Bug 245538

Summary: Provide a mechanism for NSAttributedString to extend file access to WebContent process
Product: WebKit Reporter: Brent Fulgham <bfulgham>
Component: WebKit APIAssignee: Brent Fulgham <bfulgham>
Status: RESOLVED FIXED    
Severity: Normal CC: ryanhaddad, webkit-bug-importer
Priority: P2 Keywords: InRadar
Version: WebKit Nightly Build   
Hardware: Unspecified   
OS: Unspecified   

Description Brent Fulgham 2022-09-22 14:00:29 PDT 
NSAttributedString in recent Cocoa OS releases makes use of the modern WebKit architecture, and renders HTML content in a separate WebContent process from the main application. This security improvement has created problems when an author attempts to create an NSAttributedString from an HTML String that includes references to files in an application's bundle.

We need a way for WebKit's NSAttributedString extensions to pass file permission to the WebContent process, otherwise the strings cannot be properly rendered.
Comment 1 Brent Fulgham 2022-09-22 14:01:12 PDT 
<rdar://98333507>
Comment 2 Brent Fulgham 2022-09-22 14:12:32 PDT 
Pull request: https://github.com/Webkit/WebKit/pull/4608
Comment 3 Brent Fulgham 2022-09-27 12:49:06 PDT 
Pull request: https://github.com/WebKit/WebKit/pull/4608
Comment 4 EWS 2022-09-28 14:29:43 PDT 
Committed 254968@main (3c74d31715ca): <https://commits.webkit.org/254968@main>

Reviewed commits have been landed. Closing PR #4608 and removing active labels.
Comment 5 Ryan Haddad 2022-09-28 22:28:46 PDT 
Two of the API tests added with this change are consistently crashing on Big Sur bots

TestWebKitAPI.WebKit.NSAttributedStringWithReadOnlyPaths
TestWebKitAPI.WebKit.NSAttributedStringWithAndWithoutReadOnlyPaths

https://results.webkit.org/?suite=api-tests&suite=api-tests&test=TestWebKitAPI.WebKit.NSAttributedStringWithAndWithoutReadOnlyPaths&test=TestWebKitAPI.WebKit.NSAttributedStringWithReadOnlyPaths

Thread 0 Crashed:: Dispatch queue: com.apple.main-thread
0   TestWebKitAPI                 	0x000000010a521fb3 crash + 1 (CheckedArithmetic.h:109) [inlined]
1   TestWebKitAPI                 	0x000000010a521fb3 overflowed + 1 (CheckedArithmetic.h:102) [inlined]
2   TestWebKitAPI                 	0x000000010a521fb3 at + 1 (Vector.h:763) [inlined]
3   TestWebKitAPI                 	0x000000010a521fb3 operator[] + 1 (Vector.h:773) [inlined]
4   TestWebKitAPI                 	0x000000010a521fb3 invocation function for block in WebKit_NSAttributedStringWithReadOnlyPaths_Test::TestBody() + 2564 (AdditionalReadAccessAllowedURLs.mm:152)
5   com.apple.WebKit              	0x000000010f5be38c __90+[NSAttributedString(WKPrivate) _loadFromHTMLWithOptions:contentLoader:completionHandler:]_block_invoke.271 + 377 (NSAttributedString.mm:366)
6   com.apple.WebKit              	0x000000010f5be584 __90+[NSAttributedString(WKPrivate) _loadFromHTMLWithOptions:contentLoader:completionHandler:]_block_invoke.280 + 40 (NSAttributedString.mm:370)
7   com.apple.WebKit              	0x000000010f67fed6 operator() + 11 (BlockPtr.h:193) [inlined]
8   com.apple.WebKit              	0x000000010f67fed6 operator()<const WebCore::AttributedString> + 65 (WKWebView.mm:3177) [inlined]
9   com.apple.WebKit              	0x000000010f67fed6 WTF::Detail::CallableWrapper<-[WKWebView(WKPrivate) _getContentsAsAttributedStringWithCompletionHandler:]::$_44, void, WebCore::AttributedString const&>::call(WebCore::AttributedString const&) + 82 (Function.h:53)
10  com.apple.WebKit              	0x000000010f914cdd operator() + 9 (Function.h:82) [inlined]
11  com.apple.WebKit              	0x000000010f914cdd operator() + 23 (CompletionHandler.h:72) [inlined]
12  com.apple.WebKit              	0x000000010f914cdd WTF::Detail::CallableWrapper<WTF::CompletionHandler<void (WebCore::AttributedString const&)>, void, WebCore::AttributedString&&>::call(WebCore::AttributedString&&) + 27 (Function.h:53)
13  com.apple.WebKit              	0x000000010fbe89a0 operator() + 9 (Function.h:82) [inlined]
14  com.apple.WebKit              	0x000000010fbe89a0 operator() + 19 (CompletionHandler.h:72) [inlined]
15  com.apple.WebKit              	0x000000010fbe89a0 Messages::WebPage::GetContentsAsAttributedString::cancelReply(WTF::CompletionHandler<void (WebCore::AttributedString&&)>&&) + 38 (WebPageMessageReceiver.cpp:1078)
16  com.apple.WebKit              	0x000000010fbe8831 Messages::WebPage::GetContentsAsAttributedString::callReply(IPC::Decoder&, WTF::CompletionHandler<void (WebCore::AttributedString&&)>&&) + 91 (WebPageMessageReceiver.cpp:1070)
17  com.apple.WebKit              	0x000000010f914c07 operator() + 68 (MessageSender.h:100) [inlined]
18  com.apple.WebKit              	0x000000010f914c07 WTF::Detail::CallableWrapper<unsigned long long IPC::MessageSender::sendWithAsyncReply<Messages::WebPage::GetContentsAsAttributedString, WTF::CompletionHandler<void (WebCore::AttributedString const&)> >(Messages::WebPage::GetContentsAsAttributedString&&, WTF::CompletionHandler<void (WebCore::AttributedString const&)>&&, unsigned long long, WTF::OptionSet<IPC::SendOption>)::'lambda'(IPC::Decoder*), void, IPC::Decoder*>::call(IPC::Decoder*) + 81 (Function.h:53)
19  com.apple.WebKit              	0x000000010f854eb5 operator() + 9 (Function.h:82) [inlined]
20  com.apple.WebKit              	0x000000010f854eb5 operator() + 23 (CompletionHandler.h:72) [inlined]
21  com.apple.WebKit              	0x000000010f854eb5 operator() + 23 (AuxiliaryProcessProxy.cpp:219) [inlined]
22  com.apple.WebKit              	0x000000010f854eb5 WTF::Detail::CallableWrapper<WebKit::AuxiliaryProcessProxy::sendMessage(WTF::UniqueRef<IPC::Encoder>&&, WTF::OptionSet<IPC::SendOption>, std::__1::optional<std::__1::pair<WTF::CompletionHandler<void (IPC::Decoder*)>, unsigned long long> >&&, WebKit::AuxiliaryProcessProxy::ShouldStartProcessThrottlerActivity)::$_1, void, IPC::Decoder*>::call(IPC::Decoder*) + 27 (Function.h:53)