Changeset 206478 in webkit
- Timestamp:
- Sep 27, 2016 5:37:01 PM (8 years ago)
- Location:
- trunk
- Files:
-
- 1 added
- 6 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/LayoutTests/ChangeLog
r206474 r206478 1 2016-09-27 Chris Dumez <cdumez@apple.com> 2 3 <a download> does not honor the same-origin requirement 4 https://bugs.webkit.org/show_bug.cgi?id=156100 5 6 Reviewed by Alex Christensen. 7 8 Update existing cross origin test as it expected the suggested filename to 9 be ignored but the file to still be downloaded (Chrome behavior) instead 10 of the download attribute to be completely ignored and therefore navigate 11 (Firefox behavior). 12 13 * TestExpectations: 14 * http/tests/resources/pass-notify-done.html: Added. 15 * http/tests/security/anchor-download-block-crossorigin-expected.txt: 16 * http/tests/security/anchor-download-block-crossorigin.html: 17 1 18 2016-09-27 Ryan Haddad <ryanhaddad@apple.com> 2 19 -
trunk/LayoutTests/TestExpectations
r206449 r206478 899 899 fast/scrolling/rtl-scrollbars-animation-property.html [ Failure ] 900 900 901 # <a download> does not honor cross-origin restrictions902 webkit.org/b/156100 http/tests/security/anchor-download-block-crossorigin.html [ Failure ]903 904 901 webkit.org/b/157849 fast/frames/crash-during-iframe-load-stop.html [ Pass Timeout ] 905 902 -
trunk/LayoutTests/http/tests/security/anchor-download-block-crossorigin-expected.txt
r198955 r206478 1 Downloading URL with suggested filename "" 2 Tests that a suggested filename on a download attribute is ignored if the link is cross origin. 3 4 The suggested filename at the top should be empty. 1 PASS -
trunk/LayoutTests/http/tests/security/anchor-download-block-crossorigin.html
r198955 r206478 5 5 <script> 6 6 if (window.testRunner) 7 testRunner.waitUntilDo wnloadFinished();7 testRunner.waitUntilDone(); 8 8 </script> 9 9 </head> 10 10 <body> 11 11 <p> 12 Tests that a suggested filename on adownload attribute is ignored if13 <a id="dl" href="http://localhost:8080/ security/resources/attachment.php" download="foo.pdf">the link</a> is cross origin.12 Tests that the download attribute is ignored if 13 <a id="dl" href="http://localhost:8080/resources/pass-notify-done.html" download="FAIL.pdf">the link</a> is cross origin. 14 14 <p> 15 The suggested filename at the top should be empty.15 It should navigate instead of downloading the file. 16 16 <script> 17 17 function click(elmt) -
trunk/Source/WebCore/ChangeLog
r206477 r206478 1 2016-09-27 Chris Dumez <cdumez@apple.com> 2 3 <a download> does not honor the same-origin requirement 4 https://bugs.webkit.org/show_bug.cgi?id=156100 5 6 Reviewed by Alex Christensen. 7 8 We now completely ignore the "download" attribute on anchors if the 9 href URL is cross-origin. We therefore navigate to the URL instead 10 of forcefully downloading it in this case and leave it up to the server 11 to give us the right headers if it should be downloaded. This is 12 conservative and matches Firefox. 13 14 Chrome and the HTML specification ignore only the suggested filename 15 if the URL is cross-origin but still download the file. 16 17 No new tests, updated existing test. 18 19 * html/HTMLAnchorElement.cpp: 20 (WebCore::HTMLAnchorElement::handleClick): 21 1 22 2016-09-27 Alex Christensen <achristensen@webkit.org> 2 23 -
trunk/Source/WebCore/html/HTMLAnchorElement.cpp
r206356 r206478 364 364 url.append(stripLeadingAndTrailingHTMLSpaces(attributeWithoutSynchronization(hrefAttr))); 365 365 appendServerMapMousePosition(url, event); 366 URL kurl= document().completeURL(url.toString());366 URL completedURL = document().completeURL(url.toString()); 367 367 368 368 auto downloadAttribute = nullAtom; 369 369 #if ENABLE(DOWNLOAD_ATTRIBUTE) 370 370 if (RuntimeEnabledFeatures::sharedFeatures().downloadAttributeEnabled()) { 371 downloadAttribute = attributeWithoutSynchronization(downloadAttr); 371 // Ignore the download attribute completely if the href URL is cross origin. 372 bool isSameOrigin = completedURL.protocolIsData() || document().securityOrigin()->canRequest(completedURL); 373 if (isSameOrigin) 374 downloadAttribute = attributeWithoutSynchronization(downloadAttr); 372 375 // If the a element has a download attribute and the algorithm is not triggered by user activation 373 376 // then abort these steps. … … 378 381 #endif 379 382 380 frame->loader().urlSelected( kurl, target(), &event, LockHistory::No, LockBackForwardList::No, hasRel(RelationNoReferrer) ? NeverSendReferrer : MaybeSendReferrer, document().shouldOpenExternalURLsPolicyToPropagate(), downloadAttribute);381 382 sendPings( kurl);383 frame->loader().urlSelected(completedURL, target(), &event, LockHistory::No, LockBackForwardList::No, hasRel(RelationNoReferrer) ? NeverSendReferrer : MaybeSendReferrer, document().shouldOpenExternalURLsPolicyToPropagate(), downloadAttribute); 384 385 sendPings(completedURL); 383 386 } 384 387
Note: See TracChangeset
for help on using the changeset viewer.