[webkit-changes] [WebKit/WebKit] b632f9: [CSP] Implement prefetch-src directive
Ryan Reno
noreply at github.com
Mon Oct 17 14:37:12 PDT 2022
Branch: refs/heads/main
Home: https://github.com/WebKit/WebKit
Commit: b632f9d274f316c51291f608c024595ea3f3fad6
https://github.com/WebKit/WebKit/commit/b632f9d274f316c51291f608c024595ea3f3fad6
Author: Ryan Reno <rreno at apple.com>
Date: 2022-10-17 (Mon, 17 Oct 2022)
Changed paths:
A LayoutTests/http/tests/security/contentSecurityPolicy/prefetch-src/prefetch-allowed-expected.txt
A LayoutTests/http/tests/security/contentSecurityPolicy/prefetch-src/prefetch-allowed.html
A LayoutTests/http/tests/security/contentSecurityPolicy/prefetch-src/prefetch-blocked-by-default-expected.txt
A LayoutTests/http/tests/security/contentSecurityPolicy/prefetch-src/prefetch-blocked-by-default.html
A LayoutTests/http/tests/security/contentSecurityPolicy/prefetch-src/prefetch-blocked-expected.txt
A LayoutTests/http/tests/security/contentSecurityPolicy/prefetch-src/prefetch-blocked.html
A LayoutTests/platform/win/http/tests/security/contentSecurityPolicy/prefetch-src/prefetch-allowed-expected.txt
A LayoutTests/platform/win/http/tests/security/contentSecurityPolicy/prefetch-src/prefetch-blocked-by-default-expected.txt
A LayoutTests/platform/win/http/tests/security/contentSecurityPolicy/prefetch-src/prefetch-blocked-expected.txt
M Source/WebCore/loader/LinkLoader.cpp
M Source/WebCore/loader/cache/CachedResourceLoader.cpp
M Source/WebCore/page/csp/ContentSecurityPolicy.cpp
M Source/WebCore/page/csp/ContentSecurityPolicy.h
M Source/WebCore/page/csp/ContentSecurityPolicyDirectiveList.cpp
M Source/WebCore/page/csp/ContentSecurityPolicyDirectiveList.h
M Source/WebCore/page/csp/ContentSecurityPolicyDirectiveNames.cpp
M Source/WebCore/page/csp/ContentSecurityPolicyDirectiveNames.h
Log Message:
-----------
[CSP] Implement prefetch-src directive
https://bugs.webkit.org/show_bug.cgi?id=185070
rdar://problem/39821187
Reviewed by Brent Fulgham.
Implement the prefetch-src CSP directive. <link rel=prefetch> is behind a runtime flag. If a
user chooses to enable LinkPrefetch then the prefetch-src directive will apply to any resources
that may be prefetched. In the default case, we can parse the directive but will not take any
action since we won't perform prefetches.
* LayoutTests/http/tests/security/contentSecurityPolicy/prefetch-src:
These tests mirror the same behavior being tested by the WPT suite but since we don't support onload/onerror events
for prefetched link resources we need to use our own test infrastructure to cover this behavior.
* LayoutTests/http/tests/security/contentSecurityPolicy/prefetch-src/prefetch-allowed-expected.txt: Added.
* LayoutTests/http/tests/security/contentSecurityPolicy/prefetch-src/prefetch-allowed.html: Added.
* LayoutTests/http/tests/security/contentSecurityPolicy/prefetch-src/prefetch-blocked-by-default-expected.txt: Added.
* LayoutTests/http/tests/security/contentSecurityPolicy/prefetch-src/prefetch-blocked-by-default.html: Added.
* LayoutTests/http/tests/security/contentSecurityPolicy/prefetch-src/prefetch-blocked-expected.txt: Added.
* LayoutTests/http/tests/security/contentSecurityPolicy/prefetch-src/prefetch-blocked.html: Added.
* LayoutTests/platform/win/http/tests/security/contentSecurityPolicy/prefetch-src/prefetch-allowed-expected.txt: Added.
* LayoutTests/platform/win/http/tests/security/contentSecurityPolicy/prefetch-src/prefetch-blocked-by-default-expected.txt: Added.
* LayoutTests/platform/win/http/tests/security/contentSecurityPolicy/prefetch-src/prefetch-blocked-expected.txt: Added.
* Source/WebCore/loader/LinkLoader.cpp:
(WebCore::LinkLoader::prefetchIfNeeded):
* Source/WebCore/loader/cache/CachedResourceLoader.cpp:
(WebCore::CachedResourceLoader::allowedByContentSecurityPolicy const):
* Source/WebCore/page/csp/ContentSecurityPolicy.cpp:
(WebCore::ContentSecurityPolicy::allowPrefetchFromSource const):
* Source/WebCore/page/csp/ContentSecurityPolicy.h:
* Source/WebCore/page/csp/ContentSecurityPolicyDirectiveList.cpp:
(WebCore::ContentSecurityPolicyDirectiveList::violatedDirectiveForPrefetch const):
(WebCore::ContentSecurityPolicyDirectiveList::addDirective):
* Source/WebCore/page/csp/ContentSecurityPolicyDirectiveList.h:
* Source/WebCore/page/csp/ContentSecurityPolicyDirectiveNames.cpp:
* Source/WebCore/page/csp/ContentSecurityPolicyDirectiveNames.h:
Canonical link: https://commits.webkit.org/255653@main
More information about the webkit-changes
mailing list