WebKit Bugzilla
Attachment 339118 Details for
Bug 184892
: Use NetworkLoadChecker for navigation loads
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
Patch
bug-184892-20180430095546.patch (text/plain), 25.04 KB, created by
youenn fablet
on 2018-04-30 09:55:47 PDT
(
hide
)
Description:
Patch
Filename:
MIME Type:
Creator:
youenn fablet
Created:
2018-04-30 09:55:47 PDT
Size:
25.04 KB
patch
obsolete
>Subversion Revision: 230995 >diff --git a/Source/WebCore/ChangeLog b/Source/WebCore/ChangeLog >index 2066193eec12cfa333572f23b64f4552202005b6..79dc8cd7382ec3c1e93105bf50d9bf92e6380157 100644 >--- a/Source/WebCore/ChangeLog >+++ b/Source/WebCore/ChangeLog >@@ -1,3 +1,22 @@ >+2018-04-27 Youenn Fablet <youenn@apple.com> >+ >+ Use NetworkLoadChecker for navigation loads >+ https://bugs.webkit.org/show_bug.cgi?id=184892 >+ <rdar://problem/39652686> >+ >+ Reviewed by NOBODY (OOPS!). >+ >+ Sanitize headers according response tainting. >+ If tainting is basic, it means same origin load in which case we only filter Cookie related headers. >+ If tainting is Opaque, we filter all uncommon headers. >+ If tainting is CORS, we filter all uncommon headers except the one explicitely allowed by CORS headers. >+ Covered by updated test. >+ >+ * platform/network/ResourceResponseBase.cpp: >+ (WebCore::ResourceResponseBase::sanitizeHTTPHeaderFieldsAccordingTainting): >+ (WebCore::ResourceResponseBase::sanitizeHTTPHeaderFields): >+ * platform/network/ResourceResponseBase.h: >+ > 2018-04-26 Youenn Fablet <youenn@apple.com> > > Use NetworkLoadChecker for XHR/fetch loads >diff --git a/Source/WebKit/ChangeLog b/Source/WebKit/ChangeLog >index 02215cea044c94d9672f957b6f932b991e05547d..552f00e36c03737c78435896e05eae32c100b5cd 100644 >--- a/Source/WebKit/ChangeLog >+++ b/Source/WebKit/ChangeLog >@@ -1,3 +1,37 @@ >+2018-04-27 Youenn Fablet <youenn@apple.com> >+ >+ Use NetworkLoadChecker for navigation loads >+ https://bugs.webkit.org/show_bug.cgi?id=184892 >+ <rdar://problem/39652686> >+ >+ Reviewed by NOBODY (OOPS!). >+ >+ Compute whether a response is same origin in no-cors case. >+ This allows providing more precise filtering. >+ In case of navigate loads, set the tainting to basic which will make filtering to the minimum. >+ >+ Pass the sourceOrigin for navigation loads as well. >+ Enable to restrict HTTP response access for navigation load. >+ >+ Content Blockers are disabled for now in NetworkLoadChecker for navigation loads. >+ They should be reenabled as a follow-up. >+ >+ Add a specific case to allow any redirection to about:// URLs. >+ While this does not conform with the spec, this keeps the existing WebKit behavior. >+ >+ * NetworkProcess/NetworkLoadChecker.cpp: >+ (WebKit::NetworkLoadChecker::NetworkLoadChecker): >+ (WebKit::NetworkLoadChecker::validateResponse): >+ (WebKit::NetworkLoadChecker::continueCheckingRequest): >+ (WebKit::NetworkLoadChecker::doesNotNeedCORSCheck const): >+ * NetworkProcess/NetworkResourceLoader.cpp: >+ (WebKit::NetworkResourceLoader::sanitizeResponseIfPossible): >+ * WebProcess/Network/WebLoaderStrategy.cpp: >+ (WebKit::WebLoaderStrategy::scheduleLoadFromNetworkProcess): >+ (WebKit::WebLoaderStrategy::isDoingLoadingSecurityChecks const): >+ We only do security checks if this runtime flag is on. >+ * WebProcess/Network/WebLoaderStrategy.h: >+ > 2018-04-26 Youenn Fablet <youenn@apple.com> > > Use NetworkLoadChecker for XHR/fetch loads >diff --git a/Source/WebCore/platform/network/ResourceResponseBase.cpp b/Source/WebCore/platform/network/ResourceResponseBase.cpp >index da83b610961f348f609bba05a945d4a490af651a..7a346785acbfc984f85f2e2d525615b57bb57b72 100644 >--- a/Source/WebCore/platform/network/ResourceResponseBase.cpp >+++ b/Source/WebCore/platform/network/ResourceResponseBase.cpp >@@ -389,6 +389,46 @@ static bool isSafeCrossOriginResponseHeader(HTTPHeaderName name) > || name == HTTPHeaderName::XXSSProtection; > } > >+void ResourceResponseBase::sanitizeHTTPHeaderFieldsAccordingTainting() >+{ >+ switch (m_tainting) { >+ case ResourceResponse::Tainting::Basic: >+ return; >+ case ResourceResponse::Tainting::Cors: { >+ HTTPHeaderMap filteredHeaders; >+ for (auto& header : m_httpHeaderFields.commonHeaders()) { >+ if (isSafeCrossOriginResponseHeader(header.key)) >+ filteredHeaders.add(header.key, WTFMove(header.value)); >+ } >+ if (auto corsSafeHeaderSet = parseAccessControlAllowList(httpHeaderField(HTTPHeaderName::AccessControlExposeHeaders))) { >+ for (auto& headerName : *corsSafeHeaderSet) { >+ if (!filteredHeaders.contains(headerName)) { >+ auto value = m_httpHeaderFields.get(headerName); >+ if (!value.isNull()) >+ filteredHeaders.add(headerName, value); >+ } >+ } >+ } >+ m_httpHeaderFields = WTFMove(filteredHeaders); >+ return; >+ } >+ case ResourceResponse::Tainting::Opaque: { >+ HTTPHeaderMap filteredHeaders; >+ for (auto& header : m_httpHeaderFields.commonHeaders()) { >+ if (isSafeCrossOriginResponseHeader(header.key)) >+ filteredHeaders.add(header.key, WTFMove(header.value)); >+ } >+ m_httpHeaderFields = WTFMove(filteredHeaders); >+ return; >+ } >+ case ResourceResponse::Tainting::Opaqueredirect: { >+ auto location = httpHeaderField(HTTPHeaderName::Location); >+ m_httpHeaderFields.clear(); >+ m_httpHeaderFields.add(HTTPHeaderName::Location, WTFMove(location)); >+ } >+ } >+} >+ > void ResourceResponseBase::sanitizeHTTPHeaderFields(SanitizationType type) > { > lazyInit(AllFields); >@@ -408,23 +448,8 @@ void ResourceResponseBase::sanitizeHTTPHeaderFields(SanitizationType type) > m_httpHeaderFields.uncommonHeaders().clear(); > return; > } >- case SanitizationType::CrossOriginSafe: { >- HTTPHeaderMap filteredHeaders; >- for (auto& header : m_httpHeaderFields.commonHeaders()) { >- if (isSafeCrossOriginResponseHeader(header.key)) >- filteredHeaders.add(header.key, WTFMove(header.value)); >- } >- if (auto corsSafeHeaderSet = parseAccessControlAllowList(httpHeaderField(HTTPHeaderName::AccessControlExposeHeaders))) { >- for (auto& headerName : *corsSafeHeaderSet) { >- if (!filteredHeaders.contains(headerName)) { >- auto value = m_httpHeaderFields.get(headerName); >- if (!value.isNull()) >- filteredHeaders.add(headerName, value); >- } >- } >- } >- m_httpHeaderFields = WTFMove(filteredHeaders); >- } >+ case SanitizationType::CrossOriginSafe: >+ sanitizeHTTPHeaderFieldsAccordingTainting(); > } > } > >diff --git a/Source/WebCore/platform/network/ResourceResponseBase.h b/Source/WebCore/platform/network/ResourceResponseBase.h >index 858faa1b68cab839215b45c6d39f9a78083461e9..0469573024cc21d596eb4905be5ac96f2910c6e9 100644 >--- a/Source/WebCore/platform/network/ResourceResponseBase.h >+++ b/Source/WebCore/platform/network/ResourceResponseBase.h >@@ -199,6 +199,7 @@ protected: > private: > void parseCacheControlDirectives() const; > void updateHeaderParsedState(HTTPHeaderName); >+ void sanitizeHTTPHeaderFieldsAccordingTainting(); > > protected: > bool m_isNull; >diff --git a/Source/WebKit/NetworkProcess/NetworkLoadChecker.cpp b/Source/WebKit/NetworkProcess/NetworkLoadChecker.cpp >index 919b31b07e04b1e50d3bf580acb4e0b1d6f38037..b615fe0e974013ac9781ecafe382809cb360a0ff 100644 >--- a/Source/WebKit/NetworkProcess/NetworkLoadChecker.cpp >+++ b/Source/WebKit/NetworkProcess/NetworkLoadChecker.cpp >@@ -43,6 +43,11 @@ namespace WebKit { > > using namespace WebCore; > >+static inline bool isSameOrigin(const URL& url, const SecurityOrigin* origin) >+{ >+ return url.protocolIsData() || url.protocolIsBlob() || !origin || origin->canRequest(url); >+} >+ > NetworkLoadChecker::NetworkLoadChecker(WebCore::FetchOptions&& options, PAL::SessionID sessionID, WebCore::HTTPHeaderMap&& originalRequestHeaders, URL&& url, RefPtr<SecurityOrigin>&& sourceOrigin, PreflightPolicy preflightPolicy) > : m_options(WTFMove(options)) > , m_sessionID(sessionID) >@@ -51,8 +56,7 @@ NetworkLoadChecker::NetworkLoadChecker(WebCore::FetchOptions&& options, PAL::Ses > , m_origin(WTFMove(sourceOrigin)) > , m_preflightPolicy(preflightPolicy) > { >- if (m_options.mode == FetchOptions::Mode::Cors || m_options.mode == FetchOptions::Mode::SameOrigin) >- m_isSameOriginRequest = m_url.protocolIsData() || m_url.protocolIsBlob() || m_origin->canRequest(m_url); >+ m_isSameOriginRequest = isSameOrigin(m_url, m_origin.get()); > switch (options.credentials) { > case FetchOptions::Credentials::Include: > m_storedCredentialsPolicy = StoredCredentialsPolicy::Use; >@@ -128,7 +132,7 @@ ResourceError NetworkLoadChecker::validateResponse(ResourceResponse& response) > return { }; > } > >- if (m_isSameOriginRequest) { >+ if (m_options.mode == FetchOptions::Mode::Navigate || m_isSameOriginRequest) { > response.setTainting(ResourceResponse::Tainting::Basic); > return { }; > } >@@ -188,6 +192,8 @@ void NetworkLoadChecker::continueCheckingRequest(ResourceRequest&& request, Vali > if (m_options.credentials == FetchOptions::Credentials::SameOrigin) > m_storedCredentialsPolicy = (m_isSameOriginRequest && m_origin->canRequest(request.url())) ? StoredCredentialsPolicy::Use : StoredCredentialsPolicy::DoNotUse; > >+ m_isSameOriginRequest = isSameOrigin(request.url(), m_origin.get()); >+ > if (doesNotNeedCORSCheck(request.url())) { > handler(WTFMove(request)); > return; >@@ -301,7 +307,7 @@ bool NetworkLoadChecker::doesNotNeedCORSCheck(const URL& url) const > if (!SchemeRegistry::shouldTreatURLSchemeAsCORSEnabled(url.protocol().toStringWithoutCopying())) > return true; > >- return m_isSameOriginRequest && m_origin->canRequest(url); >+ return m_isSameOriginRequest; > } > > ContentSecurityPolicy* NetworkLoadChecker::contentSecurityPolicy() const >@@ -316,7 +322,8 @@ ContentSecurityPolicy* NetworkLoadChecker::contentSecurityPolicy() const > #if ENABLE(CONTENT_EXTENSIONS) > void NetworkLoadChecker::processContentExtensionRulesForLoad(ResourceRequest&& request, CompletionHandler<void(WebCore::ResourceRequest&&, const ContentExtensions::BlockedStatus&)>&& callback) > { >- if (!m_userContentControllerIdentifier) { >+ // FIXME: Enable content blockers for navigation loads. >+ if (!m_userContentControllerIdentifier || m_options.mode == FetchOptions::Mode::Navigate) { > ContentExtensions::BlockedStatus status; > callback(WTFMove(request), status); > return; >diff --git a/Source/WebKit/NetworkProcess/NetworkResourceLoader.cpp b/Source/WebKit/NetworkProcess/NetworkResourceLoader.cpp >index 5289943004c7e2d988b412c4aa1f4cd60f9ea501..2b96648ce597547c9e8d1b01694d2407795a5d89 100644 >--- a/Source/WebKit/NetworkProcess/NetworkResourceLoader.cpp >+++ b/Source/WebKit/NetworkProcess/NetworkResourceLoader.cpp >@@ -600,24 +600,17 @@ void NetworkResourceLoader::continueWillSendRedirectedRequest(WebCore::ResourceR > > ResourceResponse NetworkResourceLoader::sanitizeResponseIfPossible(ResourceResponse&& response, ResourceResponse::SanitizationType type) > { >- if (m_parameters.shouldRestrictHTTPResponseAccess) { >- if (type == ResourceResponse::SanitizationType::CrossOriginSafe) { >- // We reduce filtering when it would otherwise be visible to scripts. >- // FIXME: We should use response tainting once computed in Network Process. >- bool isSameOrigin = m_parameters.sourceOrigin ? m_parameters.sourceOrigin->canRequest(response.url()) : protocolHostAndPortAreEqual(response.url(), m_parameters.request.url()); >- if (isSameOrigin && m_parameters.options.destination == FetchOptions::Destination::EmptyString) >- type = ResourceResponse::SanitizationType::RemoveCookies; >- } >+ if (m_parameters.shouldRestrictHTTPResponseAccess) > response.sanitizeHTTPHeaderFields(type); >- } >+ > return WTFMove(response); > } > > void NetworkResourceLoader::continueWillSendRequest(ResourceRequest&& newRequest, bool isAllowedToAskUserForCredentials) > { > if (m_networkLoadChecker) { >- // FIXME: We should be doing this check when receiving the redirection. >- if (!newRequest.url().protocolIsInHTTPFamily() && m_redirectCount) { >+ // FIXME: We should be doing this check when receiving the redirection and not allow about protocol as per fetch spec. >+ if (!newRequest.url().protocolIsInHTTPFamily() && !newRequest.url().protocolIs("about") && m_redirectCount) { > didFailLoading(ResourceError { String { }, 0, newRequest.url(), ASCIILiteral("Redirection to URL with a scheme that is not HTTP(S)"), ResourceError::Type::AccessControl }); > return; > } >diff --git a/Source/WebKit/WebProcess/Network/WebLoaderStrategy.cpp b/Source/WebKit/WebProcess/Network/WebLoaderStrategy.cpp >index 86b9509f44290ccae2ff33a9ef985686902557df..f46d57c3e0695e60c63226b7ab13178208fcfd69 100644 >--- a/Source/WebKit/WebProcess/Network/WebLoaderStrategy.cpp >+++ b/Source/WebKit/WebProcess/Network/WebLoaderStrategy.cpp >@@ -301,20 +301,20 @@ void WebLoaderStrategy::scheduleLoadFromNetworkProcess(ResourceLoader& resourceL > } > #endif > >+ // FIXME: All loaders should provide their origin if navigation mode is cors/no-cors/same-origin. >+ // As a temporary approach, we use the document origin if available or the HTTP Origin header otherwise. >+ if (resourceLoader.isSubresourceLoader()) >+ loadParameters.sourceOrigin = static_cast<SubresourceLoader&>(resourceLoader).origin(); >+ >+ if (!loadParameters.sourceOrigin && document) >+ loadParameters.sourceOrigin = &document->securityOrigin(); >+ if (!loadParameters.sourceOrigin) { >+ auto origin = request.httpOrigin(); >+ if (!origin.isNull()) >+ loadParameters.sourceOrigin = SecurityOrigin::createFromString(origin); >+ } >+ > if (loadParameters.options.mode != FetchOptions::Mode::Navigate) { >- // FIXME: All loaders should provide their origin if navigation mode is cors/no-cors/same-origin. >- // As a temporary approach, we use the document origin if available or the HTTP Origin header otherwise. >- if (resourceLoader.isSubresourceLoader()) >- loadParameters.sourceOrigin = static_cast<SubresourceLoader&>(resourceLoader).origin(); >- >- auto* document = resourceLoader.frame() ? resourceLoader.frame()->document() : nullptr; >- if (!loadParameters.sourceOrigin && document) >- loadParameters.sourceOrigin = &document->securityOrigin(); >- if (!loadParameters.sourceOrigin) { >- auto origin = request.httpOrigin(); >- if (!origin.isNull()) >- loadParameters.sourceOrigin = SecurityOrigin::createFromString(origin); >- } > ASSERT(loadParameters.sourceOrigin); > if (!loadParameters.sourceOrigin) { > scheduleInternallyFailedLoad(resourceLoader); >@@ -322,8 +322,7 @@ void WebLoaderStrategy::scheduleLoadFromNetworkProcess(ResourceLoader& resourceL > } > } > >- // FIXME: We should also sanitize redirect response for navigations. >- loadParameters.shouldRestrictHTTPResponseAccess = RuntimeEnabledFeatures::sharedFeatures().restrictedHTTPResponseAccess() && resourceLoader.options().mode != FetchOptions::Mode::Navigate; >+ loadParameters.shouldRestrictHTTPResponseAccess = RuntimeEnabledFeatures::sharedFeatures().restrictedHTTPResponseAccess(); > > bool isMainFrameNavigation = resourceLoader.frame() && resourceLoader.frame()->isMainFrame() && resourceLoader.options().mode == FetchOptions::Mode::Navigate; > >@@ -663,4 +662,9 @@ NetworkLoadMetrics WebLoaderStrategy::networkMetricsFromResourceLoadIdentifier(u > return networkMetrics; > } > >+bool WebLoaderStrategy::isDoingLoadingSecurityChecks() const >+{ >+ return RuntimeEnabledFeatures::sharedFeatures().restrictedHTTPResponseAccess(); >+} >+ > } // namespace WebKit >diff --git a/Source/WebKit/WebProcess/Network/WebLoaderStrategy.h b/Source/WebKit/WebProcess/Network/WebLoaderStrategy.h >index 65786330c2a8bcce174ae499488522df8e3e9524..14814a92e794fdbf7f88084073a62e45c2aadebb 100644 >--- a/Source/WebKit/WebProcess/Network/WebLoaderStrategy.h >+++ b/Source/WebKit/WebProcess/Network/WebLoaderStrategy.h >@@ -83,8 +83,6 @@ public: > void addOnlineStateChangeListener(Function<void(bool)>&&) final; > void setOnLineState(bool); > >- bool isDoingLoadingSecurityChecks() const final { return true; } >- > private: > void scheduleLoad(WebCore::ResourceLoader&, WebCore::CachedResource*, bool shouldClearReferrerOnHTTPSToHTTPRedirect); > void scheduleInternallyFailedLoad(WebCore::ResourceLoader&); >@@ -95,6 +93,8 @@ private: > WebCore::ResourceResponse responseFromResourceLoadIdentifier(uint64_t resourceLoadIdentifier) final; > WebCore::NetworkLoadMetrics networkMetricsFromResourceLoadIdentifier(uint64_t resourceLoadIdentifier) final; > >+ bool isDoingLoadingSecurityChecks() const final; >+ > HashSet<RefPtr<WebCore::ResourceLoader>> m_internallyFailedResourceLoaders; > RunLoop::Timer<WebLoaderStrategy> m_internallyFailedLoadTimer; > >diff --git a/LayoutTests/ChangeLog b/LayoutTests/ChangeLog >index 84474f93ba45aca9ecad434fbec146691593b3a8..5a86f20cc1d8d408e3d7491518a802b30f84f082 100644 >--- a/LayoutTests/ChangeLog >+++ b/LayoutTests/ChangeLog >@@ -1,3 +1,18 @@ >+2018-04-27 Youenn Fablet <youenn@apple.com> >+ >+ Use NetworkLoadChecker for navigation loads >+ https://bugs.webkit.org/show_bug.cgi?id=184892 >+ <rdar://problem/39652686> >+ >+ Reviewed by NOBODY (OOPS!). >+ >+ Updated header-filtering.https.html to expect full headers except cookie-related for same origin loads. >+ Updated expected.txt files accordingly. >+ >+ * http/wpt/service-workers/header-filtering.https-expected.txt: >+ * http/wpt/service-workers/header-filtering.https.html: >+ * platform/mac/http/tests/webarchive/test-preload-resources-expected.txt: >+ > 2018-04-26 Youenn Fablet <youenn@apple.com> > > Use NetworkLoadChecker for XHR/fetch loads >diff --git a/LayoutTests/http/wpt/service-workers/header-filtering.https-expected.txt b/LayoutTests/http/wpt/service-workers/header-filtering.https-expected.txt >index f3cea7922662db6d4ae68b47b44d0e3890fc010e..2f3108aee3de19be35e338c55ed4b21e23391573 100644 >--- a/LayoutTests/http/wpt/service-workers/header-filtering.https-expected.txt >+++ b/LayoutTests/http/wpt/service-workers/header-filtering.https-expected.txt >@@ -1,5 +1,4 @@ > >- > PASS Prepare tests: setup worker and register the client > PASS Prepare tests: Add a frame controlled by service worker > PASS Test same-origin fetch >@@ -8,6 +7,6 @@ PASS Test no-cors cross-origin fetch > PASS Test same-origin script load > PASS Test no-cors script load > PASS Test cors script load >-FAIL Test HTML load assert_array_equals: lengths differ, expected 13 got 17 >+PASS Test HTML load > PASS After tests clean-up > >diff --git a/LayoutTests/http/wpt/service-workers/header-filtering.https.html b/LayoutTests/http/wpt/service-workers/header-filtering.https.html >index e6b39bde92d0c56ddefa73d4b473e60d23075142..f3d1bd0be460f7b83b6f032e28492f1b6017a6b2 100644 >--- a/LayoutTests/http/wpt/service-workers/header-filtering.https.html >+++ b/LayoutTests/http/wpt/service-workers/header-filtering.https.html >@@ -93,7 +93,7 @@ promise_test(async (test) => { > frame.contentWindow.fetch(url2 + "?fetch-no-cors", { mode : "no-cors" }); > assert_array_equals(await data, ["Access-Control-Allow-Credentials","Access-Control-Allow-Methods","Access-Control-Allow-Origin", > "Access-Control-Expose-Headers","Cache-Control","Content-Length","Content-Type","Date","Referrer-Policy", >- "SourceMap","Timing-Allow-Origin","X-SourceMap","x-Header1"]); >+ "SourceMap","Timing-Allow-Origin","X-SourceMap"]); > }, "Test no-cors cross-origin fetch"); > > promise_test(async (test) => { >@@ -105,7 +105,7 @@ promise_test(async (test) => { > frame.contentWindow.loadScript(url1 + "?script"); > assert_array_equals(await data, ["Access-Control-Allow-Credentials","Access-Control-Allow-Methods","Access-Control-Allow-Origin", > "Access-Control-Expose-Headers","Cache-Control","Content-Length","Content-Type","Date","Referrer-Policy", >- "SourceMap","Timing-Allow-Origin","X-SourceMap","x-Header1"]); >+ "Server","SourceMap","Timing-Allow-Origin","X-SourceMap","x-header1","x-header2"]); > }, "Test same-origin script load"); > > promise_test(async (test) => { >@@ -117,7 +117,7 @@ promise_test(async (test) => { > frame.contentWindow.loadScript(url2 + "?script-nocors"); > assert_array_equals(await data, ["Access-Control-Allow-Credentials","Access-Control-Allow-Methods","Access-Control-Allow-Origin", > "Access-Control-Expose-Headers","Cache-Control","Content-Length","Content-Type","Date","Referrer-Policy", >- "SourceMap","Timing-Allow-Origin","X-SourceMap","x-Header1"]); >+ "SourceMap","Timing-Allow-Origin","X-SourceMap"]); > }, "Test no-cors script load"); > > promise_test(async (test) => { >@@ -141,7 +141,7 @@ promise_test(async (test) => { > let frame = await withFrame(url1 + "?html"); > assert_array_equals(await data, ["Access-Control-Allow-Credentials","Access-Control-Allow-Methods","Access-Control-Allow-Origin", > "Access-Control-Expose-Headers","Cache-Control","Content-Length","Content-Type","Date","Referrer-Policy", >- "SourceMap","Timing-Allow-Origin","X-SourceMap","x-Header1"]); >+ "Server", "SourceMap","Timing-Allow-Origin","X-SourceMap","x-header1", "x-header2"]); > frame.remove(); > }, "Test HTML load"); > >diff --git a/LayoutTests/platform/mac-wk2/TestExpectations b/LayoutTests/platform/mac-wk2/TestExpectations >index 946cbe34f4c262b24d0ddf8e38a97ab9e2e81c3e..a023d5755c2afc36d04a8c8647fe573a3a18f468 100644 >--- a/LayoutTests/platform/mac-wk2/TestExpectations >+++ b/LayoutTests/platform/mac-wk2/TestExpectations >@@ -890,4 +890,3 @@ webkit.org/b/184051 fast/loader/submit-form-while-parsing-2.html [ Pass Timeout > > webkit.org/b/177380 http/tests/cache-storage/cache-records-persistency.https.html [ Pass Failure ] > >-webkit.org/b/184469 http/wpt/service-workers/header-filtering.https.html [ Pass Failure ] >diff --git a/LayoutTests/platform/mac/http/tests/webarchive/test-preload-resources-expected.txt b/LayoutTests/platform/mac/http/tests/webarchive/test-preload-resources-expected.txt >index 43da624c663ceba39f9400d6feafe00056609359..6718fc6286d102afdf5de65301cf16ddf82cdb37 100644 >--- a/LayoutTests/platform/mac/http/tests/webarchive/test-preload-resources-expected.txt >+++ b/LayoutTests/platform/mac/http/tests/webarchive/test-preload-resources-expected.txt >@@ -65,6 +65,8 @@ REGRESSION (35867): Many resources missing when saving webarchive of webkit.org& > <string>"301925-21-45c7d72d3e780"</string> > <key>Last-Modified</key> > <string>Sun, 16 Nov 2008 16:55:00 GMT</string> >+ <key>Server</key> >+ <string>Apache/2.2.9 (Unix) mod_ssl/2.2.9 OpenSSL/0.9.7l PHP/5.2.6</string> > </dict> > <key>expectedContentLength</key> > <integer>33</integer> >@@ -100,6 +102,8 @@ REGRESSION (35867): Many resources missing when saving webarchive of webkit.org& > <string>"301925-21-45c7d72d3e780"</string> > <key>Last-Modified</key> > <string>Sun, 16 Nov 2008 16:55:00 GMT</string> >+ <key>Server</key> >+ <string>Apache/2.2.9 (Unix) mod_ssl/2.2.9 OpenSSL/0.9.7l PHP/5.2.6</string> > </dict> > <key>expectedContentLength</key> > <integer>33</integer> >@@ -135,6 +139,8 @@ REGRESSION (35867): Many resources missing when saving webarchive of webkit.org& > <string>"301925-21-45c7d72d3e780"</string> > <key>Last-Modified</key> > <string>Sun, 16 Nov 2008 16:55:00 GMT</string> >+ <key>Server</key> >+ <string>Apache/2.2.9 (Unix) mod_ssl/2.2.9 OpenSSL/0.9.7l PHP/5.2.6</string> > </dict> > <key>expectedContentLength</key> > <integer>33</integer> >@@ -170,6 +176,8 @@ REGRESSION (35867): Many resources missing when saving webarchive of webkit.org& > <string>"301925-21-45c7d72d3e780"</string> > <key>Last-Modified</key> > <string>Sun, 16 Nov 2008 16:55:00 GMT</string> >+ <key>Server</key> >+ <string>Apache/2.2.9 (Unix) mod_ssl/2.2.9 OpenSSL/0.9.7l PHP/5.2.6</string> > </dict> > <key>expectedContentLength</key> > <integer>33</integer> >@@ -205,6 +213,8 @@ REGRESSION (35867): Many resources missing when saving webarchive of webkit.org& > <string>"301925-21-45c7d72d3e780"</string> > <key>Last-Modified</key> > <string>Sun, 16 Nov 2008 16:55:00 GMT</string> >+ <key>Server</key> >+ <string>Apache/2.2.9 (Unix) mod_ssl/2.2.9 OpenSSL/0.9.7l PHP/5.2.6</string> > </dict> > <key>expectedContentLength</key> > <integer>33</integer> >@@ -240,6 +250,8 @@ REGRESSION (35867): Many resources missing when saving webarchive of webkit.org& > <string>"301925-21-45c7d72d3e780"</string> > <key>Last-Modified</key> > <string>Sun, 16 Nov 2008 16:55:00 GMT</string> >+ <key>Server</key> >+ <string>Apache/2.2.9 (Unix) mod_ssl/2.2.9 OpenSSL/0.9.7l PHP/5.2.6</string> > </dict> > <key>expectedContentLength</key> > <integer>33</integer> >@@ -275,6 +287,8 @@ REGRESSION (35867): Many resources missing when saving webarchive of webkit.org& > <string>"301925-21-45c7d72d3e780"</string> > <key>Last-Modified</key> > <string>Sun, 16 Nov 2008 16:55:00 GMT</string> >+ <key>Server</key> >+ <string>Apache/2.2.9 (Unix) mod_ssl/2.2.9 OpenSSL/0.9.7l PHP/5.2.6</string> > </dict> > <key>expectedContentLength</key> > <integer>33</integer>
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=339118">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Formatted Diff
|
Diff
Attachments on
bug 184892
:
338918
|
338935
|
338944
|
339020
|
339033
|
339045
|
339118
|
339121
|
339128
|
339145
|
339327