Prevent dynamic import in service worker

https://bugs.webkit.org/show_bug.cgi?id=222308 Reviewed by Youenn Fablet. LayoutTests/imported/w3c: Covering service-worker case. * web-platform-tests/service-workers/service-worker/import-module-scripts.https-expected.txt: Source/WebCore: dynamic-import should be always rejected if script is executed in Worklets or ServiceWorkers. This is recently changed in the spec whatwg/html#6395. * bindings/js/ScriptModuleLoader.cpp: (WebCore::isWorkletOrServiceWorker): (WebCore::ScriptModuleLoader::importModule): LayoutTests: Covering worklet case. * http/wpt/webaudio/the-audio-api/the-audioworklet-interface/dynamic-import-is-prohibited.https-expected.txt: Added. * http/wpt/webaudio/the-audio-api/the-audioworklet-interface/dynamic-import-is-prohibited.https.html: Added. * http/wpt/webaudio/the-audio-api/the-audioworklet-interface/processors/dynamic-import-is-prohibited.js: Added. (DynamicImportIsProhibitedProcessor.prototype.process): (DynamicImportIsProhibitedProcessor): git-svn-id: http://svn.webkit.org/repository/webkit/trunk@274404 268f45cc-cd09-0410-ab3c-d52691b4dbfc
yury-s · Mar 14, 2021 · 731e989 · 731e989
1 parent 97b25c2
commit 731e989
Show file tree

Hide file tree

Showing 8 changed files with 115 additions and 5 deletions.
diff --git a/LayoutTests/ChangeLog b/LayoutTests/ChangeLog
@@ -1,3 +1,18 @@
+2021-03-14  Yusuke Suzuki  <ysuzuki@apple.com>
+
+        Prevent dynamic import in service worker
+        https://bugs.webkit.org/show_bug.cgi?id=222308
+
+        Reviewed by Youenn Fablet.
+
+        Covering worklet case.
+
+        * http/wpt/webaudio/the-audio-api/the-audioworklet-interface/dynamic-import-is-prohibited.https-expected.txt: Added.
+        * http/wpt/webaudio/the-audio-api/the-audioworklet-interface/dynamic-import-is-prohibited.https.html: Added.
+        * http/wpt/webaudio/the-audio-api/the-audioworklet-interface/processors/dynamic-import-is-prohibited.js: Added.
+        (DynamicImportIsProhibitedProcessor.prototype.process):
+        (DynamicImportIsProhibitedProcessor):
+
 2021-03-13  Wenson Hsieh  <wenson_hsieh@apple.com>
 
         [iOS] Selecting the first word in an image overlay may select text in the previous line

diff --git a/.../the-audio-api/the-audioworklet-interface/dynamic-import-is-prohibited.https-expected.txt b/.../the-audio-api/the-audioworklet-interface/dynamic-import-is-prohibited.https-expected.txt
@@ -0,0 +1,3 @@
+
+PASS dynamic-import is prohibited in AudioWorklets
+
diff --git a/...webaudio/the-audio-api/the-audioworklet-interface/dynamic-import-is-prohibited.https.html b/...webaudio/the-audio-api/the-audioworklet-interface/dynamic-import-is-prohibited.https.html
@@ -0,0 +1,30 @@
+<!doctype html>
+<title>Tests dynamic-import is prohibited in AudioWorklets</title>
+<script src=/resources/testharness.js></script>
+<script src=/resources/testharnessreport.js></script>
+<script>
+var context;
+promise_setup(async (t) => {
+  context = new AudioContext();
+  const filePath = 'processors/dynamic-import-is-prohibited.js';
+  await context.audioWorklet.addModule(filePath);
+});
+
+const get_error = async (node) => {
+  const event = await new Promise((resolve) => {
+    node.port.onmessage = resolve;
+  });
+  return event.data.error;
+};
+
+promise_test(async (t) => {
+  const options = {
+    numberOfInputs: 0,
+    numberOfOutputs: 1
+  };
+
+  const node = new AudioWorkletNode(context, 'dynamic-import-is-prohibited', options);
+  const error = await get_error(node);
+  assert_equals(error, `TypeError: Dynamic-import is not available in Worklets or ServiceWorkers`);
+}, 'dynamic-import is prohibited in AudioWorklets');
+</script>
diff --git a/...audio/the-audio-api/the-audioworklet-interface/processors/dynamic-import-is-prohibited.js b/...audio/the-audio-api/the-audioworklet-interface/processors/dynamic-import-is-prohibited.js
@@ -0,0 +1,16 @@
+class DynamicImportIsProhibitedProcessor extends AudioWorkletProcessor {
+  process(inputs, outputs) {
+    import("./dynamic-import-is-prohibited.js").then(() => {
+        this.port.postMessage({
+          error: null
+        });
+    }, (error) => {
+        this.port.postMessage({
+          error: String(error)
+        });
+    });
+    return false;
+  }
+}
+
+registerProcessor('dynamic-import-is-prohibited', DynamicImportIsProhibitedProcessor);
diff --git a/LayoutTests/imported/w3c/ChangeLog b/LayoutTests/imported/w3c/ChangeLog
@@ -1,3 +1,14 @@
+2021-03-14  Yusuke Suzuki  <ysuzuki@apple.com>
+
+        Prevent dynamic import in service worker
+        https://bugs.webkit.org/show_bug.cgi?id=222308
+
+        Reviewed by Youenn Fablet.
+
+        Covering service-worker case.
+
+        * web-platform-tests/service-workers/service-worker/import-module-scripts.https-expected.txt:
+
 2021-03-13  Commit Queue  <commit-queue@webkit.org>
 
         Unreviewed, reverting r274379.

diff --git a/...eb-platform-tests/service-workers/service-worker/import-module-scripts.https-expected.txt b/...eb-platform-tests/service-workers/service-worker/import-module-scripts.https-expected.txt
@@ -1,9 +1,9 @@
 
 PASS Static import.
 PASS Nested static import.
-PASS Static import and then dynamic import.
-PASS Dynamic import.
-PASS Nested dynamic import.
-PASS Dynamic import and then static import.
-PASS eval(import()).
+FAIL Static import and then dynamic import. assert_array_equals: value is "Failed to do dynamic import: TypeError: Dynamic-import is not available in Worklets or ServiceWorkers", expected array
+FAIL Dynamic import. assert_array_equals: value is "Failed to do dynamic import: TypeError: Dynamic-import is not available in Worklets or ServiceWorkers", expected array
+FAIL Nested dynamic import. assert_array_equals: value is "Failed to do dynamic import: TypeError: Dynamic-import is not available in Worklets or ServiceWorkers", expected array
+FAIL Dynamic import and then static import. assert_array_equals: value is "Failed to do dynamic import: TypeError: Dynamic-import is not available in Worklets or ServiceWorkers", expected array
+FAIL eval(import()). assert_array_equals: value is "Failed to do dynamic import: TypeError: Dynamic-import is not available in Worklets or ServiceWorkers", expected array
 
diff --git a/Source/WebCore/ChangeLog b/Source/WebCore/ChangeLog
@@ -1,3 +1,17 @@
+2021-03-14  Yusuke Suzuki  <ysuzuki@apple.com>
+
+        Prevent dynamic import in service worker
+        https://bugs.webkit.org/show_bug.cgi?id=222308
+
+        Reviewed by Youenn Fablet.
+
+        dynamic-import should be always rejected if script is executed in Worklets or ServiceWorkers.
+        This is recently changed in the spec https://github.com/whatwg/html/pull/6395.
+
+        * bindings/js/ScriptModuleLoader.cpp:
+        (WebCore::isWorkletOrServiceWorker):
+        (WebCore::ScriptModuleLoader::importModule):
+
 2021-03-14  Rob Buis  <rbuis@igalia.com>
 
         Cancel image loader events after first dispatch

diff --git a/Source/WebCore/bindings/js/ScriptModuleLoader.cpp b/Source/WebCore/bindings/js/ScriptModuleLoader.cpp
@@ -45,6 +45,7 @@
 #include "WorkerOrWorkletScriptController.h"
 #include "WorkerScriptFetcher.h"
 #include "WorkerScriptLoader.h"
+#include "WorkletGlobalScope.h"
 #include <JavaScriptCore/Completion.h>
 #include <JavaScriptCore/JSInternalPromise.h>
 #include <JavaScriptCore/JSModuleRecord.h>
@@ -54,6 +55,10 @@
 #include <JavaScriptCore/JSString.h>
 #include <JavaScriptCore/Symbol.h>
 
+#if ENABLE(SERVICE_WORKER)
+#include "ServiceWorkerGlobalScope.h"
+#endif
+
 namespace WebCore {
 
 ScriptModuleLoader::ScriptModuleLoader(ScriptExecutionContext& context, OwnerType ownerType)
@@ -258,11 +263,27 @@ static JSC::JSInternalPromise* rejectPromise(JSDOMGlobalObject& globalObject, Ex
     return jsPromise;
 }
 
+static bool isWorkletOrServiceWorker(ScriptExecutionContext& context)
+{
+    if (is<WorkletGlobalScope>(context))
+        return true;
+#if ENABLE(SERVICE_WORKER)
+    if (is<ServiceWorkerGlobalScope>(context))
+        return true;
+#endif
+    return false;
+}
+
 JSC::JSInternalPromise* ScriptModuleLoader::importModule(JSC::JSGlobalObject* jsGlobalObject, JSC::JSModuleLoader*, JSC::JSString* moduleName, JSC::JSValue parameters, const JSC::SourceOrigin& sourceOrigin)
 {
     JSC::VM& vm = jsGlobalObject->vm();
     auto& globalObject = *JSC::jsCast<JSDOMGlobalObject*>(jsGlobalObject);
 
+    // https://html.spec.whatwg.org/multipage/webappapis.html#hostimportmoduledynamically(referencingscriptormodule,-specifier,-promisecapability)
+    // If settings object's global object implements WorkletGlobalScope or ServiceWorkerGlobalScope, then:
+    if (isWorkletOrServiceWorker(m_context))
+        return rejectPromise(globalObject, TypeError, "Dynamic-import is not available in Worklets or ServiceWorkers"_s);
+
     // If SourceOrigin and/or CachedScriptFetcher is null, we import the module with the default fetcher.
     // SourceOrigin can be null if the source code is not coupled with the script file.
     // The examples,