When PSON is enabled, we are unable to submit a file in FormData cross-site. Although we encode the request body over IPC since r237639, we're missing the right sandbox extensions for its to work for files.
Created attachment 353544 [details] Patch
Created attachment 353546 [details] Patch
Comment on attachment 353546 [details] Patch Attachment 353546 [details] did not pass win-ews (win): Output: https://webkit-queues.webkit.org/results/9806291 New failing tests: http/tests/misc/form-submit-file-cross-site.html
Created attachment 353580 [details] Archive of layout-test-results from ews200 for win-future The attached test failures were seen while running run-webkit-tests on the win-ews. Bot: ews200 Port: win-future Platform: CYGWIN_NT-6.1-2.9.0-0.318-5-3-x86_64-64bit
Created attachment 353603 [details] Patch
Comment on attachment 353603 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=353603&action=review > Source/WebKit/Platform/IPC/FormDataReference.h:89 > + WebKit::SandboxExtension::consumePermanently(sandboxExtensionHandles->at(i)); Do we need permanent access to those files?
(In reply to Alex Christensen from comment #6) > Comment on attachment 353603 [details] > Patch > > View in context: > https://bugs.webkit.org/attachment.cgi?id=353603&action=review > > > Source/WebKit/Platform/IPC/FormDataReference.h:89 > > + WebKit::SandboxExtension::consumePermanently(sandboxExtensionHandles->at(i)); > > Do we need permanent access to those files? This is what is normally done for file uploads, see: void WebPage::extendSandboxForFilesFromOpenPanel(SandboxExtension::HandleArray&& handles) { for (size_t i = 0; i < handles.size(); ++i) { bool result = SandboxExtension::consumePermanently(handles[i]); if (!result) { // We have reports of cases where this fails for some unknown reason, <rdar://problem/10156710>. WTFLogAlways("WebPage::extendSandboxForFileFromOpenPanel(): Could not consume a sandbox extension"); } } } and { for (size_t i = 0; i < m_pendingDropExtensionsForFileUpload.size(); i++) m_pendingDropExtensionsForFileUpload[i]->consumePermanently(); m_pendingDropExtensionsForFileUpload.clear(); }
Comment on attachment 353603 [details] Patch Clearing flags on attachment: 353603 Committed r237683: <https://trac.webkit.org/changeset/237683>
All reviewed patches have been landed. Closing bug.
<rdar://problem/45732902>