WorkerThreadStartupData::WorkerThreadStartupData(const KURL& scriptURL, const String& userAgent, const String& sourceCode, WorkerThreadStartMode startMode)
: m_scriptURL(scriptURL.copy())
, m_userAgent(userAgent.isolatedCopy())
, m_sourceCode(sourceCode.isolatedCopy())
, m_startMode(startMode)
{
}
SharedWorkerProxy::SharedWorkerProxy(const String& name, const KURL& url, PassRefPtr<SecurityOrigin> origin)
: m_closing(false)
, m_name(name.crossThreadString())
, m_url(url.copy())
, m_origin(origin)
{
// We should be the sole owner of the SecurityOrigin, as we will free it on another thread.
ASSERT(m_origin->hasOneRef());
}
WorkerThreadStartupData::WorkerThreadStartupData(const KURL& scriptURL, const String& userAgent, const String& sourceCode)
#endif
: m_scriptURL(scriptURL.copy())
#if OS(OLYMPIA)
, m_groupName(groupName.crossThreadString())
#endif
, m_userAgent(userAgent.crossThreadString())
, m_sourceCode(sourceCode.crossThreadString())
{
}
WorkerThreadStartupData::WorkerThreadStartupData(const KURL& scriptURL, const String& userAgent, const String& sourceCode, WorkerThreadStartMode startMode, const String& contentSecurityPolicy, ContentSecurityPolicyHeaderType contentSecurityPolicyType, PassOwnPtrWillBeRawPtr<WorkerClients> workerClients)
: m_scriptURL(scriptURL.copy())
, m_userAgent(userAgent.isolatedCopy())
, m_sourceCode(sourceCode.isolatedCopy())
, m_startMode(startMode)
, m_contentSecurityPolicy(contentSecurityPolicy.isolatedCopy())
, m_contentSecurityPolicyType(contentSecurityPolicyType)
, m_workerClients(workerClients)
{
}
WorkerThreadStartupData::WorkerThreadStartupData(const KURL& scriptURL, const String& userAgent, const GroupSettings* settings, const String& sourceCode, WorkerThreadStartMode startMode, const String& contentSecurityPolicy, ContentSecurityPolicy::HeaderType contentSecurityPolicyType, const SecurityOrigin* topOrigin)
: m_scriptURL(scriptURL.copy())
, m_userAgent(userAgent.isolatedCopy())
, m_sourceCode(sourceCode.isolatedCopy())
, m_startMode(startMode)
, m_contentSecurityPolicy(contentSecurityPolicy.isolatedCopy())
, m_contentSecurityPolicyType(contentSecurityPolicyType)
, m_topOrigin(topOrigin ? topOrigin->isolatedCopy() : 0)
{
if (!settings)
return;
m_groupSettings = GroupSettings::create();
m_groupSettings->setLocalStorageQuotaBytes(settings->localStorageQuotaBytes());
m_groupSettings->setIndexedDBQuotaBytes(settings->indexedDBQuotaBytes());
m_groupSettings->setIndexedDBDatabasePath(settings->indexedDBDatabasePath().isolatedCopy());
}
// Creates a new SharedWorkerProxy or returns an existing one from the repository. Must only be called while the repository mutex is held.
PassRefPtr<SharedWorkerProxy> DefaultSharedWorkerRepository::getProxy(const String& name, const KURL& url)
{
// Look for an existing worker, and create one if it doesn't exist.
// Items in the cache are freed on another thread, so copy the URL before creating the origin, to make sure no references to external strings linger.
RefPtr<SecurityOrigin> origin = SecurityOrigin::create(url.copy());
SharedWorkerNameMap* nameMap = m_cache.get(origin);
if (!nameMap) {
nameMap = new SharedWorkerNameMap();
m_cache.set(origin, nameMap);
}
RefPtr<SharedWorkerProxy> proxy = nameMap->get(name);
if (!proxy.get()) {
proxy = SharedWorkerProxy::create(name, url);
nameMap->set(proxy->name(), proxy);
}
return proxy;
}
WorkerThreadStartupData::WorkerThreadStartupData(
const KURL& scriptURL,
const String& userAgent,
const String& sourceCode,
std::unique_ptr<Vector<char>> cachedMetaData,
WorkerThreadStartMode startMode,
const Vector<CSPHeaderAndType>* contentSecurityPolicyHeaders,
const String& referrerPolicy,
const SecurityOrigin* starterOrigin,
WorkerClients* workerClients,
WebAddressSpace addressSpace,
const Vector<String>* originTrialTokens,
std::unique_ptr<WorkerSettings> workerSettings,
V8CacheOptions v8CacheOptions)
: m_scriptURL(scriptURL.copy()),
m_userAgent(userAgent.isolatedCopy()),
m_sourceCode(sourceCode.isolatedCopy()),
m_cachedMetaData(std::move(cachedMetaData)),
m_startMode(startMode),
m_referrerPolicy(referrerPolicy.isolatedCopy()),
m_starterOriginPrivilegeData(
starterOrigin ? starterOrigin->createPrivilegeData() : nullptr),
m_workerClients(workerClients),
m_addressSpace(addressSpace),
m_workerSettings(std::move(workerSettings)),
m_v8CacheOptions(v8CacheOptions) {
m_contentSecurityPolicyHeaders = WTF::makeUnique<Vector<CSPHeaderAndType>>();
if (contentSecurityPolicyHeaders) {
for (const auto& header : *contentSecurityPolicyHeaders) {
CSPHeaderAndType copiedHeader(header.first.isolatedCopy(), header.second);
m_contentSecurityPolicyHeaders->append(copiedHeader);
}
}
m_originTrialTokens = std::unique_ptr<Vector<String>>(new Vector<String>());
if (originTrialTokens) {
for (const String& token : *originTrialTokens)
m_originTrialTokens->append(token.isolatedCopy());
}
}
WorkerThreadStartupData::WorkerThreadStartupData(const KURL& scriptURL, const String& userAgent, const String& sourceCode)
: m_scriptURL(scriptURL.copy())
, m_userAgent(userAgent.crossThreadString())
, m_sourceCode(sourceCode.crossThreadString())
{
}
CrossThreadCopier<KURL>::Type CrossThreadCopier<KURL>::copy(const KURL& url) {
return url.copy();
}
void WebSocketHandshake::setURL(const KURL& url)
{
m_url = url.copy();
}
BlobRegistryContext(const KURL& url)
: url(url.copy())
{
}
BlobRegistryContext(const KURL& url, PassRefPtr<RawData> streamData)
: url(url.copy())
, streamData(streamData)
{
}
BlobRegistryContext(const KURL& url, const KURL& srcURL)
: url(url.copy())
, srcURL(srcURL.copy())
{
}
BlobRegistryContext(const KURL& url, const String& type)
: url(url.copy())
, type(type.isolatedCopy())
{
}
BlobRegistryContext(const KURL& url, PassOwnPtr<BlobData> blobData)
: url(url.copy())
, blobData(blobData)
{
this->blobData->detachFromCurrentThread();
}
CrossThreadCopierBase<false, false, KURL>::Type CrossThreadCopierBase<false, false, KURL>::copy(const KURL& url)
{
return url.copy();
}
void XSSAuditor::init(Document* document, XSSAuditorDelegate* auditorDelegate)
{
ASSERT(isMainThread());
if (m_state != Uninitialized)
return;
m_state = FilteringTokens;
if (Settings* settings = document->settings())
m_isEnabled = settings->xssAuditorEnabled();
if (!m_isEnabled)
return;
m_documentURL = document->url().copy();
// In theory, the Document could have detached from the Frame after the
// XSSAuditor was constructed.
if (!document->frame()) {
m_isEnabled = false;
return;
}
if (m_documentURL.isEmpty()) {
// The URL can be empty when opening a new browser window or calling window.open("").
m_isEnabled = false;
return;
}
if (m_documentURL.protocolIsData()) {
m_isEnabled = false;
return;
}
if (document->encoding().isValid())
m_encoding = document->encoding();
if (DocumentLoader* documentLoader = document->frame()->loader().documentLoader()) {
DEFINE_STATIC_LOCAL(const AtomicString, XSSProtectionHeader, ("X-XSS-Protection", AtomicString::ConstructFromLiteral));
const AtomicString& headerValue = documentLoader->response().httpHeaderField(XSSProtectionHeader);
String errorDetails;
unsigned errorPosition = 0;
String reportURL;
KURL xssProtectionReportURL;
// Process the X-XSS-Protection header, then mix in the CSP header's value.
ReflectedXSSDisposition xssProtectionHeader = parseXSSProtectionHeader(headerValue, errorDetails, errorPosition, reportURL);
m_didSendValidXSSProtectionHeader = xssProtectionHeader != ReflectedXSSUnset && xssProtectionHeader != ReflectedXSSInvalid;
if ((xssProtectionHeader == FilterReflectedXSS || xssProtectionHeader == BlockReflectedXSS) && !reportURL.isEmpty()) {
xssProtectionReportURL = document->completeURL(reportURL);
if (MixedContentChecker::isMixedContent(document->securityOrigin(), xssProtectionReportURL)) {
errorDetails = "insecure reporting URL for secure page";
xssProtectionHeader = ReflectedXSSInvalid;
xssProtectionReportURL = KURL();
}
}
if (xssProtectionHeader == ReflectedXSSInvalid)
document->addConsoleMessage(SecurityMessageSource, ErrorMessageLevel, "Error parsing header X-XSS-Protection: " + headerValue + ": " + errorDetails + " at character position " + String::format("%u", errorPosition) + ". The default protections will be applied.");
ReflectedXSSDisposition cspHeader = document->contentSecurityPolicy()->reflectedXSSDisposition();
m_didSendValidCSPHeader = cspHeader != ReflectedXSSUnset && cspHeader != ReflectedXSSInvalid;
m_xssProtection = combineXSSProtectionHeaderAndCSP(xssProtectionHeader, cspHeader);
// FIXME: Combine the two report URLs in some reasonable way.
if (auditorDelegate)
auditorDelegate->setReportURL(xssProtectionReportURL.copy());
FormData* httpBody = documentLoader->request().httpBody();
if (httpBody && !httpBody->isEmpty())
m_httpBodyAsString = httpBody->flattenToString();
}
void XSSAuditor::init(Document* document, XSSAuditorDelegate* auditorDelegate)
{
const size_t miniumLengthForSuffixTree = 512; // FIXME: Tune this parameter.
const int suffixTreeDepth = 5;
ASSERT(isMainThread());
if (m_state == Initialized)
return;
ASSERT(m_state == Uninitialized);
m_state = Initialized;
if (Frame* frame = document->frame())
if (Settings* settings = frame->settings())
m_isEnabled = settings->xssAuditorEnabled();
if (!m_isEnabled)
return;
m_documentURL = document->url().copy();
// In theory, the Document could have detached from the Frame after the
// XSSAuditor was constructed.
if (!document->frame()) {
m_isEnabled = false;
return;
}
if (m_documentURL.isEmpty()) {
// The URL can be empty when opening a new browser window or calling window.open("").
m_isEnabled = false;
return;
}
if (m_documentURL.protocolIsData()) {
m_isEnabled = false;
return;
}
if (document->decoder())
m_encoding = document->decoder()->encoding();
m_decodedURL = fullyDecodeString(m_documentURL.string(), m_encoding);
if (m_decodedURL.find(isRequiredForInjection) == notFound)
m_decodedURL = String();
String httpBodyAsString;
if (DocumentLoader* documentLoader = document->frame()->loader()->documentLoader()) {
DEFINE_STATIC_LOCAL(String, XSSProtectionHeader, (ASCIILiteral("X-XSS-Protection")));
String headerValue = documentLoader->response().httpHeaderField(XSSProtectionHeader);
String errorDetails;
unsigned errorPosition = 0;
String reportURL;
KURL xssProtectionReportURL;
// Process the X-XSS-Protection header, then mix in the CSP header's value.
ContentSecurityPolicy::ReflectedXSSDisposition xssProtectionHeader = parseXSSProtectionHeader(headerValue, errorDetails, errorPosition, reportURL);
m_didSendValidXSSProtectionHeader = xssProtectionHeader != ContentSecurityPolicy::ReflectedXSSUnset && xssProtectionHeader != ContentSecurityPolicy::ReflectedXSSInvalid;
if ((xssProtectionHeader == ContentSecurityPolicy::FilterReflectedXSS || xssProtectionHeader == ContentSecurityPolicy::BlockReflectedXSS) && !reportURL.isEmpty()) {
xssProtectionReportURL = document->completeURL(reportURL);
if (MixedContentChecker::isMixedContent(document->securityOrigin(), xssProtectionReportURL)) {
errorDetails = "insecure reporting URL for secure page";
xssProtectionHeader = ContentSecurityPolicy::ReflectedXSSInvalid;
xssProtectionReportURL = KURL();
}
}
if (xssProtectionHeader == ContentSecurityPolicy::ReflectedXSSInvalid)
document->addConsoleMessage(SecurityMessageSource, ErrorMessageLevel, "Error parsing header X-XSS-Protection: " + headerValue + ": " + errorDetails + " at character position " + String::format("%u", errorPosition) + ". The default protections will be applied.");
ContentSecurityPolicy::ReflectedXSSDisposition cspHeader = document->contentSecurityPolicy()->reflectedXSSDisposition();
m_didSendValidCSPHeader = cspHeader != ContentSecurityPolicy::ReflectedXSSUnset && cspHeader != ContentSecurityPolicy::ReflectedXSSInvalid;
m_xssProtection = combineXSSProtectionHeaderAndCSP(xssProtectionHeader, cspHeader);
// FIXME: Combine the two report URLs in some reasonable way.
if (auditorDelegate)
auditorDelegate->setReportURL(xssProtectionReportURL.copy());
FormData* httpBody = documentLoader->originalRequest().httpBody();
if (httpBody && !httpBody->isEmpty()) {
httpBodyAsString = httpBody->flattenToString();
if (!httpBodyAsString.isEmpty()) {
m_decodedHTTPBody = fullyDecodeString(httpBodyAsString, m_encoding);
if (m_decodedHTTPBody.find(isRequiredForInjection) == notFound)
m_decodedHTTPBody = String();
if (m_decodedHTTPBody.length() >= miniumLengthForSuffixTree)
m_decodedHTTPBodySuffixTree = adoptPtr(new SuffixTree<ASCIICodebook>(m_decodedHTTPBody, suffixTreeDepth));
}
}
}
if (m_decodedURL.isEmpty() && m_decodedHTTPBody.isEmpty()) {
m_isEnabled = false;
return;
}
}
bool WorkerThreadableWebSocketChannel::Bridge::connect(const KURL& url, const String& protocol)
{
if (hasTerminatedPeer())
return false;
RefPtr<Bridge> protect(this);
if (!waitForMethodCompletion(CallClosureTask::create(bind(&Peer::connect, m_peer, url.copy(), protocol.isolatedCopy()))))
return false;
return m_syncHelper->connectRequestResult();
}
SharedWorkerProxy::SharedWorkerProxy(const String& name, const KURL& url)
: m_closing(false)
, m_name(name.copy())
, m_url(url.copy())
{
}
void PreflightResultCache::appendEntry(const String& origin, const KURL& url, PreflightResultCacheItem* preflightResult)
{
MutexLocker lock(m_mutex);
// Note that the entry may already be present in the HashMap if another thread is accessing the same location.
m_preflightHashMap.set(std::make_pair(origin.copy(), url.copy()), preflightResult);
}
