[webkit-changes] [WebKit/WebKit] 579e38: Add EnabledIf to all Web Extensions messages.

Timothy Hatcher noreply at github.com
Mon Mar 4 20:20:35 PST 2024 

  Branch: refs/heads/main
  Home:   https://github.com/WebKit/WebKit
  Commit: 579e387b33d52132dc80e23392e1067184eadd58
      https://github.com/WebKit/WebKit/commit/579e387b33d52132dc80e23392e1067184eadd58
  Author: Timothy Hatcher <timothy at apple.com>
  Date:   2024-03-04 (Mon, 04 Mar 2024)

  Changed paths:
    M Source/WebKit/UIProcess/Extensions/Cocoa/API/WebExtensionContextAPIActionCocoa.mm
    M Source/WebKit/UIProcess/Extensions/Cocoa/API/WebExtensionContextAPIAlarmsCocoa.mm
    M Source/WebKit/UIProcess/Extensions/Cocoa/API/WebExtensionContextAPICommandsCocoa.mm
    M Source/WebKit/UIProcess/Extensions/Cocoa/API/WebExtensionContextAPICookiesCocoa.mm
    M Source/WebKit/UIProcess/Extensions/Cocoa/API/WebExtensionContextAPIDeclarativeNetRequestCocoa.mm
    M Source/WebKit/UIProcess/Extensions/Cocoa/API/WebExtensionContextAPIMenusCocoa.mm
    M Source/WebKit/UIProcess/Extensions/Cocoa/API/WebExtensionContextAPIScriptingCocoa.mm
    M Source/WebKit/UIProcess/Extensions/Cocoa/API/WebExtensionContextAPIStorageCocoa.mm
    M Source/WebKit/UIProcess/Extensions/Cocoa/API/WebExtensionContextAPIWebNavigationCocoa.mm
    M Source/WebKit/UIProcess/Extensions/Cocoa/WebExtensionContextCocoa.mm
    M Source/WebKit/UIProcess/Extensions/WebExtensionContext.h
    M Source/WebKit/UIProcess/Extensions/WebExtensionContext.messages.in
    M Source/WebKit/UIProcess/Extensions/WebExtensionController.messages.in
    M Tools/TestWebKitAPI/Tests/WebKitCocoa/WKWebExtensionAPIMenus.mm
    M Tools/TestWebKitAPI/Tests/WebKitCocoa/WKWebExtensionAPITabs.mm
    M Tools/TestWebKitAPI/Tests/WebKitCocoa/WKWebExtensionDataRecord.mm
    M Tools/TestWebKitAPI/cocoa/WebExtensionUtilities.mm

  Log Message:
  -----------
  Add EnabledIf to all Web Extensions messages.
https://webkit.org/b/270468
rdar://problem/124026371

Reviewed by Brian Weinstein.

Added EnabledIf to all messages, and for APIs that require granted permissions,
use the new isAPIMessageAllowed() which does the permissions checks. This will
prevent a compromised web process from trying to send messages that are not
currently expected by the UI process.

* Source/WebKit/UIProcess/Extensions/Cocoa/API/WebExtensionContextAPIActionCocoa.mm:
(WebKit::WebExtensionContext::isActionMessageAllowed): Added.
* Source/WebKit/UIProcess/Extensions/Cocoa/API/WebExtensionContextAPIAlarmsCocoa.mm:
(WebKit::WebExtensionContext::isAlarmsMessageAllowed): Added.
* Source/WebKit/UIProcess/Extensions/Cocoa/API/WebExtensionContextAPICommandsCocoa.mm:
(WebKit::WebExtensionContext::isCommandsMessageAllowed): Added.
* Source/WebKit/UIProcess/Extensions/Cocoa/API/WebExtensionContextAPICookiesCocoa.mm:
(WebKit::WebExtensionContext::isCookiesMessageAllowed): Added.
* Source/WebKit/UIProcess/Extensions/Cocoa/API/WebExtensionContextAPIDeclarativeNetRequestCocoa.mm:
(WebKit::WebExtensionContext::isDeclarativeNetRequestMessageAllowed): Added.
* Source/WebKit/UIProcess/Extensions/Cocoa/API/WebExtensionContextAPIMenusCocoa.mm:
(WebKit::WebExtensionContext::isMenusMessageAllowed): Added.
* Source/WebKit/UIProcess/Extensions/Cocoa/API/WebExtensionContextAPIScriptingCocoa.mm:
(WebKit::WebExtensionContext::isScriptingMessageAllowed): Added.
* Source/WebKit/UIProcess/Extensions/Cocoa/API/WebExtensionContextAPIStorageCocoa.mm:
(WebKit::WebExtensionContext::isStorageMessageAllowed): Added.
* Source/WebKit/UIProcess/Extensions/Cocoa/API/WebExtensionContextAPIWebNavigationCocoa.mm:
(WebKit::WebExtensionContext::isWebNavigationMessageAllowed): Added.
* Source/WebKit/UIProcess/Extensions/Cocoa/WebExtensionContextCocoa.mm:
(WebKit::WebExtensionContext::isDevToolsMessageAllowed): Added.
* Source/WebKit/UIProcess/Extensions/WebExtensionContext.h:
* Source/WebKit/UIProcess/Extensions/WebExtensionContext.messages.in:
* Source/WebKit/UIProcess/Extensions/WebExtensionController.messages.in:
* Tools/TestWebKitAPI/Tests/WebKitCocoa/WKWebExtensionAPIMenus.mm:
(TEST(WKWebExtensionAPIMenus, ActionMenus)): Reset activeTab, ActionMenusWithActiveTab tests that.
(TEST(WKWebExtensionAPIMenus, ActionMenusWithActiveTab)): Remove activeTab grant, it is granted by manager.
(TEST(WKWebExtensionAPIMenus, MacActiveTabContextMenuItems)): Ditto.
* Tools/TestWebKitAPI/Tests/WebKitCocoa/WKWebExtensionAPITabs.mm:
(TEST(WKWebExtensionAPITabs, UserGestureWithoutActiveTab)): Reset activeTab, ActiveTab tests that.
* Tools/TestWebKitAPI/Tests/WebKitCocoa/WKWebExtensionDataRecord.mm:
(TEST(WKWebExtensionDataRecord, GetDataRecords)): Grant storage permission.
(TEST(WKWebExtensionDataRecord, GetDataRecordsForMultipleContexts)): Ditto.
(TEST(WKWebExtensionDataRecord, DISABLED_RemoveDataRecords)): Ditto.
(TEST(WKWebExtensionDataRecord, DISABLED_RemoveDataRecordsForMultipleContexts)): Ditto.
* Tools/TestWebKitAPI/cocoa/WebExtensionUtilities.mm:
(-[TestWebExtensionManager initForExtension:extensionControllerConfiguration:]):
Grant all requested API permissions, so it does not need done in each test.
This matches what we do in Safari.

Canonical link: https://commits.webkit.org/275670@main



To unsubscribe from these emails, change your notification settings at https://github.com/WebKit/WebKit/settings/notifications

More information about the webkit-changes mailing list