Bug 191828

Summary: [PSON] Received an invalid message "WebPageProxy.DidPerformClientRedirect" from the web process
Product: WebKit Reporter: Chris Dumez <cdumez>
Component: WebKit2Assignee: Chris Dumez <cdumez>
Status: RESOLVED FIXED    
Severity: Normal CC: achristensen, ap, beidson, bfulgham, commit-queue, ggaren, koivisto, rniwa, webkit-bug-importer
Priority: P2 Keywords: InRadar
Version: WebKit Nightly Build   
Hardware: Unspecified   
OS: Unspecified   
Bug Depends on: 191982    
Bug Blocks:    
Attachments:
Description Flags
Patch none

Chris Dumez
Reported 2018-11-18 20:18:28 PST
WebContent crashes and "Received an invalid message "WebPageProxy.DidPerformClientRedirect" from the web process" gets logged on cross-site client-side redirect from a file:// URL.
Attachments
Patch (9.89 KB, patch)
2018-11-18 20:27 PST, Chris Dumez 		no flags
DetailsFormatted DiffDiff
View All Add attachment proposed patch, testcase, etc.
Chris Dumez
Comment 1 2018-11-18 20:27:31 PST
Created attachment 355251 [details] Patch
Chris Dumez
Comment 2 2018-11-18 20:27:49 PST
<rdar://problem/46129456>
WebKit Commit Bot
Comment 3 2018-11-18 23:14:59 PST
Comment on attachment 355251 [details] Patch Clearing flags on attachment: 355251 Committed r238368: <https://trac.webkit.org/changeset/238368>
WebKit Commit Bot
Comment 4 2018-11-18 23:15:01 PST
All reviewed patches have been landed. Closing bug.
Alexey Proskuryakov
Comment 5 2018-11-19 21:33:37 PST
Comment on attachment 355251 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=355251&action=review > Source/WebKit/UIProcess/WebPageProxy.cpp:-4446 > - MESSAGE_CHECK_URL(sourceURLString); Removing a security check here doesn't look right at all. Surely we now have a situation where we don't properly track past URLs. But that doesn't mean that it's OK for the web process to send redirect messages with dangerous URLs! These are passed down to clients, so it's unlikely to be harmless.
Note You need to log in before you can comment on or make changes to this bug.