Bug 200535 - Origin header not included in WebSocket handshake request when using platform WebSocket API
Summary: Origin header not included in WebSocket handshake request when using platform...
Status: RESOLVED FIXED
Alias: None
Product: WebKit
Classification: Unclassified
Component: WebKit2 (show other bugs)
Version: WebKit Nightly Build
Hardware: Unspecified Unspecified
: P2 Normal
Assignee: Nobody
URL:
Keywords: InRadar
Depends on:
Blocks:
 
Reported: 2019-08-08 06:38 PDT by Thibault Saunier
Modified: 2019-08-28 00:08 PDT (History)
5 users (show)

See Also:

Attachments
Patch (1.61 KB, patch)
2019-08-27 00:13 PDT, Carlos Garcia Campos 		no flags Details | Formatted Diff | Diff
Patch (1.61 KB, patch)
2019-08-27 00:18 PDT, Carlos Garcia Campos 		youennf: review+
Details | Formatted Diff | Diff
Patch for landing (6.27 KB, patch)
2019-08-27 01:09 PDT, Carlos Garcia Campos 		no flags Details | Formatted Diff | Diff
Show Obsolete (2) View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Thibault Saunier 2019-08-08 06:38:21 PDT 
Since https://bugs.webkit.org/show_bug.cgi?id=200162 we get WebSocket error trying to use appr.tc.

This is a WEBKIT_DEBUG=network log:

 ➜  webkit-master git:(master) ✗ Tools/Scripts/run-minibrowser --gtk --debug --enable-write-console-messages-to-stdout=true https://appr.tc/r/4687dsd
Starting MiniBrowser.
Gtk-Message: 12:05:32.097: Failed to load module "canberra-gtk-module"
Gtk-Message: 12:05:32.097: Failed to load module "pk-gtk-module"
Gtk-Message: 12:05:32.099: Failed to load module "canberra-gtk-module"
Gtk-Message: 12:05:32.099: Failed to load module "pk-gtk-module"
UNIMPLEMENTED: 
../../Source/WebKit/UIProcess/gtk/WebPreferencesGtk.cpp(50) : void WebKit::WebPreferences::platformUpdateBoolValueForKey(const WTF::String&, bool)
UNIMPLEMENTED: 
../../Source/WebKit/UIProcess/gtk/WebPreferencesGtk.cpp(45) : void WebKit::WebPreferences::platformUpdateStringValueForKey(const WTF::String&, const WTF::String&)
UNIMPLEMENTED: 
../../Source/WebKit/UIProcess/gtk/WebPreferencesGtk.cpp(81) : bool WebKit::WebPreferences::platformGetBoolUserValueForKey(const WTF::String&, bool&)
UNIMPLEMENTED: 
../../Source/WebKit/UIProcess/gtk/WebPreferencesGtk.cpp(87) : bool WebKit::WebPreferences::platformGetUInt32UserValueForKey(const WTF::String&, uint32_t&)
Gtk-Message: 12:05:32.319: Failed to load module "canberra-gtk-module"
Gtk-Message: 12:05:32.319: Failed to load module "pk-gtk-module"
Gtk-Message: 12:05:32.321: Failed to load module "canberra-gtk-module"
Gtk-Message: 12:05:32.321: Failed to load module "pk-gtk-module"
UNIMPLEMENTED: 
../../Source/WebKit/WebProcess/WebCoreSupport/WebFrameLoaderClient.cpp(1057) : virtual void WebKit::WebFrameLoaderClient::setMainFrameDocumentReady(bool)
UNIMPLEMENTED: 
../../Source/WebKit/WebProcess/WebCoreSupport/WebFrameLoaderClient.cpp(166) : virtual void WebKit::WebFrameLoaderClient::setCopiesOnScroll()
UNIMPLEMENTED: 
../../Source/WebKit/WebProcess/WebCoreSupport/WebFrameLoaderClient.cpp(1396) : virtual void WebKit::WebFrameLoaderClient::prepareForDataSourceReplacement()
UNIMPLEMENTED: 
../../Source/WebKit/WebProcess/WebCoreSupport/WebFrameLoaderClient.cpp(1717) : virtual WTF::String WebKit::WebFrameLoaderClient::overrideMediaType() const
UNIMPLEMENTED: 
../../Source/WebCore/html/parser/HTMLTreeBuilder.cpp(2534) : void WebCore::HTMLTreeBuilder::defaultForInitial()
UNIMPLEMENTED: 
../../Source/WebCore/html/parser/HTMLTreeBuilder.cpp(2474) : void WebCore::HTMLTreeBuilder::processEndOfFile(WebCore::AtomicHTMLToken&&)
UNIMPLEMENTED: 
../../Source/WebKit/WebProcess/WebCoreSupport/WebFrameLoaderClient.cpp(161) : virtual void WebKit::WebFrameLoaderClient::forceLayoutForNonHTML()
UNIMPLEMENTED: 
../../Source/WebKit/WebProcess/WebPage/gtk/WebPageGtk.cpp(157) : static bool WebKit::WebPage::platformCanHandleRequest(const WebCore::ResourceRequest&)
UNIMPLEMENTED: 
../../Source/WebKit/WebProcess/WebCoreSupport/WebFrameLoaderClient.cpp(1299) : virtual bool WebKit::WebFrameLoaderClient::canHandleRequest(const WebCore::ResourceRequest&) const
UNIMPLEMENTED: 
../../Source/WebKit/WebProcess/WebCoreSupport/WebFrameLoaderClient.cpp(1316) : virtual bool WebKit::WebFrameLoaderClient::representationExistsForURLScheme(const WTF::String&) const
GLib-GIO-Message: 12:05:33.072: Using the 'memory' GSettings backend.  Your settings will not be saved or shared with other applications.
> GET /r/4687dsd HTTP/1.1
> Soup-Debug-Timestamp: 1565193933
> Soup-Debug: SoupSession 1 (0x1518100), SoupMessage 1 (0x15228d0), SoupSocket 1 (0x1507500)
> Host: appr.tc
> Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
> User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.0 Safari/605.1.15
> Accept-Encoding: gzip, deflate
> Accept-Language: en-US
> Connection: Keep-Alive
  
(WebProcess) WebResourceLoader::didReceiveResponse for 'https://appr.tc/r/4687dsd'. Status 200.
UNIMPLEMENTED: 
../../Source/WebKit/WebProcess/WebCoreSupport/WebFrameLoaderClient.cpp(1305) : virtual bool WebKit::WebFrameLoaderClient::canShowMIMEType(const WTF::String&) const
(WebProcess) WebResourceLoader::didReceiveData of size 512 for 'https://appr.tc/r/4687dsd'
UNIMPLEMENTED: 
../../Source/WebKit/WebProcess/WebCoreSupport/WebFrameLoaderClient.cpp(463) : virtual void WebKit::WebFrameLoaderClient::dispatchWillClose()
UNIMPLEMENTED: 
../../Source/WebKit/WebProcess/WebCoreSupport/WebFrameLoaderClient.cpp(156) : virtual void WebKit::WebFrameLoaderClient::makeRepresentation(WebCore::DocumentLoader*)
< HTTP/1.1 200 OK
< Soup-Debug-Timestamp: 1565193933
< Soup-Debug: SoupMessage 1 (0x15228d0)
< Content-Type: text/html; charset=utf-8
< Cache-Control: no-cache
< Content-Encoding: gzip
< X-Cloud-Trace-Context: aee6927d4d8fb438d89dff14c8722731
< Vary: Accept-Encoding
< Date: Wed, 07 Aug 2019 16:05:33 GMT
< Server: Google Frontend
< Transfer-Encoding: chunked
< 
  
UNIMPLEMENTED: 
DerivedSources/ForwardingHeaders/WebCore/CertificateInfo.h(56) : bool WebCore::CertificateInfo::containsNonRootSHA1SignedCertificate() const
(WebProcess) WebResourceLoader::didReceiveData of size 1233 for 'https://appr.tc/r/4687dsd'
UNIMPLEMENTED: 
../../Source/WebKit/WebProcess/WebCoreSupport/WebFrameLoaderClient.cpp(1067) : virtual void WebKit::WebFrameLoaderClient::willChangeTitle(WebCore::DocumentLoader*)
UNIMPLEMENTED: 
../../Source/WebKit/WebProcess/WebCoreSupport/WebFrameLoaderClient.cpp(1072) : virtual void WebKit::WebFrameLoaderClient::didChangeTitle(WebCore::DocumentLoader*)
(WebProcess) WebResourceLoader::didReceiveData of size 4133 for 'https://appr.tc/r/4687dsd'
UNIMPLEMENTED: 
../../Source/WebCore/html/parser/HTMLConstructionSite.cpp(560) : void WebCore::HTMLConstructionSite::insertForeignElement(WebCore::AtomicHTMLToken&&, const WTF::AtomString&)
(WebProcess) WebResourceLoader::didReceiveData of size 1700 for 'https://appr.tc/r/4687dsd'
(WebProcess) WebResourceLoader::didReceiveData of size 3 for 'https://appr.tc/r/4687dsd'
(WebProcess) WebResourceLoader::didReceiveData of size 1 for 'https://appr.tc/r/4687dsd'
(WebProcess) WebResourceLoader::didReceiveData of size 9 for 'https://appr.tc/r/4687dsd'
(WebProcess) WebResourceLoader::didReceiveData of size 1 for 'https://appr.tc/r/4687dsd'
(WebProcess) WebResourceLoader::didReceiveData of size 5 for 'https://appr.tc/r/4687dsd'
(WebProcess) WebResourceLoader::didReceiveData of size 1 for 'https://appr.tc/r/4687dsd'
(WebProcess) WebResourceLoader::didReceiveData of size 1 for 'https://appr.tc/r/4687dsd'
(WebProcess) WebResourceLoader::didReceiveData of size 10 for 'https://appr.tc/r/4687dsd'
(WebProcess) WebResourceLoader::didReceiveData of size 1 for 'https://appr.tc/r/4687dsd'
(WebProcess) WebResourceLoader::didReceiveData of size 2 for 'https://appr.tc/r/4687dsd'
(WebProcess) WebResourceLoader::didReceiveData of size 365 for 'https://appr.tc/r/4687dsd'
(WebProcess) WebResourceLoader::didReceiveData of size 402 for 'https://appr.tc/r/4687dsd'
(WebProcess) WebResourceLoader::didFinishResourceLoad for 'https://appr.tc/r/4687dsd'
(WebProcess) WebResourceLoader::didReceiveResponse for 'https://appr.tc/css/main.css'. Status 200.
(WebProcess) WebResourceLoader::didReceiveData of size 6402 for 'https://appr.tc/css/main.css'
(WebProcess) WebResourceLoader::didFinishResourceLoad for 'https://appr.tc/css/main.css'
UNIMPLEMENTED: 
../../Source/WebKit/WebProcess/WebCoreSupport/WebChromeClient.cpp(915) : virtual void WebKit::WebChromeClient::setNeedsOneShotDrawingSynchronization()
(WebProcess) WebResourceLoader::didReceiveResponse for 'https://appr.tc/js/apprtc.debug.js'. Status 200.
(WebProcess) WebResourceLoader::didReceiveResource for 'https://appr.tc/js/apprtc.debug.js'
https://appr.tc/js/apprtc.debug.js:6303:16: CONSOLE LOG 1.633: Initializing; server= undefined.
https://appr.tc/js/apprtc.debug.js:6303:16: CONSOLE LOG 1.634: Initializing; room=4687dsd.
UNIMPLEMENTED: 
DerivedSources/ForwardingHeaders/WebCore/CertificateInfo.h(56) : bool WebCore::CertificateInfo::containsNonRootSHA1SignedCertificate() const
UNIMPLEMENTED: 
../../Source/WebCore/html/parser/HTMLTreeBuilder.cpp(1390) : bool WebCore::HTMLTreeBuilder::processBodyEndTagForInBody(WebCore::AtomicHTMLToken&&)
(WebProcess) WebResourceLoader::didReceiveResponse for 'https://www.google-analytics.com/analytics.js'. Status 200.
(WebProcess) WebResourceLoader::didReceiveResource for 'https://www.google-analytics.com/analytics.js'
> POST /v1alpha/iceconfig?key=AIzaSyARF6xu5eZUJmsFqT_aCRZIgdV5BiCavYU HTTP/1.1
> Soup-Debug-Timestamp: 1565193934
> Soup-Debug: SoupSession 1 (0x1518100), SoupMessage 2 (0x1522ab0), SoupSocket 2 (0x1711a70)
> Host: networktraversal.googleapis.com
> Origin: https://appr.tc
> Accept: */*
> Referer: https://appr.tc/r/4687dsd
> User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.0 Safari/605.1.15
> Content-Length: 0
> Accept-Encoding: gzip, deflate
> Accept-Language: en-US
> Connection: Keep-Alive
  
> GET /r/collect?v=1&_v=j78&a=1835947090&t=pageview&_s=1&dl=https%3A%2F%2Fappr.tc%2Fr%2F4687dsd&ul=en-us&de=UTF-8&dt=AppRTC&sd=24-bit&sr=2560x1080&vp=800x558&je=1&_u=IEBAAMAB~&jid=79236096&gjid=1895696748&cid=1638790819.1565193936&tid=UA-48530561-2&_gid=1615781821.1565193936&_r=1&z=1605805226 HTTP/1.1
> Soup-Debug-Timestamp: 1565193935
> Soup-Debug: SoupSession 1 (0x1518100), SoupMessage 3 (0x1522c90), SoupSocket 3 (0x15071c0)
> Host: www.google-analytics.com
> Accept: image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5
> Referer: https://appr.tc/r/4687dsd
> User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.0 Safari/605.1.15
> Accept-Encoding: gzip, deflate
> Accept-Language: en-US
> Connection: Keep-Alive
  
< HTTP/1.1 200 OK
< Soup-Debug-Timestamp: 1565193935
< Soup-Debug: SoupMessage 2 (0x1522ab0)
< Content-Type: application/json; charset=UTF-8
< Vary: Origin
< Vary: X-Origin
< Vary: Referer
< Content-Encoding: gzip
< Date: Wed, 07 Aug 2019 16:05:35 GMT
< Server: ESF
< Cache-Control: private
< X-XSS-Protection: 0
< X-Frame-Options: SAMEORIGIN
< X-Content-Type-Options: nosniff
< Access-Control-Allow-Origin: https://appr.tc
< Access-Control-Expose-Headers: content-encoding,date,server,content-length
< Alt-Svc: quic=":443"; ma=2592000; v="46,43,39"
< Transfer-Encoding: chunked
< 
  
(WebProcess) WebResourceLoader::didReceiveResponse for 'https://networktraversal.googleapis.com/v1alpha/iceconfig?key=AIzaSyARF6xu5eZUJmsFqT_aCRZIgdV5BiCavYU'. Status 200.
(WebProcess) WebResourceLoader::didReceiveData of size 634 for 'https://networktraversal.googleapis.com/v1alpha/iceconfig?key=AIzaSyARF6xu5eZUJmsFqT_aCRZIgdV5BiCavYU'
(WebProcess) WebResourceLoader::didFinishResourceLoad for 'https://networktraversal.googleapis.com/v1alpha/iceconfig?key=AIzaSyARF6xu5eZUJmsFqT_aCRZIgdV5BiCavYU'
< HTTP/1.1 200 OK
< Soup-Debug-Timestamp: 1565193935
< Soup-Debug: SoupMessage 3 (0x1522c90)
< Access-Control-Allow-Origin: *
< Date: Wed, 07 Aug 2019 16:05:35 GMT
< Pragma: no-cache
< Expires: Fri, 01 Jan 1990 00:00:00 GMT
< Cache-Control: no-cache, no-store, must-revalidate
< Last-Modified: Sun, 17 May 1998 03:00:00 GMT
< X-Content-Type-Options: nosniff
< Content-Type: image/gif
< Server: Golfe2
< Content-Length: 35
< Alt-Svc: quic=":443"; ma=2592000; v="46,43,39"
< 
  
https://appr.tc/js/apprtc.debug.js:6303:16: CONSOLE LOG 2.882: Retrieved ICE server information.
(WebProcess) WebResourceLoader::didReceiveResponse for 'https://www.google-analytics.com/r/collect?v=1&_v=j78&a=1835947090&t=pageview&_s=1&dl=https%3A%2F%2Fappr.tc%2Fr%2F4687dsd&ul=en-us&de=UTF-8&dt=AppRTC&sd=24-bit&sr=2560x1080&vp=800x558&je=1&_u=IEBAAMAB~&jid=79236096&gjid=1895696748&cid=1638790819.1565193936&tid=UA-48530561-2&_gid=1615781821.1565193936&_r=1&z=1605805226'. Status 200.
(WebProcess) WebResourceLoader::didReceiveData of size 35 for 'https://www.google-analytics.com/r/collect?v=1&_v=j78&a=1835947090&t=pageview&_s=1&dl=https%3A%2F%2Fappr.tc%2Fr%2F4687dsd&ul=en-us&de=UTF-8&dt=AppRTC&sd=24-bit&sr=2560x1080&vp=800x558&je=1&_u=IEBAAMAB~&jid=79236096&gjid=1895696748&cid=1638790819.1565193936&tid=UA-48530561-2&_gid=1615781821.1565193936&_r=1&z=1605805226'
(WebProcess) WebResourceLoader::didFinishResourceLoad for 'https://www.google-analytics.com/r/collect?v=1&_v=j78&a=1835947090&t=pageview&_s=1&dl=https%3A%2F%2Fappr.tc%2Fr%2F4687dsd&ul=en-us&de=UTF-8&dt=AppRTC&sd=24-bit&sr=2560x1080&vp=800x558&je=1&_u=IEBAAMAB~&jid=79236096&gjid=1895696748&cid=1638790819.1565193936&tid=UA-48530561-2&_gid=1615781821.1565193936&_r=1&z=1605805226'
https://appr.tc/js/apprtc.debug.js:6303:16: CONSOLE LOG 3.863: Got access to local media with mediaConstraints:
  '{"audio":true,"video":true}'
https://appr.tc/js/apprtc.debug.js:6303:16: CONSOLE LOG 3.865: User has granted access to local media.
https://appr.tc/js/apprtc.debug.js:6303:16: CONSOLE LOG 3.870: Attaching local stream.
https://appr.tc/js/apprtc.debug.js:6303:16: CONSOLE LOG 4.833: Opening signaling channel.
WebSocket 0x7fcce8025090 connect() url='wss://apprtc-ws.webrtc.org/ws'
UNIMPLEMENTED: 
../../Source/WebCore/page/EventHandler.cpp(4393) : bool WebCore::EventHandler::eventActivatedView(const WebCore::PlatformMouseEvent&) const
> POST /join/4687dsd HTTP/1.1
> Soup-Debug-Timestamp: 1565193938
> Soup-Debug: SoupSession 1 (0x1518100), SoupMessage 4 (0x1522d80), SoupSocket 4 (0x7f45cc007530)
> Host: appr.tc
> Accept: */*
> Referer: https://appr.tc/r/4687dsd
> Origin: https://appr.tc
> User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.0 Safari/605.1.15
> Content-Length: 0
> Accept-Encoding: gzip, deflate
> Accept-Language: en-US
> Connection: Keep-Alive
  
> GET /ws HTTP/1.1
> Soup-Debug-Timestamp: 1565193938
> Soup-Debug: SoupSession 1 (0x1518100), SoupMessage 5 (0x1522c90), SoupSocket 5 (0x1507290)
> Host: apprtc-ws.webrtc.org
> User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.0 Safari/605.1.15
> Pragma: no-cache
> Cache-Control: no-cache
> Upgrade: websocket
> Connection: Upgrade
> Sec-WebSocket-Key: ArL+UH7CYbrtnihAwogN6w==
> Sec-WebSocket-Version: 13
> Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
> Accept-Encoding: gzip, deflate
> Accept-Language: en-US
  
< HTTP/1.1 200 OK
< Soup-Debug-Timestamp: 1565193938
< Soup-Debug: SoupMessage 4 (0x1522d80)
< Content-Type: text/html; charset=utf-8
< Cache-Control: no-cache
< Content-Encoding: gzip
< X-Cloud-Trace-Context: 3bfe831132bac84134a49103a62162f4
< Vary: Accept-Encoding
< Date: Wed, 07 Aug 2019 16:05:38 GMT
< Server: Google Frontend
< Transfer-Encoding: chunked
< 
  
(WebProcess) WebResourceLoader::didReceiveResponse for 'https://appr.tc/join/4687dsd'. Status 200.
(WebProcess) WebResourceLoader::didReceiveData of size 922 for 'https://appr.tc/join/4687dsd'
(WebProcess) WebResourceLoader::didFinishResourceLoad for 'https://appr.tc/join/4687dsd'
https://appr.tc/js/apprtc.debug.js:6303:16: CONSOLE LOG 5.413: Joined the room.
< HTTP/1.1 403 Forbidden
< Soup-Debug-Timestamp: 1565193938
< Soup-Debug: SoupMessage 5 (0x1522c90)
< 
  
WebSocket 0x7fcce8025090 didReceiveErrorMessage()
https://appr.tc/js/apprtc.debug.js:6303:16: CONSOLE LOG 5.548: WebSocket open error: WebSocket error.
https://appr.tc/js/apprtc.debug.js:6303:16: CONSOLE LOG 5.571: WebSocket register error: WebSocket error.
WebSocket 0x7fcce8025090 didClose()
> POST /leave/4687dsd/30628359 HTTP/1.1
> Soup-Debug-Timestamp: 1565193940
> Soup-Debug: SoupSession 1 (0x1518100), SoupMessage 6 (0x15228d0), SoupSocket 6 (0x7f45cc007390)
> Host: appr.tc
> Referer: https://appr.tc/r/4687dsd
> Origin: https://appr.tc
> User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.0 Safari/605.1.15
> Accept: */*
> Content-Length: 0
> Accept-Encoding: gzip, deflate
> Accept-Language: en-US
> Connection: Keep-Alive
  
< HTTP/1.1 200 OK
< Soup-Debug-Timestamp: 1565193940
< Soup-Debug: SoupMessage 6 (0x15228d0)
< Content-Type: text/html; charset=utf-8
< Cache-Control: no-cache
< X-Cloud-Trace-Context: 19b3ae1e17039799ba8eaea8d7be50fa
< Date: Wed, 07 Aug 2019 16:05:40 GMT
< Server: Google Frontend
< Content-Length: 0
<
Comment 1 Carlos Garcia Campos 2019-08-27 00:11:05 PDT 
Not soup specific. The Origin header is missing in handshake message when using platform WebSockets implementation. That's why we get a 403 forbidden.
Comment 2 Carlos Garcia Campos 2019-08-27 00:13:57 PDT 
Created attachment 377322 [details]
Patch
Comment 3 Carlos Garcia Campos 2019-08-27 00:18:11 PDT 
Created attachment 377323 [details]
Patch
Comment 4 youenn fablet 2019-08-27 00:21:53 PDT 
Comment on attachment 377323 [details]
Patch

View in context: https://bugs.webkit.org/attachment.cgi?id=377323&action=review

> Source/WebCore/Modules/websockets/ThreadableWebSocketChannel.cpp:113
> +    request.setHTTPHeaderField(HTTPHeaderName::Origin, document.securityOrigin().toString());

Can we add a test for it?
Comment 5 Carlos Garcia Campos 2019-08-27 01:07:58 PDT 
We have tests, I'll upload a new patch with the tests expectations updated.
Comment 6 Carlos Garcia Campos 2019-08-27 01:09:14 PDT 
Created attachment 377325 [details]
Patch for landing
Comment 7 Carlos Garcia Campos 2019-08-27 01:42:12 PDT 
Committed r249135: <https://trac.webkit.org/changeset/249135>
Comment 8 Radar WebKit Bug Importer 2019-08-27 01:43:16 PDT 
<rdar://problem/54739843>
Comment 9 Rob Buis 2019-08-28 00:08:47 PDT 
Note what we have setHTTPOrigin which does the same thing but makes the intention more clear.