[webkit-changes] [WebKit/WebKit] 313974: Add support to allow lookalike characters on sanit...
Charlie Wolfe
noreply at github.com
Sun Jan 29 16:56:00 PST 2023
Branch: refs/heads/main
Home: https://github.com/WebKit/WebKit
Commit: 313974e6d6608538daaf50e5f52e29b55f3c7dc7
https://github.com/WebKit/WebKit/commit/313974e6d6608538daaf50e5f52e29b55f3c7dc7
Author: Charlie Wolfe <charliew at apple.com>
Date: 2023-01-29 (Sun, 29 Jan 2023)
Changed paths:
M Source/WebCore/Headers.cmake
M Source/WebCore/WebCore.xcodeproj/project.pbxproj
M Source/WebCore/dom/Document.cpp
M Source/WebCore/page/ChromeClient.h
A Source/WebCore/page/LookalikeCharactersSanitizationData.h
M Source/WebCore/page/Page.cpp
M Source/WebCore/page/Page.h
M Source/WebKit/Platform/cocoa/NetworkConnectionIntegrityHelpers.h
M Source/WebKit/Shared/WebPageCreationParameters.cpp
M Source/WebKit/Shared/WebPageCreationParameters.h
M Source/WebKit/UIProcess/WebPageProxy.cpp
M Source/WebKit/UIProcess/WebPageProxy.h
M Source/WebKit/WebProcess/WebCoreSupport/WebChromeClient.cpp
M Source/WebKit/WebProcess/WebCoreSupport/WebChromeClient.h
M Source/WebKit/WebProcess/WebPage/Cocoa/WebPageCocoa.mm
M Source/WebKit/WebProcess/WebPage/WebPage.cpp
M Source/WebKit/WebProcess/WebPage/WebPage.h
M Source/WebKit/WebProcess/WebPage/WebPage.messages.in
Log Message:
-----------
Add support to allow lookalike characters on sanitization
https://bugs.webkit.org/show_bug.cgi?id=250992
rdar://103329323
Reviewed by Wenson Hsieh.
Add the functionality to allow certain lookalike characters on sanitization when
accessed from bindings. See below for more details.
* Source/WebCore/WebCore.xcodeproj/project.pbxproj:
* Source/WebCore/dom/Document.cpp:
(WebCore::Document::adjustedURL const):
(WebCore::Document::urlForBindings const):
Refactor returning the adjusted URL such that we request the sanitized URL
with the allowed lookalike characters.
* Source/WebCore/page/ChromeClient.h:
(WebCore::ChromeClient::allowedLookalikeCharacters const):
Add a client function to sanitize a given URL.
* Source/WebCore/page/LookalikeCharactersSanitizationData.h: Copied from Source/WebKit/Platform/cocoa/NetworkConnectionIntegrityHelpers.h.
(WebCore::LookalikeCharactersSanitizationData::LookalikeCharactersSanitizationData):
(WebCore::LookalikeCharactersSanitizationData::lookalikeCharacters):
(WebCore::LookalikeCharactersSanitizationData::encode const):
(WebCore::LookalikeCharactersSanitizationData::decode):
Add a struct to hold data used for domain scoped lookalike character sanitization.
* Source/WebCore/page/Page.cpp:
(WebCore::Page::allowedLookalikeCharacters const):
* Source/WebCore/page/Page.h:
Add helper functions on Page to sanitize a given URL.
* Source/WebKit/Shared/WebPageCreationParameters.cpp:
(WebKit::WebPageCreationParameters::encode const):
(WebKit::WebPageCreationParameters::decode):
* Source/WebKit/Shared/WebPageCreationParameters.h:
Add the allowed lookalike character strings to the web page creation parameters. This
is used to retrieve the cached allowed lookalike characters in the UI process.
* Source/WebKit/UIProcess/WebPageProxy.cpp:
(WebKit::WebPageProxy::initializeWebPage):
(WebKit::WebPageProxy::didCommitLoadForFrame):
(WebKit::WebPageProxy::createNewPage):
(WebKit::WebPageProxy::creationParameters):
(WebKit::WebPageProxy::cachedAllowedLookalikeStrings):
(WebKit::WebPageProxy::updateAllowedLookalikeCharacterStringsIfNeeded):
* Source/WebKit/UIProcess/WebPageProxy.h:
Add functionality to update the allowed lookalike characters strings in `didCommitLoadForFrame`.
This previously existed for `cachedLookalikeStrings`, but was changed because the lookalike strings
were populated too late to apply for this first navigation within a web view. Since `allowedLookalikeStrings`
only needs to be populated after a navigation has already occured, we can have the update function in
`didCommitLoadForFrame`.
* Source/WebKit/WebProcess/WebCoreSupport/WebChromeClient.cpp:
(WebKit::WebChromeClient::allowedLookalikeCharacters const):
* Source/WebKit/WebProcess/WebCoreSupport/WebChromeClient.h:
* Source/WebKit/WebProcess/WebPage/Cocoa/WebPageCocoa.mm:
(WebKit::WebPage::allowedLookalikeCharacters):
* Source/WebKit/WebProcess/WebPage/WebPage.cpp:
(WebKit::m_appHighlightsVisible):
(WebKit::WebPage::setAllowedLookalikeCharacterStrings):
Populate the allowed lookalike character strings hashmap as domain -> lookalikeCharacters.
* Source/WebKit/WebProcess/WebPage/WebPage.h:
(WebKit::WebPage::allowedLookalikeCharacters):
* Source/WebKit/WebProcess/WebPage/WebPage.messages.in:
Canonical link: https://commits.webkit.org/259541@main
More information about the webkit-changes
mailing list