Add web extensions API to allowlist access to a security origin

Allow EmptyOriginAccessPatterns singleton to be used on the WebProcess too.

The WebProcess should use the OriginAccessPatternsForWebProcess singleton to
handle its access patterns, and the EmptyOriginAccessPatterns is meant to be
used just by the rest of the processes. But when implementing the whitelist
API, we added a check where we call SecurityOrigin::isSameOriginDomain() to
find whether a domain access is whitelisted where we don't need to check the
WebProcesss access patterns but just the added allowed mappings. For that case,
using OriginAccessPatternsForWebProcess is computational waste, as those checks
have already been done, so we use the EmptyOriginAccessPatterns instead.

Author: pgorszkowski-igalia

Source/WebCore/page/OriginAccessPatterns.cpp

@@ -72,7 +72,6 @@ bool OriginAccessPatternsForWebProcess::anyPatternMatches(const URL& url) const
 
 const EmptyOriginAccessPatterns& EmptyOriginAccessPatterns::singleton()
 {
-    ASSERT(!isInWebProcess());
     static NeverDestroyed<EmptyOriginAccessPatterns> instance;
     return instance.get();
 }

Source/WebCore/page/SecurityOrigin.cpp

@@ -32,6 +32,7 @@
 #include "BlobURL.h"
 #include "LegacySchemeRegistry.h"
 #include "OriginAccessEntry.h"
+#include "OriginAccessPatterns.h"
 #include "PublicSuffixStore.h"
 #include "SecurityPolicy.h"
 #include <pal/text/TextEncoding.h>
@@ -291,6 +292,8 @@ bool SecurityOrigin::isSameOriginDomain(const SecurityOrigin& other) const
     if (canAccess && isLocal())
         canAccess = hasLocalUnseparatedPath(other);
 
+    canAccess |= SecurityPolicy::isAccessAllowed(*this, other, other.toURL(), EmptyOriginAccessPatterns::singleton());
+
     return canAccess;
 }
 

Source/WebKit/NetworkProcess/NetworkConnectionToWebProcess.cpp

@@ -81,6 +81,7 @@
 #include <WebCore/DeprecatedGlobalSettings.h>
 #include <WebCore/DocumentStorageAccess.h>
 #include <WebCore/HTTPCookieAcceptPolicy.h>
+#include <WebCore/LegacySchemeRegistry.h>
 #include <WebCore/LogInitialization.h>
 #include <WebCore/LoginStatus.h>
 #include <WebCore/NetworkStorageSession.h>
@@ -780,6 +781,11 @@ void NetworkConnectionToWebProcess::registerURLSchemesAsCORSEnabled(Vector<Strin
         registry->registerURLSchemeAsCORSEnabled(WTFMove(scheme));
 }
 
+void NetworkConnectionToWebProcess::registerURLSchemeAsHandledBySchemeHandler(const String& scheme)
+{
+    WebCore::LegacySchemeRegistry::registerURLSchemeAsHandledBySchemeHandler(scheme);
+}
+
 static bool shouldTreatAsSameSite(const URL& firstParty, const URL& url)
 {
 #if PLATFORM(COCOA) || USE(SOUP)

Source/WebKit/NetworkProcess/NetworkConnectionToWebProcess.h

@@ -309,6 +309,8 @@ class NetworkConnectionToWebProcess final
 
     void registerURLSchemesAsCORSEnabled(Vector<String>&& schemes);
 
+    void registerURLSchemeAsHandledBySchemeHandler(const String& scheme);
+
     void cookiesForDOM(const URL& firstParty, const WebCore::SameSiteInfo&, const URL&, WebCore::FrameIdentifier, WebCore::PageIdentifier, WebCore::IncludeSecureCookies, WebPageProxyIdentifier, CompletionHandler<void(String cookieString, bool secureCookiesAccessed)>&&);
     void setCookiesFromDOM(const URL& firstParty, const WebCore::SameSiteInfo&, const URL&, WebCore::FrameIdentifier, WebCore::PageIdentifier, const String& cookieString, WebCore::RequiresScriptTelemetry, WebPageProxyIdentifier);
     void cookieRequestHeaderFieldValue(const URL& firstParty, const WebCore::SameSiteInfo&, const URL&, std::optional<WebCore::FrameIdentifier>, std::optional<WebCore::PageIdentifier>, WebCore::IncludeSecureCookies, std::optional<WebPageProxyIdentifier>, CompletionHandler<void(String cookieString, bool secureCookiesAccessed)>&&);

Source/WebKit/NetworkProcess/NetworkConnectionToWebProcess.messages.in

@@ -116,6 +116,7 @@ messages -> NetworkConnectionToWebProcess WantsDispatchMessage {
     PostMessageToRemote(struct WebCore::MessageWithMessagePorts message, struct WebCore::MessagePortIdentifier remote)
     DidDeliverMessagePortMessages(WebKit::MessageBatchIdentifier messageBatchIdentifier)
     RegisterURLSchemesAsCORSEnabled(Vector<String> schemes);
+    RegisterURLSchemeAsHandledBySchemeHandler(String scheme)
     SetCORSDisablingPatterns(WebCore::PageIdentifier pageIdentifier, Vector<String> patterns)
 #if PLATFORM(MAC)
     GetProcessDisplayName(struct WebKit::CoreIPCAuditToken auditToken) -> (String displayName)

Source/WebKit/PlatformWPE.cmake

@@ -801,6 +801,7 @@ GI_INTROSPECT(${WPE_WEB_PROCESS_EXTENSION_API_NAME} ${WPE_API_VERSION} wpe/${WPE
         ${DERIVED_SOURCES_WPE_API_DIR}/WebKitContextMenuActions.h
         ${DERIVED_SOURCES_WPE_API_DIR}/WebKitContextMenuItem.h
         ${DERIVED_SOURCES_WPE_API_DIR}/WebKitHitTestResult.h
+        ${DERIVED_SOURCES_WPE_API_DIR}/WebKitSecurityOrigin.h
         ${DERIVED_SOURCES_WPE_API_DIR}/WebKitUserMessage.h
         ${DERIVED_SOURCES_WPE_API_DIR}/WebKitURIRequest.h
         ${DERIVED_SOURCES_WPE_API_DIR}/WebKitURIResponse.h

Source/WebKit/UIProcess/API/glib/WebKitSecurityOrigin.h.in

@@ -17,7 +17,7 @@
  * Boston, MA 02110-1301, USA.
  */
 
-@API_SINGLE_HEADER_CHECK@
+@SHARED_API_SINGLE_HEADER_CHECK@
 
 #ifndef WebKitSecurityOrigin_h
 #define WebKitSecurityOrigin_h

Source/WebKit/WebProcess/InjectedBundle/API/glib/WebKitWebExtension.cpp

@@ -23,6 +23,7 @@
 #include "APIDictionary.h"
 #include "APIInjectedBundleBundleClient.h"
 #include "APIString.h"
+#include "WebKitSecurityOriginPrivate.h"
 #include "WebKitUserMessagePrivate.h"
 #include "WebKitWebPagePrivate.h"
 #include "WebKitWebProcessExtensionPrivate.h"
@@ -122,6 +123,7 @@ enum {
 typedef HashMap<WebPage*, GRefPtr<WebKitWebPage> > WebPageMap;
 
 struct _WebKitWebExtensionPrivate {
+    RefPtr<InjectedBundle> bundle;
     WebPageMap pages;
 #if ENABLE(DEVELOPER_MODE)
     bool garbageCollectOnPageDestroy;
@@ -204,6 +206,7 @@ class WebExtensionInjectedBundleClient final : public API::InjectedBundle::Clien
 WebKitWebExtension* webkitWebProcessExtensionCreate(InjectedBundle* bundle)
 {
     WebKitWebExtension* extension = WEBKIT_WEB_EXTENSION(g_object_new(WEBKIT_TYPE_WEB_EXTENSION, NULL));
+    extension->priv->bundle = bundle;
     bundle->setClient(makeUnique<WebExtensionInjectedBundleClient>(extension));
     return extension;
 }
@@ -246,6 +249,31 @@ WebKitWebPage* webkit_web_extension_get_page(WebKitWebExtension* extension, guin
     return 0;
 }
 
+void webkit_web_extension_add_origin_access_whitelist_entry(WebKitWebExtension* extension, WebKitSecurityOrigin* origin, const char* protocol, const char* host, gboolean allowSubdomains)
+{
+    g_return_if_fail(WEBKIT_IS_WEB_EXTENSION(extension));
+    g_return_if_fail(origin);
+    g_return_if_fail(protocol);
+
+    extension->priv->bundle->addOriginAccessAllowListEntry(webkitSecurityOriginGetSecurityOriginData(origin).toString(), String::fromUTF8(protocol), String::fromUTF8(host), host ? allowSubdomains : true);
+}
+
+void webkit_web_extension_remove_origin_access_whitelist_entry(WebKitWebExtension* extension, WebKitSecurityOrigin* origin, const char* protocol, const char* host, gboolean allowSubdomains)
+{
+    g_return_if_fail(WEBKIT_IS_WEB_EXTENSION(extension));
+    g_return_if_fail(origin);
+    g_return_if_fail(protocol);
+
+    extension->priv->bundle->removeOriginAccessAllowListEntry(webkitSecurityOriginGetSecurityOriginData(origin).toString(), String::fromUTF8(protocol), String::fromUTF8(host), host ? allowSubdomains : true);
+}
+
+void webkit_web_extension_reset_origin_access_whitelists(WebKitWebExtension* extension)
+{
+    g_return_if_fail(WEBKIT_IS_WEB_EXTENSION(extension));
+
+    extension->priv->bundle->resetOriginAccessAllowLists();
+}
+
 /**
  * webkit_web_extension_send_message_to_context:
  * @extension: a #WebKitWebExtension

Source/WebKit/WebProcess/InjectedBundle/API/glib/WebKitWebExtension.h.in

@@ -24,6 +24,7 @@
 
 #include <glib-object.h>
 #include <@API_INCLUDE_PREFIX@/WebKitDefines.h>
+#include <@API_INCLUDE_PREFIX@/WebKitSecurityOrigin.h>
 #include <@API_INCLUDE_PREFIX@/WebKitUserMessage.h>
 #include <@API_INCLUDE_PREFIX@/WebKitWebPage.h>
 
@@ -74,6 +75,23 @@ WEBKIT_API WebKitWebPage *
 webkit_web_extension_get_page                       (WebKitWebExtension *extension,
                                                      guint64             page_id);
 
+WEBKIT_API void
+webkit_web_extension_add_origin_access_whitelist_entry    (WebKitWebExtension   *extension,
+                                                           WebKitSecurityOrigin *origin,
+                                                           const gchar          *protocol,
+                                                           const gchar          *host,
+                                                           gboolean              allow_subdomains);
+
+WEBKIT_API void
+webkit_web_extension_remove_origin_access_whitelist_entry (WebKitWebExtension   *extension,
+                                                           WebKitSecurityOrigin *origin,
+                                                           const gchar          *protocol,
+                                                           const gchar          *host,
+                                                           gboolean              allow_subdomains);
+
+WEBKIT_API void
+webkit_web_extension_reset_origin_access_whitelists       (WebKitWebExtension   *extension);
+
 WEBKIT_API void
 webkit_web_extension_send_message_to_context        (WebKitWebExtension *extension,
                                                      WebKitUserMessage  *message,

Source/WebKit/WebProcess/WebPage/WebPage.cpp

@@ -8528,6 +8528,7 @@ void WebPage::registerURLSchemeHandler(WebURLSchemeHandlerIdentifier handlerIden
     WebCore::LegacySchemeRegistry::registerURLSchemeAsCORSEnabled(scheme);
     auto schemeResult = m_schemeToURLSchemeHandlerProxyMap.add(scheme, WebURLSchemeHandlerProxy::create(*this, handlerIdentifier));
     m_identifierToURLSchemeHandlerProxyMap.add(handlerIdentifier, Ref { *schemeResult.iterator->value }.get());
+    WebProcess::singleton().ensureNetworkProcessConnection().connection().send(Messages::NetworkConnectionToWebProcess::RegisterURLSchemeAsHandledBySchemeHandler { scheme }, 0);
 }
 
 void WebPage::urlSchemeTaskWillPerformRedirection(WebURLSchemeHandlerIdentifier handlerIdentifier, WebCore::ResourceLoaderIdentifier taskIdentifier, ResourceResponse&& response, ResourceRequest&& request, CompletionHandler<void(WebCore::ResourceRequest&&)>&& completionHandler)