Check the existence of the frame in Document::hasFrameSpecificStorageAccess() and...
authorwilander@apple.com <wilander@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Mon, 18 Feb 2019 23:13:58 +0000 (23:13 +0000)
committerwilander@apple.com <wilander@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Mon, 18 Feb 2019 23:13:58 +0000 (23:13 +0000)
https://bugs.webkit.org/show_bug.cgi?id=194777
<rdar://problem/47731945>

Reviewed by Geoffrey Garen and Chris Dumez.

Source/WebCore:

Test: http/tests/storageAccess/remove-requesting-iframe.html

* dom/Document.cpp:
(WebCore::Document::hasFrameSpecificStorageAccess const):
    Now checks for the existence of the frame.
(WebCore::Document::setHasFrameSpecificStorageAccess):
    Now checks for the existence of the frame.
* loader/ResourceLoadObserver.cpp:
(WebCore::ResourceLoadObserver::logUserInteractionWithReducedTimeResolution):
    Now checks that the session ID is valid.

Source/WebKit:

* NetworkProcess/NetworkConnectionToWebProcess.cpp:
(WebKit::NetworkConnectionToWebProcess::logUserInteraction):
   Now returns early if the incoming session ID is invalid.
   Added an ASSERT to help us find other call sites passing invalid session IDs.

LayoutTests:

* http/tests/storageAccess/remove-requesting-iframe-expected.txt: Added.
* http/tests/storageAccess/remove-requesting-iframe.html: Added.
* http/tests/storageAccess/resources/request-storage-access-and-immediately-postmessage-iframe.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241743 268f45cc-cd09-0410-ab3c-d52691b4dbfc

LayoutTests/ChangeLog
LayoutTests/http/tests/storageAccess/remove-requesting-iframe-expected.txt [new file with mode: 0644]
LayoutTests/http/tests/storageAccess/remove-requesting-iframe.html [new file with mode: 0644]
LayoutTests/http/tests/storageAccess/resources/request-storage-access-and-immediately-postmessage-iframe.html [new file with mode: 0644]
Source/WebCore/ChangeLog
Source/WebCore/dom/Document.cpp
Source/WebCore/loader/ResourceLoadObserver.cpp
Source/WebKit/ChangeLog
Source/WebKit/NetworkProcess/NetworkConnectionToWebProcess.cpp

index e9dca47..e3cac30 100644 (file)
@@ -1,3 +1,15 @@
+2019-02-18  John Wilander  <wilander@apple.com>
+
+        Check the existence of the frame in Document::hasFrameSpecificStorageAccess() and Document::setHasFrameSpecificStorageAccess()
+        https://bugs.webkit.org/show_bug.cgi?id=194777
+        <rdar://problem/47731945>
+
+        Reviewed by Geoffrey Garen and Chris Dumez.
+
+        * http/tests/storageAccess/remove-requesting-iframe-expected.txt: Added.
+        * http/tests/storageAccess/remove-requesting-iframe.html: Added.
+        * http/tests/storageAccess/resources/request-storage-access-and-immediately-postmessage-iframe.html: Added.
+
 2019-02-18  Joseph Pecoraro  <pecoraro@apple.com>
 
         Web Inspector: Better categorize CPU usage per-thread / worker
diff --git a/LayoutTests/http/tests/storageAccess/remove-requesting-iframe-expected.txt b/LayoutTests/http/tests/storageAccess/remove-requesting-iframe-expected.txt
new file mode 100644 (file)
index 0000000..70546d2
--- /dev/null
@@ -0,0 +1,10 @@
+Tests that Storage Access API calls work well for removed frames.
+
+On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".
+
+
+PASS iframe removed.
+PASS successfullyParsed is true
+
+TEST COMPLETE
+
diff --git a/LayoutTests/http/tests/storageAccess/remove-requesting-iframe.html b/LayoutTests/http/tests/storageAccess/remove-requesting-iframe.html
new file mode 100644 (file)
index 0000000..d53a22f
--- /dev/null
@@ -0,0 +1,62 @@
+<!DOCTYPE html> <!-- webkit-test-runner [ useFlexibleViewport=true ] -->
+<html>
+<head>
+    <meta name="viewport" content="width=device-width, initial-scale=1, user-scalable=no">
+    <script src="/js-test-resources/js-test.js"></script>
+    <script src="/js-test-resources/ui-helper.js"></script>
+    <script src="/resourceLoadStatistics/resources/util.js"></script>
+</head>
+<body onload="runTest()">
+<script>
+    description("Tests that Storage Access API calls work well for removed frames.");
+    jsTestIsAsync = true;
+
+    function finishTest() {
+        setEnableFeature(false, finishJSTest);
+    }
+
+    function receiveMessage() {
+        requestingiframe.remove();
+        testPassed("iframe removed.");
+        setTimeout(finishTest, 0.5);
+    }
+
+    window.addEventListener("message", receiveMessage, false);
+
+    function activateElement(elementId) {
+        var element = document.getElementById(elementId);
+        var centerX = element.offsetLeft + element.offsetWidth / 2;
+        var centerY = element.offsetTop + element.offsetHeight / 2;
+        UIHelper.activateAt(centerX, centerY).then(
+            function () {
+                if (window.eventSender)
+                    eventSender.keyDown("escape");
+                else {
+                    testFailed("No eventSender.");
+                    finishTest();
+                }
+            },
+            function () {
+                testFailed("Promise rejected.");
+                finishTest();
+            }
+        );
+    }
+
+    const iframeID = "requestingiframe";
+    const iframeSource = "http://localhost:8000/storageAccess/resources/request-storage-access-and-immediately-postmessage-iframe.html";
+
+    function runTest() {
+        let iframeElement = document.createElement("iframe");
+        iframeElement.onload = function() {
+            testRunner.statisticsUpdateCookieBlocking(function() {
+                activateElement(iframeID);
+            });
+        };
+        iframeElement.id = iframeID;
+        iframeElement.src = iframeSource;
+        document.body.appendChild(iframeElement);
+    }
+</script>
+</body>
+</html>
\ No newline at end of file
diff --git a/LayoutTests/http/tests/storageAccess/resources/request-storage-access-and-immediately-postmessage-iframe.html b/LayoutTests/http/tests/storageAccess/resources/request-storage-access-and-immediately-postmessage-iframe.html
new file mode 100644 (file)
index 0000000..2840fc1
--- /dev/null
@@ -0,0 +1,15 @@
+<html>
+<head>
+    <script>
+        if (internals)
+            internals.setUserGrantsStorageAccess(true);
+
+        function makeRequestWithUserGesture() {
+            document.requestStorageAccess();
+            top.postMessage("API called.", "http://127.0.0.1:8000");
+        }
+    </script>
+</head>
+<body onclick="makeRequestWithUserGesture()">
+</body>
+</html>
\ No newline at end of file
index defa9ec..5bcf3f4 100644 (file)
@@ -1,3 +1,22 @@
+2019-02-18  John Wilander  <wilander@apple.com>
+
+        Check the existence of the frame in Document::hasFrameSpecificStorageAccess() and Document::setHasFrameSpecificStorageAccess()
+        https://bugs.webkit.org/show_bug.cgi?id=194777
+        <rdar://problem/47731945>
+
+        Reviewed by Geoffrey Garen and Chris Dumez.
+
+        Test: http/tests/storageAccess/remove-requesting-iframe.html
+
+        * dom/Document.cpp:
+        (WebCore::Document::hasFrameSpecificStorageAccess const):
+            Now checks for the existence of the frame.
+        (WebCore::Document::setHasFrameSpecificStorageAccess):
+            Now checks for the existence of the frame.
+        * loader/ResourceLoadObserver.cpp:
+        (WebCore::ResourceLoadObserver::logUserInteractionWithReducedTimeResolution):
+            Now checks that the session ID is valid.
+
 2019-02-18  Jer Noble  <jer.noble@apple.com>
 
         -[AVSampleBufferDisplayLayer player]: Unrecognized selector crash
index 7518199..bb899ea 100644 (file)
@@ -8458,12 +8458,13 @@ void Document::updateMainArticleElementAfterLayout()
 #if ENABLE(RESOURCE_LOAD_STATISTICS)
 bool Document::hasFrameSpecificStorageAccess() const
 {
-    return m_frame->loader().client().hasFrameSpecificStorageAccess();
+    return m_frame && m_frame->loader().client().hasFrameSpecificStorageAccess();
 }
     
 void Document::setHasFrameSpecificStorageAccess(bool value)
 {
-    m_frame->loader().client().setHasFrameSpecificStorageAccess(value);
+    if (m_frame)
+        m_frame->loader().client().setHasFrameSpecificStorageAccess(value);
 }
 
 bool Document::hasRequestedPageSpecificStorageAccessWithUserInteraction(const String& primaryDomain)
index a363155..30dfaa0 100644 (file)
@@ -193,7 +193,7 @@ void ResourceLoadObserver::logWebSocketLoading(const URL& targetURL, const URL&
 
 void ResourceLoadObserver::logUserInteractionWithReducedTimeResolution(const Document& document)
 {
-    if (!shouldLog(document.sessionID().isEphemeral()))
+    if (!document.sessionID().isValid() || !shouldLog(document.sessionID().isEphemeral()))
         return;
 
     auto& url = document.url();
index 8be06a7..3a02ceb 100644 (file)
@@ -1,3 +1,16 @@
+2019-02-18  John Wilander  <wilander@apple.com>
+
+        Check the existence of the frame in Document::hasFrameSpecificStorageAccess() and Document::setHasFrameSpecificStorageAccess()
+        https://bugs.webkit.org/show_bug.cgi?id=194777
+        <rdar://problem/47731945>
+
+        Reviewed by Geoffrey Garen and Chris Dumez.
+
+        * NetworkProcess/NetworkConnectionToWebProcess.cpp:
+        (WebKit::NetworkConnectionToWebProcess::logUserInteraction):
+           Now returns early if the incoming session ID is invalid.
+           Added an ASSERT to help us find other call sites passing invalid session IDs.
+
 2019-02-18  Per Arne Vollan  <pvollan@apple.com>
 
         It should be possible to get the mouse event modifiers for a page overlay client.
index 3df43c4..b1c7213 100644 (file)
@@ -587,6 +587,10 @@ void NetworkConnectionToWebProcess::removeStorageAccessForAllFramesOnPage(PAL::S
 
 void NetworkConnectionToWebProcess::logUserInteraction(PAL::SessionID sessionID, const String& topLevelOrigin)
 {
+    ASSERT(sessionID.isValid());
+    if (!sessionID.isValid())
+        return;
+
     if (auto networkSession = networkProcess().networkSession(sessionID)) {
         if (auto* resourceLoadStatistics = networkSession->resourceLoadStatistics())
             resourceLoadStatistics->logUserInteraction(topLevelOrigin, [] { });