NSAttributedString in recent Cocoa OS releases makes use of the modern WebKit architecture, and renders HTML content in a separate WebContent process from the main application. This security improvement has created problems when an author attempts to create an NSAttributedString from an HTML String that includes references to files in an application's bundle. We need a way for WebKit's NSAttributedString extensions to pass file permission to the WebContent process, otherwise the strings cannot be properly rendered.
<rdar://98333507>
Pull request: https://github.com/Webkit/WebKit/pull/4608
Pull request: https://github.com/WebKit/WebKit/pull/4608
Committed 254968@main (3c74d31715ca): <https://commits.webkit.org/254968@main> Reviewed commits have been landed. Closing PR #4608 and removing active labels.
Two of the API tests added with this change are consistently crashing on Big Sur bots TestWebKitAPI.WebKit.NSAttributedStringWithReadOnlyPaths TestWebKitAPI.WebKit.NSAttributedStringWithAndWithoutReadOnlyPaths https://results.webkit.org/?suite=api-tests&suite=api-tests&test=TestWebKitAPI.WebKit.NSAttributedStringWithAndWithoutReadOnlyPaths&test=TestWebKitAPI.WebKit.NSAttributedStringWithReadOnlyPaths Thread 0 Crashed:: Dispatch queue: com.apple.main-thread 0 TestWebKitAPI 0x000000010a521fb3 crash + 1 (CheckedArithmetic.h:109) [inlined] 1 TestWebKitAPI 0x000000010a521fb3 overflowed + 1 (CheckedArithmetic.h:102) [inlined] 2 TestWebKitAPI 0x000000010a521fb3 at + 1 (Vector.h:763) [inlined] 3 TestWebKitAPI 0x000000010a521fb3 operator[] + 1 (Vector.h:773) [inlined] 4 TestWebKitAPI 0x000000010a521fb3 invocation function for block in WebKit_NSAttributedStringWithReadOnlyPaths_Test::TestBody() + 2564 (AdditionalReadAccessAllowedURLs.mm:152) 5 com.apple.WebKit 0x000000010f5be38c __90+[NSAttributedString(WKPrivate) _loadFromHTMLWithOptions:contentLoader:completionHandler:]_block_invoke.271 + 377 (NSAttributedString.mm:366) 6 com.apple.WebKit 0x000000010f5be584 __90+[NSAttributedString(WKPrivate) _loadFromHTMLWithOptions:contentLoader:completionHandler:]_block_invoke.280 + 40 (NSAttributedString.mm:370) 7 com.apple.WebKit 0x000000010f67fed6 operator() + 11 (BlockPtr.h:193) [inlined] 8 com.apple.WebKit 0x000000010f67fed6 operator()<const WebCore::AttributedString> + 65 (WKWebView.mm:3177) [inlined] 9 com.apple.WebKit 0x000000010f67fed6 WTF::Detail::CallableWrapper<-[WKWebView(WKPrivate) _getContentsAsAttributedStringWithCompletionHandler:]::$_44, void, WebCore::AttributedString const&>::call(WebCore::AttributedString const&) + 82 (Function.h:53) 10 com.apple.WebKit 0x000000010f914cdd operator() + 9 (Function.h:82) [inlined] 11 com.apple.WebKit 0x000000010f914cdd operator() + 23 (CompletionHandler.h:72) [inlined] 12 com.apple.WebKit 0x000000010f914cdd WTF::Detail::CallableWrapper<WTF::CompletionHandler<void (WebCore::AttributedString const&)>, void, WebCore::AttributedString&&>::call(WebCore::AttributedString&&) + 27 (Function.h:53) 13 com.apple.WebKit 0x000000010fbe89a0 operator() + 9 (Function.h:82) [inlined] 14 com.apple.WebKit 0x000000010fbe89a0 operator() + 19 (CompletionHandler.h:72) [inlined] 15 com.apple.WebKit 0x000000010fbe89a0 Messages::WebPage::GetContentsAsAttributedString::cancelReply(WTF::CompletionHandler<void (WebCore::AttributedString&&)>&&) + 38 (WebPageMessageReceiver.cpp:1078) 16 com.apple.WebKit 0x000000010fbe8831 Messages::WebPage::GetContentsAsAttributedString::callReply(IPC::Decoder&, WTF::CompletionHandler<void (WebCore::AttributedString&&)>&&) + 91 (WebPageMessageReceiver.cpp:1070) 17 com.apple.WebKit 0x000000010f914c07 operator() + 68 (MessageSender.h:100) [inlined] 18 com.apple.WebKit 0x000000010f914c07 WTF::Detail::CallableWrapper<unsigned long long IPC::MessageSender::sendWithAsyncReply<Messages::WebPage::GetContentsAsAttributedString, WTF::CompletionHandler<void (WebCore::AttributedString const&)> >(Messages::WebPage::GetContentsAsAttributedString&&, WTF::CompletionHandler<void (WebCore::AttributedString const&)>&&, unsigned long long, WTF::OptionSet<IPC::SendOption>)::'lambda'(IPC::Decoder*), void, IPC::Decoder*>::call(IPC::Decoder*) + 81 (Function.h:53) 19 com.apple.WebKit 0x000000010f854eb5 operator() + 9 (Function.h:82) [inlined] 20 com.apple.WebKit 0x000000010f854eb5 operator() + 23 (CompletionHandler.h:72) [inlined] 21 com.apple.WebKit 0x000000010f854eb5 operator() + 23 (AuxiliaryProcessProxy.cpp:219) [inlined] 22 com.apple.WebKit 0x000000010f854eb5 WTF::Detail::CallableWrapper<WebKit::AuxiliaryProcessProxy::sendMessage(WTF::UniqueRef<IPC::Encoder>&&, WTF::OptionSet<IPC::SendOption>, std::__1::optional<std::__1::pair<WTF::CompletionHandler<void (IPC::Decoder*)>, unsigned long long> >&&, WebKit::AuxiliaryProcessProxy::ShouldStartProcessThrottlerActivity)::$_1, void, IPC::Decoder*>::call(IPC::Decoder*) + 27 (Function.h:53)