Bug 159510 - [Win] The test http/tests/security/contentSecurityPolicy/upgrade-insecure-requests/basic-upgrade.https.html is failing.
Summary: [Win] The test http/tests/security/contentSecurityPolicy/upgrade-insecure-req...
Status: RESOLVED FIXED
Alias: None
Product: WebKit
Classification: Unclassified
Component: Tools / Tests (show other bugs)
Version: WebKit Nightly Build
Hardware: Unspecified Unspecified
: P2 Normal
Assignee: Per Arne Vollan
URL:
Keywords: InRadar
Depends on: 159556
Blocks:
  Show dependency treegraph
 
Reported: 2016-07-07 02:57 PDT by Per Arne Vollan
Modified: 2017-08-03 09:02 PDT (History)
8 users (show)

See Also:


Attachments
Patch (2.96 KB, patch)
2016-07-07 09:38 PDT, Per Arne Vollan
no flags Details | Formatted Diff | Diff
Patch (1.24 KB, patch)
2017-08-02 11:35 PDT, Per Arne Vollan
no flags Details | Formatted Diff | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Per Arne Vollan 2016-07-07 02:57:18 PDT
We need to allow any https certificate in DumpRenderTree.
Comment 1 Per Arne Vollan 2016-07-07 09:38:33 PDT
Created attachment 283019 [details]
Patch
Comment 2 Brent Fulgham 2016-07-07 10:58:19 PDT
Comment on attachment 283019 [details]
Patch

r=me
Comment 3 Per Arne Vollan 2016-07-07 12:55:59 PDT
(In reply to comment #2)
> Comment on attachment 283019 [details]
> Patch
> 
> r=me

Thanks for reviewing!
Comment 4 Per Arne Vollan 2016-07-07 23:32:40 PDT
Committed r202967: <https://trac.webkit.org/changeset/202967>
Comment 5 WebKit Commit Bot 2016-07-08 05:19:51 PDT
Re-opened since this is blocked by bug 159556
Comment 6 Per Arne Vollan 2017-08-02 11:35:57 PDT
Created attachment 316979 [details]
Patch
Comment 7 Daniel Bates 2017-08-02 17:01:17 PDT
Comment on attachment 316979 [details]
Patch

View in context: https://bugs.webkit.org/attachment.cgi?id=316979&action=review

> Tools/DumpRenderTree/win/DumpRenderTree.cpp:1214
> +    request->setAllowsAnyHTTPSCertificate();

OK. Although it is unlikely that DumpRenderTree would be used to load an arbitrary URL (and would be an error if run-webkit-test ever invoked with a non-file, non-localhost URL) it would be good practice to take a similar approach as in Mac DumpRenderTree/WebKitTestRunner and only allow any HTTPS certificate for localhost and 127.0.0.1.
Comment 8 Per Arne Vollan 2017-08-03 08:31:30 PDT
(In reply to Daniel Bates from comment #7)
> Comment on attachment 316979 [details]
> Patch
> 
> View in context:
> https://bugs.webkit.org/attachment.cgi?id=316979&action=review
> 
> > Tools/DumpRenderTree/win/DumpRenderTree.cpp:1214
> > +    request->setAllowsAnyHTTPSCertificate();
> 
> OK. Although it is unlikely that DumpRenderTree would be used to load an
> arbitrary URL (and would be an error if run-webkit-test ever invoked with a
> non-file, non-localhost URL) it would be good practice to take a similar
> approach as in Mac DumpRenderTree/WebKitTestRunner and only allow any HTTPS
> certificate for localhost and 127.0.0.1.

Thanks for reviewing! I will add a host check in a follow-up patch.
Comment 9 WebKit Commit Bot 2017-08-03 09:01:57 PDT
Comment on attachment 316979 [details]
Patch

Clearing flags on attachment: 316979

Committed r220206: <http://trac.webkit.org/changeset/220206>
Comment 10 WebKit Commit Bot 2017-08-03 09:01:59 PDT
All reviewed patches have been landed.  Closing bug.
Comment 11 Radar WebKit Bug Importer 2017-08-03 09:02:57 PDT
<rdar://problem/33700981>