From 58a24a3378d31eb22707819bc98397a7411311cc Mon Sep 17 00:00:00 2001
From: Marcin Mielczarczyk <marcin.mielczarczyk@redembedded.com>
Date: Thu, 21 Oct 2021 14:01:12 +0200
Subject: [PATCH 1/2] [ONEM-22911] Support whitelist for websockets

Allow websocket connections defined by WPE_WEBSOCKET_WHITELIST env
variable even whem mixed content policy is set to blocked.
---
 .../WebCore/Modules/websockets/WebSocket.cpp  | 27 ++++++++++++++++++-
 1 file changed, 26 insertions(+), 1 deletion(-)

diff --git a/Source/WebCore/Modules/websockets/WebSocket.cpp b/Source/WebCore/Modules/websockets/WebSocket.cpp
index c3ddd84c62cdb..c43848690d805 100644
--- a/Source/WebCore/Modules/websockets/WebSocket.cpp
+++ b/Source/WebCore/Modules/websockets/WebSocket.cpp
@@ -66,8 +66,33 @@
 #include "WebCoreThreadRun.h"
 #endif
 
+#include <sstream>
+#include <vector>
+
 namespace WebCore {
 
+namespace {
+
+bool isWhitelisted(const URL &url) {
+    static std::vector<URL> whitelisted_urls;
+    if (whitelisted_urls.empty() && getenv("WPE_WEBSOCKET_WHITELIST")) {
+        std::stringstream wl_env(getenv("WPE_WEBSOCKET_WHITELIST"));
+        std::string wl_item;
+        while (std::getline(wl_env, wl_item, ',')) {
+            wl_item.insert(0, "ws://");
+            URL wl_url(URL(), wl_item.c_str());
+            whitelisted_urls.push_back(wl_url);
+        }
+    }
+
+    for (auto &wl_url : whitelisted_urls) {
+        if (protocolHostAndPortAreEqual(wl_url, url)) return true;
+    }
+    return false;
+}
+
+} // namespace
+
 const size_t maxReasonSizeInBytes = 123;
 
 static inline bool isValidProtocolCharacter(UChar character)
@@ -282,7 +307,7 @@ ExceptionOr<void> WebSocket::connect(const String& url, const Vector<String>& pr
     if (is<Document>(context)) {
         Document& document = downcast<Document>(context);
         RefPtr<Frame> frame = document.frame();
-        if (!frame || !frame->loader().mixedContentChecker().canRunInsecureContent(document.securityOrigin(), m_url)) {
+        if (!frame || (!frame->loader().mixedContentChecker().canRunInsecureContent(document.securityOrigin(), m_url) && !isWhitelisted(m_url))) {
             // Balanced by the call to ActiveDOMObject::unsetPendingActivity() in WebSocket::stop().
             ActiveDOMObject::setPendingActivity(this);
 

From 3e03f99a33780cf3df852c2429957b31dfaa7e35 Mon Sep 17 00:00:00 2001
From: Marcin Mielczarczyk <marcin.mielczarczyk@redembedded.com>
Date: Mon, 15 Nov 2021 15:06:36 +0100
Subject: [PATCH 2/2] [ONEM-21141] On frame url reload trigger image decoded
 data destruction

Based on legacy wpe patch 0204.wpe_destroy_decoded_img_data_on_url_load.patch
---
 Source/WebCore/loader/FrameLoader.cpp         |  9 ++++
 .../loader/cache/CachedResourceLoader.cpp     | 46 +++++++++++++++++++
 .../loader/cache/CachedResourceLoader.h       |  1 +
 3 files changed, 56 insertions(+)

diff --git a/Source/WebCore/loader/FrameLoader.cpp b/Source/WebCore/loader/FrameLoader.cpp
index c85fcc1ebafea..7398c1d69e6b4 100644
--- a/Source/WebCore/loader/FrameLoader.cpp
+++ b/Source/WebCore/loader/FrameLoader.cpp
@@ -1328,6 +1328,8 @@ void FrameLoader::loadURL(FrameLoadRequest&& frameLoadRequest, const String& ref
 
     Ref<Frame> protect(m_frame);
 
+    if(m_frame.document()) m_frame.document()->cachedResourceLoader().destroyImagesDecodedData();
+
     String frameName = frameLoadRequest.frameName();
     AllowNavigationToInvalidURL allowNavigationToInvalidURL = frameLoadRequest.allowNavigationToInvalidURL();
     NewFrameOpenerPolicy openerPolicy = frameLoadRequest.newFrameOpenerPolicy();
@@ -1335,6 +1337,13 @@ void FrameLoader::loadURL(FrameLoadRequest&& frameLoadRequest, const String& ref
     bool isFormSubmission = formState;
 
     const URL& newURL = frameLoadRequest.resourceRequest().url();
+
+    LOG(
+            Loading,
+            "%s:%d %s %s",
+            ::basename(__FILE__), __LINE__, __FUNCTION__,
+            newURL.string().utf8().data());
+
     ResourceRequest request(newURL);
     if (!referrer.isEmpty()) {
         request.setHTTPReferrer(referrer);
diff --git a/Source/WebCore/loader/cache/CachedResourceLoader.cpp b/Source/WebCore/loader/cache/CachedResourceLoader.cpp
index 9d3d108113cc3..82e31a7c6de2a 100644
--- a/Source/WebCore/loader/cache/CachedResourceLoader.cpp
+++ b/Source/WebCore/loader/cache/CachedResourceLoader.cpp
@@ -1203,6 +1203,31 @@ CachedResourceLoader::RevalidationPolicy CachedResourceLoader::determineRevalida
     return Use;
 }
 
+void CachedResourceLoader::destroyImagesDecodedData()
+{
+    int64_t sizeBefore = 0;
+    int64_t sizeAfter = 0;
+
+    for(auto& resource : m_documentResources)
+    {
+        if(CachedResource::Type::ImageResource == resource.value->type())
+        {
+            sizeBefore += resource.value->size();
+            resource.value->destroyDecodedData();
+            sizeAfter += resource.value->size();
+        }
+    }
+
+    LOG(
+        ResourceLoading,
+        "%s:%d %s"
+        " totalSize=%" PRId64
+        ", reducedBy=%" PRId64,
+        ::basename(__FILE__), __LINE__, __FUNCTION__,
+        sizeBefore,
+        sizeBefore - sizeAfter);
+}
+
 void CachedResourceLoader::printAccessDeniedMessage(const URL& url) const
 {
     if (url.isNull())
@@ -1331,9 +1356,18 @@ void CachedResourceLoader::garbageCollectDocumentResources()
 {
     typedef Vector<String, 10> StringVector;
     StringVector resourcesToDelete;
+    int64_t totalSize = 0;
+    int64_t imgSize = 0;
+    int64_t deleteSize = 0;
 
     for (auto& resource : m_documentResources) {
+
+        totalSize +=  resource.value->size();
+
+        if(CachedResource::Type::ImageResource == resource.value->type()) imgSize += resource.value->size();
+
         if (resource.value->hasOneHandle()) {
+            deleteSize += resource.value->size();
             resourcesToDelete.append(resource.key);
             resource.value->setOwningCachedResourceLoader(nullptr);
         }
@@ -1341,6 +1375,18 @@ void CachedResourceLoader::garbageCollectDocumentResources()
 
     for (auto& resource : resourcesToDelete)
         m_documentResources.remove(resource);
+
+    LOG(
+        ResourceLoading,
+        "%s:%d %s"
+        " totalSize=%" PRId64
+        ", imgSize=%" PRId64
+        ", deleteSize=%" PRId64,
+        ::basename(__FILE__), __LINE__, __FUNCTION__,
+        totalSize,
+        imgSize,
+        deleteSize);
+
 }
 
 void CachedResourceLoader::performPostLoadActions()
diff --git a/Source/WebCore/loader/cache/CachedResourceLoader.h b/Source/WebCore/loader/cache/CachedResourceLoader.h
index 0777b17724e9b..5a7463238c5e3 100644
--- a/Source/WebCore/loader/cache/CachedResourceLoader.h
+++ b/Source/WebCore/loader/cache/CachedResourceLoader.h
@@ -99,6 +99,7 @@ friend class ResourceCacheValidationSuppressor;
 #if ENABLE(APPLICATION_MANIFEST)
     ResourceErrorOr<CachedResourceHandle<CachedApplicationManifest>> requestApplicationManifest(CachedResourceRequest&&);
 #endif
+    void destroyImagesDecodedData();
 
     // Called to load Web Worker main script, Service Worker main script, importScripts(), XHR,
     // EventSource, Fetch, and App Cache.