<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN"
"http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head><meta http-equiv="content-type" content="text/html; charset=utf-8" />
<title>[184931] trunk/Source/WebKit2</title>
</head>
<body>
<style type="text/css"><!--
#msg dl.meta { border: 1px #006 solid; background: #369; padding: 6px; color: #fff; }
#msg dl.meta dt { float: left; width: 6em; font-weight: bold; }
#msg dt:after { content:':';}
#msg dl, #msg dt, #msg ul, #msg li, #header, #footer, #logmsg { font-family: verdana,arial,helvetica,sans-serif; font-size: 10pt; }
#msg dl a { font-weight: bold}
#msg dl a:link { color:#fc3; }
#msg dl a:active { color:#ff0; }
#msg dl a:visited { color:#cc6; }
h3 { font-family: verdana,arial,helvetica,sans-serif; font-size: 10pt; font-weight: bold; }
#msg pre { overflow: auto; background: #ffc; border: 1px #fa0 solid; padding: 6px; }
#logmsg { background: #ffc; border: 1px #fa0 solid; padding: 1em 1em 0 1em; }
#logmsg p, #logmsg pre, #logmsg blockquote { margin: 0 0 1em 0; }
#logmsg p, #logmsg li, #logmsg dt, #logmsg dd { line-height: 14pt; }
#logmsg h1, #logmsg h2, #logmsg h3, #logmsg h4, #logmsg h5, #logmsg h6 { margin: .5em 0; }
#logmsg h1:first-child, #logmsg h2:first-child, #logmsg h3:first-child, #logmsg h4:first-child, #logmsg h5:first-child, #logmsg h6:first-child { margin-top: 0; }
#logmsg ul, #logmsg ol { padding: 0; list-style-position: inside; margin: 0 0 0 1em; }
#logmsg ul { text-indent: -1em; padding-left: 1em; }#logmsg ol { text-indent: -1.5em; padding-left: 1.5em; }
#logmsg > ul, #logmsg > ol { margin: 0 0 1em 0; }
#logmsg pre { background: #eee; padding: 1em; }
#logmsg blockquote { border: 1px solid #fa0; border-left-width: 10px; padding: 1em 1em 0 1em; background: white;}
#logmsg dl { margin: 0; }
#logmsg dt { font-weight: bold; }
#logmsg dd { margin: 0; padding: 0 0 0.5em 0; }
#logmsg dd:before { content:'\00bb';}
#logmsg table { border-spacing: 0px; border-collapse: collapse; border-top: 4px solid #fa0; border-bottom: 1px solid #fa0; background: #fff; }
#logmsg table th { text-align: left; font-weight: normal; padding: 0.2em 0.5em; border-top: 1px dotted #fa0; }
#logmsg table td { text-align: right; border-top: 1px dotted #fa0; padding: 0.2em 0.5em; }
#logmsg table thead th { text-align: center; border-bottom: 1px solid #fa0; }
#logmsg table th.Corner { text-align: left; }
#logmsg hr { border: none 0; border-top: 2px dashed #fa0; height: 1px; }
#header, #footer { color: #fff; background: #636; border: 1px #300 solid; padding: 6px; }
#patch { width: 100%; }
#patch h4 {font-family: verdana,arial,helvetica,sans-serif;font-size:10pt;padding:8px;background:#369;color:#fff;margin:0;}
#patch .propset h4, #patch .binary h4 {margin:0;}
#patch pre {padding:0;line-height:1.2em;margin:0;}
#patch .diff {width:100%;background:#eee;padding: 0 0 10px 0;overflow:auto;}
#patch .propset .diff, #patch .binary .diff {padding:10px 0;}
#patch span {display:block;padding:0 10px;}
#patch .modfile, #patch .addfile, #patch .delfile, #patch .propset, #patch .binary, #patch .copfile {border:1px solid #ccc;margin:10px 0;}
#patch ins {background:#dfd;text-decoration:none;display:block;padding:0 10px;}
#patch del {background:#fdd;text-decoration:none;display:block;padding:0 10px;}
#patch .lines, .info {color:#888;background:#fff;}
--></style>
<div id="msg">
<dl class="meta">
<dt>Revision</dt> <dd><a href="http://trac.webkit.org/projects/webkit/changeset/184931">184931</a></dd>
<dt>Author</dt> <dd>andersca@apple.com</dd>
<dt>Date</dt> <dd>2015-05-27 17:34:39 -0700 (Wed, 27 May 2015)</dd>
</dl>
<h3>Log Message</h3>
<pre>Can't load local files in WKWebView from containerized app
https://bugs.webkit.org/show_bug.cgi?id=145424
rdar://problem/20831176
Reviewed by Dan Bernstein.
Allow the network process to load local files from its bundle as long as it has
the sandbox extensions to do so.
This was originally added to only allow SSO to read the Info.plist inside its own application
bundle, but being able to read the application bundle from within the network process should be OK.
* Resources/SandboxProfiles/ios/com.apple.WebKit.Networking.sb:</pre>
<h3>Modified Paths</h3>
<ul>
<li><a href="#trunkSourceWebKit2ChangeLog">trunk/Source/WebKit2/ChangeLog</a></li>
<li><a href="#trunkSourceWebKit2ResourcesSandboxProfilesioscomappleWebKitNetworkingsb">trunk/Source/WebKit2/Resources/SandboxProfiles/ios/com.apple.WebKit.Networking.sb</a></li>
</ul>
</div>
<div id="patch">
<h3>Diff</h3>
<a id="trunkSourceWebKit2ChangeLog"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebKit2/ChangeLog (184930 => 184931)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebKit2/ChangeLog 2015-05-28 00:30:59 UTC (rev 184930)
+++ trunk/Source/WebKit2/ChangeLog 2015-05-28 00:34:39 UTC (rev 184931)
</span><span class="lines">@@ -1,3 +1,19 @@
</span><ins>+2015-05-27 Anders Carlsson <andersca@apple.com>
+
+ Can't load local files in WKWebView from containerized app
+ https://bugs.webkit.org/show_bug.cgi?id=145424
+ rdar://problem/20831176
+
+ Reviewed by Dan Bernstein.
+
+ Allow the network process to load local files from its bundle as long as it has
+ the sandbox extensions to do so.
+
+ This was originally added to only allow SSO to read the Info.plist inside its own application
+ bundle, but being able to read the application bundle from within the network process should be OK.
+
+ * Resources/SandboxProfiles/ios/com.apple.WebKit.Networking.sb:
+
</ins><span class="cx"> 2015-05-27 Andreas Kling <akling@apple.com>
</span><span class="cx">
</span><span class="cx"> [WK2] Local storage areas should get torn down when they have no remaining references.
</span></span></pre></div>
<a id="trunkSourceWebKit2ResourcesSandboxProfilesioscomappleWebKitNetworkingsb"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebKit2/Resources/SandboxProfiles/ios/com.apple.WebKit.Networking.sb (184930 => 184931)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebKit2/Resources/SandboxProfiles/ios/com.apple.WebKit.Networking.sb 2015-05-28 00:30:59 UTC (rev 184930)
+++ trunk/Source/WebKit2/Resources/SandboxProfiles/ios/com.apple.WebKit.Networking.sb 2015-05-28 00:34:39 UTC (rev 184931)
</span><span class="lines">@@ -42,29 +42,6 @@
</span><span class="cx"> ;; bundle to find Info plists, so we jump through a few hoops here to provide
</span><span class="cx"> ;; enough access to make it possible.
</span><span class="cx">
</span><del>-;; Disallow networking process from reading any bundles, even with the read extension
-(deny file-read*
- (require-all
- (subpath "/Applications")
- (extension "com.apple.app-sandbox.read")))
-(deny file-read*
- (require-all
- (subpath "/private/var/mobile/Containers/Bundle/Application")
- (extension "com.apple.app-sandbox.read")))
-
-;; Allow the networking process to read directories inside the bundle directories
-;; that we may have killed off above
-(allow file-read*
- (require-all
- (extension "com.apple.app-sandbox.read")
- (vnode-type DIRECTORY)))
-
-;; Allow the networking process to read the Info.plist files
-(allow file-read*
- (require-all
- (extension "com.apple.app-sandbox.read")
- (regex #"/Info\.plist$")))
-
</del><span class="cx"> ;; IOKit user clients
</span><span class="cx"> (allow iokit-open
</span><span class="cx"> (iokit-user-client-class "RootDomainUserClient"))
</span></span></pre>
</div>
</div>
</body>
</html>