static void testWebContextSecurityPolicy(SecurityPolicyTest* test, gconstpointer) { // VerifyThatSchemeMatchesPolicy default policy for well known schemes. test->verifyThatSchemeMatchesPolicy("http", SecurityPolicyTest::CORSEnabled); test->verifyThatSchemeMatchesPolicy("https", SecurityPolicyTest::CORSEnabled | SecurityPolicyTest::Secure); test->verifyThatSchemeMatchesPolicy("file", SecurityPolicyTest::Local); test->verifyThatSchemeMatchesPolicy("data", SecurityPolicyTest::NoAccess | SecurityPolicyTest::Secure); test->verifyThatSchemeMatchesPolicy("about", SecurityPolicyTest::NoAccess | SecurityPolicyTest::Secure | SecurityPolicyTest::EmptyDocument); // Custom scheme. test->verifyThatSchemeMatchesPolicy("foo", 0); webkit_security_manager_register_uri_scheme_as_local(test->m_manager, "foo"); test->verifyThatSchemeMatchesPolicy("foo", SecurityPolicyTest::Local); webkit_security_manager_register_uri_scheme_as_no_access(test->m_manager, "foo"); test->verifyThatSchemeMatchesPolicy("foo", SecurityPolicyTest::Local | SecurityPolicyTest::NoAccess); webkit_security_manager_register_uri_scheme_as_display_isolated(test->m_manager, "foo"); test->verifyThatSchemeMatchesPolicy("foo", SecurityPolicyTest::Local | SecurityPolicyTest::NoAccess | SecurityPolicyTest::DisplayIsolated); webkit_security_manager_register_uri_scheme_as_secure(test->m_manager, "foo"); test->verifyThatSchemeMatchesPolicy("foo", SecurityPolicyTest::Local | SecurityPolicyTest::NoAccess | SecurityPolicyTest::DisplayIsolated | SecurityPolicyTest::Secure); webkit_security_manager_register_uri_scheme_as_cors_enabled(test->m_manager, "foo"); test->verifyThatSchemeMatchesPolicy("foo", SecurityPolicyTest::Local | SecurityPolicyTest::NoAccess | SecurityPolicyTest::DisplayIsolated | SecurityPolicyTest::Secure | SecurityPolicyTest::CORSEnabled); webkit_security_manager_register_uri_scheme_as_empty_document(test->m_manager, "foo"); test->verifyThatSchemeMatchesPolicy("foo", SecurityPolicyTest::Local | SecurityPolicyTest::NoAccess | SecurityPolicyTest::DisplayIsolated | SecurityPolicyTest::Secure | SecurityPolicyTest::CORSEnabled | SecurityPolicyTest::EmptyDocument); }
static void ephy_embed_shell_startup (GApplication* application) { EphyEmbedShell *shell = EPHY_EMBED_SHELL (application); EphyEmbedShellPrivate *priv = ephy_embed_shell_get_instance_private (shell); char *favicon_db_path; WebKitCookieManager *cookie_manager; char *filename; char *cookie_policy; G_APPLICATION_CLASS (ephy_embed_shell_parent_class)->startup (application); /* We're not remoting, setup the Web Context if we are not running in a test. Tests already do this after construction. */ if (priv->mode != EPHY_EMBED_SHELL_MODE_TEST) ephy_embed_shell_create_web_context (embed_shell); ephy_embed_shell_setup_web_extensions_connection (shell); /* User content manager */ if (priv->mode != EPHY_EMBED_SHELL_MODE_TEST) priv->user_content = webkit_user_content_manager_new (); webkit_user_content_manager_register_script_message_handler (priv->user_content, "overview"); g_signal_connect (priv->user_content, "script-message-received::overview", G_CALLBACK (web_extension_overview_message_received_cb), shell); webkit_user_content_manager_register_script_message_handler (priv->user_content, "tlsErrorPage"); g_signal_connect (priv->user_content, "script-message-received::tlsErrorPage", G_CALLBACK (web_extension_tls_error_page_message_received_cb), shell); webkit_user_content_manager_register_script_message_handler (priv->user_content, "formAuthData"); g_signal_connect (priv->user_content, "script-message-received::formAuthData", G_CALLBACK (web_extension_form_auth_data_message_received_cb), shell); webkit_user_content_manager_register_script_message_handler (priv->user_content, "aboutApps"); g_signal_connect (priv->user_content, "script-message-received::aboutApps", G_CALLBACK (web_extension_about_apps_message_received_cb), shell); ephy_embed_shell_setup_process_model (shell); g_signal_connect (priv->web_context, "initialize-web-extensions", G_CALLBACK (initialize_web_extensions), shell); /* Favicon Database */ favicon_db_path = g_build_filename (EPHY_EMBED_SHELL_MODE_HAS_PRIVATE_PROFILE (priv->mode) ? ephy_dot_dir () : g_get_user_cache_dir (), "icondatabase", NULL); webkit_web_context_set_favicon_database_directory (priv->web_context, favicon_db_path); g_free (favicon_db_path); /* Do not ignore TLS errors. */ webkit_web_context_set_tls_errors_policy (priv->web_context, WEBKIT_TLS_ERRORS_POLICY_FAIL); /* about: URIs handler */ priv->about_handler = ephy_about_handler_new (); webkit_web_context_register_uri_scheme (priv->web_context, EPHY_ABOUT_SCHEME, (WebKitURISchemeRequestCallback)about_request_cb, shell, NULL); /* Register about scheme as local so that it can contain file resources */ webkit_security_manager_register_uri_scheme_as_local (webkit_web_context_get_security_manager (priv->web_context), EPHY_ABOUT_SCHEME); /* ephy-resource handler */ webkit_web_context_register_uri_scheme (priv->web_context, "ephy-resource", (WebKitURISchemeRequestCallback)ephy_resource_request_cb, NULL, NULL); /* Store cookies in moz-compatible SQLite format */ cookie_manager = webkit_web_context_get_cookie_manager (priv->web_context); filename = g_build_filename (ephy_dot_dir (), "cookies.sqlite", NULL); webkit_cookie_manager_set_persistent_storage (cookie_manager, filename, WEBKIT_COOKIE_PERSISTENT_STORAGE_SQLITE); g_free (filename); cookie_policy = g_settings_get_string (EPHY_SETTINGS_WEB, EPHY_PREFS_WEB_COOKIES_POLICY); ephy_embed_prefs_set_cookie_accept_policy (cookie_manager, cookie_policy); g_free (cookie_policy); }