Changeset 223909 in webkit
- Timestamp:
- Oct 24, 2017 12:33:20 PM (7 years ago)
- Location:
- trunk
- Files:
-
- 5 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/Source/WebCore/ChangeLog
r223908 r223909 1 2017-10-24 Alex Christensen <achristensen@webkit.org> 2 3 Apply custom header fields from WebsitePolicies to same-domain requests 4 https://bugs.webkit.org/show_bug.cgi?id=178356 5 <rdar://problem/31073436> 6 7 Reviewed by Brady Eidson. 8 9 Covered by new API tests. 10 11 * loader/cache/CachedResourceLoader.cpp: 12 (WebCore::CachedResourceLoader::requestResource): 13 * platform/network/ResourceRequestBase.cpp: 14 (WebCore::ResourceRequestBase::setCachePolicy): 15 (WebCore::ResourceRequestBase::setTimeoutInterval): 16 (WebCore::ResourceRequestBase::setHTTPMethod): 17 (WebCore::ResourceRequestBase::setHTTPHeaderField): 18 (WebCore::ResourceRequestBase::clearHTTPAuthorization): 19 (WebCore::ResourceRequestBase::clearHTTPContentType): 20 (WebCore::ResourceRequestBase::clearHTTPReferrer): 21 (WebCore::ResourceRequestBase::clearHTTPOrigin): 22 (WebCore::ResourceRequestBase::clearHTTPUserAgent): 23 (WebCore::ResourceRequestBase::clearHTTPAccept): 24 (WebCore::ResourceRequestBase::clearHTTPAcceptEncoding): 25 (WebCore::ResourceRequestBase::setResponseContentDispositionEncodingFallbackArray): 26 (WebCore::ResourceRequestBase::setHTTPBody): 27 (WebCore::ResourceRequestBase::setAllowCookies): 28 (WebCore::ResourceRequestBase::setPriority): 29 (WebCore::ResourceRequestBase::addHTTPHeaderFieldIfNotPresent): 30 (WebCore::ResourceRequestBase::addHTTPHeaderField): 31 (WebCore::ResourceRequestBase::setHTTPHeaderFields): 32 If we only update the platform request when headers are added (or other changes) for HTTP requests, 33 then the changes will not affect the NSURLRequest that is sent over IPC or visible to the API. 34 This is necessary for these new tests to work, but it's also of growing importance since our 35 introduction of WKURLSchemeHandler. 36 1 37 2017-10-24 Brent Fulgham <bfulgham@apple.com> 2 38 -
trunk/Source/WebCore/loader/cache/CachedResourceLoader.cpp
r223476 r223909 766 766 #endif 767 767 768 // FIXME: Add custom headers to first-party requests. 769 // https://bugs.webkit.org/show_bug.cgi?id=177629 768 if (frame() && m_documentLoader && !m_documentLoader->customHeaderFields().isEmpty()) { 769 bool sameOriginRequest = false; 770 auto requestedOrigin = SecurityOrigin::create(url); 771 if (type == CachedResource::Type::MainResource) { 772 if (frame()->isMainFrame()) 773 sameOriginRequest = true; 774 else if (auto* topDocument = frame()->mainFrame().document()) 775 sameOriginRequest = topDocument->securityOrigin().isSameSchemeHostPort(requestedOrigin.get()); 776 } else if (document()) { 777 sameOriginRequest = document()->topDocument().securityOrigin().isSameSchemeHostPort(requestedOrigin.get()) 778 && document()->securityOrigin().isSameSchemeHostPort(requestedOrigin.get()); 779 } 780 if (sameOriginRequest) { 781 for (auto& field : m_documentLoader->customHeaderFields()) 782 request.resourceRequest().addHTTPHeaderField(field.name(), field.value()); 783 } 784 } 770 785 771 786 LoadTiming loadTiming; -
trunk/Source/WebCore/platform/network/ResourceRequestBase.cpp
r216937 r223909 150 150 m_cachePolicy = cachePolicy; 151 151 152 if (url().protocolIsInHTTPFamily()) 153 m_platformRequestUpdated = false; 152 m_platformRequestUpdated = false; 154 153 } 155 154 … … 170 169 m_timeoutInterval = timeoutInterval; 171 170 172 if (url().protocolIsInHTTPFamily()) 173 m_platformRequestUpdated = false; 171 m_platformRequestUpdated = false; 174 172 } 175 173 … … 209 207 m_httpMethod = httpMethod; 210 208 211 if (url().protocolIsInHTTPFamily()) 212 m_platformRequestUpdated = false; 209 m_platformRequestUpdated = false; 213 210 } 214 211 … … 240 237 m_httpHeaderFields.set(name, value); 241 238 242 if (url().protocolIsInHTTPFamily()) 243 m_platformRequestUpdated = false; 239 m_platformRequestUpdated = false; 244 240 } 245 241 … … 250 246 m_httpHeaderFields.set(name, value); 251 247 252 if (url().protocolIsInHTTPFamily()) 253 m_platformRequestUpdated = false; 248 m_platformRequestUpdated = false; 254 249 } 255 250 … … 261 256 return; 262 257 263 if (url().protocolIsInHTTPFamily()) 264 m_platformRequestUpdated = false; 258 m_platformRequestUpdated = false; 265 259 } 266 260 … … 281 275 m_httpHeaderFields.remove(HTTPHeaderName::ContentType); 282 276 283 if (url().protocolIsInHTTPFamily()) 284 m_platformRequestUpdated = false; 277 m_platformRequestUpdated = false; 285 278 } 286 279 … … 306 299 m_httpHeaderFields.remove(HTTPHeaderName::Referer); 307 300 308 if (url().protocolIsInHTTPFamily()) 309 m_platformRequestUpdated = false; 301 m_platformRequestUpdated = false; 310 302 } 311 303 … … 331 323 m_httpHeaderFields.remove(HTTPHeaderName::Origin); 332 324 333 if (url().protocolIsInHTTPFamily()) 334 m_platformRequestUpdated = false; 325 m_platformRequestUpdated = false; 335 326 } 336 327 … … 356 347 m_httpHeaderFields.remove(HTTPHeaderName::UserAgent); 357 348 358 if (url().protocolIsInHTTPFamily()) 359 m_platformRequestUpdated = false; 349 m_platformRequestUpdated = false; 360 350 } 361 351 … … 376 366 m_httpHeaderFields.remove(HTTPHeaderName::Accept); 377 367 378 if (url().protocolIsInHTTPFamily()) 379 m_platformRequestUpdated = false; 368 m_platformRequestUpdated = false; 380 369 } 381 370 … … 386 375 m_httpHeaderFields.remove(HTTPHeaderName::AcceptEncoding); 387 376 388 if (url().protocolIsInHTTPFamily()) 389 m_platformRequestUpdated = false; 377 m_platformRequestUpdated = false; 390 378 } 391 379 … … 403 391 m_responseContentDispositionEncodingFallbackArray.uncheckedAppend(encoding3); 404 392 405 if (url().protocolIsInHTTPFamily()) 406 m_platformRequestUpdated = false; 393 m_platformRequestUpdated = false; 407 394 } 408 395 … … 422 409 m_resourceRequestBodyUpdated = true; 423 410 424 if (url().protocolIsInHTTPFamily()) 425 m_platformRequestBodyUpdated = false; 411 m_platformRequestBodyUpdated = false; 426 412 } 427 413 … … 442 428 m_allowCookies = allowCookies; 443 429 444 if (url().protocolIsInHTTPFamily()) 445 m_platformRequestUpdated = false; 430 m_platformRequestUpdated = false; 446 431 } 447 432 … … 462 447 m_priority = priority; 463 448 464 if (url().protocolIsInHTTPFamily()) 465 m_platformRequestUpdated = false; 449 m_platformRequestUpdated = false; 466 450 } 467 451 … … 473 457 return; 474 458 475 if (url().protocolIsInHTTPFamily()) 476 m_platformRequestUpdated = false; 459 m_platformRequestUpdated = false; 477 460 } 478 461 … … 483 466 m_httpHeaderFields.add(name, value); 484 467 485 if (url().protocolIsInHTTPFamily()) 486 m_platformRequestUpdated = false; 468 m_platformRequestUpdated = false; 487 469 } 488 470 … … 493 475 m_httpHeaderFields.add(name, value); 494 476 495 if (url().protocolIsInHTTPFamily()) 496 m_platformRequestUpdated = false; 477 m_platformRequestUpdated = false; 497 478 } 498 479 … … 508 489 m_httpHeaderFields = WTFMove(headerFields); 509 490 510 if (url().protocolIsInHTTPFamily()) 511 m_platformRequestUpdated = false; 491 m_platformRequestUpdated = false; 512 492 } 513 493 -
trunk/Tools/ChangeLog
r223904 r223909 1 2017-10-24 Alex Christensen <achristensen@webkit.org> 2 3 Apply custom header fields from WebsitePolicies to same-domain requests 4 https://bugs.webkit.org/show_bug.cgi?id=178356 5 6 Reviewed by Brady Eidson. 7 8 * TestWebKitAPI/Tests/WebKitCocoa/WebsitePolicies.mm: 9 (expectHeaders): 10 1 11 2017-10-24 Stephan Szabo <stephan.szabo@sony.com> 2 12 -
trunk/Tools/TestWebKitAPI/Tests/WebKitCocoa/WebsitePolicies.mm
r223451 r223909 672 672 static bool secondTestDone; 673 673 static bool thirdTestDone; 674 static bool fourthTestDone; 674 675 675 676 static void expectHeaders(id <WKURLSchemeTask> task, bool expected) … … 677 678 NSURLRequest *request = task.request; 678 679 if (expected) { 679 // FIXME: Check that headers are on the request.680 // https://bugs.webkit.org/show_bug.cgi?id=177629680 EXPECT_STREQ([[request valueForHTTPHeaderField:@"X-key1"] UTF8String], "value1"); 681 EXPECT_STREQ([[request valueForHTTPHeaderField:@"X-key2"] UTF8String], "value2"); 681 682 } else { 682 683 EXPECT_TRUE([request valueForHTTPHeaderField:@"X-key1"] == nil); … … 740 741 respond(urlSchemeTask); 741 742 thirdTestDone = true; 743 } else if ([path isEqualToString:@"/createaboutblankiframe"]) { 744 expectHeaders(urlSchemeTask, true); 745 respond(urlSchemeTask, @"<script>start=()=>{var s = document.createElement('script');s.text=\"fetch('test:///requestfromaboutblank')\";document.getElementById('iframeid').contentWindow.document.body.appendChild(s);}</script><body><iframe src='about:blank' id=iframeid onload='start()'></iframe></body>"); 746 } else if ([path isEqualToString:@"/requestfromaboutblank"]) { 747 expectHeaders(urlSchemeTask, true); 748 respond(urlSchemeTask); 749 fourthTestDone = true; 742 750 } else 743 751 EXPECT_TRUE(false); … … 765 773 [webView loadRequest:[NSURLRequest requestWithURL:[NSURL URLWithString:@"test://toporigin/nestedtop"]]]; 766 774 TestWebKitAPI::Util::run(&thirdTestDone); 775 776 [webView loadRequest:[NSURLRequest requestWithURL:[NSURL URLWithString:@"test:///createaboutblankiframe"]]]; 777 TestWebKitAPI::Util::run(&fourthTestDone); 767 778 } 768 779
Note: See TracChangeset
for help on using the changeset viewer.