Branch: refs/heads/main
Home: https://github.com/WebKit/WebKit
Commit: 524b5e70e865c270e631735d67a175682ed6b58f
https://github.com/WebKit/WebKit/commit/524b5e70e865c270e631735d67a175682ed6b58f
Author: Ronan Turner <[email protected]>
Date: 2025-12-09 (Tue, 09 Dec 2025)
Changed paths:
M Source/WebCore/css/CSSFontFace.cpp
M Source/WebCore/css/CSSFontFace.h
M Source/WebCore/css/CSSFontFaceSource.cpp
M Source/WebCore/css/CSSFontFaceSource.h
M Source/WebCore/css/CSSFontSelector.cpp
M Source/WebCore/loader/cache/CachedFont.cpp
M Source/WebCore/loader/cache/CachedFont.h
M Source/WebCore/platform/graphics/Font.cpp
M Source/WebCore/platform/graphics/Font.h
M Source/WebCore/workers/WorkerFontLoadRequest.cpp
M Source/WebCore/workers/WorkerFontLoadRequest.h
M Tools/TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj
M Tools/TestWebKitAPI/Tests/WebKitCocoa/LockdownModeFonts.mm
A Tools/TestWebKitAPI/Tests/WebKitCocoa/SafeFontParser-Invalid.ttf
A Tools/TestWebKitAPI/Tests/WebKitCocoa/SafeFontParser-Worker.html
Log Message:
-----------
Ensure SafeFontParser is used more widely.
https://bugs.webkit.org/show_bug.cgi?id=299511
rdar://160955353
Reviewed by Vitor Roriz and Brent Fulgham.
SafeFontParser is adopted either when we enable Lockdown Mode, or when
an explicit setting is set to force it to be used. There were several
cases where we still did not use SafeFontParser for custom fonts - when
creating a font request in a Worker, and primarily when supplying
immediate font sources that did not require a network load.
This adopts SafeFontParser for these cases too and adjusts several calls
to be more explicitly clear in their function.
Testing this is quite tricky as we do not expose anything about being
handled by SafeFontParser. Instead, currently, a canary font is used in
two additional test cases that should fail to parse in SafeFontParser,
but succeeds in FontParser. This allows a proxy measure for identifying
if we've been loaded in SafeFontParser.
* Source/WebCore/css/CSSFontFace.cpp:
(WebCore::CSSFontFace::CSSFontFace):
(WebCore::CSSFontFace::opportunisticallyStartFontDataURLLoading):
(WebCore::CSSFontFace::pump):
(WebCore::CSSFontFace::font):
* Source/WebCore/css/CSSFontFace.h:
* Source/WebCore/css/CSSFontFaceSource.cpp:
(WebCore::CSSFontFaceSource::opportunisticallyStartFontDataURLLoading):
(WebCore::CSSFontFaceSource::loadCustomFont):
(WebCore::CSSFontFaceSource::load):
* Source/WebCore/css/CSSFontFaceSource.h:
* Source/WebCore/css/CSSFontSelector.cpp:
(WebCore::CSSFontSelector::opportunisticallyStartFontDataURLLoading):
* Source/WebCore/loader/cache/CachedFont.cpp:
(WebCore::CachedFont::ensureCustomFontData):
(WebCore::CachedFont::createCustomFontData):
(WebCore::CachedFont::createCustomFontDataWithPolicy):
(WebCore::CachedFont::createCustomFontDataSystemParser):
(WebCore::CachedFont::createCustomFontDataSafeFontParser):
(WebCore::CachedFont::createCustomFontDataExperimentalParser): Deleted.
* Source/WebCore/loader/cache/CachedFont.h:
* Source/WebCore/platform/graphics/Font.cpp:
(WebCore::Font::create):
* Source/WebCore/platform/graphics/Font.h:
* Source/WebCore/workers/WorkerFontLoadRequest.cpp:
(WebCore::WorkerFontLoadRequest::loadCustomFont):
(WebCore::WorkerFontLoadRequest::ensureCustomFontData):
* Source/WebCore/workers/WorkerFontLoadRequest.h:
* Tools/TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj:
* Tools/TestWebKitAPI/Tests/WebKitCocoa/LockdownModeFonts.mm:
(TestWebKitAPI::EncodeResourceAsArrayString):
(TestWebKitAPI::TEST(LockdownMode, NotAllowedFontLoadingAPI)):
(TestWebKitAPI::TEST(LockdownMode, AllowedFontLoadingAPI)):
(TestWebKitAPI::TEST(LockdownMode, NotSupportedFontLoadingAPI)):
(TestWebKitAPI::TEST(LockdownMode, DISABLED_ImmediateParsedViaSafeFontParser)):
(TestWebKitAPI::TEST(LockdownMode, DISABLED_CanaryFontSucceedsInFontParser)):
(TestWebKitAPI::TEST(LockdownMode, DISABLED_WorkerFontParsedViaSafeFontParser)):
* Tools/TestWebKitAPI/Tests/WebKitCocoa/SafeFontParser-Invalid.ttf: Added.
* Tools/TestWebKitAPI/Tests/WebKitCocoa/SafeFontParser-Worker.html: Added.
Originally-landed-as: 297297.479@safari-7622-branch (0d4976340f1d).
rdar://164212005
Canonical link: https://commits.webkit.org/304167@main
To unsubscribe from these emails, change your notification settings at
https://github.com/WebKit/WebKit/settings/notifications
