Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Cherry-pick 259548.39@safari-7615-branch (c68b7da). https://bugs.webk…
…it.org/show_bug.cgi?id=251282 Cross-Site Information Leak: CSP violation reports may contain a post-redirect URL https://bugs.webkit.org/show_bug.cgi?id=251282 rdar://104753003 Reviewed by Yusuke Suzuki. The source-file field of a CSP violation report may contain a URL which has sensitive data in the query string if it was the result of a redirect. The CSP spec in non-normative terms suggests that in the case of a redirect (such as a login flow which appends a login token) we should report violations in the resulting resource with the pre-redirect URL to avoid cross-site information leaks via the CSP reporting API. Source/JavaScriptCore: Plubming code to make pre-redirect URLs available in ScriptCallStacks. When a ScriptCallStack is created by the StackVisitor the ScriptCallFrame objects will be populated with the pre-redirect URL by consulting the SourceProvider. WebCore will conditionally set the preRedirectURL member if the resource was obtained via a redirected response. * Source/JavaScriptCore/API/JSScript.mm: (-[JSScript sourceCode]): * Source/JavaScriptCore/API/JSScriptRef.cpp: * Source/JavaScriptCore/inspector/ScriptCallFrame.cpp: (Inspector::ScriptCallFrame::ScriptCallFrame): (Inspector::ScriptCallFrame::isEqual const): * Source/JavaScriptCore/inspector/ScriptCallFrame.h: * Source/JavaScriptCore/inspector/ScriptCallStackFactory.cpp: (Inspector::CreateScriptCallStackFunctor::operator() const): * Source/JavaScriptCore/interpreter/StackVisitor.cpp: (JSC::StackVisitor::Frame::preRedirectURL const): * Source/JavaScriptCore/interpreter/StackVisitor.h: * Source/JavaScriptCore/parser/SourceProvider.cpp: (JSC::SourceProvider::SourceProvider): (JSC::BaseWebAssemblySourceProvider::BaseWebAssemblySourceProvider): * Source/JavaScriptCore/parser/SourceProvider.h: (JSC::SourceProvider::preRedirectURL const): (JSC::StringSourceProvider::StringSourceProvider): * Source/JavaScriptCore/runtime/CachedTypes.cpp: (JSC::CachedSourceProviderShape::encode): * Source/JavaScriptCore/runtime/ScriptExecutable.h: (JSC::ScriptExecutable::preRedirectURL const): Source/WebCore: This updates the constructors for ScriptSourceCode objects to pass null strings for the preRedirectURL parameter. In the cases where we can detect whether a redirect happened or not we pass the pre-redirect URL to the SourceProvider. * Source/WebCore/bindings/js/CachedScriptSourceProvider.h: (WebCore::CachedScriptSourceProvider::CachedScriptSourceProvider): * Source/WebCore/bindings/js/ScriptBufferSourceProvider.h: * Source/WebCore/bindings/js/ScriptModuleLoader.cpp: (WebCore::ScriptModuleLoader::notifyFinished): * Source/WebCore/bindings/js/ScriptSourceCode.h: (WebCore::ScriptSourceCode::ScriptSourceCode): * Source/WebCore/workers/WorkerGlobalScope.cpp: (WebCore::WorkerGlobalScope::importScripts): * Source/WebCore/workers/WorkerThread.cpp: (WebCore::WorkerThread::evaluateScriptIfNecessary): * Source/WebCore/page/csp/ContentSecurityPolicy.cpp: (WebCore::ContentSecurityPolicy::reportViolation const): To populate the source-file field of a CSP report we consult the JavaScript call stack. The source URL of the frame may be the result of a redirect in which case we should use the pre-redirect URL in the report to avoid leaking potentially sensitive data in the post-redirect URL. Canonical link: https://commits.webkit.org/259548.39@safari-7615-branch
- Loading branch information
Showing
18 changed files
with
66 additions
and
23 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters