f0a44 100644 (file)
@@ -350,7 +350,8 @@ WebKitAutomationSession* webkitAutomationSessionCreate(WebKitWebContext* webCont
     auto* session = WEBKIT_AUTOMATION_SESSION(g_object_new(WEBKIT_TYPE_AUTOMATION_SESSION, "id", sessionID, nullptr));
     session->priv->webContext = webContext;
     if (capabilities.acceptInsecureCertificates)
-        webkit_web_context_set_tls_errors_policy(webContext, WEBKIT_TLS_ERRORS_POLICY_IGNORE);
+        webkit_website_data_manager_set_tls_errors_policy(webkit_web_context_get_website_data_manager(webContext), WEBKIT_TLS_ERRORS_POLICY_IGNORE);
+
     for (auto& certificate : capabilities.certificates) {
         GRefPtr<GTlsCertificate> tlsCertificate = adoptGRef(g_tls_certificate_new_from_file(certificate.second.utf8().data(), nullptr));
         if (tlsCertificate)
index 89be56a..fae6235 100644 (file)
@@ -222,7 +222,6 @@ struct _WebKitWebContextPrivate {
     GRefPtr<WebKitWebsiteDataManager> websiteDataManager;
 
     CString faviconDatabaseDirectory;
-    WebKitTLSErrorsPolicy tlsErrorsPolicy;
     WebKitProcessModel processModel;
 
     HashMap<WebPageProxyIdentifier, WebKitWebView*> webViews;
@@ -414,9 +413,6 @@ static void webkitWebContextConstructed(GObject* object)
 
     webkitWebsiteDataManagerAddProcessPool(priv->websiteDataManager.get(), *priv->processPool);
 
-    priv->tlsErrorsPolicy = WEBKIT_TLS_ERRORS_POLICY_FAIL;
-    priv->processPool->setIgnoreTLSErrors(false);
-
     priv->processModel = WEBKIT_PROCESS_MODEL_MULTIPLE_SECONDARY_PROCESSES;
 
 #if ENABLE(MEMORY_SAMPLER)
@@ -1496,18 +1492,14 @@ void webkit_web_context_set_preferred_languages(WebKitWebContext* context, const
  * @policy: a #WebKitTLSErrorsPolicy
  *
  * Set the TLS errors policy of @context as @policy
+ *
+ * Deprecated: 2.32. Use webkit_website_data_manager_set_tls_errors_policy() instead.
  */
 void webkit_web_context_set_tls_errors_policy(WebKitWebContext* context, WebKitTLSErrorsPolicy policy)
 {
     g_return_if_fail(WEBKIT_IS_WEB_CONTEXT(context));
 
-    if (context->priv->tlsErrorsPolicy == policy)
-        return;
-
-    context->priv->tlsErrorsPolicy = policy;
-    bool ignoreTLSErrors = policy == WEBKIT_TLS_ERRORS_POLICY_IGNORE;
-    if (context->priv->processPool->ignoreTLSErrors() != ignoreTLSErrors)
-        context->priv->processPool->setIgnoreTLSErrors(ignoreTLSErrors);
+    webkit_website_data_manager_set_tls_errors_policy(context->priv->websiteDataManager.get(), policy);
 }
 
 /**
@@ -1517,12 +1509,14 @@ void webkit_web_context_set_tls_errors_policy(WebKitWebContext* context, WebKitT
  * Get the TLS errors policy of @context
  *
  * Returns: a #WebKitTLSErrorsPolicy
+ *
+ * Deprecated: 2.32. Use webkit_website_data_manager_get_tls_errors_policy() instead.
  */
 WebKitTLSErrorsPolicy webkit_web_context_get_tls_errors_policy(WebKitWebContext* context)
 {
     g_return_val_if_fail(WEBKIT_IS_WEB_CONTEXT(context), WEBKIT_TLS_ERRORS_POLICY_IGNORE);
 
-    return context->priv->tlsErrorsPolicy;
+    return webkit_website_data_manager_get_tls_errors_policy(context->priv->websiteDataManager.get());
 }
 
 /**
index 191007b..b377007 100644 (file)
@@ -755,6 +755,8 @@ static void webkitWebViewConstructed(GObject* object)
 
     if (priv->isEphemeral && !webkit_web_context_is_ephemeral(priv->context.get())) {
         priv->websiteDataManager = adoptGRef(webkit_website_data_manager_new_ephemeral());
+        auto* contextDataManager = webkit_web_context_get_website_data_manager(priv->context.get());
+        webkit_website_data_manager_set_tls_errors_policy(priv->websiteDataManager.get(), webkit_website_data_manager_get_tls_errors_policy(contextDataManager));
         webkitWebsiteDataManagerAddProcessPool(priv->websiteDataManager.get(), webkitWebContextGetProcessPool(priv->context.get()));
     }
 
@@ -1192,9 +1194,14 @@ static void webkit_web_view_class_init(WebKitWebViewClass* webViewClass)
      * Whether the #WebKitWebView is ephemeral. An ephemeral web view never writes
      * website data to the client storage, no matter what #WebKitWebsiteDataManager
      * its context is using. This is normally used to implement private browsing mode.
-     * This is a %G_PARAM_CONSTRUCT_ONLY property, so you have to create a ephemeral
-     * #WebKitWebView and it can't be changed. Note that all #WebKitWebView<!-- -->s
-     * created with an ephemeral #WebKitWebContext will be ephemeral automatically.
+     * This is a %G_PARAM_CONSTRUCT_ONLY property, so you have to create an ephemeral
+     * #WebKitWebView and it can't be changed. The ephemeral #WebKitWebsiteDataManager
+     * created for the #WebKitWebView will inherit the network settings from the
+     * #WebKitWebContext<!-- -->'s #WebKitWebsiteDataManager. To use different settings
+     * you can get the #WebKitWebsiteDataManager with webkit_web_view_get_website_data_manager()
+     * and set the new ones.
+     * Note that all #WebKitWebView<!-- -->s created with an ephemeral #WebKitWebContext
+     * will be ephemeral automatically.
      * See also webkit_web_context_new_ephemeral().
      *
      * Since: 2.16
@@ -2356,7 +2363,8 @@ void webkitWebViewLoadFailedWithTLSErrors(WebKitWebView* webView, const char* fa
 {
     webkitWebViewCompleteAuthenticationRequest(webView);
 
-    WebKitTLSErrorsPolicy tlsErrorsPolicy = webkit_web_context_get_tls_errors_policy(webView->priv->context.get());
+    auto* websiteDataManager = webkit_web_view_get_website_data_manager(webView);
+    WebKitTLSErrorsPolicy tlsErrorsPolicy = webkit_website_data_manager_get_tls_errors_policy(websiteDataManager);
     if (tlsErrorsPolicy == WEBKIT_TLS_ERRORS_POLICY_FAIL) {
         gboolean returnValue;
         g_signal_emit(webView, signals[LOAD_FAILED_WITH_TLS_ERRORS], 0, failingURI, certificate, tlsErrors, &returnValue);
index e48c705..cdef182 100644 (file)
@@ -111,6 +111,7 @@ struct _WebKitWebsiteDataManagerPrivate {
     GUniquePtr<char> itpDirectory;
     GUniquePtr<char> swRegistrationsDirectory;
     GUniquePtr<char> domCacheDirectory;
+    WebKitTLSErrorsPolicy tlsErrorsPolicy;
 
     GRefPtr<WebKitCookieManager> cookieManager;
     Vector<WebProcessPool*> processPools;
@@ -241,6 +242,8 @@ static void webkitWebsiteDataManagerConstructed(GObject* object)
         if (!priv->domCacheDirectory)
             priv->domCacheDirectory.reset(g_build_filename(priv->baseCacheDirectory.get(), "CacheStorage", nullptr));
     }
+
+    priv->tlsErrorsPolicy = WEBKIT_TLS_ERRORS_POLICY_FAIL;
 }
 
 static void webkit_website_data_manager_class_init(WebKitWebsiteDataManagerClass* findClass)
@@ -489,6 +492,7 @@ WebKit::WebsiteDataStore& webkitWebsiteDataManagerGetDataStore(WebKitWebsiteData
         if (priv->domCacheDirectory)
             configuration->setCacheStorageDirectory(FileSystem::stringFromFileSystemRepresentation(priv->domCacheDirectory.get()));
         priv->websiteDataStore = WebKit::WebsiteDataStore::create(WTFMove(configuration), PAL::SessionID::defaultSessionID());
+        priv->websiteDataStore->setIgnoreTLSErrors(priv->tlsErrorsPolicy == WEBKIT_TLS_ERRORS_POLICY_IGNORE);
     }
 
     return *priv->websiteDataStore;
@@ -909,6 +913,43 @@ gboolean webkit_website_data_manager_get_persistent_credential_storage_enabled(W
     return webkitWebsiteDataManagerGetDataStore(manager).persistentCredentialStorageEnabled();
 }
 
+/**
+ * webkit_website_data_manager_set_tls_errors_policy:
+ * @manager: a #WebKitWebsiteDataManager
+ * @policy: a #WebKitTLSErrorsPolicy
+ *
+ * Set the TLS errors policy of @manager as @policy
+ *
+ * Since: 2.32
+ */
+void webkit_website_data_manager_set_tls_errors_policy(WebKitWebsiteDataManager* manager, WebKitTLSErrorsPolicy policy)
+{
+    g_return_if_fail(WEBKIT_IS_WEBSITE_DATA_MANAGER(manager));
+
+    if (manager->priv->tlsErrorsPolicy == policy)
+        return;
+
+    manager->priv->tlsErrorsPolicy = policy;
+    webkitWebsiteDataManagerGetDataStore(manager).setIgnoreTLSErrors(policy == WEBKIT_TLS_ERRORS_POLICY_IGNORE);
+}
+
+/**
+ * webkit_website_data_manager_get_tls_errors_policy:
+ * @manager: a #WebKitWebsiteDataManager
+ *
+ * Get the TLS errors policy of @manager
+ *
+ * Returns: a #WebKitTLSErrorsPolicy
+ *
+ * Since: 2.32
+ */
+WebKitTLSErrorsPolicy webkit_website_data_manager_get_tls_errors_policy(WebKitWebsiteDataManager* manager)
+{
+    g_return_val_if_fail(WEBKIT_IS_WEBSITE_DATA_MANAGER(manager), WEBKIT_TLS_ERRORS_POLICY_FAIL);
+
+    return manager->priv->tlsErrorsPolicy;
+}
+
 static OptionSet<WebsiteDataType> toWebsiteDataTypes(WebKitWebsiteDataTypes types)
 {
     OptionSet<WebsiteDataType> returnValue;
index dbf62bc..5078bc7 100644 (file)
@@ -89,21 +89,6 @@ typedef enum {
 } WebKitProcessModel;
 
 /**
- * WebKitTLSErrorsPolicy:
- * @WEBKIT_TLS_ERRORS_POLICY_IGNORE: Ignore TLS errors.
- * @WEBKIT_TLS_ERRORS_POLICY_FAIL: TLS errors will emit
- *   #WebKitWebView::load-failed-with-tls-errors and, if the signal is handled,
- *   finish the load. In case the signal is not handled,
- *   #WebKitWebView::load-failed is emitted before the load finishes.
- *
- * Enum values used to denote the TLS errors policy.
- */
-typedef enum {
-    WEBKIT_TLS_ERRORS_POLICY_IGNORE,
-    WEBKIT_TLS_ERRORS_POLICY_FAIL
-} WebKitTLSErrorsPolicy;
-
-/**
  * WebKitNetworkProxyMode:
  * @WEBKIT_NETWORK_PROXY_MODE_DEFAULT: Use the default proxy of the system.
  * @WEBKIT_NETWORK_PROXY_MODE_NO_PROXY: Do not use any proxy.
@@ -278,11 +263,11 @@ WEBKIT_API void
 webkit_web_context_set_preferred_languages          (WebKitWebContext              *context,
                                                      const gchar * const           *languages);
 
-WEBKIT_API void
+WEBKIT_DEPRECATED_FOR(webkit_website_data_manager_set_tls_errors_policy) void
 webkit_web_context_set_tls_errors_policy            (WebKitWebContext              *context,
                                                      WebKitTLSErrorsPolicy          policy);
 
-WEBKIT_API WebKitTLSErrorsPolicy
+WEBKIT_DEPRECATED_FOR(webkit_website_data_manager_get_tls_errors_policy) WebKitTLSErrorsPolicy
 webkit_web_context_get_tls_errors_policy            (WebKitWebContext              *context);
 
 WEBKIT_API void
index 6af6c02..3f67b04 100644 (file)
@@ -38,6 +38,21 @@ G_BEGIN_DECLS
 #define WEBKIT_IS_WEBSITE_DATA_MANAGER_CLASS(klass) (G_TYPE_CHECK_CLASS_TYPE((klass),  WEBKIT_TYPE_WEBSITE_DATA_MANAGER))
 #define WEBKIT_WEBSITE_DATA_MANAGER_GET_CLASS(obj)  (G_TYPE_INSTANCE_GET_CLASS((obj),  WEBKIT_TYPE_WEBSITE_DATA_MANAGER, WebKitWebsiteDataManagerClass))
 
+/**
+ * WebKitTLSErrorsPolicy:
+ * @WEBKIT_TLS_ERRORS_POLICY_IGNORE: Ignore TLS errors.
+ * @WEBKIT_TLS_ERRORS_POLICY_FAIL: TLS errors will emit
+ *   #WebKitWebView::load-failed-with-tls-errors and, if the signal is handled,
+ *   finish the load. In case the signal is not handled,
+ *   #WebKitWebView::load-failed is emitted before the load finishes.
+ *
+ * Enum values used to denote the TLS errors policy.
+ */
+typedef enum {
+    WEBKIT_TLS_ERRORS_POLICY_IGNORE,
+    WEBKIT_TLS_ERRORS_POLICY_FAIL
+} WebKitTLSErrorsPolicy;
+
 typedef struct _WebKitWebsiteDataManager        WebKitWebsiteDataManager;
 typedef struct _WebKitWebsiteDataManagerClass   WebKitWebsiteDataManagerClass;
 typedef struct _WebKitWebsiteDataManagerPrivate WebKitWebsiteDataManagerPrivate;
@@ -120,6 +135,13 @@ WEBKIT_API gboolean
 webkit_website_data_manager_get_persistent_credential_storage_enabled (WebKitWebsiteDataManager *manager);
 
 WEBKIT_API void
+webkit_website_data_manager_set_tls_errors_policy                     (WebKitWebsiteDataManager *manager,
+                                                                       WebKitTLSErrorsPolicy     policy);
+
+WEBKIT_API WebKitTLSErrorsPolicy
+webkit_website_data_manager_get_tls_errors_policy                     (WebKitWebsiteDataManager *manager);
+
+WEBKIT_API void
 webkit_website_data_manager_fetch                                     (WebKitWebsiteDataManager *manager,
                                                                        WebKitWebsiteDataTypes    types,
                                                                        GCancellable             *cancellable,
index 2dabccc..1dcea01 100644 (file)
@@ -26,7 +26,6 @@ WEBKIT_DEPRECATED_FOR
 WebKitWebContext
 WebKitCacheModel
 WebKitProcessModel
-WebKitTLSErrorsPolicy
 WebKitNetworkProxyMode
 webkit_web_context_get_default
 webkit_web_context_new
@@ -1453,6 +1452,7 @@ webkit_security_origin_get_type
 <SECTION>
 <FILE>WebKitWebsiteDataManager</FILE>
 WebKitWebsiteDataManager
+WebKitTLSErrorsPolicy
 webkit_website_data_manager_new
 webkit_website_data_manager_new_ephemeral
 webkit_website_data_manager_is_ephemeral
@@ -1472,6 +1472,8 @@ webkit_website_data_manager_set_itp_enabled
 webkit_website_data_manager_get_itp_enabled
 webkit_website_data_manager_set_persistent_credential_storage_enabled
 webkit_website_data_manager_get_persistent_credential_storage_enabled
+webkit_website_data_manager_set_tls_errors_policy
+webkit_website_data_manager_get_tls_errors_policy
 webkit_website_data_manager_fetch
 webkit_website_data_manager_fetch_finish
 webkit_website_data_manager_remove
index 98d6929..2cc7047 100644 (file)
@@ -89,21 +89,6 @@ typedef enum {
 } WebKitProcessModel;
 
 /**
- * WebKitTLSErrorsPolicy:
- * @WEBKIT_TLS_ERRORS_POLICY_IGNORE: Ignore TLS errors.
- * @WEBKIT_TLS_ERRORS_POLICY_FAIL: TLS errors will emit
- *   #WebKitWebView::load-failed-with-tls-errors and, if the signal is handled,
- *   finish the load. In case the signal is not handled,
- *   #WebKitWebView::load-failed is emitted before the load finishes.
- *
- * Enum values used to denote the TLS errors policy.
- */
-typedef enum {
-    WEBKIT_TLS_ERRORS_POLICY_IGNORE,
-    WEBKIT_TLS_ERRORS_POLICY_FAIL
-} WebKitTLSErrorsPolicy;
-
-/**
  * WebKitNetworkProxyMode:
  * @WEBKIT_NETWORK_PROXY_MODE_DEFAULT: Use the default proxy of the system.
  * @WEBKIT_NETWORK_PROXY_MODE_NO_PROXY: Do not use any proxy.
@@ -278,11 +263,11 @@ WEBKIT_API void
 webkit_web_context_set_preferred_languages          (WebKitWebContext              *context,
                                                      const gchar * const           *languages);
 
-WEBKIT_API void
+WEBKIT_DEPRECATED_FOR(webkit_website_data_manager_set_tls_errors_policy) void
 webkit_web_context_set_tls_errors_policy            (WebKitWebContext              *context,
                                                      WebKitTLSErrorsPolicy          policy);
 
-WEBKIT_API WebKitTLSErrorsPolicy
+WEBKIT_DEPRECATED_FOR(webkit_website_data_manager_get_tls_errors_policy) WebKitTLSErrorsPolicy
 webkit_web_context_get_tls_errors_policy            (WebKitWebContext              *context);
 
 WEBKIT_API void
index 4231216..39f4e87 100644 (file)
@@ -38,6 +38,21 @@ G_BEGIN_DECLS
 #define WEBKIT_IS_WEBSITE_DATA_MANAGER_CLASS(klass) (G_TYPE_CHECK_CLASS_TYPE((klass),  WEBKIT_TYPE_WEBSITE_DATA_MANAGER))
 #define WEBKIT_WEBSITE_DATA_MANAGER_GET_CLASS(obj)  (G_TYPE_INSTANCE_GET_CLASS((obj),  WEBKIT_TYPE_WEBSITE_DATA_MANAGER, WebKitWebsiteDataManagerClass))
 
+/**
+ * WebKitTLSErrorsPolicy:
+ * @WEBKIT_TLS_ERRORS_POLICY_IGNORE: Ignore TLS errors.
+ * @WEBKIT_TLS_ERRORS_POLICY_FAIL: TLS errors will emit
+ *   #WebKitWebView::load-failed-with-tls-errors and, if the signal is handled,
+ *   finish the load. In case the signal is not handled,
+ *   #WebKitWebView::load-failed is emitted before the load finishes.
+ *
+ * Enum values used to denote the TLS errors policy.
+ */
+typedef enum {
+    WEBKIT_TLS_ERRORS_POLICY_IGNORE,
+    WEBKIT_TLS_ERRORS_POLICY_FAIL
+} WebKitTLSErrorsPolicy;
+
 typedef struct _WebKitWebsiteDataManager        WebKitWebsiteDataManager;
 typedef struct _WebKitWebsiteDataManagerClass   WebKitWebsiteDataManagerClass;
 typedef struct _WebKitWebsiteDataManagerPrivate WebKitWebsiteDataManagerPrivate;
@@ -120,6 +135,13 @@ WEBKIT_API gboolean
 webkit_website_data_manager_get_persistent_credential_storage_enabled (WebKitWebsiteDataManager *manager);
 
 WEBKIT_API void
+webkit_website_data_manager_set_tls_errors_policy                     (WebKitWebsiteDataManager *manager,
+                                                                       WebKitTLSErrorsPolicy     policy);
+
+WEBKIT_API WebKitTLSErrorsPolicy
+webkit_website_data_manager_get_tls_errors_policy                     (WebKitWebsiteDataManager *manager);
+
+WEBKIT_API void
 webkit_website_data_manager_fetch                                     (WebKitWebsiteDataManager *manager,
                                                                        WebKitWebsiteDataTypes    types,
                                                                        GCancellable             *cancellable,
index 155ae65..8ba9226 100644 (file)
@@ -4,7 +4,6 @@
 WebKitWebContext
 WebKitCacheModel
 WebKitProcessModel
-WebKitTLSErrorsPolicy
 WebKitNetworkProxyMode
 webkit_web_context_get_default
 webkit_web_context_new
@@ -1387,6 +1386,7 @@ webkit_security_origin_get_type
 <SECTION>
 <FILE>WebKitWebsiteDataManager</FILE>
 WebKitWebsiteDataManager
+WebKitTLSErrorsPolicy
 webkit_website_data_manager_new
 webkit_website_data_manager_new_ephemeral
 webkit_website_data_manager_is_ephemeral
@@ -1406,6 +1406,8 @@ webkit_website_data_manager_set_itp_enabled
 webkit_website_data_manager_get_itp_enabled
 webkit_website_data_manager_set_persistent_credential_storage_enabled
 webkit_website_data_manager_get_persistent_credential_storage_enabled
+webkit_website_data_manager_set_tls_errors_policy
+webkit_website_data_manager_get_tls_errors_policy
 webkit_website_data_manager_fetch
 webkit_website_data_manager_fetch_finish
 webkit_website_data_manager_remove
index d1f1fe9..d4ba180 100644 (file)
@@ -414,11 +414,6 @@ public:
 
     void windowServerConnectionStateChanged();
 
-#if USE(SOUP)
-    void setIgnoreTLSErrors(bool);
-    bool ignoreTLSErrors() const { return m_ignoreTLSErrors; }
-#endif
-
     static void setInvalidMessageCallback(void (*)(WKStringRef));
     static void didReceiveInvalidMessage(IPC::MessageName);
 
@@ -718,10 +713,6 @@ private:
 
     HashMap<uint64_t, RefPtr<DictionaryCallback>> m_dictionaryCallbacks;
 
-#if USE(SOUP)
-    bool m_ignoreTLSErrors { true };
-#endif
-
     bool m_memoryCacheDisabled { false };
     bool m_javaScriptConfigurationFileEnabled { false };
     String m_javaScriptConfigurationDirectory;
index 0dc91f2..2ade720 100644 (file)
@@ -259,6 +259,8 @@ public:
 #if USE(SOUP)
     void setPersistentCredentialStorageEnabled(bool);
     bool persistentCredentialStorageEnabled() const { return m_persistentCredentialStorageEnabled && isPersistent(); }
+    void setIgnoreTLSErrors(bool);
+    bool ignoreTLSErrors() const { return m_ignoreTLSErrors; }
 #endif
 
     static void allowWebsiteDataRecordsForAllOrigins();
@@ -395,6 +397,7 @@ private:
 
 #if USE(SOUP)
     bool m_persistentCredentialStorageEnabled { true };
+    bool m_ignoreTLSErrors { true };
 #endif
 
     HashSet<WebCore::Cookie> m_pendingCookies;
index 12f9cd8..0d7061b 100644 (file)
@@ -56,4 +56,14 @@ void WebsiteDataStore::setPersistentCredentialStorageEnabled(bool enabled)
         processPool->sendToNetworkingProcess(Messages::NetworkProcess::SetPersistentCredentialStorageEnabled(m_sessionID, m_persistentCredentialStorageEnabled));
 }
 
+void WebsiteDataStore::setIgnoreTLSErrors(bool ignoreTLSErrors)
+{
+    if (m_ignoreTLSErrors == ignoreTLSErrors)
+        return;
+
+    m_ignoreTLSErrors = ignoreTLSErrors;
+    for (auto& processPool : processPools())
+        processPool->sendToNetworkingProcess(Messages::NetworkProcess::SetIgnoreTLSErrors(m_sessionID, m_ignoreTLSErrors));
+}
+
 } // namespace WebKit
index bfbbf96..f970df4 100644 (file)
@@ -39,23 +39,17 @@ void WebProcessPool::platformInitializeNetworkProcess(NetworkProcessCreationPara
 {
     NetworkSessionCreationParameters& defaultSessionParameters = parameters.defaultDataStoreParameters.networkSessionParameters;
     supplement<WebCookieManagerProxy>()->getCookiePersistentStorage(defaultSessionParameters.sessionID, defaultSessionParameters.cookiePersistentStoragePath, defaultSessionParameters.cookiePersistentStorageType);
-    if (m_websiteDataStore)
+    if (m_websiteDataStore) {
         defaultSessionParameters.persistentCredentialStorageEnabled = m_websiteDataStore->persistentCredentialStorageEnabled();
+        defaultSessionParameters.ignoreTLSErrors = m_websiteDataStore->ignoreTLSErrors();
+    }
 
     parameters.cookieAcceptPolicy = m_initialHTTPCookieAcceptPolicy;
-    parameters.ignoreTLSErrors = m_ignoreTLSErrors;
     parameters.languages = userPreferredLanguages();
     parameters.proxySettings = m_networkProxySettings;
     parameters.shouldEnableITPDatabase = true;
 }
 
-void WebProcessPool::setIgnoreTLSErrors(bool ignoreTLSErrors)
-{
-    m_ignoreTLSErrors = ignoreTLSErrors;
-    if (networkProcess())
-        networkProcess()->send(Messages::NetworkProcess::SetIgnoreTLSErrors(m_ignoreTLSErrors), 0);
-}
-
 void WebProcessPool::setNetworkProxySettings(const WebCore::SoupNetworkProxySettings& settings)
 {
     m_networkProxySettings = settings;
index 9ae31c1..2bfaeae 100644 (file)
@@ -1,3 +1,23 @@
+2020-09-23  Carlos Garcia Campos  <cgarcia@igalia.com>
+
+        [GTK][WPE] Move TLS errors API from WebKitContext to WebKitWebsiteDataManager
+        https://bugs.webkit.org/show_bug.cgi?id=216822
+
+        Reviewed by Alex Christensen.
+
+        Update tests to use the new API instead of the deprecated one. Also update the TLSErrorsPolicy test to also
+        check that ephemeral web views inherit the network settings from its web context.
+
+        * TestWebKitAPI/Tests/WebKitGLib/TestSSL.cpp:
+        (testSSL):
+        (testInsecureContent):
+        (testTLSErrorsPolicy):
+        (testTLSErrorsRedirect):
+        (testTLSErrorsHTTPAuth):
+        (testLoadFailedWithTLSErrors):
+        (testSubresourceLoadFailedWithTLSErrors):
+        (testWebSocketTLSErrors):
+
 2020-09-23  Jonathan Bedard  <jbedard@apple.com>
 
         Force SYSTEM_VERSION_COMPAT=0 in Webkit scripts
index 12290e2..9f489db 100644 (file)
@@ -66,9 +66,9 @@ public:
 
 static void testSSL(SSLTest* test, gconstpointer)
 {
-    WebKitWebContext* context = webkit_web_view_get_context(test->m_webView);
-    WebKitTLSErrorsPolicy originalPolicy = webkit_web_context_get_tls_errors_policy(context);
-    webkit_web_context_set_tls_errors_policy(context, WEBKIT_TLS_ERRORS_POLICY_IGNORE);
+    auto* websiteDataManager = webkit_web_context_get_website_data_manager(test->m_webContext.get());
+    WebKitTLSErrorsPolicy originalPolicy = webkit_website_data_manager_get_tls_errors_policy(websiteDataManager);
+    webkit_website_data_manager_set_tls_errors_policy(websiteDataManager, WEBKIT_TLS_ERRORS_POLICY_IGNORE);
 
     test->loadURI(kHttpsServer->getURIForPath("/").data());
     test->waitUntilLoadFinished();
@@ -85,7 +85,7 @@ static void testSSL(SSLTest* test, gconstpointer)
     g_assert_null(test->m_certificate);
     g_assert_cmpuint(test->m_tlsErrors, ==, 0);
 
-    webkit_web_context_set_tls_errors_policy(context, originalPolicy);
+    webkit_website_data_manager_set_tls_errors_policy(websiteDataManager, originalPolicy);
 }
 
 class InsecureContentTest: public WebViewTest {
@@ -116,9 +116,9 @@ public:
 
 static void testInsecureContent(InsecureContentTest* test, gconstpointer)
 {
-    WebKitWebContext* context = webkit_web_view_get_context(test->m_webView);
-    WebKitTLSErrorsPolicy originalPolicy = webkit_web_context_get_tls_errors_policy(context);
-    webkit_web_context_set_tls_errors_policy(context, WEBKIT_TLS_ERRORS_POLICY_IGNORE);
+    auto* websiteDataManager = webkit_web_context_get_website_data_manager(test->m_webContext.get());
+    WebKitTLSErrorsPolicy originalPolicy = webkit_website_data_manager_get_tls_errors_policy(websiteDataManager);
+    webkit_website_data_manager_set_tls_errors_policy(websiteDataManager, WEBKIT_TLS_ERRORS_POLICY_IGNORE);
 
     test->loadURI(kHttpsServer->getURIForPath("/insecure-content/").data());
     test->waitUntilLoadFinished();
@@ -128,16 +128,16 @@ static void testInsecureContent(InsecureContentTest* test, gconstpointer)
     // https://bugs.webkit.org/show_bug.cgi?id=142469
     g_assert_true(test->m_insecureContentDisplayed);
 
-    webkit_web_context_set_tls_errors_policy(context, originalPolicy);
+    webkit_website_data_manager_set_tls_errors_policy(websiteDataManager, originalPolicy);
 }
 
 static bool assertIfSSLRequestProcessed = false;
 
 static void testTLSErrorsPolicy(SSLTest* test, gconstpointer)
 {
-    WebKitWebContext* context = webkit_web_view_get_context(test->m_webView);
+    auto* websiteDataManager = webkit_web_context_get_website_data_manager(test->m_webContext.get());
     // TLS errors are treated as transport failures by default.
-    g_assert_cmpint(webkit_web_context_get_tls_errors_policy(context), ==, WEBKIT_TLS_ERRORS_POLICY_FAIL);
+    g_assert_cmpint(webkit_website_data_manager_get_tls_errors_policy(websiteDataManager), ==, WEBKIT_TLS_ERRORS_POLICY_FAIL);
 
     assertIfSSLRequestProcessed = true;
     test->loadURI(kHttpsServer->getURIForPath("/").data());
@@ -147,23 +147,37 @@ static void testTLSErrorsPolicy(SSLTest* test, gconstpointer)
     g_assert_false(test->m_loadEvents.contains(LoadTrackingTest::LoadCommitted));
     assertIfSSLRequestProcessed = false;
 
-    webkit_web_context_set_tls_errors_policy(context, WEBKIT_TLS_ERRORS_POLICY_IGNORE);
-    g_assert_cmpint(webkit_web_context_get_tls_errors_policy(context), ==, WEBKIT_TLS_ERRORS_POLICY_IGNORE);
+    webkit_website_data_manager_set_tls_errors_policy(websiteDataManager, WEBKIT_TLS_ERRORS_POLICY_IGNORE);
+    g_assert_cmpint(webkit_website_data_manager_get_tls_errors_policy(websiteDataManager), ==, WEBKIT_TLS_ERRORS_POLICY_IGNORE);
 
     test->m_loadFailed = false;
     test->loadURI(kHttpsServer->getURIForPath("/").data());
     test->waitUntilLoadFinished();
     g_assert_false(test->m_loadFailed);
 
-    webkit_web_context_set_tls_errors_policy(context, WEBKIT_TLS_ERRORS_POLICY_FAIL);
-    g_assert_cmpint(webkit_web_context_get_tls_errors_policy(context), ==, WEBKIT_TLS_ERRORS_POLICY_FAIL);
+    // An ephemeral web view should keep the same network settings by default.
+    auto webView = Test::adoptView(g_object_new(WEBKIT_TYPE_WEB_VIEW,
+#if PLATFORM(WPE)
+        "backend", Test::createWebViewBackend(),
+#endif
+        "web-context", test->m_webContext.get(),
+        "is-ephemeral", TRUE,
+        nullptr));
+    g_assert_true(webkit_web_view_is_ephemeral(webView.get()));
+    g_assert_false(webkit_web_context_is_ephemeral(test->m_webContext.get()));
+    auto* webViewDataManager = webkit_web_view_get_website_data_manager(webView.get());
+    g_assert_false(websiteDataManager == webViewDataManager);
+    g_assert_cmpint(webkit_website_data_manager_get_tls_errors_policy(websiteDataManager), ==, webkit_website_data_manager_get_tls_errors_policy(webViewDataManager));
+
+    webkit_website_data_manager_set_tls_errors_policy(websiteDataManager, WEBKIT_TLS_ERRORS_POLICY_FAIL);
+    g_assert_cmpint(webkit_website_data_manager_get_tls_errors_policy(websiteDataManager), ==, WEBKIT_TLS_ERRORS_POLICY_FAIL);
 }
 
 static void testTLSErrorsRedirect(SSLTest* test, gconstpointer)
 {
-    WebKitWebContext* context = webkit_web_view_get_context(test->m_webView);
-    WebKitTLSErrorsPolicy originalPolicy = webkit_web_context_get_tls_errors_policy(context);
-    webkit_web_context_set_tls_errors_policy(context, WEBKIT_TLS_ERRORS_POLICY_FAIL);
+    auto* websiteDataManager = webkit_web_context_get_website_data_manager(test->m_webContext.get());
+    WebKitTLSErrorsPolicy originalPolicy = webkit_website_data_manager_get_tls_errors_policy(websiteDataManager);
+    webkit_website_data_manager_set_tls_errors_policy(websiteDataManager, WEBKIT_TLS_ERRORS_POLICY_FAIL);
 
     assertIfSSLRequestProcessed = true;
     test->loadURI(kHttpsServer->getURIForPath("/redirect").data());
@@ -173,7 +187,7 @@ static void testTLSErrorsRedirect(SSLTest* test, gconstpointer)
     g_assert_false(test->m_loadEvents.contains(LoadTrackingTest::LoadCommitted));
     assertIfSSLRequestProcessed = false;
 
-    webkit_web_context_set_tls_errors_policy(context, originalPolicy);
+    webkit_website_data_manager_set_tls_errors_policy(websiteDataManager, originalPolicy);
 }
 
 static gboolean webViewAuthenticationCallback(WebKitWebView*, WebKitAuthenticationRequest* request)
@@ -185,9 +199,9 @@ static gboolean webViewAuthenticationCallback(WebKitWebView*, WebKitAuthenticati
 
 static void testTLSErrorsHTTPAuth(SSLTest* test, gconstpointer)
 {
-    WebKitWebContext* context = webkit_web_view_get_context(test->m_webView);
-    WebKitTLSErrorsPolicy originalPolicy = webkit_web_context_get_tls_errors_policy(context);
-    webkit_web_context_set_tls_errors_policy(context, WEBKIT_TLS_ERRORS_POLICY_FAIL);
+    auto* websiteDataManager = webkit_web_context_get_website_data_manager(test->m_webContext.get());
+    WebKitTLSErrorsPolicy originalPolicy = webkit_website_data_manager_get_tls_errors_policy(websiteDataManager);
+    webkit_website_data_manager_set_tls_errors_policy(websiteDataManager, WEBKIT_TLS_ERRORS_POLICY_FAIL);
 
     assertIfSSLRequestProcessed = true;
     g_signal_connect(test->m_webView, "authenticate", G_CALLBACK(webViewAuthenticationCallback), NULL);
@@ -198,7 +212,7 @@ static void testTLSErrorsHTTPAuth(SSLTest* test, gconstpointer)
     g_assert_false(test->m_loadEvents.contains(LoadTrackingTest::LoadCommitted));
     assertIfSSLRequestProcessed = false;
 
-    webkit_web_context_set_tls_errors_policy(context, originalPolicy);
+    webkit_website_data_manager_set_tls_errors_policy(websiteDataManager, originalPolicy);
 }
 
 class TLSErrorsTest: public SSLTest {
@@ -242,9 +256,9 @@ private:
 
 static void testLoadFailedWithTLSErrors(TLSErrorsTest* test, gconstpointer)
 {
-    WebKitWebContext* context = webkit_web_view_get_context(test->m_webView);
-    WebKitTLSErrorsPolicy originalPolicy = webkit_web_context_get_tls_errors_policy(context);
-    webkit_web_context_set_tls_errors_policy(context, WEBKIT_TLS_ERRORS_POLICY_FAIL);
+    auto* websiteDataManager = webkit_web_context_get_website_data_manager(test->m_webContext.get());
+    WebKitTLSErrorsPolicy originalPolicy = webkit_website_data_manager_get_tls_errors_policy(websiteDataManager);
+    webkit_website_data_manager_set_tls_errors_policy(websiteDataManager, WEBKIT_TLS_ERRORS_POLICY_FAIL);
 
     assertIfSSLRequestProcessed = true;
     // The load-failed-with-tls-errors signal should be emitted when there is a TLS failure.
@@ -259,7 +273,7 @@ static void testLoadFailedWithTLSErrors(TLSErrorsTest* test, gconstpointer)
     assertIfSSLRequestProcessed = false;
 
     // Test allowing an exception for this certificate on this host.
-    webkit_web_context_allow_tls_certificate_for_host(context, test->certificate(), test->host());
+    webkit_web_context_allow_tls_certificate_for_host(test->m_webContext.get(), test->certificate(), test->host());
     // The page should now load without errors.
     test->loadURI(kHttpsServer->getURIForPath("/test-tls/").data());
     test->waitUntilLoadFinished();
@@ -269,7 +283,7 @@ static void testLoadFailedWithTLSErrors(TLSErrorsTest* test, gconstpointer)
     g_assert_cmpint(test->m_loadEvents[2], ==, LoadTrackingTest::LoadFinished);
     g_assert_cmpstr(webkit_web_view_get_title(test->m_webView), ==, TLSExpectedSuccessTitle);
 
-    webkit_web_context_set_tls_errors_policy(context, originalPolicy);
+    webkit_website_data_manager_set_tls_errors_policy(websiteDataManager, originalPolicy);
 }
 
 class TLSSubresourceTest : public WebViewTest {
@@ -328,8 +342,8 @@ public:
 
 static void testSubresourceLoadFailedWithTLSErrors(TLSSubresourceTest* test, gconstpointer)
 {
-    WebKitWebContext* context = webkit_web_view_get_context(test->m_webView);
-    webkit_web_context_set_tls_errors_policy(context, WEBKIT_TLS_ERRORS_POLICY_FAIL);
+    auto* websiteDataManager = webkit_web_context_get_website_data_manager(test->m_webContext.get());
+    webkit_website_data_manager_set_tls_errors_policy(websiteDataManager, WEBKIT_TLS_ERRORS_POLICY_FAIL);
 
     assertIfSSLRequestProcessed = true;
     test->loadURI(kHttpServer->getURIForPath("/").data());
@@ -410,9 +424,9 @@ public:
 
 static void testWebSocketTLSErrors(WebSocketTest* test, gconstpointer)
 {
-    WebKitWebContext* context = webkit_web_view_get_context(test->m_webView);
-    WebKitTLSErrorsPolicy originalPolicy = webkit_web_context_get_tls_errors_policy(context);
-    webkit_web_context_set_tls_errors_policy(context, WEBKIT_TLS_ERRORS_POLICY_FAIL);
+    auto* websiteDataManager = webkit_web_context_get_website_data_manager(test->m_webContext.get());
+    WebKitTLSErrorsPolicy originalPolicy = webkit_website_data_manager_get_tls_errors_policy(websiteDataManager);
+    webkit_website_data_manager_set_tls_errors_policy(websiteDataManager, WEBKIT_TLS_ERRORS_POLICY_FAIL);
 
     // First, check that insecure ws:// web sockets work fine.
     unsigned events = test->connectToServerAndWaitForEvents(kHttpServer);
@@ -430,13 +444,13 @@ static void testWebSocketTLSErrors(WebSocketTest* test, gconstpointer)
     g_assert_true(events & WebSocketTest::EventFlags::DidClose);
 
     // Now try wss:// again, this time ignoring TLS errors.
-    webkit_web_context_set_tls_errors_policy(context, WEBKIT_TLS_ERRORS_POLICY_IGNORE);
+    webkit_website_data_manager_set_tls_errors_policy(websiteDataManager, WEBKIT_TLS_ERRORS_POLICY_IGNORE);
     events = test->connectToServerAndWaitForEvents(kHttpsServer);
     g_assert_true(events & WebSocketTest::EventFlags::DidServerCompleteHandshake);
     g_assert_true(events & WebSocketTest::EventFlags::DidOpen);
     g_assert_false(events & WebSocketTest::EventFlags::DidClose);
 
-    webkit_web_context_set_tls_errors_policy(context, originalPolicy);
+    webkit_website_data_manager_set_tls_errors_policy(websiteDataManager, originalPolicy);
 }
 
 static void httpsServerCallback(SoupServer* server, SoupMessage* message, const char* path, GHashTable*, SoupClientContext*, gpointer)