[webkit-changes] [WebKit/WebKit] 88d021: [Script Telemetry] Add taintedness support for Scr...
Wenson Hsieh
noreply at github.com
Mon Sep 16 12:20:02 PDT 2024
Branch: refs/heads/main
Home: https://github.com/WebKit/WebKit
Commit: 88d0219cb26e8e55dda7d3f3cfa8c94bce1d20c5
https://github.com/WebKit/WebKit/commit/88d0219cb26e8e55dda7d3f3cfa8c94bce1d20c5
Author: Wenson Hsieh <wenson_hsieh at apple.com>
Date: 2024-09-16 (Mon, 16 Sep 2024)
Changed paths:
M Source/JavaScriptCore/parser/SourceTaintedOrigin.cpp
M Source/JavaScriptCore/parser/SourceTaintedOrigin.h
M Source/JavaScriptCore/tools/JSDollarVM.cpp
M Source/WebCore/Headers.cmake
M Source/WebCore/Sources.txt
M Source/WebCore/WebCore.xcodeproj/project.pbxproj
M Source/WebCore/bindings/js/CachedScriptSourceProvider.h
M Source/WebCore/bindings/js/ScriptController.cpp
M Source/WebCore/dom/ScriptElement.cpp
M Source/WebCore/dom/ScriptElement.h
M Source/WebCore/dom/ScriptExecutionContext.cpp
M Source/WebCore/dom/ScriptExecutionContext.h
M Source/WebCore/loader/DocumentLoader.cpp
M Source/WebCore/loader/cache/CachedResourceLoader.cpp
M Source/WebCore/loader/cache/CachedScript.cpp
M Source/WebCore/loader/cache/CachedScript.h
A Source/WebCore/page/ScriptTelemetryCategory.cpp
A Source/WebCore/page/ScriptTelemetryCategory.h
Log Message:
-----------
[Script Telemetry] Add taintedness support for ScriptElement and CachedScript
https://bugs.webkit.org/show_bug.cgi?id=279601
Reviewed by Abrar Rahman Protyasha, Charlie Wolfe, and Keith Miller.
Leverage JSC's taintedness tracking mechanism to propagate script telemetry state. See below for
more details.
* Source/JavaScriptCore/parser/SourceTaintedOrigin.cpp:
(JSC::sourceTaintedOriginFromStack):
Make this function return the closest tainted source URL along with the taintedness state, for use
in WebCore.
* Source/JavaScriptCore/parser/SourceTaintedOrigin.h:
* Source/JavaScriptCore/tools/JSDollarVM.cpp:
(JSC::JSC_DEFINE_HOST_FUNCTION):
* Source/WebCore/Headers.cmake:
* Source/WebCore/Sources.txt:
* Source/WebCore/WebCore.xcodeproj/project.pbxproj:
* Source/WebCore/bindings/js/CachedScriptSourceProvider.h:
(WebCore::CachedScriptSourceProvider::CachedScriptSourceProvider):
* Source/WebCore/bindings/js/ScriptController.cpp:
(WebCore::ScriptController::executeJavaScriptURL):
* Source/WebCore/dom/ScriptElement.cpp:
(WebCore::ScriptElement::prepareScript):
(WebCore::ScriptElement::updateTaintedOriginFromSourceURL):
Teach `ScriptElement` to initialize `m_taintedOrigin` based on the source URL, immediately before
executing the script.
* Source/WebCore/dom/ScriptElement.h:
* Source/WebCore/dom/ScriptExecutionContext.cpp:
(WebCore::ScriptExecutionContext::requiresScriptExecutionTelemetry):
* Source/WebCore/dom/ScriptExecutionContext.h:
* Source/WebCore/loader/DocumentLoader.cpp:
(WebCore::DocumentLoader::handleContentFilterDidBlock):
* Source/WebCore/loader/cache/CachedResourceLoader.cpp:
(WebCore::scriptRequiresTelemetry):
(WebCore::createResource):
(WebCore::CachedResourceLoader::updateCachedResourceWithCurrentRequest):
(WebCore::CachedResourceLoader::requestResource):
(WebCore::CachedResourceLoader::revalidateResource):
(WebCore::CachedResourceLoader::loadResource):
* Source/WebCore/loader/cache/CachedScript.cpp:
(WebCore::CachedScript::CachedScript):
* Source/WebCore/loader/cache/CachedScript.h:
Add plumbing to set a tainted bit on `CachedScript` after it's done loading, so that we create the
corresponding `SourceOrigin` with the correct tainted bit set when evaluating it.
* Source/WebCore/page/ScriptTelemetryCategory.cpp: Added.
(WebCore::description):
* Source/WebCore/page/ScriptTelemetryCategory.h: Added.
Canonical link: https://commits.webkit.org/283713@main
To unsubscribe from these emails, change your notification settings at https://github.com/WebKit/WebKit/settings/notifications
More information about the webkit-changes
mailing list