Changeset 205113 in webkit
- Timestamp:
- Aug 29, 2016 1:06:28 AM (8 years ago)
- Location:
- trunk
- Files:
-
- 19 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/LayoutTests/imported/w3c/ChangeLog
r205110 r205113 1 2016-08-29 Youenn Fablet <youenn@apple.com> 2 3 data:// URL behavior of XHR does not match spec 4 https://bugs.webkit.org/show_bug.cgi?id=109199 5 6 Reviewed by Darin Adler. 7 8 * web-platform-tests/XMLHttpRequest/data-uri-expected.txt: 9 * web-platform-tests/XMLHttpRequest/send-network-error-sync-events.sub-expected.txt: 10 * web-platform-tests/XMLHttpRequest/xmlhttprequest-sync-block-defer-scripts-expected.txt: 11 * web-platform-tests/XMLHttpRequest/xmlhttprequest-sync-block-scripts-expected.txt: 12 * web-platform-tests/XMLHttpRequest/xmlhttprequest-sync-not-hang-scriptloader-expected.txt: 13 * web-platform-tests/fetch/api/basic/scheme-data.js: Adding setStatusText check. 14 * web-platform-tests/fetch/api/basic/scheme-data-expected.txt: 15 * web-platform-tests/fetch/api/basic/scheme-data-worker-expected.txt: 16 1 17 2016-08-28 Youenn Fablet <youenn@apple.com> 2 18 -
trunk/LayoutTests/imported/w3c/web-platform-tests/XMLHttpRequest/data-uri-expected.txt
r202162 r205113 1 CONSOLE MESSAGE: line 40: XMLHttpRequest cannot load data:text/plain,Hello, World!. Cross origin requests are only supported for HTTP.2 CONSOLE MESSAGE: line 40: XMLHttpRequest cannot load data:text/plain;base64,SGVsbG8sIFdvcmxkIQ==. Cross origin requests are only supported for HTTP.3 CONSOLE MESSAGE: line 40: XMLHttpRequest cannot load data:text/html,Hello, World!. Cross origin requests are only supported for HTTP.4 CONSOLE MESSAGE: line 40: XMLHttpRequest cannot load data:text/html;charset=UTF-8,Hello, World!. Cross origin requests are only supported for HTTP.5 CONSOLE MESSAGE: line 40: XMLHttpRequest cannot load data:image/png,Hello, World!. Cross origin requests are only supported for HTTP.6 CONSOLE MESSAGE: line 40: XMLHttpRequest cannot load data:text/plain,Hello, World!. Cross origin requests are only supported for HTTP.7 CONSOLE MESSAGE: line 40: XMLHttpRequest cannot load data:text/plain,Hello, World!. Cross origin requests are only supported for HTTP.8 CONSOLE MESSAGE: XMLHttpRequest cannot load data:text/plain,Hello, World!. Preflight response is not successful9 CONSOLE MESSAGE: XMLHttpRequest cannot load data:text/plain,Hello, World!. Preflight response is not successful10 CONSOLE MESSAGE: XMLHttpRequest cannot load data:text/plain,Hello, World!. Preflight response is not successful11 1 12 FAIL XHR method GET with charset text/plain assert_equals: expected "Hello, World!" but got "" 13 FAIL XHR method GET with charset text/plain (base64) assert_equals: expected "Hello, World!" but got "" 14 FAIL XHR method GET with charset text/html assert_equals: expected "Hello, World!" but got "" 15 FAIL XHR method GET with charset text/html;charset=UTF-8 assert_equals: expected "Hello, World!" but got "" 16 FAIL XHR method GET with charset image/png assert_equals: expected "Hello, World!" but got "" 17 PASS XHR method POST with charset text/plain 18 PASS XHR method PUT with charset text/plain 19 PASS XHR method DELETE with charset text/plain 20 PASS XHR method HEAD with charset text/plain 21 PASS XHR method UNICORN with charset text/plain 2 PASS XHR method GET with charset text/plain 3 PASS XHR method GET with charset text/plain (base64) 4 PASS XHR method GET with charset text/html 5 PASS XHR method GET with charset text/html;charset=UTF-8 6 PASS XHR method GET with charset image/png 7 FAIL XHR method POST with charset text/plain assert_equals: expected 0 but got 200 8 FAIL XHR method PUT with charset text/plain assert_equals: expected 0 but got 200 9 FAIL XHR method DELETE with charset text/plain assert_equals: expected 0 but got 200 10 FAIL XHR method HEAD with charset text/plain assert_equals: expected 0 but got 200 11 FAIL XHR method UNICORN with charset text/plain assert_equals: expected 0 but got 200 22 12 -
trunk/LayoutTests/imported/w3c/web-platform-tests/XMLHttpRequest/send-network-error-sync-events.sub-expected.txt
r195588 r205113 1 1 CONSOLE MESSAGE: line 24: XMLHttpRequest cannot load http://nonexistent-origin.localhost}:8800. Cross origin requests are only supported for HTTP. 2 CONSOLE MESSAGE: line 32: XMLHttpRequest cannot load data:text/html;charset=utf-8;base64,PT0NUWVBFIGh0bWw%2BDQo8. Cross origin requests are only supported for HTTP.3 2 4 3 PASS XmlHttpRequest: The send() method: Throw a "throw an "NetworkError" exception when Network error happens (synchronous flag is set) -
trunk/LayoutTests/imported/w3c/web-platform-tests/XMLHttpRequest/xmlhttprequest-sync-block-defer-scripts-expected.txt
r203333 r205113 1 CONSOLE MESSAGE: line 1: XMLHttpRequest cannot load data:text/plain,aaa. Cross origin requests are only supported for HTTP.2 CONSOLE MESSAGE: line 1: NetworkError (DOM Exception 19): A network error occurred.3 1 4 2 5 FAIL Check that a sync XHR in a defer script blocks later defer scripts from running assert_equals: expected 1 but got 0 3 PASS Check that a sync XHR in a defer script blocks later defer scripts from running 6 4 -
trunk/LayoutTests/imported/w3c/web-platform-tests/XMLHttpRequest/xmlhttprequest-sync-block-scripts-expected.txt
r203333 r205113 1 CONSOLE MESSAGE: line 17: XMLHttpRequest cannot load data:,. Cross origin requests are only supported for HTTP.2 1 3 FAIL Check that while a sync XHR is in flight async script loads don't complete and run script A network error occurred. 2 PASS Check that while a sync XHR is in flight async script loads don't complete and run script 4 3 -
trunk/LayoutTests/imported/w3c/web-platform-tests/XMLHttpRequest/xmlhttprequest-sync-not-hang-scriptloader-expected.txt
r203333 r205113 1 CONSOLE MESSAGE: line 14: XMLHttpRequest cannot load data:,. Cross origin requests are only supported for HTTP.2 CONSOLE MESSAGE: line 14: NetworkError (DOM Exception 19): A network error occurred.3 1 4 2 -
trunk/LayoutTests/imported/w3c/web-platform-tests/fetch/api/basic/scheme-data-expected.txt
r198665 r205113 1 1 2 FAIL Fetching data:,response%27s%20body is OK promise_test: Unhandled rejection with value: object "TypeError: Type error" 3 FAIL Fetching data:text/plain;base64,cmVzcG9uc2UncyBib[...] is OK promise_test: Unhandled rejection with value: object "TypeError: Type error" 4 FAIL Fetching data:image/png;base64,cmVzcG9uc2UncyBib2[...] is OK promise_test: Unhandled rejection with value: object "TypeError: Type error" 5 PASS Fetching [GET] data:notAdataUrl.com is KO 6 PASS Fetching [POST] data:,response%27s%20body is KO 7 PASS Fetching [HEAD] data:,response%27s%20body is KO 2 PASS Fetching data:,response%27s%20body is OK 3 PASS Fetching data:text/plain;base64,cmVzcG9uc2UncyBib[...] is OK 4 PASS Fetching data:image/png;base64,cmVzcG9uc2UncyBib2[...] is OK 5 FAIL Fetching [GET] data:notAdataUrl.com is KO assert_unreached: Should have rejected. Reached unreachable code 6 FAIL Fetching [POST] data:,response%27s%20body is KO assert_unreached: Should have rejected. Reached unreachable code 7 FAIL Fetching [HEAD] data:,response%27s%20body is KO assert_unreached: Should have rejected. Reached unreachable code 8 8 -
trunk/LayoutTests/imported/w3c/web-platform-tests/fetch/api/basic/scheme-data-worker-expected.txt
r198891 r205113 1 1 2 FAIL Fetching data:,response%27s%20body is OK promise_test: Unhandled rejection with value: object "TypeError: Type error" 3 FAIL Fetching data:text/plain;base64,cmVzcG9uc2UncyBib[...] is OK promise_test: Unhandled rejection with value: object "TypeError: Type error" 4 FAIL Fetching data:image/png;base64,cmVzcG9uc2UncyBib2[...] is OK promise_test: Unhandled rejection with value: object "TypeError: Type error" 5 PASS Fetching [GET] data:notAdataUrl.com is KO 6 PASS Fetching [POST] data:,response%27s%20body is KO 7 PASS Fetching [HEAD] data:,response%27s%20body is KO 2 PASS Fetching data:,response%27s%20body is OK 3 PASS Fetching data:text/plain;base64,cmVzcG9uc2UncyBib[...] is OK 4 PASS Fetching data:image/png;base64,cmVzcG9uc2UncyBib2[...] is OK 5 FAIL Fetching [GET] data:notAdataUrl.com is KO assert_unreached: Should have rejected. Reached unreachable code 6 FAIL Fetching [POST] data:,response%27s%20body is KO assert_unreached: Should have rejected. Reached unreachable code 7 FAIL Fetching [HEAD] data:,response%27s%20body is KO assert_unreached: Should have rejected. Reached unreachable code 8 8 -
trunk/LayoutTests/imported/w3c/web-platform-tests/fetch/api/basic/scheme-data.js
r197748 r205113 10 10 return fetch(url).then(function(resp) { 11 11 assert_equals(resp.status, 200, "HTTP status is 200"); 12 assert_equals(resp.statusText, "OK", "HTTP statusText is OK"); 12 13 assert_equals(resp.type, "basic", "response type is basic"); 13 14 assert_equals(resp.headers.get("Content-Type"), mime, "Content-Type is " + resp.headers.get("Content-Type")); -
trunk/Source/WebCore/ChangeLog
r205111 r205113 1 2016-08-29 Youenn Fablet <youenn@apple.com> 2 3 data:// URL behavior of XHR does not match spec 4 https://bugs.webkit.org/show_bug.cgi?id=109199 5 6 Reviewed by Darin Adler. 7 8 Covered by rebased tests. 9 10 Making data URLs same origin for XHR and fetch API. 11 This is the behavior when https://fetch.spec.whatwg.org/#same-origin-data-url-flag is set. 12 As per the specs, this flag is set for fetch API and XMLHttpRequest. 13 Introducing this flag in ThreadableLoader options, default value being false. 14 Setting flag for XHR and fetch API. 15 16 Fixing accuracy of data URL loading by setting status code and content-type HTTP header as per fetch specification. 17 18 As can be seen from the rebased tests, no constraint is put on the method used as the fetch specification is about to allow all methods for data URLs. 19 20 * Modules/fetch/FetchLoader.cpp: 21 (WebCore::FetchLoader::start): Setting same-origin-data-url-flag to true. 22 * loader/DocumentThreadableLoader.cpp: 23 (WebCore::DocumentThreadableLoader::DocumentThreadableLoader): Making data URLs same origin if flag is set. 24 * loader/ResourceLoader.cpp: 25 (WebCore::ResourceLoader::loadDataURL): Setting status code and content-type header according specification. 26 * loader/ThreadableLoader.cpp: 27 (WebCore::ThreadableLoaderOptions::ThreadableLoaderOptions): Adding same-origin-data-url-flag option. 28 * loader/ThreadableLoader.h: 29 * loader/WorkerThreadableLoader.cpp: 30 (WebCore::LoaderTaskOptions::LoaderTaskOptions): Ensuring flag is preserved when going to the main thread. 31 * platform/network/DataURLDecoder.cpp: 32 (WebCore::DataURLDecoder::parseMediaType): Setting mediaType value, used by ResourceLoader to set the content-type header. 33 * platform/network/DataURLDecoder.h: 34 * xml/XMLHttpRequest.cpp: 35 (WebCore::XMLHttpRequest::createRequest): Setting same-origin-data-url-flag to true. 36 1 37 2016-08-25 Frederic Wang <fwang@igalia.com> 2 38 -
trunk/Source/WebCore/Modules/fetch/FetchLoader.cpp
r205082 r205113 78 78 context.shouldBypassMainWorldContentSecurityPolicy() ? ContentSecurityPolicyEnforcement::DoNotEnforce : ContentSecurityPolicyEnforcement::EnforceConnectSrcDirective, 79 79 String(cachedResourceRequestInitiators().fetch), 80 OpaqueResponseBodyPolicy::DoNotReceive); 80 OpaqueResponseBodyPolicy::DoNotReceive, 81 SameOriginDataURLFlag::Set); 81 82 options.sendLoadCallbacks = SendCallbacks; 82 83 options.dataBufferingPolicy = DoNotBufferData; -
trunk/Source/WebCore/loader/DocumentThreadableLoader.cpp
r205082 r205113 106 106 m_originalHeaders = request.httpHeaderFields(); 107 107 108 // As per step 11 of https://fetch.spec.whatwg.org/#main-fetch, data scheme (if same-origin data-URL flag is set) and about scheme are considered same-origin. 109 if (request.url().protocolIsData()) 110 m_sameOriginRequest = options.sameOriginDataURLFlag == SameOriginDataURLFlag::Set; 111 108 112 if (m_sameOriginRequest || m_options.mode == FetchOptions::Mode::NoCors) { 109 113 loadRequest(WTFMove(request), DoSecurityCheck); -
trunk/Source/WebCore/loader/ResourceLoader.cpp
r204976 r205113 260 260 261 261 ResourceResponse dataResponse { url, result.mimeType, dataSize, result.charset }; 262 dataResponse.setHTTPStatusCode(200); 263 dataResponse.setHTTPStatusText(ASCIILiteral("OK")); 264 dataResponse.setHTTPHeaderField(HTTPHeaderName::ContentType, result.contentType); 262 265 protectedThis->didReceiveResponse(dataResponse); 263 266 -
trunk/Source/WebCore/loader/ThreadableLoader.cpp
r205082 r205113 51 51 } 52 52 53 ThreadableLoaderOptions::ThreadableLoaderOptions(const ResourceLoaderOptions& baseOptions, PreflightPolicy preflightPolicy, ContentSecurityPolicyEnforcement contentSecurityPolicyEnforcement, String&& initiator, OpaqueResponseBodyPolicy opaqueResponse )53 ThreadableLoaderOptions::ThreadableLoaderOptions(const ResourceLoaderOptions& baseOptions, PreflightPolicy preflightPolicy, ContentSecurityPolicyEnforcement contentSecurityPolicyEnforcement, String&& initiator, OpaqueResponseBodyPolicy opaqueResponse, SameOriginDataURLFlag sameOriginDataURLFlag) 54 54 : ResourceLoaderOptions(baseOptions) 55 55 , preflightPolicy(preflightPolicy) … … 57 57 , initiator(WTFMove(initiator)) 58 58 , opaqueResponse(opaqueResponse) 59 , sameOriginDataURLFlag(sameOriginDataURLFlag) 59 60 { 60 61 } -
trunk/Source/WebCore/loader/ThreadableLoader.h
r205082 r205113 64 64 }; 65 65 66 enum class SameOriginDataURLFlag { 67 Set, 68 Unset 69 }; 70 66 71 struct ThreadableLoaderOptions : ResourceLoaderOptions { 67 72 ThreadableLoaderOptions(); 68 ThreadableLoaderOptions(const ResourceLoaderOptions&, PreflightPolicy, ContentSecurityPolicyEnforcement, String&& initiator, OpaqueResponseBodyPolicy );73 ThreadableLoaderOptions(const ResourceLoaderOptions&, PreflightPolicy, ContentSecurityPolicyEnforcement, String&& initiator, OpaqueResponseBodyPolicy, SameOriginDataURLFlag); 69 74 ~ThreadableLoaderOptions(); 70 75 … … 73 78 String initiator; // This cannot be an AtomicString, as isolatedCopy() wouldn't create an object that's safe for passing to another thread. 74 79 OpaqueResponseBodyPolicy opaqueResponse { OpaqueResponseBodyPolicy::Receive }; 80 SameOriginDataURLFlag sameOriginDataURLFlag { SameOriginDataURLFlag::Unset }; 75 81 }; 76 82 -
trunk/Source/WebCore/loader/WorkerThreadableLoader.cpp
r205082 r205113 93 93 94 94 LoaderTaskOptions::LoaderTaskOptions(const ThreadableLoaderOptions& options, const String& referrer, const SecurityOrigin& origin) 95 : options(options, options.preflightPolicy, options.contentSecurityPolicyEnforcement, options.initiator.isolatedCopy(), options.opaqueResponse )95 : options(options, options.preflightPolicy, options.contentSecurityPolicyEnforcement, options.initiator.isolatedCopy(), options.opaqueResponse, options.sameOriginDataURLFlag) 96 96 , referrer(referrer.isolatedCopy()) 97 97 , origin(origin.isolatedCopy()) -
trunk/Source/WebCore/platform/network/DataURLDecoder.cpp
r201575 r205113 116 116 charset = ASCIILiteral("US-ASCII"); 117 117 } 118 return { mimeType, charset, nullptr };118 return { mimeType, charset, !mediaType.isEmpty() ? mediaType : "text/plain;charset=US-ASCII", nullptr }; 119 119 } 120 120 121 static std::unique_ptr<DecodeTask> createDecodeTask(const URL& url, const ScheduleContext& scheduleContext, DecodeCompletionHandler completionHandler)121 static std::unique_ptr<DecodeTask> createDecodeTask(const URL& url, const ScheduleContext& scheduleContext, DecodeCompletionHandler&& completionHandler) 122 122 { 123 123 const char dataString[] = "data:"; -
trunk/Source/WebCore/platform/network/DataURLDecoder.h
r201482 r205113 46 46 String mimeType; 47 47 String charset; 48 String contentType; 48 49 RefPtr<SharedBuffer> data; 49 50 }; -
trunk/Source/WebCore/xml/XMLHttpRequest.cpp
r204717 r205113 694 694 options.contentSecurityPolicyEnforcement = scriptExecutionContext()->shouldBypassMainWorldContentSecurityPolicy() ? ContentSecurityPolicyEnforcement::DoNotEnforce : ContentSecurityPolicyEnforcement::EnforceConnectSrcDirective; 695 695 options.initiator = cachedResourceRequestInitiators().xmlhttprequest; 696 options.sameOriginDataURLFlag = SameOriginDataURLFlag::Set; 696 697 697 698 if (m_timeoutMilliseconds) {
Note: See TracChangeset
for help on using the changeset viewer.