Changeset 229617 in webkit

Timestamp:

Mar 14, 2018 3:58:29 PM (6 years ago)

Author:

Ryan Haddad

Message:

Unreviewed, rolling out r229613.

Caused API test failures

Reverted changeset:

"Make policy decisions asynchronous"
​https://bugs.webkit.org/show_bug.cgi?id=180568
​https://trac.webkit.org/changeset/229613

Location:

trunk

Files:

• LayoutTests/ChangeLog (modified) (1 diff)
• LayoutTests/TestExpectations (modified) (1 diff)
• LayoutTests/http/tests/security/contentSecurityPolicy/block-all-mixed-content/insecure-css-in-main-frame-expected.txt (modified) (1 diff)
• LayoutTests/platform/ios/http/tests/loading/simple-subframe-expected.txt (modified) (1 diff)
• LayoutTests/platform/mac-wk2/http/tests/loading (deleted)
• LayoutTests/platform/mac/webarchive/loading/mainresource-null-mimetype-crash-expected.txt (copied) (copied from trunk/LayoutTests/platform/wk2/webarchive/loading/mainresource-null-mimetype-crash-expected.txt) (1 diff)
• LayoutTests/platform/wk2/fast (deleted)
• LayoutTests/platform/wk2/http/tests/contentdispositionattachmentsandbox (deleted)
• LayoutTests/platform/wk2/http/tests/contentextensions (deleted)
• LayoutTests/platform/wk2/http/tests/loading/authentication-after-redirect-stores-wrong-credentials/authentication-after-redirect-stores-wrong-credentials-expected.txt (modified) (1 diff)
• LayoutTests/platform/wk2/http/tests/loading/bad-server-subframe-expected.txt (deleted)
• LayoutTests/platform/wk2/http/tests/loading/basic-auth-load-URL-with-consecutive-slashes-expected.txt (modified) (1 diff)
• LayoutTests/platform/wk2/http/tests/loading/redirect-with-no-location-crash-expected.txt (deleted)
• LayoutTests/platform/wk2/http/tests/loading/server-redirect-for-provisional-load-caching-expected.txt (deleted)
• LayoutTests/platform/wk2/http/tests/loading/slow-parsing-subframe-expected.txt (deleted)
• LayoutTests/platform/wk2/http/tests/misc/will-send-request-returns-null-on-redirect-expected.txt (deleted)
• LayoutTests/platform/wk2/http/tests/misc/window-dot-stop-expected.txt (deleted)
• LayoutTests/platform/wk2/http/tests/navigation (deleted)
• LayoutTests/platform/wk2/http/tests/security/XFrameOptions (deleted)
• LayoutTests/platform/wk2/http/tests/security/blocked-on-redirect-expected.txt (deleted)
• LayoutTests/platform/wk2/http/tests/security/contentSecurityPolicy (deleted)
• LayoutTests/platform/wk2/http/tests/security/http-0.9 (deleted)
• LayoutTests/platform/wk2/http/tests/security/mixedContent/about-blank-iframe-in-main-frame-expected.txt (deleted)
• LayoutTests/platform/wk2/http/tests/security/mixedContent/data-url-iframe-in-main-frame-expected.txt (deleted)
• LayoutTests/platform/wk2/http/tests/security/mixedContent/data-url-script-in-iframe-expected.txt (deleted)
• LayoutTests/platform/wk2/http/tests/security/mixedContent/empty-url-plugin-in-frame-expected.txt (deleted)
• LayoutTests/platform/wk2/http/tests/security/mixedContent/insecure-css-in-iframe-expected.txt (deleted)
• LayoutTests/platform/wk2/http/tests/security/mixedContent/insecure-css-in-main-frame-expected.txt (deleted)
• LayoutTests/platform/wk2/http/tests/security/mixedContent/insecure-css-with-secure-cookies-expected.txt (deleted)
• LayoutTests/platform/wk2/http/tests/security/mixedContent/insecure-executable-css-with-secure-cookies-expected.txt (deleted)
• LayoutTests/platform/wk2/http/tests/security/mixedContent/insecure-form-in-iframe-expected.txt (deleted)
• LayoutTests/platform/wk2/http/tests/security/mixedContent/insecure-form-in-main-frame-expected.txt (deleted)
• LayoutTests/platform/wk2/http/tests/security/mixedContent/insecure-iframe-in-iframe-expected.txt (deleted)
• LayoutTests/platform/wk2/http/tests/security/mixedContent/insecure-iframe-in-main-frame-expected.txt (deleted)
• LayoutTests/platform/wk2/http/tests/security/mixedContent/insecure-image-in-iframe-expected.txt (deleted)
• LayoutTests/platform/wk2/http/tests/security/mixedContent/javascript-url-form-in-main-frame-expected.txt (deleted)
• LayoutTests/platform/wk2/http/tests/security/mixedContent/redirect-http-to-https-iframe-in-main-frame-expected.txt (deleted)
• LayoutTests/platform/wk2/http/tests/security/mixedContent/redirect-http-to-https-script-in-iframe-expected.txt (deleted)
• LayoutTests/platform/wk2/http/tests/security/mixedContent/redirect-https-to-http-iframe-in-main-frame-expected.txt (deleted)
• LayoutTests/platform/wk2/http/tests/security/mixedContent/redirect-https-to-http-image-secure-cookies-block-expected.txt (deleted)
• LayoutTests/platform/wk2/http/tests/security/mixedContent/redirect-https-to-http-image-secure-cookies-expected.txt (deleted)
• LayoutTests/platform/wk2/http/tests/security/mixedContent/redirect-https-to-http-script-in-iframe-expected.txt (deleted)
• LayoutTests/platform/wk2/http/tests/security/xssAuditor (deleted)
• LayoutTests/platform/wk2/inspector/page/frameScheduledNavigation-expected.txt (deleted)
• LayoutTests/platform/wk2/loader (deleted)
• LayoutTests/platform/wk2/webarchive (deleted)
• Source/WebKit/ChangeLog (modified) (1 diff)
• Source/WebKit/UIProcess/WebPageProxy.cpp (modified) (9 diffs)
• Source/WebKit/UIProcess/WebPageProxy.h (modified) (2 diffs)
• Source/WebKit/UIProcess/WebPageProxy.messages.in (modified) (1 diff)
• Source/WebKit/WebProcess/WebCoreSupport/WebFrameLoaderClient.cpp (modified) (3 diffs)

trunk/LayoutTests/ChangeLog

@@ +1 @@
+2018-03-14  Ryan Haddad  <ryanhaddad@apple.com>
+
+        Unreviewed, rolling out r229613.
+
+        Caused API test failures
+
+        Reverted changeset:
+
+        "Make policy decisions asynchronous"
+        https://bugs.webkit.org/show_bug.cgi?id=180568
+        https://trac.webkit.org/changeset/229613
+
 2018-03-14  Youenn Fablet  <youenn@apple.com>
 

trunk/LayoutTests/TestExpectations

@@ -1717 +1717 @@
 imported/w3c/web-platform-tests/workers/worker-performance.worker.html [ Pass Failure ]
 
-# We sometimes get 2 console log messages about CSP instead of 1 due to preloading.
-http/tests/security/contentSecurityPolicy/block-all-mixed-content/insecure-css-in-main-frame.html [ DumpJSConsoleLogInStdErr ]
-
 media/event-queue-crash.html [ DumpJSConsoleLogInStdErr ]
 

trunk/LayoutTests/http/tests/security/contentSecurityPolicy/block-all-mixed-content/insecure-css-in-main-frame-expected.txt

@@ -4 +4 @@
 main frame - didFinishLoadForFrame
 main frame - didCommitLoadForFrame
+CONSOLE MESSAGE: Blocked mixed content http://127.0.0.1:8000/security/mixedContent/resources/style.css because 'block-all-mixed-content' appears in the Content Security Policy.
 main frame - didFinishDocumentLoadForFrame
 main frame - didHandleOnloadEventsForFrame

trunk/LayoutTests/platform/ios/http/tests/loading/simple-subframe-expected.txt

@@ -1 +1 @@
 main frame - didStartProvisionalLoadForFrame
 main frame - didCommitLoadForFrame
+frame "f1" - didStartProvisionalLoadForFrame
 main frame - didFinishDocumentLoadForFrame
-frame "f1" - didStartProvisionalLoadForFrame
 frame "f1" - didCommitLoadForFrame
 frame "f1" - didFinishDocumentLoadForFrame

trunk/LayoutTests/platform/mac/webarchive/loading/mainresource-null-mimetype-crash-expected.txt

@@ -2 +2 @@
 main frame - didCommitLoadForFrame
 main frame - didFinishDocumentLoadForFrame
+frame "<!--framePath //<!--frame0-->-->" - didStartProvisionalLoadForFrame
 main frame - didHandleOnloadEventsForFrame
-frame "<!--framePath //<!--frame0-->-->" - didStartProvisionalLoadForFrame
 frame "<!--framePath //<!--frame0-->-->" - didCommitLoadForFrame
 frame "<!--framePath //<!--frame0-->-->" - didFinishDocumentLoadForFrame

trunk/LayoutTests/platform/wk2/http/tests/loading/authentication-after-redirect-stores-wrong-credentials/authentication-after-redirect-stores-wrong-credentials-expected.txt

@@ -1 +1 @@
 main frame - didStartProvisionalLoadForFrame
 main frame - didCommitLoadForFrame
+frame "<!--framePath //<!--frame0-->-->" - didStartProvisionalLoadForFrame
 main frame - didFinishDocumentLoadForFrame
-frame "<!--framePath //<!--frame0-->-->" - didStartProvisionalLoadForFrame
 frame "<!--framePath //<!--frame0-->-->" - didReceiveServerRedirectForProvisionalLoadForFrame
 127.0.0.1:8000 - didReceiveAuthenticationChallenge - Responding with httpUsername:httpPassword

trunk/LayoutTests/platform/wk2/http/tests/loading/basic-auth-load-URL-with-consecutive-slashes-expected.txt

@@ -1 +1 @@
 main frame - didStartProvisionalLoadForFrame
 main frame - didCommitLoadForFrame
+frame "frame" - didStartProvisionalLoadForFrame
 main frame - didFinishDocumentLoadForFrame
-frame "frame" - didStartProvisionalLoadForFrame
 127.0.0.1:8000 - didReceiveAuthenticationChallenge - Responding with webkit:rocks
 frame "frame" - didCommitLoadForFrame

trunk/Source/WebKit/ChangeLog

@@ +1 @@
+2018-03-14  Ryan Haddad  <ryanhaddad@apple.com>
+
+        Unreviewed, rolling out r229613.
+
+        Caused API test failures
+
+        Reverted changeset:
+
+        "Make policy decisions asynchronous"
+        https://bugs.webkit.org/show_bug.cgi?id=180568
+        https://trac.webkit.org/changeset/229613
+
 2018-03-14  Chris Dumez  <cdumez@apple.com>
 

trunk/Source/WebKit/UIProcess/WebPageProxy.cpp

@@ -2333 +2333 @@
     if (action == PolicyAction::Download) {
         // Create a download proxy.
-        auto* download = m_process->processPool().createDownloadProxy(m_decidePolicyForResponseRequest, this);
+        const ResourceRequest& downloadRequest = m_decidePolicyForResponseRequest ? *m_decidePolicyForResponseRequest : ResourceRequest();
+        DownloadProxy* download = m_process->processPool().createDownloadProxy(downloadRequest, this);
         if (navigation) {
             download->setWasUserInitiated(navigation->wasUserInitiated());
@@ -2341 +2342 @@
         downloadID = download->downloadID();
         handleDownloadRequest(download);
-        m_decidePolicyForResponseRequest = { };
-    }
-
+    }
+
+    // If we received a policy decision while in decidePolicyForResponse the decision will
+    // be sent back to the web process by decidePolicyForResponse.
+    if (m_inDecidePolicyForResponseSync) {
+        m_syncMimeTypePolicyActionIsValid = true;
+        m_syncMimeTypePolicyAction = action;
+        m_syncMimeTypePolicyDownloadID = downloadID;
+        return;
+    }
+
+    // If we received a policy decision while in decidePolicyForNavigationAction the decision will 
+    // be sent back to the web process by decidePolicyForNavigationAction. 
+    if (m_inDecidePolicyForNavigationAction) {
+        m_syncNavigationActionPolicyActionIsValid = true;
+        m_syncNavigationActionPolicyAction = action;
+        m_syncNavigationActionPolicyDownloadID = downloadID;
+        m_syncNavigationActionPolicyWebsitePolicies = WTFMove(websitePolicies);
+        return;
+    }
+    
     m_process->send(Messages::WebPage::DidReceivePolicyDecision(frame.frameID(), listenerID, action, navigation ? navigation->navigationID() : 0, downloadID, websitePolicies), m_pageID);
 }
@@ -3737 +3756 @@
 }
 
-void WebPageProxy::decidePolicyForNavigationAction(uint64_t frameID, const SecurityOriginData& frameSecurityOrigin, uint64_t navigationID, NavigationActionData&& navigationActionData, const FrameInfoData& originatingFrameInfoData, uint64_t originatingPageID, const WebCore::ResourceRequest& originalRequest, ResourceRequest&& request, uint64_t listenerID, const UserData& userData)
+void WebPageProxy::decidePolicyForNavigationAction(uint64_t frameID, const SecurityOriginData& frameSecurityOrigin, uint64_t navigationID, NavigationActionData&& navigationActionData, const FrameInfoData& originatingFrameInfoData, uint64_t originatingPageID, const WebCore::ResourceRequest& originalRequest, ResourceRequest&& request, uint64_t listenerID, const UserData& userData, bool& receivedPolicyAction, uint64_t& newNavigationID, WebCore::PolicyAction& policyAction, DownloadID& downloadID, std::optional<WebsitePoliciesData>& websitePolicies)
 {
     PageClientProtector protector(m_pageClient);
@@ -3752 +3771 @@
     MESSAGE_CHECK_URL(originalRequest.url());
     
-    uint64_t newNavigationID { 0 };
     Ref<WebFramePolicyListenerProxy> listener = frame->setUpPolicyListenerProxy(listenerID);
     if (!navigationID) {
@@ -3762 +3780 @@
     } else {
         auto& navigation = m_navigationState->navigation(navigationID);
-        newNavigationID = navigationID;
         navigation.setWasUserInitiated(!!navigationActionData.userGestureTokenIdentifier);
         navigation.setShouldForceDownload(!navigationActionData.downloadAttribute.isNull());
@@ -3769 +3786 @@
 
 #if ENABLE(CONTENT_FILTERING)
-    if (frame->didHandleContentFilterUnblockNavigation(request))
-        return receivedPolicyDecision(PolicyAction::Ignore, *frame, listenerID, &m_navigationState->navigation(newNavigationID), { });
-#endif
+    if (frame->didHandleContentFilterUnblockNavigation(request)) {
+        receivedPolicyAction = true;
+        policyAction = PolicyAction::Ignore;
+        return;
+    }
+#endif
+
+    ASSERT(!m_inDecidePolicyForNavigationAction);
+    
+    m_inDecidePolicyForNavigationAction = true;
+    m_syncNavigationActionPolicyActionIsValid = false;
 
     WebFrameProxy* originatingFrame = m_process->webFrame(originatingFrameInfoData.frameID);
@@ -3793 +3818 @@
 
     m_shouldSuppressAppLinksInNextNavigationPolicyDecision = false;
+    m_inDecidePolicyForNavigationAction = false;
+
+    // Check if we received a policy decision already. If we did, we can just pass it back.
+    receivedPolicyAction = m_syncNavigationActionPolicyActionIsValid;
+    if (m_syncNavigationActionPolicyActionIsValid) {
+        policyAction = m_syncNavigationActionPolicyAction;
+        downloadID = m_syncNavigationActionPolicyDownloadID;
+        websitePolicies = WTFMove(m_syncNavigationActionPolicyWebsitePolicies);
+    }
 }
 
@@ -3823 +3857 @@
 {
     PageClientProtector protector(m_pageClient);
-
-    m_decidePolicyForResponseRequest = request;
 
     WebFrameProxy* frame = m_process->webFrame(frameID);
@@ -3840 +3872 @@
     } else
         m_policyClient->decidePolicyForResponse(*this, *frame, response, request, canShowMIMEType, WTFMove(listener), m_process->transformHandlesToObjects(userData.object()).get());
+}
+
+void WebPageProxy::decidePolicyForResponseSync(uint64_t frameID, const SecurityOriginData& frameSecurityOrigin, uint64_t navigationID, const ResourceResponse& response, const ResourceRequest& request, bool canShowMIMEType, uint64_t listenerID, const UserData& userData, bool& receivedPolicyAction, WebCore::PolicyAction& policyAction, DownloadID& downloadID)
+{
+    PageClientProtector protector(m_pageClient);
+
+    ASSERT(!m_inDecidePolicyForResponseSync);
+
+    m_inDecidePolicyForResponseSync = true;
+    m_decidePolicyForResponseRequest = &request;
+    m_syncMimeTypePolicyActionIsValid = false;
+    
+    decidePolicyForResponse(frameID, frameSecurityOrigin, navigationID, response, request, canShowMIMEType, listenerID, userData);
+    
+    m_inDecidePolicyForResponseSync = false;
+    m_decidePolicyForResponseRequest = nullptr;
+    
+    // Check if we received a policy decision already. If we did, we can just pass it back.
+    receivedPolicyAction = m_syncMimeTypePolicyActionIsValid;
+    if (m_syncMimeTypePolicyActionIsValid) {
+        policyAction = m_syncMimeTypePolicyAction;
+        downloadID = m_syncMimeTypePolicyDownloadID;
+    }
 }
 

trunk/Source/WebKit/UIProcess/WebPageProxy.h

@@ -1363 +1363 @@
     void didDestroyNavigation(uint64_t navigationID);
 
-    void decidePolicyForNavigationAction(uint64_t frameID, const WebCore::SecurityOriginData& frameSecurityOrigin, uint64_t navigationID, NavigationActionData&&, const FrameInfoData&, uint64_t originatingPageID, const WebCore::ResourceRequest& originalRequest, WebCore::ResourceRequest&&, uint64_t listenerID, const UserData&);
+    void decidePolicyForNavigationAction(uint64_t frameID, const WebCore::SecurityOriginData& frameSecurityOrigin, uint64_t navigationID, NavigationActionData&&, const FrameInfoData&, uint64_t originatingPageID, const WebCore::ResourceRequest& originalRequest, WebCore::ResourceRequest&&, uint64_t listenerID, const UserData&, bool& receivedPolicyAction, uint64_t& newNavigationID, WebCore::PolicyAction&, DownloadID&, std::optional<WebsitePoliciesData>&);
     void decidePolicyForNewWindowAction(uint64_t frameID, const WebCore::SecurityOriginData& frameSecurityOrigin, NavigationActionData&&, WebCore::ResourceRequest&&, const String& frameName, uint64_t listenerID, const UserData&);
     void decidePolicyForResponse(uint64_t frameID, const WebCore::SecurityOriginData& frameSecurityOrigin, uint64_t navigationID, const WebCore::ResourceResponse&, const WebCore::ResourceRequest&, bool canShowMIMEType, uint64_t listenerID, const UserData&);
+    void decidePolicyForResponseSync(uint64_t frameID, const WebCore::SecurityOriginData& frameSecurityOrigin, uint64_t navigationID, const WebCore::ResourceResponse&, const WebCore::ResourceRequest&, bool canShowMIMEType, uint64_t listenerID, const UserData&, bool& receivedPolicyAction, WebCore::PolicyAction&, DownloadID&);
     void unableToImplementPolicy(uint64_t frameID, const WebCore::ResourceError&, const UserData&);
 
@@ -1906 +1907 @@
     bool m_isPerformingDOMPrintOperation { false };
 
-    WebCore::ResourceRequest m_decidePolicyForResponseRequest;
+    bool m_inDecidePolicyForResponseSync { false };
+    const WebCore::ResourceRequest* m_decidePolicyForResponseRequest { nullptr };
+    bool m_syncMimeTypePolicyActionIsValid { false };
+    WebCore::PolicyAction m_syncMimeTypePolicyAction { WebCore::PolicyAction::Use };
+    DownloadID m_syncMimeTypePolicyDownloadID { 0 };
+    bool m_inDecidePolicyForNavigationAction { false };
+    bool m_syncNavigationActionPolicyActionIsValid { false };
+    WebCore::PolicyAction m_syncNavigationActionPolicyAction { WebCore::PolicyAction::Use };
+    DownloadID m_syncNavigationActionPolicyDownloadID { 0 };
+    std::optional<WebsitePoliciesData> m_syncNavigationActionPolicyWebsitePolicies;
+
     bool m_shouldSuppressAppLinksInNextNavigationPolicyDecision { false };
 

trunk/Source/WebKit/UIProcess/WebPageProxy.messages.in

@@ -99 +99 @@
 
     # Policy messages
-    DecidePolicyForResponse(uint64_t frameID, struct WebCore::SecurityOriginData frameSecurityOrigin, uint64_t navigationID, WebCore::ResourceResponse response, WebCore::ResourceRequest request, bool canShowMIMEType, uint64_t listenerID, WebKit::UserData userData)
-    DecidePolicyForNavigationAction(uint64_t frameID, struct WebCore::SecurityOriginData frameSecurityOrigin, uint64_t navigationID, struct WebKit::NavigationActionData navigationActionData, struct WebKit::FrameInfoData originatingFrameInfoData, uint64_t originatingPageID, WebCore::ResourceRequest originalRequest, WebCore::ResourceRequest request, uint64_t listenerID, WebKit::UserData userData)
+    DecidePolicyForResponseSync(uint64_t frameID, struct WebCore::SecurityOriginData frameSecurityOrigin, uint64_t navigationID, WebCore::ResourceResponse response, WebCore::ResourceRequest request, bool canShowMIMEType, uint64_t listenerID, WebKit::UserData userData) -> (bool receivedPolicyAction, enum WebCore::PolicyAction policyAction, WebKit::DownloadID downloadID)
+    DecidePolicyForNavigationAction(uint64_t frameID, struct WebCore::SecurityOriginData frameSecurityOrigin, uint64_t navigationID, struct WebKit::NavigationActionData navigationActionData, struct WebKit::FrameInfoData originatingFrameInfoData, uint64_t originatingPageID, WebCore::ResourceRequest originalRequest, WebCore::ResourceRequest request, uint64_t listenerID, WebKit::UserData userData) -> (bool receivedPolicyAction, uint64_t newNavigationID, enum WebCore::PolicyAction policyAction, WebKit::DownloadID downloadID, std::optional<WebKit::WebsitePoliciesData> websitePolicies)
     DecidePolicyForNewWindowAction(uint64_t frameID, struct WebCore::SecurityOriginData frameSecurityOrigin, struct WebKit::NavigationActionData navigationActionData, WebCore::ResourceRequest request, String frameName, uint64_t listenerID, WebKit::UserData userData)
     UnableToImplementPolicy(uint64_t frameID, WebCore::ResourceError error, WebKit::UserData userData)

trunk/Source/WebKit/WebProcess/WebCoreSupport/WebFrameLoaderClient.cpp

@@ -749 +749 @@
     Ref<WebFrame> protector(*m_frame);
     uint64_t listenerID = m_frame->setUpPolicyListener(WTFMove(function), WebFrame::ForNavigationAction::No);
+    bool receivedPolicyAction;
+    PolicyAction policyAction;
+    DownloadID downloadID;
+
     auto navigationID = static_cast<WebDocumentLoader&>(*policyDocumentLoader).navigationID();
-    if (!webPage->send(Messages::WebPageProxy::DecidePolicyForResponse(m_frame->frameID(), SecurityOriginData::fromFrame(coreFrame), navigationID, response, request, canShowMIMEType, listenerID, UserData(WebProcess::singleton().transformObjectsToHandles(userData.get()).get()))))
+    if (!webPage->sendSync(Messages::WebPageProxy::DecidePolicyForResponseSync(m_frame->frameID(), SecurityOriginData::fromFrame(coreFrame), navigationID, response, request, canShowMIMEType, listenerID, UserData(WebProcess::singleton().transformObjectsToHandles(userData.get()).get())), Messages::WebPageProxy::DecidePolicyForResponseSync::Reply(receivedPolicyAction, policyAction, downloadID), Seconds::infinity(), IPC::SendSyncOption::InformPlatformProcessWillSuspend)) {
         m_frame->didReceivePolicyDecision(listenerID, PolicyAction::Ignore, 0, { }, { });
+        return;
+    }
+
+    // We call this synchronously because CFNetwork can only convert a loading connection to a download from its didReceiveResponse callback.
+    if (receivedPolicyAction)
+        m_frame->didReceivePolicyDecision(listenerID, policyAction, 0, downloadID, { });
 }
 
@@ -834 +844 @@
     
     uint64_t listenerID = m_frame->setUpPolicyListener(WTFMove(function), WebFrame::ForNavigationAction::Yes);
+    bool receivedPolicyAction;
+    uint64_t newNavigationID;
+    PolicyAction policyAction;
+    DownloadID downloadID;
 
     ASSERT(navigationAction.sourceDocument());
@@ -872 +886 @@
     // Notify the UIProcess.
     Ref<WebFrame> protect(*m_frame);
-    if (!webPage->send(Messages::WebPageProxy::DecidePolicyForNavigationAction(m_frame->frameID(), SecurityOriginData::fromFrame(coreFrame), documentLoader->navigationID(), navigationActionData, originatingFrameInfoData, originatingFrame && originatingFrame->page() ? originatingFrame->page()->pageID() : 0, navigationAction.resourceRequest(), request, listenerID, UserData(WebProcess::singleton().transformObjectsToHandles(userData.get()).get()))))
+    std::optional<WebsitePoliciesData> websitePolicies;
+    if (!webPage->sendSync(Messages::WebPageProxy::DecidePolicyForNavigationAction(m_frame->frameID(), SecurityOriginData::fromFrame(coreFrame), documentLoader->navigationID(), navigationActionData, originatingFrameInfoData, originatingFrame && originatingFrame->page() ? originatingFrame->page()->pageID() : 0, navigationAction.resourceRequest(), request, listenerID, UserData(WebProcess::singleton().transformObjectsToHandles(userData.get()).get())), Messages::WebPageProxy::DecidePolicyForNavigationAction::Reply(receivedPolicyAction, newNavigationID, policyAction, downloadID, websitePolicies))) {
         m_frame->didReceivePolicyDecision(listenerID, PolicyAction::Ignore, 0, { }, { });
+        return;
+    }
+
+    // We call this synchronously because WebCore cannot gracefully handle a frame load without a synchronous navigation policy reply.
+    if (receivedPolicyAction)
+        m_frame->didReceivePolicyDecision(listenerID, policyAction, newNavigationID, downloadID, WTFMove(websitePolicies));
 }