Changeset 224025 in webkit
- Timestamp:
- Oct 26, 2017 10:45:19 AM (6 years ago)
- Location:
- trunk
- Files:
-
- 6 deleted
- 8 edited
-
LayoutTests/ChangeLog (modified) (1 diff)
-
LayoutTests/fast/xmlhttprequest/resources/xmlhttprequest-access-self-as-blob-real.html (deleted)
-
LayoutTests/fast/xmlhttprequest/resources/xmlhttprequest-access-self-as-file-real.html (deleted)
-
LayoutTests/fast/xmlhttprequest/xmlhttprequest-access-self-as-blob-expected.txt (deleted)
-
LayoutTests/fast/xmlhttprequest/xmlhttprequest-access-self-as-blob.html (deleted)
-
LayoutTests/fast/xmlhttprequest/xmlhttprequest-access-self-as-file-expected.txt (deleted)
-
LayoutTests/fast/xmlhttprequest/xmlhttprequest-access-self-as-file.html (deleted)
-
LayoutTests/fast/xmlhttprequest/xmlhttprequest-nonexistent-file-expected.txt (modified) (2 diffs)
-
LayoutTests/platform/ios/fast/xmlhttprequest/xmlhttprequest-nonexistent-file-expected.txt (modified) (2 diffs)
-
LayoutTests/platform/wk2/TestExpectations (modified) (1 diff)
-
Source/WebCore/ChangeLog (modified) (1 diff)
-
Source/WebCore/loader/DocumentThreadableLoader.cpp (modified) (1 diff)
-
Source/WebCore/page/SecurityOrigin.cpp (modified) (2 diffs)
-
Source/WebCore/page/SecurityOrigin.h (modified) (2 diffs)
Legend:
- Unmodified
- Added
- Removed
-
trunk/LayoutTests/ChangeLog
r224024 r224025 1 2017-10-26 Ryan Haddad <ryanhaddad@apple.com> 2 3 Unreviewed, rolling out r224019. 4 5 This change caused API test WebKit.MSEIsPlayingAudio to time 6 out. 7 8 Reverted changeset: 9 10 "XMLHttpRequest should not treat file URLs as same origin" 11 https://bugs.webkit.org/show_bug.cgi?id=178565 12 https://trac.webkit.org/changeset/224019 13 1 14 2017-10-26 Ryan Haddad <ryanhaddad@apple.com> 2 15 -
trunk/LayoutTests/fast/xmlhttprequest/xmlhttprequest-nonexistent-file-expected.txt
r224019 r224025 1 CONSOLE MESSAGE: line 64: XMLHttpRequest cannot load nonexistent.html. Cross origin requests are only supported for HTTP.2 CONSOLE MESSAGE: line 42: XMLHttpRequest cannot load . Cross origin requests are only supported for HTTP.1 CONSOLE MESSAGE: line 64: Not allowed to load local resource: nonexistent.html 2 CONSOLE MESSAGE: line 64: XMLHttpRequest cannot load nonexistent.html. Not allowed to request resource 3 3 4 4 Bug 22475: REGRESSION: Async XMLHttpRequest never finishes on nonexistent files anymore … … 14 14 ReadyState handler: readyState = 1 15 15 ReadyState handler: readyState = 4 16 Error handler: readyState = 417 16 -
trunk/LayoutTests/platform/ios/fast/xmlhttprequest/xmlhttprequest-nonexistent-file-expected.txt
r224019 r224025 1 CONSOLE MESSAGE: line 64: XMLHttpRequest cannot load nonexistent.html. Cross origin requests are only supported for HTTP.2 CONSOLE MESSAGE: line 42: XMLHttpRequest cannot load . Cross origin requests are only supported for HTTP.3 1 4 2 Bug 22475: REGRESSION: Async XMLHttpRequest never finishes on nonexistent files anymore … … 14 12 ReadyState handler: readyState = 1 15 13 ReadyState handler: readyState = 4 16 Error handler: readyState = 417 14 -
trunk/LayoutTests/platform/wk2/TestExpectations
r224019 r224025 197 197 fast/events/ondrop-text-html.html 198 198 editing/pasteboard/drag-drop-url-with-style.html 199 fast/xmlhttprequest/xmlhttprequest-access-self-as-blob.html200 199 201 200 # WTR needs an implementation for eventSender.continuousMouseScrollBy -
trunk/Source/WebCore/ChangeLog
r224024 r224025 1 2017-10-26 Ryan Haddad <ryanhaddad@apple.com> 2 3 Unreviewed, rolling out r224019. 4 5 This change caused API test WebKit.MSEIsPlayingAudio to time 6 out. 7 8 Reverted changeset: 9 10 "XMLHttpRequest should not treat file URLs as same origin" 11 https://bugs.webkit.org/show_bug.cgi?id=178565 12 https://trac.webkit.org/changeset/224019 13 1 14 2017-10-26 Ryan Haddad <ryanhaddad@apple.com> 2 15 -
trunk/Source/WebCore/loader/DocumentThreadableLoader.cpp
r224024 r224025 95 95 , m_origin(WTFMove(origin)) 96 96 , m_referrer(WTFMove(referrer)) 97 , m_sameOriginRequest(securityOrigin(). requestIsSameOrigin(request))97 , m_sameOriginRequest(securityOrigin().canRequest(request.url())) 98 98 , m_simpleRequest(true) 99 99 , m_async(blockingBehavior == LoadAsynchronously) -
trunk/Source/WebCore/page/SecurityOrigin.cpp
r224019 r224025 32 32 #include "BlobURL.h" 33 33 #include "FileSystem.h" 34 #include "ResourceRequest.h"35 34 #include "URL.h" 36 35 #include "SchemeRegistry.h" … … 318 317 } 319 318 320 bool SecurityOrigin::requestIsSameOrigin(const ResourceRequest& request)321 {322 if (m_universalAccess)323 return true;324 325 if (!canRequest(request.url()))326 return false;327 328 if (request.requester() != ResourceRequest::Requester::XHR)329 return true;330 331 // XHR to a file URL should never be treated as same-origin.332 if (request.url().protocolIs("file"))333 return false;334 335 if (auto blobOrigin = getCachedOrigin(request.url()))336 return blobOrigin->protocol() != "file";337 338 return true;339 }340 341 319 bool SecurityOrigin::canReceiveDragData(const SecurityOrigin& dragInitiator) const 342 320 { -
trunk/Source/WebCore/page/SecurityOrigin.h
r224019 r224025 34 34 namespace WebCore { 35 35 36 class ResourceRequest;37 36 class URL; 38 37 … … 150 149 bool canRequestGeolocation() const { return !isUnique(); } 151 150 Policy canShowNotifications() const; 152 153 bool requestIsSameOrigin(const ResourceRequest&);154 151 155 152 // The local SecurityOrigin is the most privileged SecurityOrigin.
Note: See TracChangeset
for help on using the changeset viewer.
