Create a mechanism for 'safe by default' web views
authorkatherine_cheney@apple.com <katherine_cheney@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Wed, 8 Jan 2020 01:44:06 +0000 (01:44 +0000)
committerkatherine_cheney@apple.com <katherine_cheney@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Wed, 8 Jan 2020 01:44:06 +0000 (01:44 +0000)
https://bugs.webkit.org/show_bug.cgi?id=205407
<rdar://problem/58053071>

Reviewed by Alex Christensen.

Source/WebKit:

Adds common cases to be used as the basis for 'safe by default' web views.
The cases are in the form of an NS_ENUM _WKWebViewCategory and
its equivalent C++ enum WebViewCategory. The conversion between
these happens in WKWebViewConfiguration.mm.

* Shared/WebViewCategory.h: Added.
* UIProcess/API/APIPageConfiguration.cpp:
(API::PageConfiguration::copy const):
* UIProcess/API/APIPageConfiguration.h:
(API::PageConfiguration::webViewCategory const):
(API::PageConfiguration::setWebViewCategory):
* UIProcess/API/Cocoa/WKWebViewConfiguration.mm:
(convertToAPIWebViewCategory):
(convertFromAPIWebViewCategory):
(-[WKWebViewConfiguration _webViewCategory]):
(-[WKWebViewConfiguration _setWebViewCategory:]):
* UIProcess/API/Cocoa/WKWebViewConfigurationPrivate.h:
* WebKit.xcodeproj/project.pbxproj:

Tools:

Test the default WebView category is correct and that the setter works
properly.

* TestWebKitAPI/Tests/WebKitCocoa/Configuration.mm:
(TEST):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@254180 268f45cc-cd09-0410-ab3c-d52691b4dbfc

Source/WebKit/ChangeLog
Source/WebKit/Shared/WebViewCategory.h [new file with mode: 0644]
Source/WebKit/UIProcess/API/APIPageConfiguration.cpp
Source/WebKit/UIProcess/API/APIPageConfiguration.h
Source/WebKit/UIProcess/API/Cocoa/WKWebViewConfiguration.mm
Source/WebKit/UIProcess/API/Cocoa/WKWebViewConfigurationPrivate.h
Source/WebKit/WebKit.xcodeproj/project.pbxproj
Tools/ChangeLog
Tools/TestWebKitAPI/Tests/WebKitCocoa/Configuration.mm

index 1444efb..0d38718 100644 (file)
@@ -1,3 +1,30 @@
+2020-01-07  Kate Cheney  <katherine_cheney@apple.com>
+
+        Create a mechanism for 'safe by default' web views
+        https://bugs.webkit.org/show_bug.cgi?id=205407
+        <rdar://problem/58053071>
+
+        Reviewed by Alex Christensen.
+
+        Adds common cases to be used as the basis for 'safe by default' web views.
+        The cases are in the form of an NS_ENUM _WKWebViewCategory and
+        its equivalent C++ enum WebViewCategory. The conversion between
+        these happens in WKWebViewConfiguration.mm.
+
+        * Shared/WebViewCategory.h: Added.
+        * UIProcess/API/APIPageConfiguration.cpp:
+        (API::PageConfiguration::copy const):
+        * UIProcess/API/APIPageConfiguration.h:
+        (API::PageConfiguration::webViewCategory const):
+        (API::PageConfiguration::setWebViewCategory):
+        * UIProcess/API/Cocoa/WKWebViewConfiguration.mm:
+        (convertToAPIWebViewCategory):
+        (convertFromAPIWebViewCategory):
+        (-[WKWebViewConfiguration _webViewCategory]):
+        (-[WKWebViewConfiguration _setWebViewCategory:]):
+        * UIProcess/API/Cocoa/WKWebViewConfigurationPrivate.h:
+        * WebKit.xcodeproj/project.pbxproj:
+
 2020-01-07  Brent Fulgham  <bfulgham@apple.com>
 
         Network process sandboxes should not include 'common.sb' or 'system.sb'
diff --git a/Source/WebKit/Shared/WebViewCategory.h b/Source/WebKit/Shared/WebViewCategory.h
new file mode 100644 (file)
index 0000000..c22fcc7
--- /dev/null
@@ -0,0 +1,37 @@
+/*
+* Copyright (C) 2020 Apple Inc. All rights reserved.
+*
+* Redistribution and use in source and binary forms, with or without
+* modification, are permitted provided that the following conditions
+* are met:
+* 1. Redistributions of source code must retain the above copyright
+*    notice, this list of conditions and the following disclaimer.
+* 2. Redistributions in binary form must reproduce the above copyright
+*    notice, this list of conditions and the following disclaimer in the
+*    documentation and/or other materials provided with the distribution.
+*
+* THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS''
+* AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,
+* THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS
+* BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+* CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+* SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+* INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+* CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF
+* THE POSSIBILITY OF SUCH DAMAGE.
+*/
+
+#pragma once
+
+namespace WebKit {
+
+enum class WebViewCategory : uint8_t {
+    HybridApp,
+    InAppBrowser,
+    WebBrowser
+};
+
+} // namespace WebKit
+
index 8baa8ad..b5e0ae9 100644 (file)
@@ -80,6 +80,7 @@ Ref<PageConfiguration> PageConfiguration::copy() const
     for (auto& pair : this->m_urlSchemeHandlers)
         copy->m_urlSchemeHandlers.set(pair.key, pair.value.copyRef());
     copy->m_corsDisablingPatterns = this->m_corsDisablingPatterns;
+    copy->m_webViewCategory = this->m_webViewCategory;
 
     return copy;
 }
index 3641073..0b2a650 100644 (file)
@@ -27,6 +27,7 @@
 
 #include "APIObject.h"
 #include "WebPreferencesStore.h"
+#include "WebViewCategory.h"
 #include <wtf/Forward.h>
 #include <wtf/GetPtr.h>
 #include <wtf/HashSet.h>
@@ -138,6 +139,9 @@ public:
     const Vector<WTF::String>& corsDisablingPatterns() const { return m_corsDisablingPatterns; }
     void setCORSDisablingPatterns(Vector<WTF::String>&& patterns) { m_corsDisablingPatterns = WTFMove(patterns); }
 
+    WebKit::WebViewCategory webViewCategory() const { return m_webViewCategory; }
+    void setWebViewCategory(WebKit::WebViewCategory category) { m_webViewCategory = category; }
+
 private:
 
     RefPtr<WebKit::WebProcessPool> m_processPool;
@@ -175,6 +179,7 @@ private:
 
     HashMap<WTF::String, Ref<WebKit::WebURLSchemeHandler>> m_urlSchemeHandlers;
     Vector<WTF::String> m_corsDisablingPatterns;
+    WebKit::WebViewCategory m_webViewCategory { WebKit::WebViewCategory::HybridApp };
 };
 
 } // namespace API
index 0bd1f7d..e46803e 100644 (file)
@@ -1146,6 +1146,44 @@ ALLOW_DEPRECATED_DECLARATIONS_END
     return _undoManagerAPIEnabled;
 }
 
+static WebKit::WebViewCategory toWebKitWebViewCategory(_WKWebViewCategory category)
+{
+    switch (category) {
+    case _WKWebViewCategoryHybridApp:
+        return WebKit::WebViewCategory::HybridApp;
+    case _WKWebViewCategoryInAppBrowser:
+        return WebKit::WebViewCategory::InAppBrowser;
+    case _WKWebViewCategoryWebBrowser:
+        return WebKit::WebViewCategory::WebBrowser;
+    }
+    ASSERT_NOT_REACHED();
+    return WebKit::WebViewCategory::HybridApp;
+}
+
+static _WKWebViewCategory toWKWebViewCategory(WebKit::WebViewCategory category)
+{
+    switch (category) {
+    case WebKit::WebViewCategory::HybridApp:
+        return _WKWebViewCategoryHybridApp;
+    case WebKit::WebViewCategory::InAppBrowser:
+        return _WKWebViewCategoryInAppBrowser;
+    case WebKit::WebViewCategory::WebBrowser:
+        return _WKWebViewCategoryWebBrowser;
+    }
+    ASSERT_NOT_REACHED();
+    return _WKWebViewCategoryHybridApp;
+}
+
+- (_WKWebViewCategory)_webViewCategory
+{
+    return toWKWebViewCategory(_pageConfiguration->webViewCategory());
+}
+
+- (void)_setWebViewCategory:(_WKWebViewCategory)category
+{
+    _pageConfiguration->setWebViewCategory(toWebKitWebViewCategory(category));
+}
+
 @end
 
 @implementation WKWebViewConfiguration (WKDeprecated)
index 0da1732..a89c8eb 100644 (file)
@@ -37,6 +37,12 @@ typedef NS_ENUM(NSUInteger, _WKDragLiftDelay) {
 @protocol _UIClickInteractionDriving;
 #endif
 
+typedef NS_ENUM(NSUInteger, _WKWebViewCategory) {
+    _WKWebViewCategoryHybridApp,
+    _WKWebViewCategoryInAppBrowser,
+    _WKWebViewCategoryWebBrowser
+} WK_API_AVAILABLE(macos(WK_MAC_TBA), ios(WK_IOS_TBA));
+
 @class WKWebView;
 @class _WKApplicationManifest;
 @class _WKVisitedLinkStore;
@@ -113,5 +119,6 @@ typedef NS_ENUM(NSUInteger, _WKDragLiftDelay) {
 
 @property (nonatomic, setter=_setEditableImagesEnabled:) BOOL _editableImagesEnabled WK_API_AVAILABLE(macos(10.14.4), ios(12.2));
 @property (nonatomic, setter=_setUndoManagerAPIEnabled:) BOOL _undoManagerAPIEnabled WK_API_AVAILABLE(macos(10.15), ios(13.0));
+@property (nonatomic, setter=_setWebViewCategory:) _WKWebViewCategory _webViewCategory WK_API_AVAILABLE(macos(WK_MAC_TBA), ios(WK_IOS_TBA));
 
 @end
index 5778ba5..5ea4502 100644 (file)
                46F77D8023BE63BE0090B5A7 /* DependencyProcessAssertion.h in Headers */ = {isa = PBXBuildFile; fileRef = 46F77D7E23BE63B10090B5A7 /* DependencyProcessAssertion.h */; };
                46F9B26323526EF3006FE5FA /* WebBackForwardCacheEntry.h in Headers */ = {isa = PBXBuildFile; fileRef = 46F9B26223526ED0006FE5FA /* WebBackForwardCacheEntry.h */; };
                46FDA8F723BE586900B198FA /* RunningBoardServicesSPI.h in Headers */ = {isa = PBXBuildFile; fileRef = 46FDA8F623BE585900B198FA /* RunningBoardServicesSPI.h */; };
+               4960A3BD23C52AFD00961842 /* WebViewCategory.h in Headers */ = {isa = PBXBuildFile; fileRef = 4960A3BC23C5286400961842 /* WebViewCategory.h */; };
                49BCA19223A177660028A836 /* APIResourceLoadStatisticsFirstParty.h in Headers */ = {isa = PBXBuildFile; fileRef = 49BCA19123A177660028A836 /* APIResourceLoadStatisticsFirstParty.h */; };
                49BCA19523A18CFD0028A836 /* _WKResourceLoadStatisticsFirstPartyInternal.h in Headers */ = {isa = PBXBuildFile; fileRef = 49BCA19023A175490028A836 /* _WKResourceLoadStatisticsFirstPartyInternal.h */; };
                49BCA19723A1930D0028A836 /* APIResourceLoadStatisticsThirdParty.h in Headers */ = {isa = PBXBuildFile; fileRef = 49BCA19623A18F620028A836 /* APIResourceLoadStatisticsThirdParty.h */; };
                46F77D8123BE63DC0090B5A7 /* DependencyProcessAssertionIOS.mm */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.objcpp; name = DependencyProcessAssertionIOS.mm; path = ios/DependencyProcessAssertionIOS.mm; sourceTree = "<group>"; };
                46F9B26223526ED0006FE5FA /* WebBackForwardCacheEntry.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = WebBackForwardCacheEntry.h; sourceTree = "<group>"; };
                46FDA8F623BE585900B198FA /* RunningBoardServicesSPI.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = RunningBoardServicesSPI.h; sourceTree = "<group>"; };
+               4960A3BC23C5286400961842 /* WebViewCategory.h */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; path = WebViewCategory.h; sourceTree = "<group>"; };
                49BCA19023A175490028A836 /* _WKResourceLoadStatisticsFirstPartyInternal.h */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; path = _WKResourceLoadStatisticsFirstPartyInternal.h; sourceTree = "<group>"; };
                49BCA19123A177660028A836 /* APIResourceLoadStatisticsFirstParty.h */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; path = APIResourceLoadStatisticsFirstParty.h; sourceTree = "<group>"; };
                49BCA19623A18F620028A836 /* APIResourceLoadStatisticsThirdParty.h */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; path = APIResourceLoadStatisticsThirdParty.h; sourceTree = "<group>"; };
                                C0337DD7127A51B6008FF4F4 /* WebTouchEvent.cpp */,
                                7C065F291C8CD95F00C2D950 /* WebUserContentControllerDataTypes.cpp */,
                                7C065F2A1C8CD95F00C2D950 /* WebUserContentControllerDataTypes.h */,
+                               4960A3BC23C5286400961842 /* WebViewCategory.h */,
                                C0337DD0127A2980008FF4F4 /* WebWheelEvent.cpp */,
                        );
                        path = Shared;
                                7C361D79192803BD0036A59D /* WebUserContentControllerProxyMessages.h in Headers */,
                                15739BBD1B42042D00D258C1 /* WebUserMediaClient.h in Headers */,
                                83EE575C1DB7D61100C74C50 /* WebValidationMessageClient.h in Headers */,
+                               4960A3BD23C52AFD00961842 /* WebViewCategory.h in Headers */,
                                572FD44322265CE200A1ECC3 /* WebViewDidMoveToWindowObserver.h in Headers */,
                                2DFC7DBB1BCCC19500C1548C /* WebViewImpl.h in Headers */,
                                29CD55AA128E294F00133C85 /* WKAccessibilityWebPageObjectBase.h in Headers */,
index 139f85d..0349fcc 100644 (file)
@@ -1,3 +1,17 @@
+2020-01-07  Kate Cheney  <katherine_cheney@apple.com>
+
+        Create a mechanism for 'safe by default' web views
+        https://bugs.webkit.org/show_bug.cgi?id=205407
+        <rdar://problem/58053071>
+
+        Reviewed by Alex Christensen.
+
+        Test the default WebView category is correct and that the setter works
+        properly.
+
+        * TestWebKitAPI/Tests/WebKitCocoa/Configuration.mm:
+        (TEST):
+
 2020-01-07  Truitt Savell  <tsavell@apple.com>
 
         Unreviewed, rolling out r254165.
index f7337a6..715613e 100644 (file)
@@ -59,4 +59,19 @@ TEST(WebKit, ConfigurationDrawsBackground)
     EXPECT_EQ([configedWebView _drawsBackground], NO);
 }
 
+TEST(WebKit, WebViewCategory)
+{
+    auto configuration = adoptNS([[WKWebViewConfiguration alloc] init]);
+    EXPECT_EQ([configuration _webViewCategory], _WKWebViewCategoryHybridApp);
+
+    [configuration _setWebViewCategory:_WKWebViewCategoryInAppBrowser];
+    EXPECT_EQ([configuration _webViewCategory], _WKWebViewCategoryInAppBrowser);
+
+    [configuration _setWebViewCategory:_WKWebViewCategoryWebBrowser];
+    EXPECT_EQ([configuration _webViewCategory], _WKWebViewCategoryWebBrowser);
+
+    [configuration _setWebViewCategory:_WKWebViewCategoryHybridApp];
+    EXPECT_EQ([configuration _webViewCategory], _WKWebViewCategoryHybridApp);
+}
+
 #endif