[webkit-changes] [WebKit/WebKit] caf4cd: Implement enforcement of `require-trusted-types-fo...

Luke Warlow noreply at github.com
Sun Mar 3 11:24:59 PST 2024


  Branch: refs/heads/main
  Home:   https://github.com/WebKit/WebKit
  Commit: caf4cd7788f1f9bce326f9c5c145ff04e32dad07
      https://github.com/WebKit/WebKit/commit/caf4cd7788f1f9bce326f9c5c145ff04e32dad07
  Author: Luke Warlow <lwarlow at igalia.com>
  Date:   2024-03-03 (Sun, 03 Mar 2024)

  Changed paths:
    M LayoutTests/TestExpectations
    M LayoutTests/imported/w3c/web-platform-tests/content-security-policy/reporting/report-clips-sample.https-expected.txt
    M LayoutTests/imported/w3c/web-platform-tests/trusted-types/HTMLElement-generic-expected.txt
    M LayoutTests/imported/w3c/web-platform-tests/trusted-types/HTMLScriptElement-internal-slot-expected.txt
    M LayoutTests/imported/w3c/web-platform-tests/trusted-types/WorkerGlobalScope-importScripts-expected.txt
    M LayoutTests/imported/w3c/web-platform-tests/trusted-types/block-string-assignment-to-DOMParser-parseFromString-expected.txt
    M LayoutTests/imported/w3c/web-platform-tests/trusted-types/block-string-assignment-to-Document-write-expected.txt
    M LayoutTests/imported/w3c/web-platform-tests/trusted-types/block-string-assignment-to-Element-insertAdjacentHTML-expected.txt
    M LayoutTests/imported/w3c/web-platform-tests/trusted-types/block-string-assignment-to-Element-outerHTML-expected.txt
    M LayoutTests/imported/w3c/web-platform-tests/trusted-types/block-string-assignment-to-Element-setAttribute-expected.txt
    M LayoutTests/imported/w3c/web-platform-tests/trusted-types/block-string-assignment-to-HTMLElement-generic-expected.txt
    M LayoutTests/imported/w3c/web-platform-tests/trusted-types/block-string-assignment-to-Range-createContextualFragment-expected.txt
    M LayoutTests/imported/w3c/web-platform-tests/trusted-types/block-text-node-insertion-into-script-element-expected.txt
    M LayoutTests/imported/w3c/web-platform-tests/trusted-types/default-policy-expected.txt
    M LayoutTests/imported/w3c/web-platform-tests/trusted-types/default-policy-report-only-expected.txt
    M LayoutTests/imported/w3c/web-platform-tests/trusted-types/empty-default-policy-expected.txt
    M LayoutTests/imported/w3c/web-platform-tests/trusted-types/empty-default-policy-report-only-expected.txt
    M LayoutTests/imported/w3c/web-platform-tests/trusted-types/no-require-trusted-types-for-report-only-expected.txt
    M LayoutTests/imported/w3c/web-platform-tests/trusted-types/require-trusted-types-for-expected.txt
    M LayoutTests/imported/w3c/web-platform-tests/trusted-types/require-trusted-types-for-report-only-expected.txt
    M LayoutTests/imported/w3c/web-platform-tests/trusted-types/trusted-types-createHTMLDocument-expected.txt
    M LayoutTests/imported/w3c/web-platform-tests/trusted-types/trusted-types-report-only-expected.txt
    M LayoutTests/imported/w3c/web-platform-tests/trusted-types/trusted-types-reporting-expected.txt
    M LayoutTests/imported/w3c/web-platform-tests/trusted-types/trusted-types-source-file-path-expected.txt
    M LayoutTests/imported/w3c/web-platform-tests/trusted-types/trusted-types-svg-script-expected.txt
    M LayoutTests/imported/w3c/web-platform-tests/trusted-types/worker-constructor.https-expected.txt
    M Source/WebCore/Headers.cmake
    M Source/WebCore/Sources.txt
    M Source/WebCore/WebCore.xcodeproj/project.pbxproj
    M Source/WebCore/bindings/IDLTypes.h
    M Source/WebCore/bindings/js/JSDOMConvertStrings.cpp
    M Source/WebCore/bindings/js/JSDOMConvertStrings.h
    M Source/WebCore/bindings/scripts/CodeGeneratorJS.pm
    M Source/WebCore/bindings/scripts/IDLAttributes.json
    M Source/WebCore/bindings/scripts/test/BindingTestGlobalConstructors.idl
    M Source/WebCore/bindings/scripts/test/JS/JSTestGlobalObject.cpp
    A Source/WebCore/bindings/scripts/test/JS/JSTestStringContext.cpp
    A Source/WebCore/bindings/scripts/test/JS/JSTestStringContext.h
    M Source/WebCore/bindings/scripts/test/SupplementalDependencies.dep
    A Source/WebCore/bindings/scripts/test/TestStringContext.idl
    M Source/WebCore/dom/Document+HTML.idl
    M Source/WebCore/dom/Document.idl
    M Source/WebCore/dom/Element+DOMParsing.idl
    M Source/WebCore/dom/InnerHTML.idl
    M Source/WebCore/dom/Range+DOMParsing.idl
    A Source/WebCore/dom/TrustedType.cpp
    A Source/WebCore/dom/TrustedType.h
    M Source/WebCore/dom/TrustedTypePolicy.cpp
    M Source/WebCore/dom/TrustedTypePolicy.h
    M Source/WebCore/html/HTMLEmbedElement.idl
    M Source/WebCore/html/HTMLIFrameElement.idl
    M Source/WebCore/html/HTMLObjectElement.idl
    M Source/WebCore/html/HTMLScriptElement.idl
    M Source/WebCore/page/csp/ContentSecurityPolicy.cpp
    M Source/WebCore/page/csp/ContentSecurityPolicy.h
    M Source/WebCore/page/csp/ContentSecurityPolicyDirectiveList.cpp
    M Source/WebCore/page/csp/ContentSecurityPolicyDirectiveList.h
    M Source/WebCore/workers/Worker.idl
    M Source/WebCore/workers/WorkerGlobalScope.idl
    M Source/WebCore/workers/service/ServiceWorkerContainer.idl
    M Source/WebCore/workers/shared/SharedWorker.idl
    M Source/WebCore/xml/DOMParser.idl

  Log Message:
  -----------
  Implement enforcement of `require-trusted-types-for` CSP directive
https://bugs.webkit.org/show_bug.cgi?id=267685

Reviewed by Darin Adler.

This patch implements the StringContext idl attribute to check
the `require-trusted-types-for` CSP and enforce trusted types accordingly.

This patch also makes use of the StringContext IDL attribute on an initial set of sinks.

More complicated sinks such as setAttribute, execCommand, eval and timer functions will be addressed in follow ups.

Spec: https://w3c.github.io/trusted-types/dist/spec/#integrations

* LayoutTests/TestExpectations:
* LayoutTests/imported/w3c/web-platform-tests/content-security-policy/reporting/report-clips-sample.https-expected.txt:
* LayoutTests/imported/w3c/web-platform-tests/trusted-types/HTMLElement-generic-expected.txt:
* LayoutTests/imported/w3c/web-platform-tests/trusted-types/HTMLScriptElement-internal-slot-expected.txt:
* LayoutTests/imported/w3c/web-platform-tests/trusted-types/WorkerGlobalScope-importScripts-expected.txt:
* LayoutTests/imported/w3c/web-platform-tests/trusted-types/block-string-assignment-to-DOMParser-parseFromString-expected.txt:
* LayoutTests/imported/w3c/web-platform-tests/trusted-types/block-string-assignment-to-Document-write-expected.txt:
* LayoutTests/imported/w3c/web-platform-tests/trusted-types/block-string-assignment-to-Element-insertAdjacentHTML-expected.txt:
* LayoutTests/imported/w3c/web-platform-tests/trusted-types/block-string-assignment-to-Element-outerHTML-expected.txt:
* LayoutTests/imported/w3c/web-platform-tests/trusted-types/block-string-assignment-to-Element-setAttribute-expected.txt:
* LayoutTests/imported/w3c/web-platform-tests/trusted-types/block-string-assignment-to-HTMLElement-generic-expected.txt:
* LayoutTests/imported/w3c/web-platform-tests/trusted-types/block-string-assignment-to-Range-createContextualFragment-expected.txt:
* LayoutTests/imported/w3c/web-platform-tests/trusted-types/block-text-node-insertion-into-script-element-expected.txt:
* LayoutTests/imported/w3c/web-platform-tests/trusted-types/default-policy-expected.txt:
* LayoutTests/imported/w3c/web-platform-tests/trusted-types/default-policy-report-only-expected.txt:
* LayoutTests/imported/w3c/web-platform-tests/trusted-types/empty-default-policy-expected.txt:
* LayoutTests/imported/w3c/web-platform-tests/trusted-types/empty-default-policy-report-only-expected.txt:
* LayoutTests/imported/w3c/web-platform-tests/trusted-types/no-require-trusted-types-for-report-only-expected.txt:
* LayoutTests/imported/w3c/web-platform-tests/trusted-types/require-trusted-types-for-expected.txt:
* LayoutTests/imported/w3c/web-platform-tests/trusted-types/require-trusted-types-for-report-only-expected.txt:
* LayoutTests/imported/w3c/web-platform-tests/trusted-types/trusted-types-createHTMLDocument-expected.txt:
* LayoutTests/imported/w3c/web-platform-tests/trusted-types/trusted-types-report-only-expected.txt:
* LayoutTests/imported/w3c/web-platform-tests/trusted-types/trusted-types-reporting-expected.txt:
* LayoutTests/imported/w3c/web-platform-tests/trusted-types/trusted-types-source-file-path-expected.txt:
* LayoutTests/imported/w3c/web-platform-tests/trusted-types/trusted-types-svg-script-expected.txt:
* LayoutTests/imported/w3c/web-platform-tests/trusted-types/worker-constructor.https-expected.txt:
* Source/WebCore/Headers.cmake:
* Source/WebCore/Sources.txt:
* Source/WebCore/WebCore.xcodeproj/project.pbxproj:
* Source/WebCore/bindings/IDLTypes.h:
* Source/WebCore/bindings/js/JSDOMConvertStrings.cpp:
(WebCore::trustedTypeCompliantString):
* Source/WebCore/bindings/js/JSDOMConvertStrings.h:
(WebCore::Converter<IDLStringContextTrustedHTMLAdaptor<T>>::convert):
(WebCore::JSConverter<IDLStringContextTrustedHTMLAdaptor<T>>::convert):
(WebCore::Converter<IDLLegacyNullToEmptyStringStringContextTrustedHTMLAdaptor<T>>::convert):
(WebCore::JSConverter<IDLLegacyNullToEmptyStringStringContextTrustedHTMLAdaptor<T>>::convert):
(WebCore::Converter<IDLStringContextTrustedScriptAdaptor<T>>::convert):
(WebCore::JSConverter<IDLStringContextTrustedScriptAdaptor<T>>::convert):
(WebCore::Converter<IDLLegacyNullToEmptyStringStringContextTrustedScriptAdaptor<T>>::convert):
(WebCore::JSConverter<IDLLegacyNullToEmptyStringStringContextTrustedScriptAdaptor<T>>::convert):
(WebCore::Converter<IDLStringContextTrustedScriptURLAdaptor<T>>::convert):
(WebCore::JSConverter<IDLStringContextTrustedScriptURLAdaptor<T>>::convert):
(WebCore::Converter<IDLLegacyNullToEmptyStringStringContextTrustedScriptURLAdaptor<T>>::convert):
(WebCore::JSConverter<IDLLegacyNullToEmptyStringStringContextTrustedScriptURLAdaptor<T>>::convert):
(WebCore::Converter<IDLAtomStringStringContextTrustedHTMLAdaptor<T>>::convert):
(WebCore::JSConverter<IDLAtomStringStringContextTrustedHTMLAdaptor<T>>::convert):
(WebCore::Converter<IDLAtomStringStringContextTrustedScriptAdaptor<T>>::convert):
(WebCore::JSConverter<IDLAtomStringStringContextTrustedScriptAdaptor<T>>::convert):
(WebCore::Converter<IDLAtomStringStringContextTrustedScriptURLAdaptor<T>>::convert):
(WebCore::JSConverter<IDLAtomStringStringContextTrustedScriptURLAdaptor<T>>::convert):
* Source/WebCore/bindings/scripts/CodeGeneratorJS.pm:
(GenerateParametersCheck):
(IsAnnotatedType):
(GetAnnotatedIDLType):
(JSValueToNative):
* Source/WebCore/bindings/scripts/IDLAttributes.json:
* Source/WebCore/bindings/scripts/test/BindingTestGlobalConstructors.idl:
* Source/WebCore/bindings/scripts/test/JS/JSTestGlobalObject.cpp:
(WebCore::jsTestGlobalObject_TestStringContextConstructorGetter):
(WebCore::JSC_DEFINE_CUSTOM_GETTER):
* Source/WebCore/bindings/scripts/test/JS/JSTestStringContext.cpp: Added.
(WebCore::JSTestStringContextDOMConstructor::prototypeForStructure):
(WebCore::JSTestStringContextDOMConstructor::initializeProperties):
(WebCore::JSTestStringContextPrototype::finishCreation):
(WebCore::JSTestStringContext::JSTestStringContext):
(WebCore::JSTestStringContext::createPrototype):
(WebCore::JSTestStringContext::prototype):
(WebCore::JSTestStringContext::getConstructor):
(WebCore::JSTestStringContext::destroy):
(WebCore::JSC_DEFINE_CUSTOM_GETTER):
(WebCore::jsTestStringContext_attributeWithStringContextTrustedHTMLGetter):
(WebCore::setJSTestStringContext_attributeWithStringContextTrustedHTMLSetter):
(WebCore::JSC_DEFINE_CUSTOM_SETTER):
(WebCore::jsTestStringContext_attributeWithStringContextTrustedScriptGetter):
(WebCore::setJSTestStringContext_attributeWithStringContextTrustedScriptSetter):
(WebCore::jsTestStringContext_attributeWithStringContextTrustedScriptURLGetter):
(WebCore::setJSTestStringContext_attributeWithStringContextTrustedScriptURLSetter):
(WebCore::jsTestStringContext_attributeWithStringContextTrustedHTMLAndLegacyNullToEmptyStringGetter):
(WebCore::setJSTestStringContext_attributeWithStringContextTrustedHTMLAndLegacyNullToEmptyStringSetter):
(WebCore::jsTestStringContext_attributeWithStringContextTrustedScriptAndLegacyNullToEmptyStringGetter):
(WebCore::setJSTestStringContext_attributeWithStringContextTrustedScriptAndLegacyNullToEmptyStringSetter):
(WebCore::jsTestStringContext_attributeWithStringContextTrustedScriptURLAndLegacyNullToEmptyStringGetter):
(WebCore::setJSTestStringContext_attributeWithStringContextTrustedScriptURLAndLegacyNullToEmptyStringSetter):
(WebCore::jsTestStringContext_reflectedAttributeWithStringContextTrustedHTMLGetter):
(WebCore::setJSTestStringContext_reflectedAttributeWithStringContextTrustedHTMLSetter):
(WebCore::jsTestStringContext_reflectedAttributeWithStringContextTrustedScriptGetter):
(WebCore::setJSTestStringContext_reflectedAttributeWithStringContextTrustedScriptSetter):
(WebCore::jsTestStringContext_reflectedAttributeWithStringContextTrustedScriptURLGetter):
(WebCore::setJSTestStringContext_reflectedAttributeWithStringContextTrustedScriptURLSetter):
(WebCore::jsTestStringContext_reflectedUrlAttributeWithStringContextTrustedHTMLGetter):
(WebCore::setJSTestStringContext_reflectedUrlAttributeWithStringContextTrustedHTMLSetter):
(WebCore::jsTestStringContext_reflectedUrlAttributeWithStringContextTrustedScriptGetter):
(WebCore::setJSTestStringContext_reflectedUrlAttributeWithStringContextTrustedScriptSetter):
(WebCore::jsTestStringContext_reflectedUrlAttributeWithStringContextTrustedScriptURLGetter):
(WebCore::setJSTestStringContext_reflectedUrlAttributeWithStringContextTrustedScriptURLSetter):
(WebCore::jsTestStringContextPrototypeFunction_methodWithStringContextTrustedHTMLBody):
(WebCore::JSC_DEFINE_HOST_FUNCTION):
(WebCore::jsTestStringContextPrototypeFunction_methodWithStringContextTrustedScriptBody):
(WebCore::jsTestStringContextPrototypeFunction_methodWithStringContextTrustedScriptURLBody):
(WebCore::jsTestStringContextPrototypeFunction_methodWithStringContextTrustedHTMLAndLegacyNullToEmptyStringBody):
(WebCore::jsTestStringContextPrototypeFunction_methodWithStringContextTrustedScriptAndLegacyNullToEmptyStringBody):
(WebCore::jsTestStringContextPrototypeFunction_methodWithStringContextTrustedScriptURLAndLegacyNullToEmptyStringBody):
(WebCore::JSTestStringContext::subspaceForImpl):
(WebCore::JSTestStringContext::analyzeHeap):
(WebCore::JSTestStringContextOwner::isReachableFromOpaqueRoots):
(WebCore::JSTestStringContextOwner::finalize):
(WebCore::toJSNewlyCreated):
(WebCore::toJS):
(WebCore::JSTestStringContext::toWrapped):
* Source/WebCore/bindings/scripts/test/JS/JSTestStringContext.h: Added.
(WebCore::JSTestStringContext::create):
(WebCore::JSTestStringContext::createStructure):
(WebCore::JSTestStringContext::subspaceFor):
(WebCore::wrapperOwner):
(WebCore::wrapperKey):
(WebCore::toJS):
(WebCore::toJSNewlyCreated):
* Source/WebCore/bindings/scripts/test/SupplementalDependencies.dep:
* Source/WebCore/bindings/scripts/test/TestStringContext.idl: Added.
* Source/WebCore/dom/Document+HTML.idl:
* Source/WebCore/dom/Document.idl:
* Source/WebCore/dom/Element+DOMParsing.idl:
* Source/WebCore/dom/InnerHTML.idl:
* Source/WebCore/dom/Range+DOMParsing.idl:
* Source/WebCore/dom/TrustedType.cpp: Added.
(WebCore::TrustedTypeVisitor::operator()):
(WebCore::trustedTypeToString):
(WebCore::trustedTypeToCallbackName):
(WebCore::processValueWithDefaultPolicy):
(WebCore::trustedTypeCompliantString):
* Source/WebCore/dom/TrustedType.h: Copied from Source/WebCore/workers/Worker.idl.
* Source/WebCore/dom/TrustedTypePolicy.cpp:
(WebCore::TrustedTypePolicy::createHTML):
(WebCore::TrustedTypePolicy::createScript):
(WebCore::TrustedTypePolicy::createScriptURL):
(WebCore::TrustedTypePolicy::getPolicyValue):
* Source/WebCore/dom/TrustedTypePolicy.h:
* Source/WebCore/html/HTMLEmbedElement.idl:
* Source/WebCore/html/HTMLIFrameElement.idl:
* Source/WebCore/html/HTMLObjectElement.idl:
* Source/WebCore/html/HTMLScriptElement.idl:
* Source/WebCore/page/csp/ContentSecurityPolicy.cpp:
(WebCore::ContentSecurityPolicy::requireTrustedTypesForSinkGroup const):
(WebCore::ContentSecurityPolicy::allowMissingTrustedTypesForSinkGroup const):
(WebCore::ContentSecurityPolicy::reportViolation const):
* Source/WebCore/page/csp/ContentSecurityPolicy.h:
* Source/WebCore/page/csp/ContentSecurityPolicyDirectiveList.cpp:
(WebCore::ContentSecurityPolicyDirectiveList::shouldReportSample const):
* Source/WebCore/page/csp/ContentSecurityPolicyDirectiveList.h:
(WebCore::ContentSecurityPolicyDirectiveList::requiresTrustedTypesForScript const):
* Source/WebCore/workers/Worker.idl:
* Source/WebCore/workers/WorkerGlobalScope.idl:
* Source/WebCore/workers/service/ServiceWorkerContainer.idl:
* Source/WebCore/workers/shared/SharedWorker.idl:
* Source/WebCore/xml/DOMParser.idl:

Canonical link: https://commits.webkit.org/275607@main



To unsubscribe from these emails, change your notification settings at https://github.com/WebKit/WebKit/settings/notifications


More information about the webkit-changes mailing list