From 38726089ea47ea8bbbb50fba773a569adc811d6b Mon Sep 17 00:00:00 2001 From: Jihoon Chung Date: Tue, 30 Apr 2013 12:05:09 +0900 Subject: [PATCH] [Release] wrt_0.8.191 --- CMakeLists.txt | 7 +- packaging/wrt.spec | 4 +- src/api_new/ewk_context_manager.cpp | 20 ++++ src/api_new/ewk_context_manager.h | 4 +- src/api_new/user_delegates.h | 6 +- src/domain/widget_model.cpp | 6 +- src/domain/widget_model.h | 4 + src/view/webkit/bundles/CMakeLists.txt | 2 + src/view/webkit/bundles/bundle_uri_handling.cpp | 135 +++++++++++++++++++---- src/view/webkit/bundles/bundle_uri_handling.h | 7 +- src/view/webkit/bundles/wrt-wk2-bundle.cpp | 104 +++++++++++------- src/view/webkit/bundles/wrt-wk2-bundle.h | 23 +++- src/view/webkit/view_logic.cpp | 139 ++++++++++++------------ tests/widgets/common/src/InstallerWrapper.cpp | 2 +- 14 files changed, 319 insertions(+), 144 deletions(-) mode change 100755 => 100644 src/api_new/ewk_context_manager.h mode change 100755 => 100644 src/view/webkit/bundles/CMakeLists.txt diff --git a/CMakeLists.txt b/CMakeLists.txt index 9a86efa..cec321f 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -42,8 +42,8 @@ ENDIF(NOT CMAKE_BUILD_TYPE) OPTION(DPL_LOG "DPL logs status" ON) OPTION(WITH_TESTS "Build tests" OFF) -#enable csp policy support -OPTION(CSP_SUPPORT "Support for csp policy" OFF) +OPTION(CSP_SUPPORT "Support for csp policy" ON) +OPTION(ALLOW_NAVIGATION_SUPPORT "Support for allow-navigation" ON) OPTION(APP_SCHEME_SUPPORT "Support for app:// scheme" OFF) OPTION(CORS_WHITELISTING_SUPPORT "CORS white listing for access positions" OFF) OPTION(MULTIPROCESS_SERVICE_SUPPORT "Process per service" OFF) @@ -51,6 +51,9 @@ OPTION(MULTIPROCESS_SERVICE_SUPPORT_INLINE "Process per service - inline mode su IF(CSP_SUPPORT) ADD_DEFINITIONS("-DCSP_ENABLED") ENDIF(CSP_SUPPORT) +IF(ALLOW_NAVIGATION_SUPPORT) + ADD_DEFINITIONS("-DALLOW_NAVIGATION_ENABLED") +ENDIF(CSP_SUPPORT) IF(APP_SCHEME_SUPPORT) ADD_DEFINITIONS("-DAPP_SCHEME_ENABLED") ENDIF(APP_SCHEME_SUPPORT) diff --git a/packaging/wrt.spec b/packaging/wrt.spec index d2c84bf..59f09c5 100644 --- a/packaging/wrt.spec +++ b/packaging/wrt.spec @@ -1,7 +1,7 @@ -#git:framework/web/wrt wrt_0.8.187 +#git:framework/web/wrt wrt_0.8.191 Name: wrt Summary: web runtime -Version: 0.8.187 +Version: 0.8.191 Release: 1 Group: Development/Libraries License: Apache License, Version 2.0 diff --git a/src/api_new/ewk_context_manager.cpp b/src/api_new/ewk_context_manager.cpp index bbc0dbe..cb1ecae 100644 --- a/src/api_new/ewk_context_manager.cpp +++ b/src/api_new/ewk_context_manager.cpp @@ -144,6 +144,13 @@ bool EwkContextManager::initialize() setAutoFullscreenMode(); setBackgroundSupport(); +#ifdef CSP_ENABLED + if (dao.getSecurityModelVersion() == + WrtDB::WidgetSecurityModelVersion::WIDGET_SECURITY_MODEL_V2) + { + setCSPSupport(); + } +#endif // ewk storage_path set ewk_context_storage_path_reset(m_ewkContext); @@ -236,6 +243,19 @@ void EwkContextManager::setBackgroundSupport() backgroundSupport); } +void EwkContextManager::setCSPSupport() +{ + if(!m_ewkContext) { + return; + } + + WrtDB::WidgetDAOReadOnly dao(DPL::FromUTF8String(m_appId)); + LogInfo("Setting CSP default policy"); + ewk_context_tizen_extensible_api_set(m_ewkContext, + EWK_EXTENSIBLE_API_CSP, + true); +} + void EwkContextManager::unsetCallbacks() { if (!m_initialized) { diff --git a/src/api_new/ewk_context_manager.h b/src/api_new/ewk_context_manager.h old mode 100755 new mode 100644 index 327b3a2..9aaff1f --- a/src/api_new/ewk_context_manager.h +++ b/src/api_new/ewk_context_manager.h @@ -42,9 +42,11 @@ class EwkContextManager : public AbstractContextManager { bool initialize(); void destroy(); void setCallbacks(); - void setAutoFullscreenMode(); void unsetCallbacks(); + void setAutoFullscreenMode(); void setBackgroundSupport(); + void setCSPSupport(); + // ewk context callback functions static void messageFromInjectedBundleCallback( const char* name, diff --git a/src/api_new/user_delegates.h b/src/api_new/user_delegates.h index d9ffc3d..e81237a 100644 --- a/src/api_new/user_delegates.h +++ b/src/api_new/user_delegates.h @@ -24,6 +24,7 @@ #include #include #include +#include #include namespace WRT { @@ -33,9 +34,9 @@ typedef DPL::FastDelegate1 LoadStartCB; typedef DPL::FastDelegate1 LoadFinishCB; typedef DPL::FastDelegate0 WebCrashCB; typedef DPL::FastDelegate2 WindowCreateBeforeCB; -typedef DPL::FastDelegate2 WindowCreateAfterCB; +typedef DPL::FastDelegate2 WindowCreateAfterCB; typedef DPL::FastDelegate1 WindowCloseCB; +typedef DPL::FastDelegate2 NavigationDecideCB; typedef DPL::FastDelegate0 WebkitExitCB; typedef DPL::FastDelegate1 ResumeCB; typedef DPL::FastDelegate1 SuspendCB; @@ -53,6 +54,7 @@ struct UserDelegates { WindowCreateBeforeCB windowCreateBefore; WindowCreateAfterCB windowCreateAfter; WindowCloseCB windowClose; + NavigationDecideCB navigationDecide; WebkitExitCB webkitExit; ResumeCB resume; SuspendCB suspend; diff --git a/src/domain/widget_model.cpp b/src/domain/widget_model.cpp index 0bae26f..ca8963a 100644 --- a/src/domain/widget_model.cpp +++ b/src/domain/widget_model.cpp @@ -135,8 +135,10 @@ WidgetModel::WidgetModel(const std::string &tizenId) : SettingList(this), AppControlList(this), - AppControlIndex(this) - + AppControlIndex(this), + SecurityModelVersion(this, + &BindToWidgetDAO::Get) {} DPL::String WidgetModel::getTizenId() const diff --git a/src/domain/widget_model.h b/src/domain/widget_model.h index 536a1bc..d67cb29 100644 --- a/src/domain/widget_model.h +++ b/src/domain/widget_model.h @@ -233,6 +233,10 @@ class WidgetModel : public DPL::Event::Model DPL::Event::Property AppControlList; DPL::Event::Property AppControlIndex; + DPL::Event::Property SecurityModelVersion; + WidgetModel(const std::string &tizenId); private: diff --git a/src/view/webkit/bundles/CMakeLists.txt b/src/view/webkit/bundles/CMakeLists.txt old mode 100755 new mode 100644 index 94d105a..ef05e8e --- a/src/view/webkit/bundles/CMakeLists.txt +++ b/src/view/webkit/bundles/CMakeLists.txt @@ -29,6 +29,8 @@ PKG_CHECK_MODULES(BUNDLES_DEP vconf osp-appfw libprivilege-control + libiri + libpcrecpp REQUIRED ) diff --git a/src/view/webkit/bundles/bundle_uri_handling.cpp b/src/view/webkit/bundles/bundle_uri_handling.cpp index 7e4cce0..e2d0378 100644 --- a/src/view/webkit/bundles/bundle_uri_handling.cpp +++ b/src/view/webkit/bundles/bundle_uri_handling.cpp @@ -35,15 +35,21 @@ // WARP check #include #include +#include +// allow-navigation check +#include +#include // WKBundle API (i.e. message sending) #include #include #include + namespace { char const * const SCHEME_TYPE_FILE = "file"; char const * const SCHEME_TYPE_WIDGET = "widget"; char const * const SCHEME_TYPE_APP = "app"; +char const * const SCHEME_TYPE_HTTP = "http"; char const * const WARP_ERROR_MSG = "file:///usr/etc/wrt/warp_security_error.msg"; char const * const PARAM_URL = "param:url"; @@ -57,6 +63,31 @@ char const * const ACE_IGNORED_SCHEMA[] = { "file://", "widget://", "data:", 0 }; #endif +bool wildcardCompare(std::string wildcardString, std::string target) +{ + std::string re = wildcardString; + + // replace special character to meaning character + pcrecpp::RE("\\\\").GlobalReplace("\\\\\\\\", &re); + pcrecpp::RE("\\.").GlobalReplace("\\\\.", &re); + pcrecpp::RE("\\+").GlobalReplace("\\\\+", &re); + pcrecpp::RE("\\?").GlobalReplace("\\\\?", &re); + pcrecpp::RE("\\^").GlobalReplace("\\\\^", &re); + pcrecpp::RE("\\$").GlobalReplace("\\\\$", &re); + pcrecpp::RE("\\[").GlobalReplace("\\\\[", &re); + pcrecpp::RE("\\]").GlobalReplace("\\\\]", &re); + pcrecpp::RE("\\{").GlobalReplace("\\\\{", &re); + pcrecpp::RE("\\}").GlobalReplace("\\\\}", &re); + pcrecpp::RE("\\(").GlobalReplace("\\\\(", &re); + pcrecpp::RE("\\)").GlobalReplace("\\\\)", &re); + pcrecpp::RE("\\|").GlobalReplace("\\\\|", &re); + + // replace wildcard character to regex type + pcrecpp::RE("\\\*").GlobalReplace(".*", &re); + + return pcrecpp::RE(re).FullMatch(target); +} + bool checkWARP(const char *url, const DPL::String& tizenId) { // ignore WARP in test mode @@ -77,6 +108,39 @@ bool checkWARP(const char *url, const DPL::String& tizenId) DPL::FromUTF8String(std::string(url))); } +bool checkAllowNavigation(const char *url, const DPL::String& tizenId) +{ + if (url == NULL) { + return true; + } + + DPL::ScopedPtr iri(iri_parse(url)); + if (!iri->scheme || !iri->host || strlen(iri->host) == 0) { + return true; + } + std::string scheme = iri->scheme; + std::string host = iri->host; + + if (scheme.find(SCHEME_TYPE_HTTP) == std::string::npos) { + LogDebug("url doesn't need to check allow-navigation"); + return true; + } + + WrtDB::WidgetDAOReadOnly dao = WrtDB::WidgetDAOReadOnly(tizenId); + WrtDB::WidgetAllowNavigationInfoList list; + dao.getWidgetAllowNavigationInfo(list); + + FOREACH(it, list) { + if (wildcardCompare(DPL::ToUTF8String(it->scheme), scheme) && + wildcardCompare(DPL::ToUTF8String(it->host), host)) + { + return true; + } + } + LogDebug("deny"); + return false; +} + bool preventSymlink(const std::string & url) { if(0 != strncmp(url.c_str(), SCHEME_TYPE_FILE, strlen(SCHEME_TYPE_FILE))) @@ -151,22 +215,30 @@ bool checkACE(const char* url, bool xhr, const DPL::String& tizenId) return ACE_OK == ret && ACE_TRUE == result; } +} // namespace (anonymous) -bool filterURIBySecurity(DPL::OptionalString &op_uri, - bool is_xhr, - const DPL::String& tizenId) +namespace BundleURIHandling { +bool processURI(const DPL::String& inputURI, + const DPL::String& tizenId, + WrtDB::WidgetSecurityModelVersion version) { - if (!op_uri) { - return true; //accept empty uri + DPL::Optional optionalUri(inputURI); + if (optionalUri.IsNull()) { + LogDebug("uri is empty"); + return true; } - auto uri = DPL::ToUTF8String(*op_uri); - if (!checkWARP(uri.c_str(), tizenId)) { - LogWarning("Request was blocked by WARP: " << uri); - return false; + std::string uri = DPL::ToUTF8String(inputURI); + if (version == + WrtDB::WidgetSecurityModelVersion::WIDGET_SECURITY_MODEL_V1) + { + if (!checkWARP(uri.c_str(), tizenId)) { + LogWarning("Request was blocked by WARP: " << uri); + return false; + } } - if (!checkACE(uri.c_str(), is_xhr, tizenId)) { + if (!checkACE(uri.c_str(), true, tizenId)) { LogWarning("Request was blocked by ACE: " << uri); return false; } @@ -178,22 +250,45 @@ bool filterURIBySecurity(DPL::OptionalString &op_uri, return true; } -} // namespace (anonymous) -namespace BundleURIHandling { -bool processURI(const DPL::String& inputURI, - bool is_xhr, - const DPL::String& tizenId, - WKBundleRef /*bundle*/) +bool processMainResource(const DPL::String& inputURI, + const DPL::String& tizenId, + WrtDB::WidgetSecurityModelVersion version) { - DPL::Optional uri(inputURI); - if (uri.IsNull()) { + DPL::Optional optionalUri(inputURI); + if (optionalUri.IsNull()) { LogDebug("uri is empty"); return true; } - // check ACE, WARP - if (!filterURIBySecurity(uri, is_xhr, tizenId)) { + std::string uri = DPL::ToUTF8String(inputURI); + if (version == + WrtDB::WidgetSecurityModelVersion::WIDGET_SECURITY_MODEL_V1) + { + if (!checkWARP(uri.c_str(), tizenId)) { + LogWarning("Request was blocked by WARP: " << uri); + return false; + } + } else if (version == + WrtDB::WidgetSecurityModelVersion::WIDGET_SECURITY_MODEL_V2) + { +#ifdef ALLOW_NAVIGATION_ENABLED + if (!checkAllowNavigation(uri.c_str(), tizenId)) { + LogWarning("Request was blocked by WARP: " << uri); + return false; + } +#else + return false; +#endif + } + + if (!checkACE(uri.c_str(), true, tizenId)) { + LogWarning("Request was blocked by ACE: " << uri); + return false; + } + + if (!preventSymlink(uri)) { + LogWarning("Request for symlink is invalid: " << uri); return false; } diff --git a/src/view/webkit/bundles/bundle_uri_handling.h b/src/view/webkit/bundles/bundle_uri_handling.h index 78b74cd..a3fc916 100644 --- a/src/view/webkit/bundles/bundle_uri_handling.h +++ b/src/view/webkit/bundles/bundle_uri_handling.h @@ -23,14 +23,17 @@ #include #include +#include // WKBundleRef type #include namespace BundleURIHandling { bool processURI(const DPL::String& inputURI, - bool is_xhr, const DPL::String& tizenId, - WKBundleRef bundle); + WrtDB::WidgetSecurityModelVersion m_securityModelVersion); +bool processMainResource(const DPL::String& inputURI, + const DPL::String& tizenId, + WrtDB::WidgetSecurityModelVersion m_securityModelVersion); DPL::OptionalString localizeURI(const DPL::String& inputURI, const DPL::String& tizenId); } diff --git a/src/view/webkit/bundles/wrt-wk2-bundle.cpp b/src/view/webkit/bundles/wrt-wk2-bundle.cpp index 25d3595..9c57018 100644 --- a/src/view/webkit/bundles/wrt-wk2-bundle.cpp +++ b/src/view/webkit/bundles/wrt-wk2-bundle.cpp @@ -52,6 +52,7 @@ #include #include #include +#include #include #include #include @@ -96,6 +97,7 @@ const char * const SCHEME_HTTP = "http"; const char * const SCHEME_HTTPS = "https"; const char * const SCHEME_FILE = "file"; const char * const SCHEME_FILE_SLASH = "file://"; +const char * const SCHEME_BOX_SLASH = "box://"; const char * const DATA_STRING = "data:"; const char * const BASE64_STRING = ";base64,"; const char * const BLANK_PAGE_URL = "about:blank"; @@ -158,6 +160,8 @@ Bundle::Bundle(WKBundleRef bundle) : m_willRemoveContext(NULL), m_encrypted(false), m_widgetType(WrtDB::APP_TYPE_UNKNOWN), + m_securityModelVersion( + WrtDB::WidgetSecurityModelVersion::WIDGET_SECURITY_MODEL_V1), m_initialized(false) { LOG_PROFILE_START("Bundle attachToThread"); @@ -274,12 +278,12 @@ void Bundle::didCreatePage(WKBundlePageRef page) WKBundlePagePolicyClient policyClient = { - kWKBundlePagePolicyClientCurrentVersion, /* version */ - this, /* clientInfo */ - pageDecidePolicyForNavigationActionCallback, /**/ - 0, /* decidePolicyForNewWindowAction */ - pageDecidePolicyForResponseCallback, /* decidePolicyForResponse */ - 0, /* unableToImplementPolicy */ + kWKBundlePagePolicyClientCurrentVersion, /* version */ + this, /* clientInfo */ + decidePolicyForNavigationActionCallback, /* decidePolicyForNavigationAction */ + decidePolicyForNewWindowActionCallback, /* decidePolicyForNavigationAction */ + decidePolicyForResponseCallback, /* decidePolicyForResponse */ + 0, /* unableToImplementPolicy */ }; WKBundlePageSetPolicyClient(page, &policyClient); } @@ -511,10 +515,6 @@ void Bundle::didReceiveMessage(WKStringRef messageName, WKTypeRef messageBody) set_app_privilege(tzPkgId.c_str(), PRIVILEGE_APP_TYPE, appPath.c_str()); } -#ifdef CORS_WHITELISTING_ENABLED - bypassCORSforWARPAccessList(dao); -#endif - /* This type of message is received when widget is restarting * (proably in other situation too). Widget restart can be * called after system language change so language tags have to @@ -543,6 +543,10 @@ void Bundle::didReceiveMessage(WKStringRef messageName, WKTypeRef messageBody) PluginModule::init(WrtDB::WidgetDAOReadOnly::getHandle(m_widgetTizenId)); LogDebug("Preload PluginLogicSingleton_end"); + m_securityModelVersion = dao.getSecurityModelVersion(); +#ifdef CORS_WHITELISTING_ENABLED + bypassCORSforWARPAccessList(dao); +#endif m_initialized = true; } else @@ -733,26 +737,46 @@ void Bundle::didCommitLoadForFrameCallback( LOG_PROFILE_STOP("didCommitLoadForFrameCallback"); } -WKBundlePagePolicyAction Bundle::pageDecidePolicyForNavigationActionCallback( +WKBundlePagePolicyAction Bundle::decidePolicyForNavigationActionCallback( WKBundlePageRef page, WKBundleFrameRef frame, WKBundleNavigationActionRef navigationAction, WKURLRequestRef request, - WKTypeRef* userData, - const void* clientInfo) + WKTypeRef* userData, + const void* clientInfo) { - LogDebug("pageDecidePolicyForNavigationActionCallback called"); + LogDebug("decidePolicyForNavigationActionCallback called"); Bundle* This = static_cast(const_cast(clientInfo)); + return This->decidePolicyForAction(false, + page, + frame, + navigationAction, + request, + userData); +} + +WKBundlePagePolicyAction Bundle::decidePolicyForNewWindowActionCallback( + WKBundlePageRef page, + WKBundleFrameRef frame, + WKBundleNavigationActionRef navigationAction, + WKURLRequestRef request, + WKStringRef /*frameName*/, + WKTypeRef* userData, + const void* clientInfo) +{ + LogDebug("decidePolicyForNewWindowActionCallback called"); - return This->pageDecidePolicyForNavigationAction(page, - frame, - navigationAction, - request, - userData); + Bundle* This = static_cast(const_cast(clientInfo)); + return This->decidePolicyForAction(true, + page, + frame, + navigationAction, + request, + userData); } -WKBundlePagePolicyAction Bundle::pageDecidePolicyForResponseCallback( +WKBundlePagePolicyAction Bundle::decidePolicyForResponseCallback( WKBundlePageRef /* page */, WKBundleFrameRef /* frame */, WKURLResponseRef response, @@ -760,7 +784,7 @@ WKBundlePagePolicyAction Bundle::pageDecidePolicyForResponseCallback( WKTypeRef* /* userData */, const void* /* clientInfo */) { - LogDebug("pageDecidePolicyForResponseCallback called"); + LogDebug("decidePolicyForResponseCallback called"); Assert(response); WKStringRef contentTypeRef = WKURLResponseEflCopyContentType(response); @@ -787,17 +811,15 @@ WKURLRequestRef Bundle::willSendRequestForFrame(WKURLRequestRef request) WKURLRef url = WKURLRequestCopyURL(request); WKStringRef urlStr = WKURLCopyString(url); - bool is_xhr = true; // Webkit should inform if it's XHR DPL::String dplurl = DPL::FromUTF8String(toString(urlStr)); WKRelease(urlStr); DPL::Optional localizedUrl = BundleURIHandling::localizeURI(dplurl, m_widgetTizenId); - bool ret = BundleURIHandling::processURI( - *localizedUrl, - is_xhr, - m_widgetTizenId, - m_bundle); + bool ret = + BundleURIHandling::processURI(*localizedUrl, + m_widgetTizenId, + m_securityModelVersion); if (!ret) { LogDebug("Not permitted resource: " << *localizedUrl); @@ -869,12 +891,13 @@ WKURLRequestRef Bundle::willSendRequestForFrame(WKURLRequestRef request) } } -WKBundlePagePolicyAction Bundle::pageDecidePolicyForNavigationAction( +WKBundlePagePolicyAction Bundle::decidePolicyForAction( + bool isNewWindow, WKBundlePageRef /* page */, WKBundleFrameRef frame, WKBundleNavigationActionRef /* navigationAction */, WKURLRequestRef request, - WKTypeRef* /* userData */) + WKTypeRef* /* userData */) { using namespace ViewModule; using namespace ViewModule::SchemeActionMap; @@ -890,14 +913,18 @@ WKBundlePagePolicyAction Bundle::pageDecidePolicyForNavigationAction( return WKBundlePagePolicyActionUse; } - // WARP & ACE Check + // in case of box scheme, unconditionally PassThrough should be returned + if (!request_uri.compare(0, 6, SCHEME_BOX_SLASH)) { + return WKBundlePagePolicyActionPassThrough; + } + DPL::String dplUrl = DPL::FromUTF8String(request_uri); - DPL::Optional localizedUrl = - BundleURIHandling::localizeURI(dplUrl, m_widgetTizenId); - bool ret = BundleURIHandling::processURI( - *localizedUrl, true, m_widgetTizenId, m_bundle); + bool ret = + BundleURIHandling::processMainResource(dplUrl, + m_widgetTizenId, + m_securityModelVersion); if (!ret) { - std::string blockedUrl = DPL::ToUTF8String(*localizedUrl); + std::string blockedUrl = DPL::ToUTF8String(dplUrl); LogDebug("URI is blocked: " << blockedUrl); // Send information about blocked URI to UIProcess @@ -931,6 +958,9 @@ WKBundlePagePolicyAction Bundle::pageDecidePolicyForNavigationAction( bool mainFrame = WKBundleFrameIsMainFrame(frame); NavigationContext ctx = mainFrame ? TOP_LEVEL : FRAME_LEVEL; + if (isNewWindow) { + ctx = NEW_WINDOW; + } LogDebug("Scheme type: " << type); LogDebug("Navigation context: " << ctx); @@ -938,9 +968,7 @@ WKBundlePagePolicyAction Bundle::pageDecidePolicyForNavigationAction( UriAction action; - if (m_widgetType == WrtDB::APP_TYPE_WAC20) { - action = g_wacActionMap[type][ctx]; - } else if (m_widgetType == WrtDB::APP_TYPE_TIZENWEBAPP) { + if (m_widgetType == WrtDB::APP_TYPE_TIZENWEBAPP) { action = g_tizenActionMap[type][ctx]; } else { LogError("Unsupported application type: " << type); diff --git a/src/view/webkit/bundles/wrt-wk2-bundle.h b/src/view/webkit/bundles/wrt-wk2-bundle.h index fa83a4f..a4a3da0 100644 --- a/src/view/webkit/bundles/wrt-wk2-bundle.h +++ b/src/view/webkit/bundles/wrt-wk2-bundle.h @@ -30,6 +30,7 @@ #include #include #include +#include #include "page_global_context_container.h" extern "C" { @@ -79,7 +80,8 @@ class Bundle bool m_encrypted; WrtDB::EncryptedFileList m_encryptedFiles; WrtDB::WidgetType m_widgetType; - bool m_initialized; + WrtDB::WidgetSecurityModelVersion m_securityModelVersion; + bool m_initialized; // WKBundlePageResourceLoadClient callback static WKURLRequestRef willSendRequestForFrameCallback( @@ -117,7 +119,7 @@ class Bundle const void *clientInfo); // WKBundlePageDecidePolicyForNavigationActionCallback - static WKBundlePagePolicyAction pageDecidePolicyForNavigationActionCallback( + static WKBundlePagePolicyAction decidePolicyForNavigationActionCallback( WKBundlePageRef page, WKBundleFrameRef frame, WKBundleNavigationActionRef navigationAction, @@ -125,8 +127,18 @@ class Bundle WKTypeRef* userData, const void* clientInfo); + // WKBundlePageDecidePolicyForNewWindowActionCallback + static WKBundlePagePolicyAction decidePolicyForNewWindowActionCallback( + WKBundlePageRef page, + WKBundleFrameRef frame, + WKBundleNavigationActionRef navigationAction, + WKURLRequestRef request, + WKStringRef frameName, + WKTypeRef* userData, + const void* clientInfo); + // WKBundlePageDecidePolicyForResponseCallback - static WKBundlePagePolicyAction pageDecidePolicyForResponseCallback( + static WKBundlePagePolicyAction decidePolicyForResponseCallback( WKBundlePageRef page, WKBundleFrameRef frame, WKURLResponseRef response, @@ -143,12 +155,13 @@ class Bundle // WKBundlePageResourceLoadClient WKURLRequestRef willSendRequestForFrame(WKURLRequestRef request); - WKBundlePagePolicyAction pageDecidePolicyForNavigationAction( + WKBundlePagePolicyAction decidePolicyForAction( + bool isNewWindow, WKBundlePageRef page, WKBundleFrameRef frame, WKBundleNavigationActionRef navigationAction, WKURLRequestRef request, - WKTypeRef* userData); + WKTypeRef* userData); // basic static std::string toString(WKStringRef str); diff --git a/src/view/webkit/view_logic.cpp b/src/view/webkit/view_logic.cpp index 96d7569..aedcd73 100644 --- a/src/view/webkit/view_logic.cpp +++ b/src/view/webkit/view_logic.cpp @@ -110,6 +110,14 @@ const int W3C_ORIENTATION_PORTRAIT_PRIMARY_ANGLE = 0; const int W3C_ORIENTATION_PORTRAIT_SECONDARY_ANGLE = 180; const int W3C_ORIENTATION_LANDSCAPE_PRIMARY_ANGLE = 90; const int W3C_ORIENTATION_LANDSCAPE_SECONDARY_ANGLE = -90; + +const char* const DEFAULT_ENCODING = "UTF-8"; +#ifdef CSP_ENABLED +const char* const DEFAULT_CSP_POLICY = + "default-src '*'; script-src 'self'; style-src 'self'; object-src 'none';"; +#endif +// SCHEME +const char * const SCHEME_BOX_SLASH = "box://"; } // anonymous namespace std::mapCspReportOnlyPolicy.Get(); - - if (!(policy.IsNull())) - { - LogDebug("CSP report only policy present in manifest: " << *policy); - ewk_view_content_security_policy_set( - wkView, DPL::ToUTF8String(*policy).c_str(), EWK_REPORT_ONLY); - } else { - LogDebug("Config CSP report only policy is not present"); - } - - policy = m_model->CspPolicy.Get(); - - if (!(policy.IsNull())) - { - LogDebug("CSP policy present in manifest: " << *policy); - ewk_view_content_security_policy_set( - wkView, DPL::ToUTF8String(*policy).c_str(), EWK_ENFORCE_POLICY); - } else { - LogDebug("Config CSP policy is not present"); - } - - - LogInfo("CSP set."); -#endif - Ewk_Settings* settings = ewk_view_settings_get(wkView); // set user agent @@ -717,15 +686,6 @@ void ViewLogic::prepareEwkView(Evas_Object *wkView) // webkit NPAPI plugins is always on in wrt ewk_settings_plugins_enabled_set(settings, EINA_TRUE); - - // The followings are not implemeted yet by webkit2 - // ewk_view_setting_accelerated_compositing_enable_set(EINA_TRUE); - // ewk_view_mode_set(); - // ewk_view_setting_enable_specified_plugin_set(EINA_TRUE, - // FLASH_MIME_TYPE); - // ewk_view_setting_html5video_external_player_enable_set(EINA_FALSE); - // ewk_view_show_ime_on_autofocus_set(EINA_TRUE); - // elm_webview_show_magnifier_set(EINA_FALSE); ewk_settings_javascript_enabled_set(settings, EINA_TRUE); ewk_settings_loads_images_automatically_set(settings, EINA_TRUE); // WRT should not fit web contents to device width automatically as default. @@ -734,34 +694,53 @@ void ViewLogic::prepareEwkView(Evas_Object *wkView) ewk_settings_autofill_password_form_enabled_set(settings, EINA_TRUE); ewk_settings_form_candidate_data_enabled_set(settings, EINA_TRUE); - // disable zoom option when user click the input field - // this option is useful with the normal website - // for the make user friendly, disable auto zoom in the webapp - // The followings are not implemeted yet by webkit2 - // elm_webview_input_field_zoom_set(EINA_FALSE); - - // set cookie database path - // The followings are not implemeted yet by webkit2 - // ewk_cookies_file_set(dao.getCookieDatabasePath().c_str())); - - // set visibility to WebCore. This value will be used for html5. - // also, this value will be changed in the suspend, resume - // or create window, close window. ewk_view_page_visibility_state_set(wkView, EWK_PAGE_VISIBILITY_STATE_VISIBLE, EINA_TRUE); - std::string encoding="UTF-8"; - OptionalWidgetStartFileInfo fileInfo = W3CFileLocalization::getStartFileInfo(m_model->TizenId); - if(!fileInfo.IsNull()){ - encoding=DPL::ToUTF8String((*fileInfo).encoding); + std::string encoding = DEFAULT_ENCODING; + OptionalWidgetStartFileInfo fileInfo = + W3CFileLocalization::getStartFileInfo(m_model->TizenId); + if (!fileInfo.IsNull()) { + encoding = DPL::ToUTF8String((*fileInfo).encoding); LogInfo("Found custom encoding in DB: " << encoding); } LogInfo("Setting encoding: " << encoding); - if(ewk_settings_default_encoding_set(settings,encoding.c_str())) + if (ewk_settings_default_encoding_set(settings,encoding.c_str())) { LogInfo("Encoding set properly"); - else - LogInfo("Error while setting encoding"); + } else { + LogError("Error while setting encoding"); + } + +#ifdef CSP_ENABLED + if (m_model->SecurityModelVersion.Get() == + WrtDB::WidgetSecurityModelVersion::WIDGET_SECURITY_MODEL_V2) + { + // setting CSP policy rules + DPL::OptionalString policy = m_model->CspReportOnlyPolicy.Get(); + if (!policy.IsNull()) { + LogDebug("CSP report only policy present in manifest: " << *policy); + ewk_view_content_security_policy_set( + wkView, + DPL::ToUTF8String(*policy).c_str(), + EWK_REPORT_ONLY); + } + + policy = m_model->CspPolicy.Get(); + if (!policy.IsNull()) { + LogDebug("CSP policy present in manifest: " << *policy); + ewk_view_content_security_policy_set( + wkView, + DPL::ToUTF8String(*policy).c_str(), + EWK_ENFORCE_POLICY); + } else { + ewk_view_content_security_policy_set( + wkView, + DEFAULT_CSP_POLICY, + EWK_ENFORCE_POLICY); + } + } +#endif } void ViewLogic::removeEwkView(Evas_Object *wkView) @@ -1057,7 +1036,7 @@ void ViewLogic::closeWindowCallback( void ViewLogic::policyNavigationDecideCallback( void* data, - Evas_Object* /*obj*/, + Evas_Object* obj, void* eventInfo) { LogDebug("policyNavigationDecideCallback called"); @@ -1069,6 +1048,17 @@ void ViewLogic::policyNavigationDecideCallback( // handle blocked url const char* url = ewk_policy_decision_url_get(policyDecision); + + // call user delegate callback + if (!This->m_cbs->navigationDecide.empty()) { + std::string navigationUri(url); + This->m_cbs->navigationDecide(obj, navigationUri); + if (!navigationUri.compare(0, 6, SCHEME_BOX_SLASH)) { + ewk_policy_decision_ignore(policyDecision); + return; + } + } + if (url && strlen(url) != 0) { if (This->m_blockedUri == url) { LogDebug("Blocked url = " << url); @@ -1130,6 +1120,17 @@ void ViewLogic::policyNewWindowDecideCallback( Ewk_Policy_Decision* policyDecision = static_cast(eventInfo); + // handle blocked url + const char* url = ewk_policy_decision_url_get(policyDecision); + if (url && strlen(url) != 0) { + if (This->m_blockedUri == url) { + LogDebug("Blocked url = " << url); + This->m_blockedUri = std::string(); + ewk_policy_decision_ignore(policyDecision); + return; + } + } + if (This->m_schemeSupport->filterURIByScheme(policyDecision, true, This->m_model, diff --git a/tests/widgets/common/src/InstallerWrapper.cpp b/tests/widgets/common/src/InstallerWrapper.cpp index f2b8e55..7f51931 100644 --- a/tests/widgets/common/src/InstallerWrapper.cpp +++ b/tests/widgets/common/src/InstallerWrapper.cpp @@ -25,7 +25,7 @@ namespace const std::string params = "DPL_USE_OLD_STYLE_LOGS=0 " "DPL_USE_OLD_STYLE_PEDANTIC_LOGS=0 WRT_TEST_MODE=1 "; -const std::string installCmd = params + "wrt-installer -if "; +const std::string installCmd = params + "wrt-installer -i "; const std::string uninstallCmd = params + "wrt-installer -un "; const std::string uninstallByGuidCmd = params + "wrt-installer -ug \""; const std::string redirection = " 2>&1"; -- 2.7.4