Summary: | [ macOS Wk2 ] http/tests/security/contentSecurityPolicy/report-only-connect-src-xmlhttprequest-redirect-to-blocked.php is constantly text failing | ||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Product: | WebKit | Reporter: | Robert Jenner <jenner> | ||||||||||
Component: | New Bugs | Assignee: | Chris Gambrell <cgambrell> | ||||||||||
Status: | RESOLVED FIXED | ||||||||||||
Severity: | Normal | CC: | cgambrell, ews-watchlist, jbedard, mkwst, tsavell, webkit-bot-watchers-bugzilla, webkit-bug-importer | ||||||||||
Priority: | P2 | Keywords: | InRadar | ||||||||||
Version: | WebKit Nightly Build | ||||||||||||
Hardware: | Unspecified | ||||||||||||
OS: | Unspecified | ||||||||||||
See Also: | https://bugs.webkit.org/show_bug.cgi?id=222668 | ||||||||||||
Attachments: |
|
Description
Robert Jenner
2021-03-11 10:57:32 PST
Created attachment 422953 [details]
Patch
Comment on attachment 422953 [details]
Patch
This was part of a batch of the http/tests/security php files that had issues with the Python conversion and should not have been included in part 1 of 2 for the security directory. Reverted test back to reference the PHP version. This will be converted in part 2.
Comment on attachment 422953 [details]
Patch
No reason to keep the bots red this weekend, cq+ing as well
Committed r274392: <https://commits.webkit.org/r274392> All reviewed patches have been landed. Closing bug and clearing flags on attachment 422953 [details]. It looks like the changes in https://trac.webkit.org/changeset/274392/webkit broke http/tests/security/contentSecurityPolicy/report-only-from-header.py History: https://results.webkit.org/?suite=layout-tests&test=http%2Ftests%2Fsecurity%2FcontentSecurityPolicy%2Freport-only-from-header.py this is a fairly clear regression in history This seems to point to the problem: 'Refused to connect to http://localhost:8000/security/contentSecurityPolicy/resources/echo-report.php because it does not appear in the connect-src directive of the Content Security Policy' Reopening to attach new patch. Created attachment 423530 [details]
Patch
Comment on attachment 423530 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=423530&action=review > LayoutTests/http/tests/security/contentSecurityPolicy/connect-src-xmlhttprequest-redirect-to-blocked-expected.txt:1 > +CONSOLE MESSAGE: Refused to connect to http://localhost:8000/security/contentSecurityPolicy/resources/xhr-redirect-not-allowed.py because it does not appear in the connect-src directive of the Content Security Policy. Starting process of conversion of pearl files in this patch. > LayoutTests/http/tests/security/contentSecurityPolicy/report-document-uri-after-blocked-redirect-expected.txt:1 > +CONSOLE MESSAGE: Refused to connect to http://localhost:8000/security/contentSecurityPolicy/resources/xhr-redirect-not-allowed.py because it does not appear in the connect-src directive of the Content Security Policy. Starting process of conversion of pearl files in this patch. > LayoutTests/http/tests/security/contentSecurityPolicy/report-document-uri-after-blocked-redirect.html:24 > + xhr.open("GET", "resources/redir.php?url=http://localhost:8000/security/contentSecurityPolicy/resources/xhr-redirect-not-allowed.py", true); Starting process of conversion of pearl files in this patch. > LayoutTests/http/tests/security/contentSecurityPolicy/user-style-sheet-font-crasher-expected.txt:2 > +Blocked access to external URL https://webkit.org/report Python automatically switched to https above http so changed the url & expectations > LayoutTests/http/tests/security/contentSecurityPolicy/user-style-sheet-font-crasher.py:6 > + 'Content-Security-Policy: font-src https://webkit.org; report-uri https://webkit.org/report;\r\n' Python automatically switched to https above http so changed the url & expectations > LayoutTests/http/tests/security/contentSecurityPolicy/resources/go-to-echo-report.py:10 > + 'Content-Type: text/html\r\n\r\n' When running cURL requests, PHP was returning text/html Content-Type, not application/javascript > LayoutTests/http/tests/security/contentSecurityPolicy/resources/worker-importScript-redirect-cross-origin-allowed.py:8 > + 'Content-Type: text/html\r\n\r\n' When running cURL requests, PHP was returning text/html Content-Type, not application/javascript > LayoutTests/http/tests/security/contentSecurityPolicy/resources/worker-importScript-redirect-cross-origin-blocked.py:8 > + 'Content-Type: text/html\r\n\r\n' When running cURL requests, PHP was returning text/html Content-Type, not application/javascript > LayoutTests/http/tests/security/contentSecurityPolicy/resources/worker-xhr-allowed.py:8 > + 'Content-Type: text/html\r\n\r\n' When running cURL requests, PHP was returning text/html Content-Type, not application/javascript > LayoutTests/http/tests/security/contentSecurityPolicy/resources/worker-xhr-redirect-cross-origin-allowed.py:7 > + 'Content-Type: text/html\r\n\r\n' When running cURL requests, PHP was returning text/html Content-Type, not application/javascript > LayoutTests/http/tests/security/contentSecurityPolicy/resources/worker-xhr-redirect-cross-origin-blocked.py:8 > + 'Content-Type: text/html\r\n\r\n' When running cURL requests, PHP was returning text/html Content-Type, not application/javascript > LayoutTests/http/tests/security/contentSecurityPolicy/resources/xhr-redirect-not-allowed.py:1 > +#!/usr/bin/env python3 Starting process of conversion of pearl files in this patch. Comment on attachment 423530 [details]
Patch
Looks good, let's wait until EWS is happy
Created attachment 423548 [details]
Patch
Created attachment 423604 [details]
Patch
Comment on attachment 423604 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=423604&action=review > LayoutTests/ChangeLog:1 > +2021-03-18 Chris Gambrell <cgambrell@apple.com> http/tests/security/contentSecurityPolicy/user-style-sheet-font-crasher-expected.txt got updated to match the original PHP version. Changed the version of http/tests/security/contentSecurityPolicy/user-style-sheet-font-crasher.py to match the PHP version. Committed r274671: <https://commits.webkit.org/r274671> All reviewed patches have been landed. Closing bug and clearing flags on attachment 423604 [details]. |