[Mac] CORS-compliant videos throw security errors when painting to Canvas
Created attachment 271224 [details] Patch
Comment on attachment 271224 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=271224&action=review > Source/WebCore/ChangeLog:4 > + [Mac] CORS-compliant videos throw security errors when painting to Canvas > + https://bugs.webkit.org/show_bug.cgi?id=154188 Please include the Radar number for posterity. > Source/WebCore/ChangeLog:9 > + Reviewed by NOBODY (OOPS!). > + > + Pass the CORS access check results from WebCoreNSURLSession to it's client, > + MediaPlayerPrivateAVFoundationObjC. This should really have a test. > Source/WebCore/platform/network/cocoa/WebCoreNSURLSession.h:52 > + Unknown, Nit: Instead of including this unused value, can you make "Fail" zero?
Comment on attachment 271224 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=271224&action=review >> Source/WebCore/platform/network/cocoa/WebCoreNSURLSession.h:52 >> + Unknown, > > Nit: Instead of including this unused value, can you make "Fail" zero? This value is used, right? Could you explicitly initialize the value to Unknown? > Source/WebCore/platform/network/cocoa/WebCoreNSURLSession.mm:167 > + return _corsResults == WebCoreNSURLSessionCORSAccessCheckResults::Pass; ASSERT(_corsResults != WebCoreNSURLSessionCORSAccessCheckResults::Fail) before this.
(In reply to comment #2) > Comment on attachment 271224 [details] > Patch > > View in context: > https://bugs.webkit.org/attachment.cgi?id=271224&action=review > > > Source/WebCore/ChangeLog:4 > > + [Mac] CORS-compliant videos throw security errors when painting to Canvas > > + https://bugs.webkit.org/show_bug.cgi?id=154188 > > Please include the Radar number for posterity. Ok. > > Source/WebCore/ChangeLog:9 > > + Reviewed by NOBODY (OOPS!). > > + > > + Pass the CORS access check results from WebCoreNSURLSession to it's client, > > + MediaPlayerPrivateAVFoundationObjC. > > This should really have a test. Technically, there already are three tests in http/tests/security. We can't enable them because there are platform requirements to enable this feature. > > Source/WebCore/platform/network/cocoa/WebCoreNSURLSession.h:52 > > + Unknown, > > Nit: Instead of including this unused value, can you make "Fail" zero? See below. (In reply to comment #3) > Comment on attachment 271224 [details] > Patch > > View in context: > https://bugs.webkit.org/attachment.cgi?id=271224&action=review > > >> Source/WebCore/platform/network/cocoa/WebCoreNSURLSession.h:52 > >> + Unknown, > > > > Nit: Instead of including this unused value, can you make "Fail" zero? > > This value is used, right? Could you explicitly initialize the value to > Unknown? Yes. > > Source/WebCore/platform/network/cocoa/WebCoreNSURLSession.mm:167 > > + return _corsResults == WebCoreNSURLSessionCORSAccessCheckResults::Pass; > > ASSERT(_corsResults != WebCoreNSURLSessionCORSAccessCheckResults::Fail) > before this. Ok.
Enabling tests are covered by <https://bugs.webkit.org/show_bug.cgi?id=154462>.
Created attachment 271763 [details] Patch
rdar://problem/22959556
Attachment 271763 [details] did not pass style-queue: ERROR: Source/WebCore/platform/network/cocoa/WebCoreNSURLSession.mm:522: Place brace on its own line for function definitions. [whitespace/braces] [4] Total errors found: 1 in 5 files If any of these errors are false positives, please file a bug against check-webkit-style.
Created attachment 271767 [details] Patch
Attachment 271767 [details] did not pass style-queue: ERROR: Source/WebCore/platform/network/cocoa/WebCoreNSURLSession.mm:524: Place brace on its own line for function definitions. [whitespace/braces] [4] Total errors found: 1 in 5 files If any of these errors are false positives, please file a bug against check-webkit-style.
Comment on attachment 271767 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=271767&action=review > Source/WebCore/platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:2168 > +#if PLATFORM(IOS) || __MAC_OS_X_VERSION_MIN_REQUIRED >= 101100 Should this be strictly greater than?
Committed r196827: <http://trac.webkit.org/changeset/196827>