WebKit Bugzilla
Attachment 340918 Details for
Bug 185849
: NetworkLoadChecker should check cached redirections
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
Patch
bug-185849-20180521161852.patch (text/plain), 16.04 KB, created by
youenn fablet
on 2018-05-21 16:18:53 PDT
(
hide
)
Description:
Patch
Filename:
MIME Type:
Creator:
youenn fablet
Created:
2018-05-21 16:18:53 PDT
Size:
16.04 KB
patch
obsolete
>Subversion Revision: 232025 >diff --git a/Source/WebKit/ChangeLog b/Source/WebKit/ChangeLog >index 0c6056afd860756ceb07b79faaa3e7140c1331b6..19a8c2379c5af6c82b5a11d5c718121021ac9a3d 100644 >--- a/Source/WebKit/ChangeLog >+++ b/Source/WebKit/ChangeLog >@@ -1,3 +1,24 @@ >+2018-05-21 Youenn Fablet <youenn@apple.com> >+ >+ NetworkLoadChecker should check cached redirections >+ https://bugs.webkit.org/show_bug.cgi?id=185849 >+ >+ Reviewed by NOBODY (OOPS!). >+ >+ * NetworkProcess/NetworkLoadChecker.cpp: >+ (WebKit::NetworkLoadChecker::checkRedirection): >+ Set the resource error url as done by WebCore SubresourceLoader. >+ * NetworkProcess/NetworkResourceLoader.cpp: >+ (WebKit::NetworkResourceLoader::retrieveCacheEntry): >+ Pass the resource request to dispatchWillSendRedirectedRequest now needs it. >+ (WebKit::NetworkResourceLoader::willSendRedirectedRequest): >+ Make sure that m_networkLoad is not null before cancelling it since we might be checking a cached redirection. >+ (WebKit::NetworkResourceLoader::continueWillSendRedirectedRequest): >+ Ensure the redirect response is coming from the Network before adding it to the cache. >+ (WebKit::NetworkResourceLoader::dispatchWillSendRequestForCacheEntry): >+ Call willSendRedirectedRequest to make sure the cached redirect is validated. >+ * NetworkProcess/NetworkResourceLoader.h: >+ > 2018-05-21 Sihui Liu <sihui_liu@apple.com> > > Add a diskCacheSizeOverride accessor function on WKContextConfigurationRef >diff --git a/Source/WebKit/NetworkProcess/NetworkLoadChecker.cpp b/Source/WebKit/NetworkProcess/NetworkLoadChecker.cpp >index 0a4d5c11308dfb2863f2ee56fb2bb8c491c7214a..778ed9e36e27a9faea5b94b7943efc545593ce7c 100644 >--- a/Source/WebKit/NetworkProcess/NetworkLoadChecker.cpp >+++ b/Source/WebKit/NetworkProcess/NetworkLoadChecker.cpp >@@ -100,7 +100,7 @@ void NetworkLoadChecker::checkRedirection(ResourceResponse& redirectResponse, Re > auto error = validateResponse(redirectResponse); > if (!error.isNull()) { > auto errorMessage = makeString("Cross-origin redirection to ", request.url().string(), " denied by Cross-Origin Resource Sharing policy: ", error.localizedDescription()); >- handler(makeUnexpected(ResourceError { String { }, 0, request.url(), WTFMove(errorMessage), ResourceError::Type::AccessControl })); >+ handler(makeUnexpected(ResourceError { String { }, 0, redirectResponse.url(), WTFMove(errorMessage), ResourceError::Type::AccessControl })); > return; > } > >diff --git a/Source/WebKit/NetworkProcess/NetworkResourceLoader.cpp b/Source/WebKit/NetworkProcess/NetworkResourceLoader.cpp >index 44a32543adad13b7e0e42fc9846db53a9eae155e..9d836de95d9b61f43c82fc3df98be49210df96cc 100644 >--- a/Source/WebKit/NetworkProcess/NetworkResourceLoader.cpp >+++ b/Source/WebKit/NetworkProcess/NetworkResourceLoader.cpp >@@ -230,7 +230,7 @@ void NetworkResourceLoader::retrieveCacheEntry(const ResourceRequest& request) > } > if (entry->redirectRequest()) { > RELEASE_LOG_IF_ALLOWED("retrieveCacheEntry: Handling redirect (pageID = %" PRIu64 ", frameID = %" PRIu64 ", resourceID = %" PRIu64 ", isMainResource = %d, isSynchronous = %d)", m_parameters.webPageID, m_parameters.webFrameID, m_parameters.identifier, isMainResource(), isSynchronous()); >- loader->dispatchWillSendRequestForCacheEntry(WTFMove(entry)); >+ loader->dispatchWillSendRequestForCacheEntry(WTFMove(request), WTFMove(entry)); > return; > } > if (loader->m_parameters.needsCertificateInfo && !entry->response().certificateInfo()) { >@@ -634,7 +634,8 @@ void NetworkResourceLoader::willSendRedirectedRequest(ResourceRequest&& request, > > if (storedCredentialsPolicy != m_networkLoadChecker->storedCredentialsPolicy()) { > // We need to restart the load to update the session according the new credential policy. >- m_networkLoad->cancel(); >+ if (m_networkLoad) >+ m_networkLoad->cancel(); > auto request = WTFMove(result.value()); > m_networkLoadChecker->prepareRedirectedRequest(request); > >@@ -660,7 +661,7 @@ void NetworkResourceLoader::continueWillSendRedirectedRequest(WebCore::ResourceR > { > ASSERT(!isSynchronous()); > >- if (canUseCachedRedirect(request)) >+ if (redirectResponse.source() == ResourceResponse::Source::Network && canUseCachedRedirect(request)) > m_cache->storeRedirect(request, redirectResponse, redirectRequest); > > if (m_parameters.shouldEnableFromOriginResponseHeader && shouldCancelCrossOriginLoad(redirectResponse, m_parameters.frameAncestorOrigins) && m_networkLoad) { >@@ -903,22 +904,15 @@ void NetworkResourceLoader::validateCacheEntry(std::unique_ptr<NetworkCache::Ent > startNetworkLoad(WTFMove(revalidationRequest), FirstLoad::Yes); > } > >-void NetworkResourceLoader::dispatchWillSendRequestForCacheEntry(std::unique_ptr<NetworkCache::Entry> entry) >+void NetworkResourceLoader::dispatchWillSendRequestForCacheEntry(ResourceRequest&& request, std::unique_ptr<NetworkCache::Entry>&& entry) > { > ASSERT(entry->redirectRequest()); > ASSERT(!m_isWaitingContinueWillSendRequestForCachedRedirect); > > LOG(NetworkCache, "(NetworkProcess) Executing cached redirect"); > >- auto& response = entry->response(); >- if (m_parameters.shouldEnableFromOriginResponseHeader && shouldCancelCrossOriginLoad(response, m_parameters.frameAncestorOrigins) && m_networkLoad) { >- didFailLoading(fromOriginResourceError(response.url())); >- return; >- } >- >- ++m_redirectCount; >- send(Messages::WebResourceLoader::WillSendRequest { *entry->redirectRequest(), sanitizeResponseIfPossible(ResourceResponse { response }, ResourceResponse::SanitizationType::Redirection) }); > m_isWaitingContinueWillSendRequestForCachedRedirect = true; >+ willSendRedirectedRequest(WTFMove(request), ResourceRequest { *entry->redirectRequest() }, ResourceResponse { entry->response() }); > } > > IPC::Connection* NetworkResourceLoader::messageSenderConnection() >diff --git a/Source/WebKit/NetworkProcess/NetworkResourceLoader.h b/Source/WebKit/NetworkProcess/NetworkResourceLoader.h >index 773ca82fc5c84350457ab6968760843806361e4f..0a155d57197f3d16399631c4213077cc1c8a632c 100644 >--- a/Source/WebKit/NetworkProcess/NetworkResourceLoader.h >+++ b/Source/WebKit/NetworkProcess/NetworkResourceLoader.h >@@ -137,7 +137,7 @@ private: > void didRetrieveCacheEntry(std::unique_ptr<NetworkCache::Entry>); > void sendResultForCacheEntry(std::unique_ptr<NetworkCache::Entry>); > void validateCacheEntry(std::unique_ptr<NetworkCache::Entry>); >- void dispatchWillSendRequestForCacheEntry(std::unique_ptr<NetworkCache::Entry>); >+ void dispatchWillSendRequestForCacheEntry(WebCore::ResourceRequest&&, std::unique_ptr<NetworkCache::Entry>&&); > void continueProcessingCachedEntryAfterDidReceiveResponse(std::unique_ptr<NetworkCache::Entry>); > > bool shouldInterruptLoadForXFrameOptions(const String&, const WebCore::URL&); >diff --git a/LayoutTests/ChangeLog b/LayoutTests/ChangeLog >index 8f6a624138c16e6bf425ca81de0908174fb6f8fe..8c03679c27041db20fa83efbaa65ed0342c75b0a 100644 >--- a/LayoutTests/ChangeLog >+++ b/LayoutTests/ChangeLog >@@ -1,3 +1,14 @@ >+2018-05-21 Youenn Fablet <youenn@apple.com> >+ >+ NetworkLoadChecker should check cached redirections >+ https://bugs.webkit.org/show_bug.cgi?id=185849 >+ >+ Reviewed by NOBODY (OOPS!). >+ >+ * http/tests/xmlhttprequest/access-control-and-redirects-async-expected.txt: >+ * http/tests/xmlhttprequest/access-control-and-redirects-expected.txt: >+ * platform/mac-wk1/http/tests/xmlhttprequest/access-control-and-redirects-async-expected.txt: Removed. >+ > 2018-05-21 Jer Noble <jer.noble@apple.com> > > Complete fix for enabling modern EME by default >diff --git a/LayoutTests/http/tests/xmlhttprequest/access-control-and-redirects-async-expected.txt b/LayoutTests/http/tests/xmlhttprequest/access-control-and-redirects-async-expected.txt >index 593f6c62c082a17aa229bcd69b9d0b47bae1fec1..b7fe7446c7e2e630af5e4fcb80a0443460f2e806 100644 >--- a/LayoutTests/http/tests/xmlhttprequest/access-control-and-redirects-async-expected.txt >+++ b/LayoutTests/http/tests/xmlhttprequest/access-control-and-redirects-async-expected.txt >@@ -1,5 +1,5 @@ > CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8000/xmlhttprequest/resources/access-control-basic-allow-star.cgi denied by Cross-Origin Resource Sharing policy: Origin http://127.0.0.1:8000 is not allowed by Access-Control-Allow-Origin. >-CONSOLE MESSAGE: XMLHttpRequest cannot load http://localhost:8000/xmlhttprequest/resources/access-control-basic-allow-star.cgi due to access control checks. >+CONSOLE MESSAGE: XMLHttpRequest cannot load http://localhost:8000/xmlhttprequest/resources/redirect-cors.php?url=http://localhost:8000/xmlhttprequest/resources/access-control-basic-allow-star.cgi due to access control checks. > CONSOLE MESSAGE: Cross-origin redirection to foo://bar.cgi denied by Cross-Origin Resource Sharing policy: URL is either a non-HTTP URL or contains credentials. > CONSOLE MESSAGE: XMLHttpRequest cannot load http://localhost:8000/xmlhttprequest/resources/redirect-cors.php?url=foo://bar.cgi&%20%20access-control-allow-origin=http://127.0.0.1:8000 due to access control checks. > CONSOLE MESSAGE: Preflight response is not successful >diff --git a/LayoutTests/http/tests/xmlhttprequest/access-control-and-redirects-expected.txt b/LayoutTests/http/tests/xmlhttprequest/access-control-and-redirects-expected.txt >index ceca46892ca3db6c7af3ffb15af0e6fc621df765..2f32d7baf1cd13eda1cac43efee66ff7fdd2d490 100644 >--- a/LayoutTests/http/tests/xmlhttprequest/access-control-and-redirects-expected.txt >+++ b/LayoutTests/http/tests/xmlhttprequest/access-control-and-redirects-expected.txt >@@ -1,11 +1,11 @@ > CONSOLE MESSAGE: line 25: Cross-origin redirection to http://127.0.0.1:8000/xmlhttprequest/resources/access-control-basic-allow.cgi denied by Cross-Origin Resource Sharing policy: Origin http://127.0.0.1:8000 is not allowed by Access-Control-Allow-Origin. >-CONSOLE MESSAGE: line 25: XMLHttpRequest cannot load http://127.0.0.1:8000/xmlhttprequest/resources/access-control-basic-allow.cgi due to access control checks. >+CONSOLE MESSAGE: line 25: XMLHttpRequest cannot load http://localhost:8000/resources/redirect.php?url=http://127.0.0.1:8000/xmlhttprequest/resources/access-control-basic-allow.cgi due to access control checks. > CONSOLE MESSAGE: Cross-origin redirection to http://127.0.0.1:8000/xmlhttprequest/resources/access-control-basic-allow.cgi denied by Cross-Origin Resource Sharing policy: Origin http://127.0.0.1:8000 is not allowed by Access-Control-Allow-Origin. >-CONSOLE MESSAGE: XMLHttpRequest cannot load http://127.0.0.1:8000/xmlhttprequest/resources/access-control-basic-allow.cgi due to access control checks. >+CONSOLE MESSAGE: XMLHttpRequest cannot load http://localhost:8000/resources/redirect.php?url=http://127.0.0.1:8000/xmlhttprequest/resources/access-control-basic-allow.cgi due to access control checks. > CONSOLE MESSAGE: line 25: Cross-origin redirection to http://localhost:8000/xmlhttprequest/resources/access-control-basic-allow.cgi denied by Cross-Origin Resource Sharing policy: Origin http://127.0.0.1:8000 is not allowed by Access-Control-Allow-Origin. >-CONSOLE MESSAGE: line 25: XMLHttpRequest cannot load http://localhost:8000/xmlhttprequest/resources/access-control-basic-allow.cgi due to access control checks. >+CONSOLE MESSAGE: line 25: XMLHttpRequest cannot load http://localhost:8000/resources/redirect.php?url=http://localhost:8000/xmlhttprequest/resources/access-control-basic-allow.cgi due to access control checks. > CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8000/xmlhttprequest/resources/access-control-basic-allow.cgi denied by Cross-Origin Resource Sharing policy: Origin http://127.0.0.1:8000 is not allowed by Access-Control-Allow-Origin. >-CONSOLE MESSAGE: XMLHttpRequest cannot load http://localhost:8000/xmlhttprequest/resources/access-control-basic-allow.cgi due to access control checks. >+CONSOLE MESSAGE: XMLHttpRequest cannot load http://localhost:8000/resources/redirect.php?url=http://localhost:8000/xmlhttprequest/resources/access-control-basic-allow.cgi due to access control checks. > Tests that redirects between origins are never allowed, even when access control is involved. > > Per the spec, these test cases should be allowed, but cross-origin redirects are currently unsupported in WebCore. >diff --git a/LayoutTests/platform/mac-wk1/http/tests/xmlhttprequest/access-control-and-redirects-async-expected.txt b/LayoutTests/platform/mac-wk1/http/tests/xmlhttprequest/access-control-and-redirects-async-expected.txt >deleted file mode 100644 >index b7fe7446c7e2e630af5e4fcb80a0443460f2e806..0000000000000000000000000000000000000000 >--- a/LayoutTests/platform/mac-wk1/http/tests/xmlhttprequest/access-control-and-redirects-async-expected.txt >+++ /dev/null >@@ -1,34 +0,0 @@ >-CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8000/xmlhttprequest/resources/access-control-basic-allow-star.cgi denied by Cross-Origin Resource Sharing policy: Origin http://127.0.0.1:8000 is not allowed by Access-Control-Allow-Origin. >-CONSOLE MESSAGE: XMLHttpRequest cannot load http://localhost:8000/xmlhttprequest/resources/redirect-cors.php?url=http://localhost:8000/xmlhttprequest/resources/access-control-basic-allow-star.cgi due to access control checks. >-CONSOLE MESSAGE: Cross-origin redirection to foo://bar.cgi denied by Cross-Origin Resource Sharing policy: URL is either a non-HTTP URL or contains credentials. >-CONSOLE MESSAGE: XMLHttpRequest cannot load http://localhost:8000/xmlhttprequest/resources/redirect-cors.php?url=foo://bar.cgi&%20%20access-control-allow-origin=http://127.0.0.1:8000 due to access control checks. >-CONSOLE MESSAGE: Preflight response is not successful >-CONSOLE MESSAGE: XMLHttpRequest cannot load http://localhost:8000/xmlhttprequest/resources/redirect-cors.php?redirect-preflight=true&%20%20url=http://localhost:8000/xmlhttprequest/resources/access-control-basic-allow-star.cgi&%20%20access-control-allow-origin=* due to access control checks. >-CONSOLE MESSAGE: Request header field x-webkit is not allowed by Access-Control-Allow-Headers. >-CONSOLE MESSAGE: XMLHttpRequest cannot load http://localhost:8000/xmlhttprequest/resources/access-control-basic-allow-star.cgi due to access control checks. >-Tests that asynchronous XMLHttpRequests handle redirects according to the CORS standard. >- >-Testing http://localhost:8000/xmlhttprequest/resources/redirect-cors.php?url=http://localhost:8000/xmlhttprequest/resources/access-control-basic-allow-star.cgi without credentials >-Expecting success: false >-PASS: 0 >-Testing http://localhost:8000/xmlhttprequest/resources/redirect-cors.php?url=http://localhost:8000/xmlhttprequest/resources/access-control-basic-allow-star.cgi& access-control-allow-origin=http://127.0.0.1:8000 without credentials >-Expecting success: true >-PASS: PASS: Cross-domain access allowed. >- >-Testing http://localhost:8000/xmlhttprequest/resources/redirect-cors.php?url=http://username:password@localhost:8000/xmlhttprequest/resources/access-control-basic-allow-star.cgi& access-control-allow-origin=http://127.0.0.1:8000 without credentials >-Expecting success: true >-PASS: PASS: Cross-domain access allowed. >- >-Testing http://localhost:8000/xmlhttprequest/resources/redirect-cors.php?url=foo://bar.cgi& access-control-allow-origin=http://127.0.0.1:8000 without credentials >-Expecting success: false >-PASS: 0 >-Testing http://localhost:8000/xmlhttprequest/resources/redirect-cors.php?redirect-preflight=true& url=http://localhost:8000/xmlhttprequest/resources/access-control-basic-allow-star.cgi& access-control-allow-origin=* without credentials >-Expecting success: false >-PASS: 0 >-Testing http://localhost:8000/xmlhttprequest/resources/redirect-cors.php?redirect-preflight=false& url=http://localhost:8000/xmlhttprequest/resources/access-control-basic-allow-star.cgi& access-control-allow-origin=*& access-control-allow-headers=x-webkit without credentials >-Expecting success: false >-PASS: 0 >-Testing resources/redirect-cors.php?url=http://127.0.0.1:8000/xmlhttprequest/resources/get.txt without credentials >-Expecting success: true >-PASS: PASS >-
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=340918">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Formatted Diff
|
Diff
Attachments on
bug 185849
:
340918
|
340931
|
340934
|
340949
|
340951
|
340991
|
340994
|
341022
|
341050
|
341108