[Webkit-unassigned] [Bug 184980] New: Perform CSP checks for redirects in network process for consistency with other checks that avoid sending the redirect response to the web process

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Wed Apr 25 10:49:20 PDT 2018 

https://bugs.webkit.org/show_bug.cgi?id=184980

            Bug ID: 184980
           Summary: Perform CSP checks for redirects in network process
                    for consistency with other checks that avoid sending
                    the redirect response to the web process
           Product: WebKit
           Version: WebKit Local Build
          Hardware: Unspecified
                OS: Unspecified
            Status: NEW
          Severity: Normal
          Priority: P2
         Component: WebKit Misc.
          Assignee: webkit-unassigned at lists.webkit.org
          Reporter: dbates at webkit.org
                CC: rniwa at webkit.org, youennf at gmail.com

>From bug 184149, comment 7, "Youenn expressed an interest in standardizing on IPC messaging semantics between the network process and web content process that avoids passing HTTP response data to the web content process until the last possible moment (*). If we want to do this then we will need to duplicate in the network process all the CSP redirection checks we do in the web content process. Elaborating further, we need to duplicate these checks because we will always need to keep code in WebCore to do the CSP checks for redirections to continue to support CSP in WebKit Legacy." This bug is to track this effort, further detailed in that same comment as option (2):

[[
Option 2: Duplicate frame-ancestor check and all CSP checks applied to redirect requests in the network process.
    Advantage: Network process does not need to message web content process on each redirect request to ask if the load is allowed by the page's CSP policy; => avoid IPC.
    Disadvantage: Must duplicate all CSP checks for redirects in network process to avoid the need to message web content process on each redirect request to ask if the load is allowed by the page's CSP policy. (We may be able to extract some or all of the CSP checks, at least the checks in  CachedResourceLoader, into a common functions that is used both by the network process and WebCore. It is non-trivial to do this refactor).
]]

(*) This is motivated by the desire to have a process-per-origin and only have cross-origin data in the same address space when such cross-origin data has passed all security checks and hence must be delivered to the web content process in order to avoid breaking the web.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20180425/85182ac4/attachment.html>

More information about the webkit-unassigned mailing list