Changeset 251710 in webkit
- Timestamp:
- Oct 29, 2019 10:04:09 AM (5 years ago)
- Location:
- trunk
- Files:
-
- 21 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/LayoutTests/ChangeLog
r251708 r251710 1 2019-10-29 Chris Dumez <cdumez@apple.com> 2 3 Unreviewed, rolling out r251594. 4 5 Caused an API test failure 6 7 Reverted changeset: 8 9 "mp4 video element broken with service worker" 10 https://bugs.webkit.org/show_bug.cgi?id=184447 11 https://trac.webkit.org/changeset/251594 12 1 13 2019-10-29 Chris Dumez <cdumez@apple.com> 2 14 -
trunk/LayoutTests/TestExpectations
r251708 r251710 761 761 imported/w3c/web-platform-tests/fetch/api/request/destination/fetch-destination-no-load-event.https.html [ Skip ] 762 762 imported/w3c/web-platform-tests/fetch/api/request/destination/fetch-destination.https.html [ Skip ] 763 imported/w3c/web-platform-tests/fetch/range/sw.https.window.html [ Skip ] 763 764 imported/w3c/web-platform-tests/fetch/content-encoding/bad-gzip-body.any.worker.html [ Skip ] 764 765 imported/w3c/web-platform-tests/fetch/api/request/destination/fetch-destination-prefetch.https.html [ Skip ] -
trunk/LayoutTests/imported/w3c/ChangeLog
r251708 r251710 1 2019-10-29 Chris Dumez <cdumez@apple.com> 2 3 Unreviewed, rolling out r251594. 4 5 Caused an API test failure 6 7 Reverted changeset: 8 9 "mp4 video element broken with service worker" 10 https://bugs.webkit.org/show_bug.cgi?id=184447 11 https://trac.webkit.org/changeset/251594 12 1 13 2019-10-29 Chris Dumez <cdumez@apple.com> 2 14 -
trunk/LayoutTests/imported/w3c/web-platform-tests/fetch/range/sw.https.window-expected.txt
r251594 r251710 1 #PID UNRESPONSIVE - com.apple.WebKit.WebContent.Development (pid 73757) 2 FAIL: Timed out waiting for notifyDone to be called 1 3 2 PASS Defer range header filter tests to service worker 3 PASS Defer range header passthrough tests to service worker 4 PASS Ranged response not allowed following no-cors ranged request 5 PASS Non-opaque ranged response executed 6 PASS Accept-Encoding should not appear in a service worker 7 PASS Range headers correctly preserved 8 PASS Range headers correctly removed 9 PASS Headers correctly filtered 10 PASS Include range header in network request 11 4 #EOF 5 #EOF -
trunk/LayoutTests/platform/mac-wk1/TestExpectations
r251708 r251710 291 291 imported/w3c/web-platform-tests/fetch/api/request/destination [ Skip ] 292 292 imported/w3c/web-platform-tests/fetch/cross-origin-resource-policy [ Skip ] 293 imported/w3c/web-platform-tests/fetch/range/sw.https.window.html [ Skip ]294 293 imported/w3c/web-platform-tests/server-timing/service_worker_idl.html [ Skip ] 295 294 imported/w3c/web-platform-tests/service-workers [ Skip ] -
trunk/Source/WebCore/ChangeLog
r251708 r251710 1 2019-10-29 Chris Dumez <cdumez@apple.com> 2 3 Unreviewed, rolling out r251594. 4 5 Caused an API test failure 6 7 Reverted changeset: 8 9 "mp4 video element broken with service worker" 10 https://bugs.webkit.org/show_bug.cgi?id=184447 11 https://trac.webkit.org/changeset/251594 12 1 13 2019-10-29 Chris Dumez <cdumez@apple.com> 2 14 -
trunk/Source/WebCore/Modules/fetch/FetchHeaders.cpp
r251594 r251710 34 34 namespace WebCore { 35 35 36 // https://fetch.spec.whatwg.org/#concept-headers-remove-privileged-no-cors-request-headers37 static void removePrivilegedNoCORSRequestHeaders(HTTPHeaderMap& headers)38 {39 headers.remove(HTTPHeaderName::Range);40 }41 42 36 static ExceptionOr<bool> canWriteHeader(const String& name, const String& value, const String& combinedValue, FetchHeaders::Guard guard) 43 37 { … … 69 63 return { }; 70 64 headers.set(name, combinedValue); 71 72 if (guard == FetchHeaders::Guard::RequestNoCors)73 removePrivilegedNoCORSRequestHeaders(headers);74 75 65 return { }; 76 66 } … … 87 77 else 88 78 headers.add(header.key, header.value); 89 90 if (guard == FetchHeaders::Guard::RequestNoCors)91 removePrivilegedNoCORSRequestHeaders(headers);92 93 79 return { }; 94 80 } … … 152 138 } 153 139 154 // https://fetch.spec.whatwg.org/#dom-headers-delete155 140 ExceptionOr<void> FetchHeaders::remove(const String& name) 156 141 { 157 if (!isValidHTTPToken(name)) 158 return Exception { TypeError, makeString("Invalid header name: '", name, "'") }; 159 if (m_guard == FetchHeaders::Guard::Immutable) 160 return Exception { TypeError, "Headers object's guard is 'immutable'"_s }; 161 if (m_guard == FetchHeaders::Guard::Request && isForbiddenHeaderName(name)) 162 return { }; 163 if (m_guard == FetchHeaders::Guard::RequestNoCors && !isNoCORSSafelistedRequestHeaderName(name) && !isPriviledgedNoCORSRequestHeaderName(name)) 164 return { }; 165 if (m_guard == FetchHeaders::Guard::Response && isForbiddenResponseHeaderName(name)) 166 return { }; 167 142 auto canWriteResult = canWriteHeader(name, { }, { }, m_guard); 143 if (canWriteResult.hasException()) 144 return canWriteResult.releaseException(); 145 if (!canWriteResult.releaseReturnValue()) 146 return { }; 168 147 m_headers.remove(name); 169 170 if (m_guard == FetchHeaders::Guard::RequestNoCors)171 removePrivilegedNoCORSRequestHeaders(m_headers);172 173 148 return { }; 174 149 } … … 196 171 if (!canWriteResult.releaseReturnValue()) 197 172 return { }; 198 199 173 m_headers.set(name, normalizedValue); 200 201 if (m_guard == FetchHeaders::Guard::RequestNoCors)202 removePrivilegedNoCORSRequestHeaders(m_headers);203 204 174 return { }; 205 175 } -
trunk/Source/WebCore/Modules/fetch/FetchHeaders.h
r251594 r251710 79 79 Iterator createIterator() { return Iterator { *this }; } 80 80 81 void setInternalHeaders(HTTPHeaderMap&& headers) { m_headers = WTFMove(headers); }82 81 const HTTPHeaderMap& internalHeaders() const { return m_headers; } 83 82 … … 87 86 private: 88 87 FetchHeaders(Guard, HTTPHeaderMap&&); 89 explicitFetchHeaders(const FetchHeaders&);88 FetchHeaders(const FetchHeaders&); 90 89 91 90 Guard m_guard; -
trunk/Source/WebCore/Modules/fetch/FetchRequest.cpp
r251594 r251710 223 223 m_signal->follow(input.m_signal.get()); 224 224 225 if (init.hasMembers()) { 226 auto fillResult = init.headers ? m_headers->fill(*init.headers) : m_headers->fill(input.headers()); 227 if (fillResult.hasException()) 228 return fillResult; 229 } else 230 m_headers->setInternalHeaders(HTTPHeaderMap { input.headers().internalHeaders() }); 225 auto fillResult = init.headers ? m_headers->fill(*init.headers) : m_headers->fill(input.headers()); 226 if (fillResult.hasException()) 227 return fillResult; 231 228 232 229 auto setBodyResult = init.body ? setBody(WTFMove(*init.body)) : setBody(input); -
trunk/Source/WebCore/loader/CrossOriginAccessControl.cpp
r251594 r251710 248 248 } 249 249 250 Optional<ResourceError> validateRangeRequestedFlag(const ResourceRequest& request, const ResourceResponse& response)251 {252 if (response.isRangeRequested() && response.httpStatusCode() == 206 && response.type() == ResourceResponse::Type::Opaque && !request.hasHTTPHeaderField(HTTPHeaderName::Range))253 return ResourceError({ }, 0, response.url(), { }, ResourceError::Type::General);254 return WTF::nullopt;255 }256 257 250 } // namespace WebCore -
trunk/Source/WebCore/loader/CrossOriginAccessControl.h
r251594 r251710 72 72 73 73 WEBCORE_EXPORT Optional<ResourceError> validateCrossOriginResourcePolicy(const SecurityOrigin&, const URL&, const ResourceResponse&); 74 Optional<ResourceError> validateRangeRequestedFlag(const ResourceRequest&, const ResourceResponse&);75 74 76 75 } // namespace WebCore -
trunk/Source/WebCore/loader/SubresourceLoader.cpp
r251623 r251710 352 352 #endif 353 353 354 if (auto error = validateRangeRequestedFlag(request(), response)) {355 RELEASE_LOG_IF_ALLOWED("didReceiveResponse: canceling load because receiving a range requested response for a non-range request (frame = %p, frameLoader = %p, resourceID = %lu)", frame(), frameLoader(), identifier());356 cancel(WTFMove(*error));357 return;358 }359 360 354 // We want redirect responses to be processed through willSendRequestInternal. Exceptions are 361 355 // redirection with no Location headers and fetch in manual redirect mode. Or in rare circumstances, -
trunk/Source/WebCore/loader/cache/CachedResourceLoader.cpp
r251708 r251710 920 920 if (auto error = validateCrossOriginResourcePolicy(*request.origin(), request.resourceRequest().url(), resource->response())) 921 921 return makeUnexpected(WTFMove(*error)); 922 923 if (auto error = validateRangeRequestedFlag(request.resourceRequest(), resource->response()))924 return makeUnexpected(WTFMove(*error));925 922 } 926 923 if (shouldUpdateCachedResourceWithCurrentRequest(*resource, request)) { -
trunk/Source/WebCore/platform/network/HTTPParsers.cpp
r251594 r251710 863 863 } 864 864 865 // Implements <https://fetch.spec.whatwg.org/#no-cors-safelisted-request-header-name>.866 bool isNoCORSSafelistedRequestHeaderName(const String& name)867 {868 HTTPHeaderName headerName;869 if (findHTTPHeaderName(name, headerName)) {870 switch (headerName) {871 case HTTPHeaderName::Accept:872 case HTTPHeaderName::AcceptLanguage:873 case HTTPHeaderName::ContentLanguage:874 case HTTPHeaderName::ContentType:875 return true;876 default:877 break;878 }879 }880 return false;881 }882 883 // Implements <https://fetch.spec.whatwg.org/#privileged-no-cors-request-header-name>.884 bool isPriviledgedNoCORSRequestHeaderName(const String& name)885 {886 return equalLettersIgnoringASCIICase(name, "range");887 }888 889 865 // Implements <https://fetch.spec.whatwg.org/#forbidden-response-header-name>. 890 866 bool isForbiddenResponseHeaderName(const String& name) -
trunk/Source/WebCore/platform/network/HTTPParsers.h
r251594 r251710 97 97 // HTTP Header routine as per https://fetch.spec.whatwg.org/#terminology-headers 98 98 bool isForbiddenHeaderName(const String&); 99 bool isNoCORSSafelistedRequestHeaderName(const String&);100 bool isPriviledgedNoCORSRequestHeaderName(const String&);101 99 bool isForbiddenResponseHeaderName(const String&); 102 100 bool isForbiddenMethod(const String&); -
trunk/Source/WebCore/platform/network/ResourceResponseBase.cpp
r251594 r251710 95 95 data.tainting = m_tainting; 96 96 data.isRedirected = m_isRedirected; 97 data.isRangeRequested = m_isRangeRequested;98 97 99 98 return data; … … 118 117 response.m_tainting = data.tainting; 119 118 response.m_isRedirected = data.isRedirected; 120 response.m_isRangeRequested = data.isRangeRequested;121 119 122 120 return response; -
trunk/Source/WebCore/platform/network/ResourceResponseBase.h
r251594 r251710 69 69 Tainting tainting; 70 70 bool isRedirected; 71 bool isRangeRequested;72 71 }; 73 72 … … 182 181 template<class Decoder> static bool decode(Decoder&, ResourceResponseBase&); 183 182 184 bool isRangeRequested() const { return m_isRangeRequested; }185 void setAsRangeRequested() { m_isRangeRequested = true; }186 187 183 protected: 188 184 enum InitLevel { … … 243 239 Type m_type { Type::Default }; 244 240 Tainting m_tainting { Tainting::Basic }; 245 bool m_isRangeRequested { false };246 241 247 242 protected: … … 279 274 encoder.encodeEnum(m_tainting); 280 275 encoder << m_isRedirected; 281 encoder << m_isRangeRequested;282 276 } 283 277 … … 292 286 return true; 293 287 294 response.m_isNull = false;295 296 288 if (!decoder.decode(response.m_url)) 297 289 return false; … … 327 319 return false; 328 320 response.m_isRedirected = isRedirected; 329 330 bool isRangeRequested = false; 331 if (!decoder.decode(isRangeRequested)) 332 return false; 333 response.m_isRangeRequested = isRangeRequested; 321 response.m_isNull = false; 334 322 335 323 return true; -
trunk/Source/WebKit/ChangeLog
r251709 r251710 1 2019-10-29 Chris Dumez <cdumez@apple.com> 2 3 Unreviewed, rolling out r251594. 4 5 Caused an API test failure 6 7 Reverted changeset: 8 9 "mp4 video element broken with service worker" 10 https://bugs.webkit.org/show_bug.cgi?id=184447 11 https://trac.webkit.org/changeset/251594 12 1 13 2019-10-29 Chris Dumez <cdumez@apple.com> 2 14 -
trunk/Source/WebKit/NetworkProcess/NetworkLoadChecker.cpp
r251594 r251710 102 102 ASSERT(!isChecking()); 103 103 104 auto error = validateResponse(re quest, redirectResponse);104 auto error = validateResponse(redirectResponse); 105 105 if (!error.isNull()) { 106 106 handler(redirectionError(redirectResponse, makeString("Cross-origin redirection to ", redirectRequest.url().string(), " denied by Cross-Origin Resource Sharing policy: ", error.localizedDescription()))); … … 144 144 } 145 145 146 ResourceError NetworkLoadChecker::validateResponse( const ResourceRequest& request,ResourceResponse& response)146 ResourceError NetworkLoadChecker::validateResponse(ResourceResponse& response) 147 147 { 148 148 if (m_redirectCount) … … 158 158 return { }; 159 159 } 160 161 if (request.hasHTTPHeaderField(HTTPHeaderName::Range))162 response.setAsRangeRequested();163 160 164 161 if (m_options.mode == FetchOptions::Mode::NoCors) { -
trunk/Source/WebKit/NetworkProcess/NetworkLoadChecker.h
r251594 r251710 75 75 void checkRedirection(WebCore::ResourceRequest&& request, WebCore::ResourceRequest&& redirectRequest, WebCore::ResourceResponse&& redirectResponse, WebCore::ContentSecurityPolicyClient*, RedirectionValidationHandler&&); 76 76 77 WebCore::ResourceError validateResponse( const WebCore::ResourceRequest&,WebCore::ResourceResponse&);77 WebCore::ResourceError validateResponse(WebCore::ResourceResponse&); 78 78 79 79 void setCSPResponseHeaders(WebCore::ContentSecurityPolicyResponseHeaders&& headers) { m_cspResponseHeaders = WTFMove(headers); } -
trunk/Source/WebKit/NetworkProcess/NetworkResourceLoader.cpp
r251594 r251710 500 500 501 501 if (m_networkLoadChecker) { 502 auto error = m_networkLoadChecker->validateResponse(m_ networkLoad ? m_networkLoad->currentRequest() : originalRequest(), m_response);502 auto error = m_networkLoadChecker->validateResponse(m_response); 503 503 if (!error.isNull()) { 504 504 RunLoop::main().dispatch([protectedThis = makeRef(*this), error = WTFMove(error)] { … … 908 908 } 909 909 if (m_networkLoadChecker) { 910 auto error = m_networkLoadChecker->validateResponse( originalRequest(),response);910 auto error = m_networkLoadChecker->validateResponse(response); 911 911 if (!error.isNull()) { 912 912 didFailLoading(error);
Note: See TracChangeset
for help on using the changeset viewer.