WebKit Bugzilla
Attachment 338844 Details for
Bug 185021
: CORS preflight checker should add a console message when preflight load is blocked
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
Patch
bug-185021-20180425183031.patch (text/plain), 7.59 KB, created by
youenn fablet
on 2018-04-25 18:30:32 PDT
(
hide
)
Description:
Patch
Filename:
MIME Type:
Creator:
youenn fablet
Created:
2018-04-25 18:30:32 PDT
Size:
7.59 KB
patch
obsolete
>Subversion Revision: 230995 >diff --git a/Source/WebCore/ChangeLog b/Source/WebCore/ChangeLog >index ece9e09073555d1198d941c42894b1f30a185ddf..e2f87f783d2e73a8b8c4e68d333ccfd48f4a2165 100644 >--- a/Source/WebCore/ChangeLog >+++ b/Source/WebCore/ChangeLog >@@ -1,3 +1,18 @@ >+2018-04-25 Youenn Fablet <youenn@apple.com> >+ >+ preflight checker should add a console message when preflight load is blocked >+ https://bugs.webkit.org/show_bug.cgi?id=185021 >+ >+ Reviewed by NOBODY (OOPS!). >+ >+ No change of behavior, adding a JS console message when preflight load is blocked. >+ This mirrors what is being done in preflighting done from NetworkProcess. >+ Covered by existing tests. >+ >+ * loader/CrossOriginPreflightChecker.cpp: >+ (WebCore::CrossOriginPreflightChecker::notifyFinished): >+ (WebCore::CrossOriginPreflightChecker::doPreflight): >+ > 2018-04-25 Youenn Fablet <youenn@apple.com> > > Use NetworkLoadChecker for all subresource loads except fetch/XHR >diff --git a/Source/WebCore/loader/CrossOriginPreflightChecker.cpp b/Source/WebCore/loader/CrossOriginPreflightChecker.cpp >index f2c5f5c159ab858b0861e207fe522d8a546ab2c5..9143c0028eeb381cde7bf79ce84da66cf6c53484 100644 >--- a/Source/WebCore/loader/CrossOriginPreflightChecker.cpp >+++ b/Source/WebCore/loader/CrossOriginPreflightChecker.cpp >@@ -92,6 +92,8 @@ void CrossOriginPreflightChecker::notifyFinished(CachedResource& resource) > if (preflightError.isNull() || preflightError.isCancellation() || preflightError.isGeneral()) > preflightError.setType(ResourceError::Type::AccessControl); > >+ if (!preflightError.isTimeout()) >+ m_loader.document().addConsoleMessage(MessageSource::Security, MessageLevel::Error, ASCIILiteral("Preflight request was blocked")); > m_loader.preflightFailure(m_resource->identifier(), preflightError); > return; > } >@@ -140,6 +142,10 @@ void CrossOriginPreflightChecker::doPreflight(DocumentThreadableLoader& loader, > // FIXME:: According fetch, we should just pass the error to the layer above. But this may impact some clients like XHR or EventSource. > if (error.isCancellation() || error.isGeneral()) > error.setType(ResourceError::Type::AccessControl); >+ >+ if (!error.isTimeout()) >+ loader.document().addConsoleMessage(MessageSource::Security, MessageLevel::Error, ASCIILiteral("Preflight request was blocked")); >+ > loader.preflightFailure(identifier, error); > return; > } >diff --git a/LayoutTests/ChangeLog b/LayoutTests/ChangeLog >index 072ffe021e3fc0f4f37d08616962ac6577fcb660..bd486f2d664e2f92d469e58b4ba4256ddf422518 100644 >--- a/LayoutTests/ChangeLog >+++ b/LayoutTests/ChangeLog >@@ -1,3 +1,13 @@ >+2018-04-25 Youenn Fablet <youenn@apple.com> >+ >+ preflight checker should add a console message when preflight load is blocked >+ https://bugs.webkit.org/show_bug.cgi?id=185021 >+ >+ Reviewed by NOBODY (OOPS!). >+ >+ * http/tests/xmlhttprequest/redirect-cross-origin-post-expected.txt: >+ * http/tests/xmlhttprequest/simple-cross-origin-denied-events-post-expected.txt: >+ > 2018-04-25 Youenn Fablet <youenn@apple.com> > > Use NetworkLoadChecker for all subresource loads except fetch/XHR >diff --git a/LayoutTests/imported/w3c/ChangeLog b/LayoutTests/imported/w3c/ChangeLog >index 1fc37eb803282e7192033482e3cd87f3d65dcd73..eb9c94fc903e0a56dc2479aadeea596bd338314e 100644 >--- a/LayoutTests/imported/w3c/ChangeLog >+++ b/LayoutTests/imported/w3c/ChangeLog >@@ -1,3 +1,12 @@ >+2018-04-25 Youenn Fablet <youenn@apple.com> >+ >+ preflight checker should add a console message when preflight load is blocked >+ https://bugs.webkit.org/show_bug.cgi?id=185021 >+ >+ Reviewed by NOBODY (OOPS!). >+ >+ * web-platform-tests/XMLHttpRequest/send-authentication-basic-cors-expected.txt: >+ > 2018-04-25 Youenn Fablet <youenn@apple.com> > > Use NetworkLoadChecker for all subresource loads except fetch/XHR >diff --git a/LayoutTests/http/tests/xmlhttprequest/redirect-cross-origin-post-expected.txt b/LayoutTests/http/tests/xmlhttprequest/redirect-cross-origin-post-expected.txt >index 86bb8e15b81da2660120835553d7ba96e53f649f..32ad3d9de588ecf80899b1bab945a765a2ee2688 100644 >--- a/LayoutTests/http/tests/xmlhttprequest/redirect-cross-origin-post-expected.txt >+++ b/LayoutTests/http/tests/xmlhttprequest/redirect-cross-origin-post-expected.txt >@@ -1,5 +1,6 @@ > CONSOLE MESSAGE: Origin http://127.0.0.1:8000 is not allowed by Access-Control-Allow-Origin. > CONSOLE MESSAGE: XMLHttpRequest cannot load http://localhost:8000/xmlhttprequest/resources/reply.xml due to access control checks. >+CONSOLE MESSAGE: Preflight request was blocked > CONSOLE MESSAGE: XMLHttpRequest cannot load http://localhost:7/ due to access control checks. > Test that a cross-origin redirect to a server that responds is indistinguishable from one that does not. Should say PASS: > >diff --git a/LayoutTests/http/tests/xmlhttprequest/simple-cross-origin-denied-events-post-expected.txt b/LayoutTests/http/tests/xmlhttprequest/simple-cross-origin-denied-events-post-expected.txt >index 71921442c3614f885245e152627073f0a0abf3cd..4b5fc358b20b80bd8d52fa7ef892f8212b7ae119 100644 >--- a/LayoutTests/http/tests/xmlhttprequest/simple-cross-origin-denied-events-post-expected.txt >+++ b/LayoutTests/http/tests/xmlhttprequest/simple-cross-origin-denied-events-post-expected.txt >@@ -1,5 +1,6 @@ > CONSOLE MESSAGE: Origin http://127.0.0.1:8000 is not allowed by Access-Control-Allow-Origin. > CONSOLE MESSAGE: XMLHttpRequest cannot load http://localhost:8000/xmlhttprequest/resources/reply.xml due to access control checks. >+CONSOLE MESSAGE: Preflight request was blocked > CONSOLE MESSAGE: XMLHttpRequest cannot load http://localhost:7/ due to access control checks. > Test that a simple cross-origin request to a server that responds (but does not permit cross-origin requests) is indistinguishable from one that does not exist. Should say PASS: > >diff --git a/LayoutTests/imported/w3c/web-platform-tests/XMLHttpRequest/send-authentication-basic-cors-expected.txt b/LayoutTests/imported/w3c/web-platform-tests/XMLHttpRequest/send-authentication-basic-cors-expected.txt >index 8c0bfa246fad440e965e34ac737187d8c6de18c1..b7ec7851e8cf5918f3ce7bd248661621ecde462c 100644 >--- a/LayoutTests/imported/w3c/web-platform-tests/XMLHttpRequest/send-authentication-basic-cors-expected.txt >+++ b/LayoutTests/imported/w3c/web-platform-tests/XMLHttpRequest/send-authentication-basic-cors-expected.txt >@@ -1,3 +1,4 @@ >+CONSOLE MESSAGE: Preflight request was blocked > CONSOLE MESSAGE: XMLHttpRequest cannot load http://www1.localhost:8800/XMLHttpRequest/resources/auth1/corsenabled.py due to access control checks. > > PASS XMLHttpRequest: send() - "Basic" authenticated CORS requests with user name and password passed to open() (asserts failure) >diff --git a/LayoutTests/imported/w3c/web-platform-tests/XMLHttpRequest/send-network-error-async-events.sub-expected.txt b/LayoutTests/imported/w3c/web-platform-tests/XMLHttpRequest/send-network-error-async-events.sub-expected.txt >index bd71159a90bbc3aa111be2133b17fa145ed85061..e7145a97a62f83690cf39f7af36bfae1692880e5 100644 >--- a/LayoutTests/imported/w3c/web-platform-tests/XMLHttpRequest/send-network-error-async-events.sub-expected.txt >+++ b/LayoutTests/imported/w3c/web-platform-tests/XMLHttpRequest/send-network-error-async-events.sub-expected.txt >@@ -1,3 +1,4 @@ >+CONSOLE MESSAGE: Preflight request was blocked > CONSOLE MESSAGE: XMLHttpRequest cannot load http://nonexistent-origin.localhost:8800/ due to access control checks. > > PASS XMLHttpRequest: The send() method: Fire a progress event named error when Network error happens (synchronous flag is unset)
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=338844">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Flags:
ews-watchlist
:
commit-queue-
Actions:
View
|
Formatted Diff
|
Diff
Attachments on
bug 185021
:
338841
|
338842
|
338844
|
338849
|
338851
|
338853
|
338857
|
338860
|
338873
|
338875
|
338882