Bug 97979

Summary: Mixed content errors should contain stack traces when relevant.
Product: WebKit Reporter: Mike West <mkwst>
Component: WebCore Misc.Assignee: Mike West <mkwst>
Status: RESOLVED DUPLICATE    
Severity: Normal CC: dglazkov, japhet, pfeldman, vsevik, webkit.review.bot, yurys
Priority: P2    
Version: 528+ (Nightly build)   
Hardware: Unspecified   
OS: Unspecified   
Bug Depends on: 45638, 99857    
Bug Blocks: 97978    
Attachments:
Description Flags
WIP
none
WIP
none
Patch
none
Patch none

Mike West
Reported 2012-09-30 12:39:39 PDT
Currently, the mixed content errors we generate are of the form "The page at <url> displayed/ran insecure content from <url>." When relevant, we should attach a line number or stack trace to give some context.
Attachments
WIP (2.95 KB, patch)
2012-10-19 08:33 PDT, Mike West 		no flags
DetailsFormatted DiffDiff
WIP (4.27 KB, patch)
2012-10-19 12:34 PDT, Mike West 		no flags
DetailsFormatted DiffDiff
Patch (8.51 KB, patch)
2012-10-20 07:11 PDT, Mike West 		no flags
DetailsFormatted DiffDiff
Patch (9.82 KB, patch)
2012-10-22 01:30 PDT, Mike West 		no flags
DetailsFormatted DiffDiff
Show Obsolete (4) View All Add attachment proposed patch, testcase, etc.
Mike West
Comment 1 2012-10-19 08:33:09 PDT
Created attachment 169624 [details] WIP
Mike West
Comment 2 2012-10-19 12:34:59 PDT
Created attachment 169673 [details] WIP
Mike West
Comment 3 2012-10-19 12:43:29 PDT
Hello Inspector folks. :) I'm having a hard time writing a test for this patch. It needs to run under HTTPS in order to generate a mixed content warning, but the simple redirect that works for other tests I've seen doesn't seem to work here. The test simply times out after redirecting. Are there any HTTPS/inspector test limitations that you know of? Or am I just doing something obviously wrong in the attached patch? I've tried a few variations on the theme, but haven't yet been very successful. :/ Thanks!
Pavel Feldman
Comment 4 2012-10-19 12:59:35 PDT
Comment on attachment 169673 [details] WIP View in context: https://bugs.webkit.org/attachment.cgi?id=169673&action=review Note that inspector harness is very sensitive wrt navigation. You should use InspectorTest.navigate from within inspector to navigate. > LayoutTests/http/tests/inspector/mixedcontent-warning-contains-stacktrace.html:17 > + <script src="/inspector/resources/csp-test.js"></script> What is csp-test?
Mike West
Comment 5 2012-10-20 07:11:16 PDT
Created attachment 169768 [details] Patch
Mike West
Comment 6 2012-10-20 07:38:25 PDT
(In reply to comment #5) > Created an attachment (id=169768) [details] > Patch This patch's test should work correctly on mac. I'll have to wait till I'm back at the office to generate the Chromium linux baseline, as the inspector tests don't seem to work on Chromium mac. :(
WebKit Review Bot
Comment 7 2012-10-20 21:10:21 PDT
Comment on attachment 169768 [details] Patch Attachment 169768 [details] did not pass chromium-ews (chromium-xvfb): Output: http://queues.webkit.org/results/14457977 New failing tests: http/tests/inspector/stacktraces/mixedcontent-warning-contains-stacktrace.html
Mike West
Comment 8 2012-10-22 01:30:32 PDT
Created attachment 169850 [details] Patch
Mike West
Comment 9 2012-10-22 01:31:19 PDT
(In reply to comment #8) > Created an attachment (id=169850) [details] > Patch This patch updates the Chromium expectations. Ideally, it'll make all the bots happy.
Pavel Feldman
Comment 10 2012-10-23 09:24:57 PDT
Comment on attachment 169850 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=169850&action=review > Source/WebCore/loader/MixedContentChecker.cpp:113 > + console->addMessage(NetworkMessageSource, LogMessageType, WarningMessageLevel, message, m_frame->document()->url().string(), 0, callStack); Why did you switch from HTML to network source? > LayoutTests/http/tests/inspector/stacktraces/mixedcontent-warning-contains-stacktrace.html:8 > + function test() { Please place { on the next line. We also don't indent top-level functions. > LayoutTests/http/tests/inspector/stacktraces/mixedcontent-warning-contains-stacktrace.html:11 > + InspectorTest.navigate("https://127.0.0.1:8443/inspector/stacktraces/resources/mixedcontent-page.html", navigateBack); Navigation is extremely fragile in the inspector harness, please open iframes whenever possible.
Mike West
Comment 11 2012-10-24 05:29:50 PDT
(In reply to comment #10) > (From update of attachment 169850 [details]) > View in context: https://bugs.webkit.org/attachment.cgi?id=169850&action=review > > > Source/WebCore/loader/MixedContentChecker.cpp:113 > > + console->addMessage(NetworkMessageSource, LogMessageType, WarningMessageLevel, message, m_frame->document()->url().string(), 0, callStack); > > Why did you switch from HTML to network source? Mistake.That's leftover from earlier experimentation. I'll remove it when I respin the patch. > > LayoutTests/http/tests/inspector/stacktraces/mixedcontent-warning-contains-stacktrace.html:8 > > + function test() { > > Please place { on the next line. We also don't indent top-level functions. > > > LayoutTests/http/tests/inspector/stacktraces/mixedcontent-warning-contains-stacktrace.html:11 > > + InspectorTest.navigate("https://127.0.0.1:8443/inspector/stacktraces/resources/mixedcontent-page.html", navigateBack); > > Navigation is extremely fragile in the inspector harness, please open iframes whenever possible. I wasn't able to get this test working in an iframe. :/ I'll try again, but probably won't have time to fiddle until later this week.
Mike West
Comment 12 2012-11-30 12:20:02 PST
Closing this in favor of 100650, where I'm doing the same work in a more general way. *** This bug has been marked as a duplicate of bug 100650 ***
Eric Seidel (no email)
Comment 13 2013-01-04 00:51:12 PST
Comment on attachment 169850 [details] Patch Cleared review? from attachment 169850 [details] so that this bug does not appear in http://webkit.org/pending-review. If you would like this patch reviewed, please attach it to a new bug (or re-open this bug before marking it for review again).
Note You need to log in before you can comment on or make changes to this bug.