[webkit-changes] [WebKit/WebKit] 20bb72: Block cross origin redirect downloads in iframe.

Commit Queue noreply at github.com
Wed Oct 9 17:34:12 PDT 2024


  Branch: refs/heads/main
  Home:   https://github.com/WebKit/WebKit
  Commit: 20bb72696993b4d1eef22ef1cc459b95a187a1d1
      https://github.com/WebKit/WebKit/commit/20bb72696993b4d1eef22ef1cc459b95a187a1d1
  Author: Nitin Mahendru <nitinmahendru at apple.com>
  Date:   2024-10-09 (Wed, 09 Oct 2024)

  Changed paths:
    A LayoutTests/http/tests/download/anchor-download-redirect-cross-origin-expected.txt
    A LayoutTests/http/tests/download/anchor-download-redirect-cross-origin.html
    A LayoutTests/http/tests/download/anchor-download-redirect-same-origin-expected.txt
    A LayoutTests/http/tests/download/anchor-download-redirect-same-origin.html
    A LayoutTests/http/tests/download/resources/iframe-anchor-cross-origin-redirect-download.html
    A LayoutTests/http/tests/download/resources/iframe-anchor-same-origin-redirect-download.html
    M LayoutTests/platform/mac-wk1/TestExpectations
    M Source/WebCore/loader/EmptyClients.cpp
    M Source/WebCore/loader/EmptyFrameLoaderClient.h
    M Source/WebCore/loader/LocalFrameLoaderClient.h
    M Source/WebCore/loader/PolicyChecker.cpp
    M Source/WebKit/NetworkProcess/Downloads/DownloadManager.cpp
    M Source/WebKit/NetworkProcess/Downloads/DownloadManager.h
    M Source/WebKit/NetworkProcess/Downloads/PendingDownload.cpp
    M Source/WebKit/NetworkProcess/Downloads/PendingDownload.h
    M Source/WebKit/NetworkProcess/NetworkConnectionToWebProcess.cpp
    M Source/WebKit/NetworkProcess/NetworkConnectionToWebProcess.h
    M Source/WebKit/NetworkProcess/NetworkConnectionToWebProcess.messages.in
    M Source/WebKit/Scripts/webkit/messages.py
    M Source/WebKit/WebProcess/WebCoreSupport/WebLocalFrameLoaderClient.cpp
    M Source/WebKit/WebProcess/WebCoreSupport/WebLocalFrameLoaderClient.h
    M Source/WebKit/WebProcess/WebPage/WebFrame.cpp
    M Source/WebKit/WebProcess/WebPage/WebFrame.h
    M Source/WebKitLegacy/mac/WebCoreSupport/WebFrameLoaderClient.h
    M Source/WebKitLegacy/mac/WebCoreSupport/WebFrameLoaderClient.mm

  Log Message:
  -----------
  Block cross origin redirect downloads in iframe.
rdar://130901951

Reviewed by Matthew Finkel.

With this change, we are trying to block downloads triggered due to navigation
to an anchor element inside an iframe where the redirect is cross origin.

This could lead to attacker controlled javascript get access to cross origin cookies which should
not be.

Tests have been added to check the positive and negative scenarios for the same.

* LayoutTests/http/tests/download/anchor-download-redirect-cross-origin-expected.txt: Added.
* LayoutTests/http/tests/download/anchor-download-redirect-cross-origin.html: Added.
* LayoutTests/http/tests/download/anchor-download-redirect-same-origin-expected.txt: Added.
* LayoutTests/http/tests/download/anchor-download-redirect-same-origin.html: Added.
* LayoutTests/http/tests/download/resources/iframe-anchor-cross-origin-redirect-download.html: Added.
* LayoutTests/http/tests/download/resources/iframe-anchor-same-origin-redirect-download.html: Added.
* Source/WebCore/loader/EmptyClients.cpp:
(WebCore::EmptyFrameLoaderClient::startDownload):
* Source/WebCore/loader/EmptyFrameLoaderClient.h:
* Source/WebCore/loader/LocalFrameLoaderClient.h:
* Source/WebCore/loader/PolicyChecker.cpp:
(WebCore::PolicyChecker::checkNavigationPolicy):
* Source/WebKit/NetworkProcess/Downloads/DownloadManager.cpp:
(WebKit::DownloadManager::startDownload):
* Source/WebKit/NetworkProcess/Downloads/DownloadManager.h:
(WebKit::DownloadManager::startDownload):
* Source/WebKit/NetworkProcess/Downloads/PendingDownload.cpp:
(WebKit::PendingDownload::PendingDownload):
(WebKit::PendingDownload::isDownloadTriggeredWithDownloadAttribute):
(WebKit::isRedirectCrossOrigin):
(WebKit::PendingDownload::willSendRedirectedRequest):
(WebKit::PendingDownload::didFailLoading):
* Source/WebKit/NetworkProcess/Downloads/PendingDownload.h:
* Source/WebKit/NetworkProcess/NetworkConnectionToWebProcess.cpp:
(WebKit::NetworkConnectionToWebProcess::startDownload):
* Source/WebKit/NetworkProcess/NetworkConnectionToWebProcess.h:
(WebKit::NetworkConnectionToWebProcess::startDownload):
* Source/WebKit/NetworkProcess/NetworkConnectionToWebProcess.messages.in:
* Source/WebKit/Scripts/webkit/messages.py:
(headers_for_type):
* Source/WebKit/WebProcess/WebCoreSupport/WebLocalFrameLoaderClient.cpp:
(WebKit::WebLocalFrameLoaderClient::startDownload):
* Source/WebKit/WebProcess/WebCoreSupport/WebLocalFrameLoaderClient.h:
* Source/WebKit/WebProcess/WebPage/WebFrame.cpp:
(WebKit::WebFrame::startDownload):
* Source/WebKit/WebProcess/WebPage/WebFrame.h:
(WebKit::WebFrame::startDownload):
* Source/WebKitLegacy/mac/WebCoreSupport/WebFrameLoaderClient.h:
* Source/WebKitLegacy/mac/WebCoreSupport/WebFrameLoaderClient.mm:
(WebFrameLoaderClient::startDownload):

Originally-landed-as: 280938.23 at safari-7619-branch (de194eeed8a1). rdar://136111465
Canonical link: https://commits.webkit.org/284937@main



To unsubscribe from these emails, change your notification settings at https://github.com/WebKit/WebKit/settings/notifications


More information about the webkit-changes mailing list