Created attachment 430817 [details] A demo project and results of iOS 14.5 and iOS 15.0 There is a regression in WKWebView on iOS 15.0. When setting the baseURL of the WKWebView to `custom-scheme://` via webView.loadHTMLString(, baseURL:), the Origin in http request header becomes `null` instead of `custom-sheme://` on iOS 15.0. iOS 14.6 doesn't have this issue. I have attached a demo project. You can run it with Xcode 12.5 and Xcode 13.0 to see the difference. After attaching inspector, press the "Request data" button. Then you can see the different Origin value in network request.
<rdar://problem/79027280>
Created attachment 431049 [details] Patch
Comment on attachment 431049 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=431049&action=review > Source/WebCore/page/SecurityOrigin.h:280 > + origin->m_data = WTFMove(*data); I have read your change log twice and I still don’t understand this change. It looks suspicious to set the securityorigindata (which is protocol / host / port) right after constructing a security origin with those same protocol / host / port.
Comment on attachment 431049 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=431049&action=review R=me with the change >> Source/WebCore/page/SecurityOrigin.h:280 >> + origin->m_data = WTFMove(*data); > > I have read your change log twice and I still don’t understand this change. It looks suspicious to set the securityorigindata (which is protocol / host / port) right after constructing a security origin with those same protocol / host / port. I looked at the create() function and it looks like it constructs a url from the components, only to then later on extract the components from the URL :( this is a bit unfortunate. I think your change would probably look better if you did: auto origin = adoptRef(*new SecurityOrigin); origin->m_data = WTFMove(*data); It would also be more efficient.
Created attachment 431051 [details] Patch
Created attachment 431084 [details] Patch
r278737
Thanks for reporting this bug!
*** Bug 226769 has been marked as a duplicate of this bug. ***
Looks like the latest Developer Beta 2 (19A5281j) brought this issue back. I got CORS issues (failed preflight request) again. > Failed to load resource: Preflight response is not successful