WebKit Bugzilla
Attachment 370334 Details for
Bug 198078
: Implement Feature policy self/none/* parsing
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
Patch
bug-198078-20190521124604.patch (text/plain), 30.50 KB, created by
youenn fablet
on 2019-05-21 12:46:04 PDT
(
hide
)
Description:
Patch
Filename:
MIME Type:
Creator:
youenn fablet
Created:
2019-05-21 12:46:04 PDT
Size:
30.50 KB
patch
obsolete
>Subversion Revision: 245568 >diff --git a/Source/WebCore/ChangeLog b/Source/WebCore/ChangeLog >index 48edb2b1c23095081c423b679d51a45fb19f1dc9..0a18d18d15552dad3e33811d553bf9a03f6ad735 100644 >--- a/Source/WebCore/ChangeLog >+++ b/Source/WebCore/ChangeLog >@@ -1,3 +1,33 @@ >+2019-05-21 Youenn Fablet <youenn@apple.com> >+ >+ Implement Feature policy self/none/* parsing >+ https://bugs.webkit.org/show_bug.cgi?id=198078 >+ >+ Reviewed by NOBODY (OOPS!). >+ >+ Start to implement https://w3c.github.io/webappsec-feature-policy/#algo-parse-policy-directive >+ 'src' is not supported yet. >+ Apply the rules to getUserMedia. >+ >+ Test: imported/w3c/web-platform-tests/mediacapture-streams/MediaStream-feature-policy-none.https.html >+ >+ * Modules/mediastream/UserMediaController.cpp: >+ (WebCore::isSecure): >+ (WebCore::isAllowedByFeaturePolicy): >+ (WebCore::isAllowedToUse): >+ * Sources.txt: >+ * WebCore.xcodeproj/project.pbxproj: >+ * html/FeaturePolicy.cpp: Added. >+ (WebCore::isAllowedByFeaturePolicy): >+ (WebCore::processOriginItem): >+ (WebCore::updateList): >+ (WebCore::FeaturePolicy::parse): >+ (WebCore::FeaturePolicy::allows const): >+ * html/FeaturePolicy.h: Added. >+ * html/HTMLIFrameElement.cpp: >+ (WebCore::HTMLIFrameElement::featurePolicy const): >+ * html/HTMLIFrameElement.h: >+ > 2019-05-21 Antti Koivisto <antti@apple.com> > > RTL/overflow scroll tests fail with async overflow enabled >diff --git a/Source/WebKit/ChangeLog b/Source/WebKit/ChangeLog >index f500baa52e7449d61d8abd90f381ea47d1057019..91f863a53aad982f2b82d1d6f4289e4744574491 100644 >--- a/Source/WebKit/ChangeLog >+++ b/Source/WebKit/ChangeLog >@@ -1,3 +1,15 @@ >+2019-05-21 Youenn Fablet <youenn@apple.com> >+ >+ Implement Feature policy self/none/* parsing >+ https://bugs.webkit.org/show_bug.cgi?id=198078 >+ >+ Reviewed by NOBODY (OOPS!). >+ >+ Fix a case where completion handler might not always be called. >+ >+ * WebProcess/MediaStream/UserMediaPermissionRequestManager.cpp: >+ (WebKit::UserMediaPermissionRequestManager::userMediaAccessWasGranted): >+ > 2019-05-21 Antti Koivisto <antti@apple.com> > > RTL/overflow scroll tests fail with async overflow enabled >diff --git a/Source/WebCore/Modules/mediastream/UserMediaController.cpp b/Source/WebCore/Modules/mediastream/UserMediaController.cpp >index 658702a98195e80afc62a30eb52ee5aa36112b02..8d7e63cc606d6da19fbdb12de54fb855fdf62c99 100644 >--- a/Source/WebCore/Modules/mediastream/UserMediaController.cpp >+++ b/Source/WebCore/Modules/mediastream/UserMediaController.cpp >@@ -61,7 +61,7 @@ void provideUserMediaTo(Page* page, UserMediaClient* client) > UserMediaController::provideTo(page, UserMediaController::supplementName(), std::make_unique<UserMediaController>(client)); > } > >-static bool isSecure(DocumentLoader& documentLoader) >+static inline bool isSecure(DocumentLoader& documentLoader) > { > auto& response = documentLoader.response(); > if (SecurityOrigin::isLocalHostOrLoopbackIPAddress(documentLoader.response().url().host())) >@@ -71,6 +71,20 @@ static bool isSecure(DocumentLoader& documentLoader) > && !response.certificateInfo()->containsNonRootSHA1SignedCertificate(); > } > >+static inline bool isAllowedByFeaturePolicy(const FeaturePolicy& featurePolicy, const SecurityOriginData& origin, OptionSet<UserMediaController::CaptureType> types) >+{ >+ if ((types & UserMediaController::CaptureType::Camera) && !featurePolicy.allows(FeaturePolicy::Type::Camera, origin)) >+ return false; >+ >+ if ((types & UserMediaController::CaptureType::Microphone) && !featurePolicy.allows(FeaturePolicy::Type::Microphone, origin)) >+ return false; >+ >+ if ((types & UserMediaController::CaptureType::Display) && !featurePolicy.allows(FeaturePolicy::Type::DisplayCapture, origin)) >+ return false; >+ >+ return true; >+} >+ > static UserMediaController::GetUserMediaAccess isAllowedToUse(Document& document, Document& topDocument, OptionSet<UserMediaController::CaptureType> types) > { > if (&document == &topDocument) >@@ -80,31 +94,13 @@ static UserMediaController::GetUserMediaAccess isAllowedToUse(Document& document > if (!parentDocument) > return UserMediaController::GetUserMediaAccess::BlockedByParent; > >- if (document.securityOrigin().isSameSchemeHostPort(parentDocument->securityOrigin())) >- return UserMediaController::GetUserMediaAccess::CanCall; >- > auto* element = document.ownerElement(); > ASSERT(element); >- if (!element) >+ if (!element || !is<HTMLIFrameElement>(*element)) > return UserMediaController::GetUserMediaAccess::BlockedByParent; > >- if (!is<HTMLIFrameElement>(*element)) >- return UserMediaController::GetUserMediaAccess::BlockedByParent; >- auto& allow = downcast<HTMLIFrameElement>(*element).allow(); >- >- bool allowCameraAccess = false; >- bool allowMicrophoneAccess = false; >- bool allowDisplay = false; >- for (auto allowItem : StringView { allow }.split(';')) { >- auto item = allowItem.stripLeadingAndTrailingMatchedCharacters(isHTMLSpace<UChar>); >- if (!allowCameraAccess && item == "camera") >- allowCameraAccess = true; >- else if (!allowMicrophoneAccess && item == "microphone") >- allowMicrophoneAccess = true; >- else if (!allowDisplay && item == "display") >- allowDisplay = true; >- } >- if ((allowCameraAccess || !(types & UserMediaController::CaptureType::Camera)) && (allowMicrophoneAccess || !(types & UserMediaController::CaptureType::Microphone)) && (allowDisplay || !(types & UserMediaController::CaptureType::Display))) >+ auto& featurePolicy = downcast<HTMLIFrameElement>(*element).featurePolicy(); >+ if (isAllowedByFeaturePolicy(featurePolicy, document.securityOrigin().data(), types)) > return UserMediaController::GetUserMediaAccess::CanCall; > > return UserMediaController::GetUserMediaAccess::BlockedByFeaturePolicy; >diff --git a/Source/WebCore/Sources.txt b/Source/WebCore/Sources.txt >index 3675e004b8673e9d68b1c6bd8d468a0d4d41257e..65a179e645595d7e3ff8a64e07a530dc0115ca05 100644 >--- a/Source/WebCore/Sources.txt >+++ b/Source/WebCore/Sources.txt >@@ -1074,6 +1074,7 @@ html/DateTimeLocalInputType.cpp > html/EmailInputType.cpp > html/FTPDirectoryDocument.cpp > html/FileListCreator.cpp >+html/FeaturePolicy.cpp > html/FileInputType.cpp > html/FormAssociatedElement.cpp > html/FormController.cpp >diff --git a/Source/WebCore/WebCore.xcodeproj/project.pbxproj b/Source/WebCore/WebCore.xcodeproj/project.pbxproj >index f69cff232128cbbe8ea5cc1dee84070cb6f8701e..6f4d746966ae52067b67a3b656f2c2155db8042d 100644 >--- a/Source/WebCore/WebCore.xcodeproj/project.pbxproj >+++ b/Source/WebCore/WebCore.xcodeproj/project.pbxproj >@@ -1104,6 +1104,7 @@ > 419ACF921F97E7DA009F1A83 /* ServiceWorkerFetch.h in Headers */ = {isa = PBXBuildFile; fileRef = 419ACF8E1F97E7D5009F1A83 /* ServiceWorkerFetch.h */; settings = {ATTRIBUTES = (Private, ); }; }; > 419BC2DF1685329900D64D6D /* VisitedLinkState.h in Headers */ = {isa = PBXBuildFile; fileRef = 419BC2DD1685329900D64D6D /* VisitedLinkState.h */; }; > 419BE7591BC7F42B00E1C85B /* WebCoreBuiltinNames.h in Headers */ = {isa = PBXBuildFile; fileRef = 419BE7521BC7F3DB00E1C85B /* WebCoreBuiltinNames.h */; }; >+ 41A0829C22935F3D008426E0 /* FeaturePolicy.h in Headers */ = {isa = PBXBuildFile; fileRef = 41A0829922932EF4008426E0 /* FeaturePolicy.h */; settings = {ATTRIBUTES = (Private, ); }; }; > 41A1B01C1E54239B007F3769 /* JSDOMGuardedObject.h in Headers */ = {isa = PBXBuildFile; fileRef = 41A1B01A1E542396007F3769 /* JSDOMGuardedObject.h */; settings = {ATTRIBUTES = (Private, ); }; }; > 41A3D58F101C152D00316D07 /* DedicatedWorkerThread.h in Headers */ = {isa = PBXBuildFile; fileRef = 41A3D58D101C152D00316D07 /* DedicatedWorkerThread.h */; }; > 41A7D3531F438D16008988DE /* WorkerCacheStorageConnection.h in Headers */ = {isa = PBXBuildFile; fileRef = 41A7D3501F438D10008988DE /* WorkerCacheStorageConnection.h */; }; >@@ -7323,6 +7324,8 @@ > 419FAFAD1ABABCD5005B828B /* ReadableStreamDefaultReader.idl */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = text; path = ReadableStreamDefaultReader.idl; sourceTree = "<group>"; }; > 41A023ED1A39DB7900F722CF /* ReadableStream.idl */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = text; path = ReadableStream.idl; sourceTree = "<group>"; }; > 41A023ED1A39DB7900F722DF /* WritableStream.idl */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = text; path = WritableStream.idl; sourceTree = "<group>"; }; >+ 41A0829922932EF4008426E0 /* FeaturePolicy.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = FeaturePolicy.h; sourceTree = "<group>"; }; >+ 41A0829B22932EF4008426E0 /* FeaturePolicy.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = FeaturePolicy.cpp; sourceTree = "<group>"; }; > 41A1B00D1E52656E007F3769 /* LibWebRTCProvider.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; name = LibWebRTCProvider.cpp; path = libwebrtc/LibWebRTCProvider.cpp; sourceTree = "<group>"; }; > 41A1B01A1E542396007F3769 /* JSDOMGuardedObject.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = JSDOMGuardedObject.h; sourceTree = "<group>"; }; > 41A1B01B1E542396007F3769 /* JSDOMGuardedObject.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = JSDOMGuardedObject.cpp; sourceTree = "<group>"; }; >@@ -21207,6 +21210,8 @@ > 2E37DFD912DBAFB800A6B233 /* DOMURL.idl */, > F55B3D871251F12D003EF269 /* EmailInputType.cpp */, > F55B3D881251F12D003EF269 /* EmailInputType.h */, >+ 41A0829B22932EF4008426E0 /* FeaturePolicy.cpp */, >+ 41A0829922932EF4008426E0 /* FeaturePolicy.h */, > F55B3D891251F12D003EF269 /* FileInputType.cpp */, > F55B3D8A1251F12D003EF269 /* FileInputType.h */, > 835D54C11F4DE53400E60671 /* FileListCreator.cpp */, >@@ -28956,6 +28961,7 @@ > E47E276516036ED200EE2AFB /* ExtensionStyleSheets.h in Headers */, > 5C4304B1191AC908000E2BC0 /* EXTShaderTextureLOD.h in Headers */, > 7728694F14F8882500F484DC /* EXTTextureFilterAnisotropic.h in Headers */, >+ 41A0829C22935F3D008426E0 /* FeaturePolicy.h in Headers */, > A75E8B890E1DE2D6007F2481 /* FEBlend.h in Headers */, > A75E8B8B0E1DE2D6007F2481 /* FEColorMatrix.h in Headers */, > A75E8B8D0E1DE2D6007F2481 /* FEComponentTransfer.h in Headers */, >diff --git a/Source/WebCore/html/FeaturePolicy.cpp b/Source/WebCore/html/FeaturePolicy.cpp >new file mode 100644 >index 0000000000000000000000000000000000000000..5580ea53ddf18615558ed9f705f799c20b674795 >--- /dev/null >+++ b/Source/WebCore/html/FeaturePolicy.cpp >@@ -0,0 +1,140 @@ >+/* >+ * Copyright (C) 2019 Apple Inc. All rights reserved. >+ * >+ * Redistribution and use in source and binary forms, with or without >+ * modification, are permitted provided that the following conditions >+ * are met: >+ * 1. Redistributions of source code must retain the above copyright >+ * notice, this list of conditions and the following disclaimer. >+ * 2. Redistributions in binary form must reproduce the above copyright >+ * notice, this list of conditions and the following disclaimer in the >+ * documentation and/or other materials provided with the distribution. >+ * >+ * THIS SOFTWARE IS PROVIDED BY APPLE INC. ``AS IS'' AND ANY >+ * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE >+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR >+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR >+ * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, >+ * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, >+ * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR >+ * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY >+ * OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT >+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE >+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. >+ */ >+ >+#include "config.h" >+#include "FeaturePolicy.h" >+ >+#include "Document.h" >+ >+namespace WebCore { >+ >+static bool isAllowedByFeaturePolicy(const FeaturePolicy::AllowRule& rule, const SecurityOriginData& origin) >+{ >+ switch (rule.type) { >+ case FeaturePolicy::AllowRule::Type::None: >+ return false; >+ case FeaturePolicy::AllowRule::Type::All: >+ return true; >+ case FeaturePolicy::AllowRule::Type::List: >+ return rule.allowedList.contains(origin); >+ } >+} >+ >+static inline void processOriginItem(Document& document, FeaturePolicy::AllowRule& rule, StringView item) >+{ >+ if (rule.type == FeaturePolicy::AllowRule::Type::None) >+ return; >+ >+ item = item.stripLeadingAndTrailingMatchedCharacters(isHTMLSpace<UChar>); >+ // FIXME: Support 'src'. >+ if (item == "'src'") >+ return; >+ >+ if (item == "*") { >+ rule.type = FeaturePolicy::AllowRule::Type::All; >+ return; >+ } >+ >+ if (item == "'self'") { >+ rule.allowedList.add(document.securityOrigin().data()); >+ return; >+ } >+ if (item == "'none'") { >+ rule.type = FeaturePolicy::AllowRule::Type::None; >+ return; >+ } >+ URL url { { }, item.toString() }; >+ if (url.isValid()) >+ rule.allowedList.add(SecurityOriginData::fromURL(url)); >+} >+ >+static inline void updateList(Document& document, FeaturePolicy::AllowRule& rule, StringView value) >+{ >+ // We keep the empty string value equivalent to '*' for existing websites. >+ if (value.isEmpty()) { >+ rule.type = FeaturePolicy::AllowRule::Type::All; >+ return; >+ } >+ >+ while (!value.isEmpty()) { >+ auto position = value.find(isHTMLSpace<UChar>); >+ if (position == notFound) { >+ processOriginItem(document, rule, value); >+ return; >+ } >+ >+ processOriginItem(document, rule, value.substring(0, position)); >+ value = value.substring(position + 1).stripLeadingAndTrailingMatchedCharacters(isHTMLSpace<UChar>); >+ } >+} >+ >+FeaturePolicy FeaturePolicy::parse(Document& document, StringView allowAttributeValue) >+{ >+ FeaturePolicy policy; >+ bool isCameraInitialized = false; >+ bool isMicrophoneInitialized = false; >+ bool isDisplayCaptureInitialized = false; >+ for (auto allowItem : allowAttributeValue.split(';')) { >+ auto item = allowItem.stripLeadingAndTrailingMatchedCharacters(isHTMLSpace<UChar>); >+ if (item.startsWith("camera")) { >+ isCameraInitialized = true; >+ updateList(document, policy.m_cameraRule, item.substring(7)); >+ continue; >+ } >+ if (item.startsWith("microphone")) { >+ isMicrophoneInitialized = true; >+ updateList(document, policy.m_microphoneRule, item.substring(11)); >+ continue; >+ } >+ if (item.startsWith("display-capture")) { >+ isDisplayCaptureInitialized = true; >+ updateList(document, policy.m_displayCaptureRule, item.substring(16)); >+ continue; >+ } >+ } >+ >+ if (!isCameraInitialized) >+ policy.m_cameraRule.allowedList.add(document.securityOrigin().data()); >+ if (!isMicrophoneInitialized) >+ policy.m_microphoneRule.allowedList.add(document.securityOrigin().data()); >+ if (!isDisplayCaptureInitialized) >+ policy.m_displayCaptureRule.allowedList.add(document.securityOrigin().data()); >+ >+ return policy; >+} >+ >+bool FeaturePolicy::allows(Type type, const SecurityOriginData& origin) const >+{ >+ switch (type) { >+ case Type::Camera: >+ return isAllowedByFeaturePolicy(m_cameraRule, origin); >+ case Type::Microphone: >+ return isAllowedByFeaturePolicy(m_microphoneRule, origin); >+ case Type::DisplayCapture: >+ return isAllowedByFeaturePolicy(m_displayCaptureRule, origin); >+ } >+} >+ >+} >diff --git a/Source/WebCore/html/FeaturePolicy.h b/Source/WebCore/html/FeaturePolicy.h >new file mode 100644 >index 0000000000000000000000000000000000000000..3e91d94b8dea07259531dea814f1970a4e9ae2f5 >--- /dev/null >+++ b/Source/WebCore/html/FeaturePolicy.h >@@ -0,0 +1,55 @@ >+/* >+ * Copyright (C) 2019 Apple Inc. All rights reserved. >+ * >+ * Redistribution and use in source and binary forms, with or without >+ * modification, are permitted provided that the following conditions >+ * are met: >+ * 1. Redistributions of source code must retain the above copyright >+ * notice, this list of conditions and the following disclaimer. >+ * 2. Redistributions in binary form must reproduce the above copyright >+ * notice, this list of conditions and the following disclaimer in the >+ * documentation and/or other materials provided with the distribution. >+ * >+ * THIS SOFTWARE IS PROVIDED BY APPLE INC. ``AS IS'' AND ANY >+ * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE >+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR >+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR >+ * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, >+ * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, >+ * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR >+ * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY >+ * OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT >+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE >+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. >+ */ >+ >+#pragma once >+ >+#include "SecurityOriginData.h" >+#include <wtf/HashSet.h> >+#include <wtf/text/StringHash.h> >+ >+namespace WebCore { >+ >+class Document; >+ >+class FeaturePolicy { >+public: >+ static FeaturePolicy parse(Document&, StringView); >+ >+ enum class Type { Camera, Microphone, DisplayCapture }; >+ bool allows(Type, const SecurityOriginData&) const; >+ >+ struct AllowRule { >+ enum class Type { All, None, List }; >+ Type type { Type::List }; >+ HashSet<SecurityOriginData> allowedList; >+ }; >+ >+private: >+ AllowRule m_cameraRule; >+ AllowRule m_microphoneRule; >+ AllowRule m_displayCaptureRule; >+}; >+ >+} // namespace WebCore >diff --git a/Source/WebCore/html/HTMLIFrameElement.cpp b/Source/WebCore/html/HTMLIFrameElement.cpp >index 1888b7bb71f48a07edd7c8dd1c4b9e6dd3cfb3db..ee3d1dfb07eec7ef16d13404b67fefcc10a783fa 100644 >--- a/Source/WebCore/html/HTMLIFrameElement.cpp >+++ b/Source/WebCore/html/HTMLIFrameElement.cpp >@@ -150,4 +150,11 @@ ReferrerPolicy HTMLIFrameElement::referrerPolicy() const > return ReferrerPolicy::EmptyString; > } > >+const FeaturePolicy& HTMLIFrameElement::featurePolicy() const >+{ >+ if (!m_featurePolicy) >+ m_featurePolicy = FeaturePolicy::parse(document(), m_allow); >+ return *m_featurePolicy; >+} >+ > } >diff --git a/Source/WebCore/html/HTMLIFrameElement.h b/Source/WebCore/html/HTMLIFrameElement.h >index 6536bb070a363968cc1db1a5830887721cd1dd65..77addb27190bfe3b2cd0410bf36a1e41e1fe75b6 100644 >--- a/Source/WebCore/html/HTMLIFrameElement.h >+++ b/Source/WebCore/html/HTMLIFrameElement.h >@@ -23,6 +23,7 @@ > > #pragma once > >+#include "FeaturePolicy.h" > #include "HTMLFrameElementBase.h" > > namespace WebCore { >@@ -44,6 +45,8 @@ public: > String referrerPolicyForBindings() const; > ReferrerPolicy referrerPolicy() const final; > >+ const FeaturePolicy& featurePolicy() const; >+ > private: > HTMLIFrameElement(const QualifiedName&, Document&); > >@@ -60,6 +63,7 @@ private: > > std::unique_ptr<DOMTokenList> m_sandbox; > String m_allow; >+ mutable Optional<FeaturePolicy> m_featurePolicy; > }; > > } // namespace WebCore >diff --git a/Source/WebKit/WebProcess/MediaStream/UserMediaPermissionRequestManager.cpp b/Source/WebKit/WebProcess/MediaStream/UserMediaPermissionRequestManager.cpp >index 67dcb19fc856e931759cc2e120e65bb43edc99ce..8682882a0b58c69b26bf5b261baf4f113d584226 100644 >--- a/Source/WebKit/WebProcess/MediaStream/UserMediaPermissionRequestManager.cpp >+++ b/Source/WebKit/WebProcess/MediaStream/UserMediaPermissionRequestManager.cpp >@@ -140,8 +140,10 @@ void UserMediaPermissionRequestManager::removeMediaRequestFromMaps(UserMediaRequ > void UserMediaPermissionRequestManager::userMediaAccessWasGranted(uint64_t requestID, CaptureDevice&& audioDevice, CaptureDevice&& videoDevice, String&& deviceIdentifierHashSalt, CompletionHandler<void()>&& completionHandler) > { > auto request = m_idToUserMediaRequestMap.take(requestID); >- if (!request) >+ if (!request) { >+ completionHandler(); > return; >+ } > removeMediaRequestFromMaps(*request); > > request->allow(WTFMove(audioDevice), WTFMove(videoDevice), WTFMove(deviceIdentifierHashSalt), WTFMove(completionHandler)); >diff --git a/LayoutTests/imported/w3c/ChangeLog b/LayoutTests/imported/w3c/ChangeLog >index b9152e70ec7431af4639ac248704d180f93bffd1..3d311f68502ea7fcb9071dadb869cea8b74f5f93 100644 >--- a/LayoutTests/imported/w3c/ChangeLog >+++ b/LayoutTests/imported/w3c/ChangeLog >@@ -1,3 +1,13 @@ >+2019-05-21 Youenn Fablet <youenn@apple.com> >+ >+ Implement Feature policy self/none/* parsing >+ https://bugs.webkit.org/show_bug.cgi?id=198078 >+ >+ Reviewed by NOBODY (OOPS!). >+ >+ * web-platform-tests/mediacapture-streams/MediaStream-feature-policy-none.https-expected.txt: Added. >+ * web-platform-tests/mediacapture-streams/MediaStream-feature-policy-none.https.html: Added. >+ > 2019-05-17 Rob Buis <rbuis@igalia.com> > > Implement imagesrcset and imagesizes attributes on link rel=preload >diff --git a/LayoutTests/imported/w3c/web-platform-tests/mediacapture-streams/MediaStream-feature-policy-none.https-expected.txt b/LayoutTests/imported/w3c/web-platform-tests/mediacapture-streams/MediaStream-feature-policy-none.https-expected.txt >new file mode 100644 >index 0000000000000000000000000000000000000000..24c7b72de0f3fd8bc50ab068b27bd2be45e1a8d3 >--- /dev/null >+++ b/LayoutTests/imported/w3c/web-platform-tests/mediacapture-streams/MediaStream-feature-policy-none.https-expected.txt >@@ -0,0 +1,48 @@ >+CONSOLE MESSAGE: line 43: Trying to call getUserMedia from a frame without correct 'allow' attribute. >+CONSOLE MESSAGE: line 49: Trying to call getUserMedia from a frame without correct 'allow' attribute. >+CONSOLE MESSAGE: line 37: Trying to call getUserMedia from a frame without correct 'allow' attribute. >+CONSOLE MESSAGE: line 43: Trying to call getUserMedia from a frame without correct 'allow' attribute. >+CONSOLE MESSAGE: line 49: Trying to call getUserMedia from a frame without correct 'allow' attribute. >+CONSOLE MESSAGE: line 37: Trying to call getUserMedia from a frame without correct 'allow' attribute. >+CONSOLE MESSAGE: line 49: Trying to call getUserMedia from a frame without correct 'allow' attribute. >+CONSOLE MESSAGE: line 37: Trying to call getUserMedia from a frame without correct 'allow' attribute. >+CONSOLE MESSAGE: line 43: Trying to call getUserMedia from a frame without correct 'allow' attribute. >+CONSOLE MESSAGE: line 49: Trying to call getUserMedia from a frame without correct 'allow' attribute. >+CONSOLE MESSAGE: line 37: Trying to call getUserMedia from a frame without correct 'allow' attribute. >+CONSOLE MESSAGE: line 49: Trying to call getUserMedia from a frame without correct 'allow' attribute. >+CONSOLE MESSAGE: line 37: Trying to call getUserMedia from a frame without correct 'allow' attribute. >+CONSOLE MESSAGE: line 49: Trying to call getUserMedia from a frame without correct 'allow' attribute. >+CONSOLE MESSAGE: line 43: Trying to call getUserMedia from a frame without correct 'allow' attribute. >+CONSOLE MESSAGE: line 49: Trying to call getUserMedia from a frame without correct 'allow' attribute. >+CONSOLE MESSAGE: line 37: Trying to call getUserMedia from a frame without correct 'allow' attribute. >+CONSOLE MESSAGE: line 49: Trying to call getUserMedia from a frame without correct 'allow' attribute. >+CONSOLE MESSAGE: line 43: Trying to call getUserMedia from a frame without correct 'allow' attribute. >+CONSOLE MESSAGE: line 49: Trying to call getUserMedia from a frame without correct 'allow' attribute. >+CONSOLE MESSAGE: line 43: Trying to call getUserMedia from a frame without correct 'allow' attribute. >+CONSOLE MESSAGE: line 49: Trying to call getUserMedia from a frame without correct 'allow' attribute. >+CONSOLE MESSAGE: line 43: Trying to call getUserMedia from a frame without correct 'allow' attribute. >+CONSOLE MESSAGE: line 49: Trying to call getUserMedia from a frame without correct 'allow' attribute. >+CONSOLE MESSAGE: line 37: Trying to call getUserMedia from a frame without correct 'allow' attribute. >+CONSOLE MESSAGE: line 49: Trying to call getUserMedia from a frame without correct 'allow' attribute. >+CONSOLE MESSAGE: line 43: Trying to call getUserMedia from a frame without correct 'allow' attribute. >+CONSOLE MESSAGE: line 49: Trying to call getUserMedia from a frame without correct 'allow' attribute. >+ >+PASS "camera 'none'" - same origin iframe >+PASS "camera 'none'" - cross origin iframe >+PASS "microphone 'none'" - same origin iframe >+PASS "microphone 'none';camera 'none'" - same origin iframe >+PASS "camera *;microphone 'none'" - same origin iframe >+PASS "camera *;microphone 'none'" - cross origin iframe >+PASS "camera 'none';microphone *" - same origin iframe >+PASS "microphone *; microphone 'none'" - same origin iframe >+PASS "microphone *; microphone ' none'" - same origin iframe >+PASS "microphone *; microphone none" - same origin iframe >+PASS "microphone *; camera 'self'" - same origin iframe >+PASS "microphone *; camera 'self'" - cross origin iframe >+PASS "microphone *; camera http:/example.org self" - same origin iframe >+PASS "microphone *; camera http:/example.org 'self'" - same origin iframe >+PASS "microphone *; camera http:/example.org 'self'" - cross origin iframe >+PASS "microphone https://127.0.0.1:9443" - same origin iframe >+PASS "microphone https://127.0.0.1:9443" - cross origin iframe >+PASS "microphone 'self' https://127.0.0.1:9443" - same origin iframe >+ >diff --git a/LayoutTests/imported/w3c/web-platform-tests/mediacapture-streams/MediaStream-feature-policy-none.https.html b/LayoutTests/imported/w3c/web-platform-tests/mediacapture-streams/MediaStream-feature-policy-none.https.html >new file mode 100644 >index 0000000000000000000000000000000000000000..4fc3a15b62fbb276e5efa12774eca20f8b6e3568 >--- /dev/null >+++ b/LayoutTests/imported/w3c/web-platform-tests/mediacapture-streams/MediaStream-feature-policy-none.https.html >@@ -0,0 +1,96 @@ >+<!DOCTYPE html> >+<body> >+ <script src=/resources/testharness.js></script> >+ <script src=/resources/testharnessreport.js></script> >+ <script src=/common/get-host-info.sub.js></script> >+ <script> >+function withIFrame(url, allow) { >+ return new Promise(resolve => { >+ let frame = document.createElement('iframe'); >+ frame.src = url; >+ frame.allow = allow; >+ frame.onload = () => { resolve(frame); }; >+ document.body.appendChild(frame); >+ }); >+} >+ >+var crossDomain = get_host_info().HTTPS_REMOTE_ORIGIN; >+function runTestInIFrame(allow, crossOrigin) >+{ >+ return new Promise(async resolve => { >+ window.addEventListener('message', function handler(event) { >+ resolve(event.data); >+ window.removeEventListener('message', handler); >+ iframe.remove(); >+ }); >+ let url = location.pathname + "#test"; >+ if (crossOrigin) >+ url = crossDomain + url; >+ const iframe = await withIFrame(url, allow); >+ }); >+} >+ >+async function doTest() >+{ >+ let results = { }; >+ try { >+ await navigator.mediaDevices.getUserMedia({audio : true}); >+ results.audio = true; >+ } catch (e) { >+ results.audio = false; >+ } >+ try { >+ await navigator.mediaDevices.getUserMedia({video : true}); >+ results.video = true; >+ } catch (e) { >+ results.video = false; >+ } >+ try { >+ await navigator.mediaDevices.getUserMedia({audio : true, video : true}); >+ results.audioVideo = true; >+ } catch (e) { >+ results.audioVideo = false; >+ } >+ return results; >+} >+ >+if (location.hash == "#test") { >+ doTest().then(data => { >+ parent.postMessage(data, '*'); >+ }, error => { >+ parent.postMessage('error', '*'); >+ }); >+} else { >+ var gum_tests = [ >+ { allow: "camera 'none'", results: { audio: true, video: false, audioVideo: false } }, >+ { allow: "camera 'none'", results: { audio: false, video: false, audioVideo: false }, crossOrigin: true }, >+ { allow: "microphone 'none'", results: { audio: false, video: true, audioVideo: false } }, >+ { allow: "microphone 'none';camera 'none'", results: { audio: false, video: false, audioVideo: false } }, >+ { allow: "camera *;microphone 'none'", results: { audio: false, video: true, audioVideo: false } }, >+ { allow: "camera *;microphone 'none'", results: { audio: false, video: true, audioVideo: false }, crossOrigin: true }, >+ { allow: "camera 'none';microphone *", results: { audio: true, video: false, audioVideo: false } }, >+ { allow: "microphone *; microphone 'none'", results: { audio: false, video: true, audioVideo: false } }, >+ { allow: "microphone *; microphone ' none'", results: { audio: true, video: true, audioVideo: true } }, >+ { allow: "microphone *; microphone none", results: { audio: true, video: true, audioVideo: true } }, >+ { allow: "microphone *; camera 'self'", results: { audio: true, video: true, audioVideo: true } }, >+ { allow: "microphone *; camera 'self'", results: { audio: true, video: false, audioVideo: false }, crossOrigin: true }, >+ { allow: "microphone *; camera http:/example.org self", results: { audio: true, video: false, audioVideo: false } }, >+ { allow: "microphone *; camera http:/example.org 'self'", results: { audio: true, video: true, audioVideo: true } }, >+ { allow: "microphone *; camera http:/example.org 'self'", results: { audio: true, video: false, audioVideo: false }, crossOrigin: true }, >+ { allow: "microphone " + crossDomain, results: { audio: false, video: true, audioVideo: false } }, >+ { allow: "microphone " + crossDomain, results: { audio: true, video: false, audioVideo: false }, crossOrigin: true }, >+ { allow: "microphone 'self' " + crossDomain, results: { audio: true, video: true, audioVideo: true } }, >+ ]; >+ >+ for (let gum_test of gum_tests) { >+ promise_test(async (test) => { >+ const results = await runTestInIFrame(gum_test.allow, gum_test.crossOrigin); >+ assert_equals(results.audio, gum_test.results.audio, "audio"); >+ assert_equals(results.video, gum_test.results.video, "video"); >+ assert_equals(results.audioVideo, gum_test.results.audioVideo, "audioVideo"); >+ }, "\"" + gum_test.allow + "\" - " + (gum_test.crossOrigin ? "cross origin iframe" : "same origin iframe")); >+ } >+} >+ </script> >+</body> >+
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=370334">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Flags:
ews-watchlist
:
commit-queue-
Actions:
View
|
Formatted Diff
|
Diff
Attachments on
bug 198078
:
370334
|
370341
|
370342
|
370348
|
370363
|
370399
|
370412