-[WKWebsiteDataStore removeDataOfTypes:forDataRecords:completionHandler:] doesn't...
authorpvollan@apple.com <pvollan@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Thu, 2 May 2019 20:50:54 +0000 (20:50 +0000)
committerpvollan@apple.com <pvollan@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Thu, 2 May 2019 20:50:54 +0000 (20:50 +0000)
https://bugs.webkit.org/show_bug.cgi?id=197510
Source/WebKit:

<rdar://problem/50372338>

Reviewed by Alex Christensen.

When asked to delete persistent credentials for a set of origins, send a message to the network process with the
list of origins. The network process will then delete all persistent credentials from these origins from
NSURLCredentialStorage.

* NetworkProcess/NetworkProcess.cpp:
(WebKit::NetworkProcess::removeCredentialsWithOrigins):
* NetworkProcess/NetworkProcess.h:
* NetworkProcess/NetworkProcess.messages.in:
* NetworkProcess/cocoa/NetworkProcessCocoa.mm:
(WebKit::NetworkProcess::removeCredentialsWithOrigins):
* UIProcess/WebsiteData/WebsiteDataStore.cpp:
(WebKit::WebsiteDataStore::removeData):

Tools:

Reviewed by Alex Christensen.

* TestWebKitAPI/Tests/WebKitCocoa/WKWebsiteDatastore.mm:
(TestWebKitAPI::TEST):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@244883 268f45cc-cd09-0410-ab3c-d52691b4dbfc

Source/WebKit/ChangeLog
Source/WebKit/NetworkProcess/NetworkProcess.cpp
Source/WebKit/NetworkProcess/NetworkProcess.h
Source/WebKit/NetworkProcess/NetworkProcess.messages.in
Source/WebKit/NetworkProcess/cocoa/NetworkProcessCocoa.mm
Source/WebKit/UIProcess/WebsiteData/WebsiteDataStore.cpp
Tools/ChangeLog
Tools/TestWebKitAPI/Tests/WebKitCocoa/WKWebsiteDatastore.mm

index 15c4569..e9df2bd 100644 (file)
@@ -1,3 +1,24 @@
+2019-05-02  Per Arne Vollan  <pvollan@apple.com>
+
+        -[WKWebsiteDataStore removeDataOfTypes:forDataRecords:completionHandler:] doesn't delete _WKWebsiteDataTypeCredentials
+        https://bugs.webkit.org/show_bug.cgi?id=197510
+        <rdar://problem/50372338>
+
+        Reviewed by Alex Christensen.
+
+        When asked to delete persistent credentials for a set of origins, send a message to the network process with the
+        list of origins. The network process will then delete all persistent credentials from these origins from
+        NSURLCredentialStorage.
+
+        * NetworkProcess/NetworkProcess.cpp:
+        (WebKit::NetworkProcess::removeCredentialsWithOrigins):
+        * NetworkProcess/NetworkProcess.h:
+        * NetworkProcess/NetworkProcess.messages.in:
+        * NetworkProcess/cocoa/NetworkProcessCocoa.mm:
+        (WebKit::NetworkProcess::removeCredentialsWithOrigins):
+        * UIProcess/WebsiteData/WebsiteDataStore.cpp:
+        (WebKit::WebsiteDataStore::removeData):
+
 2019-05-02  Don Olmstead  <don.olmstead@sony.com>
 
         [CMake] Refactor WEBKIT_MAKE_FORWARDING_HEADERS into WEBKIT_COPY_FILES
index 6ea9e22..a9086d9 100644 (file)
@@ -2506,7 +2506,12 @@ void NetworkProcess::originsWithPersistentCredentials(CompletionHandler<void(Vec
 {
     completionHandler(Vector<WebCore::SecurityOriginData>());
 }
-    
+
+void NetworkProcess::removeCredentialsWithOrigins(const Vector<WebCore::SecurityOriginData>&, CompletionHandler<void()>&& completionHandler)
+{
+    completionHandler();
+}
+
 void NetworkProcess::initializeProcess(const AuxiliaryProcessInitializationParameters&)
 {
 }
index d46443d..d01bc77 100644 (file)
@@ -435,6 +435,7 @@ private:
     void removeCredential(WebCore::Credential&&, WebCore::ProtectionSpace&&, CompletionHandler<void()>&&);
 
     void originsWithPersistentCredentials(CompletionHandler<void(Vector<WebCore::SecurityOriginData>)>&&);
+    void removeCredentialsWithOrigins(const Vector<WebCore::SecurityOriginData>& origins, CompletionHandler<void()>&&);
     
     void registerURLSchemeAsSecure(const String&) const;
     void registerURLSchemeAsBypassingContentSecurityPolicy(const String&) const;
index d139ffe..6f76379 100644 (file)
@@ -173,5 +173,6 @@ messages -> NetworkProcess LegacyReceiver {
     SetAdClickAttributionConversionURLForTesting(PAL::SessionID sessionID, URL url) -> () Async
     MarkAdClickAttributionsAsExpiredForTesting(PAL::SessionID sessionID) -> () Async
     RemoveCredential(WebCore::Credential credential, WebCore::ProtectionSpace protectionSpace) -> () Async
-    OriginsWithPersistentCredentials() -> (Vector<WebCore::SecurityOriginData> persistentCredentials) Async
+    OriginsWithPersistentCredentials() -> (Vector<WebCore::SecurityOriginData> origins) Async
+    RemoveCredentialsWithOrigins(Vector<WebCore::SecurityOriginData> origins) -> () Async
 }
index 2e4c50a..5aeae45 100644 (file)
@@ -222,6 +222,26 @@ void NetworkProcess::originsWithPersistentCredentials(CompletionHandler<void(Vec
     completionHandler(WebCore::CredentialStorage::originsWithPersistentCredentials());
 }
 
+void NetworkProcess::removeCredentialsWithOrigins(const Vector<WebCore::SecurityOriginData>& origins, CompletionHandler<void()>&& completionHandler)
+{
+    for (auto& origin : origins) {
+        auto allCredentials = [[NSURLCredentialStorage sharedCredentialStorage] allCredentials];
+        for (NSURLProtectionSpace* space in allCredentials) {
+            if (origin.protocol == String(space.protocol)
+                && origin.host == String(space.host)
+                && origin.port
+                && *origin.port == space.port) {
+                auto credentials = allCredentials[space];
+                for (NSString* user in credentials) {
+                    auto credential = credentials[user];
+                    [[NSURLCredentialStorage sharedCredentialStorage] removeCredential:credential forProtectionSpace:space];
+                }
+            }
+        }
+    }
+    completionHandler();
+}
+
 #if PLATFORM(MAC)
 void NetworkProcess::setSharedHTTPCookieStorage(const Vector<uint8_t>& identifier)
 {
index 0d30b77..00641a1 100644 (file)
@@ -1181,6 +1181,19 @@ void WebsiteDataStore::removeData(OptionSet<WebsiteDataType> dataTypes, const Ve
         });
     }
 
+    if (dataTypes.contains(WebsiteDataType::Credentials) && isPersistent()) {
+        for (auto& processPool : processPools()) {
+            if (!processPool->networkProcess())
+                continue;
+            
+            callbackAggregator->addPendingCallback();
+            WTF::CompletionHandler<void()> completionHandler = [callbackAggregator]() mutable {
+                callbackAggregator->removePendingCallback();
+            };
+            processPool->networkProcess()->sendWithAsyncReply(Messages::NetworkProcess::RemoveCredentialsWithOrigins(origins), WTFMove(completionHandler));
+        }
+    }
+
 #if ENABLE(NETSCAPE_PLUGIN_API)
     if (dataTypes.contains(WebsiteDataType::PlugInData) && isPersistent()) {
         Vector<String> hostNames;
index 19bc1cf..296c057 100644 (file)
@@ -1,3 +1,13 @@
+2019-05-02  Per Arne Vollan  <pvollan@apple.com>
+
+        -[WKWebsiteDataStore removeDataOfTypes:forDataRecords:completionHandler:] doesn't delete _WKWebsiteDataTypeCredentials
+        https://bugs.webkit.org/show_bug.cgi?id=197510
+
+        Reviewed by Alex Christensen.
+
+        * TestWebKitAPI/Tests/WebKitCocoa/WKWebsiteDatastore.mm:
+        (TestWebKitAPI::TEST):
+
 2019-05-02  Don Olmstead  <don.olmstead@sony.com>
 
         [CMake] Refactor WEBKIT_MAKE_FORWARDING_HEADERS into WEBKIT_COPY_FILES
index bb9fcde..56e74f7 100644 (file)
@@ -197,4 +197,55 @@ TEST(WKWebsiteDataStore, FetchPersistentCredentials)
     TestWebKitAPI::Util::run(&removedCredential);
 }
 
+TEST(WKWebsiteDataStore, RemovePersistentCredentials)
+{
+    TCPServer server(respondWithChallengeThenOK);
+    
+    usePersistentCredentialStorage = true;
+    auto websiteDataStore = [WKWebsiteDataStore defaultDataStore];
+    auto navigationDelegate = adoptNS([[NavigationTestDelegate alloc] init]);
+    auto webView = adoptNS([[WKWebView alloc] initWithFrame:NSMakeRect(0, 0, 800, 600)]);
+    [webView setNavigationDelegate:navigationDelegate.get()];
+    [webView loadRequest:[NSURLRequest requestWithURL:[NSURL URLWithString:[NSString stringWithFormat:@"http://127.0.0.1:%d/", server.port()]]]];
+    [navigationDelegate waitForDidFinishNavigation];
+
+    __block bool done = false;
+    __block RetainPtr<WKWebsiteDataRecord> expectedRecord;
+    [websiteDataStore fetchDataRecordsOfTypes:[NSSet setWithObject:_WKWebsiteDataTypeCredentials] completionHandler:^(NSArray<WKWebsiteDataRecord *> *dataRecords) {
+        int credentialCount = dataRecords.count;
+        ASSERT_GT(credentialCount, 0);
+        for (WKWebsiteDataRecord *record in dataRecords) {
+            auto name = [record displayName];
+            if ([name isEqualToString:@"127.0.0.1"]) {
+                expectedRecord = record;
+                break;
+            }
+        }
+        EXPECT_TRUE(expectedRecord);
+        done = true;
+    }];
+    TestWebKitAPI::Util::run(&done);
+
+    done = false;
+    [websiteDataStore removeDataOfTypes:[NSSet setWithObject:_WKWebsiteDataTypeCredentials] forDataRecords:[NSArray arrayWithObject:expectedRecord.get()] completionHandler:^(void) {
+        done = true;
+    }];
+    TestWebKitAPI::Util::run(&done);
+
+    done = false;
+    [websiteDataStore fetchDataRecordsOfTypes:[NSSet setWithObject:_WKWebsiteDataTypeCredentials] completionHandler:^(NSArray<WKWebsiteDataRecord *> *dataRecords) {
+        bool foundLocalHostRecord = false;
+        for (WKWebsiteDataRecord *record in dataRecords) {
+            auto name = [record displayName];
+            if ([name isEqualToString:@"127.0.0.1"]) {
+                foundLocalHostRecord = true;
+                break;
+            }
+        }
+        EXPECT_FALSE(foundLocalHostRecord);
+        done = true;
+    }];
+    TestWebKitAPI::Util::run(&done);
+}
+
 }