Bug 153151

Summary:

CSP: Remove stubs for dynamically-added favicons (via link rel="icon")

Product:

WebKit

Reporter:

Daniel Bates <dbates>

Component:

WebCore Misc.

Assignee:

Brent Fulgham <bfulgham>

Status:

RESOLVED FIXED

Severity:

Normal

CC:

bfulgham, buildbot, cdumez, commit-queue, dbates, japhet, mkwst, rniwa, webkit-bug-importer

Priority:

Keywords:

BlinkMergeCandidate, InRadar

Version:

WebKit Local Build

Hardware:

All

OS:

All

See Also:

https://bugs.webkit.org/show_bug.cgi?id=156727

Attachments:

Description	Flags
Dan Bates Patch	none
Patch	none
Patch	none
Archive of layout-test-results from ews102 for mac-yosemite	none
Archive of layout-test-results from ews115 for mac-yosemite	none
Patch	darin: review+

Daniel Bates

Reported 2016-01-15 14:57:01 PST

We should merge <https://src.chromium.org/viewvc/blink?view=rev&revision=155362>. Make dynamically-added favicons (via link rel="icon") obey Content-Security-Policy. This is the spec'd behaviour.

Attachments
Dan Bates Patch (9.02 KB, patch) 2016-04-15 17:43 PDT, Brent Fulgham	no flags	Details Formatted Diff Diff
Patch (8.99 KB, patch) 2016-04-15 17:57 PDT, Brent Fulgham	no flags	Details Formatted Diff Diff
Patch (17.13 KB, patch) 2016-04-15 18:26 PDT, Brent Fulgham	no flags	Details Formatted Diff Diff
Archive of layout-test-results from ews102 for mac-yosemite (1.06 MB, application/zip) 2016-04-15 18:53 PDT, Build Bot	no flags	Details
Archive of layout-test-results from ews115 for mac-yosemite (956.60 KB, application/zip) 2016-04-15 19:32 PDT, Build Bot	no flags	Details
Patch (16.75 KB, patch) 2016-04-16 21:07 PDT, Brent Fulgham	darin: review+	Details Formatted Diff Diff
Show Obsolete (5) View All Add attachment proposed patch, testcase, etc.

Radar WebKit Bug Importer

Comment 1 2016-01-27 20:33:58 PST

<rdar://problem/24383176>

Brent Fulgham

Comment 2 2016-04-15 17:43:13 PDT

Created attachment 276532 [details] Dan Bates Patch

Brent Fulgham

Comment 3 2016-04-15 17:49:52 PDT

Comment on attachment 276532 [details] Dan Bates Patch Note that this patch is actually Dan Bates' work, not mine :-)

Brent Fulgham

Comment 4 2016-04-15 17:50:29 PDT

Comment on attachment 276532 [details] Dan Bates Patch r=me. Will land if the tests all pass.

WebKit Commit Bot

Comment 5 2016-04-15 17:51:52 PDT

Comment on attachment 276532 [details] Dan Bates Patch Rejecting attachment 276532 [details] from commit-queue. Failed to run "['/Volumes/Data/EWS/WebKit/Tools/Scripts/webkit-patch', '--status-host=webkit-queues.webkit.org', '--bot-id=webkit-cq-01', 'validate-changelog', '--check-oops', '--non-interactive', 276532, '--port=mac']" exit_code: 1 cwd: /Volumes/Data/EWS/WebKit ChangeLog entry in LayoutTests/ChangeLog contains OOPS!. Full output: http://webkit-queues.webkit.org/results/1165865

Brent Fulgham

Comment 6 2016-04-15 17:57:32 PDT

Created attachment 276533 [details] Patch

Brent Fulgham

Comment 7 2016-04-15 18:26:15 PDT

Created attachment 276535 [details] Patch

Build Bot

Comment 8 2016-04-15 18:53:23 PDT

Comment on attachment 276535 [details] Patch Attachment 276535 [details] did not pass mac-ews (mac): Output: http://webkit-queues.webkit.org/results/1166029 New failing tests: webarchive/test-link-rel-icon-beforeload.html

Build Bot

Comment 9 2016-04-15 18:53:27 PDT

Created attachment 276536 [details] Archive of layout-test-results from ews102 for mac-yosemite The attached test failures were seen while running run-webkit-tests on the mac-ews. Bot: ews102 Port: mac-yosemite Platform: Mac OS X 10.10.5

Build Bot

Comment 10 2016-04-15 19:32:06 PDT

Comment on attachment 276535 [details] Patch Attachment 276535 [details] did not pass mac-debug-ews (mac): Output: http://webkit-queues.webkit.org/results/1166093 New failing tests: webarchive/test-link-rel-icon-beforeload.html

Build Bot

Comment 11 2016-04-15 19:32:10 PDT

Created attachment 276539 [details] Archive of layout-test-results from ews115 for mac-yosemite The attached test failures were seen while running run-webkit-tests on the mac-debug-ews. Bot: ews115 Port: mac-yosemite Platform: Mac OS X 10.10.5

Brent Fulgham

Comment 12 2016-04-16 21:07:45 PDT

Created attachment 276571 [details] Patch

Brent Fulgham

Comment 13 2016-04-16 21:08:57 PDT

Updated patch to continue to emit the onbeforeload event for icon loads.

Darin Adler

Comment 14 2016-04-17 09:19:53 PDT

Comment on attachment 276571 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=276571&action=review > Source/WebCore/ChangeLog:3 > + CSP: Make dynamically-added favicons (via link rel="icon") obey Content-Security-Policy This no longer seems like an appropriate bug title for this code change. > Source/WebCore/loader/LinkLoader.cpp:41 > +#include "ContentSecurityPolicy.h" Please don’t add this include.

Brent Fulgham

Comment 15 2016-04-18 09:45:18 PDT

Committed r199673: <http://trac.webkit.org/changeset/199673>

Note You need to log in before you can comment on or make changes to this bug.