Permalink
Show file tree
Hide file tree
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Browse files
[Reporting API] Hook up to Content-Security-Policy 'report-to' directive
https://bugs.webkit.org/show_bug.cgi?id=244143 <rdar://problem/98900892> Reviewed by Ryosuke Niwa. Implement the stubs from Bug 243908 so that we can generate Reporting API reports for Content Security Policy rules. This patch does the following: 1. Adds support for the "Reporting-Endpoints" header. 2. Exposes a Reporting object on Document and WorkerGlobalScope that can handle reports. 3. Implements a CSSViolationReportBody class (and JS binding) 4. Update the ContentSecurityPolicy implementation to generate a CSSViolationReportBody when the CSP directives include a report-to declaration. 5. Revises the CSP implementation to construct the JSON report body to match the new specification. * Source/WTF/wtf/URL.cpp: (WTF::URL::strippedForUseAsReferrerWithExplicitPort): Added. * Source/WTF/wtf/URL.h: * Source/WebCore/CMakeLists.txt: Update for new files. * Source/WebCore/DerivedSources-input.xcfilelist: Ditto. * Source/WebCore/DerivedSources-input.xcfilelist: Ditto. * Source/WebCore/DerivedSources.make: Ditto. * Source/WebCore/CMakeLists.txt: Ditto. * Source/WebCore/Headers.cmake: Ditto. * Source/WebCore/Modules/reporting/Report.cpp: Added. * Source/WebCore/Modules/reporting/Report.h: Added. * Source/WebCore/Modules/reporting/Report.idl: Added. * Source/WebCore/Modules/reporting/ReportBody.cpp: Added. * Source/WebCore/Modules/reporting/ReportBody.h: Added. * Source/WebCore/Modules/reporting/ReportBody.idl: Added. * Source/WebCore/Modules/reporting/ReportingClient.h: Added. * Source/WebCore/Modules/reporting/ReportingObserver.cpp: Added. * Source/WebCore/Modules/reporting/ReportingObserver.h: Added. * Source/WebCore/Modules/reporting/ReportingObserver.idl: Added. * Source/WebCore/Modules/reporting/ReportingObserver.idl: Added. * Source/WebCore/Modules/reporting/ReportingScope.cpp: Added. * Source/WebCore/Modules/reporting/ReportingScope.h: Added. * Source/WebCore/Sources.txt: Update for new files. * Source/WebCore/bindings/js/JSReportBodyCustom.cpp: Added. * Source/WebCore/bindings/js/WebCoreBuiltinNames.h: Updated for new types. * Source/WebCore/dom/Document.cpp: (WebCore::Document::notifyReportObservers): Added. (WebCore::Document::endpointURIForToken const): Added. * Source/WebCore/dom/Document.h: * Source/WebCore/dom/SecurityPolicyViolationEvent.h: Move SecurityPolicyViolationEventDisposition definition to new file to allow sharing with CSP. * Source/WebCore/dom/SecurityPolicyViolationEvent.idl: Ditto. * Source/WebCore/dom/SecurityPolicyViolationEventDisposition.h: Added. * Source/WebCore/dom/SecurityPolicyViolationEventDisposition.idl: Added. * Source/WebCore/dom/TaskSource.h: Added new Reporting Task type. * Source/WebCore/loader/DocumentLoader.cpp: (WebCore::DocumentLoader::responseReceived): Revise to pass new arguments to CSP constructor. * Source/WebCore/loader/FrameLoader.cpp: (WebCore::FrameLoader::didBeginDocument): Capture report-to endpoints for later use. * Source/WebCore/loader/WorkerThreadableLoader.cpp: (WebCore::WorkerThreadableLoader::MainThreadBridge::MainThreadBridge): Register reporting observer. * Source/WebCore/page/csp/CSPViolationReportBody.cpp: Added. * Source/WebCore/page/csp/CSPViolationReportBody.h: Added. * Source/WebCore/page/csp/CSPViolationReportBody.idl: Added. * Source/WebCore/page/csp/ContentSecurityPolicy.cpp: (WebCore::reportingClientForContext): Added. (WebCore::ContentSecurityPolicy::ContentSecurityPolicy): Update to capture reporting client. (WebCore::ContentSecurityPolicy::reportViolation const): Revise to create modern Reporting API report, when used. * Source/WebCore/page/csp/ContentSecurityPolicy.h: * Source/WebCore/page/csp/ContentSecurityPolicyDirectiveList.cpp: Parse new report-to directive. (WebCore::ContentSecurityPolicyDirectiveList::create): Check for report-uri and report-to when validating CSP. (WebCore::ContentSecurityPolicyDirectiveList::parseReportTo): Added. (WebCore::ContentSecurityPolicyDirectiveList::addDirective): Update to handle report-to. * Source/WebCore/page/csp/ContentSecurityPolicyDirectiveNames.cpp: Add report-to. * Source/WebCore/page/csp/ContentSecurityPolicySourceList.cpp: (WebCore::isCSPDirectiveName): Update to handle report-to. * Source/WebCore/platform/network/HTTPHeaderNames.in: Add 'Reporting-Endpoints' * Source/WebCore/workers/WorkerGlobalScope.cpp: (WebCore::WorkerGlobalScope::notifyReportObservers): (WebCore::WorkerGlobalScope::endpointURIForToken const): * Source/WebCore/workers/WorkerGlobalScope.h: * Source/WebKit/NetworkProcess/NetworkResourceLoader.cpp: (WebKit::NetworkResourceLoader::shouldInterruptLoadForCSPFrameAncestorsOrXFrameOptions): Parse Report-To Header. (WebKit::NetworkResourceLoader::notifyReportObservers): Added to implement ReportClient interface. (WebKit::NetworkResourceLoader::endpointURIForToken): Ditto. * Source/WebKit/NetworkProcess/NetworkLoadChecker.cpp: (WebKit::NetworkLoadChecker::contentSecurityPolicy): Initialize reporting client. * Source/WebKit/NetworkProcess/NetworkResourceLoader.cpp: (WebKit::NetworkResourceLoader::doCrossOriginOpenerHandlingOfResponse): Initialize reporting client. (WebKit::NetworkResourceLoader::endpointURIForToken const): Added to implement ReportClient interface. * Source/WebKit/NetworkProcess/NetworkResourceLoader.h: * Source/WebKit/Shared/WebCoreArgumentCoders.cpp: Updated for new CSPViolationReportBody and Report types. * Source/WebKit/Shared/WebCoreArgumentCoders.h * Source/WebKit/WebProcess/WebPage.cpp: (WebKit::WebPage::notifyReportObservers): Added to implement ReportClient interface. * Source/WebKit/WebProcess/WebPage.h: * Source/WebKit/WebProcess/WebPage.messages.in: Added new 'NotifyReportObservers' IPC message. * Tools/DumpRenderTree/mac/ResourceLoadDelegate.mm: (webView:resource:willSendRequest:redirectResponse:fromDataSource:): Filter unique report ID's in logging to avoid test failures. * Tools/WebKitTestRunner/InjectedBundle/InjectedBundlePage.cpp: (WTR::InjectedBundlePage::willSendRequestForFrame): Filter unique report ID's in logging to avoid test failures. Canonical link: https://commits.webkit.org/253966@main
- Loading branch information
Showing
125 changed files
with
1,728 additions
and
521 deletions.
There are no files selected for viewing
Large diffs are not rendered by default.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,3 +1,3 @@ | ||
| CONSOLE MESSAGE: The Content Security Policy 'script-src 'sha256-AJqUvsXuHfMNXALcBPVqeiKkFk8OLvn3U7ksHP/QQ90=' 'nonce-dump-as-text'' was delivered in report-only mode, but does not specify a 'report-uri'; the policy will have no effect. Please either add a 'report-uri' directive, or deliver the policy via the 'Content-Security-Policy' header. | ||
| CONSOLE MESSAGE: The Content Security Policy 'script-src 'sha256-AJqUvsXuHfMNXALcBPVqeiKkFk8OLvn3U7ksHP/QQ90=' 'nonce-dump-as-text'' was delivered in report-only mode, but does not specify a 'report-to'; the policy will have no effect. Please either add a 'report-to' directive, or deliver the policy via the 'Content-Security-Policy' header. | ||
| CONSOLE MESSAGE: Refused to execute a script because its hash, its nonce, or 'unsafe-inline' does not appear in the script-src directive of the Content Security Policy. | ||
| PASS did not execute script. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,3 +1,3 @@ | ||
| CONSOLE MESSAGE: The Content Security Policy 'script-src 'sha256-AJqUvsXuHfMNXALcBPVqeiKkFk8OLvn3U7ksHP/QQ90=' 'nonce-dump-as-text'' was delivered in report-only mode, but does not specify a 'report-uri'; the policy will have no effect. Please either add a 'report-uri' directive, or deliver the policy via the 'Content-Security-Policy' header. | ||
| CONSOLE MESSAGE: The Content Security Policy 'script-src 'sha256-AJqUvsXuHfMNXALcBPVqeiKkFk8OLvn3U7ksHP/QQ90=' 'nonce-dump-as-text'' was delivered in report-only mode, but does not specify a 'report-to'; the policy will have no effect. Please either add a 'report-to' directive, or deliver the policy via the 'Content-Security-Policy' header. | ||
| CONSOLE MESSAGE: [Report Only] Refused to execute a script because its hash, its nonce, or 'unsafe-inline' does not appear in the script-src directive of the Content Security Policy. | ||
| PASS did execute script. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,3 +1,3 @@ | ||
| CONSOLE MESSAGE: The Content Security Policy 'script-src 'sha256-AJqUvsXuHfMNXALcBPVqeiKkFk8OLvn3U7ksHP/QQ90=' 'nonce-dump-as-text'' was delivered in report-only mode, but does not specify a 'report-uri'; the policy will have no effect. Please either add a 'report-uri' directive, or deliver the policy via the 'Content-Security-Policy' header. | ||
| CONSOLE MESSAGE: The Content Security Policy 'script-src 'sha256-AJqUvsXuHfMNXALcBPVqeiKkFk8OLvn3U7ksHP/QQ90=' 'nonce-dump-as-text'' was delivered in report-only mode, but does not specify a 'report-to'; the policy will have no effect. Please either add a 'report-to' directive, or deliver the policy via the 'Content-Security-Policy' header. | ||
| CONSOLE MESSAGE: [Report Only] Refused to execute a script because its hash, its nonce, or 'unsafe-inline' does not appear in the script-src directive of the Content Security Policy. | ||
| PASS did execute script. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,4 +1,4 @@ | ||
| CONSOLE MESSAGE: The Content Security Policy 'script-src 'nonce-dummy' 'nonce-dump-as-text'' was delivered in report-only mode, but does not specify a 'report-uri'; the policy will have no effect. Please either add a 'report-uri' directive, or deliver the policy via the 'Content-Security-Policy' header. | ||
| CONSOLE MESSAGE: The Content Security Policy 'script-src 'nonce-dummy' 'nonce-dump-as-text'' was delivered in report-only mode, but does not specify a 'report-to'; the policy will have no effect. Please either add a 'report-to' directive, or deliver the policy via the 'Content-Security-Policy' header. | ||
| CONSOLE MESSAGE: Refused to execute a script because its hash, its nonce, or 'unsafe-inline' does not appear in the script-src directive of the Content Security Policy. | ||
| CONSOLE MESSAGE: Refused to execute a script because its hash, its nonce, or 'unsafe-inline' does not appear in the script-src directive of the Content Security Policy. | ||
| PASS did not execute script. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,2 +1,2 @@ | ||
| CONSOLE MESSAGE: The Content Security Policy 'script-src 'nonce-dummy' 'nonce-dump-as-text'' was delivered in report-only mode, but does not specify a 'report-uri'; the policy will have no effect. Please either add a 'report-uri' directive, or deliver the policy via the 'Content-Security-Policy' header. | ||
| CONSOLE MESSAGE: The Content Security Policy 'script-src 'nonce-dummy' 'nonce-dump-as-text'' was delivered in report-only mode, but does not specify a 'report-to'; the policy will have no effect. Please either add a 'report-to' directive, or deliver the policy via the 'Content-Security-Policy' header. | ||
| PASS did execute script. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,2 +1,2 @@ | ||
| CONSOLE MESSAGE: The Content Security Policy 'script-src 'nonce-dummy' 'nonce-dump-as-text'' was delivered in report-only mode, but does not specify a 'report-uri'; the policy will have no effect. Please either add a 'report-uri' directive, or deliver the policy via the 'Content-Security-Policy' header. | ||
| CONSOLE MESSAGE: The Content Security Policy 'script-src 'nonce-dummy' 'nonce-dump-as-text'' was delivered in report-only mode, but does not specify a 'report-to'; the policy will have no effect. Please either add a 'report-to' directive, or deliver the policy via the 'Content-Security-Policy' header. | ||
| PASS did execute script. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,4 +1,4 @@ | ||
| CONSOLE MESSAGE: The Content Security Policy 'script-src 'self'' was delivered in report-only mode, but does not specify a 'report-uri'; the policy will have no effect. Please either add a 'report-uri' directive, or deliver the policy via the 'Content-Security-Policy' header. | ||
| CONSOLE MESSAGE: The Content Security Policy 'script-src 'self'' was delivered in report-only mode, but does not specify a 'report-to'; the policy will have no effect. Please either add a 'report-to' directive, or deliver the policy via the 'Content-Security-Policy' header. | ||
| CONSOLE MESSAGE: [Report Only] Refused to execute a script because its hash, its nonce, or 'unsafe-inline' does not appear in the script-src directive of the Content Security Policy. | ||
| ALERT: PASS: eval() executed as expected. | ||
|
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,4 +1,4 @@ | ||
| CONSOLE MESSAGE: The Content Security Policy 'connect-src http://127.0.0.1:8000/security/contentSecurityPolicy/resources/redir.py' was delivered in report-only mode, but does not specify a 'report-uri'; the policy will have no effect. Please either add a 'report-uri' directive, or deliver the policy via the 'Content-Security-Policy' header. | ||
| CONSOLE MESSAGE: The Content Security Policy 'connect-src http://127.0.0.1:8000/security/contentSecurityPolicy/resources/redir.py' was delivered in report-only mode, but does not specify a 'report-to'; the policy will have no effect. Please either add a 'report-to' directive, or deliver the policy via the 'Content-Security-Policy' header. | ||
| CONSOLE MESSAGE: [Report Only] Refused to connect to http://localhost:8000/security/contentSecurityPolicy/resources/echo-report.py because it does not appear in the connect-src directive of the Content Security Policy. | ||
| Pass | ||
|
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,2 +1,2 @@ | ||
| CONSOLE MESSAGE: The Content Security Policy 'script-src 'unsafe-inline';' was delivered in report-only mode, but does not specify a 'report-uri'; the policy will have no effect. Please either add a 'report-uri' directive, or deliver the policy via the 'Content-Security-Policy' header. | ||
| CONSOLE MESSAGE: The Content Security Policy 'script-src 'unsafe-inline';' was delivered in report-only mode, but does not specify a 'report-to'; the policy will have no effect. Please either add a 'report-to' directive, or deliver the policy via the 'Content-Security-Policy' header. | ||
| This test passes if a console message is present, warning about the missing 'report-uri' directive. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,5 +1,5 @@ | ||
| CONSOLE MESSAGE: The Content Security Policy directive 'sandbox' is ignored when delivered in a report-only policy. | ||
| CONSOLE MESSAGE: The Content Security Policy 'sandbox' was delivered in report-only mode, but does not specify a 'report-uri'; the policy will have no effect. Please either add a 'report-uri' directive, or deliver the policy via the 'Content-Security-Policy' header. | ||
| CONSOLE MESSAGE: The Content Security Policy 'sandbox' was delivered in report-only mode, but does not specify a 'report-to'; the policy will have no effect. Please either add a 'report-to' directive, or deliver the policy via the 'Content-Security-Policy' header. | ||
| CONSOLE MESSAGE: Script executed in iframe. | ||
| ALERT: PASS: Iframe was not in a unique origin | ||
|
|
This file was deleted.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.