-
Notifications
You must be signed in to change notification settings - Fork 6.6k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
This reverts commit 0660111. Reason for revert: https://ci.chromium.org/p/chrome/builders/ci/device-builder/148009 Original change's description: > Remove __gCrWeb.windowId > > __gCrWeb.windowId was used to ensure that JavaScript was executed on > the intended webpage. This is important because some scripts may deal > with user information. Such information is now all passed through > APIs using WebKit's FrameInfo instance which also has the same > guarantee because FrameInfo instances are tied to a particular > navigation. > > Fixed: 905939 > > Change-Id: I19a2e0a7a7ef0f737af99962ec41294c5cbbbd04 > Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4189036 > Reviewed-by: Ali Juma <ajuma@chromium.org> > Reviewed-by: Sergio Collazos <sczs@chromium.org> > Commit-Queue: Mike Dougherty <michaeldo@chromium.org> > Cr-Commit-Position: refs/heads/main@{#1096265} Change-Id: I474a5740180741ad9562085b5ab299f70a4cb95e No-Presubmit: true No-Tree-Checks: true No-Try: true Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4188583 Reviewed-by: Justin Cohen <justincohen@chromium.org> Reviewed-by: Sergio Collazos <sczs@chromium.org> Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Commit-Queue: Sergio Collazos <sczs@chromium.org> Auto-Submit: Ginny Huang <ginnyhuang@chromium.org> Cr-Commit-Position: refs/heads/main@{#1096288}
- Loading branch information
Ginny Huang
authored and
Chromium LUCI CQ
committed
Jan 24, 2023
1 parent
341fedf
commit f860c14
Showing
24 changed files
with
466 additions
and
48 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,29 @@ | ||
// Copyright 2014 The Chromium Authors | ||
// Use of this source code is governed by a BSD-style license that can be | ||
// found in the LICENSE file. | ||
|
||
#ifndef IOS_WEB_JS_MESSAGING_CRW_JS_WINDOW_ID_MANAGER_H_ | ||
#define IOS_WEB_JS_MESSAGING_CRW_JS_WINDOW_ID_MANAGER_H_ | ||
|
||
#import <Foundation/Foundation.h> | ||
#import <WebKit/WebKit.h> | ||
|
||
// Injects the JavaScript file window_id.js which sets __gCrWeb.windowId and | ||
// manages the windowId for Page->Native->Page messages. | ||
@interface CRWJSWindowIDManager : NSObject | ||
|
||
// A unique window ID is assigned when the script is injected. Can not be null. | ||
@property(nonatomic, copy, readonly) NSString* windowID; | ||
|
||
- (instancetype)init NS_UNAVAILABLE; | ||
|
||
// Initializes CRWJSWindowIDManager. `webView` will be used for script | ||
// evaluation to inject window ID and can not be null. | ||
- (instancetype)initWithWebView:(WKWebView*)webView NS_DESIGNATED_INITIALIZER; | ||
|
||
// Injects windowId to a web page. | ||
- (void)inject; | ||
|
||
@end | ||
|
||
#endif // IOS_WEB_JS_MESSAGING_CRW_JS_WINDOW_ID_MANAGER_H_ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,125 @@ | ||
// Copyright 2014 The Chromium Authors | ||
// Use of this source code is governed by a BSD-style license that can be | ||
// found in the LICENSE file. | ||
|
||
#import "ios/web/js_messaging/crw_js_window_id_manager.h" | ||
|
||
#import <ostream> | ||
|
||
#import "base/dcheck_is_on.h" | ||
#import "base/logging.h" | ||
#import "base/metrics/histogram_macros.h" | ||
#import "base/notreached.h" | ||
#import "base/strings/string_number_conversions.h" | ||
#import "base/strings/sys_string_conversions.h" | ||
#import "base/time/time.h" | ||
#import "crypto/random.h" | ||
#import "ios/web/js_messaging/page_script_util.h" | ||
|
||
#if !defined(__has_feature) || !__has_feature(objc_arc) | ||
#error "This file requires ARC support." | ||
#endif | ||
|
||
namespace { | ||
// Number of random bytes in unique key for window ID. The length of the | ||
// window ID will be twice this number, as it is hexadecimal encoded. | ||
const size_t kUniqueKeyLength = 16; | ||
|
||
#if DCHECK_IS_ON() | ||
// The time in seconds which is determined to be a long wait for the injection | ||
// of the window ID. The wait time will be logged if the time exceeds this | ||
// value. | ||
const double kSignificantInjectionTime = 0.1; | ||
#endif | ||
|
||
} // namespace | ||
|
||
@interface CRWJSWindowIDManager () { | ||
// Web view used for script evaluation to inject window ID. | ||
WKWebView* _webView; | ||
// Backs up property with the same name. | ||
NSString* _windowID; | ||
} | ||
|
||
// Returns a string of randomized ASCII characters. | ||
+ (NSString*)newUniqueKey; | ||
|
||
@end | ||
|
||
@implementation CRWJSWindowIDManager | ||
|
||
- (NSString*)windowID { | ||
return _windowID; | ||
} | ||
|
||
- (instancetype)initWithWebView:(WKWebView*)webView { | ||
if ((self = [super init])) { | ||
_webView = webView; | ||
_windowID = [[self class] newUniqueKey]; | ||
} | ||
return self; | ||
} | ||
|
||
- (void)inject { | ||
[self injectWithStartTime:base::TimeTicks::Now()]; | ||
} | ||
|
||
- (void)injectWithStartTime:(base::TimeTicks)startTime { | ||
_windowID = [[self class] newUniqueKey]; | ||
NSString* script = [web::GetPageScript(@"window_id") | ||
stringByReplacingOccurrencesOfString:@"$(WINDOW_ID)" | ||
withString:_windowID]; | ||
// WKUserScript for message API may not be injected yet. Make windowID script | ||
// return boolean indicating whether the injection was successful. | ||
NSString* scriptWithResult = [NSString | ||
stringWithFormat:@"if (!window.__gCrWeb || !window.__gCrWeb.message) " | ||
@"{false; } else { %@; true; }", | ||
script]; | ||
|
||
__weak CRWJSWindowIDManager* weakSelf = self; | ||
[_webView evaluateJavaScript:scriptWithResult | ||
completionHandler:^(id result, NSError* error) { | ||
CRWJSWindowIDManager* strongSelf = weakSelf; | ||
if (!strongSelf) | ||
return; | ||
if (error) { | ||
return; | ||
} | ||
|
||
// If `result` is an incorrect type, do not check its value. | ||
// Also do not attempt to re-inject scripts as it may lead to | ||
// endless recursion attempting to inject the scripts correctly. | ||
if (result && CFBooleanGetTypeID() != | ||
CFGetTypeID((__bridge CFTypeRef)result)) { | ||
NOTREACHED(); | ||
return; | ||
} | ||
|
||
if (![result boolValue]) { | ||
// WKUserScript has not been injected yet. Retry window id | ||
// injection, because it is critical for the system to | ||
// function. | ||
[strongSelf injectWithStartTime:startTime]; | ||
} else { | ||
base::TimeDelta elapsed = base::TimeTicks::Now() - startTime; | ||
#if DCHECK_IS_ON() | ||
DLOG_IF(WARNING, | ||
elapsed.InSecondsF() > kSignificantInjectionTime) | ||
<< "Elapsed time for windowID injection: " << elapsed; | ||
#endif | ||
UMA_HISTOGRAM_TIMES("IOS.WindowIDInjection.ElapsedTime", | ||
elapsed); | ||
} | ||
}]; | ||
} | ||
|
||
#pragma mark - Private | ||
|
||
+ (NSString*)newUniqueKey { | ||
char randomBytes[kUniqueKeyLength]; | ||
crypto::RandBytes(randomBytes, kUniqueKeyLength); | ||
std::string result = base::HexEncode(randomBytes, kUniqueKeyLength); | ||
return base::SysUTF8ToNSString(result); | ||
} | ||
|
||
@end |
Oops, something went wrong.