Google Git
Sign in
webkit / WebKit / 6069db267f776827faaedec69bf8cc9b64847f30
commit6069db267f776827faaedec69bf8cc9b64847f30[log] [tgz]
authorutatane.tea@gmail.com <utatane.tea@gmail.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>Thu Oct 12 13:12:48 2017 +0000
committerutatane.tea@gmail.com <utatane.tea@gmail.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>Thu Oct 12 13:12:48 2017 +0000
tree679d5e3496b06c4d99ea04659e8acdadf0434a23
parente87534a834c8ca2dcd79d38d006e66fd14d07b85 [diff]
Support integrity="" on module scripts
https://bugs.webkit.org/show_bug.cgi?id=177959

Reviewed by Sam Weinig.

Source/JavaScriptCore:

This patch adds Subresource Integrity check for module scripts. Currently,
only top-level module can be verified with integrity parameter since there
is no way to perform integrity check onto the imported modules.

In JSC side, we add `parameters` to the entry point of the module loader
pipeline. This is fetching parameters and used when fetching modules.

We separately pass this parameters to the pipeline along with the script fetcher.
The script fetcher is only one for module graph since this is the initiator of
this module graph loading. On the other hand, this parameters is for each
module fetching. While setting "integrity" parameters to this script fetcher is
sufficient to pass parameters to top-level-module's fetching, it is not enough
for the future extension.

In the future, we will investigate a way to pass parameters to each non-top-level
module. At that time, this `parameters` should be per-module. This is because
"integrity" value should be different for each module. For example, we will accept
some form of syntax to add parameters to `import`. Some proposed syntax is like
https://discourse.wicg.io/t/specifying-nonce-or-integrity-when-importing-modules/1861

import "./xxx.js" integrity "xxxxxxx"

In this case, this `parameters` will be passed to "./xxx.js" module fetching. This
`parameters` should be different from the one of top-level-module's one. That's why
we need per-module `parameters` and why this patch adds `parameters` to the module pipeline.

On the other hand, we also want to keep script fetcher. This `per-module-graph` thing
is important to offer module-graph-wide information. For example, import.meta would
have `import.meta.scriptElement`, which is the script element fetching the module graph
including this. So, we keep the both, script fetcher and parameters.
https://github.com/tc39/proposal-import-meta

This parameters will be finally used by pipeline's fetch hook, and WebCore side
can use this parameters to fetch modules.

We also further clean up the module pipeline by dropping unnecessary features.

* JavaScriptCore.xcodeproj/project.pbxproj:
* Sources.txt:
* builtins/ModuleLoaderPrototype.js:
(requestFetch):
(requestInstantiate):
(requestSatisfy):
(loadModule):
(loadAndEvaluateModule):
This loadAndEvaluateModule should be implemented by just calling loadModule and
linkAndEvaluateModule. We can drop requestReady and requestLink.

(requestLink): Deleted.
(requestImportModule): Deleted.
* jsc.cpp:
(GlobalObject::moduleLoaderImportModule):
(GlobalObject::moduleLoaderFetch):
import and fetch hook takes parameters. Currently, we always pass `undefined` for
import hook. When dynamic `import()` is extended to accept additional parameters
like integrity, this parameters will be replaced with the actual value.

(functionLoadModule):
(runWithOptions):
* runtime/Completion.cpp:
(JSC::loadAndEvaluateModule):
(JSC::loadModule):
(JSC::importModule):
* runtime/Completion.h:
* runtime/JSGlobalObject.h:
* runtime/JSGlobalObjectFunctions.cpp:
(JSC::globalFuncImportModule):
* runtime/JSModuleLoader.cpp:
(JSC::JSModuleLoader::loadAndEvaluateModule):
(JSC::JSModuleLoader::loadModule):
(JSC::JSModuleLoader::requestImportModule):
(JSC::JSModuleLoader::importModule):
(JSC::JSModuleLoader::fetch):
* runtime/JSModuleLoader.h:
* runtime/JSScriptFetchParameters.cpp: Added.
(JSC::JSScriptFetchParameters::destroy):
* runtime/JSScriptFetchParameters.h: Added.
(JSC::JSScriptFetchParameters::createStructure):
(JSC::JSScriptFetchParameters::create):
(JSC::JSScriptFetchParameters::parameters const):
(JSC::JSScriptFetchParameters::JSScriptFetchParameters):
Add ScriptFetchParameters' JSCell wrapper, JSScriptFetchParameters.
It is used in the module pipeline.

* runtime/JSType.h:
* runtime/ModuleLoaderPrototype.cpp:
(JSC::moduleLoaderPrototypeFetch):
* runtime/ScriptFetchParameters.h: Added.
(JSC::ScriptFetchParameters::~ScriptFetchParameters):
Add ScriptFetchParameters. We can define our own custom ScriptFetchParameters
by inheriting this class. WebCore creates ModuleFetchParameters by inheriting
this.

* runtime/VM.cpp:
(JSC::VM::VM):
* runtime/VM.h:

Source/WebCore:

This patch extends module hooks to accept fetching parameters.
When starting fetching modules, WebCore creates ModuleFetchParameters.
And this parameters is propagated to the fetch hook. Then, fetch
hook can use this parameters to fetch modules.

This parameters only contains `integrity` field. This "integrity" is
used to perform subresource integrity check in module loader pipeline.
And this error is just proparaged as errors in module pipeline, which
is the same to the other types of errors in module pipeline.

Test: http/tests/subresource-integrity/sri-module.html

* ForwardingHeaders/runtime/JSScriptFetchParameters.h: Added.
* ForwardingHeaders/runtime/ScriptFetchParameters.h: Added.
* WebCore.xcodeproj/project.pbxproj:
* bindings/js/CachedModuleScriptLoader.cpp:
(WebCore::CachedModuleScriptLoader::create):
(WebCore::CachedModuleScriptLoader::CachedModuleScriptLoader):
Take parameters, which includes "integrity".

* bindings/js/CachedModuleScriptLoader.h:
* bindings/js/JSDOMWindowBase.cpp:
(WebCore::JSDOMWindowBase::moduleLoaderFetch):
(WebCore::JSDOMWindowBase::moduleLoaderImportModule):
import and fetch hooks take parameters.

* bindings/js/JSDOMWindowBase.h:
* bindings/js/JSMainThreadExecState.h:
(WebCore::JSMainThreadExecState::loadModule):
* bindings/js/ScriptController.cpp:
(WebCore::ScriptController::loadModuleScriptInWorld):
(WebCore::ScriptController::loadModuleScript):
Pass parameters to the entry point of the module pipeline.

* bindings/js/ScriptController.h:
* bindings/js/ScriptModuleLoader.cpp:
(WebCore::ScriptModuleLoader::fetch):
If parameters are passed, we set them to CachedModuleScriptLoader.

(WebCore::ScriptModuleLoader::importModule):
Pass parameters to the entry point of dynamic import.

(WebCore::ScriptModuleLoader::notifyFinished):
If script loader has parameters, we perform subresource integrity check here.

* bindings/js/ScriptModuleLoader.h:
* dom/LoadableModuleScript.cpp:
(WebCore::LoadableModuleScript::create):
(WebCore::LoadableModuleScript::LoadableModuleScript):
(WebCore::LoadableModuleScript::load):
Create ModuleFetchParameters with "integrity" value.

* dom/LoadableModuleScript.h:
* dom/ModuleFetchParameters.h: Copied from Source/WebCore/bindings/js/CachedModuleScriptLoader.h.
(WebCore::ModuleFetchParameters::create):
(WebCore::ModuleFetchParameters::integrity const):
(WebCore::ModuleFetchParameters::ModuleFetchParameters):
* dom/ScriptElement.cpp:
(WebCore::ScriptElement::requestModuleScript):
Pass "integrity" value to the module script.

LayoutTests:

* http/tests/subresource-integrity/resources/crossorigin-anon-script-module.js: Added.
* http/tests/subresource-integrity/resources/crossorigin-creds-script-module.js: Added.
* http/tests/subresource-integrity/resources/crossorigin-ineligible-script-module.js: Added.
* http/tests/subresource-integrity/resources/matching-digest-module.js: Added.
* http/tests/subresource-integrity/resources/non-matching-digest-module.js: Added.
* http/tests/subresource-integrity/resources/sri-utilities.js:
(add_result_callback):
(SRIModuleTest):
(SRIModuleTest.prototype.execute):
* http/tests/subresource-integrity/sri-module-expected.txt: Added.
* http/tests/subresource-integrity/sri-module.html: Added.
* js/dom/modules/module-inline-ignore-integrity-expected.txt: Added.
* js/dom/modules/module-inline-ignore-integrity.html: Added.
* js/dom/modules/module-integrity-non-top-level-expected.txt: Added.
* js/dom/modules/module-integrity-non-top-level.html: Added.
* js/dom/modules/script-tests/module-integrity-non-top-level-2.js: Added.
* js/dom/modules/script-tests/module-integrity-non-top-level.js: Added.


git-svn-id: http://svn.webkit.org/repository/webkit/trunk@223237 268f45cc-cd09-0410-ab3c-d52691b4dbfc
50 files changed
tree: 679d5e3496b06c4d99ea04659e8acdadf0434a23
  1. Examples/
  2. JSTests/
  3. LayoutTests/
  4. ManualTests/
  5. PerformanceTests/
  6. Source/
  7. Tools/
  8. WebKit.xcworkspace/
  9. WebKitLibraries/
  10. Websites/
  11. .dir-locals.el
  12. .gitattributes
  13. .gitignore
  14. ChangeLog
  15. ChangeLog-2012-05-22
  16. CMakeLists.txt
  17. Makefile
  18. Makefile.shared
  19. ReadMe.md
ReadMe.md

WebKit

WebKit is a cross-platform web browser engine. On iOS and macOS, it powers Safari, Mail, iBooks, and many other applications.

Feature Status

Visit WebKit Feature Status page to see which Web API has been implemented, in development, or under consideration.

Trying the Latest

Downloading Safari Technology Preview to test the latest version of WebKit.

Reporting Bugs

  1. Search WebKit Bugzilla to see if there is an existing report for the bug you've encountered.
  2. Create a Bugzilla account to to report bugs (and to comment on them) if you haven't done so already.
  3. File a bug in accordance with our guidelines.

Once your bug is filed, you will receive email when it is updated at each stage in the bug life cycle. After the bug is considered fixed, you may be asked to download the latest nightly and confirm that the fix works for you.

Getting the Code

On Windows, follow the instructions on our website.

Cloning the Git SVN Repository

Run the following command to clone WebKit's Git SVN repository:

git clone git://git.webkit.org/WebKit.git WebKit

If you want to be able to commit changes to the repository, or just want to check out branches that aren’t contained in WebKit.git, you will need track WebKit's Subversion repository. You can run the following command to configure this and other options of the new Git clone for WebKit development.

Tools/Scripts/webkit-patch setup-git-clone

For information about this, and other aspects of using Git with WebKit, read the wiki page.

Checking out the Subversion Repository

Run the following command to check out WebKit's subversion repository:

svn checkout https://svn.webkit.org/repository/webkit/trunk WebKit

Building WebKit

Building Mac Port

Install Xcode and its command line tools if you haven't done so already:

  1. Install Xcode Get Xcode from https://developer.apple.com/downloads. To build WebKit for OS X, Xcode 5.1.1 or later is required. To build WebKit for iOS Simulator, Xcode 7 or later is required.
  2. Install the Xcode Command Line Tools In Terminal, run the command: xcode-select --install

Run the following command to build a debug build with debugging symbols and assertions:

Tools/Scripts/build-webkit --debug

For performance testing, and other purposes, use --release instead.

Using Xcode

You can open WebKit.xcworkspace to build and debug WebKit within WebKit.

If you don't use a custom build location in Xcode preferences, you have to update the workspace settings to use WebKitBuild directory. In menu bar, choose File > Workspace Settings, then click the Advanced button, select “Custom”, “Relative to Workspace”, and enter WebKitBuild for both Products and Intermediates.

Building iOS Port

The first time after you install a new Xcode, you will need to run the following command to enable Xcode to build command line tools for iOS Simulator:

 sudo Tools/Scripts/configure-xcode-for-ios-development

Without this step, you will see the error message: “target specifies product type ‘com.apple.product-type.tool’, but there’s no such product type for the ‘iphonesimulator’ platform.” when building target JSCLLIntOffsetsExtractor of project JavaScriptCore.

Run the following command to build a debug build with debugging symbols and assertions for iOS:

Tools/Scripts/build-webkit --debug --ios-simulator.

Building GTK+ Port

Install the dependencies by running the following command:

Tools/gtk/install-dependencies

Then run the following command to build additional dependencies:

Tools/Scripts/update-webkitgtk-libs

Run the following command to build WebKit with debugging symbols for GTK+ port:

Tools/Scripts/build-webkit --debug --gtk

Note that the procedure for building a release tarball is different. For more information, see the wiki page.

Building Windows Port

For building WebKit on Windows, see the wiki page.

Running WebKit

With Safari and Other macOS Applications

Run the following command to launch Safari with your local build of WebKit:

Tools/Scripts/run-safari --debug

The run-safari script sets the DYLD_FRAMEWORK_PATH environment variable to point to your build products, and then launches /Applications/Safari.app. DYLD_FRAMEWORK_PATH tells the system loader to prefer your build products over the frameworks installed in /System/Library/Frameworks.

To run other applications with your local build of WebKit, run the following command:

Tools/Scripts/run-webkit-app <application-path>

iOS Simulator

Run the following command to launch iOS simulator with your local build of WebKit:

run-safari --debug --ios-simulator

In both cases, if you have built release builds instead, use --release instead of --debug.

Contribute

Congratulations! You’re up and running. Now you can begin coding in WebKit and contribute your fixes and new features to the project. For details on submitting your code to the project, read Contributing Code.