Bug 186761

Summary: Fix remaining Cross-Origin-Resource-Policy failures, if any
Product: WebKit Reporter: Anne van Kesteren <annevk>
Component: DOMAssignee: youenn fablet <youennf>
Status: RESOLVED FIXED    
Severity: Normal CC: achristensen, cdumez, commit-queue, dbates, ews-watchlist, japhet, m.kurz+webkitbugs, rniwa, webkit-bug-importer, wilander, youennf
Priority: P2 Keywords: InRadar
Version: WebKit Nightly Build   
Hardware: Unspecified   
OS: Unspecified   
Bug Depends on: 187422    
Bug Blocks:    
Attachments:
Description Flags
Patch
ews-watchlist: commit-queue-
Archive of layout-test-results from ews126 for ios-simulator-wk2
none
Archive of layout-test-results from ews102 for mac-sierra
none
Patch none

Description Anne van Kesteren 2018-06-18 06:33:21 PDT
I'm not quite sure what release this feature is in, but I wrote tests and got them landed in web-platform-tests at fetch/cross-origin-resource-policy and I suspect there may be a failure, especially given that we decided on the HTTPS restriction quite late.
Comment 1 youenn fablet 2018-06-18 06:43:41 PDT
(In reply to Anne van Kesteren from comment #0)
> I'm not quite sure what release this feature is in, but I wrote tests and
> got them landed in web-platform-tests at fetch/cross-origin-resource-policy
> and I suspect there may be a failure, especially given that we decided on
> the HTTPS restriction quite late.

Great to hear web-platform-tests tests are landed, I was waiting for them to update the implementation and remove our redundant tests.
Comment 2 Radar WebKit Bug Importer 2018-06-18 06:44:04 PDT
<rdar://problem/41209829>
Comment 3 youenn fablet 2018-06-18 14:16:07 PDT
Only WPT failure seems to be related to case-insensitive comparison of the value.
WebKit currently allows SAME-ORIGIN.

It does not seem that we have yet added tests for HTTP same origin loads from HTTPS contexts.
Comment 4 Anne van Kesteren 2018-06-19 00:06:24 PDT
If you mean same site, that would be

  fetch/cross-origin-resource-policy/scheme-restriction.https.window.js

For origin HTTP/HTTPS does not matter as the scheme has to be identical.
Comment 5 youenn fablet 2018-07-06 19:02:49 PDT
Created attachment 344499 [details]
Patch
Comment 6 EWS Watchlist 2018-07-09 17:28:44 PDT
Comment on attachment 344499 [details]
Patch

Attachment 344499 [details] did not pass ios-sim-ews (ios-simulator-wk2):
Output: https://webkit-queues.webkit.org/results/8487321

New failing tests:
http/wpt/cross-origin-resource-policy/fetch.html
Comment 7 EWS Watchlist 2018-07-09 17:28:45 PDT
Created attachment 344645 [details]
Archive of layout-test-results from ews126 for ios-simulator-wk2

The attached test failures were seen while running run-webkit-tests on the ios-sim-ews.
Bot: ews126  Port: ios-simulator-wk2  Platform: Mac OS X 10.13.4
Comment 8 EWS Watchlist 2018-07-09 18:22:45 PDT
Comment on attachment 344499 [details]
Patch

Attachment 344499 [details] did not pass mac-ews (mac):
Output: https://webkit-queues.webkit.org/results/8488465

New failing tests:
media/media-fullscreen-return-to-inline.html
Comment 9 EWS Watchlist 2018-07-09 18:22:47 PDT
Created attachment 344650 [details]
Archive of layout-test-results from ews102 for mac-sierra

The attached test failures were seen while running run-webkit-tests on the mac-ews.
Bot: ews102  Port: mac-sierra  Platform: Mac OS X 10.12.6
Comment 10 youenn fablet 2018-07-09 21:08:35 PDT
Created attachment 344662 [details]
Patch
Comment 11 WebKit Commit Bot 2018-07-11 12:36:23 PDT
Comment on attachment 344662 [details]
Patch

Clearing flags on attachment: 344662

Committed r233739: <https://trac.webkit.org/changeset/233739>
Comment 12 WebKit Commit Bot 2018-07-11 12:36:25 PDT
All reviewed patches have been landed.  Closing bug.