Block all plugins smaller than 5x5px
authordino@apple.com <dino@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Wed, 13 Mar 2019 23:37:32 +0000 (23:37 +0000)
committerdino@apple.com <dino@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Wed, 13 Mar 2019 23:37:32 +0000 (23:37 +0000)
https://bugs.webkit.org/show_bug.cgi?id=195702
<rdar://problem/28435204>

Reviewed by Sam Weinig.

Source/WebCore:

Block all plugins that are smaller than a threshold, in this case
5px x 5px. Other browsers have implemented this for a while, and now
that we have Intersection Observers, small plugins are no longer
necessary.

Test: plugins/small-plugin-blocked.html

* en.lproj/Localizable.strings: New message for a small plugin.
* platform/LocalizedStrings.cpp:
(WebCore::pluginTooSmallText):
* platform/LocalizedStrings.h:

* html/HTMLPlugInElement.cpp: Helper function for Internals testing.
(WebCore::HTMLPlugInElement::isBelowSizeThreshold const):
* html/HTMLPlugInElement.h:

* loader/EmptyClients.cpp: Removed an unused function.
(WebCore::EmptyFrameLoaderClient::recreatePlugin): Deleted.
* loader/EmptyFrameLoaderClient.h:
* loader/FrameLoaderClient.h:

* page/Settings.yaml: Add flag for new feature.

* rendering/RenderEmbeddedObject.cpp: New unavailability reason for
embedded objects.
(WebCore::unavailablePluginReplacementText):
* rendering/RenderEmbeddedObject.h:
(WebCore::RenderEmbeddedObject::pluginUnavailabilityReason const):

* testing/Internals.cpp: Helper function for testing.
(WebCore::Internals::pluginIsBelowSizeThreshold):
* testing/Internals.h:
* testing/Internals.idl:

Source/WebKit:

Block all plugins that are smaller than a threshold, in this case
5x5px. Other browsers have implemented this for a while, and now
that we have Intersection Observers, small plugins are no longer
necessary.

* Shared/WebPreferences.yaml: New setting for this feature.

* UIProcess/WebPageProxy.cpp: Handle new unavailability type.
(WebKit::WebPageProxy::unavailablePluginButtonClicked):
* WebProcess/WebCoreSupport/WebChromeClient.cpp:
(WebKit::WebChromeClient::shouldUnavailablePluginMessageBeButton const):

* WebProcess/WebCoreSupport/WebFrameLoaderClient.cpp: Removed this function
as it was never being called.
(WebKit::WebFrameLoaderClient::recreatePlugin): Deleted.
* WebProcess/WebCoreSupport/WebFrameLoaderClient.h:

* WebProcess/WebPage/WebPage.cpp:
(WebKit::pluginIsSmall): Checks the size of the plugin.
(WebKit::WebPage::createPlugin): If the plugin is too small, stop it from
launching.

Source/WebKitLegacy/mac:

Removed a function that was never being called.

* WebCoreSupport/WebFrameLoaderClient.h:
* WebCoreSupport/WebFrameLoaderClient.mm:
(WebFrameLoaderClient::recreatePlugin): Deleted.

LayoutTests:

New test for some small plugins. Updated existing tests
to create plugins bigger than a threshold if necessary.

* plugins/clicking-missing-plugin-fires-delegate.html:
* plugins/destroy-stream-twice.html:
* plugins/npruntime/npruntime.html:
* plugins/object-embed-plugin-scripting.html:
* plugins/small-plugin-blocked-expected.txt: Added.
* plugins/small-plugin-blocked.html: Added.
* platform/mac-wk1/TestExpectations: Skip new test on WK1.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@242920 268f45cc-cd09-0410-ab3c-d52691b4dbfc

33 files changed:
LayoutTests/ChangeLog
LayoutTests/platform/mac-wk1/TestExpectations
LayoutTests/plugins/clicking-missing-plugin-fires-delegate.html
LayoutTests/plugins/destroy-stream-twice.html
LayoutTests/plugins/npruntime/npruntime.html
LayoutTests/plugins/object-embed-plugin-scripting.html
LayoutTests/plugins/small-plugin-blocked-expected.txt [new file with mode: 0644]
LayoutTests/plugins/small-plugin-blocked.html [new file with mode: 0644]
Source/WebCore/ChangeLog
Source/WebCore/en.lproj/Localizable.strings
Source/WebCore/html/HTMLPlugInElement.cpp
Source/WebCore/html/HTMLPlugInElement.h
Source/WebCore/loader/EmptyClients.cpp
Source/WebCore/loader/EmptyFrameLoaderClient.h
Source/WebCore/loader/FrameLoaderClient.h
Source/WebCore/page/Settings.yaml
Source/WebCore/platform/LocalizedStrings.cpp
Source/WebCore/platform/LocalizedStrings.h
Source/WebCore/rendering/RenderEmbeddedObject.cpp
Source/WebCore/rendering/RenderEmbeddedObject.h
Source/WebCore/testing/Internals.cpp
Source/WebCore/testing/Internals.h
Source/WebCore/testing/Internals.idl
Source/WebKit/ChangeLog
Source/WebKit/Shared/WebPreferences.yaml
Source/WebKit/UIProcess/WebPageProxy.cpp
Source/WebKit/WebProcess/WebCoreSupport/WebChromeClient.cpp
Source/WebKit/WebProcess/WebCoreSupport/WebFrameLoaderClient.cpp
Source/WebKit/WebProcess/WebCoreSupport/WebFrameLoaderClient.h
Source/WebKit/WebProcess/WebPage/WebPage.cpp
Source/WebKitLegacy/mac/ChangeLog
Source/WebKitLegacy/mac/WebCoreSupport/WebFrameLoaderClient.h
Source/WebKitLegacy/mac/WebCoreSupport/WebFrameLoaderClient.mm

index 5be5643..b985804 100644 (file)
@@ -1,3 +1,22 @@
+2019-03-13  Dean Jackson  <dino@apple.com>
+
+        Block all plugins smaller than 5x5px
+        https://bugs.webkit.org/show_bug.cgi?id=195702
+        <rdar://problem/28435204>
+
+        Reviewed by Sam Weinig.
+
+        New test for some small plugins. Updated existing tests
+        to create plugins bigger than a threshold if necessary.
+
+        * plugins/clicking-missing-plugin-fires-delegate.html:
+        * plugins/destroy-stream-twice.html:
+        * plugins/npruntime/npruntime.html:
+        * plugins/object-embed-plugin-scripting.html:
+        * plugins/small-plugin-blocked-expected.txt: Added.
+        * plugins/small-plugin-blocked.html: Added.
+        * platform/mac-wk1/TestExpectations: Skip new test on WK1.
+
 2019-03-13  Zalan Bujtas  <zalan@apple.com>
 
         Use RenderBox::previousSiblingBox/nextSiblingBox in RenderMultiColumnFlow
index f0968dc..21fde6b 100644 (file)
@@ -193,6 +193,9 @@ fast/forms/validation-message-on-textarea.html
 # Disable snapshotting tests on WK1 only
 plugins/snapshotting
 
+# Disable small plugin blocking on WK1
+plugins/small-plugin-blocked.html [ Skip ]
+
 # WK1 doesn't do pending WebGL policies 
 fast/canvas/webgl/useWhilePending.html [ Skip ]
 
index 8fd81cd..b395b2a 100644 (file)
@@ -1,20 +1,21 @@
 <html>
 <body>
-<embed name="plg" type="application/x-non-existent" width=200 height=200></embed>
+<embed name="plg" type="application/x-non-existent" style="width:200px;height:200px;" width=200 height=200></embed>
 <p>This test checks if the missing plug-in button can be clicked. This is a test for <a href="https://bugs.webkit.org/show_bug.cgi?id=41721">Bug 41721</a>.</p>
 <script>
 
-    if (!window.testRunner) {
-        document.write("This test does not work in manual mode.");
-    } else {
-        testRunner.dumpAsText();
+if (!window.testRunner)
+    document.write("This test does not work in manual mode.");
+else {
+    testRunner.dumpAsText();
 
+    window.onload = function () {
         eventSender.mouseMoveTo(0,0);
         eventSender.mouseMoveTo(105, 105);
         eventSender.mouseDown();
         eventSender.mouseUp();
-    }
-
+    };
+}
 </script>
 </body>
 </html>
index b5f0cee..5bd7fff 100644 (file)
@@ -33,7 +33,7 @@ function runTest()
 <embed id="plugin" 
        type="application/x-webkit-test-netscape"
        src="data:text/plain,"
-       style="width:0; height:0"
+       style="width:10px; height:10px"
        onstreamload="setTimeout(runTest, 0);">
 </embed>
 
index 84aa9ef..aa47608 100644 (file)
@@ -55,6 +55,6 @@ description("Tests that the NPRuntime implementation works as expected");
 </script>
 <embed id="plugin" 
        type="application/x-webkit-test-netscape"
-       style="width:0; height:0"
+       style="width:10px; height:10px"
        testnpruntime="1">
 </embed>
index e05c5ba..5ed1d23 100644 (file)
@@ -35,7 +35,7 @@ function test()
 <OBJECT 
     id="myO"
     type="application/x-webkit-test-netscape"
-    width = 0 height = 0
+    width = 10 height = 10
     >
     <PARAM name="autostart" value="false">
     
@@ -44,7 +44,7 @@ function test()
         type="application/x-webkit-test-netscape"
         autostart="false"
         enablejavascript="true"
-        width = 0 height = 0
+        width = 10 height = 10
     >
     </EMBED>
 </OBJECT>
@@ -55,28 +55,28 @@ function test()
         type="application/x-webkit-test-netscape"
         autostart="false"
         enablejavascript="true"
-        width = 0 height = 0
+        width = 10 height = 10
     >
 </object>
 
 <object 
     data="resources/apple.gif" 
     type="image/gif"
-    width = 0 height = 0
+    width = 10 height = 10
 >
     <embed 
         id="myE3"
         type="application/x-webkit-test-netscape"
         autostart="false"
         enablejavascript="true"
-        width = 0 height = 0
+        width = 10 height = 10
     >
 </object>
 
 <object 
     data="resources/apple.gif" 
     type="image/gif"
-    width = 0 height = 0
+    width = 10 height = 10
 >
     <object>
         <embed 
@@ -84,7 +84,7 @@ function test()
             type="application/x-webkit-test-netscape"
             autostart="false"
             enablejavascript="true"
-            width = 0 height = 0
+            width = 10 height = 10
         >
     </object>
 </object>
@@ -94,13 +94,13 @@ function test()
     type="application/x-webkit-test-netscape"
     autostart="false"
     enablejavascript="true"
-    width = 0 height = 0
+    width = 10 height = 10
 >
 
 <object
     name="Plugin"
     type="application/x-webkit-test-netscape"
-    width = 0 height = 0
+    width = 10 height = 10
     >
     <param name="autostart" value="false">
     <param name="enablejavascript" value="true">
@@ -110,7 +110,7 @@ function test()
         type="application/x-webkit-test-netscape"
         autostart="false"
         enablejavascript="true"
-        width = 0 height = 0
+        width = 10 height = 10
     >
     </embed>
 </object>
@@ -121,7 +121,7 @@ function test()
         type="application/x-webkit-test-netscape"
         autostart="false"
         enablejavascript="true"
-        width = 0 height = 0
+        width = 10 height = 10
     >
     </embed>
 </object>
diff --git a/LayoutTests/plugins/small-plugin-blocked-expected.txt b/LayoutTests/plugins/small-plugin-blocked-expected.txt
new file mode 100644 (file)
index 0000000..eeff24d
--- /dev/null
@@ -0,0 +1,17 @@
+This tests that small plugins are blocked
+
+0x0 is BLOCKED
+
+1x1 is BLOCKED
+
+4x4 is BLOCKED
+
+5x5 is BLOCKED
+
+6x6 is RUNNING
+
+1x6 is RUNNING
+
+6x1 is RUNNING
+
+      
diff --git a/LayoutTests/plugins/small-plugin-blocked.html b/LayoutTests/plugins/small-plugin-blocked.html
new file mode 100644 (file)
index 0000000..2f7f5db
--- /dev/null
@@ -0,0 +1,32 @@
+<!DOCTYPE html>
+<p>This tests that small plugins are blocked</p>
+<div id="result"></div>
+<script>
+function log(destination, msg)
+{
+    var t = document.createTextNode(msg);
+    var p = document.createElement("p");
+    p.appendChild(t);
+    destination.appendChild(p);
+}
+
+if (window.testRunner) {
+    testRunner.waitUntilDone();
+    testRunner.dumpAsText();
+    setTimeout(function () {
+        const result = document.getElementById("result");
+        for (id of ["0x0", "1x1", "4x4", "5x5", "6x6", "1x6", "6x1"]) {
+            const embed = document.getElementById(`plugin${id}`);
+            log(result, `${id} is ${internals.pluginIsBelowSizeThreshold(embed) ? "BLOCKED" : "RUNNING"}`);
+        }
+        testRunner.notifyDone();
+    }, 500);
+}
+</script>
+<embed id="plugin0x0" type="application/x-webkit-test-netscape" width="0" height="0"></embed>
+<embed id="plugin1x1" type="application/x-webkit-test-netscape" width="1" height="1"></embed>
+<embed id="plugin4x4" type="application/x-webkit-test-netscape" width="4" height="4"></embed>
+<embed id="plugin5x5" type="application/x-webkit-test-netscape" width="5" height="5"></embed>
+<embed id="plugin6x6" type="application/x-webkit-test-netscape" width="6" height="6"></embed>
+<embed id="plugin1x6" type="application/x-webkit-test-netscape" width="1" height="6"></embed>
+<embed id="plugin6x1" type="application/x-webkit-test-netscape" width="6" height="1"></embed>
index f0c9b3c..872555c 100644 (file)
@@ -1,3 +1,45 @@
+2019-03-13  Dean Jackson  <dino@apple.com>
+
+        Block all plugins smaller than 5x5px
+        https://bugs.webkit.org/show_bug.cgi?id=195702
+        <rdar://problem/28435204>
+
+        Reviewed by Sam Weinig.
+
+        Block all plugins that are smaller than a threshold, in this case
+        5px x 5px. Other browsers have implemented this for a while, and now
+        that we have Intersection Observers, small plugins are no longer
+        necessary.
+
+        Test: plugins/small-plugin-blocked.html
+
+        * en.lproj/Localizable.strings: New message for a small plugin.
+        * platform/LocalizedStrings.cpp:
+        (WebCore::pluginTooSmallText):
+        * platform/LocalizedStrings.h:
+
+        * html/HTMLPlugInElement.cpp: Helper function for Internals testing.
+        (WebCore::HTMLPlugInElement::isBelowSizeThreshold const):
+        * html/HTMLPlugInElement.h:
+
+        * loader/EmptyClients.cpp: Removed an unused function.
+        (WebCore::EmptyFrameLoaderClient::recreatePlugin): Deleted.
+        * loader/EmptyFrameLoaderClient.h:
+        * loader/FrameLoaderClient.h:
+
+        * page/Settings.yaml: Add flag for new feature.
+
+        * rendering/RenderEmbeddedObject.cpp: New unavailability reason for
+        embedded objects.
+        (WebCore::unavailablePluginReplacementText):
+        * rendering/RenderEmbeddedObject.h:
+        (WebCore::RenderEmbeddedObject::pluginUnavailabilityReason const):
+
+        * testing/Internals.cpp: Helper function for testing.
+        (WebCore::Internals::pluginIsBelowSizeThreshold):
+        * testing/Internals.h:
+        * testing/Internals.idl:
+
 2019-03-13  Zalan Bujtas  <zalan@apple.com>
 
         Use RenderBox::previousSiblingBox/nextSiblingBox in RenderMultiColumnFlow
index f144191..513e328 100644 (file)
 /* accessibility help text for enter full screen button */
 "Play movie in full screen mode" = "Play movie in full screen mode";
 
+/* Label text to be used when a plug-in was blocked from loading because it was too small */
+"Plug-In too small" = "Plug-In too small";
+
 /* Label text to be used if plugin host process has crashed */
 "Plug-in Failure" = "Plug-in Failure";
 
index f619249..9ace2ee 100644 (file)
@@ -406,6 +406,15 @@ JSC::JSObject* HTMLPlugInElement::scriptObjectForPluginReplacement()
     return nullptr;
 }
 
+bool HTMLPlugInElement::isBelowSizeThreshold() const
+{
+    auto* renderObject = renderer();
+    if (!is<RenderEmbeddedObject>(renderObject))
+        return true;
+    auto& renderEmbeddedObject = downcast<RenderEmbeddedObject>(*renderObject);
+    return renderEmbeddedObject.isPluginUnavailable() && renderEmbeddedObject.pluginUnavailabilityReason() == RenderEmbeddedObject::PluginTooSmall;
+}
+
 bool HTMLPlugInElement::setReplacement(RenderEmbeddedObject::PluginUnavailabilityReason reason, const String& unavailabilityDescription)
 {
     if (!is<RenderEmbeddedObject>(renderer()))
index becb31a..c42c0d3 100644 (file)
@@ -83,6 +83,8 @@ public:
 
     bool isUserObservable() const;
 
+    WEBCORE_EXPORT bool isBelowSizeThreshold() const;
+
     // Return whether or not the replacement content for blocked plugins is accessible to the user.
     WEBCORE_EXPORT bool setReplacement(RenderEmbeddedObject::PluginUnavailabilityReason, const String& unavailabilityDescription);
 
index e53b404..d159085 100644 (file)
@@ -485,10 +485,6 @@ RefPtr<Widget> EmptyFrameLoaderClient::createPlugin(const IntSize&, HTMLPlugInEl
     return nullptr;
 }
 
-void EmptyFrameLoaderClient::recreatePlugin(Widget*)
-{
-}
-
 RefPtr<Widget> EmptyFrameLoaderClient::createJavaAppletWidget(const IntSize&, HTMLAppletElement&, const URL&, const Vector<String>&, const Vector<String>&)
 {
     return nullptr;
index d137348..642c9a8 100644 (file)
@@ -173,7 +173,6 @@ class WEBCORE_EXPORT EmptyFrameLoaderClient : public FrameLoaderClient {
     void didDetectXSS(const URL&, bool) final { }
     RefPtr<Frame> createFrame(const URL&, const String&, HTMLFrameOwnerElement&, const String&) final;
     RefPtr<Widget> createPlugin(const IntSize&, HTMLPlugInElement&, const URL&, const Vector<String>&, const Vector<String>&, const String&, bool) final;
-    void recreatePlugin(Widget*) final;
     RefPtr<Widget> createJavaAppletWidget(const IntSize&, HTMLAppletElement&, const URL&, const Vector<String>&, const Vector<String>&) final;
 
     ObjectContentType objectContentType(const URL&, const String&) final { return ObjectContentType::None; }
index 0f34296..d28570e 100644 (file)
@@ -290,7 +290,6 @@ public:
 
     virtual RefPtr<Frame> createFrame(const URL&, const String& name, HTMLFrameOwnerElement&, const String& referrer) = 0;
     virtual RefPtr<Widget> createPlugin(const IntSize&, HTMLPlugInElement&, const URL&, const Vector<String>&, const Vector<String>&, const String&, bool loadManually) = 0;
-    virtual void recreatePlugin(Widget*) = 0;
     virtual void redirectDataToPlugin(Widget&) = 0;
 
     virtual RefPtr<Widget> createJavaAppletWidget(const IntSize&, HTMLAppletElement&, const URL& baseURL, const Vector<String>& paramNames, const Vector<String>& paramValues) = 0;
index 540781c..7b1fa5c 100644 (file)
@@ -811,6 +811,9 @@ editableImagesEnabled:
 adClickAttributionEnabled:
   initial: false
 
+blockingOfSmallPluginsEnabled:
+  initial: true
+
 # Deprecated
 
 iceCandidateFilteringEnabled:
index 80e2e40..2f096d6 100644 (file)
@@ -678,6 +678,11 @@ String unsupportedPluginText()
     return WEB_UI_STRING_KEY("Unsupported Plug-in", "Unsupported Plug-In", "Label text to be used when an unsupported plug-in was blocked from loading");
 }
 
+String pluginTooSmallText()
+{
+    return WEB_UI_STRING_KEY("Plug-In too small", "Plug-In too small", "Label text to be used when a plug-in was blocked from loading because it was too small");
+}
+
 String multipleFileUploadText(unsigned numberOfFiles)
 {
     return formatLocalizedString(WEB_UI_STRING("%d files", "Label to describe the number of files selected in a file upload control that allows multiple files"), numberOfFiles);
index d0a8ce7..6d9ee33 100644 (file)
@@ -225,6 +225,7 @@ namespace WebCore {
     String blockedPluginByContentSecurityPolicyText();
     String insecurePluginVersionText();
     String unsupportedPluginText();
+    WEBCORE_EXPORT String pluginTooSmallText();
 
     String multipleFileUploadText(unsigned numberOfFiles);
     String unknownFileSizeText();
index d537830..062ebb1 100644 (file)
@@ -158,6 +158,8 @@ static String unavailablePluginReplacementText(RenderEmbeddedObject::PluginUnava
         return insecurePluginVersionText();
     case RenderEmbeddedObject::UnsupportedPlugin:
         return unsupportedPluginText();
+    case RenderEmbeddedObject::PluginTooSmall:
+        return pluginTooSmallText();
     }
 
     ASSERT_NOT_REACHED();
index a521d4a..299d0ca 100644 (file)
@@ -45,8 +45,10 @@ public:
         PluginCrashed,
         PluginBlockedByContentSecurityPolicy,
         InsecurePluginVersion,
-        UnsupportedPlugin
+        UnsupportedPlugin,
+        PluginTooSmall
     };
+    PluginUnavailabilityReason pluginUnavailabilityReason() const { return m_pluginUnavailabilityReason; };
     WEBCORE_EXPORT void setPluginUnavailabilityReason(PluginUnavailabilityReason);
     WEBCORE_EXPORT void setPluginUnavailabilityReasonWithDescription(PluginUnavailabilityReason, const String& description);
 
index d39f541..0e073ea 100644 (file)
@@ -3639,6 +3639,11 @@ bool Internals::isPluginSnapshotted(Element& element)
     return is<HTMLPlugInElement>(element) && downcast<HTMLPlugInElement>(element).displayState() <= HTMLPlugInElement::DisplayingSnapshot;
 }
 
+bool Internals::pluginIsBelowSizeThreshold(Element& element)
+{
+    return is<HTMLPlugInElement>(element) && downcast<HTMLPlugInElement>(element).isBelowSizeThreshold();
+}
+
 #if ENABLE(MEDIA_SOURCE)
 
 void Internals::initializeMockMediaSource()
index 804c03a..76f0e9f 100644 (file)
@@ -555,6 +555,7 @@ public:
     ExceptionOr<bool> isPluginUnavailabilityIndicatorObscured(Element&);
     ExceptionOr<String> unavailablePluginReplacementText(Element&);
     bool isPluginSnapshotted(Element&);
+    bool pluginIsBelowSizeThreshold(Element&);
 
 #if ENABLE(MEDIA_SOURCE)
     WEBCORE_TESTSUPPORT_EXPORT void initializeMockMediaSource();
index c06f928..a90593b 100644 (file)
@@ -550,6 +550,7 @@ enum CompositingPolicy {
     [MayThrowException] boolean isPluginUnavailabilityIndicatorObscured(Element element);
     [MayThrowException] DOMString unavailablePluginReplacementText(Element element);
     boolean isPluginSnapshotted(Element element);
+    boolean pluginIsBelowSizeThreshold(Element element);
 
     [MayThrowException] DOMRect selectionBounds();
     void setSelectionWithoutValidation(Node baseNode, unsigned long baseOffset, Node? extentNode, unsigned long extentOffset);
index 97deb6d..090ef9d 100644 (file)
@@ -1,3 +1,33 @@
+2019-03-13  Dean Jackson  <dino@apple.com>
+
+        Block all plugins smaller than 5x5px
+        https://bugs.webkit.org/show_bug.cgi?id=195702
+        <rdar://problem/28435204>
+
+        Reviewed by Sam Weinig.
+
+        Block all plugins that are smaller than a threshold, in this case
+        5x5px. Other browsers have implemented this for a while, and now
+        that we have Intersection Observers, small plugins are no longer
+        necessary.
+
+        * Shared/WebPreferences.yaml: New setting for this feature.
+
+        * UIProcess/WebPageProxy.cpp: Handle new unavailability type.
+        (WebKit::WebPageProxy::unavailablePluginButtonClicked):
+        * WebProcess/WebCoreSupport/WebChromeClient.cpp:
+        (WebKit::WebChromeClient::shouldUnavailablePluginMessageBeButton const):
+
+        * WebProcess/WebCoreSupport/WebFrameLoaderClient.cpp: Removed this function
+        as it was never being called.
+        (WebKit::WebFrameLoaderClient::recreatePlugin): Deleted.
+        * WebProcess/WebCoreSupport/WebFrameLoaderClient.h:
+
+        * WebProcess/WebPage/WebPage.cpp:
+        (WebKit::pluginIsSmall): Checks the size of the plugin.
+        (WebKit::WebPage::createPlugin): If the plugin is too small, stop it from
+        launching.
+
 2019-03-13  Keith Rollin  <krollin@apple.com>
 
         Add support for new StagedFrameworks layout
index d2b545b..1245185 100644 (file)
@@ -1247,6 +1247,13 @@ CSSOMViewScrollingAPIEnabled:
   humanReadableDescription: "Implement standard behavior for scrollLeft, scrollTop, scrollWidth, scrollHeight, scrollTo, scrollBy and scrollingElement."
   category: internal
 
+BlockingOfSmallPluginsEnabled:
+  type: bool
+  defaultValue: true
+  humanReadableName: "Block small plugins"
+  humanReadableDescription: "Stop plugins smaller than a certain threshold from loading."
+  category: internal
+
 WebAnimationsEnabled:
   type: bool
   defaultValue: DEFAULT_EXPERIMENTAL_FEATURES_ENABLED
index 8d07d2c..9b335a4 100644 (file)
@@ -5108,6 +5108,7 @@ void WebPageProxy::unavailablePluginButtonClicked(uint32_t opaquePluginUnavailab
         break;
     case RenderEmbeddedObject::PluginBlockedByContentSecurityPolicy:
     case RenderEmbeddedObject::UnsupportedPlugin:
+    case RenderEmbeddedObject::PluginTooSmall:
         ASSERT_NOT_REACHED();
     }
 
index 839f709..dd00bf2 100644 (file)
@@ -637,6 +637,7 @@ bool WebChromeClient::shouldUnavailablePluginMessageBeButton(RenderEmbeddedObjec
     case RenderEmbeddedObject::PluginCrashed:
     case RenderEmbeddedObject::PluginBlockedByContentSecurityPolicy:
     case RenderEmbeddedObject::UnsupportedPlugin:
+    case RenderEmbeddedObject::PluginTooSmall:
         return false;
     }
 
index 383ab49..7369491 100644 (file)
@@ -1561,22 +1561,6 @@ RefPtr<Widget> WebFrameLoaderClient::createPlugin(const IntSize&, HTMLPlugInElem
 #endif
 }
 
-void WebFrameLoaderClient::recreatePlugin(Widget* widget)
-{
-#if ENABLE(NETSCAPE_PLUGIN_API)
-    ASSERT(widget);
-    ASSERT(widget->isPluginViewBase());
-    ASSERT(m_frame->page());
-
-    auto& pluginView = static_cast<PluginView&>(*widget);
-    String newMIMEType;
-    auto plugin = m_frame->page()->createPlugin(m_frame, pluginView.pluginElement(), pluginView.initialParameters(), newMIMEType);
-    pluginView.recreateAndInitialize(plugin.releaseNonNull());
-#else
-    UNUSED_PARAM(widget);
-#endif
-}
-
 void WebFrameLoaderClient::redirectDataToPlugin(Widget& pluginWidget)
 {
     m_pluginView = static_cast<PluginView*>(&pluginWidget);
index cfef8a8..8f54c5c 100644 (file)
@@ -213,7 +213,6 @@ private:
     RefPtr<WebCore::Frame> createFrame(const URL&, const String& name, WebCore::HTMLFrameOwnerElement&, const String& referrer) final;
 
     RefPtr<WebCore::Widget> createPlugin(const WebCore::IntSize&, WebCore::HTMLPlugInElement&, const URL&, const Vector<String>&, const Vector<String>&, const String&, bool loadManually) final;
-    void recreatePlugin(WebCore::Widget*) final;
     void redirectDataToPlugin(WebCore::Widget&) final;
     
 #if ENABLE(WEBGL)
index d07fdc3..d54d60d 100644 (file)
 #include <WebCore/JSDOMExceptionHandling.h>
 #include <WebCore/JSDOMWindow.h>
 #include <WebCore/KeyboardEvent.h>
+#include <WebCore/LocalizedStrings.h>
 #include <WebCore/MIMETypeRegistry.h>
 #include <WebCore/MouseEvent.h>
 #include <WebCore/NotImplemented.h>
@@ -887,6 +888,19 @@ void WebPage::initializeInjectedBundleFullScreenClient(WKBundlePageFullScreenCli
 #endif
 
 #if ENABLE(NETSCAPE_PLUGIN_API)
+
+constexpr int smallPluginDimensionThreshold = 5;
+
+static bool pluginIsSmall(WebCore::HTMLPlugInElement& pluginElement)
+{
+    auto* renderer = pluginElement.renderer();
+    if (!is<RenderEmbeddedObject>(*renderer))
+        return false;
+
+    auto& box = downcast<RenderBox>(*renderer);
+    return box.contentWidth() <= smallPluginDimensionThreshold && box.contentHeight() <= smallPluginDimensionThreshold;
+}
+
 RefPtr<Plugin> WebPage::createPlugin(WebFrame* frame, HTMLPlugInElement* pluginElement, const Plugin::Parameters& parameters, String& newMIMEType)
 {
     String frameURLString = frame->coreFrame()->loader().documentLoader()->responseURL().string();
@@ -934,6 +948,12 @@ RefPtr<Plugin> WebPage::createPlugin(WebFrame* frame, HTMLPlugInElement* pluginE
     if (!pluginProcessToken)
         return nullptr;
 
+    if (m_page->settings().blockingOfSmallPluginsEnabled() && pluginIsSmall(*pluginElement)) {
+        RELEASE_LOG(Plugins, "Blocking a plugin because it is too small");
+        pluginElement->setReplacement(RenderEmbeddedObject::PluginTooSmall, pluginTooSmallText());
+        return nullptr;
+    }
+
     bool isRestartedProcess = (pluginElement->displayState() == HTMLPlugInElement::Restarting || pluginElement->displayState() == HTMLPlugInElement::RestartingWithPendingMouseClick);
     return PluginProxy::create(pluginProcessToken, isRestartedProcess);
 }
index 15ecdb4..d556172 100644 (file)
@@ -1,3 +1,17 @@
+2019-03-13  Dean Jackson  <dino@apple.com>
+
+        Block all plugins smaller than 5x5px
+        https://bugs.webkit.org/show_bug.cgi?id=195702
+        <rdar://problem/28435204>
+
+        Reviewed by Sam Weinig.
+
+        Removed a function that was never being called.
+
+        * WebCoreSupport/WebFrameLoaderClient.h:
+        * WebCoreSupport/WebFrameLoaderClient.mm:
+        (WebFrameLoaderClient::recreatePlugin): Deleted.
+
 2019-03-13  Keith Rollin  <krollin@apple.com>
 
         Add support for new StagedFrameworks layout
index fe34a4d..0311172 100644 (file)
@@ -211,7 +211,6 @@ private:
         const WTF::String& referrer) final;
     RefPtr<WebCore::Widget> createPlugin(const WebCore::IntSize&, WebCore::HTMLPlugInElement&, const URL&,
     const Vector<WTF::String>&, const Vector<WTF::String>&, const WTF::String&, bool) final;
-    void recreatePlugin(WebCore::Widget*) final;
     void redirectDataToPlugin(WebCore::Widget&) final;
 
 #if ENABLE(WEBGL)
index b26d2fa..b1fb7b9 100644 (file)
@@ -2037,10 +2037,6 @@ RefPtr<Widget> WebFrameLoaderClient::createPlugin(const IntSize& size, HTMLPlugI
     return nullptr;
 }
 
-void WebFrameLoaderClient::recreatePlugin(Widget*)
-{
-}
-
 void WebFrameLoaderClient::redirectDataToPlugin(Widget& pluginWidget)
 {
     BEGIN_BLOCK_OBJC_EXCEPTIONS;