Bug 60175

Summary: [Qt]http/tests/security/xss-DENIED-xsl-document.xml fails with Qt >= 4.8
Product: WebKit Reporter: Csaba Osztrogonác <ossy>
Component: Tools / TestsAssignee: Nobody <webkit-unassigned>
Status: RESOLVED INVALID    
Severity: Normal CC: ademar, cmarcelo, jwieczorek, kling, ossy, robert
Priority: P2 Keywords: Qt, QtTriaged
Version: 528+ (Nightly build)   
Hardware: All   
OS: All   
Bug Depends on:    
Bug Blocks: 79666    

Description Csaba Osztrogonác 2011-05-04 09:17:17 PDT
http/tests/security/xss-DENIED-xsl-document.xml fails 
with Qt 4.8 HEAD, but passes with released Qt 4.7.2 .

--- /ramdisk/qt-linux-32-release-qt470/build/layout-test-results/http/tests/security/xss-DENIED-xsl-document-expected.txt	2011-05-04 08:28:53.690215995 -0700
+++ /ramdisk/qt-linux-32-release-qt470/build/layout-test-results/http/tests/security/xss-DENIED-xsl-document-actual.txt	2011-05-04 08:28:53.690215995 -0700
@@ -1,4 +1,4 @@
 CONSOLE MESSAGE: line 2: <html xmlns='http://www.w3.org/1999/xhtml/'><body><p>Running an XSL-T 1.0 stylesheet with a 2.0 processor.</p></body></html>
-CONSOLE MESSAGE: line -1: <html xmlns='http://www.w3.org/1999/xhtml/'><body><p>Cannot open /: Path is a directory</p></body></html>
+CONSOLE MESSAGE: line -1: <html xmlns='http://www.w3.org/1999/xhtml/'><body><p>Protocol &quot;&quot; is unknown</p></body></html>
 layer at (0,0) size 800x600
   RenderView at (0,0) size 800x600
Comment 1 Csaba Osztrogonác 2011-05-06 04:02:08 PDT
Could you guys take up this task (and https://bugs.webkit.org/show_bug.cgi?id=60176)? 

You must know much more about the differences between Qt 4.7 and Qt 4.8 than me.

4.8 bots (one for WebKit trunk, one for QtWebKit 2.2 branch )should be green to be able to catch new regressions.
Comment 2 Csaba Osztrogonác 2011-05-10 06:52:13 PDT
Skipped by http://trac.webkit.org/changeset/86148 and http://trac.webkit.org/changeset/86149
Comment 4 Ademar Reis 2011-05-18 12:10:28 PDT
No need to block qtwebkit-2.2 anymore, as XSLT is currently disabled in production branches (See bug 60824 for details).
Comment 5 Csaba Osztrogonác 2011-05-27 05:46:48 PDT
Qt bug report filed about it: http://bugreports.qt.nokia.com/browse/QTBUG-19556
Comment 6 Robert Hogan 2011-05-30 15:09:23 PDT
*** Bug 52394 has been marked as a duplicate of this bug. ***
Comment 7 Robert Hogan 2011-05-30 15:15:18 PDT
Ends with:

ASSERT failure in QUrl QPatternist::ReportContext::resolveURI(const QUrl&, const QUrl&) const: "The QAbstractUriResolver must return an absolute URI.", file environment/qreportcontext.cpp, line 472

See also:
https://bugs.webkit.org/show_bug.cgi?id=33423

It looks like returning a QUrl() for cross-origin requests in:


QUrl XSLTUriResolver::resolve(const QUrl& relative, const QUrl& baseURI) const
{
    QUrl url = baseURI.resolved(relative);

    if (!m_document->frame() || !m_document->securityOrigin()->canRequest(url))
        return QUrl();
    return url;
}

now triggers an assert in this in qreportcontext.cpp in Qt:


QUrl ReportContext::resolveURI(const QUrl &relative,
                               const QUrl &baseURI) const
{
    Q_ASSERT_X(!baseURI.isRelative(), Q_FUNC_INFO,
               "The base URI passed from the engine wasn't absolute.");

    const QAbstractUriResolver *const resolver(uriResolver());

    if(resolver)
    {
        const QUrl final(resolver->resolve(relative, baseURI));
        Q_ASSERT_X(final.isValid() || final.isEmpty(), Q_FUNC_INFO,
                   "The QAbstractUriResolver must return a valid URI.");
        Q_ASSERT_X(!final.isRelative(), Q_FUNC_INFO,
                   "The QAbstractUriResolver must return an absolute URI.");
        return final;
    }
    else
        return baseURI.resolved(relative);
}
Comment 8 Jakub Wieczorek 2011-05-31 00:42:24 PDT
I suspect it's a change in QUrl that's causing this assert.

Anyway, as the code is not shipping and there does not seem to be any chance the XSLT support will improve in the near future (per http://labs.qt.nokia.com/2011/05/12/qt-modules-maturity-level-the-list/, which renders the whole module "Done", which means no new features as I understand it) as well as the API is not really well suited for the integration in QtWebKit (of which this bug is an example of), I suggest simply ditching this.
Comment 9 Csaba Osztrogonác 2011-07-14 08:00:10 PDT
This bug is still valid, it wasn't fixed in http://bugreports.qt.nokia.com/browse/QTBUG-19556 ...
Comment 10 Csaba Osztrogonác 2012-01-24 07:25:22 PST
The bug is still vaild with Qt 4.8.0 and the recent Qt5 too.
Comment 11 Csaba Osztrogonác 2012-05-18 06:22:49 PDT
Still valid bug with Qt 4.8 and Qt 5.

Qt 4.8 fail:
--- /home/oszi/WebKit/WebKitBuild/Release/layout-test-results/http/tests/security/xss-DENIED-xsl-document-expected.txt 
+++ /home/oszi/WebKit/WebKitBuild/Release/layout-test-results/http/tests/security/xss-DENIED-xsl-document-actual.txt 
@@ -1,4 +1,4 @@
 CONSOLE MESSAGE: line 2: <html xmlns='http://www.w3.org/1999/xhtml/'><body><p>Running an XSL-T 1.0 stylesheet with a 2.0 processor.</p></body></html>
-CONSOLE MESSAGE: line -1: <html xmlns='http://www.w3.org/1999/xhtml/'><body><p>Cannot open /: Path is a directory</p></body></html>
+CONSOLE MESSAGE: line -1: <html xmlns='http://www.w3.org/1999/xhtml/'><body><p>Protocol &quot;&quot; is unknown</p></body></html>
 layer at (0,0) size 800x600
   RenderView at (0,0) size 800x600

Qt 5 fail:
--- /home/oszi/WebKit/WebKitBuild/Release/layout-test-results/http/tests/security/xss-DENIED-xsl-document-expected.txt 
+++ /home/oszi/WebKit/WebKitBuild/Release/layout-test-results/http/tests/security/xss-DENIED-xsl-document-actual.txt 
@@ -1,4 +1,4 @@
 CONSOLE MESSAGE: line 2: <html xmlns='http://www.w3.org/1999/xhtml/'><body><p>Running an XSL-T 1.0 stylesheet with a 2.0 processor.</p></body></html>
-CONSOLE MESSAGE: line -1: <html xmlns='http://www.w3.org/1999/xhtml/'><body><p>Cannot open /: Path is a directory</p></body></html>
+CONSOLE MESSAGE: line -1: <html xmlns='http://www.w3.org/1999/xhtml/'><body><p>Protocol &quot;&quot; is unknown</p></body></html>
 layer at (0,0) size 800x600
   RenderView at (0,0) size 800x600
Comment 12 Csaba Osztrogonác 2012-05-18 06:26:12 PDT
Qt5 fail: (in the previous comment it was copy/paste error)

--- /mnt/raptor1/WebKit/WebKitBuild/Release/layout-test-results/http/tests/security/xss-DENIED-xsl-document-expected.txt
+++ /mnt/raptor1/WebKit/WebKitBuild/Release/layout-test-results/http/tests/security/xss-DENIED-xsl-document-actual.txt
@@ -1,4 +1,3 @@
-CONSOLE MESSAGE: line 2: <html xmlns='http://www.w3.org/1999/xhtml/'><body><p>Running an XSL-T 1.0 stylesheet with a 2.0 processor.</p></body></html>
-CONSOLE MESSAGE: line -1: <html xmlns='http://www.w3.org/1999/xhtml/'><body><p>Cannot open /: Path is a directory</p></body></html>
-layer at (0,0) size 800x600
-  RenderView at (0,0) size 800x600
+CONSOLE MESSAGE: Unsafe attempt to load URL http://localhost:8000/security/resources/target.xml from frame with URL http://127.0.0.1:8000/security/xss-DENIED-xsl-document.xml. Domains, protocols and ports must match.
+
+This test includes content via a cross-origin document() command. It passes if the load fails and thus there is no text below this line.
Comment 13 Csaba Osztrogonác 2012-10-09 02:03:49 PDT
This bug is still valid.
Comment 14 Csaba Osztrogonác 2012-11-21 03:59:12 PST
still valid