[webkit-changes] [WebKit/WebKit] 92815d: Remove unnecessary release assertion from mixed co...

Tue Aug 8 08:01:50 PDT 2023

  Branch: refs/heads/main
  Home:   https://github.com/WebKit/WebKit
  Commit: 92815d03cb2a184e37abcb5a23d94f86d6fd54de
      https://github.com/WebKit/WebKit/commit/92815d03cb2a184e37abcb5a23d94f86d6fd54de
  Author: Ryan Reno <rreno at apple.com>
  Date:   2023-08-08 (Tue, 08 Aug 2023)

  Changed paths:
    M Source/WebCore/loader/MixedContentChecker.cpp

  Log Message:
  -----------
  Remove unnecessary release assertion from mixed content checker.
https://bugs.webkit.org/show_bug.cgi?id=258303
<rdar://110766912>

Reviewed by Brent Fulgham.

We now check the entire frame tree for mixed content checks for all
resources loads. An assertion that a document has a frame is no
longer valid in general. This assertion was originally added in
215749 at main in an attempt to cover an untestable case. This replaces
the assert with a null check.

* Source/WebCore/loader/MixedContentChecker.cpp:
(WebCore::foundMixedContentInFrameTree):

Originally-landed-as: 259548.841 at safari-7615-branch (74f32c21189a). rdar://113285455
Canonical link: https://commits.webkit.org/266682@main

  Commit: a7d489f726c292c67933e32de013a15343c47b89
      https://github.com/WebKit/WebKit/commit/a7d489f726c292c67933e32de013a15343c47b89
  Author: Said Abou-Hallawa <said at apple.com>
  Date:   2023-08-08 (Tue, 08 Aug 2023)

  Changed paths:
    A LayoutTests/css3/filters/filter-visited-links-expected.html
    A LayoutTests/css3/filters/filter-visited-links.html
    M Source/WebCore/rendering/PaintPhase.h
    M Source/WebCore/rendering/RenderLayer.cpp
    M Source/WebCore/rendering/StyledMarkedText.cpp
    M Source/WebCore/rendering/TextDecorationPainter.cpp
    M Source/WebCore/rendering/TextDecorationPainter.h
    M Source/WebCore/rendering/TextPaintStyle.cpp
    M Source/WebCore/rendering/style/RenderStyle.cpp
    M Source/WebCore/rendering/style/RenderStyle.h

  Log Message:
  -----------
  Prevent SVG filters from leaking visited hyperlinks
https://bugs.webkit.org/show_bug.cgi?id=257822
rdar://109749006

Reviewed by Simon Fraser.

We should prevent websites from learning which sites have been visited via SVG
filters on hyperlinks, per the attack described in https://arxiv.org/abs/2305.12784.

This can be acheived by ignoring the visited links color when a filter is applied
to the anchor element.

* LayoutTests/css3/filters/filter-visited-links-expected.html: Added.
* LayoutTests/css3/filters/filter-visited-links.html: Added.
* Source/WebCore/rendering/PaintPhase.h:
* Source/WebCore/rendering/RenderLayer.cpp:
(WebCore::RenderLayer::paintLayerContents):
(WebCore::RenderLayer::paintForegroundForFragments):
(WebCore::RenderLayer::calculateClipRects const):
* Source/WebCore/rendering/StyledMarkedText.cpp:
(WebCore::resolveStyleForMarkedText):
(WebCore::StyledMarkedText::computeStyleForUnmarkedMarkedText):
* Source/WebCore/rendering/TextDecorationPainter.cpp:
(WebCore::collectStylesForRenderer):
(WebCore::TextDecorationPainter::decorationColor):
(WebCore::TextDecorationPainter::stylesForRenderer):
* Source/WebCore/rendering/TextDecorationPainter.h:
(WebCore::TextDecorationPainter::decorationColor):
(WebCore::TextDecorationPainter::stylesForRenderer):
* Source/WebCore/rendering/TextPaintStyle.cpp:
(WebCore::computeTextPaintStyle):
* Source/WebCore/rendering/style/RenderStyle.cpp:
(WebCore::RenderStyle::visitedDependentColor const):
(WebCore::RenderStyle::visitedDependentColorWithColorFilter const):
* Source/WebCore/rendering/style/RenderStyle.h:
(WebCore::RenderStyle::visitedDependentColor):
(WebCore::RenderStyle::visitedDependentColorWithColorFilter):

Originally-landed-as: 259548.820 at safari-7615-branch (89399f0f4614). rdar://113224260
Canonical link: https://commits.webkit.org/266683@main

Compare: https://github.com/WebKit/WebKit/compare/0902da843aea...a7d489f726c2