[webkit-changes] [WebKit/WebKit] d853f7: Remove sandbox extension to fonts service
Per Arne Vollan
noreply at github.com
Fri Jan 3 16:51:17 PST 2025
Branch: refs/heads/main
Home: https://github.com/WebKit/WebKit
Commit: d853f70a64ac5696c3b102a20fa02802ee3394bb
https://github.com/WebKit/WebKit/commit/d853f70a64ac5696c3b102a20fa02802ee3394bb
Author: Per Arne Vollan <pvollan at apple.com>
Date: 2025-01-03 (Fri, 03 Jan 2025)
Changed paths:
M Source/WTF/Scripts/Preferences/UnifiedWebPreferences.yaml
M Source/WebKit/DerivedSources-input.xcfilelist
M Source/WebKit/DerivedSources.make
M Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb.in
M Source/WebKit/Scripts/webkit/messages.py
A Source/WebKit/Shared/AdditionalFonts.h
A Source/WebKit/Shared/AdditionalFonts.serialization.in
M Source/WebKit/UIProcess/Cocoa/WebProcessPoolCocoa.mm
M Source/WebKit/UIProcess/WebPageProxy.cpp
M Source/WebKit/UIProcess/WebProcessPool.h
M Source/WebKit/UIProcess/ios/WebProcessProxyIOS.mm
M Source/WebKit/UIProcess/mac/WebProcessProxyMac.mm
M Source/WebKit/WebKit.xcodeproj/project.pbxproj
M Source/WebKit/WebProcess/WebPage/WebPage.cpp
M Source/WebKit/WebProcess/WebProcess.h
M Source/WebKit/WebProcess/WebProcess.messages.in
M Source/WebKit/WebProcess/cocoa/WebProcessCocoa.mm
Log Message:
-----------
Remove sandbox extension to fonts service
https://bugs.webkit.org/show_bug.cgi?id=284233
rdar://138204781
Reviewed by Sihui Liu.
On macOS, we currently allow access to the fonts service when the app has enabled user installed fonts.
To support blocking of the font service on macOS in the WebContent process, we need to register the URLs
of user installed fonts in the WebContent process, so that CoreText is aware of them. In the UI process,
we are enumerating the user installed fonts, and then send the URLs along with a sandbox extension to
the font file to the WebContent process, where they are registered.
This patch also fixes an exception we made for the Books app on iOS when blocking the Mobile asset
service. To support removing the exception for Books, we have to register some fonts in the WebContent
process. The URLs for the fonts are gathered in the UI process, and sent to the WebContent process along
with a sandbox extension, so they can be registered.
Additionally, this patch guards the enablement of MobileGestalt and Mobile asset blocking on the define
ENABLE(REMOVE_XPC_AND_MACH_SANDBOX_EXTENSIONS_IN_WEBCONTENT).
* Source/WTF/Scripts/Preferences/UnifiedWebPreferences.yaml:
* Source/WebKit/DerivedSources-input.xcfilelist:
* Source/WebKit/DerivedSources.make:
* Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb.in:
* Source/WebKit/Scripts/webkit/messages.py:
(types_that_must_be_moved):
* Source/WebKit/UIProcess/Cocoa/WebProcessPoolCocoa.mm:
(WebKit::additionalFonts):
(WebKit::WebProcessPool::registerUserInstalledFonts):
(WebKit::WebProcessPool::registerAssetFont):
* Source/WebKit/UIProcess/WebPageProxy.cpp:
(WebKit::WebPageProxy::creationParameters):
* Source/WebKit/UIProcess/WebProcessPool.h:
* Source/WebKit/UIProcess/ios/WebProcessProxyIOS.mm:
(WebKit::WebProcessProxy::platformInitialize):
* Source/WebKit/UIProcess/mac/WebProcessProxyMac.mm:
* Source/WebKit/WebKit.xcodeproj/project.pbxproj:
* Source/WebKit/WebProcess/WebPage/WebPage.cpp:
(WebKit::m_textAnimationController):
* Source/WebKit/WebProcess/WebProcess.h:
* Source/WebKit/WebProcess/WebProcess.messages.in:
* Source/WebKit/WebProcess/cocoa/WebProcessCocoa.mm:
(WebKit::WebProcess::registerAdditionalFonts):
Canonical link: https://commits.webkit.org/288425@main
To unsubscribe from these emails, change your notification settings at https://github.com/WebKit/WebKit/settings/notifications
More information about the webkit-changes
mailing list