Join GitHub today
GitHub is home to over 50 million developers working together to host and review code, manage projects, and build software together.
Sign upImplement Subresource Integrity #14865
Conversation
|
r? @jdm |
|
@bors-servo: try |
Implement Subresource Integrity Implemented response validation part of https://w3c.github.io/webappsec-subresource-integrity/. Implemented step eighteen of the main fetch. If a request has integrity metadata, then following steps are performed 1) Wait for response body 2) If the response does not have a termination reason and response does not match request’s integrity metadata, set response and internalResponse to a network error. Dependency updated: html5ever-atoms from 0.1.2 to 0.1.3. This will not completely fix #14523, It will implement changes related to response validation. Request validation algorithm implementation needs CSP. I did not update any WPT-Test. In my local system, I found some assertion issue dependent on the order of execution of test-case. It would be helpful if someone could do "try" build on these changes to get wpt results. r? @jdm <!-- Please describe your changes on the following line: --> --- <!-- Thank you for contributing to Servo! Please replace each `[ ]` by `[X]` when the step is complete, and replace `__` with appropriate data: --> - [X] `./mach build -d` does not report any errors - [X] `./mach test-tidy` does not report any errors <!-- Either: --> - [X] There are tests for these changes <!-- Pull requests that do not address these steps are welcome, but they will require additional verification as part of the review process. --> <!-- Reviewable:start --> --- This change is [<img src="https://reviewable.io/review_button.svg" height="34" align="absmiddle" alt="Reviewable"/>](https://reviewable.io/reviews/servo/servo/14865) <!-- Reviewable:end -->
|
|
|
|
Let me know if you want me to start reviewing the changes or whether I should wait until you look into the test failure. |
|
Thanks Josh, I will work on these test cases today. Will notify you once these gets fixed. |
|
None of the test case failures seem to be related to changes.
@jdm If my above analysis is correct, can you please review the changes. |
|
Rather than modifying the test file, we should be modifying |
|
Can you explain point 1 in more detail? Why does the order make a difference in the test result? |
|
@jdm I am not sure if point 1 is a bug. Our assertion is to validate that div style background color is not yellow. Moment first success test case executes stylesheet gets loaded and subsequent all assertion fail though we don't load stylesheet again. I will update |
|
I know what the problem is - the test relies on removing the stylesheet from any previous test before starting the new test. However, Servo doesn't support removing stylesheets from the document yet (see #976). |
|
So I will modify |
|
Yes please! |
|
@jdm I have done the changes |
|
This is really great work! I have a number of small changes, but in general I like the way the code is organized and found the changes easy to read. |
| @@ -1,7 +1,6 @@ | |||
| /* This Source Code Form is subject to the terms of the Mozilla Public | |||
| * License, v. 2.0. If a copy of the MPL was not distributed with this | |||
| * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ | |||
|
|
|||
This comment has been minimized.
This comment has been minimized.
| let ref integrity_metadata = *request.integrity_metadata.borrow(); | ||
| if response.termination_reason.is_none() && !is_response_integrity_valid(integrity_metadata, &response) { | ||
| let mut response = Response::network_error( | ||
| NetworkError::Internal("Sub-resource integrity validation failed".into())); |
This comment has been minimized.
This comment has been minimized.
| let mut response = Response::network_error( | ||
| NetworkError::Internal("Sub-resource integrity validation failed".into())); | ||
| response.internal_response = Some(Box::new( | ||
| Response::network_error(response.get_network_error().unwrap().clone()))); |
This comment has been minimized.
This comment has been minimized.
jdm
Jan 6, 2017
Member
I don't believe we need to duplicate the error for the internal value here. It should be enough just to have a default network error response.
| Response::network_error(response.get_network_error().unwrap().clone()))); | ||
| response | ||
| } else { | ||
| response |
This comment has been minimized.
This comment has been minimized.
| let mut result = vec![]; | ||
|
|
||
| // Step 3 | ||
| let tokens: Vec<&str> = integrity_metadata.split(" ").collect(); |
This comment has been minimized.
This comment has been minimized.
jdm
Jan 6, 2017
Member
This doesn't quite match the spec's steps for splitting on spaces - we need to skip characters at the start and repeated characters in between tokens, and the space characters include other whitespace. I recommend using split_html_space_chars instead.
Also, we don't need to call collect here; we can iterate over the result of splitting instead.
| } | ||
|
|
||
| /// https://w3c.github.io/webappsec-subresource-integrity/#getprioritizedhashfunction | ||
| pub fn get_prioritized_hash_function(hash_func_left: &str, hash_func_right: &str) -> String { |
This comment has been minimized.
This comment has been minimized.
jdm
Jan 6, 2017
Member
Let's return Option<&str> here instead, which will avoid the magic empty string behaviour.
| let mut result: Vec<SriEntry> = vec![integrity_metadata_list[0].clone()]; | ||
| let mut current_algorithm = result[0].alg.clone(); | ||
|
|
||
| for i in 1..integrity_metadata_list.len() { |
This comment has been minimized.
This comment has been minimized.
| let intgerity_metadata = integrity_metadata_list[i].clone(); | ||
|
|
||
| let prioritized_hash = get_prioritized_hash_function(&intgerity_metadata.alg, | ||
| &*current_algorithm); |
This comment has been minimized.
This comment has been minimized.
| let response_digest = hash(message_digest, vec); | ||
| response_digest.to_base64(STANDARD) | ||
| } else { | ||
| "".to_owned() |
This comment has been minimized.
This comment has been minimized.
jdm
Jan 6, 2017
Member
We should probably make this unreachable!("Tried to calculate digest of incomplete response body") instead.
| let parsed_metadata_list: Vec<SriEntry> = parsed_metadata(integrity_metadata); | ||
|
|
||
| // Step 2 & 4 | ||
| if parsed_metadata_list.len() == 0 { |
This comment has been minimized.
This comment has been minimized.
|
I had missed updating expectation of two test case :(. I have corrected this. |
|
You will also need to adjust the expectations for /html/dom/interfaces.html, /html/dom/reflection-misc.html, and /html/dom/reflection-metadata.html. I recommend running |
|
|
Implemented response validation part of https://w3c.github.io/webappsec-subresource-integrity/. Implemented step eighteen of the main fetch. If a request has integrity metadata, then following steps are performed *Wait for response body *If the response does not have a termination reason and response does not match request’s integrity metadata, set response to a network error.# Please enter the commit message for your changes. Lines starting
|
@jdm Thanks, I have fixed expectations and merge conflicts |
|
@bors-servo: r+ |
|
|
Implement Subresource Integrity Implemented response validation part of https://w3c.github.io/webappsec-subresource-integrity/. Implemented step eighteen of the main fetch. If a request has integrity metadata, then following steps are performed 1) Wait for response body 2) If the response does not have a termination reason and response does not match request’s integrity metadata, set response and internalResponse to a network error. Dependency updated: html5ever-atoms from 0.1.2 to 0.1.3. This will not completely fix #14523, It will implement changes related to response validation. Request validation algorithm implementation needs CSP. I did not update any WPT-Test. In my local system, I found some assertion issue dependent on the order of execution of test-case. It would be helpful if someone could do "try" build on these changes to get wpt results. r? @jdm <!-- Please describe your changes on the following line: --> --- <!-- Thank you for contributing to Servo! Please replace each `[ ]` by `[X]` when the step is complete, and replace `__` with appropriate data: --> - [X] `./mach build -d` does not report any errors - [X] `./mach test-tidy` does not report any errors <!-- Either: --> - [X] There are tests for these changes <!-- Pull requests that do not address these steps are welcome, but they will require additional verification as part of the review process. --> <!-- Reviewable:start --> --- This change is [<img src="https://reviewable.io/review_button.svg" height="34" align="absmiddle" alt="Reviewable"/>](https://reviewable.io/reviews/servo/servo/14865) <!-- Reviewable:end -->
|
|
|
Infra issue? |
|
@bors-servo retry |
|
|
|
|
nmvk commentedJan 5, 2017
•
edited
Implemented response validation part of https://w3c.github.io/webappsec-subresource-integrity/.
Implemented step eighteen of the main fetch. If a request has integrity metadata, then following steps are performed
Dependency updated: html5ever-atoms from 0.1.2 to 0.1.3. This will not completely fix #14523, It will implement changes related to response validation. Request validation algorithm implementation needs CSP.
I did not update any WPT-Test. In my local system, I found some assertion issue dependent on the order of execution of test-case. It would be helpful if someone could do "try" build on these changes to get wpt results.
r? @jdm
./mach build -ddoes not report any errors./mach test-tidydoes not report any errorsThis change is