Only allow non-mixed content protected subresources to ask for credentials
authordbates@webkit.org <dbates@webkit.org@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Fri, 27 Oct 2017 22:31:14 +0000 (22:31 +0000)
committerdbates@webkit.org <dbates@webkit.org@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Fri, 27 Oct 2017 22:31:14 +0000 (22:31 +0000)
commit26457fccac6f9abe15dcbcf03b950302e1888b83
tree1eedd503915553fe6b1735b11739b60d3e9ced95
parent7b3416ae9ea8c93e0c417719c92142930bd00804
Only allow non-mixed content protected subresources to ask for credentials
https://bugs.webkit.org/show_bug.cgi?id=178919
<rdar://problem/35015245>

Reviewed by Alex Christensen.

Source/WebCore:

Only allow non-mixed content protected subresources to ask for credentials. It is not meaningful
to allow protected mixed-content subresources to ask for credentials.

Tests: http/tests/security/mixedContent/insecure-image-redirects-to-basic-auth-secure-image.html
       http/tests/security/mixedContent/insecure-script-redirects-to-basic-auth-secure-script.html
       http/tests/security/mixedContent/insecure-stylesheet-redirects-to-basic-auth-secure-stylesheet.html
       http/tests/security/mixedContent/secure-redirect-to-insecure-redirect-to-basic-auth-secure-image.https.html
       http/tests/security/mixedContent/secure-redirect-to-secure-redirect-to-basic-auth-insecure-image.https.html
       http/tests/security/mixedContent/secure-redirect-to-secure-redirect-to-basic-auth-secure-image.https.html

* loader/ResourceLoader.cpp:
(WebCore::ResourceLoader::ResourceLoader): Initialize m_canAskClientForCredentials based on the
specified resource loader options.
(WebCore::ResourceLoader::init): Update m_canAskClientForCredentials based on the URL of the initial
request.
(WebCore::ResourceLoader::isMixedContent const): Helper function to check if the specified URL
represents a mixed content resource.
(WebCore::ResourceLoader::willSendRequestInternal): If the original request or the redirect request
is mixed content then update state such that we will disallow asking for credentials.
(WebCore::ResourceLoader::isAllowedToAskUserForCredentials const): Modified to use m_canAskClientForCredentials
when determining whether the request is allowed to ask for credentials.
* loader/ResourceLoader.h:

Source/WebKit:

Only allow non-mixed content protected subresources to ask for credentials. It is not meaningful
to allow protected mixed-content subresources to ask for credentials.

* NetworkProcess/Downloads/PendingDownload.cpp:
(WebKit::PendingDownload::PendingDownload): Initialize m_isAllowedToAskUserForCredentials based on
the specified resource load parameters or NetworkLoad object.
* NetworkProcess/Downloads/PendingDownload.h: Add override for NetworkLoadClient::isAllowedToAskUserForCredentials().
* NetworkProcess/NetworkLoad.cpp:
(WebKit::NetworkLoad::isAllowedToAskUserForCredentials const): Added.
(WebKit::NetworkLoad::completeAuthenticationChallenge): Ask NetworkLoadClient whether the load is
allowed to prompt for credentials.
(WebKit::NetworkLoad::didReceiveAuthenticationChallenge): Ditto.
* NetworkProcess/NetworkLoad.h:
* NetworkProcess/NetworkLoadClient.h:
* NetworkProcess/NetworkResourceLoader.cpp:
(WebKit::NetworkResourceLoader::NetworkResourceLoader): Initialize m_isAllowedToAskUserForCredentials
based on the specified resource load parameters.
(WebKit::NetworkResourceLoader::willSendRedirectedRequest): We do not support prompting for credentials
for synchronous loads.
(WebKit::NetworkResourceLoader::continueWillSendRequest): Modified to take an argument as to whether the
load is allowed to ask the user for credentials and updates state.
* NetworkProcess/NetworkResourceLoader.h:
* NetworkProcess/NetworkResourceLoader.messages.in: Modified message ContinueWillSendRequest to take a
boolean as to whether the load is allowed to ask the user for credentials.
* NetworkProcess/PreconnectTask.h: Override NetworkLoadClient::isAllowedToAskUserForCredentials()
such that we never ask for credentials. This matches our current behavior.
* NetworkProcess/cache/NetworkCacheSpeculativeLoad.h: Ditto.
* WebProcess/Network/WebResourceLoader.cpp:
(WebKit::WebResourceLoader::willSendRequest): Query ResourceLoader as to whether the load is allowed to
ask the user for credentials and pass this state to NetworkResourceLoader.

LayoutTests:

* http/tests/security/mixedContent/insecure-download-redirects-to-basic-auth-secure-download.https-expected.txt: Added.
* http/tests/security/mixedContent/insecure-download-redirects-to-basic-auth-secure-download.https.html: Added.
* http/tests/security/mixedContent/insecure-image-redirects-to-basic-auth-secure-image-expected.txt: Added.
* http/tests/security/mixedContent/insecure-image-redirects-to-basic-auth-secure-image.html: Added.
* http/tests/security/mixedContent/insecure-script-redirects-to-basic-auth-secure-script-expected.https.txt: Added.
* http/tests/security/mixedContent/insecure-script-redirects-to-basic-auth-secure-script-expected.txt: Added.
* http/tests/security/mixedContent/insecure-script-redirects-to-basic-auth-secure-script.html: Added.
* http/tests/security/mixedContent/insecure-stylesheet-redirects-to-basic-auth-secure-stylesheet-expected.txt: Added.
* http/tests/security/mixedContent/insecure-stylesheet-redirects-to-basic-auth-secure-stylesheet.html: Added.
* http/tests/security/mixedContent/resources/frame-with-insecure-image-redirects-to-basic-auth-secure-image.html: Added.
* http/tests/security/mixedContent/resources/frame-with-insecure-script-redirects-to-basic-auth-secure-script.html: Added.
* http/tests/security/mixedContent/resources/frame-with-insecure-stylesheet-redirects-to-basic-auth-secure-stylesheet.html: Added.
* http/tests/security/mixedContent/resources/frame-with-programmatically-added-insecure-image-redirects-to-basic-auth-secure-image.html: Added.
* http/tests/security/mixedContent/resources/subresource/protected-image.php: Added.
* http/tests/security/mixedContent/resources/subresource/protected-pdf.php: Added.
* http/tests/security/mixedContent/resources/subresource/protected-script.php: Added.
* http/tests/security/mixedContent/resources/subresource/protected-stylesheet.php: Added.
* http/tests/security/mixedContent/secure-redirect-to-insecure-redirect-to-basic-auth-secure-image.https-expected.txt: Added.
* http/tests/security/mixedContent/secure-redirect-to-insecure-redirect-to-basic-auth-secure-image.https.html: Added.
* http/tests/security/mixedContent/secure-redirect-to-secure-redirect-to-basic-auth-insecure-image.https-expected.txt: Added.
* http/tests/security/mixedContent/secure-redirect-to-secure-redirect-to-basic-auth-insecure-image.https.html: Added.
* http/tests/security/mixedContent/secure-redirect-to-secure-redirect-to-basic-auth-secure-image.https-expected.txt: Added.
* http/tests/security/mixedContent/secure-redirect-to-secure-redirect-to-basic-auth-secure-image.https.html: Added.
* platform/ios-wk1/http/tests/security/mixedContent/secure-redirect-to-secure-redirect-to-basic-auth-secure-image.https-expected.txt: Added.
* platform/mac-wk1/http/tests/security/mixedContent/secure-redirect-to-secure-redirect-to-basic-auth-secure-image.https-expected.txt: Added.
* platform/win/http/tests/security/mixedContent/secure-redirect-to-secure-redirect-to-basic-auth-secure-image.https-expected.txt: Added.

git-svn-id: http://svn.webkit.org/repository/webkit/trunk@224134 268f45cc-cd09-0410-ab3c-d52691b4dbfc
42 files changed:
LayoutTests/ChangeLog
LayoutTests/http/tests/security/mixedContent/insecure-download-redirects-to-basic-auth-secure-download.https-expected.txt [new file with mode: 0644]
LayoutTests/http/tests/security/mixedContent/insecure-download-redirects-to-basic-auth-secure-download.https.html [new file with mode: 0644]
LayoutTests/http/tests/security/mixedContent/insecure-image-redirects-to-basic-auth-secure-image-expected.txt [new file with mode: 0644]
LayoutTests/http/tests/security/mixedContent/insecure-image-redirects-to-basic-auth-secure-image.html [new file with mode: 0644]
LayoutTests/http/tests/security/mixedContent/insecure-script-redirects-to-basic-auth-secure-script-expected.https.txt [new file with mode: 0644]
LayoutTests/http/tests/security/mixedContent/insecure-script-redirects-to-basic-auth-secure-script-expected.txt [new file with mode: 0644]
LayoutTests/http/tests/security/mixedContent/insecure-script-redirects-to-basic-auth-secure-script.html [new file with mode: 0644]
LayoutTests/http/tests/security/mixedContent/insecure-stylesheet-redirects-to-basic-auth-secure-stylesheet-expected.txt [new file with mode: 0644]
LayoutTests/http/tests/security/mixedContent/insecure-stylesheet-redirects-to-basic-auth-secure-stylesheet.html [new file with mode: 0644]
LayoutTests/http/tests/security/mixedContent/resources/frame-with-insecure-image-redirects-to-basic-auth-secure-image.html [new file with mode: 0644]
LayoutTests/http/tests/security/mixedContent/resources/frame-with-insecure-script-redirects-to-basic-auth-secure-script.html [new file with mode: 0644]
LayoutTests/http/tests/security/mixedContent/resources/frame-with-insecure-stylesheet-redirects-to-basic-auth-secure-stylesheet.html [new file with mode: 0644]
LayoutTests/http/tests/security/mixedContent/resources/frame-with-programmatically-added-insecure-image-redirects-to-basic-auth-secure-image.html [new file with mode: 0644]
LayoutTests/http/tests/security/mixedContent/resources/subresource/protected-image.php [new file with mode: 0644]
LayoutTests/http/tests/security/mixedContent/resources/subresource/protected-pdf.php [new file with mode: 0644]
LayoutTests/http/tests/security/mixedContent/resources/subresource/protected-script.php [new file with mode: 0644]
LayoutTests/http/tests/security/mixedContent/resources/subresource/protected-stylesheet.php [new file with mode: 0644]
LayoutTests/http/tests/security/mixedContent/secure-redirect-to-insecure-redirect-to-basic-auth-secure-image.https-expected.txt [new file with mode: 0644]
LayoutTests/http/tests/security/mixedContent/secure-redirect-to-insecure-redirect-to-basic-auth-secure-image.https.html [new file with mode: 0644]
LayoutTests/http/tests/security/mixedContent/secure-redirect-to-secure-redirect-to-basic-auth-insecure-image.https-expected.txt [new file with mode: 0644]
LayoutTests/http/tests/security/mixedContent/secure-redirect-to-secure-redirect-to-basic-auth-insecure-image.https.html [new file with mode: 0644]
LayoutTests/http/tests/security/mixedContent/secure-redirect-to-secure-redirect-to-basic-auth-secure-image.https-expected.txt [new file with mode: 0644]
LayoutTests/http/tests/security/mixedContent/secure-redirect-to-secure-redirect-to-basic-auth-secure-image.https.html [new file with mode: 0644]
LayoutTests/platform/ios-wk1/http/tests/security/mixedContent/secure-redirect-to-secure-redirect-to-basic-auth-secure-image.https-expected.txt [new file with mode: 0644]
LayoutTests/platform/mac-wk1/http/tests/security/mixedContent/secure-redirect-to-secure-redirect-to-basic-auth-secure-image.https-expected.txt [new file with mode: 0644]
LayoutTests/platform/win/http/tests/security/mixedContent/secure-redirect-to-secure-redirect-to-basic-auth-secure-image.https-expected.txt [new file with mode: 0644]
Source/WebCore/ChangeLog
Source/WebCore/loader/ResourceLoader.cpp
Source/WebCore/loader/ResourceLoader.h
Source/WebKit/ChangeLog
Source/WebKit/NetworkProcess/Downloads/PendingDownload.cpp
Source/WebKit/NetworkProcess/Downloads/PendingDownload.h
Source/WebKit/NetworkProcess/NetworkLoad.cpp
Source/WebKit/NetworkProcess/NetworkLoad.h
Source/WebKit/NetworkProcess/NetworkLoadClient.h
Source/WebKit/NetworkProcess/NetworkResourceLoader.cpp
Source/WebKit/NetworkProcess/NetworkResourceLoader.h
Source/WebKit/NetworkProcess/NetworkResourceLoader.messages.in
Source/WebKit/NetworkProcess/PreconnectTask.h
Source/WebKit/NetworkProcess/cache/NetworkCacheSpeculativeLoad.h
Source/WebKit/WebProcess/Network/WebResourceLoader.cpp