Changeset 280582 in webkit

Timestamp:

Aug 2, 2021 8:53:25 PM (12 months ago)

Author:

Chris Dumez

Message:

[COOP] Cross-Origin-Opener-Policy header parsing fails when report-to parameter is present
​https://bugs.webkit.org/show_bug.cgi?id=228719

Reviewed by Geoff Garen.

LayoutTests/imported/w3c:

Rebaseline WPT test that is now failing a bit later.

• web-platform-tests/html/cross-origin-opener-policy/reporting/navigation-reporting/reporting-redirect-with-same-origin-allow-popups.https-expected.txt:

Source/WebCore:

Cross-Origin-Opener-Policy header parsing fails when report-to parameter is present, because
parseStructuredFieldValue() doesn't handle parameters whose value is double-quoted:

• ​https://datatracker.ietf.org/doc/html/rfc8941#section-4.2.3.2
• ​https://datatracker.ietf.org/doc/html/rfc8941#section-4.2.3.1
• ​https://datatracker.ietf.org/doc/html/rfc8941#section-4.2.5

Test: http/wpt/cross-origin-opener-policy/header-parsing-with-report-to.https.html

• platform/network/HTTPParsers.cpp:

(WebCore::parseStructuredFieldValue):

LayoutTests:

Add layout test coverage.

• http/wpt/cross-origin-opener-policy/header-parsing-with-report-to.https-expected.txt: Added.
• http/wpt/cross-origin-opener-policy/header-parsing-with-report-to.https.html: Added.

Location:

trunk

Files:

• LayoutTests/ChangeLog (modified) (1 diff)
• LayoutTests/http/wpt/cross-origin-opener-policy (added)
• LayoutTests/http/wpt/cross-origin-opener-policy/header-parsing-with-report-to.https-expected.txt (added)
• LayoutTests/http/wpt/cross-origin-opener-policy/header-parsing-with-report-to.https.html (added)
• LayoutTests/imported/w3c/ChangeLog (modified) (1 diff)
• LayoutTests/imported/w3c/web-platform-tests/html/cross-origin-opener-policy/reporting/navigation-reporting/reporting-redirect-with-same-origin-allow-popups.https-expected.txt (modified) (1 diff)
• Source/WebCore/ChangeLog (modified) (1 diff)
• Source/WebCore/platform/network/HTTPParsers.cpp (modified) (2 diffs)

trunk/LayoutTests/ChangeLog

@@ +1 @@
+2021-08-02  Chris Dumez  <cdumez@apple.com>
+
+        [COOP] Cross-Origin-Opener-Policy header parsing fails when report-to parameter is present
+        https://bugs.webkit.org/show_bug.cgi?id=228719
+
+        Reviewed by Geoff Garen.
+
+        Add layout test coverage.
+
+        * http/wpt/cross-origin-opener-policy/header-parsing-with-report-to.https-expected.txt: Added.
+        * http/wpt/cross-origin-opener-policy/header-parsing-with-report-to.https.html: Added.
+
 2021-08-02  Lauro Moura  <lmoura@igalia.com>
 

trunk/LayoutTests/imported/w3c/ChangeLog

@@ +1 @@
+2021-08-02  Chris Dumez  <cdumez@apple.com>
+
+        [COOP] Cross-Origin-Opener-Policy header parsing fails when report-to parameter is present
+        https://bugs.webkit.org/show_bug.cgi?id=228719
+
+        Reviewed by Geoff Garen.
+
+        Rebaseline WPT test that is now failing a bit later.
+
+        * web-platform-tests/html/cross-origin-opener-policy/reporting/navigation-reporting/reporting-redirect-with-same-origin-allow-popups.https-expected.txt:
+
 2021-08-02  Chris Dumez  <cdumez@apple.com>
 

trunk/LayoutTests/imported/w3c/web-platform-tests/html/cross-origin-opener-policy/reporting/navigation-reporting/reporting-redirect-with-same-origin-allow-popups.https-expected.txt

@@ -1 +1 @@
 
-FAIL Same origin openee redirected to same-origin with same-origin-allow-popups assert_equals: opener expected "false" but got "true"
-FAIL Cross origin openee redirected to same-origin with same-origin-allow-popups assert_equals: opener expected "false" but got "true"
+Harness Error (TIMEOUT), message = null
 
+TIMEOUT Same origin openee redirected to same-origin with same-origin-allow-popups Test timed out
+NOTRUN Cross origin openee redirected to same-origin with same-origin-allow-popups
+

trunk/Source/WebCore/ChangeLog

@@ +1 @@
+2021-08-02  Chris Dumez  <cdumez@apple.com>
+
+        [COOP] Cross-Origin-Opener-Policy header parsing fails when report-to parameter is present
+        https://bugs.webkit.org/show_bug.cgi?id=228719
+
+        Reviewed by Geoff Garen.
+
+        Cross-Origin-Opener-Policy header parsing fails when report-to parameter is present, because
+        parseStructuredFieldValue() doesn't handle parameters whose value is double-quoted:
+        - https://datatracker.ietf.org/doc/html/rfc8941#section-4.2.3.2
+        - https://datatracker.ietf.org/doc/html/rfc8941#section-4.2.3.1
+        - https://datatracker.ietf.org/doc/html/rfc8941#section-4.2.5
+
+        Test: http/wpt/cross-origin-opener-policy/header-parsing-with-report-to.https.html
+
+        * platform/network/HTTPParsers.cpp:
+        (WebCore::parseStructuredFieldValue):
+
 2021-08-02  Sonia Singla  <soniasingla.1812@gmail.com>
 

trunk/Source/WebCore/platform/network/HTTPParsers.cpp

@@ -39 +39 @@
 #include <wtf/DateMath.h>
 #include <wtf/NeverDestroyed.h>
+#include <wtf/text/StringBuilder.h>
 #include <wtf/text/StringToIntegerConversion.h>
 #include <wtf/unicode/CharacterNames.h>
@@ -619 +620 @@
             ++index;
         }
-        String key = header.substring(keyStart, index - keyStart).toStringWithoutCopying();
+        String key = header.substring(keyStart, index - keyStart).toString();
         String value = "true";
         if (index < header.length() && header[index] == '=') {
             ++index; // Consume '='.
-            if (!isASCIIAlpha(header[index]) && header[index] != '*')
+            if (isASCIIAlpha(header[index]) || header[index] == '*') {
+                // https://datatracker.ietf.org/doc/html/rfc8941#section-4.2.6
+                size_t valueStart = index++;
+                while (index < header.length()) {
+                    UChar c = header[index];
+                    if (!RFC7230::isTokenCharacter(c) && c != ':' && c != '/')
+                        break;
+                    ++index;
+                }
+                value = header.substring(valueStart, index - valueStart).toString();
+            } else if (header[index] == '"') {
+                // https://datatracker.ietf.org/doc/html/rfc8941#section-4.2.5
+                StringBuilder valueBuilder;
+                ++index; // Skip DQUOTE.
+                while (index < header.length()) {
+                    if (header[index] == '\\') {
+                        ++index;
+                        if (index == header.length())
+                            return std::nullopt;
+                        if (header[index] != '\\' && header[index] != '"')
+                            return std::nullopt;
+                        valueBuilder.append(header[index]);
+                    } else if (header[index] == '\"') {
+                        value = valueBuilder.toString();
+                        break;
+                    } else if ((header[index] >= 0x00 && header[index] <= 0x1F) || (header[index] >= 0x7F && header[index] <= 0xFF)) // Not in VCHAR or SP.
+                        return std::nullopt;
+                    else
+                        valueBuilder.append(header[index]);
+                    ++index;
+                }
+                if (index == header.length())
+                    return std::nullopt;
+                ++index; // Skip DQUOTE.
+            } else
                 return std::nullopt;
-            size_t valueStart = index++;
-            while (index < header.length()) {
-                UChar c = header[index];
-                if (!RFC7230::isTokenCharacter(c) && c != ':' && c != '/')
-                    break;
-                ++index;
-            }
-            value = header.substring(valueStart, index - valueStart).toStringWithoutCopying();
         }
         parameters.set(WTFMove(key), WTFMove(value));