Bug 222748

Summary: [MacOS Debug] http/tests/security/contentSecurityPolicy/frame-src-cross-origin-load.html is a flakey failure
Product: WebKit Reporter: Amir Mark Jr <amir_mark>
Component: New BugsAssignee: Nobody <webkit-unassigned>
Status: NEW ---    
Severity: Normal CC: webkit-bot-watchers-bugzilla, webkit-bug-importer
Priority: P2 Keywords: InRadar
Version: WebKit Nightly Build   
Hardware: Unspecified   
OS: Unspecified   

Description Amir Mark Jr 2021-03-04 10:10:03 PST
http/tests/security/contentSecurityPolicy/frame-src-cross-origin-load.html

This is a flakey failure on both BigSur WK1/Wk2 Debug and Catalina Wk1/Wk2 Debug


History:

https://results.webkit.org/?suite=layout-tests&test=http%2Ftests%2Fsecurity%2FcontentSecurityPolicy%2Fframe-src-cross-origin-load.html


Text DIff:

--- /Volumes/Data/worker/bigsur-release-tests-wk1/build/layout-test-results/http/tests/security/contentSecurityPolicy/frame-src-cross-origin-load-expected.txt
+++ /Volumes/Data/worker/bigsur-release-tests-wk1/build/layout-test-results/http/tests/security/contentSecurityPolicy/frame-src-cross-origin-load-actual.txt
@@ -1,6 +1,6 @@
 CONSOLE MESSAGE: Refused to load https://localhost:8443/security/contentSecurityPolicy/resources/alert-fail.html because it does not appear in the frame-src directive of the Content Security Policy.
+CONSOLE MESSAGE: PASS
 ALERT: PASS
-CONSOLE MESSAGE: PASS
 IFrames blocked by CSP should generate a 'load' event, regardless of blocked state. This means they appear to be normal cross-origin loads, thereby not leaking URL information directly to JS.
 
 On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".
Comment 1 Radar WebKit Bug Importer 2021-03-04 10:22:05 PST
<rdar://problem/75044431>
Comment 2 Amir Mark Jr 2021-03-29 16:25:33 PDT
Updated test expectations: 

https://trac.webkit.org/changeset/275191/webkit