244637 2022-08-31 15:11:32 -0700 CSP 3: Update Content Security Policy when header sent as part of a 304 response 2023-01-15 10:08:43 -0800 1 1 1 Unclassified WebKit Page Loading WebKit Nightly Build Unspecified Unspecified RESOLVED FIXED InRadar P2 Normal --- 1 hhjalmarsson rreno achristensen beidson bfulgham rreno webkit-bot-watchers-bugzilla webkit-bug-importer wilander youennf oldest_to_newest 1895303 0 hhjalmarsson 2022-08-31 15:11:32 -0700 imported/w3c/web-platform-tests/content-security-policy/generic/304-response-should-update-csp.sub.html Is a constant text failure on macOS wk1 ToT and since 253966@main when it was un-skipped. It appears that this test is failing expectedly on wk2 but passing on wk1. I'm unsure which is correct after un-skip. HISTORY: https://results.webkit.org/?suite=layout-tests&test=imported/w3c/web-platform-tests/content-security-policy/generic/304-response-should-update-csp.sub.html DIFF: @@ -2,6 +2,6 @@ PASS Test that the first frame uses nonce abc PASS Test that the first frame does not use nonce def -FAIL Test that the second frame uses nonce def assert_unreached: Unexpected message received Reached unreachable code -FAIL Test that the second frame does not use nonce abc assert_unreached: Unexpected message received Reached unreachable code +PASS Test that the second frame uses nonce def +PASS Test that the second frame does not use nonce abc 1895304 1 webkit-bug-importer 2022-08-31 15:11:53 -0700 <rdar://problem/99405897> 1895306 2 hhjalmarsson 2022-08-31 15:13:01 -0700 My previous comment is mentioning failing expectedly from the DIFF output and not in the history. 1895309 3 hhjalmarsson 2022-08-31 15:14:05 -0700 This issue can be bisected to 253966@main using command: run-webkit-tests --iterations=2 -1 imported/w3c/web-platform-tests/content-security-policy/generic/304-response-should-update-csp.sub.html 1895318 4 ews-feeder 2022-08-31 15:27:30 -0700 Test gardening commit 254011@main (f787f2f60509): <https://commits.webkit.org/254011@main> Reviewed commits have been landed. Closing PR #3881 and removing active labels. 1925363 5 rreno 2023-01-13 08:39:33 -0800 We aren't updating the CSP when we get a new header as part of a 304 response which is why this test is failing. See discussion https://github.com/w3c/webappsec-csp/issues/161 1925367 6 rreno 2023-01-13 08:56:57 -0800 We also fail https://wpt.fyi/results/cors/304.htm?label=experimental&label=master&aligned So we likely fail any WPT that tests our behavior w.r.t. updating the cache entry upon a 304 response. 1925387 7 rreno 2023-01-13 10:57:48 -0800 Pull request: https://github.com/WebKit/WebKit/pull/8629 1925685 8 ews-feeder 2023-01-15 10:08:41 -0800 Committed 258931@main (9bcb547791aa): <https://commits.webkit.org/258931@main> Reviewed commits have been landed. Closing PR #8629 and removing active labels.