Skip to content
Permalink
Browse files
Enable SharedArrayBuffer support when COOP/COEP headers are used
https://bugs.webkit.org/show_bug.cgi?id=229559
<rdar://problem/82391945>

Reviewed by Alex Christensen.

LayoutTests/imported/w3c:

Rebaseline a few web-platform-tests now that window.crossOriginIsolated properly returns
true when COOP+COEP are used.

Note that SharedArrayBuffer are already forcefully enabled by run-webkit-tests.py when running
the layout tests, which is why there are not more layout test results changes. At some point,
we should stop forcefully enabling SharedArrayBuffer when running web-platform-tests at least,
since WPT tests already make sure to use COOP+COEP when testing SharedArrayBuffer.

* web-platform-tests/IndexedDB/serialize-sharedarraybuffer-throws.https-expected.txt:
* web-platform-tests/html/cross-origin-embedder-policy/cross-origin-isolated-permission.https-expected.txt:
Note that some subtests are failing because we don't support the Permissions-Policy HTTP header:
- https://w3c.github.io/webappsec-permissions-policy/

* web-platform-tests/html/cross-origin-opener-policy/coep.https-expected.txt:

Source/WebCore:

Make sure window.crossOriginIsolated returns true when COOP=same-origin and
COEP=require-corp are used. Also make sure that cross-origin-isolates pages
are allowed to use SharedArrayBuffer.

Change is covered by rebaselined layout tests and new API tests.

* loader/DocumentLoader.cpp:
(WebCore::toNeedsBrowsingContextGroupSwitch):
(WebCore::DocumentLoader::responseReceived):
* loader/EmptyClients.cpp:
(WebCore::EmptyFrameLoaderClient::dispatchDecidePolicyForResponse):
* loader/EmptyFrameLoaderClient.h:
* loader/FrameLoader.cpp:
(WebCore::FrameLoader::checkContentPolicy):
* loader/FrameLoader.h:
* loader/FrameLoaderClient.h:
* loader/FrameLoaderTypes.h:
* page/DOMWindow.cpp:
(WebCore::DOMWindow::crossOriginIsolated const):
* page/DOMWindow.idl:

Source/WebKit:

Make sure window.crossOriginIsolated returns true when COOP=same-origin and
COEP=require-corp are used. Also make sure that cross-origin-isolates pages
are allowed to use SharedArrayBuffer.

When the WebProcess determines it needs to switch browsing context group it
now sends a NeedsBrowsingContextGroupSwitch::YesWithoutCrossOriginIsolation /
NeedsBrowsingContextGroupSwitch::YesWithCrossOriginIsolation enum value to
the UIProcess with the DecidePolicyForResponse IPC instead of a simple
boolean. We send YesWithoutCrossOriginIsolation when the navigation
destination will be cross-origin-isolated due to COOP=same-origin and
COEP=require-corp. In the UIProcess, when YesWithCrossOriginIsolation is
received, we take care of launching a fresh WebProcess (never recycling an
existing WebProcess) and we make this WebProcess as cross-origin-isolated.
When a process is cross-origin-isolated, we pass it a XPC flag on launch
to allow the process to use SharedArrayBuffer. We use an XPC flag because
JSC Options need to be set before JSC::initialize() is called, which occurs
during XPC service initialization. When a WebProcess is marked as
cross-origin-isolated, we make sure to never cache it so it cannot be
recycled for a new navigation (given that it has special permission to use
SharedArrayBuffer).

* Scripts/webkit/messages.py:
(headers_for_type):
* Shared/EntryPointUtilities/Cocoa/XPCService/XPCServiceEntryPoint.h:
(WebKit::XPCServiceInitializer):
* UIProcess/Launcher/ProcessLauncher.h:
(WebKit::ProcessLauncher::Client::shouldEnableSharedArrayBuffer const):
* UIProcess/Launcher/mac/ProcessLauncherMac.mm:
(WebKit::ProcessLauncher::launchProcess):
* UIProcess/ProvisionalPageProxy.cpp:
(WebKit::ProvisionalPageProxy::decidePolicyForResponse):
* UIProcess/ProvisionalPageProxy.h:
* UIProcess/SuspendedPageProxy.cpp:
(WebKit::SuspendedPageProxy::findReusableSuspendedPageProcess):
* UIProcess/WebPageProxy.cpp:
(WebKit::WebPageProxy::decidePolicyForResponse):
(WebKit::WebPageProxy::decidePolicyForResponseShared):
* UIProcess/WebPageProxy.h:
* UIProcess/WebPageProxy.messages.in:
* UIProcess/WebProcessPool.cpp:
(WebKit::WebProcessPool::createNewWebProcess):
(WebKit::WebProcessPool::createWebPage):
* UIProcess/WebProcessPool.h:
* UIProcess/WebProcessProxy.cpp:
(WebKit::WebProcessProxy::create):
(WebKit::WebProcessProxy::createForServiceWorkers):
(WebKit::WebProcessProxy::WebProcessProxy):
(WebKit::WebProcessProxy::canBeAddedToWebProcessCache const):
* UIProcess/WebProcessProxy.h:
(WebKit::WebProcessProxy::isCrossOriginIsolated const):
* WebProcess/WebCoreSupport/WebFrameLoaderClient.cpp:
(WebKit::WebFrameLoaderClient::dispatchDecidePolicyForResponse):
* WebProcess/WebCoreSupport/WebFrameLoaderClient.h:

Source/WebKitLegacy/mac:

* WebCoreSupport/WebFrameLoaderClient.h:
* WebCoreSupport/WebFrameLoaderClient.mm:
(WebFrameLoaderClient::dispatchDecidePolicyForResponse):

Source/WebKitLegacy/win:

* WebCoreSupport/WebFrameLoaderClient.cpp:
(WebFrameLoaderClient::dispatchDecidePolicyForResponse):
* WebCoreSupport/WebFrameLoaderClient.h:

Tools:

Add API test coverage. SharedArrayBuffer support is currently forcefully enabled by
run-webkit-tests.py so it would not be practical to write layout tests for this at
the moment.

* TestWebKitAPI/Tests/WebKitCocoa/ProcessSwapOnNavigation.mm:
(-[PSONScheme addMappingFromURLString:toData:withCOOPValue:withCOEPValue:]):
(-[PSONScheme webView:startURLSchemeTask:]):


Canonical link: https://commits.webkit.org/241165@main
git-svn-id: https://svn.webkit.org/repository/webkit/trunk@281832 268f45cc-cd09-0410-ab3c-d52691b4dbfc
  • Loading branch information
cdumez committed Aug 31, 2021
1 parent bc8f780 commit f3ee677b635a3ff19f7c0261a905ad69fed89067
Showing with 551 additions and 108 deletions.
  1. +23 −0 LayoutTests/imported/w3c/ChangeLog
  2. +3 −1 ...s/imported/w3c/web-platform-tests/IndexedDB/serialize-sharedarraybuffer-throws.https-expected.txt
  3. +20 −20 ...tform-tests/html/cross-origin-embedder-policy/cross-origin-isolated-permission.https-expected.txt
  4. +1 −1 LayoutTests/imported/w3c/web-platform-tests/html/cross-origin-opener-policy/coep.https-expected.txt
  5. +3 −0 ...1/imported/w3c/web-platform-tests/IndexedDB/serialize-sharedarraybuffer-throws.https-expected.txt
  6. +29 −0 Source/WebCore/ChangeLog
  7. +1 −0 Source/WebCore/Headers.cmake
  8. +4 −0 Source/WebCore/WebCore.xcodeproj/project.pbxproj
  9. +34 −0 Source/WebCore/dom/CrossOriginMode.h
  10. +12 −0 Source/WebCore/dom/ScriptExecutionContext.cpp
  11. +4 −0 Source/WebCore/dom/ScriptExecutionContext.h
  12. +11 −2 Source/WebCore/loader/DocumentLoader.cpp
  13. +1 −1 Source/WebCore/loader/EmptyClients.cpp
  14. +1 −1 Source/WebCore/loader/EmptyFrameLoaderClient.h
  15. +2 −2 Source/WebCore/loader/FrameLoader.cpp
  16. +1 −1 Source/WebCore/loader/FrameLoader.h
  17. +1 −1 Source/WebCore/loader/FrameLoaderClient.h
  18. +15 −0 Source/WebCore/loader/FrameLoaderTypes.h
  19. +2 −3 Source/WebCore/page/DOMWindow.cpp
  20. +0 −2 Source/WebCore/page/DOMWindow.idl
  21. +1 −3 Source/WebCore/workers/WorkerGlobalScope.cpp
  22. +62 −0 Source/WebKit/ChangeLog
  23. +1 −0 Source/WebKit/Scripts/webkit/messages.py
  24. +5 −0 Source/WebKit/Shared/EntryPointUtilities/Cocoa/XPCService/XPCServiceEntryPoint.h
  25. +3 −0 Source/WebKit/Shared/WebProcessCreationParameters.cpp
  26. +2 −0 Source/WebKit/Shared/WebProcessCreationParameters.h
  27. +1 −0 Source/WebKit/UIProcess/Launcher/ProcessLauncher.h
  28. +2 −0 Source/WebKit/UIProcess/Launcher/mac/ProcessLauncherMac.mm
  29. +2 −2 Source/WebKit/UIProcess/ProvisionalPageProxy.cpp
  30. +1 −1 Source/WebKit/UIProcess/ProvisionalPageProxy.h
  31. +1 −1 Source/WebKit/UIProcess/SuspendedPageProxy.cpp
  32. +20 −17 Source/WebKit/UIProcess/WebPageProxy.cpp
  33. +2 −2 Source/WebKit/UIProcess/WebPageProxy.h
  34. +1 −1 Source/WebKit/UIProcess/WebPageProxy.messages.in
  35. +4 −3 Source/WebKit/UIProcess/WebProcessPool.cpp
  36. +2 −1 Source/WebKit/UIProcess/WebProcessPool.h
  37. +10 −4 Source/WebKit/UIProcess/WebProcessProxy.cpp
  38. +7 −2 Source/WebKit/UIProcess/WebProcessProxy.h
  39. +3 −3 Source/WebKit/WebProcess/WebCoreSupport/WebFrameLoaderClient.cpp
  40. +1 −1 Source/WebKit/WebProcess/WebCoreSupport/WebFrameLoaderClient.h
  41. +3 −0 Source/WebKit/WebProcess/WebProcess.cpp
  42. +12 −0 Source/WebKitLegacy/mac/ChangeLog
  43. +1 −1 Source/WebKitLegacy/mac/WebCoreSupport/WebFrameLoaderClient.h
  44. +1 −1 Source/WebKitLegacy/mac/WebCoreSupport/WebFrameLoaderClient.mm
  45. +12 −0 Source/WebKitLegacy/win/ChangeLog
  46. +1 −1 Source/WebKitLegacy/win/WebCoreSupport/WebFrameLoaderClient.cpp
  47. +1 −1 Source/WebKitLegacy/win/WebCoreSupport/WebFrameLoaderClient.h
  48. +16 −0 Tools/ChangeLog
  49. +205 −28 Tools/TestWebKitAPI/Tests/WebKitCocoa/ProcessSwapOnNavigation.mm
@@ -1,3 +1,26 @@
2021-08-31 Chris Dumez <cdumez@apple.com>

Enable SharedArrayBuffer support when COOP/COEP headers are used
https://bugs.webkit.org/show_bug.cgi?id=229559
<rdar://problem/82391945>

Reviewed by Alex Christensen.

Rebaseline a few web-platform-tests now that window.crossOriginIsolated properly returns
true when COOP+COEP are used.

Note that SharedArrayBuffer are already forcefully enabled by run-webkit-tests.py when running
the layout tests, which is why there are not more layout test results changes. At some point,
we should stop forcefully enabling SharedArrayBuffer when running web-platform-tests at least,
since WPT tests already make sure to use COOP+COEP when testing SharedArrayBuffer.

* web-platform-tests/IndexedDB/serialize-sharedarraybuffer-throws.https-expected.txt:
* web-platform-tests/html/cross-origin-embedder-policy/cross-origin-isolated-permission.https-expected.txt:
Note that some subtests are failing because we don't support the Permissions-Policy HTTP header:
- https://w3c.github.io/webappsec-permissions-policy/

* web-platform-tests/html/cross-origin-opener-policy/coep.https-expected.txt:

2021-08-31 Marcos Caceres <marcos@marcosc.com>

[Payment Request] Calling PaymentRequest's show() should consume user activation
@@ -1,3 +1,5 @@

FAIL IndexedDB: Attempting to serialize a SharedArrayBuffer should throw assert_true: The page is served with COOP and COEP, it should be cross-origin-isolated. expected true got false
FAIL IndexedDB: Attempting to serialize a SharedArrayBuffer should throw assert_throws_dom: function "() => {
rq = objStore.put({sab: sab}, 'key');
}" threw object "DataError: Failed to store record in an IDBObjectStore: The object store uses in-line keys and the key parameter was provided." that is not a DOMException DataCloneError: property "code" is equal to 0, expected 25

@@ -1,24 +1,24 @@

FAIL frame: origin = https://localhost:9443, value = undefined assert_equals: expected true but got false
FAIL frame: origin = https://localhost:9443, value = * assert_equals: expected true but got false
FAIL frame: origin = https://localhost:9443, value = self assert_equals: expected true but got false
PASS frame: origin = https://localhost:9443, value = (\)
PASS frame: origin = https://127.0.0.1:9443, value = undefined
PASS frame: origin = https://127.0.0.1:9443, value = *
PASS frame: origin = https://127.0.0.1:9443, value = self
PASS frame: origin = https://127.0.0.1:9443, value = (\)
FAIL dedicated worker: scheme = https, value = undefined assert_equals: expected true but got false
FAIL dedicated worker: scheme = https, value = * assert_equals: expected true but got false
FAIL dedicated worker: scheme = https, value = self assert_equals: expected true but got false
PASS dedicated worker: scheme = https, value = (\)
PASS dedicated worker: scheme = data, value = undefined
PASS dedicated worker: scheme = data, value = *
PASS dedicated worker: scheme = data, value = self
PASS dedicated worker: scheme = data, value = (\)
FAIL dedicated worker: scheme = blob, value = undefined assert_equals: expected true but got false
FAIL dedicated worker: scheme = blob, value = * assert_equals: expected true but got false
FAIL dedicated worker: scheme = blob, value = self assert_equals: expected true but got false
PASS dedicated worker: scheme = blob, value = (\)
PASS frame: origin = https://localhost:9443, value = undefined
PASS frame: origin = https://localhost:9443, value = *
PASS frame: origin = https://localhost:9443, value = self
FAIL frame: origin = https://localhost:9443, value = (\) assert_equals: expected false but got true
FAIL frame: origin = https://127.0.0.1:9443, value = undefined assert_equals: expected false but got true
FAIL frame: origin = https://127.0.0.1:9443, value = * assert_equals: expected false but got true
FAIL frame: origin = https://127.0.0.1:9443, value = self assert_equals: expected false but got true
FAIL frame: origin = https://127.0.0.1:9443, value = (\) assert_equals: expected false but got true
PASS dedicated worker: scheme = https, value = undefined
PASS dedicated worker: scheme = https, value = *
PASS dedicated worker: scheme = https, value = self
FAIL dedicated worker: scheme = https, value = (\) assert_equals: expected false but got true
FAIL dedicated worker: scheme = data, value = undefined assert_equals: expected false but got true
FAIL dedicated worker: scheme = data, value = * assert_equals: expected false but got true
FAIL dedicated worker: scheme = data, value = self assert_equals: expected false but got true
FAIL dedicated worker: scheme = data, value = (\) assert_equals: expected false but got true
PASS dedicated worker: scheme = blob, value = undefined
PASS dedicated worker: scheme = blob, value = *
PASS dedicated worker: scheme = blob, value = self
FAIL dedicated worker: scheme = blob, value = (\) assert_equals: expected false but got true
FAIL shared worker: withCoopCoep = false Can't find variable: SharedWorker
FAIL shared worker: withCoopCoep = true Can't find variable: SharedWorker
FAIL service worker: withCoopCoep = false assert_equals: expected (boolean) false but got (undefined) undefined
@@ -7,5 +7,5 @@ PASS Same-origin popup with coop unsafe-none without coep
PASS historical: "same-site" popup with coop unsafe-none without coep
PASS Same-origin popup without coep
PASS historical: "same-site" popup without coep
FAIL Bonus: window.crossOriginIsolated assert_true: expected true got false
PASS Bonus: window.crossOriginIsolated

@@ -0,0 +1,3 @@

FAIL IndexedDB: Attempting to serialize a SharedArrayBuffer should throw assert_true: The page is served with COOP and COEP, it should be cross-origin-isolated. expected true got false

@@ -1,3 +1,32 @@
2021-08-31 Chris Dumez <cdumez@apple.com>

Enable SharedArrayBuffer support when COOP/COEP headers are used
https://bugs.webkit.org/show_bug.cgi?id=229559
<rdar://problem/82391945>

Reviewed by Alex Christensen.

Make sure window.crossOriginIsolated returns true when COOP=same-origin and
COEP=require-corp are used. Also make sure that cross-origin-isolates pages
are allowed to use SharedArrayBuffer.

Change is covered by rebaselined layout tests and new API tests.

* loader/DocumentLoader.cpp:
(WebCore::toNeedsBrowsingContextGroupSwitch):
(WebCore::DocumentLoader::responseReceived):
* loader/EmptyClients.cpp:
(WebCore::EmptyFrameLoaderClient::dispatchDecidePolicyForResponse):
* loader/EmptyFrameLoaderClient.h:
* loader/FrameLoader.cpp:
(WebCore::FrameLoader::checkContentPolicy):
* loader/FrameLoader.h:
* loader/FrameLoaderClient.h:
* loader/FrameLoaderTypes.h:
* page/DOMWindow.cpp:
(WebCore::DOMWindow::crossOriginIsolated const):
* page/DOMWindow.idl:

2021-08-31 Kate Cheney <katherine_cheney@apple.com>

Use after move in ServiceWorkerThreadProxy
@@ -434,6 +434,7 @@ set(WebCore_PRIVATE_FRAMEWORK_HEADERS
dom/Comment.h
dom/ContainerNode.h
dom/ContextDestructionObserver.h
dom/CrossOriginMode.h
dom/CustomElementReactionQueue.h
dom/DOMException.h
dom/DOMHighResTimeStamp.h
@@ -1294,6 +1294,7 @@
467302021C4EFE7800BCB357 /* IgnoreOpensDuringUnloadCountIncrementer.h in Headers */ = {isa = PBXBuildFile; fileRef = 467302011C4EFE6600BCB357 /* IgnoreOpensDuringUnloadCountIncrementer.h */; };
4682D2001F79783000C863DB /* StoredCredentialsPolicy.h in Headers */ = {isa = PBXBuildFile; fileRef = 4682D1FF1F79782300C863DB /* StoredCredentialsPolicy.h */; settings = {ATTRIBUTES = (Private, ); }; };
468344E01EDDFAAA00B7795B /* DOMRectList.h in Headers */ = {isa = PBXBuildFile; fileRef = 468344DE1EDDFA5F00B7795B /* DOMRectList.h */; settings = {ATTRIBUTES = (Private, ); }; };
4688EE3C26DD2610002AF5C4 /* CrossOriginMode.h in Headers */ = {isa = PBXBuildFile; fileRef = 4688EE3A26DD260C002AF5C4 /* CrossOriginMode.h */; settings = {ATTRIBUTES = (Private, ); }; };
469CCCFE269D021C006E0314 /* BroadcastChannel.h in Headers */ = {isa = PBXBuildFile; fileRef = 469CCCFC269D0202006E0314 /* BroadcastChannel.h */; settings = {ATTRIBUTES = (Private, ); }; };
46AAAA3D25D3632000BAF42F /* AudioFileReaderCocoa.h in Headers */ = {isa = PBXBuildFile; fileRef = 46AAAA3A25D3631400BAF42F /* AudioFileReaderCocoa.h */; };
46B63F6C1C6E8D19002E914B /* JSEventTargetCustom.h in Headers */ = {isa = PBXBuildFile; fileRef = 46B63F6B1C6E8CDF002E914B /* JSEventTargetCustom.h */; settings = {ATTRIBUTES = (Private, ); }; };
@@ -8335,6 +8336,7 @@
468344DC1EDDFA5F00B7795B /* DOMRectList.idl */ = {isa = PBXFileReference; lastKnownFileType = text; path = DOMRectList.idl; sourceTree = "<group>"; };
468344DD1EDDFA5F00B7795B /* DOMRectList.cpp */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.cpp.cpp; path = DOMRectList.cpp; sourceTree = "<group>"; };
468344DE1EDDFA5F00B7795B /* DOMRectList.h */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; path = DOMRectList.h; sourceTree = "<group>"; };
4688EE3A26DD260C002AF5C4 /* CrossOriginMode.h */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; path = CrossOriginMode.h; sourceTree = "<group>"; };
468B8BDE25CC849300F67822 /* JSBaseAudioContextCustom.cpp */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.cpp.cpp; path = JSBaseAudioContextCustom.cpp; sourceTree = "<group>"; };
469CCCFA269D0202006E0314 /* BroadcastChannel.cpp */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.cpp.cpp; path = BroadcastChannel.cpp; sourceTree = "<group>"; };
469CCCFC269D0202006E0314 /* BroadcastChannel.h */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; path = BroadcastChannel.h; sourceTree = "<group>"; };
@@ -29871,6 +29873,7 @@
E1A1470711102B1500EEC0F3 /* ContainerNodeAlgorithms.h */,
97627B8B14FB3CEE002CDCA1 /* ContextDestructionObserver.cpp */,
97627B8C14FB3CEE002CDCA1 /* ContextDestructionObserver.h */,
4688EE3A26DD260C002AF5C4 /* CrossOriginMode.h */,
7CF570C62492BD49008EB33C /* CurrentScriptIncrementer.h */,
9B56C9A91C89329A00C456DF /* CustomElementReactionQueue.cpp */,
9B56C9A81C89312800C456DF /* CustomElementReactionQueue.h */,
@@ -31499,6 +31502,7 @@
2D481F02146B5C5500AA7834 /* CrossfadeGeneratedImage.h in Headers */,
E1C416120F6562FD0092D2FB /* CrossOriginAccessControl.h in Headers */,
4672AA9826B0943300E6EC38 /* CrossOriginEmbedderPolicy.h in Headers */,
4688EE3C26DD2610002AF5C4 /* CrossOriginMode.h in Headers */,
4672AA9926B0943F00E6EC38 /* CrossOriginOpenerPolicy.h in Headers */,
41ABE67B1D0580DB006D862D /* CrossOriginPreflightChecker.h in Headers */,
E1C415DA0F655D6F0092D2FB /* CrossOriginPreflightResultCache.h in Headers */,
@@ -0,0 +1,34 @@
/*
* Copyright (C) 2021 Apple Inc. All Rights Reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* THIS SOFTWARE IS PROVIDED BY APPLE INC. ``AS IS'' AND ANY
* EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR
* CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
* EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
* PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
* PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
* OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*
*/

#pragma once

namespace WebCore {

// Cross-Origin isolation via COOP+COEP headers.
enum class CrossOriginMode : bool { Shared, Isolated };

}
@@ -81,6 +81,8 @@
namespace WebCore {
using namespace Inspector;

static std::atomic<CrossOriginMode> globalCrossOriginMode { CrossOriginMode::Shared };

static Lock allScriptExecutionContextsMapLock;
static HashMap<ScriptExecutionContextIdentifier, ScriptExecutionContext*>& allScriptExecutionContextsMap() WTF_REQUIRES_LOCK(allScriptExecutionContextsMapLock)
{
@@ -623,6 +625,16 @@ ServiceWorkerContainer* ScriptExecutionContext::ensureServiceWorkerContainer()

#endif

void ScriptExecutionContext::setCrossOriginMode(CrossOriginMode crossOriginMode)
{
globalCrossOriginMode = crossOriginMode;
}

CrossOriginMode ScriptExecutionContext::crossOriginMode()
{
return globalCrossOriginMode;
}

bool ScriptExecutionContext::postTaskTo(ScriptExecutionContextIdentifier identifier, Task&& task)
{
Locker locker { allScriptExecutionContextsMapLock };
@@ -28,6 +28,7 @@
#pragma once

#include "ActiveDOMObject.h"
#include "CrossOriginMode.h"
#include "DOMTimer.h"
#include "PermissionController.h"
#include "RTCDataChannelRemoteHandlerConnection.h"
@@ -174,6 +175,9 @@ class ScriptExecutionContext : public SecurityContext, public CanMakeWeakPtr<Scr
virtual std::unique_ptr<FontLoadRequest> fontLoadRequest(String& url, bool isSVG, bool isInitiatingElementInUserAgentShadowTree, LoadedFromOpaqueSource);
virtual void beginLoadingFontSoon(FontLoadRequest&) { }

WEBCORE_EXPORT static void setCrossOriginMode(CrossOriginMode);
static CrossOriginMode crossOriginMode();

void ref() { refScriptExecutionContext(); }
void deref() { derefScriptExecutionContext(); }

@@ -948,6 +948,15 @@ void DocumentLoader::responseReceived(CachedResource& resource, const ResourceRe
responseReceived(response, WTFMove(completionHandler));
}

static BrowsingContextGroupSwitchDecision toBrowsingContextGroupSwitchDecision(const std::optional<CrossOriginOpenerPolicyEnforcementResult>& currentCoopEnforcementResult)
{
if (!currentCoopEnforcementResult || !currentCoopEnforcementResult->needsBrowsingContextGroupSwitch)
return BrowsingContextGroupSwitchDecision::StayInGroup;
if (currentCoopEnforcementResult->crossOriginOpenerPolicy.value == CrossOriginOpenerPolicyValue::SameOriginPlusCOEP)
return BrowsingContextGroupSwitchDecision::NewIsolatedGroup;
return BrowsingContextGroupSwitchDecision::NewSharedGroup;
}

void DocumentLoader::responseReceived(const ResourceResponse& response, CompletionHandler<void()>&& completionHandler)
{
ASSERT(response.certificateInfo());
@@ -1048,8 +1057,8 @@ void DocumentLoader::responseReceived(const ResourceResponse& response, Completi
if (mainResourceLoader)
mainResourceLoader->markInAsyncResponsePolicyCheck();
auto requestIdentifier = PolicyCheckIdentifier::create();
bool needsBrowsingContextGroupSwitch = m_currentCoopEnforcementResult && m_currentCoopEnforcementResult->needsBrowsingContextGroupSwitch;
frameLoader()->checkContentPolicy(m_response, requestIdentifier, needsBrowsingContextGroupSwitch, [this, protectedThis = makeRef(*this), mainResourceLoader = WTFMove(mainResourceLoader),
auto browsingContextGroupSwitchDecision = toBrowsingContextGroupSwitchDecision(m_currentCoopEnforcementResult);
frameLoader()->checkContentPolicy(m_response, requestIdentifier, browsingContextGroupSwitchDecision, [this, protectedThis = makeRef(*this), mainResourceLoader = WTFMove(mainResourceLoader),
completionHandler = completionHandlerCaller.release(), requestIdentifier] (PolicyAction policy, PolicyCheckIdentifier responseIdentifier) mutable {
RELEASE_ASSERT(responseIdentifier.isValidFor(requestIdentifier));
continueAfterContentPolicy(policy);
@@ -817,7 +817,7 @@ void EmptyFrameLoaderClient::dispatchShow()
{
}

void EmptyFrameLoaderClient::dispatchDecidePolicyForResponse(const ResourceResponse&, const ResourceRequest&, PolicyCheckIdentifier, const String&, bool, FramePolicyFunction&&)
void EmptyFrameLoaderClient::dispatchDecidePolicyForResponse(const ResourceResponse&, const ResourceRequest&, PolicyCheckIdentifier, const String&, BrowsingContextGroupSwitchDecision, FramePolicyFunction&&)
{
}

@@ -96,7 +96,7 @@ class WEBCORE_EXPORT EmptyFrameLoaderClient : public FrameLoaderClient {
Frame* dispatchCreatePage(const NavigationAction&, NewFrameOpenerPolicy) final;
void dispatchShow() final;

void dispatchDecidePolicyForResponse(const ResourceResponse&, const ResourceRequest&, PolicyCheckIdentifier, const String&, bool needsBrowsingContextGroupSwitch, FramePolicyFunction&&) final;
void dispatchDecidePolicyForResponse(const ResourceResponse&, const ResourceRequest&, PolicyCheckIdentifier, const String&, BrowsingContextGroupSwitchDecision, FramePolicyFunction&&) final;
void dispatchDecidePolicyForNewWindowAction(const NavigationAction&, const ResourceRequest&, FormState*, const String&, PolicyCheckIdentifier, FramePolicyFunction&&) final;
void dispatchDecidePolicyForNavigationAction(const NavigationAction&, const ResourceRequest&, const ResourceResponse& redirectResponse, FormState*, PolicyDecisionMode, PolicyCheckIdentifier, FramePolicyFunction&&) final;
void cancelPolicyCheck() final;
@@ -413,7 +413,7 @@ void FrameLoader::setDefersLoading(bool defers)
}
}

void FrameLoader::checkContentPolicy(const ResourceResponse& response, PolicyCheckIdentifier identifier, bool needsBrowsingContextGroupSwitch, ContentPolicyDecisionFunction&& function)
void FrameLoader::checkContentPolicy(const ResourceResponse& response, PolicyCheckIdentifier identifier, BrowsingContextGroupSwitchDecision browsingContextGroupSwitchDecision, ContentPolicyDecisionFunction&& function)
{
if (!activeDocumentLoader()) {
// Load was cancelled
@@ -422,7 +422,7 @@ void FrameLoader::checkContentPolicy(const ResourceResponse& response, PolicyChe
}

// FIXME: Validate the policy check identifier.
client().dispatchDecidePolicyForResponse(response, activeDocumentLoader()->request(), identifier, activeDocumentLoader()->downloadAttribute(), needsBrowsingContextGroupSwitch, WTFMove(function));
client().dispatchDecidePolicyForResponse(response, activeDocumentLoader()->request(), identifier, activeDocumentLoader()->downloadAttribute(), browsingContextGroupSwitchDecision, WTFMove(function));
}

void FrameLoader::changeLocation(const URL& url, const String& passedTarget, Event* triggeringEvent, const ReferrerPolicy& referrerPolicy, ShouldOpenExternalURLsPolicy shouldOpenExternalURLsPolicy, std::optional<NewFrameOpenerPolicy> openerPolicy, const AtomString& downloadAttribute, const SystemPreviewInfo& systemPreviewInfo, std::optional<PrivateClickMeasurement>&& privateClickMeasurement)
@@ -220,7 +220,7 @@ class FrameLoader final {

void setDefersLoading(bool);

void checkContentPolicy(const ResourceResponse&, PolicyCheckIdentifier, bool needsBrowsingContextGroupSwitch, ContentPolicyDecisionFunction&&);
void checkContentPolicy(const ResourceResponse&, PolicyCheckIdentifier, BrowsingContextGroupSwitchDecision, ContentPolicyDecisionFunction&&);

void didExplicitOpen();

0 comments on commit f3ee677

Please sign in to comment.