Synchronize SecurityOrigin related scheme registries with NetworkProcess
authoryouenn@apple.com <youenn@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Thu, 29 Mar 2018 20:36:06 +0000 (20:36 +0000)
committeryouenn@apple.com <youenn@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Thu, 29 Mar 2018 20:36:06 +0000 (20:36 +0000)
https://bugs.webkit.org/show_bug.cgi?id=184140

Reviewed by Chris Dumez.

Add syncing of scheme registries that are used by SecurityOrigin and ContentSecurityPolicy
so that we can properly use them in NetworkProcess as we do in WebProcess.
The registries that are not synced are:
- URLSchemeAsEmptyDocument
- URLSchemeDomainRelaxationForbidden
- URLSchemeAsCachePartitioned
- URLSchemeAsCanDisplayOnlyIfCanRequest

* NetworkProcess/NetworkProcess.cpp:
(WebKit::NetworkProcess::initializeNetworkProcess):
(WebKit::NetworkProcess::registerURLSchemeAsSecure const):
(WebKit::NetworkProcess::registerURLSchemeAsBypassingContentSecurityPolicy const):
(WebKit::NetworkProcess::registerURLSchemeAsLocal const):
(WebKit::NetworkProcess::registerURLSchemeAsNoAccess const):
(WebKit::NetworkProcess::registerURLSchemeAsDisplayIsolated const):
(WebKit::NetworkProcess::registerURLSchemeAsCORSEnabled const):
(WebKit::NetworkProcess::registerURLSchemeAsCanDisplayOnlyIfCanRequest const):
* NetworkProcess/NetworkProcess.h:
* NetworkProcess/NetworkProcess.messages.in:
* NetworkProcess/NetworkProcessCreationParameters.cpp:
(WebKit::NetworkProcessCreationParameters::encode const):
(WebKit::NetworkProcessCreationParameters::decode):
* NetworkProcess/NetworkProcessCreationParameters.h:
* UIProcess/WebProcessPool.cpp:
(WebKit::WebProcessPool::ensureNetworkProcess):
(WebKit::WebProcessPool::registerURLSchemeAsSecure):
(WebKit::WebProcessPool::registerURLSchemeAsBypassingContentSecurityPolicy):
(WebKit::WebProcessPool::registerURLSchemeAsLocal):
(WebKit::WebProcessPool::registerURLSchemeAsNoAccess):
(WebKit::WebProcessPool::registerURLSchemeAsDisplayIsolated):
(WebKit::WebProcessPool::registerURLSchemeAsCORSEnabled):
(WebKit::WebProcessPool::registerURLSchemeAsCanDisplayOnlyIfCanRequest):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@230079 268f45cc-cd09-0410-ab3c-d52691b4dbfc

Source/WebKit/ChangeLog
Source/WebKit/NetworkProcess/NetworkProcess.cpp
Source/WebKit/NetworkProcess/NetworkProcess.h
Source/WebKit/NetworkProcess/NetworkProcess.messages.in
Source/WebKit/NetworkProcess/NetworkProcessCreationParameters.cpp
Source/WebKit/NetworkProcess/NetworkProcessCreationParameters.h
Source/WebKit/UIProcess/WebProcessPool.cpp

index 1d2e74c8a1e1c1c830dbc38e403afbd95bf24dfb..71897cb8019f3f240118b0915d06571d6f62285b 100644 (file)
@@ -1,3 +1,43 @@
+2018-03-29  Youenn Fablet  <youenn@apple.com>
+
+        Synchronize SecurityOrigin related scheme registries with NetworkProcess
+        https://bugs.webkit.org/show_bug.cgi?id=184140
+
+        Reviewed by Chris Dumez.
+
+        Add syncing of scheme registries that are used by SecurityOrigin and ContentSecurityPolicy
+        so that we can properly use them in NetworkProcess as we do in WebProcess.
+        The registries that are not synced are:
+        - URLSchemeAsEmptyDocument
+        - URLSchemeDomainRelaxationForbidden
+        - URLSchemeAsCachePartitioned
+        - URLSchemeAsCanDisplayOnlyIfCanRequest
+
+        * NetworkProcess/NetworkProcess.cpp:
+        (WebKit::NetworkProcess::initializeNetworkProcess):
+        (WebKit::NetworkProcess::registerURLSchemeAsSecure const):
+        (WebKit::NetworkProcess::registerURLSchemeAsBypassingContentSecurityPolicy const):
+        (WebKit::NetworkProcess::registerURLSchemeAsLocal const):
+        (WebKit::NetworkProcess::registerURLSchemeAsNoAccess const):
+        (WebKit::NetworkProcess::registerURLSchemeAsDisplayIsolated const):
+        (WebKit::NetworkProcess::registerURLSchemeAsCORSEnabled const):
+        (WebKit::NetworkProcess::registerURLSchemeAsCanDisplayOnlyIfCanRequest const):
+        * NetworkProcess/NetworkProcess.h:
+        * NetworkProcess/NetworkProcess.messages.in:
+        * NetworkProcess/NetworkProcessCreationParameters.cpp:
+        (WebKit::NetworkProcessCreationParameters::encode const):
+        (WebKit::NetworkProcessCreationParameters::decode):
+        * NetworkProcess/NetworkProcessCreationParameters.h:
+        * UIProcess/WebProcessPool.cpp:
+        (WebKit::WebProcessPool::ensureNetworkProcess):
+        (WebKit::WebProcessPool::registerURLSchemeAsSecure):
+        (WebKit::WebProcessPool::registerURLSchemeAsBypassingContentSecurityPolicy):
+        (WebKit::WebProcessPool::registerURLSchemeAsLocal):
+        (WebKit::WebProcessPool::registerURLSchemeAsNoAccess):
+        (WebKit::WebProcessPool::registerURLSchemeAsDisplayIsolated):
+        (WebKit::WebProcessPool::registerURLSchemeAsCORSEnabled):
+        (WebKit::WebProcessPool::registerURLSchemeAsCanDisplayOnlyIfCanRequest):
+
 2018-03-29  Brent Fulgham  <bfulgham@apple.com>
 
         REGRESSION(r229480): ERROR: Unhandled web process message 'WebCookieManager:SetHTTPCookieAcceptPolicy'
index c65d066d45d5a68698afc9772c17136dc4d0b772..1c5588e7943498fa419744a829e8b7444f38307e 100644 (file)
@@ -67,6 +67,7 @@
 #include <WebCore/PlatformCookieJar.h>
 #include <WebCore/ResourceRequest.h>
 #include <WebCore/RuntimeApplicationChecks.h>
+#include <WebCore/SchemeRegistry.h>
 #include <WebCore/SecurityOriginData.h>
 #include <WebCore/SecurityOriginHash.h>
 #include <WebCore/Settings.h>
@@ -271,6 +272,27 @@ void NetworkProcess::initializeNetworkProcess(NetworkProcessCreationParameters&&
     for (auto& supplement : m_supplements.values())
         supplement->initialize(parameters);
 
+    for (auto& scheme : parameters.urlSchemesRegisteredAsSecure)
+        registerURLSchemeAsSecure(scheme);
+
+    for (auto& scheme : parameters.urlSchemesRegisteredAsBypassingContentSecurityPolicy)
+        registerURLSchemeAsBypassingContentSecurityPolicy(scheme);
+
+    for (auto& scheme : parameters.urlSchemesRegisteredAsLocal)
+        registerURLSchemeAsLocal(scheme);
+
+    for (auto& scheme : parameters.urlSchemesRegisteredAsNoAccess)
+        registerURLSchemeAsNoAccess(scheme);
+
+    for (auto& scheme : parameters.urlSchemesRegisteredAsDisplayIsolated)
+        registerURLSchemeAsDisplayIsolated(scheme);
+
+    for (auto& scheme : parameters.urlSchemesRegisteredAsCORSEnabled)
+        registerURLSchemeAsCORSEnabled(scheme);
+
+    for (auto& scheme : parameters.urlSchemesRegisteredAsCanDisplayOnlyIfCanRequest)
+        registerURLSchemeAsCanDisplayOnlyIfCanRequest(scheme);
+
     RELEASE_LOG(Process, "%p - NetworkProcess::initializeNetworkProcess: Presenting process = %d", this, WebCore::presentingApplicationPID());
 }
 
@@ -866,6 +888,41 @@ uint64_t NetworkProcess::cacheStoragePerOriginQuota() const
     return m_cacheStoragePerOriginQuota;
 }
 
+void NetworkProcess::registerURLSchemeAsSecure(const String& scheme) const
+{
+    SchemeRegistry::registerURLSchemeAsSecure(scheme);
+}
+
+void NetworkProcess::registerURLSchemeAsBypassingContentSecurityPolicy(const String& scheme) const
+{
+    SchemeRegistry::registerURLSchemeAsBypassingContentSecurityPolicy(scheme);
+}
+
+void NetworkProcess::registerURLSchemeAsLocal(const String& scheme) const
+{
+    SchemeRegistry::registerURLSchemeAsLocal(scheme);
+}
+
+void NetworkProcess::registerURLSchemeAsNoAccess(const String& scheme) const
+{
+    SchemeRegistry::registerURLSchemeAsNoAccess(scheme);
+}
+
+void NetworkProcess::registerURLSchemeAsDisplayIsolated(const String& scheme) const
+{
+    SchemeRegistry::registerURLSchemeAsDisplayIsolated(scheme);
+}
+
+void NetworkProcess::registerURLSchemeAsCORSEnabled(const String& scheme) const
+{
+    SchemeRegistry::registerURLSchemeAsCORSEnabled(scheme);
+}
+
+void NetworkProcess::registerURLSchemeAsCanDisplayOnlyIfCanRequest(const String& scheme) const
+{
+    SchemeRegistry::registerAsCanDisplayOnlyIfCanRequest(scheme);
+}
+
 #if !PLATFORM(COCOA)
 void NetworkProcess::initializeProcess(const ChildProcessInitializationParameters&)
 {
index 212b8bd95125992bd1e1708a37cc50900a732b71..d8cea69de8762992ab02974e45a78718440d75cd 100644 (file)
@@ -240,6 +240,14 @@ private:
     static void setSharedHTTPCookieStorage(const Vector<uint8_t>& identifier);
 #endif
 
+    void registerURLSchemeAsSecure(const String&) const;
+    void registerURLSchemeAsBypassingContentSecurityPolicy(const String&) const;
+    void registerURLSchemeAsLocal(const String&) const;
+    void registerURLSchemeAsNoAccess(const String&) const;
+    void registerURLSchemeAsDisplayIsolated(const String&) const;
+    void registerURLSchemeAsCORSEnabled(const String&) const;
+    void registerURLSchemeAsCanDisplayOnlyIfCanRequest(const String&) const;
+
     // Connections to WebProcesses.
     Vector<RefPtr<NetworkConnectionToWebProcess>> m_webProcessConnections;
 
index 49a9107b6a16d3579e64f61940a17f3e54332f82..5e18035988149f9bdeeb62c9ba56da8ab5773c05 100644 (file)
@@ -91,4 +91,12 @@ messages -> NetworkProcess LegacyReceiver {
 #endif
 
     SetSessionIsControlledByAutomation(PAL::SessionID sessionID, bool controlled);
+
+    RegisterURLSchemeAsSecure(String scheme)
+    RegisterURLSchemeAsBypassingContentSecurityPolicy(String scheme)
+    RegisterURLSchemeAsLocal(String scheme)
+    RegisterURLSchemeAsNoAccess(String scheme)
+    RegisterURLSchemeAsDisplayIsolated(String scheme)
+    RegisterURLSchemeAsCORSEnabled(String scheme)
+    RegisterURLSchemeAsCanDisplayOnlyIfCanRequest(String scheme)
 }
index 880e12fb816222517759e638c420fb09becf1db6..a84e498cffc495a09ef6d9fe980eae1c6c719f7c 100644 (file)
@@ -107,6 +107,14 @@ void NetworkProcessCreationParameters::encode(IPC::Encoder& encoder) const
     encoder << recordReplayMode;
     encoder << recordReplayCacheLocation;
 #endif
+
+    encoder << urlSchemesRegisteredAsSecure;
+    encoder << urlSchemesRegisteredAsBypassingContentSecurityPolicy;
+    encoder << urlSchemesRegisteredAsLocal;
+    encoder << urlSchemesRegisteredAsNoAccess;
+    encoder << urlSchemesRegisteredAsDisplayIsolated;
+    encoder << urlSchemesRegisteredAsCORSEnabled;
+    encoder << urlSchemesRegisteredAsCanDisplayOnlyIfCanRequest;
 }
 
 bool NetworkProcessCreationParameters::decode(IPC::Decoder& decoder, NetworkProcessCreationParameters& result)
@@ -252,6 +260,21 @@ bool NetworkProcessCreationParameters::decode(IPC::Decoder& decoder, NetworkProc
         return false;
 #endif
 
+    if (!decoder.decode(result.urlSchemesRegisteredAsSecure))
+        return false;
+    if (!decoder.decode(result.urlSchemesRegisteredAsBypassingContentSecurityPolicy))
+        return false;
+    if (!decoder.decode(result.urlSchemesRegisteredAsLocal))
+        return false;
+    if (!decoder.decode(result.urlSchemesRegisteredAsNoAccess))
+        return false;
+    if (!decoder.decode(result.urlSchemesRegisteredAsDisplayIsolated))
+        return false;
+    if (!decoder.decode(result.urlSchemesRegisteredAsCORSEnabled))
+        return false;
+    if (!decoder.decode(result.urlSchemesRegisteredAsCanDisplayOnlyIfCanRequest))
+        return false;
+
     return true;
 }
 
index 8fc3e76a8e68afbf45241909c03bd7e0268a8bbd..c2b680b025304c57f7f404bcc2a19dac3b857114 100644 (file)
@@ -124,6 +124,14 @@ struct NetworkProcessCreationParameters {
     String recordReplayMode;
     String recordReplayCacheLocation;
 #endif
+
+    Vector<String> urlSchemesRegisteredAsSecure;
+    Vector<String> urlSchemesRegisteredAsBypassingContentSecurityPolicy;
+    Vector<String> urlSchemesRegisteredAsLocal;
+    Vector<String> urlSchemesRegisteredAsNoAccess;
+    Vector<String> urlSchemesRegisteredAsDisplayIsolated;
+    Vector<String> urlSchemesRegisteredAsCanDisplayOnlyIfCanRequest;
+    Vector<String> urlSchemesRegisteredAsCORSEnabled;
 };
 
 } // namespace WebKit
index b3799f0582a8183e442e98d831aaad8c03b7a2ce..c8bed002d667a9ed8e8bc41da1de30a924cd7559 100644 (file)
@@ -483,6 +483,14 @@ NetworkProcessProxy& WebProcessPool::ensureNetworkProcess(WebsiteDataStore* with
     parameters.shouldUseTestingNetworkSession = m_shouldUseTestingNetworkSession;
     parameters.presentingApplicationPID = m_configuration->presentingApplicationPID();
 
+    parameters.urlSchemesRegisteredAsSecure = copyToVector(m_schemesToRegisterAsSecure);
+    parameters.urlSchemesRegisteredAsBypassingContentSecurityPolicy = copyToVector(m_schemesToRegisterAsBypassingContentSecurityPolicy);
+    parameters.urlSchemesRegisteredAsLocal = copyToVector(m_schemesToRegisterAsLocal);
+    parameters.urlSchemesRegisteredAsNoAccess = copyToVector(m_schemesToRegisterAsNoAccess);
+    parameters.urlSchemesRegisteredAsDisplayIsolated = copyToVector(m_schemesToRegisterAsDisplayIsolated);
+    parameters.urlSchemesRegisteredAsCORSEnabled = copyToVector(m_schemesToRegisterAsCORSEnabled);
+    parameters.urlSchemesRegisteredAsCanDisplayOnlyIfCanRequest = copyToVector(m_schemesToRegisterAsCanDisplayOnlyIfCanRequest);
+
     // Add any platform specific parameters
     platformInitializeNetworkProcess(parameters);
 
@@ -1293,12 +1301,14 @@ void WebProcessPool::registerURLSchemeAsSecure(const String& urlScheme)
 {
     m_schemesToRegisterAsSecure.add(urlScheme);
     sendToAllProcesses(Messages::WebProcess::RegisterURLSchemeAsSecure(urlScheme));
+    sendToNetworkingProcess(Messages::NetworkProcess::RegisterURLSchemeAsSecure(urlScheme));
 }
 
 void WebProcessPool::registerURLSchemeAsBypassingContentSecurityPolicy(const String& urlScheme)
 {
     m_schemesToRegisterAsBypassingContentSecurityPolicy.add(urlScheme);
     sendToAllProcesses(Messages::WebProcess::RegisterURLSchemeAsBypassingContentSecurityPolicy(urlScheme));
+    sendToNetworkingProcess(Messages::NetworkProcess::RegisterURLSchemeAsBypassingContentSecurityPolicy(urlScheme));
 }
 
 void WebProcessPool::setDomainRelaxationForbiddenForURLScheme(const String& urlScheme)
@@ -1328,24 +1338,28 @@ void WebProcessPool::registerURLSchemeAsLocal(const String& urlScheme)
 {
     m_schemesToRegisterAsLocal.add(urlScheme);
     sendToAllProcesses(Messages::WebProcess::RegisterURLSchemeAsLocal(urlScheme));
+    sendToNetworkingProcess(Messages::NetworkProcess::RegisterURLSchemeAsLocal(urlScheme));
 }
 
 void WebProcessPool::registerURLSchemeAsNoAccess(const String& urlScheme)
 {
     m_schemesToRegisterAsNoAccess.add(urlScheme);
     sendToAllProcesses(Messages::WebProcess::RegisterURLSchemeAsNoAccess(urlScheme));
+    sendToNetworkingProcess(Messages::NetworkProcess::RegisterURLSchemeAsNoAccess(urlScheme));
 }
 
 void WebProcessPool::registerURLSchemeAsDisplayIsolated(const String& urlScheme)
 {
     m_schemesToRegisterAsDisplayIsolated.add(urlScheme);
     sendToAllProcesses(Messages::WebProcess::RegisterURLSchemeAsDisplayIsolated(urlScheme));
+    sendToNetworkingProcess(Messages::NetworkProcess::RegisterURLSchemeAsDisplayIsolated(urlScheme));
 }
 
 void WebProcessPool::registerURLSchemeAsCORSEnabled(const String& urlScheme)
 {
     m_schemesToRegisterAsCORSEnabled.add(urlScheme);
     sendToAllProcesses(Messages::WebProcess::RegisterURLSchemeAsCORSEnabled(urlScheme));
+    sendToNetworkingProcess(Messages::NetworkProcess::RegisterURLSchemeAsCORSEnabled(urlScheme));
 }
 
 void WebProcessPool::registerGlobalURLSchemeAsHavingCustomProtocolHandlers(const String& urlScheme)
@@ -1386,6 +1400,7 @@ void WebProcessPool::registerURLSchemeAsCanDisplayOnlyIfCanRequest(const String&
 {
     m_schemesToRegisterAsCanDisplayOnlyIfCanRequest.add(urlScheme);
     sendToAllProcesses(Messages::WebProcess::RegisterURLSchemeAsCanDisplayOnlyIfCanRequest(urlScheme));
+    sendToNetworkingProcess(Messages::NetworkProcess::RegisterURLSchemeAsCanDisplayOnlyIfCanRequest(urlScheme));
 }
 
 void WebProcessPool::setCacheModel(CacheModel cacheModel)