Bug 775639 – portal helper should use private data/cache directories

After an evaluation, GNOME has moved from Bugzilla to GitLab. Learn more about GitLab.
No new issues can be reported in GNOME Bugzilla anymore.
To report an issue in a GNOME project, go to GNOME GitLab.
Do not go to GNOME Gitlab for: Bluefish, Doxygen, GnuCash, GStreamer, java-gnome, LDTP, NetworkManager, Tomboy.

Bug 775639 - portal helper should use private data/cache directories


Summary:	portal helper should use private data/cache directories


Status:	RESOLVED FIXED

Product:	gnome-shell
Classification:	Core
Component:	portal-helper
Version:	3.22.x
Hardware:	Other Linux

Importance:	Normal normal
Target Milestone:	---
Assigned To:	gnome-shell-maint
QA Contact:	gnome-shell-maint

URL:
Whiteboard:

Depends on:
Blocks:

Reported:	2016-12-05 14:29 UTC by Michael Catanzaro
Modified:	2017-01-24 12:36 UTC

See Also:
GNOME target:	---
GNOME version:	---

Attachments
portalHelper: Use private data/cache directories (2.64 KB, patch) 2017-01-23 06:35 UTC, Bastien Nocera	none	Details \| Review
portalHelper: Use private data/cache directories (2.71 KB, patch) 2017-01-23 07:07 UTC, Bastien Nocera	none	Details \| Review
portalHelper: Use private data/cache directories (3.02 KB, patch) 2017-01-23 08:03 UTC, Bastien Nocera	committed	Details \| Review

Description Michael Catanzaro 2016-12-05 14:29:43 UTC

A user reports that our captive portal helper just loads www.gnome.org and does nothing else. *Maybe* it's being loaded from disk cache and not hitting the network at all? Portal helper should probably use a WebKitWebsiteDataManager to set a private empty directory for WebKit caches to ensure it's actually hitting the network and not just loading webpages from disk.

I think we can keep page cache enabled, that shouldn't hurt anything I think....

Comment 1 Michael Catanzaro 2016-12-05 18:03:45 UTC

Actually this is also important for security, it's bad for captive portals to have access to e.g. IndexedDB from other WebKit apps.

Comment 2 Michael Catanzaro 2016-12-05 18:12:20 UTC

The way to fix this is to create a WebKitWebsiteDataManager setting the base-data-directory and base-cache-directory properties at construct time, then create a WebKitWebContext using webkit_web_context_new_with_website_data_manager, then use that WebKitWebContext to create the WebKitWebView using webkit_web_view_new_with_context. Currently portal helper is using the global default web context which gives itself access to all data from any other WebKit applications on the system that do not set these properties.

I guess base-data-directory and base-cache-directory should be set by g_mkdtmp or similar.

Comment 3 Bastien Nocera 2017-01-18 16:46:18 UTC

The patches in bug 752534 could fix this by making the temp directory be private/in memory.

Comment 4 Michael Catanzaro 2017-01-18 17:16:33 UTC

(The default paths should really be changed regardless, it's a five-minute project for anyone already working on portal helper.)

Comment 5 Bastien Nocera 2017-01-23 06:35:04 UTC

Created attachment 344016 [details] [review]
portalHelper: Use private data/cache directories

Comment 6 Bastien Nocera 2017-01-23 06:35:45 UTC

Not sure why, but I always end up with *1* file left in the cache.

Comment 7 Bastien Nocera 2017-01-23 07:07:14 UTC

Created attachment 344017 [details] [review]
portalHelper: Use private data/cache directories

Comment 8 Bastien Nocera 2017-01-23 08:03:59 UTC

Created attachment 344018 [details] [review]
portalHelper: Use private data/cache directories

Comment 9 Michael Catanzaro 2017-01-23 14:40:54 UTC

Review of attachment 344018 [details] [review]:

Yup, exactly.

And using WebKit.CacheModel.DOCUMENT_VIEWER to disable disk cache was a good idea too.

Comment 10 Bastien Nocera 2017-01-24 12:36:37 UTC

Attachment 344018 [details] pushed as 2ff988e - portalHelper: Use private data/cache directories