<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN"
"http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head><meta http-equiv="content-type" content="text/html; charset=utf-8" />
<title>[199039] trunk/Source/WebCore</title>
</head>
<body>
<style type="text/css"><!--
#msg dl.meta { border: 1px #006 solid; background: #369; padding: 6px; color: #fff; }
#msg dl.meta dt { float: left; width: 6em; font-weight: bold; }
#msg dt:after { content:':';}
#msg dl, #msg dt, #msg ul, #msg li, #header, #footer, #logmsg { font-family: verdana,arial,helvetica,sans-serif; font-size: 10pt; }
#msg dl a { font-weight: bold}
#msg dl a:link { color:#fc3; }
#msg dl a:active { color:#ff0; }
#msg dl a:visited { color:#cc6; }
h3 { font-family: verdana,arial,helvetica,sans-serif; font-size: 10pt; font-weight: bold; }
#msg pre { overflow: auto; background: #ffc; border: 1px #fa0 solid; padding: 6px; }
#logmsg { background: #ffc; border: 1px #fa0 solid; padding: 1em 1em 0 1em; }
#logmsg p, #logmsg pre, #logmsg blockquote { margin: 0 0 1em 0; }
#logmsg p, #logmsg li, #logmsg dt, #logmsg dd { line-height: 14pt; }
#logmsg h1, #logmsg h2, #logmsg h3, #logmsg h4, #logmsg h5, #logmsg h6 { margin: .5em 0; }
#logmsg h1:first-child, #logmsg h2:first-child, #logmsg h3:first-child, #logmsg h4:first-child, #logmsg h5:first-child, #logmsg h6:first-child { margin-top: 0; }
#logmsg ul, #logmsg ol { padding: 0; list-style-position: inside; margin: 0 0 0 1em; }
#logmsg ul { text-indent: -1em; padding-left: 1em; }#logmsg ol { text-indent: -1.5em; padding-left: 1.5em; }
#logmsg > ul, #logmsg > ol { margin: 0 0 1em 0; }
#logmsg pre { background: #eee; padding: 1em; }
#logmsg blockquote { border: 1px solid #fa0; border-left-width: 10px; padding: 1em 1em 0 1em; background: white;}
#logmsg dl { margin: 0; }
#logmsg dt { font-weight: bold; }
#logmsg dd { margin: 0; padding: 0 0 0.5em 0; }
#logmsg dd:before { content:'\00bb';}
#logmsg table { border-spacing: 0px; border-collapse: collapse; border-top: 4px solid #fa0; border-bottom: 1px solid #fa0; background: #fff; }
#logmsg table th { text-align: left; font-weight: normal; padding: 0.2em 0.5em; border-top: 1px dotted #fa0; }
#logmsg table td { text-align: right; border-top: 1px dotted #fa0; padding: 0.2em 0.5em; }
#logmsg table thead th { text-align: center; border-bottom: 1px solid #fa0; }
#logmsg table th.Corner { text-align: left; }
#logmsg hr { border: none 0; border-top: 2px dashed #fa0; height: 1px; }
#header, #footer { color: #fff; background: #636; border: 1px #300 solid; padding: 6px; }
#patch { width: 100%; }
#patch h4 {font-family: verdana,arial,helvetica,sans-serif;font-size:10pt;padding:8px;background:#369;color:#fff;margin:0;}
#patch .propset h4, #patch .binary h4 {margin:0;}
#patch pre {padding:0;line-height:1.2em;margin:0;}
#patch .diff {width:100%;background:#eee;padding: 0 0 10px 0;overflow:auto;}
#patch .propset .diff, #patch .binary .diff {padding:10px 0;}
#patch span {display:block;padding:0 10px;}
#patch .modfile, #patch .addfile, #patch .delfile, #patch .propset, #patch .binary, #patch .copfile {border:1px solid #ccc;margin:10px 0;}
#patch ins {background:#dfd;text-decoration:none;display:block;padding:0 10px;}
#patch del {background:#fdd;text-decoration:none;display:block;padding:0 10px;}
#patch .lines, .info {color:#888;background:#fff;}
--></style>
<div id="msg">
<dl class="meta">
<dt>Revision</dt> <dd><a href="http://trac.webkit.org/projects/webkit/changeset/199039">199039</a></dd>
<dt>Author</dt> <dd>bfulgham@apple.com</dd>
<dt>Date</dt> <dd>2016-04-04 21:12:48 -0700 (Mon, 04 Apr 2016)</dd>
</dl>
<h3>Log Message</h3>
<pre>Block plaintext WebSocket requests to domains under HSTS.
https://bugs.webkit.org/show_bug.cgi?id=156049
<rdar://problem/13820000>
Patch by John Wilander <wilander@apple.com> on 2016-04-04
Reviewed by Brent Fulgham.
No new tests because the way TLS is setup for layout tests doesn't allow the server to set HSTS for 127.0.0.1 nor localhost. This is tracked in <rdar://problem/25467825>.
* Modules/websockets/WebSocketChannel.cpp:
(WebCore::WebSocketChannel::connect):
- Now sends usesEphemeralSession to SocketStreamHandle::create.
* platform/network/cf/SocketStreamHandle.h:
(WebCore::SocketStreamHandle::create):
- Added parameter usesEphemeralSession which it passes on to the SocketStreamHandle constructor.
* platform/network/cf/SocketStreamHandleCFNet.cpp:
(WebCore::SocketStreamHandle::SocketStreamHandle):
- Now blocks plaintext WebSocket connections for domains under HSTS if not in an ephemeral session.</pre>
<h3>Modified Paths</h3>
<ul>
<li><a href="#trunkSourceWebCoreChangeLog">trunk/Source/WebCore/ChangeLog</a></li>
<li><a href="#trunkSourceWebCoreModuleswebsocketsWebSocketChannelcpp">trunk/Source/WebCore/Modules/websockets/WebSocketChannel.cpp</a></li>
<li><a href="#trunkSourceWebCoreplatformnetworkcfSocketStreamHandleh">trunk/Source/WebCore/platform/network/cf/SocketStreamHandle.h</a></li>
<li><a href="#trunkSourceWebCoreplatformnetworkcfSocketStreamHandleCFNetcpp">trunk/Source/WebCore/platform/network/cf/SocketStreamHandleCFNet.cpp</a></li>
</ul>
</div>
<div id="patch">
<h3>Diff</h3>
<a id="trunkSourceWebCoreChangeLog"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/ChangeLog (199038 => 199039)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/ChangeLog 2016-04-05 04:04:35 UTC (rev 199038)
+++ trunk/Source/WebCore/ChangeLog 2016-04-05 04:12:48 UTC (rev 199039)
</span><span class="lines">@@ -1,3 +1,23 @@
</span><ins>+2016-04-04 John Wilander <wilander@apple.com>
+
+ Block plaintext WebSocket requests to domains under HSTS.
+ https://bugs.webkit.org/show_bug.cgi?id=156049
+ <rdar://problem/13820000>
+
+ Reviewed by Brent Fulgham.
+
+ No new tests because the way TLS is setup for layout tests doesn't allow the server to set HSTS for 127.0.0.1 nor localhost. This is tracked in <rdar://problem/25467825>.
+
+ * Modules/websockets/WebSocketChannel.cpp:
+ (WebCore::WebSocketChannel::connect):
+ - Now sends usesEphemeralSession to SocketStreamHandle::create.
+ * platform/network/cf/SocketStreamHandle.h:
+ (WebCore::SocketStreamHandle::create):
+ - Added parameter usesEphemeralSession which it passes on to the SocketStreamHandle constructor.
+ * platform/network/cf/SocketStreamHandleCFNet.cpp:
+ (WebCore::SocketStreamHandle::SocketStreamHandle):
+ - Now blocks plaintext WebSocket connections for domains under HSTS if not in an ephemeral session.
+
</ins><span class="cx"> 2016-04-04 Simon Fraser <simon.fraser@apple.com>
</span><span class="cx">
</span><span class="cx"> Make FrameView's exposedRect an Optional<>
</span></span></pre></div>
<a id="trunkSourceWebCoreModuleswebsocketsWebSocketChannelcpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/Modules/websockets/WebSocketChannel.cpp (199038 => 199039)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/Modules/websockets/WebSocketChannel.cpp 2016-04-05 04:04:35 UTC (rev 199038)
+++ trunk/Source/WebCore/Modules/websockets/WebSocketChannel.cpp 2016-04-05 04:12:48 UTC (rev 199039)
</span><span class="lines">@@ -109,7 +109,8 @@
</span><span class="cx"> if (Frame* frame = m_document->frame()) {
</span><span class="cx"> if (NetworkingContext* networkingContext = frame->loader().networkingContext()) {
</span><span class="cx"> ref();
</span><del>- m_handle = SocketStreamHandle::create(m_handshake->url(), this, *networkingContext);
</del><ins>+ Page* page = frame->page();
+ m_handle = SocketStreamHandle::create(m_handshake->url(), this, *networkingContext, (page ? page->usesEphemeralSession() : false));
</ins><span class="cx"> }
</span><span class="cx"> }
</span><span class="cx"> }
</span></span></pre></div>
<a id="trunkSourceWebCoreplatformnetworkcfSocketStreamHandleh"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/platform/network/cf/SocketStreamHandle.h (199038 => 199039)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/platform/network/cf/SocketStreamHandle.h 2016-04-05 04:04:35 UTC (rev 199038)
+++ trunk/Source/WebCore/platform/network/cf/SocketStreamHandle.h 2016-04-05 04:12:48 UTC (rev 199039)
</span><span class="lines">@@ -49,7 +49,7 @@
</span><span class="cx">
</span><span class="cx"> class SocketStreamHandle : public ThreadSafeRefCounted<SocketStreamHandle>, public SocketStreamHandleBase, public AuthenticationClient {
</span><span class="cx"> public:
</span><del>- static PassRefPtr<SocketStreamHandle> create(const URL& url, SocketStreamHandleClient* client, NetworkingContext& networkingContext) { return adoptRef(new SocketStreamHandle(url, client, networkingContext)); }
</del><ins>+ static PassRefPtr<SocketStreamHandle> create(const URL& url, SocketStreamHandleClient* client, NetworkingContext& networkingContext, bool usesEphemeralSession) { return adoptRef(new SocketStreamHandle(url, client, networkingContext, usesEphemeralSession)); }
</ins><span class="cx">
</span><span class="cx"> virtual ~SocketStreamHandle();
</span><span class="cx">
</span><span class="lines">@@ -60,7 +60,7 @@
</span><span class="cx"> virtual int platformSend(const char* data, int length);
</span><span class="cx"> virtual void platformClose();
</span><span class="cx">
</span><del>- SocketStreamHandle(const URL&, SocketStreamHandleClient*, NetworkingContext&);
</del><ins>+ SocketStreamHandle(const URL&, SocketStreamHandleClient*, NetworkingContext&, bool usesEphemeralSession);
</ins><span class="cx"> void createStreams();
</span><span class="cx"> void scheduleStreams();
</span><span class="cx"> void chooseProxy();
</span></span></pre></div>
<a id="trunkSourceWebCoreplatformnetworkcfSocketStreamHandleCFNetcpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/platform/network/cf/SocketStreamHandleCFNet.cpp (199038 => 199039)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/platform/network/cf/SocketStreamHandleCFNet.cpp 2016-04-05 04:04:35 UTC (rev 199038)
+++ trunk/Source/WebCore/platform/network/cf/SocketStreamHandleCFNet.cpp 2016-04-05 04:12:48 UTC (rev 199039)
</span><span class="lines">@@ -60,9 +60,13 @@
</span><span class="cx"> extern "C" const CFStringRef _kCFStreamSocketSetNoDelay;
</span><span class="cx"> #endif
</span><span class="cx">
</span><ins>+#if PLATFORM(COCOA)
+#import <CFNetworkSPI.h>
+#endif
+
</ins><span class="cx"> namespace WebCore {
</span><span class="cx">
</span><del>-SocketStreamHandle::SocketStreamHandle(const URL& url, SocketStreamHandleClient* client, NetworkingContext& networkingContext)
</del><ins>+SocketStreamHandle::SocketStreamHandle(const URL& url, SocketStreamHandleClient* client, NetworkingContext& networkingContext, bool usesEphemeralSession)
</ins><span class="cx"> : SocketStreamHandleBase(url, client)
</span><span class="cx"> , m_connectingSubstate(New)
</span><span class="cx"> , m_connectionType(Unknown)
</span><span class="lines">@@ -76,6 +80,17 @@
</span><span class="cx"> URL httpsURL(URL(), "https://" + m_url.host());
</span><span class="cx"> m_httpsURL = httpsURL.createCFURL();
</span><span class="cx">
</span><ins>+#if PLATFORM(COCOA)
+ // Don't check for HSTS violation for ephemeral sessions since
+ // HSTS state should not transfer between regular and private browsing.
+ if (url.protocolIs("ws")
+ && !usesEphemeralSession
+ && _CFNetworkIsKnownHSTSHostWithSession(m_httpsURL.get(), nullptr)) {
+ m_client->didFailSocketStream(this, SocketStreamError(0, m_url.string(), "WebSocket connection failed because it violates HTTP Strict Transport Security."));
+ return;
+ }
+#endif
+
</ins><span class="cx"> createStreams();
</span><span class="cx"> ASSERT(!m_readStream == !m_writeStream);
</span><span class="cx"> if (!m_readStream) // Doing asynchronous PAC file processing, streams will be created later.
</span></span></pre>
</div>
</div>
</body>
</html>