Bug 290745

Summary: Worker and SharedWorker constructors should fail asynchronously in case of cross origin URLs
Product: WebKit Reporter: youenn fablet <youennf>
Component: Service WorkersAssignee: youenn fablet <youennf>
Status: RESOLVED FIXED    
Severity: Normal CC: fujii, webkit-bug-importer, youennf
Priority: P2 Keywords: InRadar
Version: Safari 18   
Hardware: Unspecified   
OS: Unspecified   
Bug Depends on:    
Bug Blocks: 297072    

youenn fablet
Reported 2025-03-30 23:32:16 PDT
Worker and SharedWorker constructors should fail asynchronously in case of cross origin URLs
Attachments
Add attachment proposed patch, testcase, etc.
Radar WebKit Bug Importer
Comment 1 2025-03-30 23:33:05 PDT
<rdar://problem/148229314>
youenn fablet
Comment 2 2025-03-30 23:37:15 PDT
Pull request: https://github.com/WebKit/WebKit/pull/43300
EWS
Comment 3 2025-04-01 09:26:59 PDT
Committed 293014@main (e9a2fa13c71e): <https://commits.webkit.org/293014@main> Reviewed commits have been landed. Closing PR #43300 and removing active labels.
Fujii Hironori
Comment 4 2025-04-02 17:51:55 PDT
http/tests/security/contentSecurityPolicy/block-all-mixed-content/insecure-image-in-iframe.html is failing for wk2 after 293014@main. History: https://results.webkit.org/?suite=layout-tests&test=http%2Ftests%2Fsecurity%2FcontentSecurityPolicy%2Fblock-all-mixed-content%2Finsecure-image-in-iframe.html&flavor=wk2 Does the test file need `dumpJSConsoleLogInStdErr=true` header?
youenn fablet
Comment 5 2025-04-03 10:10:21 PDT
Yes, I will change the test.
youenn fablet
Comment 6 2025-04-03 10:20:59 PDT
https://bugs.webkit.org/show_bug.cgi?id=291002
Note You need to log in before you can comment on or make changes to this bug.