[webkit-changes] [WebKit/WebKit] 973d3a: Implement iframe sandboxing with site isolation
Alex Christensen
noreply at github.com
Fri Sep 13 22:31:56 PDT 2024
Branch: refs/heads/main
Home: https://github.com/WebKit/WebKit
Commit: 973d3a5d7447506b2193a201c9efb92ac0fbd8c3
https://github.com/WebKit/WebKit/commit/973d3a5d7447506b2193a201c9efb92ac0fbd8c3
Author: Alex Christensen <achristensen at apple.com>
Date: 2024-09-13 (Fri, 13 Sep 2024)
Changed paths:
M Source/WebCore/dom/Document.cpp
M Source/WebCore/html/HTMLFrameOwnerElement.cpp
M Source/WebCore/loader/DocumentLoader.cpp
M Source/WebCore/loader/EmptyClients.cpp
M Source/WebCore/loader/EmptyFrameLoaderClient.h
M Source/WebCore/loader/FrameLoader.cpp
M Source/WebCore/loader/FrameLoader.h
M Source/WebCore/loader/FrameLoaderClient.h
M Source/WebCore/loader/PolicyChecker.cpp
M Source/WebCore/page/Frame.cpp
M Source/WebCore/page/Frame.h
M Source/WebCore/page/LocalFrame.cpp
M Source/WebCore/page/LocalFrame.h
M Source/WebCore/page/Page.cpp
M Source/WebCore/page/PageConfiguration.cpp
M Source/WebCore/page/PageConfiguration.h
M Source/WebCore/svg/graphics/SVGImage.cpp
M Source/WebKit/Scripts/webkit/messages.py
M Source/WebKit/Shared/LoadParameters.h
M Source/WebKit/Shared/ProvisionalFrameCreationParameters.h
M Source/WebKit/Shared/ProvisionalFrameCreationParameters.serialization.in
M Source/WebKit/Shared/WebPageCreationParameters.h
M Source/WebKit/Shared/WebPageCreationParameters.serialization.in
M Source/WebKit/UIProcess/API/APINavigation.h
M Source/WebKit/UIProcess/API/APIPageConfiguration.cpp
M Source/WebKit/UIProcess/API/APIPageConfiguration.h
M Source/WebKit/UIProcess/API/gtk/WebKitWebViewBase.cpp
M Source/WebKit/UIProcess/API/wpe/WPEWebViewLegacy.cpp
M Source/WebKit/UIProcess/API/wpe/WPEWebViewPlatform.cpp
M Source/WebKit/UIProcess/ProvisionalFrameProxy.cpp
M Source/WebKit/UIProcess/ProvisionalPageProxy.cpp
M Source/WebKit/UIProcess/WebFrameProxy.cpp
M Source/WebKit/UIProcess/WebFrameProxy.h
M Source/WebKit/UIProcess/WebPageProxy.cpp
M Source/WebKit/UIProcess/WebPageProxy.h
M Source/WebKit/UIProcess/WebPageProxy.messages.in
M Source/WebKit/UIProcess/ios/WKContentView.mm
M Source/WebKit/UIProcess/mac/WebViewImpl.mm
M Source/WebKit/UIProcess/playstation/PlayStationWebView.cpp
M Source/WebKit/UIProcess/win/WebView.cpp
M Source/WebKit/WebProcess/Network/WebLoaderStrategy.cpp
M Source/WebKit/WebProcess/Storage/WebSWContextManagerConnection.cpp
M Source/WebKit/WebProcess/Storage/WebSharedWorkerContextManagerConnection.cpp
M Source/WebKit/WebProcess/WebCoreSupport/WebChromeClient.cpp
M Source/WebKit/WebProcess/WebCoreSupport/WebFrameLoaderClient.cpp
M Source/WebKit/WebProcess/WebCoreSupport/WebFrameLoaderClient.h
M Source/WebKit/WebProcess/WebCoreSupport/WebLocalFrameLoaderClient.cpp
M Source/WebKit/WebProcess/WebCoreSupport/WebLocalFrameLoaderClient.h
M Source/WebKit/WebProcess/WebCoreSupport/WebRemoteFrameClient.cpp
M Source/WebKit/WebProcess/WebCoreSupport/WebRemoteFrameClient.h
M Source/WebKit/WebProcess/WebPage/WebFrame.cpp
M Source/WebKit/WebProcess/WebPage/WebPage.cpp
M Source/WebKitLegacy/mac/WebCoreSupport/WebChromeClient.mm
M Source/WebKitLegacy/mac/WebCoreSupport/WebFrameLoaderClient.h
M Source/WebKitLegacy/mac/WebCoreSupport/WebFrameLoaderClient.mm
M Source/WebKitLegacy/mac/WebView/WebFrame.mm
M Source/WebKitLegacy/mac/WebView/WebView.mm
M Tools/TestWebKitAPI/Tests/WebKitCocoa/SiteIsolation.mm
Log Message:
-----------
Implement iframe sandboxing with site isolation
https://bugs.webkit.org/show_bug.cgi?id=279460
rdar://135438611
Reviewed by Charlie Wolfe.
To implement iframe sandboxing with site isolation, the state needs
to be sent to the UI process, stored on the WebFrameProxy, then sent
to the web content process when a LocalFrame is constructed, then
updated as needed.
* Source/WebCore/dom/Document.cpp:
(WebCore::Document::initSecurityContext):
* Source/WebCore/html/HTMLFrameOwnerElement.cpp:
(WebCore::HTMLFrameOwnerElement::setSandboxFlags):
* Source/WebCore/loader/DocumentLoader.cpp:
(WebCore::DocumentLoader::doCrossOriginOpenerHandlingOfResponse):
(WebCore::DocumentLoader::continueAfterContentPolicy):
(WebCore::DocumentLoader::loadMainResource):
* Source/WebCore/loader/EmptyClients.cpp:
(WebCore::EmptyFrameLoaderClient::updateSandboxFlags):
(WebCore::pageConfigurationWithEmptyClients):
* Source/WebCore/loader/EmptyFrameLoaderClient.h:
* Source/WebCore/loader/FrameLoader.cpp:
(WebCore::FrameLoader::continueLoadAfterNewWindowPolicy):
(WebCore::createWindow):
(WebCore::FrameLoader::effectiveSandboxFlags const): Deleted.
* Source/WebCore/loader/FrameLoader.h:
* Source/WebCore/loader/FrameLoaderClient.h:
* Source/WebCore/loader/PolicyChecker.cpp:
(WebCore::PolicyChecker::checkNavigationPolicy):
(WebCore::PolicyChecker::checkNewWindowPolicy):
* Source/WebCore/page/Frame.cpp:
(WebCore::Frame::updateEffectiveSandboxFlags):
* Source/WebCore/page/Frame.h:
* Source/WebCore/page/LocalFrame.cpp:
(WebCore::LocalFrame::LocalFrame):
(WebCore::LocalFrame::createMainFrame):
(WebCore::LocalFrame::createSubframe):
(WebCore::LocalFrame::createProvisionalSubframe):
(WebCore::LocalFrame::updateEffectiveSandboxFlags):
* Source/WebCore/page/LocalFrame.h:
* Source/WebCore/page/Page.cpp:
(WebCore::createMainFrame):
(WebCore::Page::Page):
* Source/WebCore/page/PageConfiguration.cpp:
(WebCore::PageConfiguration::PageConfiguration):
* Source/WebCore/page/PageConfiguration.h:
* Source/WebCore/svg/graphics/SVGImage.cpp:
(WebCore::SVGImage::dataChanged):
* Source/WebKit/Scripts/webkit/messages.py:
(types_that_cannot_be_forward_declared):
* Source/WebKit/Shared/LoadParameters.h:
* Source/WebKit/Shared/ProvisionalFrameCreationParameters.h:
* Source/WebKit/Shared/ProvisionalFrameCreationParameters.serialization.in:
* Source/WebKit/Shared/WebPageCreationParameters.h:
* Source/WebKit/Shared/WebPageCreationParameters.serialization.in:
* Source/WebKit/UIProcess/API/APINavigation.h:
(API::Navigation::clientRedirectSourceForHistory const):
(API::Navigation::effectiveSandboxFlags const): Deleted.
* Source/WebKit/UIProcess/API/APIPageConfiguration.cpp:
(API::PageConfiguration::initialSandboxFlags const):
(API::PageConfiguration::setInitialSandboxFlags):
* Source/WebKit/UIProcess/API/APIPageConfiguration.h:
* Source/WebKit/UIProcess/API/gtk/WebKitWebViewBase.cpp:
(webkitWebViewBaseCreateWebPage):
* Source/WebKit/UIProcess/API/wpe/WPEWebViewLegacy.cpp:
(WKWPE::ViewLegacy::ViewLegacy):
* Source/WebKit/UIProcess/API/wpe/WPEWebViewPlatform.cpp:
(WKWPE::ViewPlatform::ViewPlatform):
* Source/WebKit/UIProcess/ProvisionalFrameProxy.cpp:
(WebKit::ProvisionalFrameProxy::ProvisionalFrameProxy):
* Source/WebKit/UIProcess/ProvisionalPageProxy.cpp:
(WebKit::ProvisionalPageProxy::ProvisionalPageProxy):
(WebKit::ProvisionalPageProxy::initializeWebPage):
* Source/WebKit/UIProcess/WebFrameProxy.cpp:
(WebKit::WebFrameProxy::WebFrameProxy):
(WebKit::WebFrameProxy::didCreateSubframe):
* Source/WebKit/UIProcess/WebFrameProxy.h:
(WebKit::WebFrameProxy::create):
(WebKit::WebFrameProxy::effectiveSandboxFlags const):
(WebKit::WebFrameProxy::updateSandboxFlags):
* Source/WebKit/UIProcess/WebPageProxy.cpp:
(WebKit::WebPageProxy::finishAttachingToWebProcess):
(WebKit::WebPageProxy::initializeWebPage):
(WebKit::WebPageProxy::loadRequestWithNavigationShared):
(WebKit::WebPageProxy::loadSimulatedRequest):
(WebKit::WebPageProxy::receivedNavigationActionPolicyDecision):
(WebKit::WebPageProxy::continueNavigationInNewProcess):
(WebKit::WebPageProxy::didCreateSubframe):
(WebKit::WebPageProxy::updateSandboxFlags):
(WebKit::WebPageProxy::decidePolicyForNavigationActionSync):
(WebKit::WebPageProxy::createNewPage):
(WebKit::WebPageProxy::creationParameters):
* Source/WebKit/UIProcess/WebPageProxy.h:
* Source/WebKit/UIProcess/WebPageProxy.messages.in:
* Source/WebKit/UIProcess/ios/WKContentView.mm:
(-[WKContentView _commonInitializationWithProcessPool:configuration:]):
* Source/WebKit/UIProcess/mac/WebViewImpl.mm:
(WebKit::m_flagsChangedEventMonitorTrackingArea):
* Source/WebKit/UIProcess/playstation/PlayStationWebView.cpp:
(WebKit::m_backend):
* Source/WebKit/UIProcess/win/WebView.cpp:
(WebKit::WebView::WebView):
* Source/WebKit/WebProcess/Network/WebLoaderStrategy.cpp:
(WebKit::WebLoaderStrategy::scheduleLoadFromNetworkProcess):
* Source/WebKit/WebProcess/Storage/WebSWContextManagerConnection.cpp:
(WebKit::WebSWContextManagerConnection::installServiceWorker):
* Source/WebKit/WebProcess/Storage/WebSharedWorkerContextManagerConnection.cpp:
(WebKit::WebSharedWorkerContextManagerConnection::launchSharedWorker):
* Source/WebKit/WebProcess/WebCoreSupport/WebChromeClient.cpp:
(WebKit::WebChromeClient::createWindow):
* Source/WebKit/WebProcess/WebCoreSupport/WebFrameLoaderClient.cpp:
(WebKit::WebFrameLoaderClient::updateSandboxFlags):
* Source/WebKit/WebProcess/WebCoreSupport/WebFrameLoaderClient.h:
* Source/WebKit/WebProcess/WebCoreSupport/WebLocalFrameLoaderClient.cpp:
(WebKit::WebLocalFrameLoaderClient::didSameDocumentNavigationForFrameViaJSHistoryAPI):
(WebKit::WebLocalFrameLoaderClient::dispatchDecidePolicyForNewWindowAction):
(WebKit::WebLocalFrameLoaderClient::updateSandboxFlags):
* Source/WebKit/WebProcess/WebCoreSupport/WebLocalFrameLoaderClient.h:
* Source/WebKit/WebProcess/WebCoreSupport/WebRemoteFrameClient.cpp:
(WebKit::WebRemoteFrameClient::updateSandboxFlags):
* Source/WebKit/WebProcess/WebCoreSupport/WebRemoteFrameClient.h:
* Source/WebKit/WebProcess/WebPage/WebFrame.cpp:
(WebKit::WebFrame::createSubframe):
(WebKit::WebFrame::createProvisionalFrame):
* Source/WebKit/WebProcess/WebPage/WebPage.cpp:
(WebKit::mainFrameCreationParameters):
(WebKit::m_textAnimationController):
(WebKit::WebPage::loadRequest):
(WebKit::clientCreatorForMainFrame): Deleted.
* Source/WebKitLegacy/mac/WebCoreSupport/WebChromeClient.mm:
(WebChromeClient::createWindow):
* Source/WebKitLegacy/mac/WebCoreSupport/WebFrameLoaderClient.h:
(WebFrameLoaderClient::updateSandboxFlags):
* Source/WebKitLegacy/mac/WebCoreSupport/WebFrameLoaderClient.mm:
(WebFrameLoaderClient::dispatchCreatePage):
* Source/WebKitLegacy/mac/WebView/WebFrame.mm:
(+[WebFrame _createFrameWithPage:frameName:frameView:ownerElement:]):
* Source/WebKitLegacy/mac/WebView/WebView.mm:
(-[WebView _commonInitializationWithFrameName:groupName:]):
(-[WebView initSimpleHTMLDocumentWithStyle:frame:preferences:groupName:]):
* Tools/TestWebKitAPI/Tests/WebKitCocoa/SiteIsolation.mm:
(TestWebKitAPI::makeWebViewAndDelegates):
(TestWebKitAPI::TEST(SiteIsolation, SandboxFlags)):
(TestWebKitAPI::TEST(SiteIsolation, SandboxFlagsDuringNavigation)):
Canonical link: https://commits.webkit.org/283667@main
To unsubscribe from these emails, change your notification settings at https://github.com/WebKit/WebKit/settings/notifications
More information about the webkit-changes
mailing list