WebKit Bugzilla
Attachment 340643 Details for
Bug 167112
: HTTP Header values validation is too strict
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
Patch
bug-167112-20180517142926.patch (text/plain), 12.91 KB, created by
youenn fablet
on 2018-05-17 14:29:27 PDT
(
hide
)
Description:
Patch
Filename:
MIME Type:
Creator:
youenn fablet
Created:
2018-05-17 14:29:27 PDT
Size:
12.91 KB
patch
obsolete
>Subversion Revision: 231917 >diff --git a/Source/WebCore/ChangeLog b/Source/WebCore/ChangeLog >index 41d9b538d5c4e4984e42b62de76ff99ae8a6ee12..5dfcdc5b0d6f63ff7e27126c9fa553d72b4832c2 100644 >--- a/Source/WebCore/ChangeLog >+++ b/Source/WebCore/ChangeLog >@@ -1,3 +1,19 @@ >+2018-05-17 Youenn Fablet <youenn@apple.com> >+ >+ HTTP Header values validation is too strict >+ https://bugs.webkit.org/show_bug.cgi?id=167112 >+ >+ Reviewed by NOBODY (OOPS!). >+ >+ Moving header values and names from DOMString to ByteString as per spec. >+ Updating WebCore::isValidHTTPHeaderValue as per https://fetch.spec.whatwg.org/#terminology-headers. >+ >+ Covered by rebased and updated tests. >+ Updated test is now also passing in other browsers. >+ >+ * platform/network/HTTPParsers.cpp: >+ (WebCore::isValidHTTPHeaderValue): >+ > 2018-05-17 Wenson Hsieh <wenson_hsieh@apple.com> > > [Extra zoom mode] Disabled adaptations are not reset upon mainframe navigation >diff --git a/Source/WebCore/platform/network/HTTPParsers.cpp b/Source/WebCore/platform/network/HTTPParsers.cpp >index 893905f1f6f80e275d1a9a1705e1c935f469d419..9920339072370a2647940a278d1a57e71bccec0b 100644 >--- a/Source/WebCore/platform/network/HTTPParsers.cpp >+++ b/Source/WebCore/platform/network/HTTPParsers.cpp >@@ -85,7 +85,7 @@ static inline bool skipEquals(const String& str, unsigned &pos) > return skipWhiteSpace(str, pos) && str[pos++] == '=' && skipWhiteSpace(str, pos); > } > >-// True if a value present, incrementing pos to next space or semicolon, if any. >+// True if a value present, incrementing pos to next space or semicolon, if any. > // Note: might return pos == str.length(). > static inline bool skipValue(const String& str, unsigned& pos) > { >@@ -110,7 +110,7 @@ bool isValidReasonPhrase(const String& value) > return true; > } > >-// See RFC 7230, Section 3.2.3. >+// See https://fetch.spec.whatwg.org/#concept-header until RFC 7230 gets fixed. > bool isValidHTTPHeaderValue(const String& value) > { > UChar c = value[0]; >@@ -121,7 +121,8 @@ bool isValidHTTPHeaderValue(const String& value) > return false; > for (unsigned i = 0; i < value.length(); ++i) { > c = value[i]; >- if (c == 0x7F || c > 0xFF || (c < 0x20 && c != '\t')) >+ ASSERT(c <= 0xFF); >+ if (c == 0x00 || c == 0x0A || c == 0x0D) > return false; > } > return true; >diff --git a/LayoutTests/ChangeLog b/LayoutTests/ChangeLog >index 13cfa9e8f17662e47ef5412d4d2aa217cb4f9c4a..7ef27e76ad35a02c1a4d82f9407944976315129c 100644 >--- a/LayoutTests/ChangeLog >+++ b/LayoutTests/ChangeLog >@@ -1,3 +1,12 @@ >+2018-05-17 Youenn Fablet <youenn@apple.com> >+ >+ HTTP Header values validation is too strict >+ https://bugs.webkit.org/show_bug.cgi?id=167112 >+ >+ Reviewed by NOBODY (OOPS!). >+ >+ * http/tests/xmlhttprequest/set-bad-headervalue.html: >+ > 2018-05-17 Carlos Alberto Lopez Perez <clopez@igalia.com> > > [WPE] Implement and enable FULLSCREEN_API >diff --git a/LayoutTests/imported/w3c/ChangeLog b/LayoutTests/imported/w3c/ChangeLog >index a23217ef98c7eb98ad79f951989a00e7c577d08a..cb031363ee44d2ffeadf09b03ced3c7080f3cd31 100644 >--- a/LayoutTests/imported/w3c/ChangeLog >+++ b/LayoutTests/imported/w3c/ChangeLog >@@ -1,3 +1,15 @@ >+2018-05-17 Youenn Fablet <youenn@apple.com> >+ >+ HTTP Header values validation is too strict >+ https://bugs.webkit.org/show_bug.cgi?id=167112 >+ >+ Reviewed by NOBODY (OOPS!). >+ >+ Rebased from WPT repository. >+ >+ * web-platform-tests/fetch/api/headers/header-values-normalize-exptected.txt: Added. >+ * web-platform-tests/fetch/api/headers/header-values-expected.txt: Added. >+ > 2018-05-16 Chris Nardi <cnardi@chromium.org> > > Remove Document#selectedStylesheetSet/preferredStylesheetSet >diff --git a/LayoutTests/http/tests/xmlhttprequest/set-bad-headervalue.html b/LayoutTests/http/tests/xmlhttprequest/set-bad-headervalue.html >index 162f7804a77239c111182f312f9113f18d72e069..8ba303322e61fbfb77324acca28d85471c498187 100644 >--- a/LayoutTests/http/tests/xmlhttprequest/set-bad-headervalue.html >+++ b/LayoutTests/http/tests/xmlhttprequest/set-bad-headervalue.html >@@ -24,12 +24,12 @@ > try_value("t\rt", {name:'SyntaxError'}) > try_value("t\nt", {name:'SyntaxError'}) > try_value("ï¾ï½½ï¾", {name:'TypeError'}) >- try_value("t\bt", {name:'SyntaxError'}) >- try_value("t\vt", {name:'SyntaxError'}) >+ try_value("t\bt") >+ try_value("t\vt") > try_value("t\tt") > try_value("t t") > try_value("\xd0\xa1") >- try_value("\x7f", {name:'SyntaxError'}) >+ try_value("\x7f") > test(function() { > var client = new XMLHttpRequest() > client.open("GET", "...") >diff --git a/LayoutTests/imported/w3c/web-platform-tests/fetch/api/headers/header-values-expected.txt b/LayoutTests/imported/w3c/web-platform-tests/fetch/api/headers/header-values-expected.txt >index 675a84494ae46acce8129a637d66e1e96469852d..0d5533e25c8735f2c87797717299ef099503df8d 100644 >--- a/LayoutTests/imported/w3c/web-platform-tests/fetch/api/headers/header-values-expected.txt >+++ b/LayoutTests/imported/w3c/web-platform-tests/fetch/api/headers/header-values-expected.txt >@@ -5,6 +5,6 @@ PASS XMLHttpRequest with value x%0Ax needs to throw > PASS fetch() with value x%0Ax needs to throw > PASS XMLHttpRequest with value x%0Dx needs to throw > PASS fetch() with value x%0Dx needs to throw >-FAIL XMLHttpRequest with all valid values The string did not match the expected pattern. >-FAIL fetch() with all valid values Type error >+PASS XMLHttpRequest with all valid values >+PASS fetch() with all valid values > >diff --git a/LayoutTests/imported/w3c/web-platform-tests/fetch/api/headers/header-values-normalize-expected.txt b/LayoutTests/imported/w3c/web-platform-tests/fetch/api/headers/header-values-normalize-expected.txt >index 1a63326ce295e59a3cf70f27328d207a2307d2ce..27842294f71f076cd6ef8737dc448d8ca50450c7 100644 >--- a/LayoutTests/imported/w3c/web-platform-tests/fetch/api/headers/header-values-normalize-expected.txt >+++ b/LayoutTests/imported/w3c/web-platform-tests/fetch/api/headers/header-values-normalize-expected.txt >@@ -1,64 +1,64 @@ > > PASS XMLHttpRequest with value %00 > PASS fetch() with value %00 >-FAIL XMLHttpRequest with value %01 The string did not match the expected pattern. >-FAIL fetch() with value %01 promise_test: Unhandled rejection with value: object "TypeError: Type error" >-FAIL XMLHttpRequest with value %02 The string did not match the expected pattern. >-FAIL fetch() with value %02 promise_test: Unhandled rejection with value: object "TypeError: Type error" >-FAIL XMLHttpRequest with value %03 The string did not match the expected pattern. >-FAIL fetch() with value %03 promise_test: Unhandled rejection with value: object "TypeError: Type error" >-FAIL XMLHttpRequest with value %04 The string did not match the expected pattern. >-FAIL fetch() with value %04 promise_test: Unhandled rejection with value: object "TypeError: Type error" >-FAIL XMLHttpRequest with value %05 The string did not match the expected pattern. >-FAIL fetch() with value %05 promise_test: Unhandled rejection with value: object "TypeError: Type error" >-FAIL XMLHttpRequest with value %06 The string did not match the expected pattern. >-FAIL fetch() with value %06 promise_test: Unhandled rejection with value: object "TypeError: Type error" >-FAIL XMLHttpRequest with value %07 The string did not match the expected pattern. >-FAIL fetch() with value %07 promise_test: Unhandled rejection with value: object "TypeError: Type error" >-FAIL XMLHttpRequest with value %08 The string did not match the expected pattern. >-FAIL fetch() with value %08 promise_test: Unhandled rejection with value: object "TypeError: Type error" >+PASS XMLHttpRequest with value %01 >+PASS fetch() with value %01 >+PASS XMLHttpRequest with value %02 >+PASS fetch() with value %02 >+PASS XMLHttpRequest with value %03 >+PASS fetch() with value %03 >+PASS XMLHttpRequest with value %04 >+PASS fetch() with value %04 >+PASS XMLHttpRequest with value %05 >+PASS fetch() with value %05 >+PASS XMLHttpRequest with value %06 >+PASS fetch() with value %06 >+PASS XMLHttpRequest with value %07 >+PASS fetch() with value %07 >+PASS XMLHttpRequest with value %08 >+PASS fetch() with value %08 > PASS XMLHttpRequest with value %09 > PASS fetch() with value %09 > PASS XMLHttpRequest with value %0A > PASS fetch() with value %0A > PASS XMLHttpRequest with value %0D > PASS fetch() with value %0D >-FAIL XMLHttpRequest with value %0E The string did not match the expected pattern. >-FAIL fetch() with value %0E promise_test: Unhandled rejection with value: object "TypeError: Type error" >-FAIL XMLHttpRequest with value %0F The string did not match the expected pattern. >-FAIL fetch() with value %0F promise_test: Unhandled rejection with value: object "TypeError: Type error" >-FAIL XMLHttpRequest with value %10 The string did not match the expected pattern. >-FAIL fetch() with value %10 promise_test: Unhandled rejection with value: object "TypeError: Type error" >-FAIL XMLHttpRequest with value %11 The string did not match the expected pattern. >-FAIL fetch() with value %11 promise_test: Unhandled rejection with value: object "TypeError: Type error" >-FAIL XMLHttpRequest with value %12 The string did not match the expected pattern. >-FAIL fetch() with value %12 promise_test: Unhandled rejection with value: object "TypeError: Type error" >-FAIL XMLHttpRequest with value %13 The string did not match the expected pattern. >-FAIL fetch() with value %13 promise_test: Unhandled rejection with value: object "TypeError: Type error" >-FAIL XMLHttpRequest with value %14 The string did not match the expected pattern. >-FAIL fetch() with value %14 promise_test: Unhandled rejection with value: object "TypeError: Type error" >-FAIL XMLHttpRequest with value %15 The string did not match the expected pattern. >-FAIL fetch() with value %15 promise_test: Unhandled rejection with value: object "TypeError: Type error" >-FAIL XMLHttpRequest with value %16 The string did not match the expected pattern. >-FAIL fetch() with value %16 promise_test: Unhandled rejection with value: object "TypeError: Type error" >-FAIL XMLHttpRequest with value %17 The string did not match the expected pattern. >-FAIL fetch() with value %17 promise_test: Unhandled rejection with value: object "TypeError: Type error" >-FAIL XMLHttpRequest with value %18 The string did not match the expected pattern. >-FAIL fetch() with value %18 promise_test: Unhandled rejection with value: object "TypeError: Type error" >-FAIL XMLHttpRequest with value %19 The string did not match the expected pattern. >-FAIL fetch() with value %19 promise_test: Unhandled rejection with value: object "TypeError: Type error" >-FAIL XMLHttpRequest with value %1A The string did not match the expected pattern. >-FAIL fetch() with value %1A promise_test: Unhandled rejection with value: object "TypeError: Type error" >-FAIL XMLHttpRequest with value %1B The string did not match the expected pattern. >-FAIL fetch() with value %1B promise_test: Unhandled rejection with value: object "TypeError: Type error" >-FAIL XMLHttpRequest with value %1C The string did not match the expected pattern. >-FAIL fetch() with value %1C promise_test: Unhandled rejection with value: object "TypeError: Type error" >-FAIL XMLHttpRequest with value %1D The string did not match the expected pattern. >-FAIL fetch() with value %1D promise_test: Unhandled rejection with value: object "TypeError: Type error" >-FAIL XMLHttpRequest with value %1E The string did not match the expected pattern. >-FAIL fetch() with value %1E promise_test: Unhandled rejection with value: object "TypeError: Type error" >-FAIL XMLHttpRequest with value %1F The string did not match the expected pattern. >-FAIL fetch() with value %1F promise_test: Unhandled rejection with value: object "TypeError: Type error" >+PASS XMLHttpRequest with value %0E >+PASS fetch() with value %0E >+PASS XMLHttpRequest with value %0F >+PASS fetch() with value %0F >+PASS XMLHttpRequest with value %10 >+PASS fetch() with value %10 >+PASS XMLHttpRequest with value %11 >+PASS fetch() with value %11 >+PASS XMLHttpRequest with value %12 >+PASS fetch() with value %12 >+PASS XMLHttpRequest with value %13 >+PASS fetch() with value %13 >+PASS XMLHttpRequest with value %14 >+PASS fetch() with value %14 >+PASS XMLHttpRequest with value %15 >+PASS fetch() with value %15 >+PASS XMLHttpRequest with value %16 >+PASS fetch() with value %16 >+PASS XMLHttpRequest with value %17 >+PASS fetch() with value %17 >+PASS XMLHttpRequest with value %18 >+PASS fetch() with value %18 >+PASS XMLHttpRequest with value %19 >+PASS fetch() with value %19 >+PASS XMLHttpRequest with value %1A >+PASS fetch() with value %1A >+PASS XMLHttpRequest with value %1B >+PASS fetch() with value %1B >+PASS XMLHttpRequest with value %1C >+PASS fetch() with value %1C >+PASS XMLHttpRequest with value %1D >+PASS fetch() with value %1D >+PASS XMLHttpRequest with value %1E >+PASS fetch() with value %1E >+PASS XMLHttpRequest with value %1F >+PASS fetch() with value %1F > PASS XMLHttpRequest with value %20 > PASS fetch() with value %20 >
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=340643">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Formatted Diff
|
Diff
Attachments on
bug 167112
:
299159
|
299160
|
299165
|
299166
|
299167
|
299168
|
299246
|
340629
|
340639
|
340643
|
342114