WebKit Bugzilla
Attachment 340032 Details for
Bug 185443
: REGRESSION (r231479): http/tests/appcache/x-frame-options-prevents-framing.php is timing out
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
Patch
bug-185443-20180509144301.patch (text/plain), 2.30 KB, created by
Daniel Bates
on 2018-05-09 14:43:02 PDT
(
hide
)
Description:
Patch
Filename:
MIME Type:
Creator:
Daniel Bates
Created:
2018-05-09 14:43:02 PDT
Size:
2.30 KB
patch
obsolete
>Subversion Revision: 231593 >diff --git a/Source/WebCore/ChangeLog b/Source/WebCore/ChangeLog >index 61dba87b173c25b98259224e13c1e63e39e40b05..6e66af9b32428767eb85aa9392234730c9292832 100644 >--- a/Source/WebCore/ChangeLog >+++ b/Source/WebCore/ChangeLog >@@ -1,3 +1,20 @@ >+2018-05-09 Daniel Bates <dabates@apple.com> >+ >+ REGRESSION (r231479): http/tests/appcache/x-frame-options-prevents-framing.php is timing out >+ https://bugs.webkit.org/show_bug.cgi?id=185443 >+ <rdar://problem/40100660> >+ >+ Reviewed by NOBODY (OOPS!). >+ >+ Following r231479 when using WebKit2 and Restricted HTTP Response Access is enabled (enabled in >+ WebKitTestRunner) we only check the CSP frame-ancestors directive and X-Frame-Options in >+ NetworkProcess. We need to check these security requirements in WebContent process whenever >+ we are performing a substitute data load, such as for app cache, as these loads do not go >+ through NetworkProcess. >+ >+ * loader/DocumentLoader.cpp: >+ (WebCore::DocumentLoader::responseReceived): >+ > 2018-05-09 Justin Fan <justin_fan@apple.com> > > Hooked up ASTC support in WebGL; requires OpenGL ES 3 context to work. >diff --git a/Source/WebCore/loader/DocumentLoader.cpp b/Source/WebCore/loader/DocumentLoader.cpp >index bd8e4b4d1c279823dab4063b07eb95c038b9b312..2e2b7638136722868421815b92c74e30c18af870 100644 >--- a/Source/WebCore/loader/DocumentLoader.cpp >+++ b/Source/WebCore/loader/DocumentLoader.cpp >@@ -768,7 +768,7 @@ void DocumentLoader::responseReceived(const ResourceResponse& response, Completi > unsigned long identifier = m_identifierForLoadWithoutResourceLoader ? m_identifierForLoadWithoutResourceLoader : m_mainResource->identifier(); > ASSERT(identifier); > >- if (!m_frame->settings().networkProcessCSPFrameAncestorsCheckingEnabled() || !RuntimeEnabledFeatures::sharedFeatures().restrictedHTTPResponseAccess()) { >+ if (m_substituteData.isValid() || !m_frame->settings().networkProcessCSPFrameAncestorsCheckingEnabled() || !RuntimeEnabledFeatures::sharedFeatures().restrictedHTTPResponseAccess()) { > auto url = response.url(); > ContentSecurityPolicy contentSecurityPolicy(URL { url }, this); > contentSecurityPolicy.didReceiveHeaders(ContentSecurityPolicyResponseHeaders { response }, m_request.httpReferrer());
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=340032">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Flags:
aestes
:
review+
Actions:
View
|
Formatted Diff
|
Diff
Attachments on
bug 185443
: 340032