StartFileInfo(this),
//localized, so not binded
// file:// + / : without "/" path, webkit return security error
- PrefixURL(this, DPL::String(L"app://") + DPL::FromASCIIString(tizenId) + L"/"),
+ PrefixURL(this, L"file:///"),
InstallPath(
this,
&BindToWidgetDAO<DPL::String, &WidgetDAOReadOnly::getFullPath>::Get),
"http",
"https",
"widget",
- "app",
"vnd.youtube",
"rtsp"
};
HTTP,
HTTPS,
WIDGET,
- APP,
YOUTUBE,
RTSP,
{ URI_ACTION_WRT, URI_ACTION_WRT, URI_ACTION_WRT }, // HTTP
{ URI_ACTION_WRT, URI_ACTION_WRT, URI_ACTION_WRT }, // HTTPS
{ URI_ACTION_WRT, URI_ACTION_WRT, URI_ACTION_WRT }, // WIDGET
- { URI_ACTION_WRT, URI_ACTION_WRT, URI_ACTION_WRT }, // APP
{ URI_ACTION_VIDEO, URI_ACTION_VIDEO, URI_ACTION_VIDEO }, // YOUTUBE
{ URI_ACTION_VIDEO, URI_ACTION_VIDEO, URI_ACTION_VIDEO } // RTSP
};
{ URI_ACTION_APPSVC, URI_ACTION_WRT, URI_ACTION_APPSVC }, // HTTP
{ URI_ACTION_APPSVC, URI_ACTION_WRT, URI_ACTION_APPSVC }, // HTTPS
{ URI_ACTION_WRT, URI_ACTION_WRT, URI_ACTION_APPSVC }, // WIDGET
- { URI_ACTION_WRT, URI_ACTION_WRT, URI_ACTION_APPSVC }, // APP
{ URI_ACTION_VIDEO, URI_ACTION_VIDEO, URI_ACTION_VIDEO }, // YOUTUBE
{ URI_ACTION_VIDEO, URI_ACTION_VIDEO, URI_ACTION_VIDEO } // RTSP
};
SERVICE_DATA_TYPE_MIME
};
-char const * const SCHEME_TYPE_APP = "app";
char const * const SCHEME_TYPE_FILE = "file";
char const * const SCHEME_TYPE_WIDGET = "widget";
}
std::string scheme(urlcstr, end);
- if (scheme != SCHEME_TYPE_WIDGET && scheme != SCHEME_TYPE_FILE && scheme != SCHEME_TYPE_APP) {
+ if (scheme != SCHEME_TYPE_WIDGET && scheme != SCHEME_TYPE_FILE) {
LogDebug("scheme doesn't need to localize");
return DPL::OptionalString(inputURI);
}
#include "bundle_uri_handling.h"
#include <dpl/log/log.h>
#include <string.h>
-#include <sys/stat.h>
#include <dpl/utils/wrt_global_settings.h>
// For dao creation (widget info fetching)
#include <dpl/wrt-dao-ro/widget_dao_read_only.h>
namespace {
char const * const SCHEME_TYPE_FILE = "file";
char const * const SCHEME_TYPE_WIDGET = "widget";
-char const * const SCHEME_TYPE_APP = "app";
char const * const WARP_ERROR_MSG =
"file:///usr/etc/wrt/warp_security_error.msg";
char const * const PARAM_URL = "param:url";
-char const * const ACE_IGNORED_SCHEMA[] = { "file://", "widget://", "app://",
- "data:", "tel:", "sms:", "mmsto:",
- "mailto:", 0 };
+char const * const ACE_IGNORED_SCHEMA[] = { "file://", "widget://", "data:",
+ "tel:", "sms:", "mmsto:", "mailto:",
+ 0 };
bool checkWARP(const char *url, const DPL::String& tizenId)
{
DPL::FromUTF8String(std::string(url)));
}
-bool preventSymlink(const std::string & url)
-{
- if(0 != strncmp(url.c_str(), SCHEME_TYPE_FILE, strlen(SCHEME_TYPE_FILE)))
- {
- return true;
- }
- if(url.size() >= strlen(SCHEME_TYPE_FILE) + 3)
- {
- std::string file = url.substr(strlen(SCHEME_TYPE_FILE) + 3);
- struct stat st;
- if(0 != stat(file.c_str(), &st)) return true;
- return !S_ISLNK(st.st_mode);
- }
- else
- {
- return true;
- }
-}
-
bool checkACE(const char* url, bool xhr, const DPL::String& tizenId)
{
if (url) {
auto uri = DPL::ToUTF8String(*op_uri);
if (!checkWARP(uri.c_str(), tizenId)) {
- LogWarning("Request was blocked by WARP: " << uri);
+ LogDebug("Request was blocked by WARP: " << uri);
return false;
}
if (!checkACE(uri.c_str(), is_xhr, tizenId)) {
- LogWarning("Request was blocked by ACE: " << uri);
- return false;
- }
-
- if (!preventSymlink(uri)) {
- LogWarning("Request for symlink is invalid: " << uri);
+ LogDebug("Request was blocked by ACE: " << uri);
return false;
}
DPL::OptionalString localizeURI(const DPL::String& inputURI,
const DPL::String& tizenId)
{
- std::string uri = DPL::ToUTF8String(inputURI);
+ auto uri = DPL::ToUTF8String(inputURI);
LogDebug("localizing url: " << uri);
+
auto urlcstr = uri.c_str();
+
const char *end = strstr(urlcstr, ":");
if (!end) {
LogDebug("no schema in link, return null");
// lack of schema
return DPL::Optional<DPL::String>::Null;
}
- std::string scheme(urlcstr, end);
- if (scheme != SCHEME_TYPE_WIDGET && scheme != SCHEME_TYPE_FILE && scheme != SCHEME_TYPE_APP) {
+ std::string scheme(urlcstr, end);
+ if (scheme != SCHEME_TYPE_WIDGET && scheme != SCHEME_TYPE_FILE) {
LogDebug("scheme doesn't need to localize");
return DPL::OptionalString(inputURI);
}
// URI localization on WebProcess side
#include "bundle_uri_handling.h"
-//TODO: this is temprary hack for ENABLE marco is webkit!
-//do not include header webkits after this as they want work probably
-#define ENABLE(X) 0
-#include <WKBundlePrivate.h>
-#undef ENABLE
-
namespace {
const char * const uriChangedMessageName = "uri_changed_msg";
const char * const uriBlockedMessageName = "uri_blocked_msg";
const char * const URICHANGE_BLOCKED_URL = "null";
const char * const SCHEME_HTTP = "http";
const char * const SCHEME_HTTPS = "https";
-const char * const SCHEME_FILE = "file";
-const char * const SCHEME_FILE_SLASH = "file://";
+const char * const SCHEME_FILE = "file://";
const char * const DATA_STRING = "data:";
const char * const BASE64_STRING = ";base64,";
const char * const BLANK_PAGE_URL = "about:blank";
const char * const VIEWMODE_TYPE_MAXIMIZED = "maximized";
const std::size_t FILE_BUF_MAX_SIZE = 1024; // bytes
const std::size_t PLAIN_CHUNK_SIZE = 1008; // bytes
-const char * const warpAllowProtocolsForWildcard[] = { "http", "https" };
}
Bundle::Bundle(WKBundleRef bundle) :
}
}
-void Bundle::bypassCORSforWARPAccessList(WrtDB::WidgetDAOReadOnly & dao)
-{
- // bypassing CORS using origin whitelist
- WrtDB::WidgetAccessInfoList WAList;
- dao.getWidgetAccessInfo(WAList);
- FOREACH(it, WAList)
- {
- const WrtDB::WidgetAccessInfo & access = *it;
- WKURLRef url = WKURLCreateWithUTF8CString(DPL::ToUTF8String(access.strIRI).c_str());
-
- std::string source = std::string("app://") + DPL::ToUTF8String(m_widgetTizenId) + "/";
-
- LogDebug("WARP to WK whitelist position: " << source << " for "
- << access.strIRI << " subDomains: " << access.bSubDomains);
-
- WKStringRef wkSource = WKStringCreateWithUTF8CString(source.c_str());
- WKStringRef wkHost;
- WKStringRef wkProtocol;
- if(access.strIRI == L"*")
- {
- //wildcard force to explicitly say which protocol is used
- // passed wkHost if empty means wildcard -> allow everything but protocol has to be set.
- for(unsigned i = 0; i < sizeof(warpAllowProtocolsForWildcard); i++)
- {
- wkHost = WKStringCreateWithUTF8CString("");
- wkProtocol = WKStringCreateWithUTF8CString(warpAllowProtocolsForWildcard[i]);
- WKBundleAddOriginAccessWhitelistEntry(m_bundle,
- wkSource, wkProtocol, wkHost, access.bSubDomains);
- }
- }
- else
- {
- wkHost = WKURLCopyHostName(url);
- wkProtocol = WKURLCopyScheme(url);
- WKBundleAddOriginAccessWhitelistEntry(m_bundle,
- wkSource, wkProtocol, wkHost, access.bSubDomains);
- }
-
- WKRelease(wkHost);
- WKRelease(wkProtocol);
- WKRelease(wkSource);
- }
-}
-
void Bundle::didReceiveMessage(WKStringRef messageName, WKTypeRef messageBody)
{
LogDebug("got message type: " << toString(messageName).c_str());
m_widgetTizenId = DPL::FromASCIIString(msgString);
WrtDB::WidgetDAOReadOnly dao(m_widgetTizenId);
-
- bypassCORSforWARPAccessList(dao);
-
/* This type of message is received when widget is restarting
* (proably in other situation too). Widget restart can be
* called after system language change so language tags have to
LogDebug("URI processing result: " << *localizedUrl);
std::string tmpUrlStr = DPL::ToUTF8String(*localizedUrl);
WKURLRef tmpUrl = WKURLCreateWithUTF8CString(tmpUrlStr.c_str());
- std::string scheme = toString(WKURLCopyScheme(url)); //scheme of original request
+ std::string scheme = toString(WKURLCopyScheme(url));
WKRelease(url);
-
- if(scheme == SCHEME_FILE) {
- LogError("File schema blocked for: " << dplurl);
- return NULL;
- }
-
// Return value must contain details information of input
// WKURLRequestRef. Current webkit2 doesn't support api that
// copy WKURLRequestRef or change url only. Before webkit2
{
std::string filePath;
- size_t pos = Url.find_first_not_of(SCHEME_FILE_SLASH);
+ size_t pos = Url.find_first_not_of(SCHEME_FILE);
if (std::string::npos != pos) {
filePath = Url.substr(pos - 1);
}
std::set<WrtDB::EncryptedFileInfo>::iterator it;
info.fileName = DPL::FromUTF8String(filePath);
- if ((0 == strncmp(Url.c_str(), SCHEME_FILE_SLASH, strlen(SCHEME_FILE_SLASH))) &&
+ if ((0 == strncmp(Url.c_str(), SCHEME_FILE, strlen(SCHEME_FILE))) &&
(m_encryptedFiles.end() != (it =
m_encryptedFiles.find(info))))
{
{
std::string filePath;
- size_t pos = resource.find_first_not_of(SCHEME_FILE_SLASH);
+ size_t pos = resource.find_first_not_of(SCHEME_FILE);
if (std::string::npos != pos) {
filePath = resource.substr(pos - 1);
}
void fixWKMessageArgs(std::string & argScale,
std::string & argEncodedBundle,
std::string & argTheme);
-
- void bypassCORSforWARPAccessList(WrtDB::WidgetDAOReadOnly &dao);
-
void *DecryptChunkByTrustZone(const unsigned char *inBuffer,
int inBufSize);
};