RESOLVED FIXED 200917
Do not call addHTTPOriginIfNeeded for window.open 
https://bugs.webkit.org/show_bug.cgi?id=200917
Summary Do not call addHTTPOriginIfNeeded for window.open
Rob Buis
Reported 2019-08-20 04:29:06 PDT
Avoid spurious image downloads.
Attachments
Patch (1.67 KB, patch)
2019-08-20 04:31 PDT, Rob Buis 		no flags
DetailsFormatted DiffDiff
Archive of layout-test-results from ews103 for mac-highsierra (3.18 MB, application/zip)
2019-08-20 05:34 PDT, EWS Watchlist 		no flags
Details
Archive of layout-test-results from ews117 for mac-highsierra (3.00 MB, application/zip)
2019-08-20 06:18 PDT, EWS Watchlist 		no flags
Details
Archive of layout-test-results from ews215 for win-future (13.75 MB, application/zip)
2019-08-20 06:22 PDT, EWS Watchlist 		no flags
Details
Patch (2.68 KB, patch)
2019-08-24 08:48 PDT, Rob Buis 		no flags
DetailsFormatted DiffDiff
Patch (2.84 KB, patch)
2019-08-24 12:01 PDT, Rob Buis 		no flags
DetailsFormatted DiffDiff
Patch (1.82 KB, patch)
2019-08-26 06:51 PDT, Rob Buis 		no flags
DetailsFormatted DiffDiff
Show Obsolete (3) View All Add attachment proposed patch, testcase, etc.
Rob Buis
Comment 1 2019-08-20 04:31:39 PDT
Created attachment 376762 [details] Patch
EWS Watchlist
Comment 2 2019-08-20 05:34:24 PDT
Comment on attachment 376762 [details] Patch Attachment 376762 [details] did not pass mac-ews (mac): Output: https://webkit-queues.webkit.org/results/12946532 New failing tests: http/tests/misc/image-blocked-src-no-change.html
EWS Watchlist
Comment 3 2019-08-20 05:34:26 PDT
Created attachment 376764 [details] Archive of layout-test-results from ews103 for mac-highsierra The attached test failures were seen while running run-webkit-tests on the mac-ews. Bot: ews103 Port: mac-highsierra Platform: Mac OS X 10.13.6
EWS Watchlist
Comment 4 2019-08-20 06:18:50 PDT
Comment on attachment 376762 [details] Patch Attachment 376762 [details] did not pass mac-debug-ews (mac): Output: https://webkit-queues.webkit.org/results/12946565 New failing tests: http/tests/misc/image-blocked-src-no-change.html
EWS Watchlist
Comment 5 2019-08-20 06:18:52 PDT
Created attachment 376766 [details] Archive of layout-test-results from ews117 for mac-highsierra The attached test failures were seen while running run-webkit-tests on the mac-debug-ews. Bot: ews117 Port: mac-highsierra Platform: Mac OS X 10.13.6
EWS Watchlist
Comment 6 2019-08-20 06:22:15 PDT
Comment on attachment 376762 [details] Patch Attachment 376762 [details] did not pass win-ews (win): Output: https://webkit-queues.webkit.org/results/12946620 New failing tests: http/tests/misc/image-blocked-src-no-change.html
EWS Watchlist
Comment 7 2019-08-20 06:22:23 PDT
Created attachment 376767 [details] Archive of layout-test-results from ews215 for win-future The attached test failures were seen while running run-webkit-tests on the win-ews. Bot: ews215 Port: win-future Platform: CYGWIN_NT-10.0-17763-3.0.5-338.x86_64-x86_64-64bit
Rob Buis
Comment 8 2019-08-24 08:48:00 PDT
Created attachment 377210 [details] Patch
Rob Buis
Comment 9 2019-08-24 12:01:11 PDT
Created attachment 377212 [details] Patch
youenn fablet
Comment 10 2019-08-26 05:09:44 PDT
Comment on attachment 377212 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=377212&action=review > Source/WebCore/loader/FrameLoader.cpp:-4097 > - FrameLoader::addHTTPOriginIfNeeded(request.resourceRequest(), openerFrame.loader().outgoingOrigin()); What guarantees do we have that request.resourceRequest() is GET and not POST? > Source/WebCore/page/DOMWindow.cpp:-2360 > - FrameLoader::addHTTPOriginIfNeeded(resourceRequest, firstFrame.loader().outgoingOrigin()); Seems fine.
Rob Buis
Comment 11 2019-08-26 06:41:57 PDT
(In reply to youenn fablet from comment #10) > Comment on attachment 377212 [details] > Patch > > View in context: > https://bugs.webkit.org/attachment.cgi?id=377212&action=review > > > Source/WebCore/loader/FrameLoader.cpp:-4097 > > - FrameLoader::addHTTPOriginIfNeeded(request.resourceRequest(), openerFrame.loader().outgoingOrigin()); > > What guarantees do we have that request.resourceRequest() is GET and not > POST? The only other user of WebCore::createWindow that I can find is InspectorFrontendClientLocal::openInNewTab, which uses an empty ResourceRequest. I assumed empty ResourceRequest would default to GET, which it does not, so I'll remove this part of the patch.
Rob Buis
Comment 12 2019-08-26 06:51:30 PDT
Created attachment 377242 [details] Patch
Frédéric Wang (:fredw)
Comment 13 2019-08-29 03:01:09 PDT
Comment on attachment 377242 [details] Patch Change to Source/WebCore/loader/FrameLoader.cpp has been removed and Youenn already approved the one from Source/WebCore/page/DOMWindow.cpp.
WebKit Commit Bot
Comment 14 2019-08-29 04:10:51 PDT
Comment on attachment 377242 [details] Patch Clearing flags on attachment: 377242 Committed r249253: <https://trac.webkit.org/changeset/249253>
WebKit Commit Bot
Comment 15 2019-08-29 04:10:53 PDT
All reviewed patches have been landed. Closing bug.
Radar WebKit Bug Importer
Comment 16 2019-08-29 04:11:40 PDT
<rdar://problem/54831486>
Note You need to log in before you can comment on or make changes to this bug.