Context Navigation

← Previous Changeset
Next Changeset →

Changeset 225702 in webkit

Timestamp:

Dec 8, 2017 2:41:48 PM (6 years ago)

Author:

commit-queue@webkit.org

Message:

FetchResponse should keep unfiltered ResourceResponse so that it can be used in Service Worker
https://bugs.webkit.org/show_bug.cgi?id=179641
<rdar://problem/35923570>

Patch by Youenn Fablet <youenn@apple.com> on 2017-12-08
Reviewed by Alex Christensen.

LayoutTests/imported/w3c:

web-platform-tests/service-workers/service-worker/fetch-request-css-cross-origin-mime-check.https-expected.txt:
web-platform-tests/service-workers/service-worker/fetch-response-taint.https-expected.txt:

Source/WebCore:

Covered by existing rebased tests.

FetchResponse will now store an unfiltered response.
If it needs to expose it to JavaScript, it will create a filtered response lazily.
This allows service worker to send back to web pages, opaque responses containing every information.

Updating Document::initSecurityContext so that any document loaded with a response whose tainting is Opaque gets a unique origin.
This ensures cross-origin checks to work if service worker returns such a response on a same origin URL.

Updated SubresourceLoader to check cross origin service worker responses based on their tainting.

Modules/fetch/FetchResponse.cpp:

(WebCore::FetchResponse::create):
(WebCore::FetchResponse::error):
(WebCore::FetchResponse::redirect):
(WebCore::FetchResponse::FetchResponse):
(WebCore::FetchResponse::clone):
(WebCore::FetchResponse::url const):
(WebCore::FetchResponse::filteredResponse const):
(WebCore::FetchResponse::BodyLoader::didReceiveResponse):
(WebCore::FetchResponse::resourceResponse const):

Modules/fetch/FetchResponse.h:

(WebCore::FetchResponse::create): Deleted.

dom/Document.cpp:

(WebCore::Document::initSecurityContext):

loader/SubresourceLoader.cpp:

(WebCore::SubresourceLoader::willSendRequestInternal):
(WebCore::SubresourceLoader::checkResponseCrossOriginAccessControl):

Source/WebKit:

WebProcess/Storage/ServiceWorkerClientFetch.cpp:

(WebKit::ServiceWorkerClientFetch::didReceiveResponse): In case of opaque redirected response, handle it as a regular response.

LayoutTests:

TestExpectations:

Location:

trunk

Files:

: 13 edited

LayoutTests/ChangeLog (modified) (1 diff)
LayoutTests/TestExpectations (modified) (1 diff)
LayoutTests/imported/w3c/ChangeLog (modified) (1 diff)
LayoutTests/imported/w3c/web-platform-tests/service-workers/service-worker/fetch-frame-resource.https-expected.txt (modified) (1 diff)
LayoutTests/imported/w3c/web-platform-tests/service-workers/service-worker/fetch-request-css-cross-origin-mime-check.https-expected.txt (modified) (1 diff)
LayoutTests/imported/w3c/web-platform-tests/service-workers/service-worker/fetch-response-taint.https-expected.txt (modified) (2 diffs)
Source/WebCore/ChangeLog (modified) (1 diff)
Source/WebCore/Modules/fetch/FetchResponse.cpp (modified) (10 diffs)
Source/WebCore/Modules/fetch/FetchResponse.h (modified) (4 diffs)
Source/WebCore/dom/Document.cpp (modified) (1 diff)
Source/WebCore/loader/SubresourceLoader.cpp (modified) (2 diffs)
Source/WebKit/ChangeLog (modified) (1 diff)
Source/WebKit/WebProcess/Storage/ServiceWorkerClientFetch.cpp (modified) (1 diff)

Legend:

: Unmodified
: Added
: Removed

trunk/LayoutTests/ChangeLog

-                      r225698
+                      r225702
+-12-08  Youenn Fablet  <youenn@apple.com>
+        FetchResponse should keep unfiltered ResourceResponse so that it can be used in Service Worker
+        https://bugs.webkit.org/show_bug.cgi?id=179641
+        <rdar://problem/35923570>
+        Reviewed by Alex Christensen.
+        * TestExpectations:
 -12-08  Konstantin Tokarev  <annulen@yandex.ru>

trunk/LayoutTests/TestExpectations

r225644	r225702
191	191	imported/w3c/web-platform-tests/service-workers/service-worker/fetch-cors-xhr.https.html [ DumpJSConsoleLogInStdErr Pass Failure ]
192	192	imported/w3c/web-platform-tests/service-workers/service-worker/update.https.html [ Pass Failure Timeout ]
	193
	194	imported/w3c/web-platform-tests/service-workers/service-worker/fetch-response-taint.https.html [ DumpJSConsoleLogInStdErr ]
193	195
194	196	# Skip workers tests that are timing out or are SharedWorker related only

trunk/LayoutTests/imported/w3c/ChangeLog

-                      r225644
+                      r225702
+-12-08  Youenn Fablet  <youenn@apple.com>
+        FetchResponse should keep unfiltered ResourceResponse so that it can be used in Service Worker
+        https://bugs.webkit.org/show_bug.cgi?id=179641
+        <rdar://problem/35923570>
+        Reviewed by Alex Christensen.
+        * web-platform-tests/service-workers/service-worker/fetch-request-css-cross-origin-mime-check.https-expected.txt:
+        * web-platform-tests/service-workers/service-worker/fetch-response-taint.https-expected.txt:
 -12-07  Youenn Fablet  <youenn@apple.com>

trunk/LayoutTests/imported/w3c/web-platform-tests/service-workers/service-worker/fetch-frame-resource.https-expected.txt

r224852	r225702
	1	CONSOLE MESSAGE: line 51: Blocked a frame with origin "https://localhost:9443" from accessing a frame with origin "null". The frame requesting access has a protocol of "https", the frame being accessed has a protocol of "https". Protocols must match.
	2
1	3
2	4	PASS Basic type response could be loaded in the iframe.

trunk/LayoutTests/imported/w3c/web-platform-tests/service-workers/service-worker/fetch-request-css-cross-origin-mime-check.https-expected.txt

r224852	r225702
	1	CONSOLE MESSAGE: Did not parse stylesheet at 'https://localhost:9443/service-workers/service-worker/resources/cross-origin-html.css' because non CSS MIME types are not allowed for cross-origin stylesheets.
1	2
	3	PASS Mime type checking of CSS files fetched via SW.
2	4
3		~~FAIL Mime type checking of CSS files fetched via SW. assert_equals: The color must not be overridden by cross origin non CSS file. expected "rgb(0, 0, 255)" but got "rgb(255, 0, 0)"~~
4

trunk/LayoutTests/imported/w3c/web-platform-tests/service-workers/service-worker/fetch-response-taint.https-expected.txt

-                      r225574
+                      r225702
-CONSOLE MESSAGE: line 20: Fetch API cannot load https://127.0.0.1:9443/service-workers/service-worker/resources/fetch-access-control.py?. Cross origin requests are not allowed when using same-origin fetch mode.
-CONSOLE MESSAGE: line 20: Fetch API cannot load https://127.0.0.1:9443/service-workers/service-worker/resources/fetch-access-control.py?. Cross origin requests are not allowed when using same-origin fetch mode.
-CONSOLE MESSAGE: line 20: Fetch API cannot load https://127.0.0.1:9443/service-workers/service-worker/resources/fetch-access-control.py?. Cross origin requests are not allowed when using same-origin fetch mode.
-CONSOLE MESSAGE: line 20: Fetch API cannot load https://127.0.0.1:9443/?url=https%3A%2F%2Flocalhost%3A9443%2Fservice-workers%2Fservice-worker%2Fresources%2Ffetch-access-control.py%3F&mode=same-origin&credentials=omit&. Cross origin requests are not allowed when using same-origin fetch mode.
-CONSOLE MESSAGE: line 20: Fetch API cannot load https://127.0.0.1:9443/?url=https%3A%2F%2Flocalhost%3A9443%2Fservice-workers%2Fservice-worker%2Fresources%2Ffetch-access-control.py%3F&mode=same-origin&credentials=omit&. Cross origin requests are not allowed when using same-origin fetch mode.
-CONSOLE MESSAGE: line 20: Fetch API cannot load https://127.0.0.1:9443/?url=https%3A%2F%2Flocalhost%3A9443%2Fservice-workers%2Fservice-worker%2Fresources%2Ffetch-access-control.py%3F&mode=same-origin&credentials=omit&. Cross origin requests are not allowed when using same-origin fetch mode.
-CONSOLE MESSAGE: line 20: Fetch API cannot load https://127.0.0.1:9443/?url=https%3A%2F%2Flocalhost%3A9443%2Fservice-workers%2Fservice-worker%2Fresources%2Ffetch-access-control.py%3F&mode=same-origin&credentials=same-origin&. Cross origin requests are not allowed when using same-origin fetch mode.
-CONSOLE MESSAGE: line 20: Fetch API cannot load https://127.0.0.1:9443/?url=https%3A%2F%2Flocalhost%3A9443%2Fservice-workers%2Fservice-worker%2Fresources%2Ffetch-access-control.py%3F&mode=same-origin&credentials=same-origin&. Cross origin requests are not allowed when using same-origin fetch mode.
-CONSOLE MESSAGE: line 20: Fetch API cannot load https://127.0.0.1:9443/?url=https%3A%2F%2Flocalhost%3A9443%2Fservice-workers%2Fservice-worker%2Fresources%2Ffetch-access-control.py%3F&mode=same-origin&credentials=same-origin&. Cross origin requests are not allowed when using same-origin fetch mode.
-CONSOLE MESSAGE: line 20: Fetch API cannot load https://127.0.0.1:9443/?url=https%3A%2F%2F127.0.0.1%3A9443%2Fservice-workers%2Fservice-worker%2Fresources%2Ffetch-access-control.py%3F&mode=same-origin&credentials=omit&. Cross origin requests are not allowed when using same-origin fetch mode.
-CONSOLE MESSAGE: line 20: Fetch API cannot load https://127.0.0.1:9443/?url=https%3A%2F%2F127.0.0.1%3A9443%2Fservice-workers%2Fservice-worker%2Fresources%2Ffetch-access-control.py%3F&mode=same-origin&credentials=omit&. Cross origin requests are not allowed when using same-origin fetch mode.
-CONSOLE MESSAGE: line 20: Fetch API cannot load https://127.0.0.1:9443/?url=https%3A%2F%2F127.0.0.1%3A9443%2Fservice-workers%2Fservice-worker%2Fresources%2Ffetch-access-control.py%3F&mode=same-origin&credentials=omit&. Cross origin requests are not allowed when using same-origin fetch mode.
-CONSOLE MESSAGE: line 20: Fetch API cannot load https://127.0.0.1:9443/?url=https%3A%2F%2F127.0.0.1%3A9443%2Fservice-workers%2Fservice-worker%2Fresources%2Ffetch-access-control.py%3F&mode=no-cors&credentials=omit&. Cross origin requests are not allowed when using same-origin fetch mode.
-CONSOLE MESSAGE: line 20: Fetch API cannot load https://127.0.0.1:9443/?url=https%3A%2F%2F127.0.0.1%3A9443%2Fservice-workers%2Fservice-worker%2Fresources%2Ffetch-access-control.py%3F&mode=no-cors&credentials=omit&. Cross origin requests are not allowed when using same-origin fetch mode.
-CONSOLE MESSAGE: line 20: Fetch API cannot load https://127.0.0.1:9443/?url=https%3A%2F%2F127.0.0.1%3A9443%2Fservice-workers%2Fservice-worker%2Fresources%2Ffetch-access-control.py%3F&mode=no-cors&credentials=omit&. Cross origin requests are not allowed when using same-origin fetch mode.
-CONSOLE MESSAGE: line 20: Fetch API cannot load https://127.0.0.1:9443/?url=https%3A%2F%2F127.0.0.1%3A9443%2Fservice-workers%2Fservice-worker%2Fresources%2Ffetch-access-control.py%3FACAOrigin%3D*&mode=cors&credentials=omit&. Cross origin requests are not allowed when using same-origin fetch mode.
-CONSOLE MESSAGE: line 20: Fetch API cannot load https://127.0.0.1:9443/?url=https%3A%2F%2F127.0.0.1%3A9443%2Fservice-workers%2Fservice-worker%2Fresources%2Ffetch-access-control.py%3FACAOrigin%3D*&mode=cors&credentials=omit&. Cross origin requests are not allowed when using same-origin fetch mode.
-CONSOLE MESSAGE: line 20: Fetch API cannot load https://127.0.0.1:9443/?url=https%3A%2F%2F127.0.0.1%3A9443%2Fservice-workers%2Fservice-worker%2Fresources%2Ffetch-access-control.py%3FACAOrigin%3D*&mode=cors&credentials=omit&. Cross origin requests are not allowed when using same-origin fetch mode.
-CONSOLE MESSAGE: line 20: Fetch API cannot load https://127.0.0.1:9443/?url=https%3A%2F%2F127.0.0.1%3A9443%2Fservice-workers%2Fservice-worker%2Fresources%2Ffetch-access-control.py%3FACAOrigin%3Dhttps%3A%2F%2Flocalhost%3A9443%26ACACredentials%3Dtrue&mode=cors&credentials=include&. Cross origin requests are not allowed when using same-origin fetch mode.
-CONSOLE MESSAGE: line 20: Fetch API cannot load https://127.0.0.1:9443/?url=https%3A%2F%2F127.0.0.1%3A9443%2Fservice-workers%2Fservice-worker%2Fresources%2Ffetch-access-control.py%3FACAOrigin%3Dhttps%3A%2F%2Flocalhost%3A9443%26ACACredentials%3Dtrue&mode=cors&credentials=include&. Cross origin requests are not allowed when using same-origin fetch mode.
-CONSOLE MESSAGE: line 20: Fetch API cannot load https://127.0.0.1:9443/?url=https%3A%2F%2F127.0.0.1%3A9443%2Fservice-workers%2Fservice-worker%2Fresources%2Ffetch-access-control.py%3FACAOrigin%3Dhttps%3A%2F%2Flocalhost%3A9443%26ACACredentials%3Dtrue&mode=cors&credentials=include&. Cross origin requests are not allowed when using same-origin fetch mode.
 PASS initialize global state
 …
 PASS fetching url:"https://127.0.0.1:9443/?url=https%3A%2F%2F127.0.0.1%3A9443%2Fservice-workers%2Fservice-worker%2Fresources%2Ffetch-access-control.py%3F&mode=no-cors&credentials=omit&" mode:"no-cors" credentials:"same-origin" should succeed.
 PASS fetching url:"https://127.0.0.1:9443/?url=https%3A%2F%2F127.0.0.1%3A9443%2Fservice-workers%2Fservice-worker%2Fresources%2Ffetch-access-control.py%3F&mode=no-cors&credentials=omit&" mode:"no-cors" credentials:"include" should succeed.
+FAIL url:"https://127.0.0.1:9443/?url=https%3A%2F%2F127.0.0.1%3A9443%2Fservice-workers%2Fservice-worker%2Fresources%2Ffetch-access-control.py%3F&mode=no-cors&credentials=omit&" mode:"cors" credentials:"omit" should fail. assert_unreached: Should have rejected: undefined Reached unreachable code
+FAIL url:"https://127.0.0.1:9443/?url=https%3A%2F%2F127.0.0.1%3A9443%2Fservice-workers%2Fservice-worker%2Fresources%2Ffetch-access-control.py%3F&mode=no-cors&credentials=omit&" mode:"cors" credentials:"same-origin" should fail. assert_unreached: Should have rejected: undefined Reached unreachable code
+FAIL url:"https://127.0.0.1:9443/?url=https%3A%2F%2F127.0.0.1%3A9443%2Fservice-workers%2Fservice-worker%2Fresources%2Ffetch-access-control.py%3F&mode=no-cors&credentials=omit&" mode:"cors" credentials:"include" should fail. assert_unreached: Should have rejected: undefined Reached unreachable code
+PASS url:"https://127.0.0.1:9443/?url=https%3A%2F%2F127.0.0.1%3A9443%2Fservice-workers%2Fservice-worker%2Fresources%2Ffetch-access-control.py%3F&mode=no-cors&credentials=omit&" mode:"cors" credentials:"omit" should fail.
+PASS url:"https://127.0.0.1:9443/?url=https%3A%2F%2F127.0.0.1%3A9443%2Fservice-workers%2Fservice-worker%2Fresources%2Ffetch-access-control.py%3F&mode=no-cors&credentials=omit&" mode:"cors" credentials:"same-origin" should fail.
+PASS url:"https://127.0.0.1:9443/?url=https%3A%2F%2F127.0.0.1%3A9443%2Fservice-workers%2Fservice-worker%2Fresources%2Ffetch-access-control.py%3F&mode=no-cors&credentials=omit&" mode:"cors" credentials:"include" should fail.
 FAIL fetching url:"https://localhost:9443/?url=https%3A%2F%2F127.0.0.1%3A9443%2Fservice-workers%2Fservice-worker%2Fresources%2Ffetch-access-control.py%3FACAOrigin%3D*&mode=cors&credentials=omit&" mode:"same-origin" credentials:"omit" should succeed. assert_equals: response type expected "cors" but got "basic"
 FAIL fetching url:"https://localhost:9443/?url=https%3A%2F%2F127.0.0.1%3A9443%2Fservice-workers%2Fservice-worker%2Fresources%2Ffetch-access-control.py%3FACAOrigin%3D*&mode=cors&credentials=omit&" mode:"same-origin" credentials:"same-origin" should succeed. assert_equals: response type expected "cors" but got "basic"

trunk/Source/WebCore/ChangeLog

-                      r225699
+                      r225702
+-12-08  Youenn Fablet  <youenn@apple.com>
+        FetchResponse should keep unfiltered ResourceResponse so that it can be used in Service Worker
+        https://bugs.webkit.org/show_bug.cgi?id=179641
+        <rdar://problem/35923570>
+        Reviewed by Alex Christensen.
+        Covered by existing rebased tests.
+        FetchResponse will now store an unfiltered response.
+        If it needs to expose it to JavaScript, it will create a filtered response lazily.
+        This allows service worker to send back to web pages, opaque responses containing every information.
+        Updating Document::initSecurityContext so that any document loaded with a response whose tainting is Opaque gets a unique origin.
+        This ensures cross-origin checks to work if service worker returns such a response on a same origin URL.
+        Updated SubresourceLoader to check cross origin service worker responses based on their tainting.
+        * Modules/fetch/FetchResponse.cpp:
+        (WebCore::FetchResponse::create):
+        (WebCore::FetchResponse::error):
+        (WebCore::FetchResponse::redirect):
+        (WebCore::FetchResponse::FetchResponse):
+        (WebCore::FetchResponse::clone):
+        (WebCore::FetchResponse::url const):
+        (WebCore::FetchResponse::filteredResponse const):
+        (WebCore::FetchResponse::BodyLoader::didReceiveResponse):
+        (WebCore::FetchResponse::resourceResponse const):
+        * Modules/fetch/FetchResponse.h:
+        (WebCore::FetchResponse::create): Deleted.
+        * dom/Document.cpp:
+        (WebCore::Document::initSecurityContext):
+        * loader/SubresourceLoader.cpp:
+        (WebCore::SubresourceLoader::willSendRequestInternal):
+        (WebCore::SubresourceLoader::checkResponseCrossOriginAccessControl):
 -12-08  David Quesada  <david_quesada@apple.com>

trunk/Source/WebCore/Modules/fetch/FetchResponse.cpp

-                      r225297
+                      r225702
+}
+Ref<FetchResponse> FetchResponse::create(ScriptExecutionContext& context, std::optional<FetchBody>&& body, Ref<FetchHeaders>&& headers, ResourceResponse&& response)
+{
+    auto fetchResponse = adoptRef(*new FetchResponse(context, WTFMove(body), WTFMove(headers), WTFMove(response)));
+    fetchResponse->m_filteredResponse = ResourceResponseBase::filter(fetchResponse->m_internalResponse);
+    return fetchResponse;
+}
 ExceptionOr<Ref<FetchResponse>> FetchResponse::create(ScriptExecutionContext& context, std::optional<FetchBody::Init>&& body, Init&& init)
+{
 …
     r->m_contentType = contentType;
     auto mimeType = extractMIMETypeFromMediaType(contentType);
     r->m_response.setMimeType(mimeType.isEmpty() ? defaultMIMEType() : mimeType);
     r->m_response.setHTTPStatusCode(status);
     r->m_response.setHTTPStatusText(statusText);
+    r->m_internalResponse.setMimeType(mimeType.isEmpty() ? defaultMIMEType() : mimeType);
+    r->m_internalResponse.setHTTPStatusCode(status);
+    r->m_internalResponse.setHTTPStatusText(statusText);
     return WTFMove(r);
 …
+{
     auto response = adoptRef(*new FetchResponse(context, { }, FetchHeaders::create(FetchHeaders::Guard::Immutable), { }));
     response->m_response.setType(Type::Error);
+    response->m_internalResponse.setType(Type::Error);
     return response;
+}
 …
         return Exception { RangeError };
     auto redirectResponse = adoptRef(*new FetchResponse(context, { }, FetchHeaders::create(FetchHeaders::Guard::Immutable), { }));
+    redirectResponse->m_response.setHTTPStatusCode(status);
+    redirectResponse->m_internalResponse.setHTTPStatusCode(status);
+    redirectResponse->m_internalResponse.setHTTPHeaderField(HTTPHeaderName::Location, requestURL.string());
     redirectResponse->m_headers->fastSet(HTTPHeaderName::Location, requestURL.string());
     return WTFMove(redirectResponse);
 …
 FetchResponse::FetchResponse(ScriptExecutionContext& context, std::optional<FetchBody>&& body, Ref<FetchHeaders>&& headers, ResourceResponse&& response)
     : FetchBodyOwner(context, WTFMove(body), WTFMove(headers))
     , m_response(WTFMove(response))
+    , m_internalResponse(WTFMove(response))
+{
+}
 …
         readableStream(*context.execState());
     auto clone = adoptRef(*new FetchResponse(context, std::nullopt, FetchHeaders::create(headers()), ResourceResponse(m_response)));
+    auto clone = adoptRef(*new FetchResponse(context, std::nullopt, FetchHeaders::create(headers()), ResourceResponse(m_internalResponse)));
     clone->cloneBody(*this);
     if (isBodyOpaque())
 …
+{
     if (m_responseURL.isNull()) {
         URL url = m_response.url();
+        URL url = m_internalResponse.url();
         url.removeFragmentIdentifier();
         m_responseURL = url.string();
+    }
     return m_responseURL;
+}
+const ResourceResponse& FetchResponse::filteredResponse() const
+{
+    if (m_filteredResponse)
+        return m_filteredResponse.value();
+    return m_internalResponse;
+}
 …
 void FetchResponse::BodyLoader::didReceiveResponse(const ResourceResponse& resourceResponse)
+{
+    m_response.m_response = ResourceResponseBase::filter(resourceResponse);
+    m_response.m_filteredResponse = ResourceResponseBase::filter(resourceResponse);
+    m_response.m_internalResponse = resourceResponse;
+    m_response.m_internalResponse.setType(m_response.m_filteredResponse->type());
     if (resourceResponse.tainting() == ResourceResponse::Tainting::Opaque) {
         m_response.m_opaqueLoadIdentifier = ++nextOpaqueLoadIdentifier;
 …
+    }
     m_response.m_headers->filterAndFill(m_response.m_response.httpHeaderFields(), FetchHeaders::Guard::Response);
+    m_response.m_headers->filterAndFill(m_response.m_filteredResponse->httpHeaderFields(), FetchHeaders::Guard::Response);
     m_response.updateContentType();
 …
 ResourceResponse FetchResponse::resourceResponse() const
+{
+    auto response = m_response;
+    // FIXME: Add a setHTTPHeaderFields on ResourceResponseBase.
+    for (auto& header : headers().internalHeaders())
+        response.setHTTPHeaderField(header.key, header.value);
+    auto response = m_internalResponse;
+    if (headers().guard() != FetchHeaders::Guard::Immutable) {
+        // FIXME: Add a setHTTPHeaderFields on ResourceResponseBase.
+        for (auto& header : headers().internalHeaders())
+            response.setHTTPHeaderField(header.key, header.value);
+    }
     return response;
+}

trunk/Source/WebCore/Modules/fetch/FetchResponse.h

-                      r224344
+                      r225702
 #endif
     Type type() const { return m_response.type(); }
+    Type type() const { return filteredResponse().type(); }
     const String& url() const;
     bool redirected() const { return m_response.isRedirected(); }
     int status() const { return m_response.httpStatusCode(); }
     bool ok() const { return m_response.isSuccessful(); }
     const String& statusText() const { return m_response.httpStatusText(); }
+    bool redirected() const { return filteredResponse().isRedirected(); }
+    int status() const { return filteredResponse().httpStatusCode(); }
+    bool ok() const { return filteredResponse().isSuccessful(); }
+    const String& statusText() const { return filteredResponse().httpStatusText(); }
     const FetchHeaders& headers() const { return m_headers; }
 …
     bool canSuspendForDocumentSuspension() const final;
+    const ResourceResponse& filteredResponse() const;
 #if ENABLE(STREAMS_API)
     void closeStream();
 …
     };
+    ResourceResponse m_response;
+    mutable std::optional<ResourceResponse> m_filteredResponse;
+    ResourceResponse m_internalResponse;
     std::optional<BodyLoader> m_bodyLoader;
     mutable String m_responseURL;
 …
 };
-inline Ref<FetchResponse> FetchResponse::create(ScriptExecutionContext& context, std::optional<FetchBody>&& body, Ref<FetchHeaders>&& headers, ResourceResponse&& response)
+{
-    return adoptRef(*new FetchResponse(context, WTFMove(body), WTFMove(headers), WTFMove(response)));
+}
 } // namespace WebCore

trunk/Source/WebCore/dom/Document.cpp

-                      r225696
+                      r225702
         applyContentDispositionAttachmentSandbox();
+    setSecurityOriginPolicy(SecurityOriginPolicy::create(isSandboxed(SandboxOrigin) ? SecurityOrigin::createUnique() : SecurityOrigin::create(m_url)));
+    bool isSecurityOriginUnique = isSandboxed(SandboxOrigin);
+    if (!isSecurityOriginUnique) {
+        auto* loader = m_frame->loader().documentLoader();
+        isSecurityOriginUnique = loader && loader->response().tainting() == ResourceResponse::Tainting::Opaque;
+    }
+    setSecurityOriginPolicy(SecurityOriginPolicy::create(isSecurityOriginUnique ? SecurityOrigin::createUnique() : SecurityOrigin::create(m_url)));
     setContentSecurityPolicy(std::make_unique<ContentSecurityPolicy>(*this));

trunk/Source/WebCore/loader/SubresourceLoader.cpp

-                      r225564
+                      r225702
             opaqueRedirectedResponse.setTainting(ResourceResponse::Tainting::Opaqueredirect);
             m_resource->responseReceived(opaqueRedirectedResponse);
+            if (reachedTerminalState())
+                return;
             NetworkLoadMetrics emptyMetrics;
 …
 #if ENABLE(SERVICE_WORKER)
     if (response.source() == ResourceResponse::Source::ServiceWorker)
         return true;
+        return response.tainting() != ResourceResponse::Tainting::Opaque;
 #endif

trunk/Source/WebKit/ChangeLog

-                      r225700
+                      r225702
+-12-08  Youenn Fablet  <youenn@apple.com>
+        FetchResponse should keep unfiltered ResourceResponse so that it can be used in Service Worker
+        https://bugs.webkit.org/show_bug.cgi?id=179641
+        <rdar://problem/35923570>
+        Reviewed by Alex Christensen.
+        * WebProcess/Storage/ServiceWorkerClientFetch.cpp:
+        (WebKit::ServiceWorkerClientFetch::didReceiveResponse): In case of opaque redirected response, handle it as a regular response.
 -12-08  Alex Christensen  <achristensen@webkit.org>

trunk/Source/WebKit/WebProcess/Storage/ServiceWorkerClientFetch.cpp

-                      r225297
+                      r225702
+}
 void ServiceWorkerClientFetch::didReceiveResponse(WebCore::ResourceResponse&& response)
+void ServiceWorkerClientFetch::didReceiveResponse(ResourceResponse&& response)
+{
     auto protectedThis = makeRef(*this);
     if (response.isRedirection()) {
+    if (response.isRedirection() && response.tainting() != ResourceResponse::Tainting::Opaqueredirect) {
         m_redirectionStatus = RedirectionStatus::Receiving;
         // FIXME: Get shouldClearReferrerOnHTTPSToHTTPRedirect value from

Note: See TracChangeset for help on using the changeset viewer.

Context Navigation

Changeset 225702 in webkit

Legend:

Download in other formats: