Commit d82d99fe authored by beidson's avatar beidson

LayoutTests:

        Reviewed by Adele

        <rdar://problem/4429701>
        Implements a port blocking black list that matches Firefox's

        The layout test attempts to load an image at an invalid domain name on each
        of the black listed ports.  Using dumpResourceLoadCallbacks(), DRT is able
        to see the error codes for each resource.  A successful test shows the blocked
        error for each image load except for the few that are standard or should 
        succeed due to exemptions.

        * security/block-test-expected.txt: Added.
        * security/block-test.html: Added.

WebCore:

        Reviewed by Maciej

        <rdar://problem/4429701>
        Implements a port blocking black list that matches Firefox's

        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::blockedError): Call through to the client for blockedError 
        * loader/FrameLoader.h:

        * loader/FrameLoaderClient.h: Get the "port blocked" error for the current platform

        * loader/ResourceLoader.cpp:
        (WebCore::ResourceLoader::wasBlocked): ResourceHandleClient method to pass on the didFail(error)
        (WebCore::ResourceLoader::blockedError): Following the pattern of "CancelledError()", get the 
          error to fail with for the didFail() call
        * loader/ResourceLoader.h:

        * platform/graphics/svg/SVGImageEmptyClients.h:
        (WebCore::SVGEmptyFrameLoaderClient::blockedError): Added stub

        * platform/network/ResourceHandle.cpp:
        (WebCore::ResourceHandle::create): If the port is blocked, create the handle but schedule it for
          deferred failure on a timer
        (WebCore::ResourceHandle::scheduleBlockedFailure): Do the timer scheduling
        (WebCore::ResourceHandle::fireBlockedFailure): Fire the timer here
        (WebCore::ResourceHandle::portAllowed): Implements checking of Mozilla's
        * platform/network/ResourceHandle.h:
        * platform/network/ResourceHandleClient.h:
        (WebCore::ResourceHandleClient::wasBlocked): Virtual for clients to get the "blocked" message

WebKit:

        Reviewed by Maciej

        <rdar://problem/4429701>
        Implements a port blocking black list that matches Firefox's

        * English.lproj/Localizable.strings: Added localizable string for port blocked error code

        * Misc/WebKitErrors.h:
        * Misc/WebKitErrors.m:
        (registerErrors): Add new port blocked error code to WebKitErrorDomain

        * WebCoreSupport/WebFrameLoaderClient.h:
        * WebCoreSupport/WebFrameLoaderClient.mm:
        (WebFrameLoaderClient::cancelledError): Fixed coding style
        (WebFrameLoaderClient::blockedError): Return a ResourceError with the new custom error code



git-svn-id: http://svn.webkit.org/repository/webkit/trunk@20227 268f45cc-cd09-0410-ab3c-d52691b4dbfc
parent bf6a206a
2007-03-15 Brady Eidson <beidson@apple.com>
Reviewed by Adele
<rdar://problem/4429701>
Implements a port blocking black list that matches Firefox's
The layout test attempts to load an image at an invalid domain name on each
of the black listed ports. Using dumpResourceLoadCallbacks(), DRT is able
to see the error codes for each resource. A successful test shows the blocked
error for each image load except for the few that are standard or should
succeed due to exemptions.
* security/block-test-expected.txt: Added.
* security/block-test.html: Added.
2007-03-14 Justin Garcia <justin.garcia@apple.com>
Reviewed by john
This diff is collapsed.
<html>
<script>
var blockedPorts = new Array(1, 7, 9, 11, 13, 15, 17, 19, 20,
21, 22, 23, 25, 37, 42, 43, 53, 77, 79, 87, 95, 101, 102,
103, 104, 109, 110, 111, 113, 115, 117, 119, 123, 135, 139,
143, 179, 389, 465, 512, 513, 514, 515, 526, 530, 531, 532,
540, 556, 563, 587, 601, 636, 993, 995, 2049, 4045, 6000, 0);
var baseURL = "nonexistantdomain.com.fake";
var currentPort = 0;
if (window.layoutTestController) {
layoutTestController.waitUntilDone();
layoutTestController.dumpResourceLoadCallbacks();
}
function nextTest() {
if (!blockedPorts[currentPort]) {
ftpTest();
return;
}
var newURL = "http://" + baseURL + ":" + blockedPorts[currentPort] + "/test.jpg";
currentPort++;
testIMG.src = newURL;
}
function ftpTest() {
testIMG.setAttribute("onError", "ftp21Test();");
var newURL = "ftp://" + baseURL + "/test.jpg";
testIMG.src = newURL;
}
function ftp21Test() {
testIMG.setAttribute("onError", "ftp22Test();");
var newURL = "ftp://" + baseURL + ":21/test.jpg";
testIMG.src = newURL;
}
function ftp22Test() {
testIMG.setAttribute("onError", "finishTesting();");
var newURL = "ftp://" + baseURL + ":22/test.jpg";
testIMG.src = newURL;
}
function finishTesting() {
if (window.layoutTestController) {
layoutTestController.dumpAsText();
setTimeout("layoutTestController.notifyDone()", 0);
}
}
</script>
<body>
<p>This test attempts to change the src of an IMG tag to all black listed ports to confirm that WebKit returns the
correct error for them - blocked instead of cannot find. It also tries the FTP ports for exemptions. Due to the
nature of this test, the results can only be processed automatically via DumpRenderTree
</p>
<img id="testIMG" src="http://nonexistantdomain.com.fake/test.jpg" onError="nextTest();"></img>
</body>
</html>
2007-03-15 Brady Eidson <beidson@apple.com>
Reviewed by Maciej
<rdar://problem/4429701>
Implements a port blocking black list that matches Firefox's
* loader/FrameLoader.cpp:
(WebCore::FrameLoader::blockedError): Call through to the client for blockedError
* loader/FrameLoader.h:
* loader/FrameLoaderClient.h: Get the "port blocked" error for the current platform
* loader/ResourceLoader.cpp:
(WebCore::ResourceLoader::wasBlocked): ResourceHandleClient method to pass on the didFail(error)
(WebCore::ResourceLoader::blockedError): Following the pattern of "CancelledError()", get the
error to fail with for the didFail() call
* loader/ResourceLoader.h:
* platform/graphics/svg/SVGImageEmptyClients.h:
(WebCore::SVGEmptyFrameLoaderClient::blockedError): Added stub
* platform/network/ResourceHandle.cpp:
(WebCore::ResourceHandle::create): If the port is blocked, create the handle but schedule it for
deferred failure on a timer
(WebCore::ResourceHandle::scheduleBlockedFailure): Do the timer scheduling
(WebCore::ResourceHandle::fireBlockedFailure): Fire the timer here
(WebCore::ResourceHandle::portAllowed): Implements checking of Mozilla's
* platform/network/ResourceHandle.h:
* platform/network/ResourceHandleClient.h:
(WebCore::ResourceHandleClient::wasBlocked): Virtual for clients to get the "blocked" message
2007-03-15 Beth Dakin <bdakin@apple.com>
Reviewed by Hyatt.
......
......@@ -4118,6 +4118,11 @@ ResourceError FrameLoader::cancelledError(const ResourceRequest& request) const
return m_client->cancelledError(request);
}
ResourceError FrameLoader::blockedError(const ResourceRequest& request) const
{
return m_client->blockedError(request);
}
ResourceError FrameLoader::fileDoesNotExistError(const ResourceResponse& response) const
{
return m_client->fileDoesNotExistError(response);
......
......@@ -202,6 +202,7 @@ namespace WebCore {
ResourceError cancelledError(const ResourceRequest&) const;
ResourceError fileDoesNotExistError(const ResourceResponse&) const;
ResourceError blockedError(const ResourceRequest&) const;
bool willUseArchive(ResourceLoader*, const ResourceRequest&, const KURL&) const;
bool isArchiveLoadPending(ResourceLoader*) const;
void cannotShowMIMEType(const ResourceResponse&);
......
......@@ -150,6 +150,7 @@ namespace WebCore {
virtual bool shouldGoToHistoryItem(HistoryItem*) const = 0;
virtual ResourceError cancelledError(const ResourceRequest&) = 0;
virtual ResourceError blockedError(const ResourceRequest&) = 0;
virtual ResourceError cannotShowURLError(const ResourceRequest&) = 0;
virtual ResourceError interruptForPolicyChangeError(const ResourceRequest&) = 0;
......
......@@ -255,6 +255,11 @@ void ResourceLoader::didFail(const ResourceError& error)
releaseResources();
}
void ResourceLoader::wasBlocked()
{
didFail(blockedError());
}
void ResourceLoader::didCancel(const ResourceError& error)
{
ASSERT(!m_cancelled);
......@@ -305,6 +310,11 @@ ResourceError ResourceLoader::cancelledError()
return frameLoader()->cancelledError(m_request);
}
ResourceError ResourceLoader::blockedError()
{
return frameLoader()->blockedError(m_request);
}
void ResourceLoader::willSendRequest(ResourceHandle*, ResourceRequest& request, const ResourceResponse& redirectResponse)
{
willSendRequest(request, redirectResponse);
......@@ -330,6 +340,11 @@ void ResourceLoader::didFail(ResourceHandle*, const ResourceError& error)
didFail(error);
}
void ResourceLoader::wasBlocked(ResourceHandle*)
{
wasBlocked();
}
void ResourceLoader::didReceiveAuthenticationChallenge(const AuthenticationChallenge& challenge)
{
// Protect this in this delegate method since the additional processing can do
......
......@@ -60,7 +60,8 @@ namespace WebCore {
virtual void cancel(const ResourceError&);
ResourceError cancelledError();
ResourceError blockedError();
virtual void setDefersLoading(bool);
void setIdentifier(unsigned long identifier) { m_identifier = identifier; }
......@@ -79,6 +80,7 @@ namespace WebCore {
void willStopBufferingData(const char*, int);
virtual void didFinishLoading();
virtual void didFail(const ResourceError&);
virtual void wasBlocked();
void didReceiveAuthenticationChallenge(const AuthenticationChallenge&);
void didCancelAuthenticationChallenge(const AuthenticationChallenge&);
......@@ -90,6 +92,7 @@ namespace WebCore {
virtual void didReceiveData(ResourceHandle*, const char*, int, int lengthReceived);
virtual void didFinishLoading(ResourceHandle*);
virtual void didFail(ResourceHandle*, const ResourceError&);
virtual void wasBlocked(ResourceHandle*);
virtual void willStopBufferingData(ResourceHandle*, const char* data, int length) { willStopBufferingData(data, length); }
virtual void didReceiveAuthenticationChallenge(ResourceHandle*, const AuthenticationChallenge& challenge) { didReceiveAuthenticationChallenge(challenge); }
virtual void didCancelAuthenticationChallenge(ResourceHandle*, const AuthenticationChallenge& challenge) { didCancelAuthenticationChallenge(challenge); }
......
......@@ -216,6 +216,7 @@ public:
virtual void finalSetupForReplace(DocumentLoader*) { }
virtual ResourceError cancelledError(const ResourceRequest&) { return ResourceError(); }
virtual ResourceError blockedError(const ResourceRequest&) { return ResourceError(); }
virtual ResourceError cannotShowURLError(const ResourceRequest&) { return ResourceError(); }
virtual ResourceError interruptForPolicyChangeError(const ResourceRequest&) { return ResourceError(); }
......
......@@ -28,6 +28,10 @@
#include "ResourceHandleInternal.h"
#include "Logging.h"
#include "ResourceHandleClient.h"
#include "Timer.h"
#include <wtf/HashSet.h>
namespace WebCore {
......@@ -38,14 +42,31 @@ ResourceHandle::ResourceHandle(const ResourceRequest& request, ResourceHandleCli
PassRefPtr<ResourceHandle> ResourceHandle::create(const ResourceRequest& request, ResourceHandleClient* client, Frame* frame, bool defersLoading, bool mightDownloadFromHandle)
{
RefPtr<ResourceHandle> newLoader(new ResourceHandle(request, client, defersLoading, mightDownloadFromHandle));
if (newLoader->start(frame))
return newLoader.release();
RefPtr<ResourceHandle> newHandle(new ResourceHandle(request, client, defersLoading, mightDownloadFromHandle));
if (!portAllowed(request)) {
newHandle->scheduleBlockedFailure();
return newHandle.release();
}
if (newHandle->start(frame))
return newHandle.release();
return 0;
}
void ResourceHandle::scheduleBlockedFailure()
{
Timer<ResourceHandle>* blockedTimer = new Timer<ResourceHandle>(this, &ResourceHandle::fireBlockedFailure);
blockedTimer->startOneShot(0);
}
void ResourceHandle::fireBlockedFailure(Timer<ResourceHandle>* timer)
{
client()->wasBlocked(this);
delete timer;
}
const HTTPHeaderMap& ResourceHandle::requestHeaders() const
{
return d->m_request.httpHeaderFields();
......@@ -84,5 +105,94 @@ void ResourceHandle::clearAuthentication()
d->m_currentWebChallenge.nullify();
}
bool ResourceHandle::portAllowed(const ResourceRequest& request)
{
uint16_t port = request.url().port();
if (!port)
return true;
// The blocked port list matches the port blocking mozilla implements
// See http://www.mozilla.org/projects/netlib/PortBanning.html for more information
static uint16_t blockedPortList[] = {
1, // tcpmux
7, // echo
9, // discard
11, // systat
13, // daytime
15, // netstat
17, // qotd
19, // chargen
20, // FTP-data
21, // FTP-control
22, // SSH
23, // telnet
25, // SMTP
37, // time
42, // name
43, // nicname
53, // domain
77, // priv-rjs
79, // finger
87, // ttylink
95, // supdup
101, // hostriame
102, // iso-tsap
103, // gppitnp
104, // acr-nema
109, // POP2
110, // POP3
111, // sunrpc
113, // auth
115, // SFTP
117, // uucp-path
119, // nntp
123, // NTP
135, // loc-srv / epmap
139, // netbios
143, // IMAP2
179, // BGP
389, // LDAP
465, // SMTP+SSL
512, // print / exec
513, // login
514, // shell
515, // printer
526, // tempo
530, // courier
531, // Chat
532, // netnews
540, // UUCP
556, // remotefs
563, // NNTP+SSL
587, // ESMTP
601, // syslog-conn
636, // LDAP+SSL
993, // IMAP+SSL
995, // POP3+SSL
2049, // NFS
4045, // lockd
6000, // X11
0 };
static HashSet<int>* blockedPortHash = 0;
if (!blockedPortHash) {
blockedPortHash = new HashSet<int>;
for (int i = 0; blockedPortList[i]; ++i)
blockedPortHash->add(blockedPortList[i]);
}
bool restricted = blockedPortHash->contains(port);
if (restricted) {
// An exception in the mozilla port blocking is they allow 21 and 22 for FTP (and Secure FTP), which we have to do also
if ((port == 21 || port == 22) && request.url().url().startsWith("ftp:", false))
return true;
}
return !restricted;
}
} // namespace WebCore
......@@ -147,7 +147,13 @@ public:
PassRefPtr<FormData> postData() const;
const ResourceRequest& request() const;
void fireBlockedFailure(Timer<ResourceHandle>*);
private:
static bool portAllowed(const ResourceRequest&);
void scheduleBlockedFailure();
bool start(Frame*);
OwnPtr<ResourceHandleInternal> d;
......
......@@ -61,6 +61,7 @@ namespace WebCore {
virtual void didReceiveData(ResourceHandle*, const char*, int, int lengthReceived) { }
virtual void didFinishLoading(ResourceHandle*) { }
virtual void didFail(ResourceHandle*, const ResourceError&) { }
virtual void wasBlocked(ResourceHandle*) { }
virtual void willCacheResponse(ResourceHandle*, CacheStoragePolicy&) { }
......
2007-03-15 Brady Eidson <beidson@apple.com>
Reviewed by Maciej
<rdar://problem/4429701>
Implements a port blocking black list that matches Firefox's
* English.lproj/Localizable.strings: Added localizable string for port blocked error code
* Misc/WebKitErrors.h:
* Misc/WebKitErrors.m:
(registerErrors): Add new port blocked error code to WebKitErrorDomain
* WebCoreSupport/WebFrameLoaderClient.h:
* WebCoreSupport/WebFrameLoaderClient.mm:
(WebFrameLoaderClient::cancelledError): Fixed coding style
(WebFrameLoaderClient::blockedError): Return a ResourceError with the new custom error code
2007-03-15 Timothy Hatcher <timothy@apple.com>
Reviewed by John.
......
B/* window title for a standalone image (uses multiplication symbol, not x) */
......
......@@ -44,6 +44,7 @@
#define WebKitErrorDescriptionCannotShowMIMEType UI_STRING("Cannot show content with specified mime type", "WebKitErrorCannotShowMIMEType description")
#define WebKitErrorDescriptionCannotShowURL UI_STRING("Cannot show URL", "WebKitErrorCannotShowURL description")
#define WebKitErrorDescriptionFrameLoadInterruptedByPolicyChange UI_STRING("Frame load interrupted", "WebKitErrorFrameLoadInterruptedByPolicyChange description")
#define WebKitErrorDescriptionCannotUseRestrictedPort UI_STRING("Not allowed to use restricted network port", "WebKitErrorCannotUseRestrictedPort description")
// Plug-in and java errors
#define WebKitErrorDescriptionCannotFindPlugin UI_STRING("Cannot find plug-in", "WebKitErrorCannotFindPlugin description")
......@@ -146,7 +147,8 @@ static void registerErrors()
WebKitErrorDescriptionCannotShowMIMEType, [NSNumber numberWithInt: WebKitErrorCannotShowMIMEType],
WebKitErrorDescriptionCannotShowURL, [NSNumber numberWithInt: WebKitErrorCannotShowURL],
WebKitErrorDescriptionFrameLoadInterruptedByPolicyChange, [NSNumber numberWithInt: WebKitErrorFrameLoadInterruptedByPolicyChange],
WebKitErrorDescriptionCannotUseRestrictedPort, [NSNumber numberWithInt: WebKitErrorCannotUseRestrictedPort],
// Plug-in and java errors
WebKitErrorDescriptionCannotFindPlugin, [NSNumber numberWithInt: WebKitErrorCannotFindPlugIn],
WebKitErrorDescriptionCannotLoadPlugin, [NSNumber numberWithInt: WebKitErrorCannotLoadPlugIn],
......
......@@ -32,6 +32,15 @@
// FIXME: WebKitErrorPlugInWillHandleLoad is used for the cancel we do to prevent loading plugin content twice. See <rdar://problem/4258008>
#define WebKitErrorPlugInWillHandleLoad 204
/*!
@enum
@abstract Policy errors - Pending Public API Review
@constant WebKitErrorCannotUseRestrictedPort
*/
enum {
WebKitErrorCannotUseRestrictedPort = 103,
};
@interface NSError (WebKitExtras)
+ (NSError *)_webKitErrorWithCode:(int)code failingURL:(NSString *)URL;
+ (NSError *)_webKitErrorWithDomain:(NSString *)domain code:(int)code URL:(NSURL *)URL;
......
......@@ -147,6 +147,7 @@ private:
virtual bool shouldGoToHistoryItem(WebCore::HistoryItem*) const;
virtual WebCore::ResourceError cancelledError(const WebCore::ResourceRequest&);
virtual WebCore::ResourceError blockedError(const WebCore::ResourceRequest&);
virtual WebCore::ResourceError cannotShowURLError(const WebCore::ResourceRequest&);
virtual WebCore::ResourceError interruptForPolicyChangeError(const WebCore::ResourceRequest&);
......
......@@ -685,10 +685,15 @@ bool WebFrameLoaderClient::shouldGoToHistoryItem(HistoryItem* item) const
return [[view _policyDelegateForwarder] webView:view shouldGoToHistoryItem:webItem];
}
ResourceError WebFrameLoaderClient::cancelledError(const ResourceRequest &request)
ResourceError WebFrameLoaderClient::cancelledError(const ResourceRequest& request)
{
return [NSError _webKitErrorWithDomain:NSURLErrorDomain code:NSURLErrorCancelled URL:request.url().getNSURL()];
}
ResourceError WebFrameLoaderClient::blockedError(const ResourceRequest& request)
{
return [NSError _webKitErrorWithDomain:WebKitErrorDomain code:WebKitErrorCannotUseRestrictedPort URL:request.url().getNSURL()];
}
ResourceError WebFrameLoaderClient::cannotShowURLError(const ResourceRequest& request)
{
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment