Bug 199232

Summary: SubFrameSOAuthorizationSession should preserve the referrer header when falling back to web path
Product: WebKit Reporter: Jiewen Tan <jiewen_tan>
Component: WebKit Misc.Assignee: Jiewen Tan <jiewen_tan>
Status: RESOLVED FIXED    
Severity: Normal CC: achristensen, bfulgham, cdumez, commit-queue, jiewen_tan, webkit-bug-importer, youennf
Priority: P2 Keywords: InRadar
Version: WebKit Nightly Build   
Hardware: Unspecified   
OS: Unspecified   
Attachments:
Description Flags
Patch
none
Patch none

Jiewen Tan
Reported 2019-06-26 13:28:36 PDT
SubFrameSOAuthorizationSession should preserve the referrer header when fall back to web path.
Attachments
Patch (14.27 KB, patch)
2019-06-26 13:48 PDT, Jiewen Tan 		no flags
DetailsFormatted DiffDiff
Patch (12.36 KB, patch)
2019-06-26 16:14 PDT, Jiewen Tan 		no flags
DetailsFormatted DiffDiff
Show Obsolete (1) View All Add attachment proposed patch, testcase, etc.
Jiewen Tan
Comment 1 2019-06-26 13:29:23 PDT
<rdar://problem/51718328>
Jiewen Tan
Comment 2 2019-06-26 13:48:50 PDT
Created attachment 372947 [details] Patch
Chris Dumez
Comment 3 2019-06-26 13:51:51 PDT
Comment on attachment 372947 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=372947&action=review > Source/WebKit/UIProcess/WebFrameProxy.cpp:82 > +void WebFrameProxy::loadURL(const URL& url, const Optional<String>& referrer) We normally do not use Optional<String> because the String class already has a null state.
Chris Dumez
Comment 4 2019-06-26 13:53:35 PDT
Comment on attachment 372947 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=372947&action=review > Source/WebKit/UIProcess/Cocoa/SOAuthorization/SubFrameSOAuthorizationSession.mm:71 > + if (!navigationActionPtr->request().hasHTTPReferrer()) { This if check would not be needed if you did not use Optional. navigationActionPtr->request().httpReferrer() would return a null String and the normal code path would do the right thing.
Chris Dumez
Comment 5 2019-06-26 15:59:40 PDT
Comment on attachment 372947 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=372947&action=review > Source/WebKit/WebProcess/WebPage/WebPage.cpp:1497 > + if (!referrer) { Ditto, this if check is likely not needed either if you stop using Optional<String> and use a simple String instead.
Jiewen Tan
Comment 6 2019-06-26 16:07:27 PDT
Comment on attachment 372947 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=372947&action=review > Source/WebCore/platform/network/ResourceRequestBase.h:123 > + WEBCORE_EXPORT bool hasHTTPReferrer() const; Removed. >> Source/WebKit/UIProcess/Cocoa/SOAuthorization/SubFrameSOAuthorizationSession.mm:71 >> + if (!navigationActionPtr->request().hasHTTPReferrer()) { > > This if check would not be needed if you did not use Optional. navigationActionPtr->request().httpReferrer() would return a null String and the normal code path would do the right thing. It does! >> Source/WebKit/UIProcess/WebFrameProxy.cpp:82 >> +void WebFrameProxy::loadURL(const URL& url, const Optional<String>& referrer) > > We normally do not use Optional<String> because the String class already has a null state. Fixed.
Jiewen Tan
Comment 7 2019-06-26 16:08:01 PDT
Comment on attachment 372947 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=372947&action=review >> Source/WebKit/WebProcess/WebPage/WebPage.cpp:1497 >> + if (!referrer) { > > Ditto, this if check is likely not needed either if you stop using Optional<String> and use a simple String instead. Removed.
Jiewen Tan
Comment 8 2019-06-26 16:14:51 PDT
Created attachment 372962 [details] Patch
youenn fablet
Comment 9 2019-06-26 21:42:41 PDT
Comment on attachment 372962 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=372962&action=review > Source/WebKit/UIProcess/Cocoa/SOAuthorization/SubFrameSOAuthorizationSession.mm:71 > + frame->loadURL(navigationActionPtr->request().url(), navigationActionPtr->request().httpReferrer()); I wonder whether other parameters might be needed in the future (cache policy, user agent...). Maybe we should pass navigationActionPtr->request() directly.
Jiewen Tan
Comment 10 2019-06-26 23:02:52 PDT
Comment on attachment 372962 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=372962&action=review >> Source/WebKit/UIProcess/Cocoa/SOAuthorization/SubFrameSOAuthorizationSession.mm:71 >> + frame->loadURL(navigationActionPtr->request().url(), navigationActionPtr->request().httpReferrer()); > > I wonder whether other parameters might be needed in the future (cache policy, user agent...). > Maybe we should pass navigationActionPtr->request() directly. Thanks, Youenn. That’s in my mind as well. However, I’m not sure if there will be any side effects to load the same request again. We will find out later if it is needed.
WebKit Commit Bot
Comment 11 2019-06-26 23:33:56 PDT
Comment on attachment 372962 [details] Patch Clearing flags on attachment: 372962 Committed r246872: <https://trac.webkit.org/changeset/246872>
WebKit Commit Bot
Comment 12 2019-06-26 23:33:58 PDT
All reviewed patches have been landed. Closing bug.
Note You need to log in before you can comment on or make changes to this bug.