WebKit GIT trees - WebKit.git/commit

Ignore history items added by JS without user interaction when navigation back/forward via the WKWebView API
https://bugs.webkit.org/show_bug.cgi?id=241885
<rdar://94838657>

Reviewed by Geoffrey Garen.

Ignore history items added by JS without user interaction when navigation
back/forward via the WKWebView API. This is a behavior similar to the
intervention made in Chrome (https://bugs.chromium.org/p/chromium/issues/detail?id=907167)
to prevent websites from hijacking the back/forward list.

When an history item is added by JS via history.pushState() and without a user
gesture, we now set a flag on that HistoryItem to remember this. Later on, when
calling [WKWebView goBack] or [WKWebView goForward], we will skip the history
item that have this flag set. This behavior occurs behind a linked-on-after
check to reduce the compatibility risk.

Also, navigations via other means (e.g. via JavaScript) are not impacted and will
ignore this new flag.

* Source/WTF/wtf/cocoa/RuntimeApplicationChecksCocoa.h:
* Source/WebCore/history/HistoryItem.h:
(WebCore::HistoryItem::setWasCreatedByJSWithoutUserInteraction):
(WebCore::HistoryItem::wasCreatedByJSWithoutUserInteraction const):
* Source/WebCore/loader/HistoryController.cpp:
(WebCore::FrameLoader::HistoryController::pushState):
* Source/WebKit/Shared/SessionState.cpp:
(WebKit::PageState::encode const):
(WebKit::PageState::decode):
* Source/WebKit/Shared/SessionState.h:
* Source/WebKit/Shared/WebBackForwardListItem.h:
(WebKit::WebBackForwardListItem::wasCreatedByJSWithoutUserInteraction const):
* Source/WebKit/UIProcess/WebPageProxy.cpp:
(WebKit::itemSkippingBackForwardItemsAddedByJSWithoutUserGesture):
(WebKit::WebPageProxy::goForward):
(WebKit::WebPageProxy::goBack):
* Source/WebKit/WebProcess/WebCoreSupport/SessionStateConversion.cpp:
(WebKit::toBackForwardListItemState):
* Tools/TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj:
* Tools/TestWebKitAPI/Tests/WebKit/WKBackForwardList.mm:
(TEST):
* Tools/TestWebKitAPI/cocoa/TestNavigationDelegate.h:
* Tools/TestWebKitAPI/cocoa/TestNavigationDelegate.mm:
(-[TestNavigationDelegate _webView:navigation:didSameDocumentNavigation:]):
(-[TestNavigationDelegate waitForDidFinishNavigationOrSameDocumentNavigation]):
(-[WKWebView _test_waitForDidFinishNavigationOrSameDocumentNavigation]):

link: https://commits.webkit.org/251783@main
git-svn-id: http://svn.webkit.org/repository/webkit/trunk@295778 268f45cc-cd09-0410-ab3c-d52691b4dbfc

author	cdumez@apple.com <cdumez@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
	Thu, 23 Jun 2022 16:16:19 +0000 (16:16 +0000)
committer	cdumez@apple.com <cdumez@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
	Thu, 23 Jun 2022 16:16:19 +0000 (16:16 +0000)
commit	e7faecc4fcb24350646e1305ac734c97b2abfc44
tree	725814f4219bcd7ef1d18975c71eb48f7596eea4	tree \| snapshot
parent	c70b37a6ab650230cb78b0a9021c262059cf20b2	commit \| diff

Source/WTF/wtf/cocoa/RuntimeApplicationChecksCocoa.h		diff \| blob \| history
Source/WebCore/history/HistoryItem.h		diff \| blob \| history
Source/WebCore/loader/HistoryController.cpp		diff \| blob \| history
Source/WebKit/Shared/SessionState.cpp		diff \| blob \| history
Source/WebKit/Shared/SessionState.h		diff \| blob \| history
Source/WebKit/Shared/WebBackForwardListItem.h		diff \| blob \| history
Source/WebKit/UIProcess/WebPageProxy.cpp		diff \| blob \| history
Source/WebKit/WebProcess/WebCoreSupport/SessionStateConversion.cpp		diff \| blob \| history
Tools/TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj		diff \| blob \| history
Tools/TestWebKitAPI/Tests/WebKit/WKBackForwardList.mm		diff \| blob \| history
Tools/TestWebKitAPI/cocoa/TestNavigationDelegate.h		diff \| blob \| history
Tools/TestWebKitAPI/cocoa/TestNavigationDelegate.mm		diff \| blob \| history