static void testWebContextSecurityPolicy(SecurityPolicyTest* test, gconstpointer)
{
// VerifyThatSchemeMatchesPolicy default policy for well known schemes.
test->verifyThatSchemeMatchesPolicy("http", SecurityPolicyTest::CORSEnabled);
test->verifyThatSchemeMatchesPolicy("https", SecurityPolicyTest::CORSEnabled | SecurityPolicyTest::Secure);
test->verifyThatSchemeMatchesPolicy("file", SecurityPolicyTest::Local);
test->verifyThatSchemeMatchesPolicy("data", SecurityPolicyTest::NoAccess | SecurityPolicyTest::Secure);
test->verifyThatSchemeMatchesPolicy("about", SecurityPolicyTest::NoAccess | SecurityPolicyTest::Secure | SecurityPolicyTest::EmptyDocument);
// Custom scheme.
test->verifyThatSchemeMatchesPolicy("foo", 0);
webkit_security_manager_register_uri_scheme_as_local(test->m_manager, "foo");
test->verifyThatSchemeMatchesPolicy("foo", SecurityPolicyTest::Local);
webkit_security_manager_register_uri_scheme_as_no_access(test->m_manager, "foo");
test->verifyThatSchemeMatchesPolicy("foo", SecurityPolicyTest::Local | SecurityPolicyTest::NoAccess);
webkit_security_manager_register_uri_scheme_as_display_isolated(test->m_manager, "foo");
test->verifyThatSchemeMatchesPolicy("foo", SecurityPolicyTest::Local | SecurityPolicyTest::NoAccess | SecurityPolicyTest::DisplayIsolated);
webkit_security_manager_register_uri_scheme_as_secure(test->m_manager, "foo");
test->verifyThatSchemeMatchesPolicy("foo", SecurityPolicyTest::Local | SecurityPolicyTest::NoAccess | SecurityPolicyTest::DisplayIsolated | SecurityPolicyTest::Secure);
webkit_security_manager_register_uri_scheme_as_cors_enabled(test->m_manager, "foo");
test->verifyThatSchemeMatchesPolicy("foo", SecurityPolicyTest::Local | SecurityPolicyTest::NoAccess | SecurityPolicyTest::DisplayIsolated | SecurityPolicyTest::Secure
| SecurityPolicyTest::CORSEnabled);
webkit_security_manager_register_uri_scheme_as_empty_document(test->m_manager, "foo");
test->verifyThatSchemeMatchesPolicy("foo", SecurityPolicyTest::Local | SecurityPolicyTest::NoAccess | SecurityPolicyTest::DisplayIsolated | SecurityPolicyTest::Secure
| SecurityPolicyTest::CORSEnabled | SecurityPolicyTest::EmptyDocument);
}
static void
ephy_embed_shell_startup (GApplication* application)
{
EphyEmbedShell *shell = EPHY_EMBED_SHELL (application);
EphyEmbedShellPrivate *priv = ephy_embed_shell_get_instance_private (shell);
char *favicon_db_path;
WebKitCookieManager *cookie_manager;
char *filename;
char *cookie_policy;
G_APPLICATION_CLASS (ephy_embed_shell_parent_class)->startup (application);
/* We're not remoting, setup the Web Context if we are not running in a test.
Tests already do this after construction. */
if (priv->mode != EPHY_EMBED_SHELL_MODE_TEST)
ephy_embed_shell_create_web_context (embed_shell);
ephy_embed_shell_setup_web_extensions_connection (shell);
/* User content manager */
if (priv->mode != EPHY_EMBED_SHELL_MODE_TEST)
priv->user_content = webkit_user_content_manager_new ();
webkit_user_content_manager_register_script_message_handler (priv->user_content,
"overview");
g_signal_connect (priv->user_content, "script-message-received::overview",
G_CALLBACK (web_extension_overview_message_received_cb),
shell);
webkit_user_content_manager_register_script_message_handler (priv->user_content,
"tlsErrorPage");
g_signal_connect (priv->user_content, "script-message-received::tlsErrorPage",
G_CALLBACK (web_extension_tls_error_page_message_received_cb),
shell);
webkit_user_content_manager_register_script_message_handler (priv->user_content,
"formAuthData");
g_signal_connect (priv->user_content, "script-message-received::formAuthData",
G_CALLBACK (web_extension_form_auth_data_message_received_cb),
shell);
webkit_user_content_manager_register_script_message_handler (priv->user_content,
"aboutApps");
g_signal_connect (priv->user_content, "script-message-received::aboutApps",
G_CALLBACK (web_extension_about_apps_message_received_cb),
shell);
ephy_embed_shell_setup_process_model (shell);
g_signal_connect (priv->web_context, "initialize-web-extensions",
G_CALLBACK (initialize_web_extensions),
shell);
/* Favicon Database */
favicon_db_path = g_build_filename (EPHY_EMBED_SHELL_MODE_HAS_PRIVATE_PROFILE (priv->mode) ?
ephy_dot_dir () : g_get_user_cache_dir (),
"icondatabase", NULL);
webkit_web_context_set_favicon_database_directory (priv->web_context, favicon_db_path);
g_free (favicon_db_path);
/* Do not ignore TLS errors. */
webkit_web_context_set_tls_errors_policy (priv->web_context, WEBKIT_TLS_ERRORS_POLICY_FAIL);
/* about: URIs handler */
priv->about_handler = ephy_about_handler_new ();
webkit_web_context_register_uri_scheme (priv->web_context,
EPHY_ABOUT_SCHEME,
(WebKitURISchemeRequestCallback)about_request_cb,
shell, NULL);
/* Register about scheme as local so that it can contain file resources */
webkit_security_manager_register_uri_scheme_as_local (webkit_web_context_get_security_manager (priv->web_context),
EPHY_ABOUT_SCHEME);
/* ephy-resource handler */
webkit_web_context_register_uri_scheme (priv->web_context, "ephy-resource",
(WebKitURISchemeRequestCallback)ephy_resource_request_cb,
NULL, NULL);
/* Store cookies in moz-compatible SQLite format */
cookie_manager = webkit_web_context_get_cookie_manager (priv->web_context);
filename = g_build_filename (ephy_dot_dir (), "cookies.sqlite", NULL);
webkit_cookie_manager_set_persistent_storage (cookie_manager, filename,
WEBKIT_COOKIE_PERSISTENT_STORAGE_SQLITE);
g_free (filename);
cookie_policy = g_settings_get_string (EPHY_SETTINGS_WEB,
EPHY_PREFS_WEB_COOKIES_POLICY);
ephy_embed_prefs_set_cookie_accept_policy (cookie_manager, cookie_policy);
g_free (cookie_policy);
}
