[Webkit-unassigned] [Bug 184980] New: Perform CSP checks for redirects in network process for consistency with other checks that avoid sending the redirect response to the web process
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Wed Apr 25 10:49:20 PDT 2018
https://bugs.webkit.org/show_bug.cgi?id=184980
Bug ID: 184980
Summary: Perform CSP checks for redirects in network process
for consistency with other checks that avoid sending
the redirect response to the web process
Product: WebKit
Version: WebKit Local Build
Hardware: Unspecified
OS: Unspecified
Status: NEW
Severity: Normal
Priority: P2
Component: WebKit Misc.
Assignee: webkit-unassigned at lists.webkit.org
Reporter: dbates at webkit.org
CC: rniwa at webkit.org, youennf at gmail.com
>From bug 184149, comment 7, "Youenn expressed an interest in standardizing on IPC messaging semantics between the network process and web content process that avoids passing HTTP response data to the web content process until the last possible moment (*). If we want to do this then we will need to duplicate in the network process all the CSP redirection checks we do in the web content process. Elaborating further, we need to duplicate these checks because we will always need to keep code in WebCore to do the CSP checks for redirections to continue to support CSP in WebKit Legacy." This bug is to track this effort, further detailed in that same comment as option (2):
[[
Option 2: Duplicate frame-ancestor check and all CSP checks applied to redirect requests in the network process.
Advantage: Network process does not need to message web content process on each redirect request to ask if the load is allowed by the page's CSP policy; => avoid IPC.
Disadvantage: Must duplicate all CSP checks for redirects in network process to avoid the need to message web content process on each redirect request to ask if the load is allowed by the page's CSP policy. (We may be able to extract some or all of the CSP checks, at least the checks in CachedResourceLoader, into a common functions that is used both by the network process and WebCore. It is non-trivial to do this refactor).
]]
(*) This is motivated by the desire to have a process-per-origin and only have cross-origin data in the same address space when such cross-origin data has passed all security checks and hence must be delivered to the web content process in order to avoid breaking the web.
--
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20180425/85182ac4/attachment.html>
More information about the webkit-unassigned
mailing list