From 219be2142507258fc8a409a8676c3b52e45662ec Mon Sep 17 00:00:00 2001 From: Brent Fulgham Date: Tue, 13 Dec 2022 11:19:15 -0800 Subject: [PATCH] Disable IndexedDB in Lockdown Mode https://bugs.webkit.org/show_bug.cgi?id=249176 Reviewed by Chris Dumez. Add 'IndexedDB' to the set of Web API's disabled in Lockdown Mode. * Source/WebKit/WebProcess/WebPage/WebPage.cpp: (WebKit::adjustSettingsForLockdownMode): * Tools/TestWebKitAPI/Tests/WebKitCocoa/ProcessSwapOnNavigation.mm: Canonical link: https://commits.webkit.org/257804@main --- Source/WebKit/WebProcess/WebPage/WebPage.cpp | 3 ++- .../TestWebKitAPI/Tests/WebKitCocoa/ProcessSwapOnNavigation.mm | 1 + 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/Source/WebKit/WebProcess/WebPage/WebPage.cpp b/Source/WebKit/WebProcess/WebPage/WebPage.cpp index 3231d04d5dbd..0b92432b676c 100644 --- a/Source/WebKit/WebProcess/WebPage/WebPage.cpp +++ b/Source/WebKit/WebProcess/WebPage/WebPage.cpp @@ -4191,7 +4191,8 @@ static void adjustSettingsForLockdownMode(Settings& settings, const WebPreferenc #endif settings.setFileReaderAPIEnabled(false); settings.setFileSystemAccessEnabled(false); - + settings.setIndexedDBAPIEnabled(false); + settings.setAllowedMediaContainerTypes(store.getStringValueForKey(WebPreferencesKey::mediaContainerTypesAllowedInLockdownModeKey())); settings.setAllowedMediaCodecTypes(store.getStringValueForKey(WebPreferencesKey::mediaCodecTypesAllowedInLockdownModeKey())); settings.setAllowedMediaVideoCodecIDs(store.getStringValueForKey(WebPreferencesKey::mediaVideoCodecIDsAllowedInLockdownModeKey())); diff --git a/Tools/TestWebKitAPI/Tests/WebKitCocoa/ProcessSwapOnNavigation.mm b/Tools/TestWebKitAPI/Tests/WebKitCocoa/ProcessSwapOnNavigation.mm index 7f1e90257a6e..55ae62effaf7 100644 --- a/Tools/TestWebKitAPI/Tests/WebKitCocoa/ProcessSwapOnNavigation.mm +++ b/Tools/TestWebKitAPI/Tests/WebKitCocoa/ProcessSwapOnNavigation.mm @@ -7841,6 +7841,7 @@ static void checkSettingsControlledByLockdownMode(WKWebView *webView, ShouldBeEn EXPECT_EQ(runJSCheck("!!window.FileSystemFileHandle"_s), isShowingInitialEmptyDocument != IsShowingInitialEmptyDocument::Yes && shouldBeEnabled == ShouldBeEnabled::Yes); // File System Access API. EXPECT_EQ(runJSCheck("!!window.RTCPeerConnection"_s), shouldBeEnabled == ShouldBeEnabled::Yes); // WebRTC Peer Connection. EXPECT_EQ(runJSCheck("!!window.RTCRtpScriptTransform"_s), shouldBeEnabled == ShouldBeEnabled::Yes); // WebRTC Script Transform + EXPECT_EQ(runJSCheck("!!window.indexedDB"_s), shouldBeEnabled == ShouldBeEnabled::Yes); // IndexedDB API EXPECT_EQ(runJSCheck("!!navigator.mediaDevices"_s), shouldBeEnabled == ShouldBeEnabled::Yes); // GetUserMedia (Media Capture). EXPECT_EQ(runJSCheck("!!navigator.getUserMedia"_s), false); // Legacy GetUserMedia (currently always disabled). EXPECT_EQ(runJSCheck("!!window.MathMLElement"_s), shouldBeEnabled == ShouldBeEnabled::Yes); // MathML.