Merge r174930 - Change the default TLS errors policy to WEBKIT_TLS_ER…

…RORS_POLICY_FAIL https://bugs.webkit.org/show_bug.cgi?id=137832 Patch by Michael Catanzaro <mcatanzaro@igalia.com> on 2014-10-20 Reviewed by Carlos Garcia Campos. Source/WebKit2: Too many general-purpose browsers that really need this policy are not selecting it, so let's do so for them. * UIProcess/API/gtk/WebKitWebContext.cpp: (createDefaultWebContext): Tools: Ensure each test sets the TLS errors policy that it really needs. Have each test except testTLSErrorsPolicy stash and restore the original TLS errors policy. Update testTLSErrorsPolicy to account for the new default policy. * TestWebKitAPI/Tests/WebKit2Gtk/TestSSL.cpp: (testSSL): (testInsecureContent): (testTLSErrorsPolicy): (testTLSErrorsRedirect): (testTLSErrorsHTTPAuth): (testLoadFailedWithTLSErrors): (beforeAll): Canonical link: https://commits.webkit.org/154760.127@webkitgtk/2.6 git-svn-id: https://svn.webkit.org/repository/webkit/releases/WebKitGTK/webkit-2.6@174983 268f45cc-cd09-0410-ab3c-d52691b4dbfc
WebKit · Oct 21, 2014 · 5ff603b · 5ff603b
1 parent 17fbef8
commit 5ff603b
Show file tree

Hide file tree

Showing 4 changed files with 86 additions and 12 deletions.
diff --git a/Source/WebKit2/ChangeLog b/Source/WebKit2/ChangeLog
@@ -1,3 +1,16 @@
+2014-10-20  Michael Catanzaro  <mcatanzaro@igalia.com>
+
+        Change the default TLS errors policy to WEBKIT_TLS_ERRORS_POLICY_FAIL
+        https://bugs.webkit.org/show_bug.cgi?id=137832
+
+        Reviewed by Carlos Garcia Campos.
+
+        Too many general-purpose browsers that really need this policy
+        are not selecting it, so let's do so for them.
+
+        * UIProcess/API/gtk/WebKitWebContext.cpp:
+        (createDefaultWebContext):
+
 2014-10-18  Michael Catanzaro  <mcatanzaro@igalia.com>
 
         [GTK] Improve documentation of webkit_web_view_get_tls_info()

diff --git a/Source/WebKit2/UIProcess/API/gtk/WebKitWebContext.cpp b/Source/WebKit2/UIProcess/API/gtk/WebKitWebContext.cpp
@@ -84,6 +84,13 @@ using namespace WebKit;
  * You can use webkit_web_context_register_uri_scheme() to register
  * custom URI schemes, and manage several other settings.
  *
+ * TLS certificate validation failure is now treated as a transport
+ * error by default. To handle TLS failures differently, you can
+ * connect to #WebKitWebView::load-failed-with-tls-errors.
+ * Alternatively, you can use webkit_web_context_set_tls_errors_policy()
+ * to set the policy %WEBKIT_TLS_ERRORS_POLICY_IGNORE; however, this is
+ * not appropriate for Internet applications.
+ *
  */
 
 enum {
@@ -264,7 +271,9 @@ static gpointer createDefaultWebContext(gpointer)
 
     priv->requestManager = webContext->priv->context->supplement<WebSoupCustomProtocolRequestManager>();
     priv->context->setCacheModel(CacheModelPrimaryWebBrowser);
-    priv->tlsErrorsPolicy = WEBKIT_TLS_ERRORS_POLICY_IGNORE;
+
+    priv->tlsErrorsPolicy = WEBKIT_TLS_ERRORS_POLICY_FAIL;
+    priv->context->setIgnoreTLSErrors(false);
 
     attachInjectedBundleClientToContext(webContext.get());
     attachDownloadClientToContext(webContext.get());

diff --git a/Tools/ChangeLog b/Tools/ChangeLog
@@ -1,3 +1,24 @@
+2014-10-20  Michael Catanzaro  <mcatanzaro@igalia.com>
+
+        Change the default TLS errors policy to WEBKIT_TLS_ERRORS_POLICY_FAIL
+        https://bugs.webkit.org/show_bug.cgi?id=137832
+
+        Reviewed by Carlos Garcia Campos.
+
+        Ensure each test sets the TLS errors policy that it really needs.
+        Have each test except testTLSErrorsPolicy stash and restore the original
+        TLS errors policy. Update testTLSErrorsPolicy to account for the new
+        default policy.
+
+        * TestWebKitAPI/Tests/WebKit2Gtk/TestSSL.cpp:
+        (testSSL):
+        (testInsecureContent):
+        (testTLSErrorsPolicy):
+        (testTLSErrorsRedirect):
+        (testTLSErrorsHTTPAuth):
+        (testLoadFailedWithTLSErrors):
+        (beforeAll):
+
 2014-10-02  Carlos Alberto Lopez Perez  <clopez@igalia.com>
 
         [GTK] [JHBuild] Switch sourceware.org mirror to http.

diff --git a/Tools/TestWebKitAPI/Tests/WebKit2Gtk/TestSSL.cpp b/Tools/TestWebKitAPI/Tests/WebKit2Gtk/TestSSL.cpp
@@ -67,6 +67,10 @@ class SSLTest: public LoadTrackingTest {
 
 static void testSSL(SSLTest* test, gconstpointer)
 {
+    WebKitWebContext* context = webkit_web_view_get_context(test->m_webView);
+    WebKitTLSErrorsPolicy originalPolicy = webkit_web_context_get_tls_errors_policy(context);
+    webkit_web_context_set_tls_errors_policy(context, WEBKIT_TLS_ERRORS_POLICY_IGNORE);
+
     test->loadURI(kHttpsServer->getURIForPath("/").data());
     test->waitUntilLoadFinished();
     g_assert(test->m_certificate);
@@ -80,6 +84,8 @@ static void testSSL(SSLTest* test, gconstpointer)
     test->waitUntilLoadFinished();
     g_assert(!test->m_certificate);
     g_assert(!test->m_tlsErrors);
+
+    webkit_web_context_set_tls_errors_policy(context, originalPolicy);
 }
 
 class InsecureContentTest: public WebViewTest {
@@ -110,38 +116,55 @@ class InsecureContentTest: public WebViewTest {
 
 static void testInsecureContent(InsecureContentTest* test, gconstpointer)
 {
+    WebKitWebContext* context = webkit_web_view_get_context(test->m_webView);
+    WebKitTLSErrorsPolicy originalPolicy = webkit_web_context_get_tls_errors_policy(context);
+    webkit_web_context_set_tls_errors_policy(context, WEBKIT_TLS_ERRORS_POLICY_IGNORE);
+
     test->loadURI(kHttpsServer->getURIForPath("/insecure-content/").data());
     test->waitUntilLoadFinished();
 
     g_assert(test->m_insecureContentRun);
     g_assert(test->m_insecureContentDisplayed);
+
+    webkit_web_context_set_tls_errors_policy(context, originalPolicy);
 }
 
 static void testTLSErrorsPolicy(SSLTest* test, gconstpointer)
 {
     WebKitWebContext* context = webkit_web_view_get_context(test->m_webView);
-    // TLS errors are ignored by default.
+    // TLS errors are treated as transport failures by default.
+    g_assert(webkit_web_context_get_tls_errors_policy(context) == WEBKIT_TLS_ERRORS_POLICY_FAIL);
+    test->loadURI(kHttpsServer->getURIForPath("/").data());
+    test->waitUntilLoadFinished();
+    g_assert(test->m_loadFailed);
+    g_assert(test->m_loadEvents.contains(LoadTrackingTest::ProvisionalLoadFailed));
+    g_assert(!test->m_loadEvents.contains(LoadTrackingTest::LoadCommitted));
+
+    webkit_web_context_set_tls_errors_policy(context, WEBKIT_TLS_ERRORS_POLICY_IGNORE);
     g_assert(webkit_web_context_get_tls_errors_policy(context) == WEBKIT_TLS_ERRORS_POLICY_IGNORE);
+
+    test->m_loadFailed = false;
     test->loadURI(kHttpsServer->getURIForPath("/").data());
     test->waitUntilLoadFinished();
     g_assert(!test->m_loadFailed);
 
     webkit_web_context_set_tls_errors_policy(context, WEBKIT_TLS_ERRORS_POLICY_FAIL);
-    test->loadURI(kHttpsServer->getURIForPath("/").data());
-    test->waitUntilLoadFinished();
-    g_assert(test->m_loadFailed);
-    g_assert(test->m_loadEvents.contains(LoadTrackingTest::ProvisionalLoadFailed));
-    g_assert(!test->m_loadEvents.contains(LoadTrackingTest::LoadCommitted));
+    g_assert(webkit_web_context_get_tls_errors_policy(context) == WEBKIT_TLS_ERRORS_POLICY_FAIL);
 }
 
 static void testTLSErrorsRedirect(SSLTest* test, gconstpointer)
 {
-    webkit_web_context_set_tls_errors_policy(webkit_web_view_get_context(test->m_webView), WEBKIT_TLS_ERRORS_POLICY_FAIL);
+    WebKitWebContext* context = webkit_web_view_get_context(test->m_webView);
+    WebKitTLSErrorsPolicy originalPolicy = webkit_web_context_get_tls_errors_policy(context);
+    webkit_web_context_set_tls_errors_policy(context, WEBKIT_TLS_ERRORS_POLICY_FAIL);
+
     test->loadURI(kHttpsServer->getURIForPath("/redirect").data());
     test->waitUntilLoadFinished();
     g_assert(test->m_loadFailed);
     g_assert(test->m_loadEvents.contains(LoadTrackingTest::ProvisionalLoadFailed));
     g_assert(!test->m_loadEvents.contains(LoadTrackingTest::LoadCommitted));
+
+    webkit_web_context_set_tls_errors_policy(context, originalPolicy);
 }
 
 static gboolean webViewAuthenticationCallback(WebKitWebView*, WebKitAuthenticationRequest* request)
@@ -153,13 +176,18 @@ static gboolean webViewAuthenticationCallback(WebKitWebView*, WebKitAuthenticati
 
 static void testTLSErrorsHTTPAuth(SSLTest* test, gconstpointer)
 {
-    webkit_web_context_set_tls_errors_policy(webkit_web_view_get_context(test->m_webView), WEBKIT_TLS_ERRORS_POLICY_FAIL);
+    WebKitWebContext* context = webkit_web_view_get_context(test->m_webView);
+    WebKitTLSErrorsPolicy originalPolicy = webkit_web_context_get_tls_errors_policy(context);
+    webkit_web_context_set_tls_errors_policy(context, WEBKIT_TLS_ERRORS_POLICY_FAIL);
+
     g_signal_connect(test->m_webView, "authenticate", G_CALLBACK(webViewAuthenticationCallback), NULL);
     test->loadURI(kHttpsServer->getURIForPath("/auth").data());
     test->waitUntilLoadFinished();
     g_assert(test->m_loadFailed);
     g_assert(test->m_loadEvents.contains(LoadTrackingTest::ProvisionalLoadFailed));
     g_assert(!test->m_loadEvents.contains(LoadTrackingTest::LoadCommitted));
+
+    webkit_web_context_set_tls_errors_policy(context, originalPolicy);
 }
 
 class TLSErrorsTest: public SSLTest {
@@ -204,6 +232,7 @@ class TLSErrorsTest: public SSLTest {
 static void testLoadFailedWithTLSErrors(TLSErrorsTest* test, gconstpointer)
 {
     WebKitWebContext* context = webkit_web_view_get_context(test->m_webView);
+    WebKitTLSErrorsPolicy originalPolicy = webkit_web_context_get_tls_errors_policy(context);
     webkit_web_context_set_tls_errors_policy(context, WEBKIT_TLS_ERRORS_POLICY_FAIL);
 
     // The load-failed-with-tls-errors signal should be emitted when there is a TLS failure.
@@ -226,6 +255,8 @@ static void testLoadFailedWithTLSErrors(TLSErrorsTest* test, gconstpointer)
     g_assert_cmpint(test->m_loadEvents[1], ==, LoadTrackingTest::LoadCommitted);
     g_assert_cmpint(test->m_loadEvents[2], ==, LoadTrackingTest::LoadFinished);
     g_assert_cmpstr(webkit_web_view_get_title(test->m_webView), ==, TLSExpectedSuccessTitle);
+
+    webkit_web_context_set_tls_errors_policy(context, originalPolicy);
 }
 
 
@@ -298,9 +329,9 @@ void beforeAll()
 
     SSLTest::add("WebKitWebView", "ssl", testSSL);
     InsecureContentTest::add("WebKitWebView", "insecure-content", testInsecureContent);
-    // In this case the order of the tests does matter because tls-errors-policy tests the default policy,
-    // and expects that no exception will have been added for this certificate and host pair as is
-    // done in the tls-permission-request test.
+    // In this case the order of the tests does matter because tls-errors-policy expects
+    // that no exception will have been added for this certificate and host pair as is
+    // done in the load-failed-with-tls-errors test.
     SSLTest::add("WebKitWebView", "tls-errors-policy", testTLSErrorsPolicy);
     SSLTest::add("WebKitWebView", "tls-errors-redirect-to-http", testTLSErrorsRedirect);
     SSLTest::add("WebKitWebView", "tls-http-auth", testTLSErrorsHTTPAuth);