[webkit-changes] [WebKit/WebKit] 24d05e: Return empty port with a delay if destination exte...

Timothy Hatcher noreply at github.com
Mon Mar 4 10:26:14 PST 2024 

  Branch: refs/heads/main
  Home:   https://github.com/WebKit/WebKit
  Commit: 24d05ed6508910459be7ca081f3d4042a1174f68
      https://github.com/WebKit/WebKit/commit/24d05ed6508910459be7ca081f3d4042a1174f68
  Author: Timothy Hatcher <timothy at apple.com>
  Date:   2024-03-04 (Mon, 04 Mar 2024)

  Changed paths:
    M Source/WebKit/Platform/cocoa/CocoaHelpers.h
    M Source/WebKit/Platform/cocoa/CocoaHelpers.mm
    M Source/WebKit/UIProcess/Extensions/Cocoa/API/WebExtensionContextAPIPortCocoa.mm
    M Source/WebKit/UIProcess/Extensions/Cocoa/API/WebExtensionContextAPIRuntimeCocoa.mm
    M Source/WebKit/UIProcess/Extensions/Cocoa/WebExtensionMessagePortCocoa.mm
    M Source/WebKit/UIProcess/Extensions/WebExtensionContext.h
    M Source/WebKit/UIProcess/Extensions/WebExtensionContext.messages.in
    M Source/WebKit/WebProcess/Extensions/API/Cocoa/WebExtensionAPIEventCocoa.mm
    M Source/WebKit/WebProcess/Extensions/API/Cocoa/WebExtensionAPIPortCocoa.mm
    M Source/WebKit/WebProcess/Extensions/API/Cocoa/WebExtensionAPIRuntimeCocoa.mm
    M Source/WebKit/WebProcess/Extensions/API/WebExtensionAPIObject.h
    M Source/WebKit/WebProcess/Extensions/API/WebExtensionAPIPort.h
    M Tools/TestWebKitAPI/Tests/WebKitCocoa/WKWebExtensionAPIRuntime.mm

  Log Message:
  -----------
  Return empty port with a delay if destination extension isn't found for externally_connectable.
https://webkit.org/b/269539
rdar://123060441

Reviewed by Brian Weinstein.

Enhance privacy in web-to-extension messaging by ensuring indistinguishability between scenarios
where an extension is not found or lacks permission to the page and when messaging is permitted.
This approach mitigates fingerprinting based on installed extensions.

Accomplish this by introducing a random delay for runtime.sendMessage() responses in error cases.
Also runtime.connect() now consistently returns a port, which is subsequently disconnected after
a random delay. Importantly, no errors are reported to the web page in any of these situations.

Also improved port bookkeeping by always sending the PortRemoved message (was PortDisconnect)
when the port is disconnected or garbage collected.

* Source/WebKit/Platform/cocoa/CocoaHelpers.h:
* Source/WebKit/Platform/cocoa/CocoaHelpers.mm:
(WebKit::callAfterRandomDelay): Added.
* Source/WebKit/UIProcess/Extensions/Cocoa/API/WebExtensionContextAPIPortCocoa.mm:
(WebKit::WebExtensionContext::portRemoved): Added.
(WebKit::WebExtensionContext::portDisconnect): Deleted.
* Source/WebKit/UIProcess/Extensions/Cocoa/API/WebExtensionContextAPIRuntimeCocoa.mm:
(WebKit::WebExtensionContext::runtimeWebPageSendMessage): Added work behind callAfterRandomDelay().
(WebKit::WebExtensionContext::runtimeWebPageConnect): Ditto.
* Source/WebKit/UIProcess/Extensions/Cocoa/WebExtensionMessagePortCocoa.mm:
(WebKit::WebExtensionMessagePort::disconnect): Move portRemoved() call to remove().
(WebKit::WebExtensionMessagePort::remove): Add call to portRemoved().
* Source/WebKit/UIProcess/Extensions/WebExtensionContext.h:
* Source/WebKit/UIProcess/Extensions/WebExtensionContext.messages.in:
* Source/WebKit/WebProcess/Extensions/API/Cocoa/WebExtensionAPIEventCocoa.mm:
(WebKit::WebExtensionAPIEvent::addListener): Check hasExtensionContext() before using extensionContext().
This was needed since the quarantined port has no extensionContext, and events it created don't as well.
(WebKit::WebExtensionAPIEvent::removeListener): Ditto.
(WebKit::WebExtensionAPIEvent::removeAllListeners): Ditto.
* Source/WebKit/WebProcess/Extensions/API/Cocoa/WebExtensionAPIPortCocoa.mm:
(WebKit::WebExtensionAPIPort::add): ASSERT !isQuarantined(), since it should not be added to the map.
(WebKit::WebExtensionAPIPort::remove): Return early for isQuarantined(). Send PortRemoved here.
(WebKit::WebExtensionAPIPort::postMessage): Use renamed isDisconnected().
(WebKit::WebExtensionAPIPort::fireMessageEventIfNeeded): Return early for isQuarantined().
(WebKit::WebExtensionAPIPort::fireDisconnectEventIfNeeded): Moved PortDisconnect message to remove().
* Source/WebKit/WebProcess/Extensions/API/Cocoa/WebExtensionAPIRuntimeCocoa.mm:
(WebKit::WebExtensionAPIWebPageRuntime::sendMessage): Respond after a random delay.
(WebKit::WebExtensionAPIWebPageRuntime::connect): Return a port, and disconnect after a random delay.
* Source/WebKit/WebProcess/Extensions/API/WebExtensionAPIObject.h:
(WebKit::WebExtensionAPIObject::hasExtensionContext const): Added.
* Source/WebKit/WebProcess/Extensions/API/WebExtensionAPIPort.h:
(WebKit::WebExtensionAPIPort::isDisconnected const): Added.
(WebKit::WebExtensionAPIPort::isQuarantined const): Added.
(WebKit::WebExtensionAPIPort::WebExtensionAPIPort): Added.
(WebKit::WebExtensionAPIPort::disconnected const): Deleted.
* Tools/TestWebKitAPI/Tests/WebKitCocoa/WKWebExtensionAPIRuntime.mm:
(TEST(WKWebExtensionAPIRuntime, ConnectFromWebPageWithWrongIdentifier)): Added.
(TEST(WKWebExtensionAPIRuntime, SendMessageFromWebPageWithWrongIdentifier)): Added.

Canonical link: https://commits.webkit.org/275637@main



To unsubscribe from these emails, change your notification settings at https://github.com/WebKit/WebKit/settings/notifications

More information about the webkit-changes mailing list