https://bugs.webkit.org/show_bug.cgi?id=178484
<rdar://problem/
34837193>
Reviewed by Tim Horton.
Source/WebCore:
Switch to new NSKeyed[Un]Archiver methods that active and use
NSSecureCoding by default.
Most of the new API is wrapped in a set of convenience methods so we can
build without the new API on older systems.
No change in behavior.
* editing/cocoa/EditorCocoa.mm:
(WebCore::archivedDataForAttributedString): Use new convenience method
to archive the string object.
* loader/archive/cf/LegacyWebArchiveMac.mm:
(WebCore::LegacyWebArchive::createResourceResponseFromMacArchivedData): Update to
use secure coding where possible.
(WebCore::LegacyWebArchive::createPropertyListRepresentation): Ditto.
* platform/ios/PlatformPasteboardIOS.mm:
(WebCore::PlatformPasteboard::write): Use new secure API.
(WebCore::PlatformPasteboard::typesSafeForDOMToReadAndWrite const): Ditto.
* testing/cocoa/WebArchiveDumpSupport.mm:
(WebCoreTestSupport::createCFURLResponseFromResponseData): Update to
secure coding API where possible.
Source/WebCore/PAL:
Add new convenience methods (and SPI headers) so we can adopt new NSKeyedArchiver
API that uses secure coding by default.
* PAL.xcodeproj/project.pbxproj:
* pal/spi/cocoa/NSKeyedArchiverSPI.h: Added.
(securelyArchivedDataWithRootObject): New convenience method.
(securelyUnarchiveRootObjectOfClassFromData): Ditto.
(secureArchiverFromMutableData): Ditto.
(secureUnarchiverFromData): Ditto.
Source/WebKit:
Switch to new NSKeyed[Un]Archiver methods that active and use
NSSecureCoding by default.
* Platform/ios/AccessibilityIOS.mm:
(WebKit::newAccessibilityRemoteToken): Use secure-by-default API.
* Shared/Cocoa/DataDetectionResult.mm:
(WebKit::DataDetectionResult::encode const): Ditto.
(WebKit::DataDetectionResult::decode): Ditto.
* Shared/Cocoa/WebCoreArgumentCodersCocoa.mm:
(IPC::ArgumentCoder<WebCore::Payment>::encode): Ditto.
(IPC::ArgumentCoder<WebCore::Payment>::decode): Ditto.
(IPC::ArgumentCoder<WebCore::PaymentContact>::encode): Ditto.
(IPC::ArgumentCoder<WebCore::PaymentContact>::decode): Ditto.
(IPC::ArgumentCoder<WebCore::PaymentMerchantSession>::encode): Ditto.
(IPC::ArgumentCoder<WebCore::PaymentMerchantSession>::decode): Ditto.
(IPC::ArgumentCoder<WebCore::PaymentMethod>::encode): Ditto.
(IPC::ArgumentCoder<WebCore::PaymentMethod>::decode): Ditto.
* Shared/ios/InteractionInformationAtPosition.mm:
(WebKit::InteractionInformationAtPosition::encode const): Ditto.
(WebKit::InteractionInformationAtPosition::decode): Ditto.
* Shared/mac/WebCoreArgumentCodersMac.mm:
(IPC::ArgumentCoder<ProtectionSpace>::encodePlatformData): Ditto.
(IPC::ArgumentCoder<ProtectionSpace>::decodePlatformData): Ditto.
(IPC::ArgumentCoder<Credential>::encodePlatformData): Ditto.
(IPC::ArgumentCoder<Credential>::decodePlatformData): Ditto.
(IPC::ArgumentCoder<ContentFilterUnblockHandler>::encode): Ditto.
(IPC::ArgumentCoder<ContentFilterUnblockHandler>::decode): Ditto.
(IPC::ArgumentCoder<MediaPlaybackTargetContext>::encodePlatformData): Ditto.
(IPC::ArgumentCoder<MediaPlaybackTargetContext>::decodePlatformData): Ditto.
* Shared/mac/WebHitTestResultData.mm:
(WebKit::WebHitTestResultData::platformEncode const): Ditto.
(WebKit::WebHitTestResultData::platformDecode): Ditto.
* UIProcess/API/Cocoa/WKProcessPool.mm:
(-[WKProcessPool _setObject:forBundleParameter:]): Ditto.
(-[WKProcessPool _setObjectsForBundleParametersWithDictionary:]): Ditto.
* UIProcess/API/Cocoa/WKWebView.mm:
(-[WKWebView _setInputDelegate:]): Ditto.
* UIProcess/Cocoa/WebProcessPoolCocoa.mm:
(WebKit::WebProcessPool::platformInitializeWebProcess): Ditto.
* UIProcess/ios/PageClientImplIOS.mm:
(WebKit::PageClientImpl::startAssistingNode): Ditto.
* WebProcess/InjectedBundle/API/mac/WKWebProcessPlugInBrowserContextController.mm:
(-[WKWebProcessPlugInBrowserContextController _setFormDelegate:]): Ditto.
* WebProcess/InjectedBundle/mac/InjectedBundleMac.mm:
(WebKit::InjectedBundle::initialize): Ditto.
(WebKit::InjectedBundle::setBundleParameter): Ditto.
(WebKit::InjectedBundle::setBundleParameters): Ditto.
git-svn-id: https://svn.webkit.org/repository/webkit/trunk@223889
268f45cc-cd09-0410-ab3c-
d52691b4dbfc
+2017-10-24 Brent Fulgham <bfulgham@apple.com>
+
+ Adopt new secure coding APIs
+ https://bugs.webkit.org/show_bug.cgi?id=178484
+ <rdar://problem/34837193>
+
+ Reviewed by Tim Horton.
+
+ Switch to new NSKeyed[Un]Archiver methods that active and use
+ NSSecureCoding by default.
+
+ Most of the new API is wrapped in a set of convenience methods so we can
+ build without the new API on older systems.
+
+ No change in behavior.
+
+ * editing/cocoa/EditorCocoa.mm:
+ (WebCore::archivedDataForAttributedString): Use new convenience method
+ to archive the string object.
+ * loader/archive/cf/LegacyWebArchiveMac.mm:
+ (WebCore::LegacyWebArchive::createResourceResponseFromMacArchivedData): Update to
+ use secure coding where possible.
+ (WebCore::LegacyWebArchive::createPropertyListRepresentation): Ditto.
+ * platform/ios/PlatformPasteboardIOS.mm:
+ (WebCore::PlatformPasteboard::write): Use new secure API.
+ (WebCore::PlatformPasteboard::typesSafeForDOMToReadAndWrite const): Ditto.
+ * testing/cocoa/WebArchiveDumpSupport.mm:
+ (WebCoreTestSupport::createCFURLResponseFromResponseData): Update to
+ secure coding API where possible.
+
2017-10-24 Miguel Gomez <magomez@igalia.com>
[GTK][X11] Windy.com shows always straight wind lines
+2017-10-24 Brent Fulgham <bfulgham@apple.com>
+
+ Adopt new secure coding APIs
+ https://bugs.webkit.org/show_bug.cgi?id=178484
+ <rdar://problem/34837193>
+
+ Reviewed by Tim Horton.
+
+ Add new convenience methods (and SPI headers) so we can adopt new NSKeyedArchiver
+ API that uses secure coding by default.
+
+ * PAL.xcodeproj/project.pbxproj:
+ * pal/spi/cocoa/NSKeyedArchiverSPI.h: Added.
+ (securelyArchivedDataWithRootObject): New convenience method.
+ (securelyUnarchiveRootObjectOfClassFromData): Ditto.
+ (secureArchiverFromMutableData): Ditto.
+ (secureUnarchiverFromData): Ditto.
+
2017-10-20 Alex Christensen <achristensen@webkit.org>
Expose _boundInterfaceIdentifier and _allowsCellularAccess to WKWebsiteDataStorePrivate
1C4876D81F8D7F4E00CCEEBD /* Logging.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 1C4876D61F8D7F4E00CCEEBD /* Logging.cpp */; };
1C4876D91F8D7F4E00CCEEBD /* Logging.h in Headers */ = {isa = PBXBuildFile; fileRef = 1C4876D71F8D7F4E00CCEEBD /* Logging.h */; };
1C4876E01F8D837500CCEEBD /* LoggingCocoa.mm in Sources */ = {isa = PBXBuildFile; fileRef = 1C4876DF1F8D837500CCEEBD /* LoggingCocoa.mm */; };
+ 7A1656441F97B2B900BA3CE4 /* NSKeyedArchiverSPI.h in Headers */ = {isa = PBXBuildFile; fileRef = 7A1656431F97B2B800BA3CE4 /* NSKeyedArchiverSPI.h */; };
A10265871F56746100B4C844 /* FoundationSPI.h in Headers */ = {isa = PBXBuildFile; fileRef = A10265861F56746100B4C844 /* FoundationSPI.h */; };
A10265891F56747A00B4C844 /* HIToolboxSPI.h in Headers */ = {isa = PBXBuildFile; fileRef = A10265881F56747A00B4C844 /* HIToolboxSPI.h */; };
A102658B1F56748C00B4C844 /* QuickDrawSPI.h in Headers */ = {isa = PBXBuildFile; fileRef = A102658A1F56748C00B4C844 /* QuickDrawSPI.h */; };
1C4876DF1F8D837500CCEEBD /* LoggingCocoa.mm */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.cpp.objcpp; path = LoggingCocoa.mm; sourceTree = "<group>"; };
1C67CEA11E32EDA800F80F2E /* FeatureDefines.xcconfig */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = text.xcconfig; path = FeatureDefines.xcconfig; sourceTree = "<group>"; };
1C67CEA21E32EE2600F80F2E /* Version.xcconfig */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = text.xcconfig; path = Version.xcconfig; sourceTree = "<group>"; };
+ 7A1656431F97B2B800BA3CE4 /* NSKeyedArchiverSPI.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = NSKeyedArchiverSPI.h; sourceTree = "<group>"; };
A10265861F56746100B4C844 /* FoundationSPI.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = FoundationSPI.h; sourceTree = "<group>"; };
A10265881F56747A00B4C844 /* HIToolboxSPI.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = HIToolboxSPI.h; sourceTree = "<group>"; };
A102658A1F56748C00B4C844 /* QuickDrawSPI.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = QuickDrawSPI.h; sourceTree = "<group>"; };
0C2DA1311F3BEB4900DBC317 /* NSColorSPI.h */,
0C2DA1321F3BEB4900DBC317 /* NSExtensionSPI.h */,
0C2DA1331F3BEB4900DBC317 /* NSFileManagerSPI.h */,
+ 7A1656431F97B2B800BA3CE4 /* NSKeyedArchiverSPI.h */,
0C2DA1341F3BEB4900DBC317 /* NSStringSPI.h */,
0C2DA1351F3BEB4900DBC317 /* NSTouchBarSPI.h */,
0C2DA1361F3BEB4900DBC317 /* NSURLConnectionSPI.h */,
0C7785901F45130F00F4EBB6 /* NSFontSPI.h in Headers */,
A10826FE1F58A433004772AC /* NSGraphicsSPI.h in Headers */,
0C7785911F45130F00F4EBB6 /* NSImmediateActionGestureRecognizerSPI.h in Headers */,
+ 7A1656441F97B2B900BA3CE4 /* NSKeyedArchiverSPI.h in Headers */,
0C7785921F45130F00F4EBB6 /* NSMenuSPI.h in Headers */,
0C7785931F45130F00F4EBB6 /* NSPasteboardSPI.h in Headers */,
0C7785941F45130F00F4EBB6 /* NSPopoverSPI.h in Headers */,
--- /dev/null
+/*
+ * Copyright (C) 2017 Apple Inc. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY APPLE INC. ``AS IS'' AND ANY
+ * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR
+ * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
+ * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
+ * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+ * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
+ * OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#pragma once
+
+#define USE_NEW_ARCHIVER_API ((PLATFORM(MAC) && __MAC_OS_X_VERSION_MAX_ALLOWED >= 101302 && __MAC_OS_X_VERSION_MIN_REQUIRED >= 101300) || (PLATFORM(IOS) && __IPHONE_OS_VERSION_MIN_REQUIRED >= 110200) || (PLATFORM(WATCHOS) && __WATCH_OS_VERSION_MIN_REQUIRED >= 40200) || (PLATFORM(TVOS) && __TV_OS_VERSION_MIN_REQUIRED >= 110200))
+
+#if USE(APPLE_INTERNAL_SDK) && USE(NEW_ARCHIVER_API)
+
+#import <Foundation/NSKeyedArchiver_Private.h>
+
+#else
+
+#import <Availability.h>
+#import <Foundation/NSCoder.h>
+#import <Foundation/NSKeyedArchiver.h>
+#import <wtf/Assertions.h>
+
+#if USE(NEW_ARCHIVER_API)
+
+NS_ASSUME_NONNULL_BEGIN
+
+@interface NSKeyedArchiver (NSKeyedArchiverSecureCodingInitializers)
+- (instancetype)initRequiringSecureCoding:(BOOL)requiresSecureCoding API_AVAILABLE(macos(10.13), ios(11.0));
++ (nullable NSData *)archivedDataWithRootObject:(id)object requiringSecureCoding:(BOOL)requiresSecureCoding error:(NSError **)error API_AVAILABLE(macos(10.13), ios(11.0));
+@end
+
+@interface NSKeyedUnarchiver (NSKeyedUnarchiverSecureCodingInitializer)
+- (nullable instancetype)initForReadingFromData:(NSData *)data error:(NSError **)error API_AVAILABLE(macos(10.13), ios(11.0));
++ (nullable id)unarchivedObjectOfClass:(Class)cls fromData:(NSData *)data error:(NSError **)error API_AVAILABLE(macos(10.13), ios(11.0));
++ (nullable id)unarchivedObjectOfClasses:(NSSet<Class> *)classes fromData:(NSData *)data error:(NSError **)error API_AVAILABLE(macos(10.13), ios(11.0));
+@end
+
+NS_ASSUME_NONNULL_END
+
+#endif
+
+#endif
+
+#include <wtf/RetainPtr.h>
+
+inline NSData *_Nullable securelyArchivedDataWithRootObject(id _Nonnull object)
+{
+#if USE(NEW_ARCHIVER_API)
+ NSError *error;
+ NSData *data = [NSKeyedArchiver archivedDataWithRootObject:object requiringSecureCoding:YES error:&error];
+ if (!data)
+ LOG_ERROR("Unable to archive data: %@", error);
+ return data;
+#else
+ return [NSKeyedArchiver archivedDataWithRootObject:object];
+#endif
+}
+
+inline id _Nullable securelyUnarchiveObjectOfClassFromData(Class _Nonnull cls, NSData * _Nonnull data)
+{
+#if USE(NEW_ARCHIVER_API)
+ NSError *error;
+ id value = [NSKeyedUnarchiver unarchivedObjectOfClass:cls fromData:data error:&error];
+ if (!data)
+ LOG_ERROR("Unable to unarchive data: %@", error);
+ return value;
+#else
+ UNUSED_PARAM(cls);
+ return [NSKeyedUnarchiver unarchiveObjectWithData:data];
+#endif
+}
+
+inline RetainPtr<NSKeyedArchiver> secureArchiverFromMutableData(NSMutableData *_Nonnull mutableData)
+{
+ NSKeyedArchiver *archiver = [[NSKeyedArchiver alloc] initForWritingWithMutableData:mutableData];
+ [archiver setRequiresSecureCoding:YES];
+ return adoptNS(archiver);
+}
+
+inline RetainPtr<NSKeyedUnarchiver> secureUnarchiverFromData(NSData *_Nonnull data)
+{
+#if USE(NEW_ARCHIVER_API)
+ NSKeyedUnarchiver *unarchiver = [[NSKeyedUnarchiver alloc] initForReadingFromData:data error:nil];
+ unarchiver.decodingFailurePolicy = NSDecodingFailurePolicyRaiseException;
+#else
+ NSKeyedUnarchiver *unarchiver = [[NSKeyedUnarchiver alloc] initForReadingWithData:data];
+ [unarchiver setRequiresSecureCoding:YES];
+#endif
+ return adoptNS(unarchiver);
+}
+
#import "WebCoreNSURLExtras.h"
#import "markup.h"
#import <pal/spi/cocoa/NSAttributedStringSPI.h>
+#import <pal/spi/cocoa/NSKeyedArchiverSPI.h>
#import <wtf/BlockObjCExceptions.h>
namespace WebCore {
if (!attributedString.length)
return nullptr;
- return SharedBuffer::create([NSKeyedArchiver archivedDataWithRootObject:attributedString]);
+ return SharedBuffer::create(securelyArchivedDataWithRootObject(attributedString));
}
String Editor::selectionInHTMLFormat()
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
-#include "config.h"
-#include "LegacyWebArchive.h"
+#import "config.h"
+#import "LegacyWebArchive.h"
+
+#import <pal/spi/cocoa/NSKeyedArchiverSPI.h>
namespace WebCore {
return ResourceResponse();
NSURLResponse *response = nil;
- NSKeyedUnarchiver *unarchiver = [[NSKeyedUnarchiver alloc] initForReadingWithData:(NSData *)responseData];
-#if (PLATFORM(MAC) && __MAC_OS_X_VERSION_MIN_REQUIRED >= 101300) || PLATFORM(IOS)
- // Because of <rdar://problem/34063313> we can't use this for decoding in older OS's.
- [unarchiver setRequiresSecureCoding:YES];
+ auto unarchiver = secureUnarchiverFromData((NSData *)responseData);
@try {
+#if (PLATFORM(MAC) && __MAC_OS_X_VERSION_MIN_REQUIRED >= 101300) || PLATFORM(IOS)
response = [unarchiver decodeObjectOfClass:[NSURLResponse class] forKey:LegacyWebArchiveResourceResponseKey];
#else
- @try {
+ // Because of <rdar://problem/34063313> we can't use secure coding for decoding in older OS's.
+ [unarchiver setRequiresSecureCoding:NO];
id responseObject = [unarchiver decodeObjectForKey:LegacyWebArchiveResourceResponseKey];
if ([responseObject isKindOfClass:[NSURLResponse class]])
response = responseObject;
LOG_ERROR("Failed to decode NS(HTTP)URLResponse: %@", exception);
response = nil;
}
- [unarchiver release];
-
+
return ResourceResponse(response);
}
CFMutableDataRef responseData = CFDataCreateMutable(0, 0);
- NSKeyedArchiver *archiver = [[NSKeyedArchiver alloc] initForWritingWithMutableData:(NSMutableData *)responseData];
+ auto archiver = adoptNS([[NSKeyedArchiver alloc] initForWritingWithMutableData:(NSMutableData *)responseData]);
#if (PLATFORM(MAC) && __MAC_OS_X_VERSION_MIN_REQUIRED >= 101300) || PLATFORM(IOS)
// Because of <rdar://problem/34063313> we can't use this for encoding in older OS's.
[archiver setRequiresSecureCoding:YES];
#endif
[archiver encodeObject:nsResponse forKey:LegacyWebArchiveResourceResponseKey];
[archiver finishEncoding];
- [archiver release];
-
+
return adoptCF(responseData);
}
/*
- * Copyright (C) 2013 Apple Inc. All rights reserved.
+ * Copyright (C) 2013-2017 Apple Inc. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
#import <MobileCoreServices/MobileCoreServices.h>
#import <UIKit/UIImage.h>
#import <UIKit/UIPasteboard.h>
+#import <pal/spi/cocoa/NSKeyedArchiverSPI.h>
#import <pal/spi/ios/UIKitSPI.h>
#import <wtf/ListHashSet.h>
#import <wtf/SoftLinking.h>
[representationsToRegister addData:content.dataInWebArchiveFormat->createNSData().get() forType:WebArchivePboardType];
if (content.dataInAttributedStringFormat) {
- NSAttributedString *attributedString = [NSKeyedUnarchiver unarchiveObjectWithData:content.dataInAttributedStringFormat->createNSData().get()];
+ NSAttributedString *attributedString = securelyUnarchiveObjectOfClassFromData([NSAttributedString class], content.dataInAttributedStringFormat->createNSData().get());
if (attributedString)
[representationsToRegister addRepresentingObject:attributedString];
}
if (!provider.teamData.length)
continue;
- id teamDataObject = [NSKeyedUnarchiver unarchiveObjectWithData:provider.teamData];
- if (!teamDataObject || ![teamDataObject isKindOfClass:[NSDictionary class]])
+ NSDictionary *teamDataObject = securelyUnarchiveObjectOfClassFromData([NSDictionary class], provider.teamData);
+ if (!teamDataObject)
continue;
- id originInTeamData = [(NSDictionary *)teamDataObject objectForKey:@(originKeyForTeamData)];
+ id originInTeamData = [teamDataObject objectForKey:@(originKeyForTeamData)];
if (![originInTeamData isKindOfClass:[NSString class]])
continue;
if (String((NSString *)originInTeamData) != origin)
NSMutableArray<NSString *> *typesAsNSArray = [NSMutableArray array];
for (auto& type : data.orderedTypes)
[typesAsNSArray addObject:type];
- [representationsToRegister setTeamData:[NSKeyedArchiver archivedDataWithRootObject:@{
- @(originKeyForTeamData) : data.origin, @(customTypesKeyForTeamData) : typesAsNSArray }]];
+ [representationsToRegister setTeamData:securelyArchivedDataWithRootObject(@{ @(originKeyForTeamData) : data.origin, @(customTypesKeyForTeamData) : typesAsNSArray })];
[representationsToRegister addData:serializedSharedBuffer.get() forType:@(PasteboardCustomData::cocoaType())];
}
}
#import <CFNetwork/CFHTTPMessage.h>
#import <CFNetwork/CFNetwork.h>
#import <pal/spi/cf/CFNetworkSPI.h>
+#import <pal/spi/cocoa/NSKeyedArchiverSPI.h>
#import <wtf/NeverDestroyed.h>
#import <wtf/RetainPtr.h>
#import <wtf/Vector.h>
static CFURLResponseRef createCFURLResponseFromResponseData(CFDataRef responseData)
{
- RetainPtr<NSKeyedUnarchiver> unarchiver = adoptNS([[NSKeyedUnarchiver alloc] initForReadingWithData:(NSData *)responseData]);
NSURLResponse *response;
-#if (PLATFORM(MAC) && __MAC_OS_X_VERSION_MIN_REQUIRED >= 101300) || PLATFORM(IOS)
- // Because of <rdar://problem/34063313> we can't use this for decoding in older OS's.
- [unarchiver setRequiresSecureCoding:YES];
+ auto unarchiver = secureUnarchiverFromData((NSData *)responseData);
@try {
+#if (PLATFORM(MAC) && __MAC_OS_X_VERSION_MIN_REQUIRED >= 101300) || PLATFORM(IOS)
response = [unarchiver decodeObjectOfClass:[NSURLResponse class] forKey:@"WebResourceResponse"]; // WebResourceResponseKey in WebResource.m
#else
- @try {
+ // Because of <rdar://problem/34063313> we can't use secure coding for decoding in older OS's.
+ [unarchiver setRequiresSecureCoding:NO];
response = [unarchiver decodeObjectForKey:@"WebResourceResponse"]; // WebResourceResponseKey in WebResource.m
#endif
[unarchiver finishDecoding];
+2017-10-24 Brent Fulgham <bfulgham@apple.com>
+
+ Adopt new secure coding APIs
+ https://bugs.webkit.org/show_bug.cgi?id=178484
+ <rdar://problem/34837193>
+
+ Reviewed by Tim Horton.
+
+ Switch to new NSKeyed[Un]Archiver methods that active and use
+ NSSecureCoding by default.
+
+ * Platform/ios/AccessibilityIOS.mm:
+ (WebKit::newAccessibilityRemoteToken): Use secure-by-default API.
+ * Shared/Cocoa/DataDetectionResult.mm:
+ (WebKit::DataDetectionResult::encode const): Ditto.
+ (WebKit::DataDetectionResult::decode): Ditto.
+ * Shared/Cocoa/WebCoreArgumentCodersCocoa.mm:
+ (IPC::ArgumentCoder<WebCore::Payment>::encode): Ditto.
+ (IPC::ArgumentCoder<WebCore::Payment>::decode): Ditto.
+ (IPC::ArgumentCoder<WebCore::PaymentContact>::encode): Ditto.
+ (IPC::ArgumentCoder<WebCore::PaymentContact>::decode): Ditto.
+ (IPC::ArgumentCoder<WebCore::PaymentMerchantSession>::encode): Ditto.
+ (IPC::ArgumentCoder<WebCore::PaymentMerchantSession>::decode): Ditto.
+ (IPC::ArgumentCoder<WebCore::PaymentMethod>::encode): Ditto.
+ (IPC::ArgumentCoder<WebCore::PaymentMethod>::decode): Ditto.
+ * Shared/ios/InteractionInformationAtPosition.mm:
+ (WebKit::InteractionInformationAtPosition::encode const): Ditto.
+ (WebKit::InteractionInformationAtPosition::decode): Ditto.
+ * Shared/mac/WebCoreArgumentCodersMac.mm:
+ (IPC::ArgumentCoder<ProtectionSpace>::encodePlatformData): Ditto.
+ (IPC::ArgumentCoder<ProtectionSpace>::decodePlatformData): Ditto.
+ (IPC::ArgumentCoder<Credential>::encodePlatformData): Ditto.
+ (IPC::ArgumentCoder<Credential>::decodePlatformData): Ditto.
+ (IPC::ArgumentCoder<ContentFilterUnblockHandler>::encode): Ditto.
+ (IPC::ArgumentCoder<ContentFilterUnblockHandler>::decode): Ditto.
+ (IPC::ArgumentCoder<MediaPlaybackTargetContext>::encodePlatformData): Ditto.
+ (IPC::ArgumentCoder<MediaPlaybackTargetContext>::decodePlatformData): Ditto.
+ * Shared/mac/WebHitTestResultData.mm:
+ (WebKit::WebHitTestResultData::platformEncode const): Ditto.
+ (WebKit::WebHitTestResultData::platformDecode): Ditto.
+ * UIProcess/API/Cocoa/WKProcessPool.mm:
+ (-[WKProcessPool _setObject:forBundleParameter:]): Ditto.
+ (-[WKProcessPool _setObjectsForBundleParametersWithDictionary:]): Ditto.
+ * UIProcess/API/Cocoa/WKWebView.mm:
+ (-[WKWebView _setInputDelegate:]): Ditto.
+ * UIProcess/Cocoa/WebProcessPoolCocoa.mm:
+ (WebKit::WebProcessPool::platformInitializeWebProcess): Ditto.
+ * UIProcess/ios/PageClientImplIOS.mm:
+ (WebKit::PageClientImpl::startAssistingNode): Ditto.
+ * WebProcess/InjectedBundle/API/mac/WKWebProcessPlugInBrowserContextController.mm:
+ (-[WKWebProcessPlugInBrowserContextController _setFormDelegate:]): Ditto.
+ * WebProcess/InjectedBundle/mac/InjectedBundleMac.mm:
+ (WebKit::InjectedBundle::initialize): Ditto.
+ (WebKit::InjectedBundle::setBundleParameter): Ditto.
+ (WebKit::InjectedBundle::setBundleParameters): Ditto.
+
2017-10-24 Zan Dobersek <zdobersek@igalia.com>
[GTK][WPE] generate-forwarding-headers.pl should also scan derived sources in WebKit framework
#import "config.h"
#import "AccessibilityIOS.h"
+#import <pal/spi/cocoa/NSKeyedArchiverSPI.h>
#if PLATFORM(IOS)
{
if (!uuid)
return nil;
- return [NSKeyedArchiver archivedDataWithRootObject:@{ @"ax-pid" : @(getpid()), @"ax-uuid" : [uuid UUIDString], @"ax-register" : @YES }];
+ return securelyArchivedDataWithRootObject(@{ @"ax-pid" : @(getpid()), @"ax-uuid" : [uuid UUIDString], @"ax-register" : @YES });
}
} // namespace WebKit
/*
- * Copyright (C) 2014 Apple Inc. All rights reserved.
+ * Copyright (C) 2014-2017 Apple Inc. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
#import "ArgumentCodersCF.h"
#import "WebCoreArgumentCoders.h"
#import <pal/spi/cocoa/DataDetectorsCoreSPI.h>
+#import <pal/spi/cocoa/NSKeyedArchiverSPI.h>
#import <wtf/SoftLinking.h>
SOFT_LINK_PRIVATE_FRAMEWORK(DataDetectorsCore)
void DataDetectionResult::encode(IPC::Encoder& encoder) const
{
RetainPtr<NSMutableData> data = adoptNS([[NSMutableData alloc] init]);
- RetainPtr<NSKeyedArchiver> archiver = adoptNS([[NSKeyedArchiver alloc] initForWritingWithMutableData:data.get()]);
- [archiver setRequiresSecureCoding:YES];
+ auto archiver = secureArchiverFromMutableData(data.get());
[archiver encodeObject:results.get() forKey:@"dataDetectorResults"];
[archiver finishEncoding];
RetainPtr<CFDataRef> data;
if (!IPC::decode(decoder, data))
return false;
-
- RetainPtr<NSKeyedUnarchiver> unarchiver = adoptNS([[NSKeyedUnarchiver alloc] initForReadingWithData:(NSData *)data.get()]);
- [unarchiver setRequiresSecureCoding:YES];
+
+ auto unarchiver = secureUnarchiverFromData((NSData *)data.get());
@try {
result.results = [unarchiver decodeObjectOfClasses:[NSSet setWithArray:@[ [NSArray class], getDDScannerResultClass()] ] forKey:@"dataDetectorResults"];
} @catch (NSException *exception) {
/*
- * Copyright (C) 2016 Apple Inc. All rights reserved.
+ * Copyright (C) 2016-2017 Apple Inc. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
#import "DataReference.h"
#import <WebCore/PaymentAuthorizationStatus.h>
+#import <pal/spi/cocoa/NSKeyedArchiverSPI.h>
#import <pal/spi/cocoa/PassKitSPI.h>
#import <wtf/SoftLinking.h>
void ArgumentCoder<WebCore::Payment>::encode(Encoder& encoder, const WebCore::Payment& payment)
{
auto data = adoptNS([[NSMutableData alloc] init]);
- auto archiver = adoptNS([[NSKeyedArchiver alloc] initForWritingWithMutableData:data.get()]);
-
- [archiver setRequiresSecureCoding:YES];
+ auto archiver = secureArchiverFromMutableData(data.get());
[archiver encodeObject:payment.pkPayment() forKey:NSKeyedArchiveRootObjectKey];
[archiver finishEncoding];
return false;
auto data = adoptNS([[NSData alloc] initWithBytesNoCopy:const_cast<void*>(static_cast<const void*>(dataReference.data())) length:dataReference.size() freeWhenDone:NO]);
- auto unarchiver = adoptNS([[NSKeyedUnarchiver alloc] initForReadingWithData:data.get()]);
- [unarchiver setRequiresSecureCoding:YES];
+ auto unarchiver = secureUnarchiverFromData(data.get());
@try {
PKPayment *pkPayment = [unarchiver decodeObjectOfClass:getPKPaymentClass() forKey:NSKeyedArchiveRootObjectKey];
payment = Payment(pkPayment);
void ArgumentCoder<WebCore::PaymentContact>::encode(Encoder& encoder, const WebCore::PaymentContact& paymentContact)
{
auto data = adoptNS([[NSMutableData alloc] init]);
- auto archiver = adoptNS([[NSKeyedArchiver alloc] initForWritingWithMutableData:data.get()]);
-
- [archiver setRequiresSecureCoding:YES];
+ auto archiver = secureArchiverFromMutableData(data.get());
[archiver encodeObject:paymentContact.pkContact() forKey:NSKeyedArchiveRootObjectKey];
[archiver finishEncoding];
return false;
auto data = adoptNS([[NSData alloc] initWithBytesNoCopy:const_cast<void*>(static_cast<const void*>(dataReference.data())) length:dataReference.size() freeWhenDone:NO]);
- auto unarchiver = adoptNS([[NSKeyedUnarchiver alloc] initForReadingWithData:data.get()]);
- [unarchiver setRequiresSecureCoding:YES];
+ auto unarchiver = secureUnarchiverFromData(data.get());
@try {
PKContact *pkContact = [unarchiver decodeObjectOfClass:getPKContactClass() forKey:NSKeyedArchiveRootObjectKey];
paymentContact = PaymentContact(pkContact);
void ArgumentCoder<WebCore::PaymentMerchantSession>::encode(Encoder& encoder, const WebCore::PaymentMerchantSession& paymentMerchantSession)
{
auto data = adoptNS([[NSMutableData alloc] init]);
- auto archiver = adoptNS([[NSKeyedArchiver alloc] initForWritingWithMutableData:data.get()]);
-
- [archiver setRequiresSecureCoding:YES];
+ auto archiver = secureArchiverFromMutableData(data.get());
[archiver encodeObject:paymentMerchantSession.pkPaymentMerchantSession() forKey:NSKeyedArchiveRootObjectKey];
[archiver finishEncoding];
return false;
auto data = adoptNS([[NSData alloc] initWithBytesNoCopy:const_cast<void*>(static_cast<const void*>(dataReference.data())) length:dataReference.size() freeWhenDone:NO]);
- auto unarchiver = adoptNS([[NSKeyedUnarchiver alloc] initForReadingWithData:data.get()]);
- [unarchiver setRequiresSecureCoding:YES];
+ auto unarchiver = secureUnarchiverFromData(data.get());
@try {
PKPaymentMerchantSession *pkPaymentMerchantSession = [unarchiver decodeObjectOfClass:getPKPaymentMerchantSessionClass() forKey:NSKeyedArchiveRootObjectKey];
paymentMerchantSession = PaymentMerchantSession(pkPaymentMerchantSession);
}
[unarchiver finishDecoding];
-
return true;
}
void ArgumentCoder<WebCore::PaymentMethod>::encode(Encoder& encoder, const WebCore::PaymentMethod& paymentMethod)
{
auto data = adoptNS([[NSMutableData alloc] init]);
- auto archiver = adoptNS([[NSKeyedArchiver alloc] initForWritingWithMutableData:data.get()]);
-
- [archiver setRequiresSecureCoding:YES];
+ auto archiver = secureArchiverFromMutableData(data.get());
[archiver encodeObject:paymentMethod.pkPaymentMethod() forKey:NSKeyedArchiveRootObjectKey];
[archiver finishEncoding];
return false;
auto data = adoptNS([[NSData alloc] initWithBytesNoCopy:const_cast<void*>(static_cast<const void*>(dataReference.data())) length:dataReference.size() freeWhenDone:NO]);
- auto unarchiver = adoptNS([[NSKeyedUnarchiver alloc] initForReadingWithData:data.get()]);
- [unarchiver setRequiresSecureCoding:YES];
+ auto unarchiver = secureUnarchiverFromData(data.get());
@try {
PKPaymentMethod *pkPaymentMethod = [unarchiver decodeObjectOfClass:getPKPaymentMethodClass() forKey:NSKeyedArchiveRootObjectKey];
paymentMethod = PaymentMethod(pkPaymentMethod);
/*
- * Copyright (C) 2014 Apple Inc. All rights reserved.
+ * Copyright (C) 2014-2017 Apple Inc. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
#import "ArgumentCodersCF.h"
#import "WebCoreArgumentCoders.h"
#import <pal/spi/cocoa/DataDetectorsCoreSPI.h>
+#import <pal/spi/cocoa/NSKeyedArchiverSPI.h>
#import <wtf/SoftLinking.h>
SOFT_LINK_PRIVATE_FRAMEWORK(DataDetectorsCore)
if (isDataDetectorLink) {
encoder << dataDetectorIdentifier;
RetainPtr<NSMutableData> data = adoptNS([[NSMutableData alloc] init]);
- RetainPtr<NSKeyedArchiver> archiver = adoptNS([[NSKeyedArchiver alloc] initForWritingWithMutableData:data.get()]);
- [archiver setRequiresSecureCoding:YES];
+ auto archiver = secureArchiverFromMutableData(data.get());
[archiver encodeObject:dataDetectorResults.get() forKey:@"dataDetectorResults"];
[archiver finishEncoding];
if (!IPC::decode(decoder, data))
return false;
- RetainPtr<NSKeyedUnarchiver> unarchiver = adoptNS([[NSKeyedUnarchiver alloc] initForReadingWithData:(NSData *)data.get()]);
- [unarchiver setRequiresSecureCoding:YES];
+ auto unarchiver = secureUnarchiverFromData((NSData *)data.get());
@try {
result.dataDetectorResults = [unarchiver decodeObjectOfClasses:[NSSet setWithArray:@[ [NSArray class], getDDScannerResultClass()] ] forKey:@"dataDetectorResults"];
} @catch (NSException *exception) {
/*
- * Copyright (C) 2010 Apple Inc. All rights reserved.
+ * Copyright (C) 2010-2017 Apple Inc. All rights reserved.
* Copyright (C) 2013 Company 100 Inc. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
#import <WebCore/ResourceError.h>
#import <WebCore/ResourceRequest.h>
#import <pal/spi/cf/CFNetworkSPI.h>
+#import <pal/spi/cocoa/NSKeyedArchiverSPI.h>
#if USE(CFURLCONNECTION)
#import <CFNetwork/CFURLRequest.h>
void ArgumentCoder<ProtectionSpace>::encodePlatformData(Encoder& encoder, const ProtectionSpace& space)
{
- RetainPtr<NSMutableData> data = adoptNS([[NSMutableData alloc] init]);
- RetainPtr<NSKeyedArchiver> archiver = adoptNS([[NSKeyedArchiver alloc] initForWritingWithMutableData:data.get()]);
- [archiver setRequiresSecureCoding:YES];
+ auto data = adoptNS([[NSMutableData alloc] init]);
+ auto archiver = secureArchiverFromMutableData(data.get());
[archiver encodeObject:space.nsSpace() forKey:@"protectionSpace"];
[archiver finishEncoding];
IPC::encode(encoder, reinterpret_cast<CFDataRef>(data.get()));
if (!IPC::decode(decoder, data))
return false;
- RetainPtr<NSKeyedUnarchiver> unarchiver = adoptNS([[NSKeyedUnarchiver alloc] initForReadingWithData:(NSData *)data.get()]);
- [unarchiver setRequiresSecureCoding:YES];
+ auto unarchiver = secureUnarchiverFromData((NSData *)data.get());
@try {
if (RetainPtr<NSURLProtectionSpace> nsSpace = [unarchiver decodeObjectOfClass:[NSURLProtectionSpace class] forKey:@"protectionSpace"])
space = ProtectionSpace(nsSpace.get());
}
encoder << false;
- RetainPtr<NSMutableData> data = adoptNS([[NSMutableData alloc] init]);
- RetainPtr<NSKeyedArchiver> archiver = adoptNS([[NSKeyedArchiver alloc] initForWritingWithMutableData:data.get()]);
- [archiver setRequiresSecureCoding:YES];
+ auto data = adoptNS([[NSMutableData alloc] init]);
+ auto archiver = secureArchiverFromMutableData(data.get());
[archiver encodeObject:nsCredential forKey:@"credential"];
[archiver finishEncoding];
IPC::encode(encoder, reinterpret_cast<CFDataRef>(data.get()));
if (!IPC::decode(decoder, data))
return false;
- RetainPtr<NSKeyedUnarchiver> unarchiver = adoptNS([[NSKeyedUnarchiver alloc] initForReadingWithData:(NSData *)data.get()]);
- [unarchiver setRequiresSecureCoding:YES];
+ auto unarchiver = secureUnarchiverFromData((NSData *)data.get());
@try {
if (RetainPtr<NSURLCredential> nsCredential = [unarchiver decodeObjectOfClass:[NSURLCredential class] forKey:@"credential"])
credential = Credential(nsCredential.get());
#if ENABLE(CONTENT_FILTERING)
void ArgumentCoder<ContentFilterUnblockHandler>::encode(Encoder& encoder, const ContentFilterUnblockHandler& contentFilterUnblockHandler)
{
- RetainPtr<NSMutableData> data = adoptNS([[NSMutableData alloc] init]);
- RetainPtr<NSKeyedArchiver> archiver = adoptNS([[NSKeyedArchiver alloc] initForWritingWithMutableData:data.get()]);
- [archiver setRequiresSecureCoding:YES];
+ auto data = adoptNS([[NSMutableData alloc] init]);
+ auto archiver = secureArchiverFromMutableData(data.get());
contentFilterUnblockHandler.encode(archiver.get());
[archiver finishEncoding];
IPC::encode(encoder, reinterpret_cast<CFDataRef>(data.get()));
if (!IPC::decode(decoder, data))
return false;
- RetainPtr<NSKeyedUnarchiver> unarchiver = adoptNS([[NSKeyedUnarchiver alloc] initForReadingWithData:(NSData *)data.get()]);
- [unarchiver setRequiresSecureCoding:YES];
+ auto unarchiver = secureUnarchiverFromData((NSData *)data.get());
if (!ContentFilterUnblockHandler::decode(unarchiver.get(), contentFilterUnblockHandler))
return false;
void ArgumentCoder<MediaPlaybackTargetContext>::encodePlatformData(Encoder& encoder, const MediaPlaybackTargetContext& target)
{
- RetainPtr<NSMutableData> data = adoptNS([[NSMutableData alloc] init]);
- RetainPtr<NSKeyedArchiver> archiver = adoptNS([[NSKeyedArchiver alloc] initForWritingWithMutableData:data.get()]);
- [archiver setRequiresSecureCoding:YES];
+ auto data = adoptNS([[NSMutableData alloc] init]);
+ auto archiver = secureArchiverFromMutableData(data.get());
if ([getAVOutputContextClass() conformsToProtocol:@protocol(NSSecureCoding)])
[archiver encodeObject:target.avOutputContext() forKey:deviceContextKey()];
if (!IPC::decode(decoder, data))
return false;
- RetainPtr<NSKeyedUnarchiver> unarchiver = adoptNS([[NSKeyedUnarchiver alloc] initForReadingWithData:(NSData *)data.get()]);
- [unarchiver setRequiresSecureCoding:YES];
+ auto unarchiver = secureUnarchiverFromData((NSData *)data.get());
AVOutputContext *context = nil;
@try {
/*
- * Copyright (C) 2015 Apple Inc. All rights reserved.
+ * Copyright (C) 2015-2017 Apple Inc. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
#import "Encoder.h"
#import "WebCoreArgumentCoders.h"
#import <WebCore/TextIndicator.h>
+#import <pal/spi/cocoa/NSKeyedArchiverSPI.h>
#import <pal/spi/mac/DataDetectorsSPI.h>
namespace WebKit {
if (!hasActionContext)
return;
- RetainPtr<NSMutableData> data = adoptNS([[NSMutableData alloc] init]);
- RetainPtr<NSKeyedArchiver> archiver = adoptNS([[NSKeyedArchiver alloc] initForWritingWithMutableData:data.get()]);
- [archiver setRequiresSecureCoding:YES];
+ auto data = adoptNS([[NSMutableData alloc] init]);
+ auto archiver = secureArchiverFromMutableData(data.get());
[archiver encodeObject:detectedDataActionContext.get() forKey:@"actionContext"];
[archiver finishEncoding];
if (!IPC::decode(decoder, data))
return false;
- RetainPtr<NSKeyedUnarchiver> unarchiver = adoptNS([[NSKeyedUnarchiver alloc] initForReadingWithData:(NSData *)data.get()]);
- [unarchiver setRequiresSecureCoding:YES];
+ auto unarchiver = secureUnarchiverFromData((NSData *)data.get());
@try {
hitTestResultData.detectedDataActionContext = [unarchiver decodeObjectOfClass:getDDActionContextClass() forKey:@"actionContext"];
} @catch (NSException *exception) {
#import <WebCore/CertificateInfo.h>
#import <WebCore/PluginData.h>
#import <pal/spi/cf/CFNetworkSPI.h>
+#import <pal/spi/cocoa/NSKeyedArchiverSPI.h>
#import <wtf/RetainPtr.h>
#if PLATFORM(IOS)
auto copy = adoptNS([(NSObject *)object copy]);
auto data = adoptNS([[NSMutableData alloc] init]);
- auto keyedArchiver = adoptNS([[NSKeyedArchiver alloc] initForWritingWithMutableData:data.get()]);
- [keyedArchiver setRequiresSecureCoding:YES];
+ auto keyedArchiver = secureArchiverFromMutableData(data.get());
@try {
[keyedArchiver encodeObject:copy.get() forKey:@"parameter"];
auto copy = adoptNS([[NSDictionary alloc] initWithDictionary:dictionary copyItems:YES]);
auto data = adoptNS([[NSMutableData alloc] init]);
- auto keyedArchiver = adoptNS([[NSKeyedArchiver alloc] initForWritingWithMutableData:data.get()]);
- [keyedArchiver setRequiresSecureCoding:YES];
+ auto keyedArchiver = secureArchiverFromMutableData(data.get());
@try {
[keyedArchiver encodeObject:copy.get() forKey:@"parameters"];
#import <WebCore/ValidationBubble.h>
#import <WebCore/ViewportArguments.h>
#import <WebCore/WritingMode.h>
+#import <pal/spi/cocoa/NSKeyedArchiverSPI.h>
#import <pal/spi/mac/NSTextFinderSPI.h>
#import <wtf/BlockPtr.h>
#import <wtf/HashMap.h>
NSObject <NSSecureCoding> *userObject = nil;
if (API::Data* data = static_cast<API::Data*>(userData)) {
auto nsData = adoptNS([[NSData alloc] initWithBytesNoCopy:const_cast<void*>(static_cast<const void*>(data->bytes())) length:data->size() freeWhenDone:NO]);
- auto unarchiver = adoptNS([[NSKeyedUnarchiver alloc] initForReadingWithData:nsData.get()]);
- [unarchiver setRequiresSecureCoding:YES];
+ auto unarchiver = secureUnarchiverFromData(nsData.get());
@try {
userObject = [unarchiver decodeObjectOfClass:[NSObject class] forKey:@"userObject"];
} @catch (NSException *exception) {
#import <WebCore/RuntimeApplicationChecks.h>
#import <WebCore/SharedBuffer.h>
#import <pal/spi/cf/CFNetworkSPI.h>
+#import <pal/spi/cocoa/NSKeyedArchiverSPI.h>
#import <sys/param.h>
#if PLATFORM(IOS)
if (m_bundleParameters) {
auto data = adoptNS([[NSMutableData alloc] init]);
- auto keyedArchiver = adoptNS([[NSKeyedArchiver alloc] initForWritingWithMutableData:data.get()]);
-
- [keyedArchiver setRequiresSecureCoding:YES];
+ auto keyedArchiver = secureArchiverFromMutableData(data.get());
@try {
[keyedArchiver encodeObject:m_bundleParameters.get() forKey:@"parameters"];
#import <WebCore/SharedBuffer.h>
#import <WebCore/TextIndicator.h>
#import <WebCore/ValidationBubble.h>
+#import <pal/spi/cocoa/NSKeyedArchiverSPI.h>
#import <wtf/BlockPtr.h>
#define MESSAGE_CHECK(assertion) MESSAGE_CHECK_BASE(assertion, m_webView->_page->process().connection())
NSObject <NSSecureCoding> *userObject = nil;
if (API::Data* data = static_cast<API::Data*>(userData)) {
auto nsData = adoptNS([[NSData alloc] initWithBytesNoCopy:const_cast<void*>(static_cast<const void*>(data->bytes())) length:data->size() freeWhenDone:NO]);
- auto unarchiver = adoptNS([[NSKeyedUnarchiver alloc] initForReadingWithData:nsData.get()]);
- [unarchiver setRequiresSecureCoding:YES];
+ auto unarchiver = secureUnarchiverFromData(nsData.get());
@try {
userObject = [unarchiver decodeObjectOfClass:[NSObject class] forKey:@"userObject"];
} @catch (NSException *exception) {
#import <WebCore/HTMLFormElement.h>
#import <WebCore/HTMLInputElement.h>
#import <WebCore/MainFrame.h>
+#import <pal/spi/cocoa/NSKeyedArchiverSPI.h>
using namespace WebCore;
using namespace WebKit;
return;
auto data = adoptNS([[NSMutableData alloc] init]);
- auto archiver = adoptNS([[NSKeyedArchiver alloc] initForWritingWithMutableData:data.get()]);
- [archiver setRequiresSecureCoding:YES];
+ auto archiver = secureArchiverFromMutableData(data.get());
@try {
[archiver encodeObject:userObject forKey:@"userObject"];
} @catch (NSException *exception) {
#import "WKWebProcessPlugInInternal.h"
#import "WebProcessCreationParameters.h"
#import <Foundation/NSBundle.h>
+#import <pal/spi/cocoa/NSKeyedArchiverSPI.h>
#import <stdio.h>
#import <wtf/RetainPtr.h>
#import <wtf/text/CString.h>
if (parameters.bundleParameterData) {
auto bundleParameterData = adoptNS([[NSData alloc] initWithBytesNoCopy:const_cast<void*>(static_cast<const void*>(parameters.bundleParameterData->bytes())) length:parameters.bundleParameterData->size() freeWhenDone:NO]);
- auto unarchiver = adoptNS([[NSKeyedUnarchiver alloc] initForReadingWithData:bundleParameterData.get()]);
- [unarchiver setRequiresSecureCoding:YES];
+ auto unarchiver = secureUnarchiverFromData(bundleParameterData.get());
NSDictionary *dictionary = nil;
@try {
#if WK_API_ENABLED
auto bundleParameterData = adoptNS([[NSData alloc] initWithBytesNoCopy:const_cast<void*>(static_cast<const void*>(value.data())) length:value.size() freeWhenDone:NO]);
- auto unarchiver = adoptNS([[NSKeyedUnarchiver alloc] initForReadingWithData:bundleParameterData.get()]);
- [unarchiver setRequiresSecureCoding:YES];
+ auto unarchiver = secureUnarchiverFromData(bundleParameterData.get());
id parameter = nil;
@try {
#if WK_API_ENABLED
auto bundleParametersData = adoptNS([[NSData alloc] initWithBytesNoCopy:const_cast<void*>(static_cast<const void*>(value.data())) length:value.size() freeWhenDone:NO]);
- auto unarchiver = adoptNS([[NSKeyedUnarchiver alloc] initForReadingWithData:bundleParametersData.get()]);
- [unarchiver setRequiresSecureCoding:YES];
+ auto unarchiver = secureUnarchiverFromData(bundleParametersData.get());
NSDictionary *parameters = nil;
@try {