2011-05-20 Sam Weinig <sam@webkit.org>
Reviewed by Anders Carlsson.
WebKit2: Media files cannot be saved in the Application Cache due to a sandbox violation
https://bugs.webkit.org/show_bug.cgi?id=61199
Instead of using a sandbox extension to give permission to the application cache directory,
initialize the sandbox with access to it like we do for other databases.
* Shared/WebProcessCreationParameters.cpp:
(WebKit::WebProcessCreationParameters::encode):
(WebKit::WebProcessCreationParameters::decode):
* Shared/WebProcessCreationParameters.h:
* UIProcess/WebContext.cpp:
(WebKit::WebContext::ensureWebProcess):
* WebProcess/WebProcess.cpp:
(WebKit::WebProcess::initializeWebProcess):
* WebProcess/com.apple.WebProcess.sb:
* WebProcess/mac/WebProcessMac.mm:
(WebKit::initializeSandbox):
git-svn-id: http://svn.webkit.org/repository/webkit/trunk@86967 268f45cc-cd09-0410-ab3c-d52691b4dbfc
diff --git a/Source/WebKit2/ChangeLog b/Source/WebKit2/ChangeLog
index 706a0d0..2dd3709 100644
--- a/Source/WebKit2/ChangeLog
+++ b/Source/WebKit2/ChangeLog
@@ -1,3 +1,25 @@
+2011-05-20 Sam Weinig <sam@webkit.org>
+
+ Reviewed by Anders Carlsson.
+
+ WebKit2: Media files cannot be saved in the Application Cache due to a sandbox violation
+ https://bugs.webkit.org/show_bug.cgi?id=61199
+
+ Instead of using a sandbox extension to give permission to the application cache directory,
+ initialize the sandbox with access to it like we do for other databases.
+
+ * Shared/WebProcessCreationParameters.cpp:
+ (WebKit::WebProcessCreationParameters::encode):
+ (WebKit::WebProcessCreationParameters::decode):
+ * Shared/WebProcessCreationParameters.h:
+ * UIProcess/WebContext.cpp:
+ (WebKit::WebContext::ensureWebProcess):
+ * WebProcess/WebProcess.cpp:
+ (WebKit::WebProcess::initializeWebProcess):
+ * WebProcess/com.apple.WebProcess.sb:
+ * WebProcess/mac/WebProcessMac.mm:
+ (WebKit::initializeSandbox):
+
2011-05-20 Jer Noble <jer.noble@apple.com>
Reviewed by Maciej Stachowiak.
diff --git a/Source/WebKit2/Shared/WebProcessCreationParameters.cpp b/Source/WebKit2/Shared/WebProcessCreationParameters.cpp
index 001fa3c..4265125 100644
--- a/Source/WebKit2/Shared/WebProcessCreationParameters.cpp
+++ b/Source/WebKit2/Shared/WebProcessCreationParameters.cpp
@@ -51,7 +51,6 @@
encoder->encode(injectedBundlePath);
encoder->encode(injectedBundlePathExtensionHandle);
encoder->encode(applicationCacheDirectory);
- encoder->encode(applicationCacheDirectoryExtensionHandle);
encoder->encode(databaseDirectory);
encoder->encode(localStorageDirectory);
encoder->encode(urlSchemesRegistererdAsEmptyDocument);
@@ -99,8 +98,6 @@
return false;
if (!decoder->decode(parameters.applicationCacheDirectory))
return false;
- if (!decoder->decode(parameters.applicationCacheDirectoryExtensionHandle))
- return false;
if (!decoder->decode(parameters.databaseDirectory))
return false;
if (!decoder->decode(parameters.localStorageDirectory))
diff --git a/Source/WebKit2/Shared/WebProcessCreationParameters.h b/Source/WebKit2/Shared/WebProcessCreationParameters.h
index e00ca556..7c8bb16 100644
--- a/Source/WebKit2/Shared/WebProcessCreationParameters.h
+++ b/Source/WebKit2/Shared/WebProcessCreationParameters.h
@@ -53,9 +53,7 @@
String injectedBundlePath;
SandboxExtension::Handle injectedBundlePathExtensionHandle;
- String applicationCacheDirectory;
- SandboxExtension::Handle applicationCacheDirectoryExtensionHandle;
-
+ String applicationCacheDirectory;
String databaseDirectory;
String localStorageDirectory;
Vector<String> urlSchemesRegistererdAsEmptyDocument;
diff --git a/Source/WebKit2/UIProcess/WebContext.cpp b/Source/WebKit2/UIProcess/WebContext.cpp
index f9aeea2..6cd64b1 100644
--- a/Source/WebKit2/UIProcess/WebContext.cpp
+++ b/Source/WebKit2/UIProcess/WebContext.cpp
@@ -221,13 +221,8 @@
WebProcessCreationParameters parameters;
- parameters.applicationCacheDirectory = applicationCacheDirectory();
- if (!parameters.applicationCacheDirectory.isEmpty())
- SandboxExtension::createHandle(parameters.applicationCacheDirectory, SandboxExtension::ReadWrite, parameters.applicationCacheDirectoryExtensionHandle);
-
if (!injectedBundlePath().isEmpty()) {
parameters.injectedBundlePath = injectedBundlePath();
-
SandboxExtension::createHandle(parameters.injectedBundlePath, SandboxExtension::ReadOnly, parameters.injectedBundlePathExtensionHandle);
}
@@ -240,7 +235,7 @@
#if PLATFORM(MAC)
parameters.presenterApplicationPid = getpid();
#endif
-
+
copyToVector(m_schemesToRegisterAsEmptyDocument, parameters.urlSchemesRegistererdAsEmptyDocument);
copyToVector(m_schemesToRegisterAsSecure, parameters.urlSchemesRegisteredAsSecure);
copyToVector(m_schemesToSetDomainRelaxationForbiddenFor, parameters.urlSchemesForWhichDomainRelaxationIsForbidden);
diff --git a/Source/WebKit2/WebProcess/WebProcess.cpp b/Source/WebKit2/WebProcess/WebProcess.cpp
index 8b670ae..4c61eb9 100644
--- a/Source/WebKit2/WebProcess/WebProcess.cpp
+++ b/Source/WebKit2/WebProcess/WebProcess.cpp
@@ -194,12 +194,8 @@
#endif
#if ENABLE(OFFLINE_WEB_APPLICATIONS)
- if (!parameters.applicationCacheDirectory.isEmpty()) {
- m_applicationCachePathExtension = SandboxExtension::create(parameters.applicationCacheDirectoryExtensionHandle);
- m_applicationCachePathExtension->consume();
-
+ if (!parameters.applicationCacheDirectory.isEmpty())
cacheStorage().setCacheDirectory(parameters.applicationCacheDirectory);
- }
#endif
setShouldTrackVisitedLinks(parameters.shouldTrackVisitedLinks);
diff --git a/Source/WebKit2/WebProcess/com.apple.WebProcess.sb b/Source/WebKit2/WebProcess/com.apple.WebProcess.sb
index 101435d..2f38604 100644
--- a/Source/WebKit2/WebProcess/com.apple.WebProcess.sb
+++ b/Source/WebKit2/WebProcess/com.apple.WebProcess.sb
@@ -105,14 +105,18 @@
(if (positive? (string-length (param "DARWIN_USER_TEMP_DIR")))
(allow file* (subpath (param "DARWIN_USER_TEMP_DIR"))))
-;; Database dir
+;; Database directory.
(if (positive? (string-length (param "WEBKIT_DATABASE_DIR")))
(allow file* (subpath (param "WEBKIT_DATABASE_DIR"))))
-;; LocalStorage dir
+;; LocalStorage directory.
(if (positive? (string-length (param "WEBKIT_LOCALSTORAGE_DIR")))
(allow file* (subpath (param "WEBKIT_LOCALSTORAGE_DIR"))))
+;; ApplicationCache directory.
+(if (positive? (string-length (param "WEBKIT_APPLICATION_CACHE_DIR")))
+ (allow file* (subpath (param "WEBKIT_APPLICATION_CACHE_DIR"))))
+
;; The NSURLCache directory.
(if (positive? (string-length (param "NSURL_CACHE_DIR")))
(allow file* (subpath (param "NSURL_CACHE_DIR"))))
diff --git a/Source/WebKit2/WebProcess/mac/WebProcessMac.mm b/Source/WebKit2/WebProcess/mac/WebProcessMac.mm
index 07238f6..6912ccb 100644
--- a/Source/WebKit2/WebProcess/mac/WebProcessMac.mm
+++ b/Source/WebKit2/WebProcess/mac/WebProcessMac.mm
@@ -187,6 +187,7 @@
appendReadwriteSandboxDirectory(sandboxParameters, "HOME_DIR", NSHomeDirectory());
appendReadwriteSandboxDirectory(sandboxParameters, "WEBKIT_DATABASE_DIR", parameters.databaseDirectory);
appendReadwriteSandboxDirectory(sandboxParameters, "WEBKIT_LOCALSTORAGE_DIR", parameters.localStorageDirectory);
+ appendReadwriteSandboxDirectory(sandboxParameters, "WEBKIT_APPLICATION_CACHE_DIR", parameters.applicationCacheDirectory);
appendReadwriteSandboxDirectory(sandboxParameters, "NSURL_CACHE_DIR", parameters.nsURLCachePath);
sandboxParameters.append(static_cast<const char*>(0));
