WebKit Bugzilla
Attachment 370557 Details for
Bug 198210
: Web Inspector: Network: provide a way to accept alternate types of certificate data
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
Patch
bug-198210-20190523211659.patch (text/plain), 13.71 KB, created by
Devin Rousso
on 2019-05-23 21:17:00 PDT
(
hide
)
Description:
Patch
Filename:
MIME Type:
Creator:
Devin Rousso
Created:
2019-05-23 21:17:00 PDT
Size:
13.71 KB
patch
obsolete
>diff --git a/Source/JavaScriptCore/ChangeLog b/Source/JavaScriptCore/ChangeLog >index e9d34b8bafd14c1a66aab6c66f8d603fe17c128d..a85e0142941d17cb318e2be0bfb621e831c22037 100644 >--- a/Source/JavaScriptCore/ChangeLog >+++ b/Source/JavaScriptCore/ChangeLog >@@ -1,3 +1,21 @@ >+2019-05-23 Devin Rousso <drousso@apple.com> >+ >+ Web Inspector: Network: provide a way to accept alternate types of certificate data >+ https://bugs.webkit.org/show_bug.cgi?id=198210 >+ >+ Reviewed by NOBODY (OOPS!). >+ >+ Both the Network agent and `InspectorFrontendHost` use a `CertificateInfo` for encoding and >+ decoding, but other devices or frameworks may not have included the entirety of WebKit, and >+ therefore may only have a smaller subset of the data expected by `CertificateInfo`. >+ >+ There should be a way to send back other types of certificate data from >+ `Network.getSerializedCertificate` that `InspectorFrontendHost::showCertificate` can then >+ handle. >+ >+ * inspector/protocol/Network.json: >+ * inspector/protocol/Security.json: >+ > 2019-05-23 Devin Rousso <drousso@apple.com> > > Web Inspector: Overlay: rulers/guides should be shown whenever element selection is enabled >diff --git a/Source/WebCore/ChangeLog b/Source/WebCore/ChangeLog >index 1bae1ee5fb6e1d0ca3b6fb5733fcbbb4d228f10c..01faba4f717bafa6a1e18ce8526fcf5ec620b329 100644 >--- a/Source/WebCore/ChangeLog >+++ b/Source/WebCore/ChangeLog >@@ -1,3 +1,32 @@ >+2019-05-23 Devin Rousso <drousso@apple.com> >+ >+ Web Inspector: Network: provide a way to accept alternate types of certificate data >+ https://bugs.webkit.org/show_bug.cgi?id=198210 >+ >+ Reviewed by NOBODY (OOPS!). >+ >+ Both the Network agent and `InspectorFrontendHost` use a `CertificateInfo` for encoding and >+ decoding, but other devices or frameworks may not have included the entirety of WebKit, and >+ therefore may only have a smaller subset of the data expected by `CertificateInfo`. >+ >+ There should be a way to send back other types of certificate data from >+ `Network.getSerializedCertificate` that `InspectorFrontendHost::showCertificate` can then >+ handle. >+ >+ * inspector/InspectorFrontendHost.idl: >+ * inspector/InspectorFrontendHost.h: >+ * inspector/InspectorFrontendHost.cpp: >+ (WebCore::InspectorFrontendHost::showCertificate): >+ >+ * inspector/agents/InspectorNetworkAgent.h: >+ * inspector/agents/InspectorNetworkAgent.cpp: >+ (WebCore::InspectorNetworkAgent::getSerializedCertificate): >+ >+ * platform/network/cf/CertificateInfo.h: >+ (WTF::Persistence::decodeSecTrustRef): >+ (WTF::Persistence::decodeSecTrustRefIfAble): Added. >+ (WTF::Persistence::Coder<WebCore::CertificateInfo>::decode): >+ > 2019-05-23 Devin Rousso <drousso@apple.com> > > Web Inspector: Overlay: rulers/guides should be shown whenever element selection is enabled >diff --git a/Source/WebInspectorUI/ChangeLog b/Source/WebInspectorUI/ChangeLog >index e3aa85b0222c695a87a1c48fc8c5653d815906a6..1c91d00918356c1e5bcd669f2019ce61a6cc2733 100644 >--- a/Source/WebInspectorUI/ChangeLog >+++ b/Source/WebInspectorUI/ChangeLog >@@ -1,3 +1,21 @@ >+2019-05-23 Devin Rousso <drousso@apple.com> >+ >+ Web Inspector: Network: provide a way to accept alternate types of certificate data >+ https://bugs.webkit.org/show_bug.cgi?id=198210 >+ >+ Reviewed by NOBODY (OOPS!). >+ >+ Both the Network agent and `InspectorFrontendHost` use a `CertificateInfo` for encoding and >+ decoding, but other devices or frameworks may not have included the entirety of WebKit, and >+ therefore may only have a smaller subset of the data expected by `CertificateInfo`. >+ >+ There should be a way to send back other types of certificate data from >+ `Network.getSerializedCertificate` that `InspectorFrontendHost::showCertificate` can then >+ handle. >+ >+ * UserInterface/Models/Resource.js: >+ (WI.Resource.prototype.async showCertificate): >+ > 2019-05-23 Devin Rousso <drousso@apple.com> > > Web Inspector: Overlay: rulers/guides should be shown whenever element selection is enabled >diff --git a/Source/JavaScriptCore/inspector/protocol/Network.json b/Source/JavaScriptCore/inspector/protocol/Network.json >index 1ed44713f615ba0737c9954af6717443163ddadb..d02054daeddb263f57005c08b2abe36b541a816d 100644 >--- a/Source/JavaScriptCore/inspector/protocol/Network.json >+++ b/Source/JavaScriptCore/inspector/protocol/Network.json >@@ -206,7 +206,8 @@ > { "name": "requestId", "$ref": "RequestId" } > ], > "returns": [ >- { "name": "serializedCertificate", "type": "string", "description": "Represents a base64 encoded WebCore::CertificateInfo object." } >+ { "name": "serializedCertificate", "type": "string", "description": "Represents a base64 encoded certificat object." }, >+ { "name": "type", "$ref": "Security.SerializedCertificateType", "description": "Indicates what type of certificate is encoded in <code>serializedCertificate</code." } > ] > }, > { >diff --git a/Source/JavaScriptCore/inspector/protocol/Security.json b/Source/JavaScriptCore/inspector/protocol/Security.json >index 4c16135fc17847b1e49af2c1c8cc00b7b8505554..e6f19f3cfac49e497d87f2324fab7a6bddcb3235 100644 >--- a/Source/JavaScriptCore/inspector/protocol/Security.json >+++ b/Source/JavaScriptCore/inspector/protocol/Security.json >@@ -23,6 +23,12 @@ > { "name": "ipAddresses", "type": "array", "items": { "type": "string" }, "optional": true, "description": "IP addresses listed on the certificate."} > ] > }, >+ { >+ "id": "SerializedCertificateType", >+ "type": "string", >+ "enum": ["WebCore", "SecTrustRef"], >+ "description": "Identifies what type of certificate is represented in the serialized string." >+ }, > { > "id": "Security", > "type": "object", >diff --git a/Source/WebCore/inspector/InspectorFrontendHost.cpp b/Source/WebCore/inspector/InspectorFrontendHost.cpp >index 64d1abaec278b1fe142e21612b16599b8949cb20..1a94ab9119817f634b4bcb4bde383d246a3daea5 100644 >--- a/Source/WebCore/inspector/InspectorFrontendHost.cpp >+++ b/Source/WebCore/inspector/InspectorFrontendHost.cpp >@@ -475,7 +475,7 @@ bool InspectorFrontendHost::supportsShowCertificate() const > #endif > } > >-bool InspectorFrontendHost::showCertificate(const String& serializedCertificate) >+bool InspectorFrontendHost::showCertificate(const String& serializedCertificate, const String& type) > { > if (!m_client) > return false; >@@ -486,8 +486,24 @@ bool InspectorFrontendHost::showCertificate(const String& serializedCertificate) > > CertificateInfo certificateInfo; > WTF::Persistence::Decoder decoder(data.data(), data.size()); >- if (!decoder.decode(certificateInfo)) >+ >+ if (type.isEmpty() || type == "WebCore") { >+ if (!decoder.decode(certificateInfo)) >+ return false; >+ } >+#if HAVE(SEC_TRUST_SERIALIZATION) >+ else if (type == "SecTrustRef") { >+ RetainPtr<SecTrustRef> trust; >+ if (!WTF::Persistence::decodeSecTrustRef(decoder, trust)) >+ return false; >+ >+ certificateInfo = CertificateInfo(WTFMove(trust)); >+ } >+#endif >+ else { >+ ASSERT_NOT_REACHED(); > return false; >+ } > > if (certificateInfo.isEmpty()) > return false; >diff --git a/Source/WebCore/inspector/InspectorFrontendHost.h b/Source/WebCore/inspector/InspectorFrontendHost.h >index 3017cb76c09e5d27ee416ed5c9bc47d3b0ecdcab..908e1429c5860090c479d618b47bfe172c13da76 100644 >--- a/Source/WebCore/inspector/InspectorFrontendHost.h >+++ b/Source/WebCore/inspector/InspectorFrontendHost.h >@@ -62,7 +62,7 @@ public: > void inspectedURLChanged(const String&); > > bool supportsShowCertificate() const; >- bool showCertificate(const String& serializedCertificate); >+ bool showCertificate(const String& serializedCertificate, const String& type); > > void setZoomFactor(float); > float zoomFactor(); >diff --git a/Source/WebCore/inspector/InspectorFrontendHost.idl b/Source/WebCore/inspector/InspectorFrontendHost.idl >index 023a39cbc8f0884e390b29822d19bdaffa912992..494ca18b0089085146a347cc35aca1d8a1231451 100644 >--- a/Source/WebCore/inspector/InspectorFrontendHost.idl >+++ b/Source/WebCore/inspector/InspectorFrontendHost.idl >@@ -41,7 +41,7 @@ > void inspectedURLChanged(DOMString newURL); > > readonly attribute boolean supportsShowCertificate; >- boolean showCertificate(DOMString serializedCertificate); >+ boolean showCertificate(DOMString serializedCertificate, DOMString type); > > void setZoomFactor(unrestricted float zoom); > float zoomFactor(); >diff --git a/Source/WebCore/inspector/agents/InspectorNetworkAgent.cpp b/Source/WebCore/inspector/agents/InspectorNetworkAgent.cpp >index 97b86fc0fddf053e2731ca631fde6c91b9502df1..a9d21536192876087f8d2087923e76ce0c4c4c73 100644 >--- a/Source/WebCore/inspector/agents/InspectorNetworkAgent.cpp >+++ b/Source/WebCore/inspector/agents/InspectorNetworkAgent.cpp >@@ -924,7 +924,7 @@ void InspectorNetworkAgent::loadResource(const String& frameId, const String& ur > inspectorThreadableLoaderClient->setLoader(WTFMove(loader)); > } > >-void InspectorNetworkAgent::getSerializedCertificate(ErrorString& errorString, const String& requestId, String* serializedCertificate) >+void InspectorNetworkAgent::getSerializedCertificate(ErrorString& errorString, const String& requestId, String* serializedCertificate, Inspector::Protocol::Security::SerializedCertificateType* type) > { > auto* resourceData = m_resourcesData->data(requestId); > if (!resourceData) { >@@ -941,6 +941,8 @@ void InspectorNetworkAgent::getSerializedCertificate(ErrorString& errorString, c > WTF::Persistence::Encoder encoder; > encoder << certificate.value(); > *serializedCertificate = base64Encode(encoder.buffer(), encoder.bufferSize()); >+ >+ *type = Inspector::Protocol::Security::SerializedCertificateType::WebCore; > } > > WebSocket* InspectorNetworkAgent::webSocketForRequestId(const String& requestId) >diff --git a/Source/WebCore/inspector/agents/InspectorNetworkAgent.h b/Source/WebCore/inspector/agents/InspectorNetworkAgent.h >index 58d8cdef1b8df356489eec7f3f61b48478ebd5a7..10b480dd1db8c044f8a64788e71cff2703df604d 100644 >--- a/Source/WebCore/inspector/agents/InspectorNetworkAgent.h >+++ b/Source/WebCore/inspector/agents/InspectorNetworkAgent.h >@@ -115,7 +115,7 @@ public: > void getResponseBody(ErrorString&, const String& requestId, String* content, bool* base64Encoded) final; > void setResourceCachingDisabled(ErrorString&, bool disabled) final; > void loadResource(const String& frameId, const String& url, Ref<LoadResourceCallback>&&) final; >- void getSerializedCertificate(ErrorString&, const String& requestId, String* serializedCertificate) final; >+ void getSerializedCertificate(ErrorString&, const String& requestId, String* serializedCertificate, Inspector::Protocol::Security::SerializedCertificateType*) final; > void resolveWebSocket(ErrorString&, const String& requestId, const String* objectGroup, RefPtr<Inspector::Protocol::Runtime::RemoteObject>&) final; > > virtual String loaderIdentifier(DocumentLoader*) = 0; >diff --git a/Source/WebCore/platform/network/cf/CertificateInfo.h b/Source/WebCore/platform/network/cf/CertificateInfo.h >index f9311130793c13485acc657c40d6af5199b049f8..f8f0673be874dd113a16d6db4a4bdb890a44f375 100644 >--- a/Source/WebCore/platform/network/cf/CertificateInfo.h >+++ b/Source/WebCore/platform/network/cf/CertificateInfo.h >@@ -138,13 +138,6 @@ static void encodeSecTrustRef(Encoder& encoder, SecTrustRef trust) > > static bool decodeSecTrustRef(Decoder& decoder, RetainPtr<SecTrustRef>& result) > { >- bool hasTrust; >- if (!decoder.decode(hasTrust)) >- return false; >- >- if (!hasTrust) >- return true; >- > RetainPtr<CFDataRef> trustData; > if (!decodeCFData(decoder, trustData)) > return false; >@@ -156,6 +149,18 @@ static bool decodeSecTrustRef(Decoder& decoder, RetainPtr<SecTrustRef>& result) > result = WTFMove(trust); > return true; > } >+ >+static bool decodeSecTrustRefIfAble(Decoder& decoder, RetainPtr<SecTrustRef>& result) >+{ >+ bool hasTrust; >+ if (!decoder.decode(hasTrust)) >+ return false; >+ >+ if (!hasTrust) >+ return true; >+ >+ return decodeSecTrustRef(decoder, result); >+} > #endif > > #if PLATFORM(COCOA) >@@ -230,7 +235,7 @@ template<> struct Coder<WebCore::CertificateInfo> { > #if HAVE(SEC_TRUST_SERIALIZATION) > case WebCore::CertificateInfo::Type::Trust: { > RetainPtr<SecTrustRef> trust; >- if (!decodeSecTrustRef(decoder, trust)) >+ if (!decodeSecTrustRefIfAble(decoder, trust)) > return false; > > certificateInfo = WebCore::CertificateInfo(WTFMove(trust)); >diff --git a/Source/WebInspectorUI/UserInterface/Models/Resource.js b/Source/WebInspectorUI/UserInterface/Models/Resource.js >index dc752086d611c3f89e677c9add1217494396846b..d414a5ed3d7d550ab5d92acbd5cb77f760bfec2b 100644 >--- a/Source/WebInspectorUI/UserInterface/Models/Resource.js >+++ b/Source/WebInspectorUI/UserInterface/Models/Resource.js >@@ -1121,8 +1121,8 @@ WI.Resource = class Resource extends WI.SourceCode > let errorString = WI.UIString("Unable to show certificate for \u201C%s\u201D").format(this.url); > > try { >- let {serializedCertificate} = await NetworkAgent.getSerializedCertificate(this._requestIdentifier); >- if (InspectorFrontendHost.showCertificate(serializedCertificate)) >+ let {serializedCertificate, type} = await NetworkAgent.getSerializedCertificate(this._requestIdentifier); >+ if (InspectorFrontendHost.showCertificate(serializedCertificate, type || "")) > return; > } catch (e) { > console.error(e);
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=370557">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Formatted Diff
|
Diff
Attachments on
bug 198210
: 370557