Bug 159510

Summary: [Win] The test http/tests/security/contentSecurityPolicy/upgrade-insecure-requests/basic-upgrade.https.html is failing.
Product: WebKit Reporter: Per Arne Vollan <pvollan>
Component: Tools / TestsAssignee: Per Arne Vollan <pvollan>
Status: RESOLVED FIXED    
Severity: Normal CC: achristensen, bfulgham, buildbot, commit-queue, dbates, lforschler, mkwst, webkit-bug-importer
Priority: P2 Keywords: InRadar
Version: WebKit Nightly Build   
Hardware: Unspecified   
OS: Unspecified   
Bug Depends on: 159556    
Bug Blocks:    
Attachments:
Description Flags
Patch
none
Patch none

Per Arne Vollan
Reported 2016-07-07 02:57:18 PDT
We need to allow any https certificate in DumpRenderTree.
Attachments
Patch (2.96 KB, patch)
2016-07-07 09:38 PDT, Per Arne Vollan 		no flags
DetailsFormatted DiffDiff
Patch (1.24 KB, patch)
2017-08-02 11:35 PDT, Per Arne Vollan 		no flags
DetailsFormatted DiffDiff
Show Obsolete (1) View All Add attachment proposed patch, testcase, etc.
Per Arne Vollan
Comment 1 2016-07-07 09:38:33 PDT
Created attachment 283019 [details] Patch
Brent Fulgham
Comment 2 2016-07-07 10:58:19 PDT
Comment on attachment 283019 [details] Patch r=me
Per Arne Vollan
Comment 3 2016-07-07 12:55:59 PDT
(In reply to comment #2) > Comment on attachment 283019 [details] > Patch > > r=me Thanks for reviewing!
Per Arne Vollan
Comment 4 2016-07-07 23:32:40 PDT
Committed r202967: <https://trac.webkit.org/changeset/202967>
WebKit Commit Bot
Comment 5 2016-07-08 05:19:51 PDT
Re-opened since this is blocked by bug 159556
Per Arne Vollan
Comment 6 2017-08-02 11:35:57 PDT
Created attachment 316979 [details] Patch
Daniel Bates
Comment 7 2017-08-02 17:01:17 PDT
Comment on attachment 316979 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=316979&action=review > Tools/DumpRenderTree/win/DumpRenderTree.cpp:1214 > + request->setAllowsAnyHTTPSCertificate(); OK. Although it is unlikely that DumpRenderTree would be used to load an arbitrary URL (and would be an error if run-webkit-test ever invoked with a non-file, non-localhost URL) it would be good practice to take a similar approach as in Mac DumpRenderTree/WebKitTestRunner and only allow any HTTPS certificate for localhost and 127.0.0.1.
Per Arne Vollan
Comment 8 2017-08-03 08:31:30 PDT
(In reply to Daniel Bates from comment #7) > Comment on attachment 316979 [details] > Patch > > View in context: > https://bugs.webkit.org/attachment.cgi?id=316979&action=review > > > Tools/DumpRenderTree/win/DumpRenderTree.cpp:1214 > > + request->setAllowsAnyHTTPSCertificate(); > > OK. Although it is unlikely that DumpRenderTree would be used to load an > arbitrary URL (and would be an error if run-webkit-test ever invoked with a > non-file, non-localhost URL) it would be good practice to take a similar > approach as in Mac DumpRenderTree/WebKitTestRunner and only allow any HTTPS > certificate for localhost and 127.0.0.1. Thanks for reviewing! I will add a host check in a follow-up patch.
WebKit Commit Bot
Comment 9 2017-08-03 09:01:57 PDT
Comment on attachment 316979 [details] Patch Clearing flags on attachment: 316979 Committed r220206: <http://trac.webkit.org/changeset/220206>
WebKit Commit Bot
Comment 10 2017-08-03 09:01:59 PDT
All reviewed patches have been landed. Closing bug.
Radar WebKit Bug Importer
Comment 11 2017-08-03 09:02:57 PDT
<rdar://problem/33700981>
Note You need to log in before you can comment on or make changes to this bug.