Commit ff0d5a18 authored by Daniel Vogelheim's avatar Daniel Vogelheim Committed by Commit Bot

[Trusted Types] Fix eval handling in workers.

The current code only enables/disables eval (& Function constructors) in
workers wholesale, and never registers a callback. This means that the
functionality that relies on the callback doesn't work in workers.

This patch registers the callback, and removes two assertions that are now
no longer true.

Bug: 1126472
Change-Id: I3996431acd97fd6f62e8e09ed44732e8eaa438f6
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2426645Reviewed-by: default avatarMike West <mkwst@chromium.org>
Commit-Queue: Daniel Vogelheim <vogelheim@chromium.org>
Cr-Commit-Position: refs/heads/master@{#811633}
parent 313b327d
...@@ -355,11 +355,6 @@ static bool ContentSecurityPolicyCodeGenerationCheck( ...@@ -355,11 +355,6 @@ static bool ContentSecurityPolicyCodeGenerationCheck(
v8::Local<v8::Context> context, v8::Local<v8::Context> context,
v8::Local<v8::String> source) { v8::Local<v8::String> source) {
if (ExecutionContext* execution_context = ToExecutionContext(context)) { if (ExecutionContext* execution_context = ToExecutionContext(context)) {
DCHECK(execution_context->IsWindow() ||
execution_context->IsMainThreadWorkletGlobalScope());
v8::Context::Scope scope(context);
// Note this callback is only triggered for contexts which have eval // Note this callback is only triggered for contexts which have eval
// disabled. Hence we don't need to handle the case of isolated world // disabled. Hence we don't need to handle the case of isolated world
// contexts with no CSP specified. (They should be exempt from the page CSP. // contexts with no CSP specified. (They should be exempt from the page CSP.
...@@ -367,6 +362,7 @@ static bool ContentSecurityPolicyCodeGenerationCheck( ...@@ -367,6 +362,7 @@ static bool ContentSecurityPolicyCodeGenerationCheck(
if (ContentSecurityPolicy* policy = if (ContentSecurityPolicy* policy =
execution_context->GetContentSecurityPolicyForCurrentWorld()) { execution_context->GetContentSecurityPolicyForCurrentWorld()) {
v8::Context::Scope scope(context);
v8::String::Value source_str(context->GetIsolate(), source); v8::String::Value source_str(context->GetIsolate(), source);
UChar snippet[ContentSecurityPolicy::kMaxSampleLength + 1]; UChar snippet[ContentSecurityPolicy::kMaxSampleLength + 1];
size_t len = std::min((sizeof(snippet) / sizeof(UChar)) - 1, size_t len = std::min((sizeof(snippet) / sizeof(UChar)) - 1,
...@@ -786,6 +782,8 @@ void V8Initializer::InitializeWorker(v8::Isolate* isolate) { ...@@ -786,6 +782,8 @@ void V8Initializer::InitializeWorker(v8::Isolate* isolate) {
isolate->SetStackLimit(WTF::GetCurrentStackPosition() - kWorkerMaxStackSize); isolate->SetStackLimit(WTF::GetCurrentStackPosition() - kWorkerMaxStackSize);
isolate->SetPromiseRejectCallback(PromiseRejectHandlerInWorker); isolate->SetPromiseRejectCallback(PromiseRejectHandlerInWorker);
isolate->SetModifyCodeGenerationFromStringsCallback(
CodeGenerationCheckCallbackInMainThread);
} }
} // namespace blink } // namespace blink
...@@ -3059,9 +3059,6 @@ crbug.com/626703 [ Win ] external/wpt/css/css-lists/content-property/marker-text ...@@ -3059,9 +3059,6 @@ crbug.com/626703 [ Win ] external/wpt/css/css-lists/content-property/marker-text
crbug.com/626703 external/wpt/css/css-lists/content-property/marker-text-matches-square.html [ Failure ] crbug.com/626703 external/wpt/css/css-lists/content-property/marker-text-matches-square.html [ Failure ]
crbug.com/626703 external/wpt/svg/linking/reftests/use-descendant-combinator-003.html [ Failure ] crbug.com/626703 external/wpt/svg/linking/reftests/use-descendant-combinator-003.html [ Failure ]
crbug.com/626703 external/wpt/css/css-lists/content-property/marker-text-matches-circle.html [ Failure ] crbug.com/626703 external/wpt/css/css-lists/content-property/marker-text-matches-circle.html [ Failure ]
crbug.com/626703 external/wpt/content-security-policy/securitypolicyviolation/inside-service-worker.https.html [ Timeout ]
crbug.com/626703 external/wpt/content-security-policy/securitypolicyviolation/inside-shared-worker.html [ Timeout ]
crbug.com/626703 external/wpt/content-security-policy/securitypolicyviolation/inside-dedicated-worker.html [ Timeout ]
crbug.com/626703 external/wpt/content-security-policy/securitypolicyviolation/targeting.html [ Timeout ] crbug.com/626703 external/wpt/content-security-policy/securitypolicyviolation/targeting.html [ Timeout ]
crbug.com/863355 [ Mac ] external/wpt/svg/shapes/reftests/pathlength-002.svg [ Failure ] crbug.com/863355 [ Mac ] external/wpt/svg/shapes/reftests/pathlength-002.svg [ Failure ]
crbug.com/366559 external/wpt/svg/shapes/reftests/pathlength-003.svg [ Failure ] crbug.com/366559 external/wpt/svg/shapes/reftests/pathlength-003.svg [ Failure ]
......
...@@ -176,9 +176,6 @@ external/wpt/content-security-policy/reporting-api/reporting-api-sends-reports-o ...@@ -176,9 +176,6 @@ external/wpt/content-security-policy/reporting-api/reporting-api-sends-reports-o
external/wpt/content-security-policy/reporting-api/reporting-api-works-on-frame-src.https.sub.html [ Pass ] # wpt_subtest_failure external/wpt/content-security-policy/reporting-api/reporting-api-works-on-frame-src.https.sub.html [ Pass ] # wpt_subtest_failure
external/wpt/content-security-policy/script-src/script-src-strict_dynamic_hashes.html [ Failure ] external/wpt/content-security-policy/script-src/script-src-strict_dynamic_hashes.html [ Failure ]
external/wpt/content-security-policy/securitypolicyviolation/img-src-redirect-upgrade-reporting.https.html [ Timeout ] # wpt_subtest_failure external/wpt/content-security-policy/securitypolicyviolation/img-src-redirect-upgrade-reporting.https.html [ Timeout ] # wpt_subtest_failure
external/wpt/content-security-policy/securitypolicyviolation/inside-dedicated-worker.html [ Timeout ] # wpt_subtest_failure
external/wpt/content-security-policy/securitypolicyviolation/inside-service-worker.https.html [ Timeout ] # wpt_subtest_failure
external/wpt/content-security-policy/securitypolicyviolation/inside-shared-worker.html [ Timeout ] # wpt_subtest_failure
external/wpt/content-security-policy/securitypolicyviolation/securitypolicyviolation-block-cross-origin-image.sub.html [ Pass ] # wpt_subtest_failure external/wpt/content-security-policy/securitypolicyviolation/securitypolicyviolation-block-cross-origin-image.sub.html [ Pass ] # wpt_subtest_failure
external/wpt/content-security-policy/securitypolicyviolation/targeting.html [ Timeout ] # wpt_subtest_failure external/wpt/content-security-policy/securitypolicyviolation/targeting.html [ Timeout ] # wpt_subtest_failure
external/wpt/content-security-policy/worker-src/service-none.https.sub.html [ Pass Failure ] external/wpt/content-security-policy/worker-src/service-none.https.sub.html [ Pass Failure ]
......
<!doctype html>
<html>
<head>
<meta http-equiv="Content-Security-Policy" content="require-trusted-types-for 'script';">
<script src="/resources/testharness.js"></script>
<script src="/resources/testharnessreport.js"></script>
</head>
<body>
<div id=log></div>
<script>
// To test workers, we need to importScripts source files in the workers.
// Since the point of this test is to test blocking of importScripts, we need
// to set up one policy that will blindly pass through URLs for use in the test
// setup, and then have additional policies for the actual test cases.
//
// For the same reason we cannot use the otherwise preferred 'META: workers'
// tag, since that test setup would be blocked as soon as trusted types
// enforcement is enabled.
const test_setup_policy = trustedTypes.createPolicy("hurrayanythinggoes", {
createScriptURL: x => x});
const test_url =
test_setup_policy.createScriptURL("support/WorkerGlobalScope-eval.https.js");
fetch_tests_from_worker(new Worker(test_url));
fetch_tests_from_worker(new SharedWorker(test_url));
// Cargo-culted from code generated from "META: worker".
if ('serviceWorker' in navigator) {
(async function() {
const scope = 'support/some/scope/for/this/test';
let reg = await navigator.serviceWorker.getRegistration(scope);
if (reg) await reg.unregister();
reg = await navigator.serviceWorker.register(test_url, {scope});
fetch_tests_from_worker(reg.installing);
})();
}
</script>
</body>
let test_setup_policy = trustedTypes.createPolicy("hurrayanythinggoes", {
createScriptURL: x => x
});
importScripts(test_setup_policy.createScriptURL("/resources/testharness.js"));
// Determine worker type (for better logging)
let worker_type = "unknown";
if (this.DedicatedWorkerGlobalScope !== undefined) {
worker_type = "dedicated worker";
} else if (this.SharedWorkerGlobalScope !== undefined) {
worker_type = "shared worker";
} else if (this.ServiceWorkerGlobalScope !== undefined) {
worker_type = "service worker";
}
// Test eval(string)
test(t => {
assert_throws_js(EvalError, _ => eval("2"));
}, "eval(string) in " + worker_type);
// Test eval(TrustedScript)
let test_policy = trustedTypes.createPolicy("xxx", {
createScript: x => x.replace("2", "7")
});
test(t => {
assert_equals(eval(test_policy.createScript("2")), 7);
}, "eval(TrustedScript) in " + worker_type);
// Test eval(String) with default policy
trustedTypes.createPolicy("default", {
createScript: x => x.replace("2", "5")
});
test(t => {
assert_equals(eval("2"), 5);
}, "eval(string) with default policy in " + worker_type);
done();
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment