Changeset 220442 in webkit

Timestamp:

Aug 8, 2017 10:15:47 PM (7 years ago)

Author:

Chris Dumez

Message:

[Beacon] Add support for CORS-preflighting for WK2 / NETWORK_SESSION
​https://bugs.webkit.org/show_bug.cgi?id=175264
<rdar://problem/33547793>

Reviewed by Youenn Fablet.

Source/WebCore:

Pass additional information when creating a PingHandle so that the PingLoad
can deal with CORS-preflighting on Network process side.

Tests: http/wpt/beacon/cors/cors-preflight-arraybufferview-failure.html

http/wpt/beacon/cors/cors-preflight-arraybufferview-success.html
http/wpt/beacon/cors/cors-preflight-blob-failure.html
http/wpt/beacon/cors/cors-preflight-blob-success.html
http/wpt/beacon/cors/cors-preflight-cookie.html

• WebCore.xcodeproj/project.pbxproj:
• loader/CrossOriginAccessControl.cpp:

(WebCore::validatePreflightResponse):

• loader/CrossOriginAccessControl.h:
• loader/CrossOriginPreflightChecker.cpp:

(WebCore::CrossOriginPreflightChecker::validatePreflightResponse):

• loader/CrossOriginPreflightResultCache.h:
• loader/LoaderStrategy.h:
• loader/PingLoader.cpp:

(WebCore::PingLoader::loadImage):
(WebCore::PingLoader::sendPing):
(WebCore::PingLoader::sendViolationReport):
(WebCore::PingLoader::startPingLoad):

• loader/PingLoader.h:
• loader/cache/CachedResource.cpp:

(WebCore::CachedResource::load):

• page/SecurityOrigin.h:

Source/WebKit:

Implement CORS-preflighting for beacons with a payload that has a non
safelisted MIME type, as per:

• ​https://w3c.github.io/beacon/#privacy
• ​https://www.w3.org/TR/beacon/#sec-processing-model

CORS-preflighting is completely handled on Network Process side because
a beacon request can outlive its page and therefore its WebContent
process. This requires us to pass a little more information to the
Network process, in particular the source origin and the corsMode.

The current implementation does not currently deal with CORS preflights
needed upon a redirect. This will be added in a follow-up.

• CMakeLists.txt:
• NetworkProcess/NetworkCORSPreflightChecker.cpp: Added.

(WebKit::NetworkCORSPreflightChecker::NetworkCORSPreflightChecker):
(WebKit::NetworkCORSPreflightChecker::~NetworkCORSPreflightChecker):
(WebKit::NetworkCORSPreflightChecker::startPreflight):
(WebKit::NetworkCORSPreflightChecker::willPerformHTTPRedirection):
(WebKit::NetworkCORSPreflightChecker::didReceiveChallenge):
(WebKit::NetworkCORSPreflightChecker::didReceiveResponseNetworkSession):
(WebKit::NetworkCORSPreflightChecker::didReceiveData):
(WebKit::NetworkCORSPreflightChecker::didCompleteWithError):
(WebKit::NetworkCORSPreflightChecker::didSendData):
(WebKit::NetworkCORSPreflightChecker::wasBlocked):
(WebKit::NetworkCORSPreflightChecker::cannotShowURL):

• NetworkProcess/NetworkCORSPreflightChecker.h: Added.
• NetworkProcess/NetworkConnectionToWebProcess.cpp:

(WebKit::NetworkConnectionToWebProcess::loadPing):

• NetworkProcess/NetworkConnectionToWebProcess.h:
• NetworkProcess/NetworkResourceLoadParameters.cpp:

(WebKit::NetworkResourceLoadParameters::encode const):
(WebKit::NetworkResourceLoadParameters::decode):

• NetworkProcess/NetworkResourceLoadParameters.h:
• NetworkProcess/PingLoad.cpp: Added.

(WebKit::PingLoad::PingLoad):
(WebKit::PingLoad::~PingLoad):
(WebKit::PingLoad::startNetworkLoad):
(WebKit::PingLoad::willPerformHTTPRedirection):
(WebKit::PingLoad::didReceiveChallenge):
(WebKit::PingLoad::didReceiveResponseNetworkSession):
(WebKit::PingLoad::didReceiveData):
(WebKit::PingLoad::didCompleteWithError):
(WebKit::PingLoad::didSendData):
(WebKit::PingLoad::wasBlocked):
(WebKit::PingLoad::cannotShowURL):
(WebKit::PingLoad::timeoutTimerFired):
(WebKit::PingLoad::needsCORSPreflight const):
(WebKit::PingLoad::doCORSPreflight):

• NetworkProcess/PingLoad.h:
• WebKit.xcodeproj/project.pbxproj:
• WebProcess/Network/WebLoaderStrategy.cpp:

(WebKit::WebLoaderStrategy::createPingHandle):

• WebProcess/Network/WebLoaderStrategy.h:

Source/WebKitLegacy:

createPingHandle() now takes new parameters but there is currently no behavior
change on WebKit1.

• WebCoreSupport/WebResourceLoadScheduler.cpp:

(WebResourceLoadScheduler::createPingHandle):

• WebCoreSupport/WebResourceLoadScheduler.h:

LayoutTests:

Add layout test coverage.

• http/wpt/beacon/cors/cors-preflight-arraybufferview-failure-expected.txt: Added.
• http/wpt/beacon/cors/cors-preflight-arraybufferview-failure.html: Added.
• http/wpt/beacon/cors/cors-preflight-arraybufferview-success-expected.txt: Added.
• http/wpt/beacon/cors/cors-preflight-arraybufferview-success.html: Added.
• http/wpt/beacon/cors/cors-preflight-blob-failure-expected.txt: Added.
• http/wpt/beacon/cors/cors-preflight-blob-failure.html: Added.
• http/wpt/beacon/cors/cors-preflight-blob-success-expected.txt: Added.
• http/wpt/beacon/cors/cors-preflight-blob-success.html: Added.
• http/wpt/beacon/cors/cors-preflight-cookie-expected.txt: Added.
• http/wpt/beacon/cors/cors-preflight-cookie.html: Added.
• http/wpt/beacon/resources/beacon-preflight.py: Added.

(respondToCORSPreflight):
(main):

• http/wpt/beacon/resources/set-cookie.py: Added.

(main):

• platform/mac-wk1/TestExpectations:
• platform/mac-wk2/TestExpectations:
• platform/win/TestExpectations:

Location:

trunk

Files:

• LayoutTests/ChangeLog (modified) (1 diff)
• LayoutTests/http/wpt/beacon/cors (added)
• LayoutTests/http/wpt/beacon/cors/cors-preflight-arraybufferview-failure-expected.txt (added)
• LayoutTests/http/wpt/beacon/cors/cors-preflight-arraybufferview-failure.html (added)
• LayoutTests/http/wpt/beacon/cors/cors-preflight-arraybufferview-success-expected.txt (added)
• LayoutTests/http/wpt/beacon/cors/cors-preflight-arraybufferview-success.html (added)
• LayoutTests/http/wpt/beacon/cors/cors-preflight-blob-failure-expected.txt (added)
• LayoutTests/http/wpt/beacon/cors/cors-preflight-blob-failure.html (added)
• LayoutTests/http/wpt/beacon/cors/cors-preflight-blob-success-expected.txt (added)
• LayoutTests/http/wpt/beacon/cors/cors-preflight-blob-success.html (added)
• LayoutTests/http/wpt/beacon/cors/cors-preflight-cookie-expected.txt (added)
• LayoutTests/http/wpt/beacon/cors/cors-preflight-cookie.html (added)
• LayoutTests/http/wpt/beacon/resources (added)
• LayoutTests/http/wpt/beacon/resources/beacon-preflight.py (added)
• LayoutTests/http/wpt/beacon/resources/set-cookie.py (added)
• LayoutTests/platform/mac-wk1/TestExpectations (modified) (1 diff)
• LayoutTests/platform/mac-wk2/TestExpectations (modified) (1 diff)
• LayoutTests/platform/win/TestExpectations (modified) (1 diff)
• Source/WebCore/ChangeLog (modified) (1 diff)
• Source/WebCore/WebCore.xcodeproj/project.pbxproj (modified) (1 diff)
• Source/WebCore/loader/CrossOriginAccessControl.cpp (modified) (2 diffs)
• Source/WebCore/loader/CrossOriginAccessControl.h (modified) (1 diff)
• Source/WebCore/loader/CrossOriginPreflightChecker.cpp (modified) (2 diffs)
• Source/WebCore/loader/CrossOriginPreflightResultCache.h (modified) (2 diffs)
• Source/WebCore/loader/LoaderStrategy.h (modified) (2 diffs)
• Source/WebCore/loader/PingLoader.cpp (modified) (4 diffs)
• Source/WebCore/loader/PingLoader.h (modified) (2 diffs)
• Source/WebCore/loader/cache/CachedResource.cpp (modified) (1 diff)
• Source/WebCore/page/SecurityOrigin.h (modified) (1 diff)
• Source/WebKit/CMakeLists.txt (modified) (2 diffs)
• Source/WebKit/ChangeLog (modified) (1 diff)
• Source/WebKit/NetworkProcess/NetworkCORSPreflightChecker.cpp (added)
• Source/WebKit/NetworkProcess/NetworkCORSPreflightChecker.h (added)
• Source/WebKit/NetworkProcess/NetworkConnectionToWebProcess.cpp (modified) (1 diff)
• Source/WebKit/NetworkProcess/NetworkConnectionToWebProcess.h (modified) (1 diff)
• Source/WebKit/NetworkProcess/NetworkResourceLoadParameters.cpp (modified) (3 diffs)
• Source/WebKit/NetworkProcess/NetworkResourceLoadParameters.h (modified) (2 diffs)
• Source/WebKit/NetworkProcess/PingLoad.cpp (added)
• Source/WebKit/NetworkProcess/PingLoad.h (modified) (1 diff)
• Source/WebKit/WebKit.xcodeproj/project.pbxproj (modified) (9 diffs)
• Source/WebKit/WebProcess/Network/WebLoaderStrategy.cpp (modified) (4 diffs)
• Source/WebKit/WebProcess/Network/WebLoaderStrategy.h (modified) (2 diffs)
• Source/WebKitLegacy/ChangeLog (modified) (1 diff)
• Source/WebKitLegacy/WebCoreSupport/WebResourceLoadScheduler.cpp (modified) (2 diffs)
• Source/WebKitLegacy/WebCoreSupport/WebResourceLoadScheduler.h (modified) (2 diffs)

trunk/LayoutTests/ChangeLog

@@ +1 @@
+2017-08-08  Chris Dumez  <cdumez@apple.com>
+
+        [Beacon] Add support for CORS-preflighting for WK2 / NETWORK_SESSION
+        https://bugs.webkit.org/show_bug.cgi?id=175264
+        <rdar://problem/33547793>
+
+        Reviewed by Youenn Fablet.
+
+        Add layout test coverage.
+
+        * http/wpt/beacon/cors/cors-preflight-arraybufferview-failure-expected.txt: Added.
+        * http/wpt/beacon/cors/cors-preflight-arraybufferview-failure.html: Added.
+        * http/wpt/beacon/cors/cors-preflight-arraybufferview-success-expected.txt: Added.
+        * http/wpt/beacon/cors/cors-preflight-arraybufferview-success.html: Added.
+        * http/wpt/beacon/cors/cors-preflight-blob-failure-expected.txt: Added.
+        * http/wpt/beacon/cors/cors-preflight-blob-failure.html: Added.
+        * http/wpt/beacon/cors/cors-preflight-blob-success-expected.txt: Added.
+        * http/wpt/beacon/cors/cors-preflight-blob-success.html: Added.
+        * http/wpt/beacon/cors/cors-preflight-cookie-expected.txt: Added.
+        * http/wpt/beacon/cors/cors-preflight-cookie.html: Added.
+        * http/wpt/beacon/resources/beacon-preflight.py: Added.
+        (respondToCORSPreflight):
+        (main):
+        * http/wpt/beacon/resources/set-cookie.py: Added.
+        (main):
+        * platform/mac-wk1/TestExpectations:
+        * platform/mac-wk2/TestExpectations:
+        * platform/win/TestExpectations:
+
 2017-08-08  Devin Rousso  <drousso@apple.com>
 

trunk/LayoutTests/platform/mac-wk1/TestExpectations

@@ -361 +361 @@
 webkit.org/b/170877 [ Debug ] webgl/1.0.2/conformance/glsl/misc/shader-with-reserved-words.html [ Pass Timeout ]
 
+# CORS-preflighting for Beacon is not supported on WK1.
+webkit.org/b/175330 http/wpt/beacon/cors/ [ Skip ]
+
 # This was a WK2-only fix.
 http/tests/css/filters-on-iframes.html [ Skip ]

trunk/LayoutTests/platform/mac-wk2/TestExpectations

@@ -723 +723 @@
 webkit.org/b/172834 [ ElCapitan ] imported/w3c/web-platform-tests/IndexedDB/idbobjectstore_getAllKeys.html [ Pass Failure ]
 
+
+# CORS-preflighting for Beacon is not supported on WK2 for non NETWORK_SESSION code path.
+webkit.org/b/175330 [ ElCapitan ] http/wpt/beacon/cors/ [ Skip ]
+
 webkit.org/b/172201 webaudio/silent-audio-interrupted-in-background.html [ Pass Timeout ]
 

trunk/LayoutTests/platform/win/TestExpectations

@@ -4048 +4048 @@
 webkit.org/b/174079 fast/text/variations/skia-postscript-name.html [ ImageOnlyFailure ]
 
+# CORS-preflighting for Beacon is not supported on WK1.
+webkit.org/b/175330 http/wpt/beacon/cors/ [ Skip ]
+
 # Async image tests are currently failing on Windows.
 webkit.org/b/174653 fast/images/async-image-background-image-repeated.html [ Timeout ]

trunk/Source/WebCore/ChangeLog

@@ +1 @@
+2017-08-08  Chris Dumez  <cdumez@apple.com>
+
+        [Beacon] Add support for CORS-preflighting for WK2 / NETWORK_SESSION
+        https://bugs.webkit.org/show_bug.cgi?id=175264
+        <rdar://problem/33547793>
+
+        Reviewed by Youenn Fablet.
+
+        Pass additional information when creating a PingHandle so that the PingLoad
+        can deal with CORS-preflighting on Network process side.
+
+        Tests: http/wpt/beacon/cors/cors-preflight-arraybufferview-failure.html
+               http/wpt/beacon/cors/cors-preflight-arraybufferview-success.html
+               http/wpt/beacon/cors/cors-preflight-blob-failure.html
+               http/wpt/beacon/cors/cors-preflight-blob-success.html
+               http/wpt/beacon/cors/cors-preflight-cookie.html
+
+        * WebCore.xcodeproj/project.pbxproj:
+        * loader/CrossOriginAccessControl.cpp:
+        (WebCore::validatePreflightResponse):
+        * loader/CrossOriginAccessControl.h:
+        * loader/CrossOriginPreflightChecker.cpp:
+        (WebCore::CrossOriginPreflightChecker::validatePreflightResponse):
+        * loader/CrossOriginPreflightResultCache.h:
+        * loader/LoaderStrategy.h:
+        * loader/PingLoader.cpp:
+        (WebCore::PingLoader::loadImage):
+        (WebCore::PingLoader::sendPing):
+        (WebCore::PingLoader::sendViolationReport):
+        (WebCore::PingLoader::startPingLoad):
+        * loader/PingLoader.h:
+        * loader/cache/CachedResource.cpp:
+        (WebCore::CachedResource::load):
+        * page/SecurityOrigin.h:
+
 2017-08-08  Sam Weinig  <sam@webkit.org>
 

trunk/Source/WebCore/WebCore.xcodeproj/project.pbxproj

@@ -6643 +6643 @@
                 E1C415DA0F655D6F0092D2FB /* CrossOriginPreflightResultCache.h in Headers */ = {isa = PBXBuildFile; fileRef = E1C415D90F655D6F0092D2FB /* CrossOriginPreflightResultCache.h */; settings = {ATTRIBUTES = (Private, ); }; };
                 E1C415DE0F655D7C0092D2FB /* CrossOriginPreflightResultCache.cpp in Sources */ = {isa = PBXBuildFile; fileRef = E1C415DD0F655D7C0092D2FB /* CrossOriginPreflightResultCache.cpp */; };
-                E1C416120F6562FD0092D2FB /* CrossOriginAccessControl.h in Headers */ = {isa = PBXBuildFile; fileRef = E1C416110F6562FD0092D2FB /* CrossOriginAccessControl.h */; };
+                E1C416120F6562FD0092D2FB /* CrossOriginAccessControl.h in Headers */ = {isa = PBXBuildFile; fileRef = E1C416110F6562FD0092D2FB /* CrossOriginAccessControl.h */; settings = {ATTRIBUTES = (Private, ); }; };
                 E1C416170F6563180092D2FB /* CrossOriginAccessControl.cpp in Sources */ = {isa = PBXBuildFile; fileRef = E1C416160F6563180092D2FB /* CrossOriginAccessControl.cpp */; };
                 E1C4DE690EA75C1E0023CCD6 /* ActiveDOMObject.h in Headers */ = {isa = PBXBuildFile; fileRef = E1C4DE680EA75C1E0023CCD6 /* ActiveDOMObject.h */; settings = {ATTRIBUTES = (Private, ); }; };

trunk/Source/WebCore/loader/CrossOriginAccessControl.cpp

@@ -28 +28 @@
 #include "CrossOriginAccessControl.h"
 
+#include "CrossOriginPreflightResultCache.h"
 #include "HTTPHeaderNames.h"
 #include "HTTPParsers.h"
@@ -157 +158 @@
 }
 
+bool validatePreflightResponse(const ResourceRequest& request, const ResourceResponse& response, StoredCredentials includeCredentials, SecurityOrigin& securityOrigin, String& errorDescription)
+{
+    if (!response.isSuccessful()) {
+        errorDescription = ASCIILiteral("Preflight response is not successful");
+        return false;
+    }
+
+    if (!passesAccessControlCheck(response, includeCredentials, securityOrigin, errorDescription))
+        return false;
+
+    auto result = std::make_unique<CrossOriginPreflightResultCacheItem>(includeCredentials);
+    if (!result->parse(response, errorDescription)
+        || !result->allowsCrossOriginMethod(request.httpMethod(), errorDescription)
+        || !result->allowsCrossOriginHeaders(request.httpHeaderFields(), errorDescription)) {
+        return false;
+    }
+
+    CrossOriginPreflightResultCache::singleton().appendEntry(securityOrigin.toString(), request.url(), WTFMove(result));
+    return true;
+}
+
 } // namespace WebCore

trunk/Source/WebCore/loader/CrossOriginAccessControl.h

@@ -42 +42 @@
 
 void updateRequestForAccessControl(ResourceRequest&, SecurityOrigin&, StoredCredentials);
-ResourceRequest createAccessControlPreflightRequest(const ResourceRequest&, SecurityOrigin&, const String&);
+WEBCORE_EXPORT ResourceRequest createAccessControlPreflightRequest(const ResourceRequest&, SecurityOrigin&, const String&);
 
 bool isValidCrossOriginRedirectionURL(const URL&);
 void cleanRedirectedRequestForAccessControl(ResourceRequest&);
 
-bool passesAccessControlCheck(const ResourceResponse&, StoredCredentials, SecurityOrigin&, String& errorDescription);
+WEBCORE_EXPORT bool passesAccessControlCheck(const ResourceResponse&, StoredCredentials, SecurityOrigin&, String& errorDescription);
+WEBCORE_EXPORT bool validatePreflightResponse(const ResourceRequest&, const ResourceResponse&, StoredCredentials, SecurityOrigin&, String& errorDescription);
 
 } // namespace WebCore

trunk/Source/WebCore/loader/CrossOriginPreflightChecker.cpp

@@ -61 +61 @@
 void CrossOriginPreflightChecker::validatePreflightResponse(DocumentThreadableLoader& loader, ResourceRequest&& request, unsigned long identifier, const ResourceResponse& response)
 {
-    Frame* frame = loader.document().frame();
-    ASSERT(frame);
-
-    if (!response.isSuccessful()) {
-        loader.preflightFailure(identifier, ResourceError(errorDomainWebKitInternal, 0, request.url(), ASCIILiteral("Preflight response is not successful"), ResourceError::Type::AccessControl));
+    String errorDescription;
+    if (!WebCore::validatePreflightResponse(request, response, loader.options().allowCredentials, loader.securityOrigin(), errorDescription)) {
+        loader.preflightFailure(identifier, ResourceError(errorDomainWebKitInternal, 0, request.url(), errorDescription, ResourceError::Type::AccessControl));
         return;
     }
 
-    String description;
-    if (!passesAccessControlCheck(response, loader.options().allowCredentials, loader.securityOrigin(), description)) {
-        loader.preflightFailure(identifier, ResourceError(errorDomainWebKitInternal, 0, request.url(), description, ResourceError::Type::AccessControl));
-        return;
-    }
-
-    auto result = std::make_unique<CrossOriginPreflightResultCacheItem>(loader.options().allowCredentials);
-    if (!result->parse(response, description)
-        || !result->allowsCrossOriginMethod(request.httpMethod(), description)
-        || !result->allowsCrossOriginHeaders(request.httpHeaderFields(), description)) {
-        loader.preflightFailure(identifier, ResourceError(errorDomainWebKitInternal, 0, request.url(), description, ResourceError::Type::AccessControl));
-        return;
-    }
+    Frame* frame = loader.document().frame();
+    ASSERT(frame);
 
     // FIXME: <https://webkit.org/b/164889> Web Inspector: Show Preflight Request information in inspector
@@ -90 +77 @@
     InspectorInstrumentation::didFinishLoading(frame, frame->loader().documentLoader(), identifier, emptyMetrics, nullptr);
 
-    CrossOriginPreflightResultCache::singleton().appendEntry(loader.securityOrigin().toString(), request.url(), WTFMove(result));
     loader.preflightSuccess(WTFMove(request));
 }

trunk/Source/WebCore/loader/CrossOriginPreflightResultCache.h

@@ -47 +47 @@
     }
 
-    bool parse(const ResourceResponse&, String& errorDescription);
-    bool allowsCrossOriginMethod(const String&, String& errorDescription) const;
-    bool allowsCrossOriginHeaders(const HTTPHeaderMap&, String& errorDescription) const;
+    WEBCORE_EXPORT bool parse(const ResourceResponse&, String& errorDescription);
+    WEBCORE_EXPORT bool allowsCrossOriginMethod(const String&, String& errorDescription) const;
+    WEBCORE_EXPORT bool allowsCrossOriginHeaders(const HTTPHeaderMap&, String& errorDescription) const;
     bool allowsRequest(StoredCredentials, const String& method, const HTTPHeaderMap& requestHeaders) const;
 
@@ -68 +68 @@
     WEBCORE_EXPORT static CrossOriginPreflightResultCache& singleton();
 
-    void appendEntry(const String& origin, const URL&, std::unique_ptr<CrossOriginPreflightResultCacheItem>);
-    bool canSkipPreflight(const String& origin, const URL&, StoredCredentials, const String& method, const HTTPHeaderMap& requestHeaders);
+    WEBCORE_EXPORT void appendEntry(const String& origin, const URL&, std::unique_ptr<CrossOriginPreflightResultCacheItem>);
+    WEBCORE_EXPORT bool canSkipPreflight(const String& origin, const URL&, StoredCredentials, const String& method, const HTTPHeaderMap& requestHeaders);
 
     WEBCORE_EXPORT void empty();

trunk/Source/WebCore/loader/LoaderStrategy.h

@@ -43 +43 @@
 class ResourceRequest;
 class ResourceResponse;
+class SecurityOrigin;
 class SharedBuffer;
 class SubresourceLoader;
 class URL;
+
+struct FetchOptions;
 
 class WEBCORE_EXPORT LoaderStrategy {
@@ -60 +63 @@
     virtual void resumePendingRequests() = 0;
 
-    virtual void createPingHandle(NetworkingContext*, ResourceRequest&, bool shouldUseCredentialStorage, bool shouldFollowRedirects) = 0;
+    virtual void createPingHandle(NetworkingContext*, ResourceRequest&, Ref<SecurityOrigin>&& sourceOrigin, const FetchOptions&) = 0;
 
     virtual void storeDerivedDataToCache(const SHA1::Digest& bodyKey, const String& type, const String& partition, WebCore::SharedBuffer&) = 0;

trunk/Source/WebCore/loader/PingLoader.cpp

@@ -104 +104 @@
     frame.loader().addExtraFieldsToSubresourceRequest(request);
 
-    startPingLoad(frame, request, ShouldFollowRedirects::Yes);
+    startPingLoad(frame, request, document.securityOrigin(), ShouldFollowRedirects::Yes);
 }
 
@@ -140 +140 @@
     }
 
-    startPingLoad(frame, request, ShouldFollowRedirects::Yes);
+    startPingLoad(frame, request, sourceOrigin, ShouldFollowRedirects::Yes);
 }
 
@@ -177 +177 @@
         request.setHTTPReferrer(referrer);
 
-    startPingLoad(frame, request, ShouldFollowRedirects::No);
-}
-
-void PingLoader::startPingLoad(Frame& frame, ResourceRequest& request, ShouldFollowRedirects shouldFollowRedirects)
+    startPingLoad(frame, request, document.securityOrigin(), ShouldFollowRedirects::No);
+}
+
+void PingLoader::startPingLoad(Frame& frame, ResourceRequest& request, SecurityOrigin& sourceOrigin, ShouldFollowRedirects shouldFollowRedirects)
 {
     unsigned long identifier = frame.page()->progress().createUniqueIdentifier();
@@ -189 +189 @@
     // DocumentLoader.
     bool shouldUseCredentialStorage = frame.loader().client().shouldUseCredentialStorage(frame.loader().activeDocumentLoader(), identifier);
+    FetchOptions options;
+    options.credentials = shouldUseCredentialStorage ? FetchOptions::Credentials::Include : FetchOptions::Credentials::Omit;
+    options.redirect = shouldFollowRedirects == ShouldFollowRedirects::Yes ? FetchOptions::Redirect::Follow : FetchOptions::Redirect::Error;
 
     InspectorInstrumentation::continueAfterPingLoader(frame, identifier, frame.loader().activeDocumentLoader(), request, ResourceResponse());
 
-    platformStrategies()->loaderStrategy()->createPingHandle(frame.loader().networkingContext(), request, shouldUseCredentialStorage, shouldFollowRedirects == ShouldFollowRedirects::Yes);
-}
-
-}
+    platformStrategies()->loaderStrategy()->createPingHandle(frame.loader().networkingContext(), request, sourceOrigin, options);
+}
+
+}

trunk/Source/WebCore/loader/PingLoader.h

@@ -42 +42 @@
 class URL;
 class ResourceRequest;
+class SecurityOrigin;
 
 enum class ViolationReportType {
@@ -56 +57 @@
 private:
     enum class ShouldFollowRedirects { No, Yes };
-    static void startPingLoad(Frame&, ResourceRequest&, ShouldFollowRedirects);
+    static void startPingLoad(Frame&, ResourceRequest&, SecurityOrigin& sourceOrigin, ShouldFollowRedirects);
 };
 

trunk/Source/WebCore/loader/cache/CachedResource.cpp

@@ -262 +262 @@
     // FIXME: We should not special-case Beacon here.
     if (m_options.keepAlive && type() == CachedResource::Beacon) {
-        platformStrategies()->loaderStrategy()->createPingHandle(frame.loader().networkingContext(), request, m_options.credentials == FetchOptions::Credentials::Include, m_options.redirect == FetchOptions::Redirect::Follow);
+        ASSERT(m_origin);
+        platformStrategies()->loaderStrategy()->createPingHandle(frame.loader().networkingContext(), request, *m_origin, m_options);
         return;
     }

trunk/Source/WebCore/page/SecurityOrigin.h

@@ -98 +98 @@
     // the given URL. For example, call this function before issuing
     // XMLHttpRequests.
-    bool canRequest(const URL&) const;
+    WEBCORE_EXPORT bool canRequest(const URL&) const;
 
     // Returns true if this SecurityOrigin can receive drag content from the

trunk/Source/WebKit/CMakeLists.txt

@@ -101 +101 @@
     NetworkProcess/FileAPI/NetworkBlobRegistry.cpp
 
+    NetworkProcess/NetworkCORSPreflightChecker.cpp
     NetworkProcess/NetworkConnectionToWebProcess.cpp
     NetworkProcess/NetworkDataTask.cpp
@@ -112 +113 @@
     NetworkProcess/NetworkSession.cpp
     NetworkProcess/NetworkSocketStream.cpp
+    NetworkProcess/PingLoad.cpp
 
     NetworkProcess/cache/NetworkCache.cpp

trunk/Source/WebKit/ChangeLog

@@ +1 @@
+2017-08-08  Chris Dumez  <cdumez@apple.com>
+
+        [Beacon] Add support for CORS-preflighting for WK2 / NETWORK_SESSION
+        https://bugs.webkit.org/show_bug.cgi?id=175264
+        <rdar://problem/33547793>
+
+        Reviewed by Youenn Fablet.
+
+        Implement CORS-preflighting for beacons with a payload that has a non
+        safelisted MIME type, as per:
+        - https://w3c.github.io/beacon/#privacy
+        - https://www.w3.org/TR/beacon/#sec-processing-model
+
+        CORS-preflighting is completely handled on Network Process side because
+        a beacon request can outlive its page and therefore its WebContent
+        process. This requires us to pass a little more information to the
+        Network process, in particular the source origin and the corsMode.
+
+        The current implementation does not currently deal with CORS preflights
+        needed upon a redirect. This will be added in a follow-up.
+
+        * CMakeLists.txt:
+        * NetworkProcess/NetworkCORSPreflightChecker.cpp: Added.
+        (WebKit::NetworkCORSPreflightChecker::NetworkCORSPreflightChecker):
+        (WebKit::NetworkCORSPreflightChecker::~NetworkCORSPreflightChecker):
+        (WebKit::NetworkCORSPreflightChecker::startPreflight):
+        (WebKit::NetworkCORSPreflightChecker::willPerformHTTPRedirection):
+        (WebKit::NetworkCORSPreflightChecker::didReceiveChallenge):
+        (WebKit::NetworkCORSPreflightChecker::didReceiveResponseNetworkSession):
+        (WebKit::NetworkCORSPreflightChecker::didReceiveData):
+        (WebKit::NetworkCORSPreflightChecker::didCompleteWithError):
+        (WebKit::NetworkCORSPreflightChecker::didSendData):
+        (WebKit::NetworkCORSPreflightChecker::wasBlocked):
+        (WebKit::NetworkCORSPreflightChecker::cannotShowURL):
+        * NetworkProcess/NetworkCORSPreflightChecker.h: Added.
+        * NetworkProcess/NetworkConnectionToWebProcess.cpp:
+        (WebKit::NetworkConnectionToWebProcess::loadPing):
+        * NetworkProcess/NetworkConnectionToWebProcess.h:
+        * NetworkProcess/NetworkResourceLoadParameters.cpp:
+        (WebKit::NetworkResourceLoadParameters::encode const):
+        (WebKit::NetworkResourceLoadParameters::decode):
+        * NetworkProcess/NetworkResourceLoadParameters.h:
+        * NetworkProcess/PingLoad.cpp: Added.
+        (WebKit::PingLoad::PingLoad):
+        (WebKit::PingLoad::~PingLoad):
+        (WebKit::PingLoad::startNetworkLoad):
+        (WebKit::PingLoad::willPerformHTTPRedirection):
+        (WebKit::PingLoad::didReceiveChallenge):
+        (WebKit::PingLoad::didReceiveResponseNetworkSession):
+        (WebKit::PingLoad::didReceiveData):
+        (WebKit::PingLoad::didCompleteWithError):
+        (WebKit::PingLoad::didSendData):
+        (WebKit::PingLoad::wasBlocked):
+        (WebKit::PingLoad::cannotShowURL):
+        (WebKit::PingLoad::timeoutTimerFired):
+        (WebKit::PingLoad::needsCORSPreflight const):
+        (WebKit::PingLoad::doCORSPreflight):
+        * NetworkProcess/PingLoad.h:
+        * WebKit.xcodeproj/project.pbxproj:
+        * WebProcess/Network/WebLoaderStrategy.cpp:
+        (WebKit::WebLoaderStrategy::createPingHandle):
+        * WebProcess/Network/WebLoaderStrategy.h:
+
 2017-08-08  Megan Gardner  <megan_gardner@apple.com>
 

trunk/Source/WebKit/NetworkProcess/NetworkConnectionToWebProcess.cpp

@@ -223 +223 @@
 }
 
-void NetworkConnectionToWebProcess::loadPing(const NetworkResourceLoadParameters& loadParameters)
+void NetworkConnectionToWebProcess::loadPing(NetworkResourceLoadParameters&& loadParameters)
 {
 #if USE(NETWORK_SESSION)
     // PingLoad manages its own lifetime, deleting itself when its purpose has been fulfilled.
-    new PingLoad(loadParameters);
+    new PingLoad(WTFMove(loadParameters));
 #else
     RefPtr<NetworkingContext> context = RemoteNetworkingContext::create(loadParameters.sessionID, loadParameters.shouldClearReferrerOnHTTPSToHTTPRedirect);

trunk/Source/WebKit/NetworkProcess/NetworkConnectionToWebProcess.h

@@ -83 +83 @@
     void scheduleResourceLoad(const NetworkResourceLoadParameters&);
     void performSynchronousLoad(const NetworkResourceLoadParameters&, Ref<Messages::NetworkConnectionToWebProcess::PerformSynchronousLoad::DelayedReply>&&);
-    void loadPing(const NetworkResourceLoadParameters&);
+    void loadPing(NetworkResourceLoadParameters&&);
     void prefetchDNS(const String&);
 

trunk/Source/WebKit/NetworkProcess/NetworkResourceLoadParameters.cpp

@@ -30 +30 @@
 #include "DataReference.h"
 #include "WebCoreArgumentCoders.h"
+#include <WebCore/SecurityOriginData.h>
 
 using namespace WebCore;
@@ -82 +83 @@
     encoder << maximumBufferingTime;
     encoder << derivedCachedDataTypesToRetrieve;
+
+    encoder << static_cast<bool>(sourceOrigin);
+    if (sourceOrigin)
+        encoder << SecurityOriginData::fromSecurityOrigin(*sourceOrigin);
+    encoder.encodeEnum(mode);
 }
 
@@ -146 +152 @@
         return false;
 
+    bool hasSourceOrigin;
+    if (!decoder.decode(hasSourceOrigin))
+        return false;
+    if (hasSourceOrigin) {
+        SecurityOriginData sourceOriginData;
+        if (!decoder.decode(sourceOriginData))
+            return false;
+        ASSERT(!sourceOriginData.isEmpty());
+        result.sourceOrigin = sourceOriginData.securityOrigin();
+    }
+    if (!decoder.decodeEnum(result.mode))
+        return false;
+
     return true;
 }

trunk/Source/WebKit/NetworkProcess/NetworkResourceLoadParameters.h

@@ -29 +29 @@
 #include "NetworkLoadParameters.h"
 #include "SandboxExtension.h"
+#include <WebCore/FetchOptions.h>
 #include <WebCore/ResourceHandle.h>
 #include <WebCore/ResourceLoaderOptions.h>
 #include <WebCore/ResourceRequest.h>
+#include <WebCore/SecurityOrigin.h>
 #include <WebCore/SessionID.h>
 #include <wtf/Seconds.h>
@@ -54 +56 @@
     Seconds maximumBufferingTime;
     Vector<String> derivedCachedDataTypesToRetrieve;
+    RefPtr<WebCore::SecurityOrigin> sourceOrigin;
+    WebCore::FetchOptions::Mode mode;
 };
 

trunk/Source/WebKit/NetworkProcess/PingLoad.h

@@ -24 +24 @@
  */
 
-#ifndef PingLoad_h
-#define PingLoad_h
+#pragma once
 
-#include "AuthenticationManager.h"
+#if USE(NETWORK_SESSION)
+
 #include "NetworkDataTask.h"
-#include "SessionTracker.h"
+#include "NetworkResourceLoadParameters.h"
 
 namespace WebKit {
 
+class NetworkCORSPreflightChecker;
+
 class PingLoad final : private NetworkDataTaskClient {
 public:
-    PingLoad(const NetworkResourceLoadParameters& parameters)
-        : m_timeoutTimer(*this, &PingLoad::timeoutTimerFired)
-        , m_shouldFollowRedirects(parameters.shouldFollowRedirects)
-    {
-        if (auto* networkSession = SessionTracker::networkSession(parameters.sessionID)) {
-            m_task = NetworkDataTask::create(*networkSession, *this, parameters);
-            m_task->resume();
-        } else
-            ASSERT_NOT_REACHED();
-
-        // If the server never responds, this object will hang around forever.
-        // Set a very generous timeout, just in case.
-        m_timeoutTimer.startOneShot(60000_s);
-    }
+    explicit PingLoad(NetworkResourceLoadParameters&&);
     
 private:
-    void willPerformHTTPRedirection(WebCore::ResourceResponse&&, WebCore::ResourceRequest&& request, RedirectCompletionHandler&& completionHandler) final
-    {
-        completionHandler(m_shouldFollowRedirects ? request : WebCore::ResourceRequest());
-    }
-    void didReceiveChallenge(const WebCore::AuthenticationChallenge&, ChallengeCompletionHandler&& completionHandler) final
-    {
-        completionHandler(AuthenticationChallengeDisposition::Cancel, { });
-        delete this;
-    }
-    void didReceiveResponseNetworkSession(WebCore::ResourceResponse&&, ResponseCompletionHandler&& completionHandler) final
-    {
-        completionHandler(WebCore::PolicyAction::PolicyIgnore);
-        delete this;
-    }
-    void didReceiveData(Ref<WebCore::SharedBuffer>&&) final { ASSERT_NOT_REACHED(); }
-    void didCompleteWithError(const WebCore::ResourceError&, const WebCore::NetworkLoadMetrics&) final { delete this; }
-    void didSendData(uint64_t totalBytesSent, uint64_t totalBytesExpectedToSend) final { }
-    void wasBlocked() final { delete this; }
-    void cannotShowURL() final { delete this; }
+    ~PingLoad();
 
-    void timeoutTimerFired() { delete this; }
+    void willPerformHTTPRedirection(WebCore::ResourceResponse&&, WebCore::ResourceRequest&&, RedirectCompletionHandler&&) final;
+    void didReceiveChallenge(const WebCore::AuthenticationChallenge&, ChallengeCompletionHandler&&) final;
+    void didReceiveResponseNetworkSession(WebCore::ResourceResponse&&, ResponseCompletionHandler&&) final;
+    void didReceiveData(Ref<WebCore::SharedBuffer>&&) final;
+    void didCompleteWithError(const WebCore::ResourceError&, const WebCore::NetworkLoadMetrics&) final;
+    void didSendData(uint64_t totalBytesSent, uint64_t totalBytesExpectedToSend) final;
+    void wasBlocked() final;
+    void cannotShowURL() final;
+    void timeoutTimerFired();
+
+    void startNetworkLoad();
+    bool needsCORSPreflight(const WebCore::ResourceRequest&) const;
+    void doCORSPreflight(const WebCore::ResourceRequest&);
     
-    virtual ~PingLoad()
-    {
-        if (m_task) {
-            ASSERT(m_task->client() == this);
-            m_task->clearClient();
-            m_task->cancel();
-        }
-    }
-    
+    NetworkResourceLoadParameters m_parameters;
     RefPtr<NetworkDataTask> m_task;
     WebCore::Timer m_timeoutTimer;
-    bool m_shouldFollowRedirects;
+    std::unique_ptr<NetworkCORSPreflightChecker> m_corsPreflightChecker;
 };
 
 }
 
-#endif
+#endif // USE(NETWORK_SESSION)

trunk/Source/WebKit/WebKit.xcodeproj/project.pbxproj

@@ -903 +903 @@
                 41FAF5F91E3C1025001AE678 /* LibWebRTCResolver.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 41FAF5F71E3C0B47001AE678 /* LibWebRTCResolver.cpp */; };
                 4450AEC01DC3FAE5009943F2 /* SharedMemoryCocoa.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 4450AEBF1DC3FAE5009943F2 /* SharedMemoryCocoa.cpp */; };
+                462107D81F38DBDB00DD7810 /* PingLoad.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 462107D71F38DBD300DD7810 /* PingLoad.cpp */; };
                 463FD4801EB9459600A2982C /* WKProcessTerminationReason.h in Headers */ = {isa = PBXBuildFile; fileRef = 463FD47F1EB9458400A2982C /* WKProcessTerminationReason.h */; settings = {ATTRIBUTES = (Private, ); }; };
                 463FD4821EB94EC000A2982C /* ProcessTerminationReason.h in Headers */ = {isa = PBXBuildFile; fileRef = 463FD4811EB94EAD00A2982C /* ProcessTerminationReason.h */; };
@@ -908 +909 @@
                 46A2B6081E5676A600C3DEDA /* BackgroundProcessResponsivenessTimer.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 46A2B6061E5675A200C3DEDA /* BackgroundProcessResponsivenessTimer.cpp */; };
                 46A2B6091E5676A600C3DEDA /* BackgroundProcessResponsivenessTimer.h in Headers */ = {isa = PBXBuildFile; fileRef = 46A2B6071E5675A200C3DEDA /* BackgroundProcessResponsivenessTimer.h */; };
+                46DF063B1F3905F8001980BB /* NetworkCORSPreflightChecker.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 46DF06391F3905E5001980BB /* NetworkCORSPreflightChecker.cpp */; };
+                46DF063C1F3905F8001980BB /* NetworkCORSPreflightChecker.h in Headers */ = {isa = PBXBuildFile; fileRef = 46DF063A1F3905E5001980BB /* NetworkCORSPreflightChecker.h */; };
                 4A3CC18A19B063E700D14AEF /* UserMediaPermissionRequestManagerProxy.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 4A410F3919AF7B04002EBAB5 /* UserMediaPermissionRequestManagerProxy.cpp */; };
                 4A3CC18B19B0640F00D14AEF /* UserMediaPermissionRequestManagerProxy.h in Headers */ = {isa = PBXBuildFile; fileRef = 4A410F3A19AF7B04002EBAB5 /* UserMediaPermissionRequestManagerProxy.h */; };
@@ -3150 +3153 @@
                 41FAF5F71E3C0B47001AE678 /* LibWebRTCResolver.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; name = LibWebRTCResolver.cpp; path = Network/webrtc/LibWebRTCResolver.cpp; sourceTree = "<group>"; };
                 4450AEBF1DC3FAE5009943F2 /* SharedMemoryCocoa.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; name = SharedMemoryCocoa.cpp; path = cocoa/SharedMemoryCocoa.cpp; sourceTree = "<group>"; };
+                462107D71F38DBD300DD7810 /* PingLoad.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; name = PingLoad.cpp; path = NetworkProcess/PingLoad.cpp; sourceTree = "<group>"; };
                 463FD47F1EB9458400A2982C /* WKProcessTerminationReason.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = WKProcessTerminationReason.h; sourceTree = "<group>"; };
                 463FD4811EB94EAD00A2982C /* ProcessTerminationReason.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = ProcessTerminationReason.h; sourceTree = "<group>"; };
@@ -3155 +3159 @@
                 46A2B6061E5675A200C3DEDA /* BackgroundProcessResponsivenessTimer.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = BackgroundProcessResponsivenessTimer.cpp; sourceTree = "<group>"; };
                 46A2B6071E5675A200C3DEDA /* BackgroundProcessResponsivenessTimer.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = BackgroundProcessResponsivenessTimer.h; sourceTree = "<group>"; };
+                46DF06391F3905E5001980BB /* NetworkCORSPreflightChecker.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; name = NetworkCORSPreflightChecker.cpp; path = NetworkProcess/NetworkCORSPreflightChecker.cpp; sourceTree = "<group>"; };
+                46DF063A1F3905E5001980BB /* NetworkCORSPreflightChecker.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = NetworkCORSPreflightChecker.h; path = NetworkProcess/NetworkCORSPreflightChecker.h; sourceTree = "<group>"; };
                 4A410F3519AF7AC3002EBAB5 /* WKUserMediaPermissionRequest.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = WKUserMediaPermissionRequest.cpp; sourceTree = "<group>"; };
                 4A410F3619AF7AC3002EBAB5 /* WKUserMediaPermissionRequest.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = WKUserMediaPermissionRequest.h; sourceTree = "<group>"; };
@@ -5956 +5962 @@
                                 510CC7DC16138E2900D03ED3 /* mac */,
                                 413075971DE84ED70039EC69 /* webrtc */,
+                                46DF06391F3905E5001980BB /* NetworkCORSPreflightChecker.cpp */,
+                                46DF063A1F3905E5001980BB /* NetworkCORSPreflightChecker.h */,
                                 513A16491630A9BF005D7D22 /* NetworkConnectionToWebProcess.cpp */,
                                 513A164A1630A9BF005D7D22 /* NetworkConnectionToWebProcess.h */,
@@ -5985 +5993 @@
                                 5C0B177E1E7C886700E9123C /* NetworkSocketStream.h */,
                                 5C0B177F1E7C886700E9123C /* NetworkSocketStream.messages.in */,
+                                462107D71F38DBD300DD7810 /* PingLoad.cpp */,
                                 5CE85B1F1C88E6430070BFCE /* PingLoad.h */,
                                 E1B78470163F24690007B692 /* RemoteNetworkingContext.h */,
@@ -8579 +8588 @@
                                 E1B78471163F24690007B692 /* RemoteNetworkingContext.h in Headers */,
                                 1A5704FC1BE1751100874AF1 /* RemoteObjectInvocation.h in Headers */,
+                                46DF063C1F3905F8001980BB /* NetworkCORSPreflightChecker.h in Headers */,
                                 1AC1338018590AE400F3EC05 /* RemoteObjectRegistry.h in Headers */,
                                 1AC1338618590C4600F3EC05 /* RemoteObjectRegistryMessages.h in Headers */,
@@ -9861 +9871 @@
                                 E1A31735134CEA80007C9A4F /* AttributedString.mm in Sources */,
                                 512F589612A8838800629530 /* AuthenticationChallengeProxy.cpp in Sources */,
+                                46DF063B1F3905F8001980BB /* NetworkCORSPreflightChecker.cpp in Sources */,
                                 512F589812A8838800629530 /* AuthenticationDecisionListener.cpp in Sources */,
                                 518E8EF816B2091C00E91429 /* AuthenticationManager.cpp in Sources */,
@@ -10201 +10212 @@
                                 51E35200180F5D0F00E53BE9 /* StorageToWebProcessConnection.cpp in Sources */,
                                 5118E9AC1F295977003EF9F5 /* StorageToWebProcessConnectionMessageReceiver.cpp in Sources */,
+                                462107D81F38DBDB00DD7810 /* PingLoad.cpp in Sources */,
                                 1AE00D6B18327C1200087DD7 /* StringReference.cpp in Sources */,
                                 296BD85E15019BC30071F424 /* StringUtilities.mm in Sources */,

trunk/Source/WebKit/WebProcess/Network/WebLoaderStrategy.cpp

@@ -51 +51 @@
 #include <WebCore/Document.h>
 #include <WebCore/DocumentLoader.h>
+#include <WebCore/FetchOptions.h>
 #include <WebCore/Frame.h>
 #include <WebCore/FrameLoader.h>
@@ -57 +58 @@
 #include <WebCore/ReferrerPolicy.h>
 #include <WebCore/ResourceLoader.h>
+#include <WebCore/SecurityOrigin.h>
 #include <WebCore/SessionID.h>
 #include <WebCore/Settings.h>
@@ -384 +386 @@
 }
 
-void WebLoaderStrategy::createPingHandle(NetworkingContext* networkingContext, ResourceRequest& request, bool shouldUseCredentialStorage, bool shouldFollowRedirects)
+void WebLoaderStrategy::createPingHandle(NetworkingContext* networkingContext, ResourceRequest& request, Ref<SecurityOrigin>&& sourceOrigin, const FetchOptions& options)
 {
     // It's possible that call to createPingHandle might be made during initial empty Document creation before a NetworkingContext exists.
@@ -398 +400 @@
     NetworkResourceLoadParameters loadParameters;
     loadParameters.request = request;
+    loadParameters.sourceOrigin = WTFMove(sourceOrigin);
     loadParameters.sessionID = webPage ? webPage->sessionID() : SessionID::defaultSessionID();
-    loadParameters.allowStoredCredentials = shouldUseCredentialStorage ? AllowStoredCredentials : DoNotAllowStoredCredentials;
-    loadParameters.shouldFollowRedirects = shouldFollowRedirects;
+    loadParameters.allowStoredCredentials = options.credentials == FetchOptions::Credentials::Omit ? DoNotAllowStoredCredentials : AllowStoredCredentials;
+    loadParameters.mode = options.mode;
+    loadParameters.shouldFollowRedirects = options.redirect == FetchOptions::Redirect::Follow;
     loadParameters.shouldClearReferrerOnHTTPSToHTTPRedirect = networkingContext->shouldClearReferrerOnHTTPSToHTTPRedirect();
 

trunk/Source/WebKit/WebProcess/Network/WebLoaderStrategy.h

@@ -32 +32 @@
 #include <wtf/RunLoop.h>
 
+namespace WebCore {
+struct FetchOptions;
+}
+
 namespace WebKit {
 
@@ -56 +60 @@
     void resumePendingRequests() override;
 
-    void createPingHandle(WebCore::NetworkingContext*, WebCore::ResourceRequest&, bool shouldUseCredentialStorage, bool shouldFollowRedirects) override;
+    void createPingHandle(WebCore::NetworkingContext*, WebCore::ResourceRequest&, Ref<WebCore::SecurityOrigin>&& sourceOrigin, const WebCore::FetchOptions&) override;
 
     void storeDerivedDataToCache(const SHA1::Digest& bodyHash, const String& type, const String& partition, WebCore::SharedBuffer&) override;

trunk/Source/WebKitLegacy/ChangeLog

@@ +1 @@
+2017-08-08  Chris Dumez  <cdumez@apple.com>
+
+        [Beacon] Add support for CORS-preflighting for WK2 / NETWORK_SESSION
+        https://bugs.webkit.org/show_bug.cgi?id=175264
+        <rdar://problem/33547793>
+
+        Reviewed by Youenn Fablet.
+
+        createPingHandle() now takes new parameters but there is currently no behavior
+        change on WebKit1.
+
+        * WebCoreSupport/WebResourceLoadScheduler.cpp:
+        (WebResourceLoadScheduler::createPingHandle):
+        * WebCoreSupport/WebResourceLoadScheduler.h:
+
 2017-08-03  Per Arne Vollan  <pvollan@apple.com>
 

trunk/Source/WebKitLegacy/WebCoreSupport/WebResourceLoadScheduler.cpp

@@ -27 +27 @@
 #include <WebCore/Document.h>
 #include <WebCore/DocumentLoader.h>
+#include <WebCore/FetchOptions.h>
 #include <WebCore/Frame.h>
 #include <WebCore/FrameLoader.h>
@@ -363 +364 @@
 }
 
-void WebResourceLoadScheduler::createPingHandle(NetworkingContext* networkingContext, ResourceRequest& request, bool shouldUseCredentialStorage, bool shouldFollowRedirects)
+void WebResourceLoadScheduler::createPingHandle(NetworkingContext* networkingContext, ResourceRequest& request, Ref<SecurityOrigin>&&, const FetchOptions& options)
 {
     // PingHandle manages its own lifetime, deleting itself when its purpose has been fulfilled.
-    new PingHandle(networkingContext, request, shouldUseCredentialStorage, PingHandle::UsesAsyncCallbacks::No, shouldFollowRedirects);
-}
-
+    new PingHandle(networkingContext, request, options.credentials != FetchOptions::Credentials::Omit, PingHandle::UsesAsyncCallbacks::No, options.redirect == FetchOptions::Redirect::Follow);
+}
+

trunk/Source/WebKitLegacy/WebCoreSupport/WebResourceLoadScheduler.h

@@ -38 +38 @@
 class WebResourceLoadScheduler;
 
+namespace WebCore {
+struct FetchOptions;
+class SecurityOrigin;
+}
+
 WebResourceLoadScheduler& webResourceLoadScheduler();
 
@@ -55 +60 @@
     void resumePendingRequests() override;
 
-    void createPingHandle(WebCore::NetworkingContext*, WebCore::ResourceRequest&, bool shouldUseCredentialStorage, bool shouldFollowRedirects) override;
+    void createPingHandle(WebCore::NetworkingContext*, WebCore::ResourceRequest&, Ref<WebCore::SecurityOrigin>&& sourceOrigin, const WebCore::FetchOptions&) override;
 
     void storeDerivedDataToCache(const SHA1::Digest&, const String&, const String&, WebCore::SharedBuffer&) override { }