Summary: | [Content Extensions] Block synchronous XMLHTTPRequests | ||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
Product: | WebKit | Reporter: | Alex Christensen <achristensen> | ||||||||
Component: | WebCore Misc. | Assignee: | Brady Eidson <beidson> | ||||||||
Status: | RESOLVED FIXED | ||||||||||
Severity: | Normal | CC: | commit-queue, dbates, japhet | ||||||||
Priority: | P2 | Keywords: | InRadar | ||||||||
Version: | 528+ (Nightly build) | ||||||||||
Hardware: | Unspecified | ||||||||||
OS: | Unspecified | ||||||||||
Attachments: |
|
Description
Alex Christensen
2015-06-23 18:27:52 PDT
Created attachment 255466 [details]
Patch
It does seem strange to have blocked synchronous requests throw an exception but a asynchronous request just does nothing. Feedback would be appreciated. Comment on attachment 255466 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=255466&action=review > Source/WebCore/ChangeLog:9 > + http://www.w3.org/TR/2007/WD-XMLHttpRequest-20070618/#exceptions I don't know if anything changed in this regard, but this is an extremely old draft that is entirely obsolete. > Source/WebCore/ChangeLog:10 > + This also adds a test for blocking asynchronous XMLHTTPRequests, which just does not call This doesn't seem like good behavior. > Source/WebCore/ChangeLog:11 > + onreadystatechange because it never actually sends the request. Why not handle that as an error case, with onreadystatechange and onerror? Comment on attachment 255466 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=255466&action=review Besides Alexey’s comments, I have some comments about the specifics of the code. > Source/WebCore/loader/FrameLoader.cpp:3018 > + String urlForError = newRequest.url().string(); Please don’t compute this unused string. > Source/WebCore/loader/FrameLoader.cpp:3020 > + if (m_frame.mainFrame().page() && m_frame.mainFrame().page()->userContentController() && m_documentLoader) > + m_frame.mainFrame().page()->userContentController()->processContentExtensionRulesForLoad(*m_frame.mainFrame().page(), newRequest, ResourceType::Raw, *m_documentLoader); I suggest writing this nested thing: if (m_documentLoader) { if (auto* page = m_frame.page()) { if (auto* controller = page->userContentController()) controller->processContentExtensionRulesForLoad(*page, newRequest, ResourceType::Raw, *m_documentLoader); } } Created attachment 255992 [details]
Patch v2 - Taking over from Alex
Attachment 255992 [details] did not pass style-queue:
ERROR: Source/WebCore/loader/FrameLoader.cpp:95: Alphabetical sorting problem. [build/include_order] [4]
Total errors found: 1 in 6 files
If any of these errors are false positives, please file a bug against check-webkit-style.
Created attachment 256011 [details]
Patch v3
Comment on attachment 256011 [details] Patch v3 Clearing flags on attachment: 256011 Committed r186228: <http://trac.webkit.org/changeset/186228> All reviewed patches have been landed. Closing bug. |