Main resource requests need cachePartition

achristensen07 · achristensen07 · commit e295238de7a6 · 2017-02-28T08:30:44.000Z
https://bugs.webkit.org/show_bug.cgi?id=168806 Source/WebCore: <rdar://30639764> Reviewed by Brady Eidson. Test: http/tests/security/credentials-main-resource.html r211751 caused an unintended regression on pages whose main resource is protected by basic authentication. We were not setting the cache partition for main resource requests, and we use the cache partition now for credentials, so the credentials for the main resource were not being put into a partition in the CredentialStorage that would not be used for subresources of the page, whose requests had the correct partition for the domain of the page. This caused users to have to enter their credentials twice, once for the main resource and once for any subresources. This is fixed by using the domain from the main resource request as the cache partition. Elsewhere the Document is used to get the cache partition, but there is no Document yet when requesting the main resource. * loader/DocumentLoader.cpp: (WebCore::DocumentLoader::startLoadingMainResource): Set the cache partition for the main resource loads based on the SecurityOrigin of the initial request if we are loading the main resource for a new top document. If the main resource request is redirected, then we will still use the partition of the initial request because that is what the user requested and that is where the user entered the credentials. * loader/cache/CachedResourceLoader.h: * loader/cache/CachedResourceRequest.cpp: (WebCore::CachedResourceRequest::setDomainForCachePartition): * loader/cache/CachedResourceRequest.h: Source/WebKit2: Reviewed by Brady Eidson. * NetworkProcess/NetworkResourceLoader.cpp: (WebKit::NetworkResourceLoader::continueWillSendRequest): LayoutTests: Reviewed by Brady Eidson. * http/tests/security/credentials-main-resource-expected.txt: Added. * http/tests/security/credentials-main-resource.html: Added. * http/tests/security/resources/credentials-main-resource.php: Added. Canonical link: https://commits.webkit.org/185957@main git-svn-id: https://svn.webkit.org/repository/webkit/trunk@213126 268f45cc-cd09-0410-ab3c-d52691b4dbfc
diff --git a/LayoutTests/ChangeLog b/LayoutTests/ChangeLog
@@ -1,3 +1,14 @@
+2017-02-28  Alex Christensen  <achristensen@webkit.org>
+
+        Main resource requests need cachePartition
+        https://bugs.webkit.org/show_bug.cgi?id=168806
+
+        Reviewed by Brady Eidson.
+
+        * http/tests/security/credentials-main-resource-expected.txt: Added.
+        * http/tests/security/credentials-main-resource.html: Added.
+        * http/tests/security/resources/credentials-main-resource.php: Added.
+
 2017-02-28  Alex Christensen  <achristensen@webkit.org>
 
         REGRESSION: LayoutTest http/tests/security/credentials-iframes.html is failing on ios-simulator
diff --git a/LayoutTests/http/tests/security/credentials-main-resource-expected.txt b/LayoutTests/http/tests/security/credentials-main-resource-expected.txt
@@ -0,0 +1,3 @@
+ALERT: Authenticated as user: testuser password: testpass
+Main Resource Credentials: testuser, testpass
+
diff --git a/LayoutTests/http/tests/security/credentials-main-resource.html b/LayoutTests/http/tests/security/credentials-main-resource.html
@@ -0,0 +1,8 @@
+<script>
+if (window.testRunner) {
+    testRunner.dumpAsText();
+    testRunner.waitUntilDone();
+    internals.settings.setStorageBlockingPolicy('BlockThirdParty');
+}
+window.location = "http://testuser:testpass@127.0.0.1:8000/security/resources/credentials-main-resource.php";
+</script>
diff --git a/LayoutTests/http/tests/security/resources/credentials-main-resource.php b/LayoutTests/http/tests/security/resources/credentials-main-resource.php
@@ -0,0 +1,24 @@
+<?php 
+    if (!isset($_SERVER['PHP_AUTH_USER'])) {
+        header('WWW-Authenticate: Basic realm="WebKit test - credentials-in-main-resource"');
+        header('HTTP/1.0 401 Unauthorized');
+        exit;
+    }
+    echo "Main Resource Credentials: " . $_SERVER['PHP_AUTH_USER'] . ", " . $_SERVER['PHP_AUTH_PW'] . "<br/>";
+?>
+<script>
+
+if (window.internals)
+    internals.settings.setStorageBlockingPolicy('BlockThirdParty');
+
+var request = new XMLHttpRequest();
+request.onreadystatechange = function () {
+    if (this.readyState == 4) {
+        alert(this.responseText);
+		if (window.testRunner)
+			testRunner.notifyDone();
+	}
+};
+request.open('GET', 'http://127.0.0.1:8000/security/resources/basic-auth.php?username=testuser&password=testpass', true);
+request.send(null);
+</script>
diff --git a/Source/WebCore/ChangeLog b/Source/WebCore/ChangeLog
@@ -1,3 +1,34 @@
+2017-02-28  Alex Christensen  <achristensen@webkit.org>
+
+        Main resource requests need cachePartition
+        https://bugs.webkit.org/show_bug.cgi?id=168806
+        <rdar://30639764>
+
+        Reviewed by Brady Eidson.
+
+        Test: http/tests/security/credentials-main-resource.html
+
+        r211751 caused an unintended regression on pages whose main resource is protected
+        by basic authentication.  We were not setting the cache partition for main resource
+        requests, and we use the cache partition now for credentials, so the credentials for
+        the main resource were not being put into a partition in the CredentialStorage that
+        would not be used for subresources of the page, whose requests had the correct partition
+        for the domain of the page.  This caused users to have to enter their credentials twice,
+        once for the main resource and once for any subresources.  This is fixed by using the
+        domain from the main resource request as the cache partition.  Elsewhere the Document is
+        used to get the cache partition, but there is no Document yet when requesting the main resource.
+
+        * loader/DocumentLoader.cpp:
+        (WebCore::DocumentLoader::startLoadingMainResource):
+        Set the cache partition for the main resource loads based on the SecurityOrigin of the
+        initial request if we are loading the main resource for a new top document.  If the main resource
+        request is redirected, then we will still use the partition of the initial request because that is
+        what the user requested and that is where the user entered the credentials.
+        * loader/cache/CachedResourceLoader.h:
+        * loader/cache/CachedResourceRequest.cpp:
+        (WebCore::CachedResourceRequest::setDomainForCachePartition):
+        * loader/cache/CachedResourceRequest.h:
+
 2017-02-28  Alex Christensen  <achristensen@webkit.org>
 
         REGRESSION: LayoutTest http/tests/security/credentials-iframes.html is failing on ios-simulator
diff --git a/Source/WebCore/loader/DocumentLoader.cpp b/Source/WebCore/loader/DocumentLoader.cpp
@@ -1479,7 +1479,16 @@ void DocumentLoader::startLoadingMainResource()
     RELEASE_LOG_IF_ALLOWED("startLoadingMainResource: Starting load (frame = %p, main = %d)", m_frame, m_frame->isMainFrame());
 
     static NeverDestroyed<ResourceLoaderOptions> mainResourceLoadOptions(SendCallbacks, SniffContent, BufferData, AllowStoredCredentials, ClientCredentialPolicy::MayAskClientForCredentials, FetchOptions::Credentials::Include, SkipSecurityCheck, FetchOptions::Mode::NoCors, IncludeCertificateInfo, ContentSecurityPolicyImposition::SkipPolicyCheck, DefersLoadingPolicy::AllowDefersLoading, CachingPolicy::AllowCaching);
-    m_mainResource = m_cachedResourceLoader->requestMainResource(CachedResourceRequest(ResourceRequest(request), mainResourceLoadOptions));
+    CachedResourceRequest mainResourceRequest(ResourceRequest(request), mainResourceLoadOptions);
+    if (!m_frame->isMainFrame() && m_frame->document()) {
+        // If we are loading the main resource of a subframe, use the cache partition of the main document.
+        mainResourceRequest.setDomainForCachePartition(*m_frame->document());
+    } else {
+        auto origin = SecurityOrigin::create(request.url());
+        origin->setStorageBlockingPolicy(frameLoader()->frame().settings().storageBlockingPolicy());
+        mainResourceRequest.setDomainForCachePartition(origin->domainForCachePartition());
+    }
+    m_mainResource = m_cachedResourceLoader->requestMainResource(WTFMove(mainResourceRequest));
 
 #if ENABLE(CONTENT_EXTENSIONS)
     if (m_mainResource && m_mainResource->errorOccurred() && m_frame->page() && m_mainResource->resourceError().domain() == ContentExtensions::WebKitContentBlockerDomain) {
diff --git a/Source/WebCore/loader/cache/CachedResourceLoader.h b/Source/WebCore/loader/cache/CachedResourceLoader.h
@@ -53,6 +53,7 @@ class Document;
 class DocumentLoader;
 class Frame;
 class ImageLoader;
+class Settings;
 class URL;
 
 // The CachedResourceLoader provides a per-context interface to the MemoryCache
diff --git a/Source/WebCore/loader/cache/CachedResourceRequest.cpp b/Source/WebCore/loader/cache/CachedResourceRequest.cpp
@@ -134,6 +134,11 @@ void CachedResourceRequest::setDomainForCachePartition(Document& document)
     m_resourceRequest.setDomainForCachePartition(document.topOrigin().domainForCachePartition());
 }
 
+void CachedResourceRequest::setDomainForCachePartition(const String& domain)
+{
+    m_resourceRequest.setDomainForCachePartition(domain);
+}
+
 static inline String acceptHeaderValueFromType(CachedResource::Type type)
 {
     switch (type) {
diff --git a/Source/WebCore/loader/cache/CachedResourceRequest.h b/Source/WebCore/loader/cache/CachedResourceRequest.h
@@ -76,6 +76,7 @@ class CachedResourceRequest {
     void applyBlockedStatus(const ContentExtensions::BlockedStatus&);
 #endif
     void setDomainForCachePartition(Document&);
+    void setDomainForCachePartition(const String&);
     bool isLinkPreload() const { return m_isLinkPreload; }
     void setIsLinkPreload() { m_isLinkPreload = true; }
 
diff --git a/Source/WebKit2/ChangeLog b/Source/WebKit2/ChangeLog
@@ -1,3 +1,13 @@
+2017-02-28  Alex Christensen  <achristensen@webkit.org>
+
+        Main resource requests need cachePartition
+        https://bugs.webkit.org/show_bug.cgi?id=168806
+
+        Reviewed by Brady Eidson.
+
+        * NetworkProcess/NetworkResourceLoader.cpp:
+        (WebKit::NetworkResourceLoader::continueWillSendRequest):
+
 2017-02-27  Alex Christensen  <achristensen@webkit.org>
 
         Begin enabling WebRTC on 64-bit
diff --git a/Source/WebKit2/NetworkProcess/NetworkResourceLoader.cpp b/Source/WebKit2/NetworkProcess/NetworkResourceLoader.cpp
@@ -472,8 +472,9 @@ void NetworkResourceLoader::continueWillSendRequest(ResourceRequest&& newRequest
 {
     RELEASE_LOG_IF_ALLOWED("continueWillSendRequest: (pageID = %" PRIu64 ", frameID = %" PRIu64 ", resourceID = %" PRIu64 ")", m_parameters.webPageID, m_parameters.webFrameID, m_parameters.identifier);
 
-    // If there is a match in the network cache, we need to reuse the original cache policy.
+    // If there is a match in the network cache, we need to reuse the original cache policy and partition.
     newRequest.setCachePolicy(originalRequest().cachePolicy());
+    newRequest.setCachePartition(originalRequest().cachePartition());
 
 #if ENABLE(NETWORK_CACHE)
     if (m_isWaitingContinueWillSendRequestForCachedRedirect) {

Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,3 @@`
	`1`	`+ALERT: Authenticated as user: testuser password: testpass`
	`2`	`+Main Resource Credentials: testuser, testpass`
	`3`	`+`
Original file line number	Diff line number	Diff line change
`@@ -134,6 +134,11 @@ void CachedResourceRequest::setDomainForCachePartition(Document& document)`
`134`	`134`	`m_resourceRequest.setDomainForCachePartition(document.topOrigin().domainForCachePartition());`
`135`	`135`	`}`
`136`	`136`
	`137`	`+void CachedResourceRequest::setDomainForCachePartition(const String& domain)`
	`138`	`+{`
	`139`	`+ m_resourceRequest.setDomainForCachePartition(domain);`
	`140`	`+}`
	`141`	`+`
`137`	`142`	`static inline String acceptHeaderValueFromType(CachedResource::Type type)`
`138`	`143`	`{`
`139`	`144`	`switch (type) {`