WebKit Bugzilla
Attachment 341552 Details for
Bug 186080
: Rename CrossOriginResourcePolicy same to same-origin
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
Patch
bug-186080-20180529202155.patch (text/plain), 37.59 KB, created by
youenn fablet
on 2018-05-29 20:21:56 PDT
(
hide
)
Description:
Patch
Filename:
MIME Type:
Creator:
youenn fablet
Created:
2018-05-29 20:21:56 PDT
Size:
37.59 KB
patch
obsolete
>Subversion Revision: 232263 >diff --git a/Source/WebCore/ChangeLog b/Source/WebCore/ChangeLog >index fa5683d81d14c1d03d9887674906f3090b968c2f..63de2d4d654307d67d2dd5e56674177a75425d35 100644 >--- a/Source/WebCore/ChangeLog >+++ b/Source/WebCore/ChangeLog >@@ -1,3 +1,16 @@ >+2018-05-29 Youenn Fablet <youenn@apple.com> >+ >+ Rename CrossOriginResourcePolicy same to same-origin >+ https://bugs.webkit.org/show_bug.cgi?id=186080 >+ >+ Reviewed by NOBODY (OOPS!). >+ >+ Covered by updated tests. >+ >+ * platform/network/HTTPParsers.cpp: >+ (WebCore::parseCrossOriginResourcePolicyHeader): >+ * platform/network/HTTPParsers.h: >+ > 2018-05-27 Youenn Fablet <youenn@apple.com> > > Add a consistency check between URL and CFURL >diff --git a/Source/WebKit/ChangeLog b/Source/WebKit/ChangeLog >index 5365dc48fe03f803001b2c15f302190f5f8d2803..92cff2282de7f2f145ae6c023fa3595ee0f920e1 100644 >--- a/Source/WebKit/ChangeLog >+++ b/Source/WebKit/ChangeLog >@@ -1,3 +1,13 @@ >+2018-05-29 Youenn Fablet <youenn@apple.com> >+ >+ Rename CrossOriginResourcePolicy same to same-origin >+ https://bugs.webkit.org/show_bug.cgi?id=186080 >+ >+ Reviewed by NOBODY (OOPS!). >+ >+ * NetworkProcess/NetworkLoadChecker.cpp: >+ (WebKit::NetworkLoadChecker::shouldCrossOriginResourcePolicyPolicyCancelLoad): >+ > 2018-05-27 Youenn Fablet <youenn@apple.com> > > Add a consistency check between URL and CFURL >diff --git a/Source/WebCore/platform/network/HTTPParsers.cpp b/Source/WebCore/platform/network/HTTPParsers.cpp >index 004d76e32dfb6026b7b21768d48681f2f0b17ff3..e376e6e32ce5e173698e67c0001904b129fde793 100644 >--- a/Source/WebCore/platform/network/HTTPParsers.cpp >+++ b/Source/WebCore/platform/network/HTTPParsers.cpp >@@ -904,8 +904,8 @@ CrossOriginResourcePolicy parseCrossOriginResourcePolicyHeader(StringView header > if (strippedHeader.isEmpty()) > return CrossOriginResourcePolicy::None; > >- if (equalLettersIgnoringASCIICase(strippedHeader, "same")) >- return CrossOriginResourcePolicy::Same; >+ if (equalLettersIgnoringASCIICase(strippedHeader, "same-origin")) >+ return CrossOriginResourcePolicy::SameOrigin; > > if (equalLettersIgnoringASCIICase(strippedHeader, "same-site")) > return CrossOriginResourcePolicy::SameSite; >diff --git a/Source/WebCore/platform/network/HTTPParsers.h b/Source/WebCore/platform/network/HTTPParsers.h >index bdb1d17c10c492b892cb0eb9035afdaf13528442..7452fdc8c0c79f1c818fdb176c231ec5fa5e5ec2 100644 >--- a/Source/WebCore/platform/network/HTTPParsers.h >+++ b/Source/WebCore/platform/network/HTTPParsers.h >@@ -66,7 +66,7 @@ enum XFrameOptionsDisposition { > > enum class CrossOriginResourcePolicy { > None, >- Same, >+ SameOrigin, > SameSite, > Invalid > }; >diff --git a/Source/WebKit/NetworkProcess/NetworkLoadChecker.cpp b/Source/WebKit/NetworkProcess/NetworkLoadChecker.cpp >index 516e0c7345ee159c41722349441ccf57ecaa8892..1d2bb0c66eb0cbb2d649322ffa7ff69c33d14d97 100644 >--- a/Source/WebKit/NetworkProcess/NetworkLoadChecker.cpp >+++ b/Source/WebKit/NetworkProcess/NetworkLoadChecker.cpp >@@ -141,7 +141,7 @@ bool NetworkLoadChecker::shouldCrossOriginResourcePolicyPolicyCancelLoad(const R > case CrossOriginResourcePolicy::None: > case CrossOriginResourcePolicy::Invalid: > return false; >- case CrossOriginResourcePolicy::Same: >+ case CrossOriginResourcePolicy::SameOrigin: > return true; > case CrossOriginResourcePolicy::SameSite: { > #if ENABLE(PUBLIC_SUFFIX_LIST) >diff --git a/Tools/ChangeLog b/Tools/ChangeLog >index 6b5c474e43c0e4f13443c2b42651bad670b92142..6b15b05c1487ac4e9213dd308994da93638dd9a3 100644 >--- a/Tools/ChangeLog >+++ b/Tools/ChangeLog >@@ -1,3 +1,13 @@ >+2018-05-29 Youenn Fablet <youenn@apple.com> >+ >+ Rename CrossOriginResourcePolicy same to same-origin >+ https://bugs.webkit.org/show_bug.cgi?id=186080 >+ >+ Reviewed by NOBODY (OOPS!). >+ >+ * TestWebKitAPI/Tests/WebCore/HTTPParsers.cpp: >+ (TestWebKitAPI::TEST): >+ > 2018-05-29 Youenn Fablet <youenn@apple.com> > > Add a consistency check between URL and CFURL >diff --git a/Tools/TestWebKitAPI/Tests/WebCore/HTTPParsers.cpp b/Tools/TestWebKitAPI/Tests/WebCore/HTTPParsers.cpp >index c40b565666aeb52e277e8eab187bbf15ab26f31a..7f18f3d3e35f0096a42b85be478efc6e6a52c684 100644 >--- a/Tools/TestWebKitAPI/Tests/WebCore/HTTPParsers.cpp >+++ b/Tools/TestWebKitAPI/Tests/WebCore/HTTPParsers.cpp >@@ -37,17 +37,18 @@ TEST(HTTPParsers, ParseCrossOriginResourcePolicyHeader) > EXPECT_TRUE(parseCrossOriginResourcePolicyHeader("") == CrossOriginResourcePolicy::None); > EXPECT_TRUE(parseCrossOriginResourcePolicyHeader(" ") == CrossOriginResourcePolicy::None); > >- EXPECT_TRUE(parseCrossOriginResourcePolicyHeader("same") == CrossOriginResourcePolicy::Same); >- EXPECT_TRUE(parseCrossOriginResourcePolicyHeader("Same") == CrossOriginResourcePolicy::Same); >- EXPECT_TRUE(parseCrossOriginResourcePolicyHeader("SAME") == CrossOriginResourcePolicy::Same); >- EXPECT_TRUE(parseCrossOriginResourcePolicyHeader(" same ") == CrossOriginResourcePolicy::Same); >+ EXPECT_TRUE(parseCrossOriginResourcePolicyHeader("same-origin") == CrossOriginResourcePolicy::SameOrigin); >+ EXPECT_TRUE(parseCrossOriginResourcePolicyHeader("Same-Origin") == CrossOriginResourcePolicy::SameOrigin); >+ EXPECT_TRUE(parseCrossOriginResourcePolicyHeader("SAME-ORIGIN") == CrossOriginResourcePolicy::SameOrigin); >+ EXPECT_TRUE(parseCrossOriginResourcePolicyHeader(" same-orIGIN ") == CrossOriginResourcePolicy::SameOrigin); > > EXPECT_TRUE(parseCrossOriginResourcePolicyHeader("same-site") == CrossOriginResourcePolicy::SameSite); > EXPECT_TRUE(parseCrossOriginResourcePolicyHeader("Same-Site") == CrossOriginResourcePolicy::SameSite); > EXPECT_TRUE(parseCrossOriginResourcePolicyHeader("SAME-SITE") == CrossOriginResourcePolicy::SameSite); > EXPECT_TRUE(parseCrossOriginResourcePolicyHeader(" same-site ") == CrossOriginResourcePolicy::SameSite); > >- EXPECT_TRUE(parseCrossOriginResourcePolicyHeader("zame") == CrossOriginResourcePolicy::Invalid); >+ EXPECT_TRUE(parseCrossOriginResourcePolicyHeader("SameOrigin") == CrossOriginResourcePolicy::Invalid); >+ EXPECT_TRUE(parseCrossOriginResourcePolicyHeader("zameorigin") == CrossOriginResourcePolicy::Invalid); > EXPECT_TRUE(parseCrossOriginResourcePolicyHeader("samesite") == CrossOriginResourcePolicy::Invalid); > EXPECT_TRUE(parseCrossOriginResourcePolicyHeader("same site") == CrossOriginResourcePolicy::Invalid); > EXPECT_TRUE(parseCrossOriginResourcePolicyHeader("sameâsite") == CrossOriginResourcePolicy::Invalid); >diff --git a/LayoutTests/ChangeLog b/LayoutTests/ChangeLog >index 2d4ecbe31cd40da170aa132f8ad69ccef6070634..da391209cb8417770fdc423a2e0f5a65615cc7f8 100644 >--- a/LayoutTests/ChangeLog >+++ b/LayoutTests/ChangeLog >@@ -1,3 +1,21 @@ >+2018-05-29 Youenn Fablet <youenn@apple.com> >+ >+ Rename CrossOriginResourcePolicy same to same-origin >+ https://bugs.webkit.org/show_bug.cgi?id=186080 >+ >+ Reviewed by NOBODY (OOPS!). >+ >+ * http/wpt/cross-origin-resource-policy/fetch-expected.txt: >+ * http/wpt/cross-origin-resource-policy/fetch-in-iframe-expected.txt: >+ * http/wpt/cross-origin-resource-policy/fetch-in-iframe.html: >+ * http/wpt/cross-origin-resource-policy/fetch.html: >+ * http/wpt/cross-origin-resource-policy/iframe-loads-expected.txt: >+ * http/wpt/cross-origin-resource-policy/iframe-loads.html: >+ * http/wpt/cross-origin-resource-policy/image-loads-expected.txt: >+ * http/wpt/cross-origin-resource-policy/image-loads.html: >+ * http/wpt/cross-origin-resource-policy/script-loads-expected.txt: >+ * http/wpt/cross-origin-resource-policy/script-loads.html: >+ > 2018-05-29 Nan Wang <n_wang@apple.com> > > AX: setValue on contenteditable should preserve whitespace >diff --git a/LayoutTests/http/wpt/cross-origin-resource-policy/fetch-expected.txt b/LayoutTests/http/wpt/cross-origin-resource-policy/fetch-expected.txt >index 32334985ab7a5a0e01e70c6e98b175e803a017de..fa170abd0073dd1b8a55ac8ee9cb937e5f3a2114 100644 >--- a/LayoutTests/http/wpt/cross-origin-resource-policy/fetch-expected.txt >+++ b/LayoutTests/http/wpt/cross-origin-resource-policy/fetch-expected.txt >@@ -1,26 +1,26 @@ >-CONSOLE MESSAGE: Cancelled load to http://127.0.0.1:8800/WebKit/cross-origin-resource-policy/resources/hello.py?corp=same because it violates the resource's Cross-Origin-Resource-Policy response header. >-CONSOLE MESSAGE: Fetch API cannot load http://127.0.0.1:8800/WebKit/cross-origin-resource-policy/resources/hello.py?corp=same due to access control checks. >+CONSOLE MESSAGE: Cancelled load to http://127.0.0.1:8800/WebKit/cross-origin-resource-policy/resources/hello.py?corp=same-origin because it violates the resource's Cross-Origin-Resource-Policy response header. >+CONSOLE MESSAGE: Fetch API cannot load http://127.0.0.1:8800/WebKit/cross-origin-resource-policy/resources/hello.py?corp=same-origin due to access control checks. > CONSOLE MESSAGE: Cancelled load to http://127.0.0.1:8800/WebKit/cross-origin-resource-policy/resources/hello.py?corp=same-site because it violates the resource's Cross-Origin-Resource-Policy response header. > CONSOLE MESSAGE: Fetch API cannot load http://127.0.0.1:8800/WebKit/cross-origin-resource-policy/resources/hello.py?corp=same-site due to access control checks. >-CONSOLE MESSAGE: Cancelled load to https://localhost:9443/WebKit/cross-origin-resource-policy/resources/hello.py?corp=same because it violates the resource's Cross-Origin-Resource-Policy response header. >-CONSOLE MESSAGE: Fetch API cannot load https://localhost:9443/WebKit/cross-origin-resource-policy/resources/hello.py?corp=same due to access control checks. >-CONSOLE MESSAGE: Cancelled load to http://localhost:8801/WebKit/cross-origin-resource-policy/resources/hello.py?corp=same because it violates the resource's Cross-Origin-Resource-Policy response header. >-CONSOLE MESSAGE: Fetch API cannot load http://localhost:8801/WebKit/cross-origin-resource-policy/resources/hello.py?corp=same due to access control checks. >-CONSOLE MESSAGE: Cancelled load to http://127.0.0.1:8800/WebKit/cross-origin-resource-policy/resources/hello.py?corp=same because it violates the resource's Cross-Origin-Resource-Policy response header. >-CONSOLE MESSAGE: Fetch API cannot load http://127.0.0.1:8800/WebKit/cross-origin-resource-policy/resources/hello.py?corp=same due to access control checks. >-CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8800/WebKit/cross-origin-resource-policy/resources/hello.py?corp=same denied by Cross-Origin Resource Sharing policy: Cancelled load to http://127.0.0.1:8800/WebKit/cross-origin-resource-policy/resources/redirect.py?corp=same&redirectTo=http%3A%2F%2Flocalhost%3A8800%2FWebKit%2Fcross-origin-resource-policy%2Fresources%2Fhello.py%3Fcorp%3Dsame because it violates the resource's Cross-Origin-Resource-Policy response header. >-CONSOLE MESSAGE: Fetch API cannot load http://127.0.0.1:8800/WebKit/cross-origin-resource-policy/resources/redirect.py?corp=same&redirectTo=http%3A%2F%2Flocalhost%3A8800%2FWebKit%2Fcross-origin-resource-policy%2Fresources%2Fhello.py%3Fcorp%3Dsame due to access control checks. >+CONSOLE MESSAGE: Cancelled load to https://localhost:9443/WebKit/cross-origin-resource-policy/resources/hello.py?corp=same-origin because it violates the resource's Cross-Origin-Resource-Policy response header. >+CONSOLE MESSAGE: Fetch API cannot load https://localhost:9443/WebKit/cross-origin-resource-policy/resources/hello.py?corp=same-origin due to access control checks. >+CONSOLE MESSAGE: Cancelled load to http://localhost:8801/WebKit/cross-origin-resource-policy/resources/hello.py?corp=same-origin because it violates the resource's Cross-Origin-Resource-Policy response header. >+CONSOLE MESSAGE: Fetch API cannot load http://localhost:8801/WebKit/cross-origin-resource-policy/resources/hello.py?corp=same-origin due to access control checks. >+CONSOLE MESSAGE: Cancelled load to http://127.0.0.1:8800/WebKit/cross-origin-resource-policy/resources/hello.py?corp=same-origin because it violates the resource's Cross-Origin-Resource-Policy response header. >+CONSOLE MESSAGE: Fetch API cannot load http://127.0.0.1:8800/WebKit/cross-origin-resource-policy/resources/hello.py?corp=same-origin due to access control checks. >+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8800/WebKit/cross-origin-resource-policy/resources/hello.py?corp=same-origin denied by Cross-Origin Resource Sharing policy: Cancelled load to http://127.0.0.1:8800/WebKit/cross-origin-resource-policy/resources/redirect.py?corp=same-origin&redirectTo=http%3A%2F%2Flocalhost%3A8800%2FWebKit%2Fcross-origin-resource-policy%2Fresources%2Fhello.py%3Fcorp%3Dsame-origin because it violates the resource's Cross-Origin-Resource-Policy response header. >+CONSOLE MESSAGE: Fetch API cannot load http://127.0.0.1:8800/WebKit/cross-origin-resource-policy/resources/redirect.py?corp=same-origin&redirectTo=http%3A%2F%2Flocalhost%3A8800%2FWebKit%2Fcross-origin-resource-policy%2Fresources%2Fhello.py%3Fcorp%3Dsame-origin due to access control checks. > >-PASS Same-origin fetch with a 'Cross-Origin-Resource-Policy: same' response header. >+PASS Same-origin fetch with a 'Cross-Origin-Resource-Policy: same-origin' response header. > PASS Same-origin fetch with a 'Cross-Origin-Resource-Policy: same-site' response header. >-PASS Cross-origin cors fetch with a 'Cross-Origin-Resource-Policy: same' response header. >+PASS Cross-origin cors fetch with a 'Cross-Origin-Resource-Policy: same-origin' response header. > PASS Cross-origin cors fetch with a 'Cross-Origin-Resource-Policy: same-site' response header. >-PASS Cross-origin no-cors fetch with a 'Cross-Origin-Resource-Policy: same' response header. >+PASS Cross-origin no-cors fetch with a 'Cross-Origin-Resource-Policy: same-origin' response header. > PASS Cross-origin no-cors fetch with a 'Cross-Origin-Resource-Policy: same-site' response header. > PASS Cross-origin no-cors fetch to a same-site URL with a 'Cross-Origin-Resource-Policy: same-site' response header. >-PASS Cross-origin no-cors fetch to a same-site URL with a 'Cross-Origin-Resource-Policy: same' response header. >+PASS Cross-origin no-cors fetch to a same-site URL with a 'Cross-Origin-Resource-Policy: same-origin' response header. > PASS Valid cross-origin no-cors fetch with a 'Cross-Origin-Resource-Policy: same-site' response header. >-PASS Cross-origin no-cors fetch with a 'Cross-Origin-Resource-Policy: same' response header after a redirection. >-PASS Cross-origin no-cors fetch with a 'Cross-Origin-Resource-Policy: same' response header after a cross-origin redirection. >-PASS Cross-origin no-cors fetch with a 'Cross-Origin-Resource-Policy: same' redirect response header. >+PASS Cross-origin no-cors fetch with a 'Cross-Origin-Resource-Policy: same-origin' response header after a redirection. >+PASS Cross-origin no-cors fetch with a 'Cross-Origin-Resource-Policy: same-origin' response header after a cross-origin redirection. >+PASS Cross-origin no-cors fetch with a 'Cross-Origin-Resource-Policy: same-origin' redirect response header. > >diff --git a/LayoutTests/http/wpt/cross-origin-resource-policy/fetch-in-iframe-expected.txt b/LayoutTests/http/wpt/cross-origin-resource-policy/fetch-in-iframe-expected.txt >index bec578c6292fd17e65253222b5f79602328892c8..a30b7ca16219720af14bb943a5412ac7d03ee14a 100644 >--- a/LayoutTests/http/wpt/cross-origin-resource-policy/fetch-in-iframe-expected.txt >+++ b/LayoutTests/http/wpt/cross-origin-resource-policy/fetch-in-iframe-expected.txt >@@ -1,12 +1,12 @@ >-CONSOLE MESSAGE: Cancelled load to http://localhost:8800/WebKit/cross-origin-resource-policy/resources/hello.py?corp=same because it violates the resource's Cross-Origin-Resource-Policy response header. >-CONSOLE MESSAGE: Fetch API cannot load http://localhost:8800/WebKit/cross-origin-resource-policy/resources/hello.py?corp=same due to access control checks. >+CONSOLE MESSAGE: Cancelled load to http://localhost:8800/WebKit/cross-origin-resource-policy/resources/hello.py?corp=same-origin because it violates the resource's Cross-Origin-Resource-Policy response header. >+CONSOLE MESSAGE: Fetch API cannot load http://localhost:8800/WebKit/cross-origin-resource-policy/resources/hello.py?corp=same-origin due to access control checks. > CONSOLE MESSAGE: Cancelled load to http://localhost:8800/WebKit/cross-origin-resource-policy/resources/hello.py?corp=same-site because it violates the resource's Cross-Origin-Resource-Policy response header. > CONSOLE MESSAGE: Fetch API cannot load http://localhost:8800/WebKit/cross-origin-resource-policy/resources/hello.py?corp=same-site due to access control checks. >-CONSOLE MESSAGE: Cancelled load to http://localhost:8800/WebKit/cross-origin-resource-policy/resources/hello.py?corp=same because it violates the resource's Cross-Origin-Resource-Policy response header. >-CONSOLE MESSAGE: Fetch API cannot load http://localhost:8800/WebKit/cross-origin-resource-policy/resources/hello.py?corp=same due to access control checks. >+CONSOLE MESSAGE: Cancelled load to http://localhost:8800/WebKit/cross-origin-resource-policy/resources/hello.py?corp=same-origin because it violates the resource's Cross-Origin-Resource-Policy response header. >+CONSOLE MESSAGE: Fetch API cannot load http://localhost:8800/WebKit/cross-origin-resource-policy/resources/hello.py?corp=same-origin due to access control checks. > >-PASS Cross-origin fetch in a data: iframe load fails if the server blocks cross-origin loads with a 'Cross-Origin-Resource-Policy: same' response header. >+PASS Cross-origin fetch in a data: iframe load fails if the server blocks cross-origin loads with a 'Cross-Origin-Resource-Policy: same-origin' response header. > PASS Cross-origin fetch in a data: iframe load fails if the server blocks cross-origin loads with a 'Cross-Origin-Resource-Policy: same-site' response header. >-PASS Cross-origin fetch in a cross origin iframe load fails if the server blocks cross-origin loads with a 'Cross-Origin-Resource-Policy: same' response header. >-PASS Same-origin fetch in a cross origin iframe load succeeds if the server blocks cross-origin loads with a 'Cross-Origin-Resource-Policy: same' response header. >+PASS Cross-origin fetch in a cross origin iframe load fails if the server blocks cross-origin loads with a 'Cross-Origin-Resource-Policy: same-origin' response header. >+PASS Same-origin fetch in a cross origin iframe load succeeds if the server blocks cross-origin loads with a 'Cross-Origin-Resource-Policy: same-origin' response header. > >diff --git a/LayoutTests/http/wpt/cross-origin-resource-policy/fetch-in-iframe.html b/LayoutTests/http/wpt/cross-origin-resource-policy/fetch-in-iframe.html >index 99fe4ed4df88334aab1595482c52a47ae806c5c0..70d2f0c2a08d33f507e72227540490a528133c3b 100644 >--- a/LayoutTests/http/wpt/cross-origin-resource-policy/fetch-in-iframe.html >+++ b/LayoutTests/http/wpt/cross-origin-resource-policy/fetch-in-iframe.html >@@ -47,17 +47,17 @@ function loadIFrameAndFetch(iframeURL, fetchURL, expectedFetchResult) > // This above data URL should be equivalent to resources/iframeFetch.html > var dataIFrameURL = "data:text/html;base64,PCFET0NUWVBFIGh0bWw+CjxodG1sPgo8aGVhZD4KICAgIDxzY3JpcHQ+CiAgICAgICAgZnVuY3Rpb24gcHJvY2Vzc01lc3NhZ2UoZXZlbnQpCiAgICAgICAgewogICAgICAgICAgICBmZXRjaChldmVudC5kYXRhLCB7IG1vZGU6ICJuby1jb3JzIiB9KS50aGVuKCgpID0+IHsKICAgICAgICAgICAgICAgIHBhcmVudC5wb3N0TWVzc2FnZSgib2siLCAiKiIpOwogICAgICAgICAgICB9LCAoKSA9PiB7CiAgICAgICAgICAgICAgICBwYXJlbnQucG9zdE1lc3NhZ2UoImtvIiwgIioiKTsKICAgICAgICAgICAgfSk7CiAgICAgICAgfQogICAgICAgIHdpbmRvdy5hZGRFdmVudExpc3RlbmVyKCJtZXNzYWdlIiwgcHJvY2Vzc01lc3NhZ2UsIGZhbHNlKTsKICAgIDwvc2NyaXB0Pgo8L2hlYWQ+Cjxib2R5PgogICAgPGgzPlRoZSBpZnJhbWUgbWFraW5nIGEgc2FtZSBvcmlnaW4gZmV0Y2ggY2FsbC48L2gzPgo8L2JvZHk+CjwvaHRtbD4K"; > >-title = "Cross-origin fetch in a data: iframe load fails if the server blocks cross-origin loads with a 'Cross-Origin-Resource-Policy: same' response header."; >-loadIFrameAndFetch(dataIFrameURL, localBaseURL + "resources/hello.py?corp=same", "ko"); >+title = "Cross-origin fetch in a data: iframe load fails if the server blocks cross-origin loads with a 'Cross-Origin-Resource-Policy: same-origin' response header."; >+loadIFrameAndFetch(dataIFrameURL, localBaseURL + "resources/hello.py?corp=same-origin", "ko"); > > title = "Cross-origin fetch in a data: iframe load fails if the server blocks cross-origin loads with a 'Cross-Origin-Resource-Policy: same-site' response header."; > loadIFrameAndFetch(dataIFrameURL, localBaseURL + "resources/hello.py?corp=same-site", "ko"); > >-title = "Cross-origin fetch in a cross origin iframe load fails if the server blocks cross-origin loads with a 'Cross-Origin-Resource-Policy: same' response header."; >-loadIFrameAndFetch(remoteBaseURL + "resources/iframeFetch.html", localBaseURL + "resources/hello.py?corp=same", "ko"); >+title = "Cross-origin fetch in a cross origin iframe load fails if the server blocks cross-origin loads with a 'Cross-Origin-Resource-Policy: same-origin' response header."; >+loadIFrameAndFetch(remoteBaseURL + "resources/iframeFetch.html", localBaseURL + "resources/hello.py?corp=same-origin", "ko"); > >-title = "Same-origin fetch in a cross origin iframe load succeeds if the server blocks cross-origin loads with a 'Cross-Origin-Resource-Policy: same' response header."; >-loadIFrameAndFetch(remoteBaseURL + "resources/iframeFetch.html", remoteBaseURL + "resources/hello.py?corp=same", "ok"); >+title = "Same-origin fetch in a cross origin iframe load succeeds if the server blocks cross-origin loads with a 'Cross-Origin-Resource-Policy: same-origin' response header."; >+loadIFrameAndFetch(remoteBaseURL + "resources/iframeFetch.html", remoteBaseURL + "resources/hello.py?corp=same-origin", "ok"); > </script> > </body> > </html> >diff --git a/LayoutTests/http/wpt/cross-origin-resource-policy/fetch.html b/LayoutTests/http/wpt/cross-origin-resource-policy/fetch.html >index e3f9c124cab6c670f822001b3dcd254f04087421..0fbfcdad0c619830fb34b7e7f36dfa6f6eab6f17 100644 >--- a/LayoutTests/http/wpt/cross-origin-resource-policy/fetch.html >+++ b/LayoutTests/http/wpt/cross-origin-resource-policy/fetch.html >@@ -14,9 +14,9 @@ const remoteSameSiteBaseURL = "http://" + host.ORIGINAL_HOST + ":" + host.HTTP_P > const httpsBaseURL = host.HTTPS_ORIGIN + window.location.pathname.replace(/\/[^\/]*$/, '/') ; > > promise_test(async () => { >- const response = await fetch("./resources/hello.py?corp=same"); >+ const response = await fetch("./resources/hello.py?corp=same-origin"); > assert_equals(await response.text(), "hello"); >-}, "Same-origin fetch with a 'Cross-Origin-Resource-Policy: same' response header."); >+}, "Same-origin fetch with a 'Cross-Origin-Resource-Policy: same-origin' response header."); > > promise_test(async () => { > const response = await fetch("./resources/hello.py?corp=same-site"); >@@ -24,9 +24,9 @@ promise_test(async () => { > }, "Same-origin fetch with a 'Cross-Origin-Resource-Policy: same-site' response header."); > > promise_test(async (test) => { >- const response = await fetch(remoteBaseURL + "resources/hello.py?corp=same"); >+ const response = await fetch(remoteBaseURL + "resources/hello.py?corp=same-origin"); > assert_equals(await response.text(), "hello"); >-}, "Cross-origin cors fetch with a 'Cross-Origin-Resource-Policy: same' response header."); >+}, "Cross-origin cors fetch with a 'Cross-Origin-Resource-Policy: same-origin' response header."); > > promise_test(async (test) => { > const response = await fetch(remoteBaseURL + "resources/hello.py?corp=same-site"); >@@ -34,9 +34,9 @@ promise_test(async (test) => { > }, "Cross-origin cors fetch with a 'Cross-Origin-Resource-Policy: same-site' response header."); > > promise_test((test) => { >- const remoteURL = remoteBaseURL + "resources/hello.py?corp=same"; >+ const remoteURL = remoteBaseURL + "resources/hello.py?corp=same-origin"; > return promise_rejects(test, new TypeError, fetch(remoteURL, { mode : "no-cors" })); >-}, "Cross-origin no-cors fetch with a 'Cross-Origin-Resource-Policy: same' response header."); >+}, "Cross-origin no-cors fetch with a 'Cross-Origin-Resource-Policy: same-origin' response header."); > > promise_test((test) => { > const remoteURL = remoteBaseURL + "resources/hello.py?corp=same-site"; >@@ -49,35 +49,35 @@ promise_test((test) => { > }, "Cross-origin no-cors fetch to a same-site URL with a 'Cross-Origin-Resource-Policy: same-site' response header."); > > promise_test((test) => { >- const remoteURL = httpsBaseURL + "resources/hello.py?corp=same"; >+ const remoteURL = httpsBaseURL + "resources/hello.py?corp=same-origin"; > return promise_rejects(test, new TypeError, fetch(remoteURL, { mode : "no-cors" })); >-}, "Cross-origin no-cors fetch to a same-site URL with a 'Cross-Origin-Resource-Policy: same' response header."); >+}, "Cross-origin no-cors fetch to a same-site URL with a 'Cross-Origin-Resource-Policy: same-origin' response header."); > > promise_test(async (test) => { > const remoteSameSiteURL = remoteSameSiteBaseURL + "resources/hello.py?corp=same-site"; > > await fetch(remoteSameSiteURL, { mode: "no-cors" }); > >- return promise_rejects(test, new TypeError, fetch(remoteSameSiteBaseURL + "resources/hello.py?corp=same", { mode: "no-cors" })); >+ return promise_rejects(test, new TypeError, fetch(remoteSameSiteBaseURL + "resources/hello.py?corp=same-origin", { mode: "no-cors" })); > }, "Valid cross-origin no-cors fetch with a 'Cross-Origin-Resource-Policy: same-site' response header."); > > promise_test((test) => { >- const finalURL = remoteBaseURL + "resources/hello.py?corp=same"; >+ const finalURL = remoteBaseURL + "resources/hello.py?corp=same-origin"; > return promise_rejects(test, new TypeError, fetch("resources/redirect.py?redirectTo=" + encodeURIComponent(finalURL), { mode: "no-cors" })); >-}, "Cross-origin no-cors fetch with a 'Cross-Origin-Resource-Policy: same' response header after a redirection."); >+}, "Cross-origin no-cors fetch with a 'Cross-Origin-Resource-Policy: same-origin' response header after a redirection."); > > promise_test((test) => { >- const finalURL = localBaseURL + "resources/hello.py?corp=same"; >+ const finalURL = localBaseURL + "resources/hello.py?corp=same-origin"; > return fetch(remoteBaseURL + "resources/redirect.py?redirectTo=" + encodeURIComponent(finalURL), { mode: "no-cors" }); >-}, "Cross-origin no-cors fetch with a 'Cross-Origin-Resource-Policy: same' response header after a cross-origin redirection."); >+}, "Cross-origin no-cors fetch with a 'Cross-Origin-Resource-Policy: same-origin' response header after a cross-origin redirection."); > > promise_test(async (test) => { >- const finalURL = localBaseURL + "resources/hello.py?corp=same"; >+ const finalURL = localBaseURL + "resources/hello.py?corp=same-origin"; > > await fetch(finalURL, { mode: "no-cors" }); > >- return promise_rejects(test, new TypeError, fetch(remoteBaseURL + "resources/redirect.py?corp=same&redirectTo=" + encodeURIComponent(finalURL), { mode: "no-cors" })); >-}, "Cross-origin no-cors fetch with a 'Cross-Origin-Resource-Policy: same' redirect response header."); >+ return promise_rejects(test, new TypeError, fetch(remoteBaseURL + "resources/redirect.py?corp=same-origin&redirectTo=" + encodeURIComponent(finalURL), { mode: "no-cors" })); >+}, "Cross-origin no-cors fetch with a 'Cross-Origin-Resource-Policy: same-origin' redirect response header."); > </script> > </body> > </html> >diff --git a/LayoutTests/http/wpt/cross-origin-resource-policy/iframe-loads-expected.txt b/LayoutTests/http/wpt/cross-origin-resource-policy/iframe-loads-expected.txt >index 21c1e2f691531ba600779af9a40b6705547f73d0..d1d50efe73cdcd12b6b957d4e12ceaccea6cf4ac 100644 >--- a/LayoutTests/http/wpt/cross-origin-resource-policy/iframe-loads-expected.txt >+++ b/LayoutTests/http/wpt/cross-origin-resource-policy/iframe-loads-expected.txt >@@ -1,5 +1,5 @@ >-CONSOLE MESSAGE: Cancelled load to http://127.0.0.1:8800/WebKit/cross-origin-resource-policy/resources/iframe.py?corp=same because it violates the resource's Cross-Origin-Resource-Policy response header. >-CONSOLE MESSAGE: Fetch API cannot load http://127.0.0.1:8800/WebKit/cross-origin-resource-policy/resources/iframe.py?corp=same due to access control checks. >+CONSOLE MESSAGE: Cancelled load to http://127.0.0.1:8800/WebKit/cross-origin-resource-policy/resources/iframe.py?corp=same-origin because it violates the resource's Cross-Origin-Resource-Policy response header. >+CONSOLE MESSAGE: Fetch API cannot load http://127.0.0.1:8800/WebKit/cross-origin-resource-policy/resources/iframe.py?corp=same-origin due to access control checks. > > PASS Load an iframe that has Cross-Origin-Resource-Policy header > >diff --git a/LayoutTests/http/wpt/cross-origin-resource-policy/iframe-loads.html b/LayoutTests/http/wpt/cross-origin-resource-policy/iframe-loads.html >index 6e2da39ebc7d7a1efc30971d2848075d9054e387..63902c302b7ce6cb5a3f0fb126be2a56a830f42b 100644 >--- a/LayoutTests/http/wpt/cross-origin-resource-policy/iframe-loads.html >+++ b/LayoutTests/http/wpt/cross-origin-resource-policy/iframe-loads.html >@@ -21,7 +21,7 @@ function with_iframe(url) { > } > > promise_test(async() => { >- const url = remoteBaseURL + "resources/iframe.py?corp=same"; >+ const url = remoteBaseURL + "resources/iframe.py?corp=same-origin"; > > await new Promise((resolve, reject) => { > return fetch(url, { mode: "no-cors" }).then(reject, resolve); >diff --git a/LayoutTests/http/wpt/cross-origin-resource-policy/image-loads-expected.txt b/LayoutTests/http/wpt/cross-origin-resource-policy/image-loads-expected.txt >index 6b8655cde1aeb224ed53107469c84f5654d07859..915e240991c7c3a3975aeaf7d8a84963a56ae791 100644 >--- a/LayoutTests/http/wpt/cross-origin-resource-policy/image-loads-expected.txt >+++ b/LayoutTests/http/wpt/cross-origin-resource-policy/image-loads-expected.txt >@@ -1,12 +1,12 @@ >-CONSOLE MESSAGE: Cancelled load to http://127.0.0.1:8800/WebKit/cross-origin-resource-policy/resources/image.py?corp=same&acao=* because it violates the resource's Cross-Origin-Resource-Policy response header. >-CONSOLE MESSAGE: Cannot load image http://127.0.0.1:8800/WebKit/cross-origin-resource-policy/resources/image.py?corp=same&acao=* due to access control checks. >+CONSOLE MESSAGE: Cancelled load to http://127.0.0.1:8800/WebKit/cross-origin-resource-policy/resources/image.py?corp=same-origin&acao=* because it violates the resource's Cross-Origin-Resource-Policy response header. >+CONSOLE MESSAGE: Cannot load image http://127.0.0.1:8800/WebKit/cross-origin-resource-policy/resources/image.py?corp=same-origin&acao=* due to access control checks. > CONSOLE MESSAGE: Cancelled load to http://127.0.0.1:8800/WebKit/cross-origin-resource-policy/resources/image.py?corp=same-site&acao=* because it violates the resource's Cross-Origin-Resource-Policy response header. > CONSOLE MESSAGE: Cannot load image http://127.0.0.1:8800/WebKit/cross-origin-resource-policy/resources/image.py?corp=same-site&acao=* due to access control checks. > >-PASS Same-origin image load with a 'Cross-Origin-Resource-Policy: same' response header. >+PASS Same-origin image load with a 'Cross-Origin-Resource-Policy: same-origin' response header. > PASS Same-origin image load with a 'Cross-Origin-Resource-Policy: same-site' response header. >-PASS Cross-origin cors image load with a 'Cross-Origin-Resource-Policy: same' response header. >+PASS Cross-origin cors image load with a 'Cross-Origin-Resource-Policy: same-origin' response header. > PASS Cross-origin cors image load with a 'Cross-Origin-Resource-Policy: same-site' response header. >-PASS Cross-origin no-cors image load with a 'Cross-Origin-Resource-Policy: same' response header. >+PASS Cross-origin no-cors image load with a 'Cross-Origin-Resource-Policy: same-origin' response header. > PASS Cross-origin no-cors image load with a 'Cross-Origin-Resource-Policy: same-site' response header. > >diff --git a/LayoutTests/http/wpt/cross-origin-resource-policy/image-loads.html b/LayoutTests/http/wpt/cross-origin-resource-policy/image-loads.html >index 751a9ac195ef88d565952d8af0baf744ac973210..494839a39675ac5a6f8817c6fd7b85fd3508ec4d 100644 >--- a/LayoutTests/http/wpt/cross-origin-resource-policy/image-loads.html >+++ b/LayoutTests/http/wpt/cross-origin-resource-policy/image-loads.html >@@ -30,20 +30,20 @@ function loadImage(url, shoudLoad, corsMode) > }, title) > } > >-title = "Same-origin image load with a 'Cross-Origin-Resource-Policy: same' response header."; >-loadImage("./resources/image.py?corp=same", ok); >+title = "Same-origin image load with a 'Cross-Origin-Resource-Policy: same-origin' response header."; >+loadImage("./resources/image.py?corp=same-origin", ok); > > title = "Same-origin image load with a 'Cross-Origin-Resource-Policy: same-site' response header."; > loadImage("./resources/image.py?corp=same-site", ok); > >-title = "Cross-origin cors image load with a 'Cross-Origin-Resource-Policy: same' response header."; >-loadImage(remoteBaseURL + "resources/image.py?corp=same&acao=*", ok, "anonymous"); >+title = "Cross-origin cors image load with a 'Cross-Origin-Resource-Policy: same-origin' response header."; >+loadImage(remoteBaseURL + "resources/image.py?corp=same-origin&acao=*", ok, "anonymous"); > > title = "Cross-origin cors image load with a 'Cross-Origin-Resource-Policy: same-site' response header."; > loadImage(remoteBaseURL + "resources/image.py?corp=same-site&acao=*", ok, "anonymous"); > >-title = "Cross-origin no-cors image load with a 'Cross-Origin-Resource-Policy: same' response header."; >-loadImage(remoteBaseURL + "resources/image.py?corp=same&acao=*", ko); >+title = "Cross-origin no-cors image load with a 'Cross-Origin-Resource-Policy: same-origin' response header."; >+loadImage(remoteBaseURL + "resources/image.py?corp=same-origin&acao=*", ko); > > title = "Cross-origin no-cors image load with a 'Cross-Origin-Resource-Policy: same-site' response header."; > loadImage(remoteBaseURL + "resources/image.py?corp=same-site&acao=*", ko); >diff --git a/LayoutTests/http/wpt/cross-origin-resource-policy/script-loads-expected.txt b/LayoutTests/http/wpt/cross-origin-resource-policy/script-loads-expected.txt >index cc29d895ad2acf3f10a4420665c787fda31fc255..b3ffd03d729ef2f3922624a24dc8e01d3c4a05c5 100644 >--- a/LayoutTests/http/wpt/cross-origin-resource-policy/script-loads-expected.txt >+++ b/LayoutTests/http/wpt/cross-origin-resource-policy/script-loads-expected.txt >@@ -1,12 +1,12 @@ >-CONSOLE MESSAGE: Cancelled load to http://127.0.0.1:8800/WebKit/cross-origin-resource-policy/resources/script.py?corp=same&acao=* because it violates the resource's Cross-Origin-Resource-Policy response header. >+CONSOLE MESSAGE: Cancelled load to http://127.0.0.1:8800/WebKit/cross-origin-resource-policy/resources/script.py?corp=same-origin&acao=* because it violates the resource's Cross-Origin-Resource-Policy response header. > CONSOLE MESSAGE: Cross-origin script load denied by Cross-Origin Resource Sharing policy. > CONSOLE MESSAGE: Cancelled load to http://127.0.0.1:8800/WebKit/cross-origin-resource-policy/resources/script.py?corp=same-site&acao=* because it violates the resource's Cross-Origin-Resource-Policy response header. > CONSOLE MESSAGE: Cross-origin script load denied by Cross-Origin Resource Sharing policy. > >-PASS Same-origin script load with a 'Cross-Origin-Resource-Policy: same' response header. >+PASS Same-origin script load with a 'Cross-Origin-Resource-Policy: same-origin' response header. > PASS Same-origin script load with a 'Cross-Origin-Resource-Policy: same-site' response header. >-PASS Cross-origin cors script load with a 'Cross-Origin-Resource-Policy: same' response header. >+PASS Cross-origin cors script load with a 'Cross-Origin-Resource-Policy: same-origin' response header. > PASS Cross-origin cors script load with a 'Cross-Origin-Resource-Policy: same-site' response header. >-PASS Cross-origin no-cors script load with a 'Cross-Origin-Resource-Policy: same' response header. >+PASS Cross-origin no-cors script load with a 'Cross-Origin-Resource-Policy: same-origin' response header. > PASS Cross-origin no-cors script load with a 'Cross-Origin-Resource-Policy: same-site' response header. > >diff --git a/LayoutTests/http/wpt/cross-origin-resource-policy/script-loads.html b/LayoutTests/http/wpt/cross-origin-resource-policy/script-loads.html >index 11a5c2013b5b637d3598c0c9b73433dc19d485f9..dec3716ac6da9481eaecba71dbdfbfe086ee8479 100644 >--- a/LayoutTests/http/wpt/cross-origin-resource-policy/script-loads.html >+++ b/LayoutTests/http/wpt/cross-origin-resource-policy/script-loads.html >@@ -28,20 +28,20 @@ function loadScript(url, shoudLoad, corsMode) > }, title); > } > >-title = "Same-origin script load with a 'Cross-Origin-Resource-Policy: same' response header."; >-loadScript("./resources/script.py?corp=same", ok); >+title = "Same-origin script load with a 'Cross-Origin-Resource-Policy: same-origin' response header."; >+loadScript("./resources/script.py?corp=same-origin", ok); > > title = "Same-origin script load with a 'Cross-Origin-Resource-Policy: same-site' response header."; > loadScript("./resources/script.py?corp=same-site", ok); > >-title = "Cross-origin cors script load with a 'Cross-Origin-Resource-Policy: same' response header."; >-loadScript(remoteBaseURL + "resources/script.py?corp=same&acao=*", ok, "anonymous"); >+title = "Cross-origin cors script load with a 'Cross-Origin-Resource-Policy: same-origin' response header."; >+loadScript(remoteBaseURL + "resources/script.py?corp=same-origin&acao=*", ok, "anonymous"); > > title = "Cross-origin cors script load with a 'Cross-Origin-Resource-Policy: same-site' response header."; > loadScript(remoteBaseURL + "resources/script.py?corp=same-site&acao=*", ok, "anonymous"); > >-title = "Cross-origin no-cors script load with a 'Cross-Origin-Resource-Policy: same' response header."; >-loadScript(remoteBaseURL + "resources/script.py?corp=same&acao=*", ko); >+title = "Cross-origin no-cors script load with a 'Cross-Origin-Resource-Policy: same-origin' response header."; >+loadScript(remoteBaseURL + "resources/script.py?corp=same-origin&acao=*", ko); > > title = "Cross-origin no-cors script load with a 'Cross-Origin-Resource-Policy: same-site' response header."; > loadScript(remoteBaseURL + "resources/script.py?corp=same-site&acao=*", ko);
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Formatted Diff
|
Diff
Attachments on
bug 186080
: 341552