[webkit-changes] [WebKit/WebKit] c57234: Upgrade all navigations when HTTPS-Only is enabled
Matthew Finkel
noreply at github.com
Wed Mar 15 16:11:49 PDT 2023
Branch: refs/heads/main
Home: https://github.com/WebKit/WebKit
Commit: c5723415307913c9b4a864e5513546c9bd41189c
https://github.com/WebKit/WebKit/commit/c5723415307913c9b4a864e5513546c9bd41189c
Author: Matthew Finkel <sysrqb at apple.com>
Date: 2023-03-15 (Wed, 15 Mar 2023)
Changed paths:
M Source/WebCore/contentextensions/ContentExtensionsBackend.cpp
M Source/WebCore/loader/FrameLoader.cpp
M Source/WebCore/loader/FrameLoader.h
M Source/WebCore/loader/ResourceLoader.cpp
M Source/WebCore/loader/cache/CachedResourceLoader.cpp
M Source/WebCore/platform/network/ResourceRequestBase.cpp
M Source/WebCore/platform/network/ResourceRequestBase.h
M Tools/TestWebKitAPI/Tests/WebKitCocoa/Navigation.mm
Log Message:
-----------
Upgrade all navigations when HTTPS-Only is enabled
https://bugs.webkit.org/show_bug.cgi?id=253672
rdar://106210911
Reviewed by Alex Christensen.
When the HTTPSOnly NetworkConnectionIntegrity policy is enabled, WebKit should
"upgrade" all main frame load requests from HTTP to HTTPS. This upgrading is
skipped when the navigation is same-site and the
HTTPSOnlyExplicitlyBypassedForDomain policy is enabled. The upgrading behavior
is similar to the "makeSecure" content extension behavior, when it is
available, so this patch combines some of that logic, as well.
Adds some more tests and re-enable a disabled test.
* Source/WebCore/contentextensions/ContentExtensionsBackend.cpp:
(WebCore::ContentExtensions::applyResultsToRequest):
* Source/WebCore/loader/FrameLoader.cpp:
(WebCore::FrameLoader::upgradeRequestforHTTPSOnlyIfNeeded const):
(WebCore::FrameLoader::changeLocation):
* Source/WebCore/loader/FrameLoader.h:
* Source/WebCore/loader/ResourceLoader.cpp:
(WebCore::ResourceLoader::willSendRequestInternal):
* Source/WebCore/loader/cache/CachedResourceLoader.cpp:
(WebCore::CachedResourceLoader::requestResource):
* Source/WebCore/platform/network/ResourceRequestBase.cpp:
(WebCore::ResourceRequestBase::upgradeToHTTPS):
* Source/WebCore/platform/network/ResourceRequestBase.h:
* Tools/TestWebKitAPI/Tests/WebKitCocoa/Navigation.mm:
(TEST):
Canonical link: https://commits.webkit.org/261718@main
More information about the webkit-changes
mailing list