[webkit-changes] [WebKit/WebKit] 509d2d: WebKit AX APIs expose secure text that is visibly ...

Tyler Wilcock noreply at github.com
Mon Mar 6 23:36:29 PST 2023 

  Branch: refs/heads/main
  Home:   https://github.com/WebKit/WebKit
  Commit: 509d2d337d1c2eda648e759c5b0d8f89ae13e29f
      https://github.com/WebKit/WebKit/commit/509d2d337d1c2eda648e759c5b0d8f89ae13e29f
  Author: Tyler Wilcock <tyler_w at apple.com>
  Date:   2023-03-06 (Mon, 06 Mar 2023)

  Changed paths:
    R LayoutTests/accessibility/password-field-value-expected.txt
    R LayoutTests/accessibility/password-field-value.html
    A LayoutTests/accessibility/secure-field-value-expected.txt
    A LayoutTests/accessibility/secure-field-value.html
    M Source/WebCore/accessibility/AXLogger.cpp
    M Source/WebCore/accessibility/AXObjectCache.cpp
    M Source/WebCore/accessibility/AXObjectCache.h
    M Source/WebCore/accessibility/AccessibilityNodeObject.cpp
    M Source/WebCore/accessibility/AccessibilityNodeObject.h
    M Source/WebCore/accessibility/AccessibilityObject.cpp
    M Source/WebCore/accessibility/AccessibilityObject.h
    M Source/WebCore/accessibility/AccessibilityObjectInterface.h
    M Source/WebCore/accessibility/AccessibilityRenderObject.cpp
    M Source/WebCore/accessibility/AccessibilityRenderObject.h
    M Source/WebCore/accessibility/atspi/AccessibilityObjectAtspi.cpp
    M Source/WebCore/accessibility/atspi/AccessibilityObjectTextAtspi.cpp
    M Source/WebCore/accessibility/ios/AccessibilityObjectIOS.mm
    M Source/WebCore/accessibility/ios/WebAccessibilityObjectWrapperIOS.mm
    M Source/WebCore/accessibility/isolatedtree/AXIsolatedObject.cpp
    M Source/WebCore/accessibility/isolatedtree/AXIsolatedObject.h
    M Source/WebCore/accessibility/isolatedtree/AXIsolatedTree.h
    M Source/WebCore/accessibility/mac/AccessibilityObjectMac.mm
    M Source/WebCore/accessibility/mac/WebAccessibilityObjectWrapperMac.mm
    M Source/WebCore/html/HTMLInputElement.cpp
    M Source/WebCore/html/HTMLInputElement.h

  Log Message:
  -----------
  WebKit AX APIs expose secure text that is visibly hidden through HTMLInputElement::isAutoFilledAndObscured
https://bugs.webkit.org/show_bug.cgi?id=253390
rdar://92358745

Reviewed by Chris Fleizach and Andres Gonzalez.

Accessibility APIs should not expose secure text obscured by HTMLInputElement::isAutoFilledAndObscured.

This patch fixes this by changing `AccessibilityObject::isPasswordField` to also check for
`HTMLInputElement::isAutoFilledAndObscured`. This method and all similarly named methods have
been renamed to use "secure" instead of "password" (e.g. `isSecureField` instead of `isPasswordField`)
to encapsulate the widening of this abstraction.

New testcases added to accessibility/password-field-value.html (now renamed to secure-field-value.html)
to test this behavior.

* LayoutTests/accessibility/password-field-value-expected.txt:
Renamed to LayoutTests/accessibility/secure-field-value-expected.txt.
* LayoutTests/accessibility/password-field-value.html:
Renamed to LayoutTests/accessibility/secure-field-value.html.
* Source/WebCore/accessibility/AXLogger.cpp:
(WebCore::operator<<):
* Source/WebCore/accessibility/AXObjectCache.cpp:
(WebCore::AXObjectCache::onTextSecurityChanged):
(WebCore::isSecureFieldOrContainedBySecureField):
(WebCore::AXObjectCache::postTextStateChangeNotification):
(WebCore::AXObjectCache::enqueuePasswordValueChangeNotification):
(WebCore::AXObjectCache::textMarkerDataForCharacterOffset):
(WebCore::AXObjectCache::textMarkerDataForVisiblePosition):
(WebCore::AXObjectCache::textMarkerDataForFirstPositionInTextControl):
(WebCore::AXObjectCache::updateIsolatedTree):
(WebCore::isPasswordFieldOrContainedByPasswordField): Deleted.
* Source/WebCore/accessibility/AXObjectCache.h:
(WebCore::AXObjectCache::onTextSecurityChanged):
* Source/WebCore/accessibility/AccessibilityNodeObject.cpp:
(WebCore::AccessibilityNodeObject::isSecureField const):
(WebCore::AccessibilityNodeObject::isPasswordField const): Deleted.
* Source/WebCore/accessibility/AccessibilityNodeObject.h:
* Source/WebCore/accessibility/AccessibilityObject.cpp:
(WebCore::AccessibilityObject::supportsReadOnly const):
(WebCore::AccessibilityObject::insertText):
(WebCore::AccessibilityObject::isContainedBySecureField const):
(WebCore::AccessibilityObject::isContainedByPasswordField const): Deleted.
* Source/WebCore/accessibility/AccessibilityObject.h:
(WebCore::AccessibilityObject::secureFieldValue const):
(WebCore::AccessibilityObject::passwordFieldValue const): Deleted.
* Source/WebCore/accessibility/AccessibilityObjectInterface.h:
* Source/WebCore/accessibility/AccessibilityRenderObject.cpp:
(WebCore::AccessibilityRenderObject::stringValue const):
(WebCore::AccessibilityRenderObject::text const):
(WebCore::AccessibilityRenderObject::selectedText const):
(WebCore::AccessibilityRenderObject::selectedTextRange const):
(WebCore::AccessibilityRenderObject::doAXStringForRange const):
(WebCore::AccessibilityRenderObject::secureFieldValue const):
(WebCore::AccessibilityRenderObject::passwordFieldValue const): Deleted.
* Source/WebCore/accessibility/AccessibilityRenderObject.h:
* Source/WebCore/accessibility/ios/AccessibilityObjectIOS.mm:
(WebCore::AccessibilityObject::accessibilitySecureFieldLength):
(WebCore::AccessibilityObject::accessibilityPasswordFieldLength): Deleted.
* Source/WebCore/accessibility/ios/WebAccessibilityObjectWrapperIOS.mm:
(-[WebAccessibilityObjectWrapper _accessibilityTextEntryTraits]):
(-[WebAccessibilityObjectWrapper _accessibilityIsStrongPasswordField]):
(-[WebAccessibilityObjectWrapper accessibilityValue]):
* Source/WebCore/accessibility/isolatedtree/AXIsolatedObject.cpp:
(WebCore::AXIsolatedObject::initializeProperties):
* Source/WebCore/accessibility/isolatedtree/AXIsolatedObject.h:
* Source/WebCore/accessibility/isolatedtree/AXIsolatedTree.h:
* Source/WebCore/accessibility/mac/AccessibilityObjectMac.mm:
(WebCore::AccessibilityObject::subrolePlatformString const):
* Source/WebCore/accessibility/mac/WebAccessibilityObjectWrapperMac.mm:
(-[WebAccessibilityObjectWrapper ALLOW_DEPRECATED_IMPLEMENTATIONS_END]):
(-[WebAccessibilityObjectWrapper accessibilityAttributeValue:]):
* Source/WebCore/html/HTMLInputElement.cpp:
(WebCore::HTMLInputElement::setAutoFilledAndObscured):
* Source/WebCore/html/HTMLInputElement.h:
(WebCore::HTMLInputElement::isSecureField const):

Canonical link: https://commits.webkit.org/261312@main

More information about the webkit-changes mailing list