WebKit2 And You (GUADEC 2013)

WebKit2 and YouWebKit2 for Application Developers

Martin RobinsonIgalia

Quick Review

WebKit

Web content engineProcesses and renders web contentStarted as a fork of KTHML and KJSOpen source since 2005Goals: open source, compatibility, compliance, stability, performance,security, portability, usability, hackabilityNon-goals: being a full web browser, being a science project, havingreusable components, unlimited scopeSplit into ports: GTK+, Qt, EFL, Mac, Windows

·

·

·

·

·

·

·

4/29

WebKitGTK+

Each WebKit port is composed of

WebKitGTK+ platform layer:

API layer is a GtkWidget and a set of GObject APIsWebKitGTK+ is used by Epiphany, Midori, yelp, devhelp

·

Platform interfacesAPI layer

-

-

·

libsoup for networkingcairo for rasterizationOpenGL for making the scene graph and WebGLGStreamer for mediaVarious GTK+ APIs for talking with the system

-

-

-

-

-

·

·

5/29

Architecture

6/29

Minor Philosophical Point

Code has bugs that crash the program.Code has bugs that allow arbitrary code execution.Code relies on dependencies with bugs.Code handles fonts and images that are essentially small programs.WebKit2 is a pragmatic response

·

·

·

·

·

7/29

Why WebKit2?

The web platform is hugeMake crashes less inconvenient for usersPrevent bugs and crashes from exposing user dataPrevent bugs and crashes from damaging the system or executingarbitrary codeStop web applications from blocking each other

·

·

·

·

·

8/29

WebKit2

Give the web rendering parts of WebKit their own process

Sandbox web rendering

·

Page crashes don't crash the browserCan put vulnerable data into a separate address space

·

·

·

Prevent pages from accessing the disk and operating systeminterface

·

9/29

WebKit2 Architecture

10/29

Details

IPC

IPC glues the different processes togetherThree types of IPC in use in Webkit

·

·

Messaging: Unix domain socket for sending messagessynchronously or asynchronouslyShared memory: shmem for passing large messages and bitmapsShared surfaces: XComposite/XDamage for passing hardwareaccelerated surfaces cheaply

-

-

-

12/29

Accelerated Compositing

WebKit has its own hardware-accelerated scene graph of page content

Scene graph is in the WebProcess, but drawing happens in theUIProcessXComposite/XDamage allows compositing and final paint in differentprocesses

·

Prevent unnecessary redraw3D CSS transformsWebGL

-

-

-

·

·

13/29

Practical Bits

Should I port my application to WebKit2?

Yes

Why Port?

WebKit1 development has moved to maintenance modeWebKit1 will be deprecated in the futureThe WebKit2GTK+ API is richer and better testedPorting to WebKit2 brings immediate performance, security, andstability benefits

·

·

·

·

16/29

Porting Challenges

There is not yet a porting guide

Many synchronous APIs with return values are now asynchronous

Two-way communication from the page is more complicated

·

Extensive API documentation-

·

void webkit_web_view_save (WebKitWebView *web_view, WebKitSaveMode save_mode, GCancellable *cancellable, GAsyncReadyCallback callback, gpointer user_data);

C

·

Injected script sourceCustom protocolsGObject DOM bindingsPage access via the JSC API

-

-

-

-

17/29

Injected Script Source

Strings of JavaScript source code executed asynchronously in theWebProcesCan return a value which is serialized and sent across the IPCmessaging channel

·

·

18/29

Injected Script Source

webkit_web_view_run_javascript (web_view, "window.document.body.textContent;", 0, run_javascript_finished_callback, NULL);

C

static voidrun_javascript_finished_callback (GObject *source_object, GAsyncResult *result, gpointer user_data){ GError *error; WebKitJavaScriptResult *javascript_result = webkit_web_view_run_javascript_finish (WEBKIT_WEB_VIEW(source_object), result, &error);

JSStringRef string_value = JSValueToStringCopy ( webkit_javascript_result_get_global_context (javascript_result), webkit_javascript_result_get_value (javascript_result), NULL);

char *string = g_malloc (JSStringGetMaximumUTF8CStringSize (string_value)); JSStringGetUTF8CString (string_value, string, JSStringGetMaximumUTF8CStringSize (string_value));

printf ("result: %s\n", string);

...}

C

19/29

Custom Protocols

Page to WebKit communication by accessing a resourcess across acustom protocolExample of this approach are about: pagesCommunicate without reloading the page via AJAXSubject to same-origin security restrictions

·

·

·

·

20/29

Custom Protocols

WebKitContext *context = webkit_web_context_get_default ();webkit_web_context_register_uri_scheme (context, "about", about_uri_scheme_request_cb, NULL, NULL);

C

static voidabout_uri_scheme_request_cb (WebKitURISchemeRequest *request, gpointer user_data){ GInputStream *stream; const gchar *path; gchar *contents;

path = webkit_uri_scheme_request_get_path (request); contents = g_strdup_printf ("Loaded about:%s page", path); stream = g_memory_input_stream_new_from_data (contents, strlen (contents), g_free);

webkit_uri_scheme_request_finish (request, stream, stream_length, "text/html"); g_object_unref (stream);}

C

21/29

Web Extensions

Web extensions are shared objects that execute in the WebProcessNo IPC penalties

Written on top of the port-independent WebKit InjectedBundleNo IPC API, but you can use DBus for communication with theUIProcess

·

·

Synchronous behavior does not block the UIDirect access to page state including the DOMTiming is less of an issue

-

-

-

·

·

22/29

Web Extensions

voidwebkit_web_extension_initialize (WebKitWebExtension *extension){ printf ("Hello from a WebProcess\n");}

C

$ gcc -c -Wall -Werror -fpic web-extension.c$ gcc -shared -o web-extension.so web-extension.o

SHELL

webkit_web_context_set_web_extensions_directory (webkit_web_context_get_default (), "/path/to/shared-object");

C

23/29

GObject DOM Bindings via Web Extensions

GObject DOM bindings allow accessing page DOM using GObject APIs

Cannot run in the UIProcess, the DOM is in a different address space

In WebKit2, these are only accessible via Web Extensions

·

·

·

static voiddocument_loaded_callback (WebKitWebPage *page, gpointer user_data){ printf ("title: %s\n", webkit_dom_document_get_title (webkit_web_page_get_dom_document (page)));}

static voidpage_created_callback (WebKitWebExtension *extension, WebKitWebPage *page, gpointer user_data){ g_signal_connect (page, "document-loaded", G_CALLBACK(document_loaded_callback), 0);}

voidwebkit_web_extension_initialize (WebKitWebExtension *extension){ g_signal_connect (extension, "page-created", G_CALLBACK(page_created_callback), NULL);}

C

24/29

Injected JavaScript via Web Extensions

Similar to the GObject DOM bindings approachInstead of using the GObject API, use the JSC C APICan interact with the page as well as insert JavaScript objects backedby native codeThe most flexible approachNecessary Web Extension API should appear soon in a future release

·

·

·

·

·

25/29

The Near Future

More Processes

27/29

WebKit2

Multiple WebProcesses

Networking Process

Offline Storage Process

·

Isolate applications from each other as well as from the UIPrevents crash from crashing every tab

-

-

·

Necessary for multiple web processesAvoids complexity of caches/databases with multiple writers

-

-

·

Disk access blocking and insecureMore easily sandbox WebProcesses

·

·

28/29

Thank You!(q&a)

twitter @abandonedwigwww abandonedwig.info

29/29