[Beacon] Do connect-src CSP check on redirects as well
authorcdumez@apple.com <cdumez@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Thu, 10 Aug 2017 21:51:15 +0000 (21:51 +0000)
committercdumez@apple.com <cdumez@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Thu, 10 Aug 2017 21:51:15 +0000 (21:51 +0000)
commit44fc687cc65d10f3047f26c2fdd2194d7e8ba456
treed8e7bf5d25459358e17870e2409e856e65dff18b
parent6a89f4983e924e3a05bef6e40a41453b10fd7c51
[Beacon] Do connect-src CSP check on redirects as well
https://bugs.webkit.org/show_bug.cgi?id=175410
<rdar://problem/33815470>

Reviewed by Youenn Fablet.

Source/WebCore:

Pass ContentSecurityPolicy object to createPingHandle so that we can send
enough data to the NetworkProcess so do CSP checks for Ping loads such
as Beacon. For the IPC, we serialize the ContentSecurityPolicy's response
headers. Those headers are now cached in ContentSecurityPolicy for
performance reasons. CSP headers are rarely updated in practice but
sendBeacon() may get called repeatedly for a given document.

Tests: http/wpt/beacon/connect-src-beacon-redirect-allowed.sub.html
       http/wpt/beacon/connect-src-beacon-redirect-blocked.sub.html

* loader/LoaderStrategy.h:
* loader/PingLoader.cpp:
(WebCore::PingLoader::loadImage):
(WebCore::PingLoader::sendPing):
(WebCore::PingLoader::sendViolationReport):
(WebCore::PingLoader::startPingLoad):
* loader/PingLoader.h:
* loader/cache/CachedResource.cpp:
(WebCore::CachedResource::load):
* page/csp/ContentSecurityPolicy.cpp:
(WebCore::ContentSecurityPolicy::responseHeaders const):
(WebCore::ContentSecurityPolicy::didReceiveHeader):
* page/csp/ContentSecurityPolicy.h:
* page/csp/ContentSecurityPolicyResponseHeaders.h:
(WebCore::ContentSecurityPolicyResponseHeaders::encode const):
(WebCore::ContentSecurityPolicyResponseHeaders::decode):

Source/WebKit:

Pass CSP Response headers to the NetworkProcess via NetworkResourceLoadParameters
when doing a PingLoad. This allows PingLoad to do CSP checks (in particular
connect-src ones) in case the ping load gets redirected. Those checks need to be
done on the NetworkProcess side at this point because there is no guarantee the
WebContent process is still around.

To do the CSP checks, PingLoad lazily reconstructs a ContentSecurityPolicy object
from the CSP response headers.

* NetworkProcess/NetworkResourceLoadParameters.cpp:
(WebKit::NetworkResourceLoadParameters::encode const):
(WebKit::NetworkResourceLoadParameters::decode):
* NetworkProcess/NetworkResourceLoadParameters.h:
* NetworkProcess/PingLoad.cpp:
(WebKit::PingLoad::willPerformHTTPRedirection):
(WebKit::PingLoad::contentSecurityPolicy):
* NetworkProcess/PingLoad.h:
* WebProcess/Network/WebLoaderStrategy.cpp:
(WebKit::WebLoaderStrategy::createPingHandle):
* WebProcess/Network/WebLoaderStrategy.h:

Source/WebKitLegacy:

Update createPingHandle() to take in ContentSecurityPolicy
object in but no behavior change for WK1.

* WebCoreSupport/WebResourceLoadScheduler.cpp:
(WebResourceLoadScheduler::createPingHandle):
* WebCoreSupport/WebResourceLoadScheduler.h:

LayoutTests:

Add layout test coverage.

* http/wpt/beacon/connect-src-beacon-redirect-allowed.sub-expected.txt: Added.
* http/wpt/beacon/connect-src-beacon-redirect-allowed.sub.html: Added.
* http/wpt/beacon/connect-src-beacon-redirect-blocked.sub-expected.txt: Added.
* http/wpt/beacon/connect-src-beacon-redirect-blocked.sub.html: Added.

git-svn-id: http://svn.webkit.org/repository/webkit/trunk@220549 268f45cc-cd09-0410-ab3c-d52691b4dbfc
23 files changed:
LayoutTests/ChangeLog
LayoutTests/http/wpt/beacon/connect-src-beacon-redirect-allowed.sub-expected.txt [new file with mode: 0644]
LayoutTests/http/wpt/beacon/connect-src-beacon-redirect-allowed.sub.html [new file with mode: 0644]
LayoutTests/http/wpt/beacon/connect-src-beacon-redirect-blocked.sub-expected.txt [new file with mode: 0644]
LayoutTests/http/wpt/beacon/connect-src-beacon-redirect-blocked.sub.html [new file with mode: 0644]
Source/WebCore/ChangeLog
Source/WebCore/loader/LoaderStrategy.h
Source/WebCore/loader/PingLoader.cpp
Source/WebCore/loader/PingLoader.h
Source/WebCore/loader/cache/CachedResource.cpp
Source/WebCore/page/csp/ContentSecurityPolicy.cpp
Source/WebCore/page/csp/ContentSecurityPolicy.h
Source/WebCore/page/csp/ContentSecurityPolicyResponseHeaders.h
Source/WebKit/ChangeLog
Source/WebKit/NetworkProcess/NetworkResourceLoadParameters.cpp
Source/WebKit/NetworkProcess/NetworkResourceLoadParameters.h
Source/WebKit/NetworkProcess/PingLoad.cpp
Source/WebKit/NetworkProcess/PingLoad.h
Source/WebKit/WebProcess/Network/WebLoaderStrategy.cpp
Source/WebKit/WebProcess/Network/WebLoaderStrategy.h
Source/WebKitLegacy/ChangeLog
Source/WebKitLegacy/WebCoreSupport/WebResourceLoadScheduler.cpp
Source/WebKitLegacy/WebCoreSupport/WebResourceLoadScheduler.h