Bug 211876

Summary: Incorrect location.origin in blob workers
Product: WebKit Reporter: Naman Nehra <naman.nehra98>
Component: Page LoadingAssignee: youenn fablet <youennf>
Status: RESOLVED FIXED    
Severity: Normal CC: achristensen, beidson, cdumez, ews-watchlist, mkwst, sihui_liu, webkit-bug-importer, youennf
Priority: P2 Keywords: InRadar
Version: Safari 13   
Hardware: Macintosh   
OS: macOS 10.15   
Attachments:
Description Flags
Patch none

Description Naman Nehra 2020-05-13 19:41:59 PDT
location.origin is set to "blob://" in web workers created from blobs.
Comment 1 Radar WebKit Bug Importer 2020-05-15 12:33:23 PDT
<rdar://problem/63284717>
Comment 2 youenn fablet 2020-05-20 02:05:40 PDT
Created attachment 399821 [details]
Patch
Comment 3 Sihui Liu 2020-05-20 17:28:58 PDT
Comment on attachment 399821 [details]
Patch

View in context: https://bugs.webkit.org/attachment.cgi?id=399821&action=review

> Source/WebCore/workers/WorkerLocation.cpp:78
> -    return SecurityOriginData::fromURL(m_url).toString();
> +    return m_origin;

Instead of keeping m_origin, you probably want SecurityOrigin::create(m_url), which seems to handle the blob case.
Comment 4 youenn fablet 2020-05-21 01:12:22 PDT
> Instead of keeping m_origin, you probably want
> SecurityOrigin::create(m_url), which seems to handle the blob case.

We are trying to reduce the number of times we create origins from background threads.
I believe we are creating the WorkerGlobalScope origin on the main thread for instance e.

Also, by reusing the WorkerGlobalScope origin, we ensure consistency and it removes the need to allocate a new SecurityOrigin object for a very short period of time.
Comment 5 Sihui Liu 2020-05-21 11:18:14 PDT
(In reply to youenn fablet from comment #4)
> > Instead of keeping m_origin, you probably want
> > SecurityOrigin::create(m_url), which seems to handle the blob case.
> 
> We are trying to reduce the number of times we create origins from
> background threads.
> I believe we are creating the WorkerGlobalScope origin on the main thread
> for instance e.
> 
> Also, by reusing the WorkerGlobalScope origin, we ensure consistency and it
> removes the need to allocate a new SecurityOrigin object for a very short
> period of time.

Ah Okay, the fix should work.
Comment 6 EWS 2020-05-21 13:40:07 PDT
Committed r262026: <https://trac.webkit.org/changeset/262026>

All reviewed patches have been landed. Closing bug and clearing flags on attachment 399821 [details].