Commit 45aa6587 authored by jpfau@apple.com's avatar jpfau@apple.com

Make plugins respect third-party storage blocking setting

https://bugs.webkit.org/show_bug.cgi?id=94888

Reviewed by Brady Eidson.

Source/WebCore:

Added functions for discerning if a plugin should be able to access its storage in its current origin.

Tests: http/tests/security/cross-origin-plugin-allowed.html
       http/tests/security/cross-origin-plugin.html

* WebCore.exp.in: Export FrameTree::top and SecurityOrigin::canAccessStorage
* page/SecurityOrigin.h: Added canAccessPluginStorage
(WebCore::SecurityOrigin::canAccessPluginStorage):

Source/WebKit2:

Plugins that are in a third-party context should be put into private browsing mode so their storage is temporary.

* WebProcess/Plugins/PluginView.cpp:
(WebKit::PluginView::isPrivateBrowsingEnabled): Put the plugin into private browsing mode if it is in a third-party context.
(WebKit::PluginView::privateBrowsingStateChanged): Make sure a plugin doesn't leave private browsing mode if it's in a third-party context.

LayoutTests:

Created tests for plugins in a third party and first party context when third-party blocking is on and off.

* http/tests/security/cross-origin-plugin-allowed-expected.txt: Added.
* http/tests/security/cross-origin-plugin-allowed.html: Added.
* http/tests/security/cross-origin-plugin-expected.txt: Added.
* http/tests/security/cross-origin-plugin-private-browsing-toggled-allowed-expected.txt: Added.
* http/tests/security/cross-origin-plugin-private-browsing-toggled-allowed.html: Added.
* http/tests/security/cross-origin-plugin-private-browsing-toggled-expected.txt: Added.
* http/tests/security/cross-origin-plugin-private-browsing-toggled.html: Added.
* http/tests/security/cross-origin-plugin.html: Added.
* http/tests/security/resources/cross-origin-iframe-for-plugin.html: Added.
* http/tests/security/resources/cross-origin-iframe-for-plugin-async.html: Added.
* platform/mac-wk2/http/tests/security/cross-origin-plugin-expected.txt: Added.
* platform/mac-wk2/http/tests/security/cross-origin-plugin-private-browsing-toggled-expected.txt: Added.

git-svn-id: http://svn.webkit.org/repository/webkit/trunk@127513 268f45cc-cd09-0410-ab3c-d52691b4dbfc
parent 7a3706bb
2012-09-04 Jeffrey Pfau <jpfau@apple.com>
Make plugins respect third-party storage blocking setting
https://bugs.webkit.org/show_bug.cgi?id=94888
Reviewed by Brady Eidson.
Created tests for plugins in a third party and first party context when third-party blocking is on and off.
* http/tests/security/cross-origin-plugin-allowed-expected.txt: Added.
* http/tests/security/cross-origin-plugin-allowed.html: Added.
* http/tests/security/cross-origin-plugin-expected.txt: Added.
* http/tests/security/cross-origin-plugin-private-browsing-toggled-allowed-expected.txt: Added.
* http/tests/security/cross-origin-plugin-private-browsing-toggled-allowed.html: Added.
* http/tests/security/cross-origin-plugin-private-browsing-toggled-expected.txt: Added.
* http/tests/security/cross-origin-plugin-private-browsing-toggled.html: Added.
* http/tests/security/cross-origin-plugin.html: Added.
* http/tests/security/resources/cross-origin-iframe-for-plugin.html: Added.
* http/tests/security/resources/cross-origin-iframe-for-plugin-async.html: Added.
* platform/mac-wk2/http/tests/security/cross-origin-plugin-expected.txt: Added.
* platform/mac-wk2/http/tests/security/cross-origin-plugin-private-browsing-toggled-expected.txt: Added.
2012-09-04 Roger Fong <roger_fong@apple.com>
Unreviewed. Rebaseline Windows expected results for accessibility\canvas-description-and-role-expected.txt.
This iframe should not have private browsing enabled:
This iframe should not have private browsing enabled:
--------
Frame: '<!--framePath //<!--frame0-->-->'
--------
false
--------
Frame: '<!--framePath //<!--frame1-->-->'
--------
false
<html>
<head>
<script>
if (window.testRunner) {
testRunner.dumpAsText();
testRunner.dumpChildFramesAsText();
}
</script>
<body>
<p>This iframe should not have private browsing enabled:</p>
<iframe src="http://localhost:8000/security/resources/cross-origin-iframe-for-plugin.html"></iframe>
<p>This iframe should not have private browsing enabled:</p>
<iframe src="http://127.0.0.1:8000/security/resources/cross-origin-iframe-for-plugin.html"></iframe>
</body>
</html>
This iframe should have private browsing enabled:
This iframe should not have private browsing enabled:
--------
Frame: '<!--framePath //<!--frame0-->-->'
--------
false
--------
Frame: '<!--framePath //<!--frame1-->-->'
--------
false
This iframe should not have private browsing enabled:
This iframe should not have private browsing enabled:
--------
Frame: '<!--framePath //<!--frame0-->-->'
--------
false
--------
Frame: '<!--framePath //<!--frame1-->-->'
--------
false
<html>
<head>
<script>
var frames = 2;
if (window.testRunner) {
testRunner.dumpAsText();
testRunner.dumpChildFramesAsText();
testRunner.setPrivateBrowsingEnabled(true);
testRunner.waitUntilDone();
}
function decrement() {
--frames;
if (!frames) {
if (window.testRunner)
testRunner.setPrivateBrowsingEnabled(false);
for (var i = 0; i < 2; ++i) {
var frame = document.getElementsByTagName('iframe')[i].contentWindow;
frame.postMessage('loaded', '*');
}
frames = 2;
}
}
window.onmessage = function() {
--frames;
if (window.testRunner)
testRunner.notifyDone();
}
</script>
<body>
<p>This iframe should not have private browsing enabled:</p>
<iframe src="http://localhost:8000/security/resources/cross-origin-iframe-for-plugin-async.html" onload="decrement()"></iframe>
<p>This iframe should not have private browsing enabled:</p>
<iframe src="http://127.0.0.1:8000/security/resources/cross-origin-iframe-for-plugin-async.html" onload="decrement()"></iframe>
</body>
</html>
This iframe should have private browsing enabled:
This iframe should not have private browsing enabled:
--------
Frame: '<!--framePath //<!--frame0-->-->'
--------
false
--------
Frame: '<!--framePath //<!--frame1-->-->'
--------
false
<html>
<head>
<script>
var frames = 2;
if (window.testRunner) {
testRunner.dumpAsText();
testRunner.dumpChildFramesAsText();
testRunner.setPrivateBrowsingEnabled(true);
testRunner.waitUntilDone();
internals.settings.setThirdPartyStorageBlockingEnabled(true);
}
function decrement() {
--frames;
if (!frames) {
if (window.testRunner)
testRunner.setPrivateBrowsingEnabled(false);
for (var i = 0; i < 2; ++i) {
var frame = document.getElementsByTagName('iframe')[i].contentWindow;
frame.postMessage('loaded', '*');
}
frames = 2;
}
}
window.onmessage = function() {
--frames;
if (window.testRunner) {
internals.settings.setThirdPartyStorageBlockingEnabled(false);
testRunner.notifyDone();
}
}
</script>
<body>
<p>This iframe should have private browsing enabled:</p>
<iframe src="http://localhost:8000/security/resources/cross-origin-iframe-for-plugin-async.html" onload="decrement()"></iframe>
<p>This iframe should not have private browsing enabled:</p>
<iframe src="http://127.0.0.1:8000/security/resources/cross-origin-iframe-for-plugin-async.html" onload="decrement()"></iframe>
</body>
</html>
<html>
<head>
<script>
var frames = 2;
if (window.testRunner) {
testRunner.dumpAsText();
testRunner.dumpChildFramesAsText();
internals.settings.setThirdPartyStorageBlockingEnabled(true);
}
function decrement() {
--frames;
if (!frames && window.testRunner)
internals.settings.setThirdPartyStorageBlockingEnabled(false);
}
</script>
<body>
<p>This iframe should have private browsing enabled:</p>
<iframe src="http://localhost:8000/security/resources/cross-origin-iframe-for-plugin.html" onload="decrement()"></iframe>
<p>This iframe should not have private browsing enabled:</p>
<iframe src="http://127.0.0.1:8000/security/resources/cross-origin-iframe-for-plugin.html" onload="decrement()"></iframe>
</body>
</html>
<html>
<head>
<script>
window.onmessage = function() {
document.write(plg.privateBrowsingEnabled);
window.parent.postMessage('complete', '*');
}
</script>
</head>
<body>
<embed name="plg" type="application/x-webkit-test-netscape" test="private-browsing"></embed>
</body>
</html>
<html>
<head>
<script>
window.onload = function() {
document.write(plg.privateBrowsingEnabled);
}
</script>
</head>
<body>
<embed name="plg" type="application/x-webkit-test-netscape" test="private-browsing"></embed>
</body>
</html>
This iframe should have private browsing enabled:
This iframe should not have private browsing enabled:
--------
Frame: '<!--framePath //<!--frame0-->-->'
--------
true
--------
Frame: '<!--framePath //<!--frame1-->-->'
--------
false
This iframe should have private browsing enabled:
This iframe should not have private browsing enabled:
--------
Frame: '<!--framePath //<!--frame0-->-->'
--------
true
--------
Frame: '<!--framePath //<!--frame1-->-->'
--------
false
2012-09-04 Jeffrey Pfau <jpfau@apple.com>
Make plugins respect third-party storage blocking setting
https://bugs.webkit.org/show_bug.cgi?id=94888
Reviewed by Brady Eidson.
Added functions for discerning if a plugin should be able to access its storage in its current origin.
Tests: http/tests/security/cross-origin-plugin-allowed.html
http/tests/security/cross-origin-plugin.html
* WebCore.exp.in: Export FrameTree::top and SecurityOrigin::canAccessStorage
* page/SecurityOrigin.h: Added canAccessPluginStorage
(WebCore::SecurityOrigin::canAccessPluginStorage):
2012-09-04 Robert Hogan <robert@webkit.org>
Regression(r127163): Heap-use-after-free in WebCore::RenderBoxModelObject::hasSelfPaintingLayer
......@@ -1177,6 +1177,7 @@ __ZNK7WebCore14SecurityOrigin12isolatedCopyEv
__ZNK7WebCore14SecurityOrigin18databaseIdentifierEv
__ZNK7WebCore14SecurityOrigin5equalEPKS0_
__ZNK7WebCore14SecurityOrigin8toStringEv
__ZNK7WebCore14SecurityOrigin16canAccessStorageEPKS0_
__ZNK7WebCore15AffineTransform10isIdentityEv
__ZNK7WebCore15AffineTransform12isInvertibleEv
__ZNK7WebCore15AffineTransform7inverseEv
......@@ -1373,6 +1374,7 @@ __ZNK7WebCore9DOMWindow27pendingUnloadEventListenersEv
__ZNK7WebCore9FloatQuad11boundingBoxEv
__ZNK7WebCore9FloatRect10intersectsERKS0_
__ZNK7WebCore9FloatSize6isZeroEv
__ZNK7WebCore9FrameTree3topEv
__ZNK7WebCore9FrameTree10childCountEv
__ZNK7WebCore9FrameTree12traverseNextEPKNS_5FrameE
__ZNK7WebCore9FrameTree14isDescendantOfEPKNS_5FrameE
......
......@@ -139,6 +139,7 @@ public:
bool canAccessDatabase(const SecurityOrigin* topOrigin = 0) const { return canAccessStorage(topOrigin); };
bool canAccessLocalStorage(const SecurityOrigin* topOrigin) const { return canAccessStorage(topOrigin); };
bool canAccessSharedWorkers(const SecurityOrigin* topOrigin) const { return canAccessStorage(topOrigin); }
bool canAccessPluginStorage(const SecurityOrigin* topOrigin) const { return canAccessStorage(topOrigin); }
bool canAccessCookies() const { return !isUnique(); }
bool canAccessPasswordManager() const { return !isUnique(); }
bool canAccessFileSystem() const { return !isUnique(); }
......
2012-09-04 Jeffrey Pfau <jpfau@apple.com>
Make plugins respect third-party storage blocking setting
https://bugs.webkit.org/show_bug.cgi?id=94888
Reviewed by Brady Eidson.
Plugins that are in a third-party context should be put into private browsing mode so their storage is temporary.
* WebProcess/Plugins/PluginView.cpp:
(WebKit::PluginView::isPrivateBrowsingEnabled): Put the plugin into private browsing mode if it is in a third-party context.
(WebKit::PluginView::privateBrowsingStateChanged): Make sure a plugin doesn't leave private browsing mode if it's in a third-party context.
2012-09-04 Pekka Vuorela <pvuorela@iki.fi>
[Qt] Remove use of deprecated QInputMethod method
......
......@@ -583,6 +583,9 @@ void PluginView::privateBrowsingStateChanged(bool privateBrowsingEnabled)
if (!m_isInitialized || !m_plugin)
return;
if (!privateBrowsingEnabled && !frame()->document()->securityOrigin()->canAccessPluginStorage(frame()->tree()->top()->document()->securityOrigin()))
return;
m_plugin->privateBrowsingStateChanged(privateBrowsingEnabled);
}
......@@ -1273,6 +1276,9 @@ bool PluginView::isPrivateBrowsingEnabled()
if (!frame())
return true;
if (!frame()->document()->securityOrigin()->canAccessPluginStorage(frame()->tree()->top()->document()->securityOrigin()))
return true;
Settings* settings = frame()->settings();
if (!settings)
return true;
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment