App-bound JavaScript and Navigation failures should have specific error codes.
authorbeidson@apple.com <beidson@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Tue, 30 Jun 2020 22:21:34 +0000 (22:21 +0000)
committerbeidson@apple.com <beidson@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Tue, 30 Jun 2020 22:21:34 +0000 (22:21 +0000)
<rdar://problem/64940268> and https://bugs.webkit.org/show_bug.cgi?id=213808

Reviewed by Tim Hatcher.
(Informally by Kate Cheney)

Source/WebCore:

Covered by API tests.

* bindings/js/ExceptionDetails.h:

Source/WebKit:

* UIProcess/API/Cocoa/WKError.h:
* UIProcess/API/Cocoa/WKError.mm:
(localizedDescriptionForErrorCode):

* UIProcess/API/Cocoa/WKWebView.mm:
(nsErrorFromExceptionDetails):

* UIProcess/Cocoa/WebPageProxyCocoa.mm:
(WebKit::WebPageProxy::errorForUnpermittedAppBoundDomainNavigation):

* UIProcess/WebPageProxy.cpp:
(WebKit::WebPageProxy::decidePolicyForNavigationAction):
* UIProcess/WebPageProxy.h:

* WebProcess/WebPage/WebPage.cpp:
(WebKit::WebPage::runJavaScript):

Tools:

* TestWebKitAPI/Tests/WebKitCocoa/InAppBrowserPrivacy.mm:
(TEST):

git-svn-id: http://svn.webkit.org/repository/webkit/trunk@263774 268f45cc-cd09-0410-ab3c-d52691b4dbfc

12 files changed:
Source/WebCore/ChangeLog
Source/WebCore/bindings/js/ExceptionDetails.h
Source/WebKit/ChangeLog
Source/WebKit/UIProcess/API/Cocoa/WKError.h
Source/WebKit/UIProcess/API/Cocoa/WKError.mm
Source/WebKit/UIProcess/API/Cocoa/WKWebView.mm
Source/WebKit/UIProcess/Cocoa/WebPageProxyCocoa.mm
Source/WebKit/UIProcess/WebPageProxy.cpp
Source/WebKit/UIProcess/WebPageProxy.h
Source/WebKit/WebProcess/WebPage/WebPage.cpp
Tools/ChangeLog
Tools/TestWebKitAPI/Tests/WebKitCocoa/InAppBrowserPrivacy.mm

index 830ba19..8c9d033 100644 (file)
@@ -1,3 +1,15 @@
+2020-06-30  Brady Eidson  <beidson@apple.com>
+
+        App-bound JavaScript and Navigation failures should have specific error codes.
+        <rdar://problem/64940268> and https://bugs.webkit.org/show_bug.cgi?id=213808
+
+        Reviewed by Tim Hatcher.
+        (Informally by Kate Cheney)
+
+        Covered by API tests.
+
+        * bindings/js/ExceptionDetails.h:
+
 2020-06-30  Mark Lam  <mark.lam@apple.com>
 
         Add handling for a case of OOME in CSSTokenizer and CSSParser.
index bd3bd73..6033f80 100644 (file)
@@ -33,6 +33,7 @@ struct ExceptionDetails {
     enum class Type : uint8_t {
         Script,
         InvalidTargetFrame,
+        AppBoundDomain,
     };
 
     String message;
@@ -53,7 +54,8 @@ template<> struct EnumTraits<WebCore::ExceptionDetails::Type> {
     using values = EnumValues<
         WebCore::ExceptionDetails::Type,
         WebCore::ExceptionDetails::Type::Script,
-        WebCore::ExceptionDetails::Type::InvalidTargetFrame
+        WebCore::ExceptionDetails::Type::InvalidTargetFrame,
+        WebCore::ExceptionDetails::Type::AppBoundDomain
     >;
 };
 }
index 479097a..93a76d4 100644 (file)
@@ -1,3 +1,28 @@
+2020-06-30  Brady Eidson  <beidson@apple.com>
+
+        App-bound JavaScript and Navigation failures should have specific error codes.
+        <rdar://problem/64940268> and https://bugs.webkit.org/show_bug.cgi?id=213808
+
+        Reviewed by Tim Hatcher.
+        (Informally by Kate Cheney)
+
+        * UIProcess/API/Cocoa/WKError.h:
+        * UIProcess/API/Cocoa/WKError.mm:
+        (localizedDescriptionForErrorCode):
+
+        * UIProcess/API/Cocoa/WKWebView.mm:
+        (nsErrorFromExceptionDetails):
+
+        * UIProcess/Cocoa/WebPageProxyCocoa.mm:
+        (WebKit::WebPageProxy::errorForUnpermittedAppBoundDomainNavigation):
+
+        * UIProcess/WebPageProxy.cpp:
+        (WebKit::WebPageProxy::decidePolicyForNavigationAction):
+        * UIProcess/WebPageProxy.h:
+
+        * WebProcess/WebPage/WebPage.cpp:
+        (WebKit::WebPage::runJavaScript):
+
 2020-06-30  Per Arne Vollan  <pvollan@apple.com>
 
         [macOS] Connections to the preference daemon are established before entering the sandbox
index 81a6691..a0a8a7d 100644 (file)
@@ -45,6 +45,8 @@ WK_EXTERN NSString * const WKErrorDomain WK_API_AVAILABLE(macos(10.10), ios(8.0)
  @constant WKErrorContentRuleListStoreVersionMismatch  Indicates that the WKUserContentRuleList version did not match the latest.
  @constant WKErrorAttributedStringContentFailedToLoad  Indicates that the attributed string content failed to load.
  @constant WKErrorAttributedStringContentLoadTimedOut  Indicates that loading attributed string content timed out.
+ @constant WKErrorNavigationAppBoundDomain  Indicates that a navigation failed due to an app-bound domain restriction.
+ @constant WKErrorJavaScriptAppBoundDomain  Indicates that JavaScript execution failed due to an app-bound domain restriction.
  */
 typedef NS_ENUM(NSInteger, WKErrorCode) {
     WKErrorUnknown = 1,
@@ -59,6 +61,8 @@ typedef NS_ENUM(NSInteger, WKErrorCode) {
     WKErrorAttributedStringContentFailedToLoad WK_API_AVAILABLE(macos(10.15), ios(13.0)),
     WKErrorAttributedStringContentLoadTimedOut WK_API_AVAILABLE(macos(10.15), ios(13.0)),
     WKErrorJavaScriptInvalidFrameTarget WK_API_AVAILABLE(macos(WK_MAC_TBA), ios(WK_IOS_TBA)),
+    WKErrorNavigationAppBoundDomain WK_API_AVAILABLE(macos(WK_MAC_TBA), ios(WK_IOS_TBA)),
+    WKErrorJavaScriptAppBoundDomain WK_API_AVAILABLE(macos(WK_MAC_TBA), ios(WK_IOS_TBA)),
 } WK_API_AVAILABLE(macos(10.10), ios(8.0));
 
 NS_ASSUME_NONNULL_END
index eec76da..ef05e0a 100644 (file)
@@ -76,6 +76,12 @@ NSString *localizedDescriptionForErrorCode(WKErrorCode errorCode)
 
     case WKErrorJavaScriptInvalidFrameTarget:
         return WEB_UI_STRING("JavaScript execution targeted an invalid frame", "WKErrorJavaScriptInvalidFrameTarget description");
+
+    case WKErrorNavigationAppBoundDomain:
+        return WEB_UI_STRING("Attempted to navigate away from an app-bound domain or navigate after using restricted APIs", "WKErrorNavigationAppBoundDomain description");
+
+    case WKErrorJavaScriptAppBoundDomain:
+        return WEB_UI_STRING("JavaScript execution targeted a frame that is not in an app-bound domain", "WKErrorJavaScriptAppBoundDomain description");
     }
 }
 
index 4a338ec..23b7c19 100644 (file)
@@ -876,6 +876,9 @@ static RetainPtr<NSError> nsErrorFromExceptionDetails(const WebCore::ExceptionDe
     case WebCore::ExceptionDetails::Type::Script:
         errorCode = WKErrorJavaScriptExceptionOccurred;
         break;
+    case WebCore::ExceptionDetails::Type::AppBoundDomain:
+        errorCode = WKErrorJavaScriptAppBoundDomain;
+        break;
     }
 
     [userInfo setObject:localizedDescriptionForErrorCode(errorCode) forKey:NSLocalizedDescriptionKey];
index 72e4833..c6c4b69 100644 (file)
@@ -41,6 +41,7 @@
 #import "WebPasteboardProxy.h"
 #import "WebProcessProxy.h"
 #import "WebsiteDataStore.h"
+#import "WKErrorInternal.h"
 #import <WebCore/DragItem.h>
 #import <WebCore/LocalCurrentGraphicsContext.h>
 #import <WebCore/NotImplemented.h>
@@ -301,6 +302,11 @@ void WebPageProxy::insertDictatedTextAsync(const String& text, const EditingRang
 
     send(Messages::WebPage::InsertDictatedTextAsync { text, replacementRange, dictationAlternatives, WTFMove(options) });
 }
+
+ResourceError WebPageProxy::errorForUnpermittedAppBoundDomainNavigation(const URL& url)
+{
+    return { WKErrorDomain, WKErrorNavigationAppBoundDomain, url, localizedDescriptionForErrorCode(WKErrorNavigationAppBoundDomain) };
+}
     
 #if ENABLE(APPLE_PAY)
 
index 7a74725..89f4a8d 100644 (file)
@@ -5204,16 +5204,18 @@ void WebPageProxy::decidePolicyForNavigationAction(Ref<WebProcessProxy>&& proces
             }
             receivedNavigationPolicyDecision(policyAction, navigation.get(), processSwapRequestedByClient, frame, WTFMove(policies), WTFMove(sender));
         };
-        
+
+#if PLATFORM(COCOA)
         if (policyAction != PolicyAction::Ignore) {
             if (!setIsNavigatingToAppBoundDomainAndCheckIfPermitted(frame->isMainFrame(), navigation->currentRequest().url(), isAppBoundDomain)) {
-                auto error = ResourceError { String { }, 0, navigation->currentRequest().url(), "App-bound domain failure"_s };
+                auto error = errorForUnpermittedAppBoundDomainNavigation(navigation->currentRequest().url());
                 m_navigationClient->didFailProvisionalNavigationWithError(*this, FrameInfoData { frameInfo }, navigation.get(), error, userDataObject);
                 RELEASE_LOG_ERROR_IF_ALLOWED(Loading, "Ignoring request to load this main resource because it is attempting to navigate away from an app-bound domain or navigate after using restricted APIs");
                 completionHandler(PolicyAction::Ignore);
                 return;
             }
         }
+#endif
 
         if (!m_pageClient)
             return completionHandler(policyAction);
index ae195bd..3c35aea 100644 (file)
@@ -1760,6 +1760,10 @@ public:
 
     Optional<NavigatingToAppBoundDomain> isNavigatingToAppBoundDomain() const { return m_isNavigatingToAppBoundDomain; }
 
+#if PLATFORM(COCOA)
+    WebCore::ResourceError errorForUnpermittedAppBoundDomainNavigation(const URL&);
+#endif
+
     void disableServiceWorkerEntitlementInNetworkProcess();
     void clearServiceWorkerEntitlementOverride(CompletionHandler<void()>&&);
         
index 1bfe3bf..779668b 100644 (file)
@@ -3458,7 +3458,7 @@ void WebPage::runJavaScript(WebFrame* frame, RunJavaScriptParameters&& parameter
         send(Messages::WebPageProxy::ScriptValueCallback(dataReference, details, callbackID));
     };
     if (shouldEnableInAppBrowserPrivacyProtections()) {
-        send(Messages::WebPageProxy::ScriptValueCallback({ }, ExceptionDetails { "Unable to execute JavaScript"_s }, callbackID));
+        send(Messages::WebPageProxy::ScriptValueCallback({ }, ExceptionDetails { "Unable to execute JavaScript in a frame that is not in an app-bound domain"_s, 0, 0, ExceptionDetails::Type::AppBoundDomain }, callbackID));
         if (auto* document = m_page->mainFrame().document())
             document->addConsoleMessage(MessageSource::Security, MessageLevel::Warning, "Ignoring user script injection for non-app bound domain.");
         RELEASE_LOG_ERROR_IF_ALLOWED(Loading, "runJavaScript: Ignoring user script injection for non app-bound domain");
index 2dedf53..7060fc6 100644 (file)
@@ -1,3 +1,14 @@
+2020-06-30  Brady Eidson  <beidson@apple.com>
+
+        App-bound JavaScript and Navigation failures should have specific error codes.
+        <rdar://problem/64940268> and https://bugs.webkit.org/show_bug.cgi?id=213808
+
+        Reviewed by Tim Hatcher.
+        (Informally by Kate Cheney)
+
+        * TestWebKitAPI/Tests/WebKitCocoa/InAppBrowserPrivacy.mm:
+        (TEST):
+
 2020-06-30  Peng Liu  <peng.liu6@apple.com>
 
         Enable the support of FULLSCREEN_API in WebKitTestRunner
index 6753b2f..44c3b36 100644 (file)
@@ -149,6 +149,7 @@ TEST(InAppBrowserPrivacy, NonAppBoundDomainFailedUserScriptAtStart)
     [webView evaluateJavaScript:@"window.wkUserScriptInjected" completionHandler:^(id _Nullable result, NSError * _Nullable error) {
         EXPECT_FALSE(result);
         EXPECT_TRUE(!!error);
+        EXPECT_EQ(error.code, WKErrorJavaScriptAppBoundDomain);
         isDone = true;
     }];
 
@@ -188,6 +189,7 @@ TEST(InAppBrowserPrivacy, NonAppBoundDomainFailedUserScriptAtEnd)
     [webView evaluateJavaScript:@"window.wkUserScriptInjected" completionHandler:^(id _Nullable result, NSError * _Nullable error) {
         EXPECT_FALSE(result);
         EXPECT_TRUE(!!error);
+        EXPECT_EQ(error.code, WKErrorJavaScriptAppBoundDomain);
         isDone = true;
     }];
 
@@ -242,6 +244,7 @@ TEST(InAppBrowserPrivacy, NonAppBoundDomainFailedUserAgentScripts)
     [webView2 evaluateJavaScript:@"window.wkUserScriptInjected" completionHandler:^(id _Nullable result, NSError * _Nullable error) {
         EXPECT_FALSE(result);
         EXPECT_TRUE(!!error);
+        EXPECT_EQ(error.code, WKErrorJavaScriptAppBoundDomain);
         cleanUpInAppBrowserPrivacyTestSettings();
         isDone = true;
     }];
@@ -364,7 +367,7 @@ TEST(InAppBrowserPrivacy, NonAppBoundUserStyleSheetForSpecificWebViewFails)
     NSURLRequest *request = [NSURLRequest requestWithURL:[NSURL URLWithString:@"in-app-browser:///in-app-browser-privacy-test-user-style-sheets"]];
     [webView loadRequest:request];
     NSError *error = [delegate waitForDidFailProvisionalNavigationError];
-    EXPECT_WK_STREQ(error.localizedDescription, @"App-bound domain failure");
+    EXPECT_EQ(error.code, WKErrorNavigationAppBoundDomain);
     cleanUpInAppBrowserPrivacyTestSettings();
 }
 
@@ -387,7 +390,7 @@ TEST(InAppBrowserPrivacy, NonAppBoundUserStyleSheetForAllWebViewsFails)
     NSURLRequest *request = [NSURLRequest requestWithURL:[NSURL URLWithString:@"in-app-browser:///in-app-browser-privacy-test-user-style-sheets"]];
     [webView loadRequest:request];
     NSError *error = [delegate waitForDidFailProvisionalNavigationError];
-    EXPECT_WK_STREQ(error.localizedDescription, @"App-bound domain failure");
+    EXPECT_EQ(error.code, WKErrorNavigationAppBoundDomain);
     cleanUpInAppBrowserPrivacyTestSettings();
 }
 
@@ -409,7 +412,7 @@ TEST(InAppBrowserPrivacy, NonAppBoundUserStyleSheetAffectingAllFramesFails)
     NSURLRequest *request = [NSURLRequest requestWithURL:[NSURL URLWithString:@"in-app-browser:///in-app-browser-privacy-test-user-style-sheets-iframe"]];
     [webView loadRequest:request];
     NSError *error = [delegate waitForDidFailProvisionalNavigationError];
-    EXPECT_WK_STREQ(error.localizedDescription, @"App-bound domain failure");
+    EXPECT_EQ(error.code, WKErrorNavigationAppBoundDomain);
     cleanUpInAppBrowserPrivacyTestSettings();
 }
 
@@ -870,7 +873,7 @@ TEST(InAppBrowserPrivacy, AppBoundFlagForNonAppBoundDomainFails)
     NSURLRequest *request = [NSURLRequest requestWithURL:[NSURL URLWithString:@"in-app-browser:///in-app-browser-privacy-test-user-style-sheets"]];
     [webView loadRequest:request];
     NSError *error = [delegate waitForDidFailProvisionalNavigationError];
-    EXPECT_WK_STREQ(error.localizedDescription, @"App-bound domain failure");
+    EXPECT_EQ(error.code, WKErrorNavigationAppBoundDomain);
 
     // Make sure the load didn't complete by checking the background color.
     // Red would indicate it finished loading.
@@ -901,7 +904,7 @@ TEST(InAppBrowserPrivacy, NavigateAwayFromAppBoundDomainWithAppBoundFlagFails)
     request = [NSURLRequest requestWithURL:[NSURL URLWithString:@"in-app-browser:///in-app-browser-privacy-test-user-style-sheets"]];
     [webView loadRequest:request];
     NSError *error = [delegate waitForDidFailProvisionalNavigationError];
-    EXPECT_WK_STREQ(error.localizedDescription, @"App-bound domain failure");
+    EXPECT_EQ(error.code, WKErrorNavigationAppBoundDomain);
 
     // Make sure the load didn't complete by checking the background color.
     // Red would indicate it finished loading.
@@ -980,6 +983,7 @@ TEST(InAppBrowserPrivacy, WebViewWithoutAppBoundFlagCanFreelyNavigate)
     isDone = false;
     [webView evaluateJavaScript:@"window.wkUserScriptInjected" completionHandler:^(id _Nullable result, NSError * _Nullable error) {
         EXPECT_TRUE(!!error);
+        EXPECT_EQ(error.code, WKErrorJavaScriptAppBoundDomain);
         isDone = true;
     }];
 
@@ -1017,7 +1021,7 @@ TEST(InAppBrowserPrivacy, WebViewCannotUpdateAppBoundFlagOnceSet)
     request = [NSURLRequest requestWithURL:[NSURL URLWithString:@"in-app-browser:///in-app-browser-privacy-test-user-style-sheets"]];
     [webView loadRequest:request];
     NSError *error = [delegate waitForDidFailProvisionalNavigationError];
-    EXPECT_WK_STREQ(error.localizedDescription, @"App-bound domain failure");
+    EXPECT_EQ(error.code, WKErrorNavigationAppBoundDomain);
 
     cleanUpInAppBrowserPrivacyTestSettings();
 }
@@ -1050,7 +1054,7 @@ TEST(InAppBrowserPrivacy, InjectScriptThenNavigateToNonAppBoundDomainFails)
     NSURLRequest *request = [NSURLRequest requestWithURL:[NSURL URLWithString:@"in-app-browser:///in-app-browser-privacy-test-user-agent-script"]];
     [webView loadRequest:request];
     NSError *error = [delegate waitForDidFailProvisionalNavigationError];
-    EXPECT_WK_STREQ(error.localizedDescription, @"App-bound domain failure");
+    EXPECT_EQ(error.code, WKErrorNavigationAppBoundDomain);
 }
 
 TEST(InAppBrowserPrivacy, WebViewCategory)
@@ -1137,7 +1141,7 @@ TEST(InAppBrowserPrivacy, LoadFromHTMLStringsFailsIfNotAppBound)
 
     [webView loadHTMLString:HTML baseURL:[NSURL URLWithString:@"in-app-browser:///in-app-browser-privacy-test-user-agent-script"]];
     NSError *error = [delegate waitForDidFailProvisionalNavigationError];
-    EXPECT_WK_STREQ(error.localizedDescription, @"App-bound domain failure");
+    EXPECT_EQ(error.code, WKErrorNavigationAppBoundDomain);
 
     isDone = false;
     [webView _isForcedIntoAppBoundMode:^(BOOL isForcedIntoAppBoundMode) {