| /* |
| * Copyright (C) 2019 Apple Inc. All rights reserved. |
| * |
| * Redistribution and use in source and binary forms, with or without |
| * modification, are permitted provided that the following conditions |
| * are met: |
| * 1. Redistributions of source code must retain the above copyright |
| * notice, this list of conditions and the following disclaimer. |
| * 2. Redistributions in binary form must reproduce the above copyright |
| * notice, this list of conditions and the following disclaimer in the |
| * documentation and/or other materials provided with the distribution. |
| * |
| * THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS'' |
| * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, |
| * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR |
| * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS |
| * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR |
| * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF |
| * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS |
| * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN |
| * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) |
| * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF |
| * THE POSSIBILITY OF SUCH DAMAGE. |
| */ |
| |
| #include "config.h" |
| #include "DocumentStorageAccess.h" |
| |
| #if ENABLE(RESOURCE_LOAD_STATISTICS) |
| |
| #include "Chrome.h" |
| #include "ChromeClient.h" |
| #include "Document.h" |
| #include "Frame.h" |
| #include "FrameLoader.h" |
| #include "FrameLoaderClient.h" |
| #include "JSDOMPromiseDeferred.h" |
| #include "Microtasks.h" |
| #include "Page.h" |
| #include "RegistrableDomain.h" |
| #include "SecurityOrigin.h" |
| #include "Settings.h" |
| #include "UserGestureIndicator.h" |
| |
| namespace WebCore { |
| |
| DocumentStorageAccess::DocumentStorageAccess(Document& document) |
| : m_document(document) |
| { |
| } |
| |
| DocumentStorageAccess::~DocumentStorageAccess() = default; |
| |
| DocumentStorageAccess* DocumentStorageAccess::from(Document& document) |
| { |
| auto* supplement = static_cast<DocumentStorageAccess*>(Supplement<Document>::from(&document, supplementName())); |
| if (!supplement) { |
| auto newSupplement = makeUnique<DocumentStorageAccess>(document); |
| supplement = newSupplement.get(); |
| provideTo(&document, supplementName(), WTFMove(newSupplement)); |
| } |
| return supplement; |
| } |
| |
| const char* DocumentStorageAccess::supplementName() |
| { |
| return "DocumentStorageAccess"; |
| } |
| |
| void DocumentStorageAccess::hasStorageAccess(Document& document, Ref<DeferredPromise>&& promise) |
| { |
| DocumentStorageAccess::from(document)->hasStorageAccess(WTFMove(promise)); |
| } |
| |
| void DocumentStorageAccess::requestStorageAccess(Document& document, Ref<DeferredPromise>&& promise) |
| { |
| DocumentStorageAccess::from(document)->requestStorageAccess(WTFMove(promise)); |
| } |
| |
| void DocumentStorageAccess::hasStorageAccess(Ref<DeferredPromise>&& promise) |
| { |
| ASSERT(m_document.settings().storageAccessAPIEnabled()); |
| |
| auto* frame = m_document.frame(); |
| if (frame && hasFrameSpecificStorageAccess()) { |
| promise->resolve<IDLBoolean>(true); |
| return; |
| } |
| |
| if (!frame || m_document.securityOrigin().isUnique()) { |
| promise->resolve<IDLBoolean>(false); |
| return; |
| } |
| |
| if (frame->isMainFrame()) { |
| promise->resolve<IDLBoolean>(true); |
| return; |
| } |
| |
| auto& securityOrigin = m_document.securityOrigin(); |
| auto& topSecurityOrigin = m_document.topDocument().securityOrigin(); |
| if (securityOrigin.equal(&topSecurityOrigin)) { |
| promise->resolve<IDLBoolean>(true); |
| return; |
| } |
| |
| auto* page = frame->page(); |
| if (!page) { |
| promise->reject(); |
| return; |
| } |
| |
| auto subFrameDomain = RegistrableDomain::uncheckedCreateFromHost(securityOrigin.host()); |
| auto topFrameDomain = RegistrableDomain::uncheckedCreateFromHost(topSecurityOrigin.host()); |
| page->chrome().client().hasStorageAccess(WTFMove(subFrameDomain), WTFMove(topFrameDomain), *frame, [weakThis = makeWeakPtr(*this), promise = WTFMove(promise)] (bool hasAccess) { |
| if (!weakThis) |
| return; |
| |
| promise->resolve<IDLBoolean>(hasAccess); |
| }); |
| } |
| |
| void DocumentStorageAccess::requestStorageAccess(Ref<DeferredPromise>&& promise) |
| { |
| ASSERT(m_document.settings().storageAccessAPIEnabled()); |
| |
| auto* frame = m_document.frame(); |
| if (frame && hasFrameSpecificStorageAccess()) { |
| promise->resolve(); |
| return; |
| } |
| |
| if (!frame || m_document.securityOrigin().isUnique() || !isAllowedToRequestFrameSpecificStorageAccess()) { |
| promise->reject(); |
| return; |
| } |
| |
| if (frame->isMainFrame()) { |
| promise->resolve(); |
| return; |
| } |
| |
| auto& topDocument = m_document.topDocument(); |
| auto& topSecurityOrigin = topDocument.securityOrigin(); |
| auto& securityOrigin = m_document.securityOrigin(); |
| if (securityOrigin.equal(&topSecurityOrigin)) { |
| promise->resolve(); |
| return; |
| } |
| |
| // If there is a sandbox, it has to allow the storage access API to be called. |
| if (m_document.sandboxFlags() != SandboxNone && m_document.isSandboxed(SandboxStorageAccessByUserActivation)) { |
| promise->reject(); |
| return; |
| } |
| |
| // The iframe has to be a direct child of the top document. |
| if (&topDocument != m_document.parentDocument()) { |
| promise->reject(); |
| return; |
| } |
| |
| if (!UserGestureIndicator::processingUserGesture()) { |
| promise->reject(); |
| return; |
| } |
| |
| auto* page = frame->page(); |
| if (!page) { |
| promise->reject(); |
| return; |
| } |
| |
| auto subFrameDomain = RegistrableDomain::uncheckedCreateFromHost(securityOrigin.host()); |
| auto topFrameDomain = RegistrableDomain::uncheckedCreateFromHost(topSecurityOrigin.host()); |
| |
| page->chrome().client().requestStorageAccess(WTFMove(subFrameDomain), WTFMove(topFrameDomain), *frame, [this, weakThis = makeWeakPtr(*this), promise = WTFMove(promise)] (StorageAccessWasGranted wasGranted, StorageAccessPromptWasShown promptWasShown) mutable { |
| if (!weakThis) |
| return; |
| |
| // Consume the user gesture only if the user explicitly denied access. |
| bool shouldPreserveUserGesture = wasGranted == StorageAccessWasGranted::Yes || promptWasShown == StorageAccessPromptWasShown::No; |
| |
| if (shouldPreserveUserGesture) { |
| MicrotaskQueue::mainThreadQueue().append(makeUnique<VoidMicrotask>([this, weakThis] () { |
| if (weakThis) |
| enableTemporaryTimeUserGesture(); |
| })); |
| } |
| |
| if (wasGranted == StorageAccessWasGranted::Yes) |
| promise->resolve(); |
| else { |
| if (promptWasShown == StorageAccessPromptWasShown::Yes) |
| setWasExplicitlyDeniedFrameSpecificStorageAccess(); |
| promise->reject(); |
| } |
| |
| if (shouldPreserveUserGesture) { |
| MicrotaskQueue::mainThreadQueue().append(makeUnique<VoidMicrotask>([this, weakThis = WTFMove(weakThis)] () { |
| if (weakThis) |
| consumeTemporaryTimeUserGesture(); |
| })); |
| } |
| }); |
| } |
| |
| void DocumentStorageAccess::enableTemporaryTimeUserGesture() |
| { |
| m_temporaryUserGesture = makeUnique<UserGestureIndicator>(ProcessingUserGesture, &m_document); |
| } |
| |
| void DocumentStorageAccess::consumeTemporaryTimeUserGesture() |
| { |
| m_temporaryUserGesture = nullptr; |
| } |
| |
| bool DocumentStorageAccess::hasFrameSpecificStorageAccess() const |
| { |
| auto* frame = m_document.frame(); |
| return frame && frame->loader().client().hasFrameSpecificStorageAccess(); |
| } |
| |
| } // namespace WebCore |
| |
| #endif // ENABLE(RESOURCE_LOAD_STATISTICS) |