Changeset 198292 in webkit
- Timestamp:
- Mar 16, 2016 12:46:49 PM (8 years ago)
- Location:
- trunk
- Files:
-
- 48 added
- 20 edited
- 1 moved
Legend:
- Unmodified
- Added
- Removed
-
trunk/LayoutTests/ChangeLog
r198289 r198292 1 2016-03-16 Daniel Bates <dabates@apple.com> 2 3 <video> and <audio> elements do not obey Content Security Policy on redirect 4 https://bugs.webkit.org/show_bug.cgi?id=155509 5 <rdar://problem/10234844> 6 7 Reviewed by Alex Christensen. 8 9 Add tests to ensure that the Content Security Policy is enforced on redirects when 10 loading a subresource, including a video or audio file. 11 12 * http/tests/resources/redirect.php: Fix PHP "undefined index" warnings when either query 13 parameter code or refresh (or both) are not specified. 14 * http/tests/security/contentSecurityPolicy/audio-redirect-allowed-expected.txt: Added. 15 * http/tests/security/contentSecurityPolicy/audio-redirect-allowed.html: Added. 16 * http/tests/security/contentSecurityPolicy/audio-redirect-blocked-expected.txt: Added. 17 * http/tests/security/contentSecurityPolicy/audio-redirect-blocked.html: Added. 18 * http/tests/security/contentSecurityPolicy/font-redirect-allowed-expected.txt: Added. 19 * http/tests/security/contentSecurityPolicy/font-redirect-allowed.html: Added. 20 * http/tests/security/contentSecurityPolicy/font-redirect-blocked-expected.txt: Added. 21 * http/tests/security/contentSecurityPolicy/font-redirect-blocked.html: Added. 22 * http/tests/security/contentSecurityPolicy/image-redirect-allowed-expected.txt: Added. 23 * http/tests/security/contentSecurityPolicy/image-redirect-allowed.html: Added. 24 * http/tests/security/contentSecurityPolicy/image-redirect-blocked-expected.txt: Added. 25 * http/tests/security/contentSecurityPolicy/image-redirect-blocked.html: Added. 26 * http/tests/security/contentSecurityPolicy/resources/ABCFont.svg: Renamed from LayoutTests/http/tests/security/contentSecurityPolicy/userAgentShadowDOM/resources/ABCFont.svg. 27 * http/tests/security/contentSecurityPolicy/resources/alert-fail.xsl: Added. 28 * http/tests/security/contentSecurityPolicy/resources/alert-pass.xsl: Added. 29 * http/tests/security/contentSecurityPolicy/resources/green-square.svg: Added. 30 * http/tests/security/contentSecurityPolicy/resources/red-square.svg: Added. 31 * http/tests/security/contentSecurityPolicy/resources/xsl-redirect-allowed.php: Added. 32 * http/tests/security/contentSecurityPolicy/resources/xsl-redirect-blocked.php: Added. 33 * http/tests/security/contentSecurityPolicy/script-redirect-allowed-expected.txt: Added. 34 * http/tests/security/contentSecurityPolicy/script-redirect-allowed.html: Added. 35 * http/tests/security/contentSecurityPolicy/script-redirect-blocked-expected.txt: Added. 36 * http/tests/security/contentSecurityPolicy/script-redirect-blocked.html: Added. 37 * http/tests/security/contentSecurityPolicy/stylesheet-redirect-allowed-expected.txt: Added. 38 * http/tests/security/contentSecurityPolicy/stylesheet-redirect-allowed.html: Added. 39 * http/tests/security/contentSecurityPolicy/stylesheet-redirect-blocked-expected.txt: Added. 40 * http/tests/security/contentSecurityPolicy/stylesheet-redirect-blocked.html: Added. 41 * http/tests/security/contentSecurityPolicy/svg-font-redirect-allowed-expected.txt: Added. 42 * http/tests/security/contentSecurityPolicy/svg-font-redirect-allowed.html: Added. 43 * http/tests/security/contentSecurityPolicy/svg-font-redirect-blocked-expected.txt: Added. 44 * http/tests/security/contentSecurityPolicy/svg-font-redirect-blocked.html: Added. 45 * http/tests/security/contentSecurityPolicy/svg-image-redirect-allowed-expected.txt: Added. 46 * http/tests/security/contentSecurityPolicy/svg-image-redirect-allowed.html: Added. 47 * http/tests/security/contentSecurityPolicy/svg-image-redirect-blocked-expected.txt: Added. 48 * http/tests/security/contentSecurityPolicy/svg-image-redirect-blocked.html: Added. 49 * http/tests/security/contentSecurityPolicy/track-redirect-allowed-expected.txt: Added. 50 * http/tests/security/contentSecurityPolicy/track-redirect-allowed.html: Added. 51 * http/tests/security/contentSecurityPolicy/track-redirect-blocked-expected.txt: Added. 52 * http/tests/security/contentSecurityPolicy/track-redirect-blocked.html: Added. 53 * http/tests/security/contentSecurityPolicy/userAgentShadowDOM/allow-svg-font.html: 54 * http/tests/security/contentSecurityPolicy/video-redirect-allowed-expected.txt: Added. 55 * http/tests/security/contentSecurityPolicy/video-redirect-allowed.html: Added. 56 * http/tests/security/contentSecurityPolicy/video-redirect-blocked-expected.txt: Added. 57 * http/tests/security/contentSecurityPolicy/video-redirect-blocked.html: Added. 58 * http/tests/security/contentSecurityPolicy/xsl-redirect-allowed-expected.txt: Added. 59 * http/tests/security/contentSecurityPolicy/xsl-redirect-allowed.html: Added. 60 * http/tests/security/contentSecurityPolicy/xsl-redirect-blocked-expected.txt: Added. 61 * http/tests/security/contentSecurityPolicy/xsl-redirect-blocked.html: Added. 62 * platform/efl/TestExpectations: For now skip tests http/tests/security/contentSecurityPolicy/userAgentShadowDOM/allow-{audio, video}.html 63 until we fix <https://bugs.webkit.org/show_bug.cgi?id=155505>. We will also need to fix 64 <https://bugs.webkit.org/show_bug.cgi?id=153866> before we can unskip test http/tests/security/contentSecurityPolicy/userAgentShadowDOM/allow-video.html 65 As far as I can tell the functionality exercised by these tests is not being using by the EFL port. 66 * platform/gtk/TestExpectations: For now skip tests http/tests/security/contentSecurityPolicy/userAgentShadowDOM/allow-{audio, video}.html 67 until we fix <https://bugs.webkit.org/show_bug.cgi?id=155505>. As far as I can tell the functionality 68 exercised by these tests is not being using by the GTK port. 69 * platform/ios-simulator/http/tests/security/contentSecurityPolicy/audio-redirect-blocked-expected.txt: Added expected failure result as 70 AV Foundation is responsible for loading media on iOS. That is, WebCore is not responsible for loading media. 71 * platform/ios-simulator/http/tests/security/contentSecurityPolicy/video-redirect-blocked-expected.txt: Ditto. 72 * platform/mac/TestExpectations: For now skip tests http/tests/security/contentSecurityPolicy/userAgentShadowDOM/allow-{audio, video}.html 73 until we fix <https://bugs.webkit.org/show_bug.cgi?id=155505>. The functionality exercised by these 74 tests is not used on OS X. Additionally, mark as Failure on Yosemite and ElCapitan the added tests 75 http/tests/security/contentSecurityPolicy/{video, audio}-redirect-blocked.html as we do not support 76 Content Security Policy for media redirects in these versions of OS X. 77 1 78 2016-03-16 Jiewen Tan <jiewen_tan@apple.com> 2 79 -
trunk/LayoutTests/http/tests/resources/redirect.php
r188366 r198292 7 7 8 8 $url = $_GET['url']; 9 $refresh = $_GET['refresh']; 10 11 if (isset($refresh)) { 9 10 if (isset($_GET['refresh'])) { 12 11 header("HTTP/1.1 200"); 13 header("Refresh: $refresh; url=$url");12 header("Refresh: " . $_GET['refresh'] . "; url=$url"); 14 13 addCacheControl(); 15 14 return; 16 15 } 17 16 18 $code = $_GET['code']; 19 if (!isset($code)) 17 if (!isset($_GET['code'])) 20 18 header("HTTP/1.1 302 Found"); 21 elseif ($ code== 308) {19 elseif ($_GET['code'] == 308) { 22 20 # Apache 2.2 (and possibly some newer versions) cannot generate a reason string for code 308, and sends a 500 error instead. 23 21 header("HTTP/1.1 308 Permanent Redirect"); 24 22 } else 25 header("HTTP/1.1 $code");23 header("HTTP/1.1 " . $_GET['code']); 26 24 header("Location: $url"); 27 25 addCacheControl(); -
trunk/LayoutTests/http/tests/security/contentSecurityPolicy/userAgentShadowDOM/allow-svg-font.html
r186388 r198292 25 25 26 26 fontFace.setAttributeNS(null, "font-family", "ABCFont"); 27 fontFaceURI.setAttributeNS("http://www.w3.org/1999/xlink", "href", " resources/ABCFont.svg#ABCFont");27 fontFaceURI.setAttributeNS("http://www.w3.org/1999/xlink", "href", "../resources/ABCFont.svg#ABCFont"); 28 28 } 29 29 -
trunk/LayoutTests/platform/efl/TestExpectations
r198069 r198292 644 644 webkit.org/b/153866 http/tests/media/video-throttled-load-metadata.html [ Crash ] 645 645 webkit.org/b/153866 http/tests/media/video-useragent.html [ Crash ] 646 webkit.org/b/153866 http/tests/security/contentSecurityPolicy/userAgentShadowDOM/allow-video.html [ Crash ]647 646 webkit.org/b/153866 http/tests/security/inactive-document-with-empty-security-origin.html [ Crash ] 648 647 webkit.org/b/153866 http/tests/security/isolatedWorld/userGestureEvents.html [ Crash ] … … 2967 2966 fast/scrolling/rtl-scrollbars-overflow-simple.html [ ImageOnlyFailure ] 2968 2967 fast/scrolling/rtl-scrollbars-overflow.html [ ImageOnlyFailure ] 2968 2969 webkit.org/b/155505 http/tests/security/contentSecurityPolicy/userAgentShadowDOM/allow-audio.html [ Skip ] 2970 webkit.org/b/155505 webkit.org/b/153866 http/tests/security/contentSecurityPolicy/userAgentShadowDOM/allow-video.html [ Skip ] -
trunk/LayoutTests/platform/gtk/TestExpectations
r198130 r198292 692 692 webkit.org/b/154390 http/tests/media/hls/video-cookie.html [ Failure ] 693 693 694 webkit.org/b/155505 http/tests/security/contentSecurityPolicy/userAgentShadowDOM/allow-audio.html [ Skip ] 695 webkit.org/b/155505 http/tests/security/contentSecurityPolicy/userAgentShadowDOM/allow-video.html [ Skip ] 694 696 695 697 #//////////////////////////////////////////////////////////////////////////////////////// -
trunk/LayoutTests/platform/mac/TestExpectations
r198229 r198292 1343 1343 [ Yosemite ElCapitan ] fast/scrolling/rtl-scrollbars-overflow-simple.html [ ImageOnlyFailure ] 1344 1344 [ Yosemite ElCapitan ] fast/scrolling/rtl-scrollbars-overflow.html [ ImageOnlyFailure ] 1345 1346 # Content Security Policy for media redirects is not supported on some OSes. 1347 [ Yosemite ElCapitan ] http/tests/security/contentSecurityPolicy/audio-redirect-blocked.html [ Failure ] 1348 [ Yosemite ElCapitan ] http/tests/security/contentSecurityPolicy/video-redirect-blocked.html [ Failure ] 1349 1350 webkit.org/b/155505 [ ElCapitan+ ] http/tests/security/contentSecurityPolicy/userAgentShadowDOM/allow-audio.html [ Skip ] 1351 webkit.org/b/155505 [ ElCapitan+ ] http/tests/security/contentSecurityPolicy/userAgentShadowDOM/allow-video.html [ Skip ] -
trunk/Source/WebCore/ChangeLog
r198291 r198292 1 2016-03-16 Daniel Bates <dabates@apple.com> 2 3 <video> and <audio> elements do not obey Content Security Policy on redirect 4 https://bugs.webkit.org/show_bug.cgi?id=155509 5 <rdar://problem/10234844> 6 7 Reviewed by Alex Christensen. 8 9 Fixes an issue where the Content Security Policy of the page was not enforced 10 on redirects when loading a media subresource via an HTML video or HTML audio 11 element. 12 13 Tests: http/tests/security/contentSecurityPolicy/audio-redirect-allowed.html 14 http/tests/security/contentSecurityPolicy/audio-redirect-blocked.html 15 http/tests/security/contentSecurityPolicy/font-redirect-allowed.html 16 http/tests/security/contentSecurityPolicy/font-redirect-blocked.html 17 http/tests/security/contentSecurityPolicy/image-redirect-allowed.html 18 http/tests/security/contentSecurityPolicy/image-redirect-blocked.html 19 http/tests/security/contentSecurityPolicy/script-redirect-allowed.html 20 http/tests/security/contentSecurityPolicy/script-redirect-blocked.html 21 http/tests/security/contentSecurityPolicy/stylesheet-redirect-allowed.html 22 http/tests/security/contentSecurityPolicy/stylesheet-redirect-blocked.html 23 http/tests/security/contentSecurityPolicy/svg-font-redirect-allowed.html 24 http/tests/security/contentSecurityPolicy/svg-font-redirect-blocked.html 25 http/tests/security/contentSecurityPolicy/svg-image-redirect-allowed.html 26 http/tests/security/contentSecurityPolicy/svg-image-redirect-blocked.html 27 http/tests/security/contentSecurityPolicy/track-redirect-allowed.html 28 http/tests/security/contentSecurityPolicy/track-redirect-blocked.html 29 http/tests/security/contentSecurityPolicy/video-redirect-allowed.html 30 http/tests/security/contentSecurityPolicy/video-redirect-blocked.html 31 http/tests/security/contentSecurityPolicy/xsl-redirect-allowed.html 32 http/tests/security/contentSecurityPolicy/xsl-redirect-blocked.html 33 34 * inspector/InspectorPageAgent.cpp: 35 (WebCore::InspectorPageAgent::cachedResourceContent): Treat media resources as raw resources just as we do currently. 36 (WebCore::InspectorPageAgent::cachedResourceType): Ditto. 37 * loader/MediaResourceLoader.cpp: 38 (WebCore::MediaResourceLoader::requestResource): Modified to use CachedResourceLoader::requestMedia() instead 39 of CachedResourceLoader::requestRawResource() so that we can differentiate between a media resource and a raw 40 resource in CachedResourceLoader. Added FIXME comment to skip checking the Content Security Policy for loads 41 initiated by an element in a user agent shadow tree. See <https://bugs.webkit.org/show_bug.cgi?id=155505> for 42 more details. 43 * loader/ResourceLoadInfo.cpp: 44 (WebCore::toResourceType): Treat media resources as raw resources just as we do currently. Also, add cases for 45 CachedResource::LinkPrefetch and CachedResource::LinkSubresource (when ENABLE(LINK_PREFETCH) is enabled) and 46 remove the default statement to force a compile-time error when a new CachedResource enumerator is added and 47 the switch block in this function is not updated. 48 * loader/SubresourceLoader.cpp: 49 (WebCore::logResourceLoaded): Ditto. 50 * loader/cache/CachedRawResource.cpp: 51 (WebCore::CachedRawResource::CachedRawResource): Substitute CachedResource::isMainOrMediaOrRawResource() for 52 CachedResource::isMainOrRawResource() as the latter was renamed to the former. 53 * loader/cache/CachedRawResource.h: 54 (isType): Ditto. 55 * loader/cache/CachedResource.cpp: 56 (WebCore::defaultPriorityForResourceType): Use priority ResourceLoadPriority::Medium for media resources just as 57 we do currently. 58 * loader/cache/CachedResource.h: 59 (WebCore::CachedResource::isMainOrMediaOrRawResource): Formerly named isMainOrRawResource. Returns true if the type 60 of this resource is a main resource, media resource, or raw resource. 61 (WebCore::CachedResource::isMainOrRawResource): Deleted. 62 * loader/cache/CachedResourceLoader.cpp: 63 (WebCore::createResource): Treat media resources as raw resources just as we do currently. 64 (WebCore::CachedResourceLoader::requestMedia): Added. 65 (WebCore::contentTypeFromResourceType): Consider media resources as MixedContentChecker::ContentType::Active 66 just as we do currently. 67 (WebCore::CachedResourceLoader::checkInsecureContent): Apply the mixed content policy to media resources 68 just as we do currently. 69 (WebCore::CachedResourceLoader::canRequest): Apply the Same Origin Policy to media resources just as we 70 do currently. Query the Content Security Policy of the page to determine if the media resource can be 71 requested. 72 (WebCore::CachedResourceLoader::determineRevalidationPolicy): Substitute CachedResource::isMainOrMediaOrRawResource() 73 for CachedResource::isMainOrRawResource() as the latter was renamed to the former. 74 * loader/cache/CachedResourceLoader.h: 75 * platform/graphics/avfoundation/objc/WebCoreAVFResourceLoader.mm: 76 (WebCore::WebCoreAVFResourceLoader::startLoading): Modified to use CachedResourceLoader::requestMedia() instead 77 of CachedResourceLoader::requestRawResource() so that we can differentiate between a media resource and a raw 78 resource in CachedResourceLoader. Added FIXME comment to skip checking the Content Security Policy for loads 79 initiated by an element in a user agent shadow tree. See <https://bugs.webkit.org/show_bug.cgi?id=155505> for 80 more details. Additionally, simplified code that determined whether to request the media resource or error out 81 by coalescing two conditional expressions into one conditional on whether we have a loader and substituted 82 nullptr for 0. 83 1 84 2016-03-16 Chris Dumez <cdumez@apple.com> 2 85 -
trunk/Source/WebCore/inspector/InspectorPageAgent.cpp
r198177 r198292 164 164 *result = downcast<CachedScript>(*cachedResource).script().toString(); 165 165 return true; 166 case CachedResource::MediaResource: 166 167 case CachedResource::RawResource: { 167 168 auto* buffer = cachedResource->resourceBuffer(); … … 315 316 case CachedResource::Script: 316 317 return InspectorPageAgent::ScriptResource; 318 case CachedResource::MediaResource: 317 319 case CachedResource::RawResource: 318 320 return InspectorPageAgent::XHRResource; -
trunk/Source/WebCore/loader/MediaResourceLoader.cpp
r196831 r198292 56 56 StoredCredentials allowCredentials = m_crossOriginMode.isNull() || equalLettersIgnoringASCIICase(m_crossOriginMode, "use-credentials") ? AllowStoredCredentials : DoNotAllowStoredCredentials; 57 57 58 // ContentSecurityPolicyImposition::DoPolicyCheck is a placeholder value. It does not affect the request since Content Security Policy does not apply to raw resources. 58 // FIXME: Skip Content Security Policy check if the element that inititated this request 59 // is in a user-agent shadow tree. See <https://bugs.webkit.org/show_bug.cgi?id=155505>. 59 60 CachedResourceRequest cacheRequest(request, ResourceLoaderOptions(SendCallbacks, DoNotSniffContent, bufferingPolicy, allowCredentials, DoNotAskClientForCrossOriginCredentials, ClientDidNotRequestCredentials, DoSecurityCheck, corsPolicy, DoNotIncludeCertificateInfo, ContentSecurityPolicyImposition::DoPolicyCheck, DefersLoadingPolicy::AllowDefersLoading, CachingPolicy::AllowCaching)); 60 61 … … 62 63 updateRequestForAccessControl(cacheRequest.mutableResourceRequest(), m_document.securityOrigin(), allowCredentials); 63 64 64 CachedResourceHandle<CachedRawResource> resource = m_document.cachedResourceLoader().request RawResource(cacheRequest);65 CachedResourceHandle<CachedRawResource> resource = m_document.cachedResourceLoader().requestMedia(cacheRequest); 65 66 if (!resource) 66 67 return nullptr; -
trunk/Source/WebCore/loader/ResourceLoadInfo.cpp
r182564 r198292 56 56 return ResourceType::Font; 57 57 58 case CachedResource::MediaResource: 58 59 case CachedResource::RawResource: 59 60 return ResourceType::Raw; … … 63 64 return ResourceType::Media; 64 65 #endif 65 default: 66 #if ENABLE(LINK_PREFETCH) 67 case CachedResource::LinkPrefetch: 68 case CachedResource::LinkSubresource: 66 69 ASSERT_NOT_REACHED(); 70 #endif 67 71 }; 68 72 } -
trunk/Source/WebCore/loader/SubresourceLoader.cpp
r198050 r198292 351 351 resourceType = DiagnosticLoggingKeys::fontKey(); 352 352 break; 353 case CachedResource::MediaResource: 353 354 case CachedResource::RawResource: 354 355 resourceType = DiagnosticLoggingKeys::rawKey(); -
trunk/Source/WebCore/loader/cache/CachedRawResource.cpp
r196822 r198292 43 43 , m_allowEncodedDataReplacement(true) 44 44 { 45 ASSERT(isMainOr RawResource());45 ASSERT(isMainOrMediaOrRawResource()); 46 46 } 47 47 -
trunk/Source/WebCore/loader/cache/CachedRawResource.h
r197563 r198292 96 96 97 97 SPECIALIZE_TYPE_TRAITS_BEGIN(WebCore::CachedRawResource) 98 static bool isType(const WebCore::CachedResource& resource) { return resource.isMainOr RawResource(); }98 static bool isType(const WebCore::CachedResource& resource) { return resource.isMainOrMediaOrRawResource(); } 99 99 SPECIALIZE_TYPE_TRAITS_END() 100 100 -
trunk/Source/WebCore/loader/cache/CachedResource.cpp
r196367 r198292 75 75 case CachedResource::SVGFontResource: 76 76 #endif 77 case CachedResource::MediaResource: 77 78 case CachedResource::FontResource: 78 79 case CachedResource::RawResource: -
trunk/Source/WebCore/loader/cache/CachedResource.h
r196822 r198292 70 70 SVGFontResource, 71 71 #endif 72 MediaResource, 72 73 RawResource, 73 74 SVGDocumentResource … … 160 161 161 162 bool isImage() const { return type() == ImageResource; } 162 // FIXME: CachedRawResource could be either a main resource or a raw XHRresource.163 bool isMainOr RawResource() const { return type() == MainResource || type() == RawResource; }163 // FIXME: CachedRawResource could be a main resource, an audio/video resource, or a raw XHR/icon resource. 164 bool isMainOrMediaOrRawResource() const { return type() == MainResource || type() == MediaResource || type() == RawResource; } 164 165 bool ignoreForRequestCount() const 165 166 { -
trunk/Source/WebCore/loader/cache/CachedResourceLoader.cpp
r198180 r198292 101 101 case CachedResource::FontResource: 102 102 return new CachedFont(request, sessionID); 103 case CachedResource::MediaResource: 103 104 case CachedResource::RawResource: 104 105 case CachedResource::MainResource: … … 270 271 #endif 271 272 273 CachedResourceHandle<CachedRawResource> CachedResourceLoader::requestMedia(CachedResourceRequest& request) 274 { 275 return downcast<CachedRawResource>(requestResource(CachedResource::MediaResource, request).get()); 276 } 277 272 278 CachedResourceHandle<CachedRawResource> CachedResourceLoader::requestRawResource(CachedResourceRequest& request) 273 279 { … … 296 302 #endif 297 303 304 case CachedResource::MediaResource: 298 305 case CachedResource::RawResource: 299 306 case CachedResource::SVGDocumentResource: … … 338 345 case CachedResource::TextTrackResource: 339 346 #endif 347 case CachedResource::MediaResource: 340 348 case CachedResource::RawResource: 341 349 case CachedResource::ImageResource: … … 385 393 case CachedResource::SVGFontResource: 386 394 #endif 395 case CachedResource::MediaResource: 387 396 case CachedResource::FontResource: 388 397 case CachedResource::RawResource: … … 447 456 #endif 448 457 break; 458 case CachedResource::MediaResource: 449 459 #if ENABLE(VIDEO_TRACK) 450 460 case CachedResource::TextTrackResource: 461 #endif 451 462 if (!m_document->contentSecurityPolicy()->allowMediaFromSource(url, skipContentSecurityPolicyCheck)) 452 463 return false; 453 464 break; 454 #endif455 465 } 456 466 … … 743 753 // FIXME: We should use the same cache policy for all resource types. The raw resource policy is overly strict 744 754 // while the normal subresource policy is too loose. 745 if (existingResource->isMainOr RawResource()) {755 if (existingResource->isMainOrMediaOrRawResource()) { 746 756 bool strictPolicyDisabled = frame()->loader().isStrictRawResourceValidationPolicyDisabledForTesting(); 747 757 bool canReuseRawResource = strictPolicyDisabled || downcast<CachedRawResource>(*existingResource).canReuse(request); -
trunk/Source/WebCore/loader/cache/CachedResourceLoader.h
r194898 r198292 77 77 CachedResourceHandle<CachedScript> requestScript(CachedResourceRequest&); 78 78 CachedResourceHandle<CachedFont> requestFont(CachedResourceRequest&, bool isSVG); 79 CachedResourceHandle<CachedRawResource> requestMedia(CachedResourceRequest&); 79 80 CachedResourceHandle<CachedRawResource> requestRawResource(CachedResourceRequest&); 80 81 CachedResourceHandle<CachedRawResource> requestMainResource(CachedResourceRequest&); -
trunk/Source/WebCore/platform/graphics/avfoundation/objc/WebCoreAVFResourceLoader.mm
r195770 r198292 68 68 NSURLRequest *nsRequest = [m_avRequest.get() request]; 69 69 70 // ContentSecurityPolicyImposition::DoPolicyCheck is a placeholder value. It does not affect the request since Content Security Policy does not apply to raw resources. 70 // FIXME: Skip Content Security Policy check if the element that inititated this request 71 // is in a user-agent shadow tree. See <https://bugs.webkit.org/show_bug.cgi?id=155505>. 71 72 CachedResourceRequest request(nsRequest, ResourceLoaderOptions(SendCallbacks, DoNotSniffContent, BufferData, DoNotAllowStoredCredentials, DoNotAskClientForCrossOriginCredentials, ClientDidNotRequestCredentials, DoSecurityCheck, UseDefaultOriginRestrictionsForType, DoNotIncludeCertificateInfo, ContentSecurityPolicyImposition::DoPolicyCheck, DefersLoadingPolicy::AllowDefersLoading, CachingPolicy::DisallowCaching)); 72 73 73 74 request.mutableResourceRequest().setPriority(ResourceLoadPriority::Low); 74 CachedResourceLoader* loader = m_parent->player()->cachedResourceLoader(); 75 m_resource = loader ? loader->requestRawResource(request) : 0; 76 if (m_resource) 75 if (CachedResourceLoader* loader = m_parent->player()->cachedResourceLoader()) { 76 m_resource = loader->requestMedia(request); 77 77 m_resource->addClient(this); 78 else { 78 } else { 79 m_resource = nullptr; 79 80 LOG_ERROR("Failed to start load for media at url %s", [[[nsRequest URL] absoluteString] UTF8String]); 80 81 [m_avRequest.get() finishLoadingWithError:0]; -
trunk/Source/WebKit2/ChangeLog
r198291 r198292 1 2016-03-16 Daniel Bates <dabates@apple.com> 2 3 <video> and <audio> elements do not obey Content Security Policy on redirect 4 https://bugs.webkit.org/show_bug.cgi?id=155509 5 <rdar://problem/10234844> 6 7 Reviewed by Alex Christensen. 8 9 Use 0ms as the maximum buffering time for media resource just as we do currently. 10 11 * WebProcess/Network/WebLoaderStrategy.cpp: 12 (WebKit::maximumBufferingTime): 13 1 14 2016-03-16 Chris Dumez <cdumez@apple.com> 2 15 -
trunk/Source/WebKit2/WebProcess/Network/WebLoaderStrategy.cpp
r197750 r198292 107 107 case CachedResource::ImageResource: 108 108 return 500_ms; 109 case CachedResource::MediaResource: 109 110 case CachedResource::MainResource: 110 111 case CachedResource::RawResource:
Note: See TracChangeset
for help on using the changeset viewer.