RESOLVED FIXED 228719
[COOP] Cross-Origin-Opener-Policy header parsing fails when report-to parameter is present 
https://bugs.webkit.org/show_bug.cgi?id=228719
Summary [COOP] Cross-Origin-Opener-Policy header parsing fails when report-to paramet...
Chris Dumez
Reported 2021-08-02 15:15:03 PDT
Cross-Origin-Opener-Policy header parsing fails when report-to parameter is present, because parseStructuredFieldValue() doesn't handle parameters whose value is double-quoted.
Attachments
Patch (10.29 KB, patch)
2021-08-02 15:19 PDT, Chris Dumez 		no flags
DetailsFormatted DiffDiff
Patch (10.49 KB, patch)
2021-08-02 19:28 PDT, Chris Dumez 		no flags
DetailsFormatted DiffDiff
Patch (10.72 KB, patch)
2021-08-02 19:31 PDT, Chris Dumez 		ews-feeder: commit-queue-
DetailsFormatted DiffDiff
Show Obsolete (2) View All Add attachment proposed patch, testcase, etc.
Chris Dumez
Comment 1 2021-08-02 15:19:31 PDT
Created attachment 434793 [details] Patch
Geoffrey Garen
Comment 2 2021-08-02 15:29:57 PDT
Comment on attachment 434793 [details] Patch r=me
Darin Adler
Comment 3 2021-08-02 16:03:21 PDT
Comment on attachment 434793 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=434793&action=review > Source/WebCore/platform/network/HTTPParsers.cpp:634 > + value = header.substring(valueStart, index - valueStart).toStringWithoutCopying(); Not new, but "without copying" here does not seem right, since we move this value into a map and then return it. Why is it OK to not copy?
Chris Dumez
Comment 4 2021-08-02 19:26:32 PDT
Comment on attachment 434793 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=434793&action=review >> Source/WebCore/platform/network/HTTPParsers.cpp:634 >> + value = header.substring(valueStart, index - valueStart).toStringWithoutCopying(); > > Not new, but "without copying" here does not seem right, since we move this value into a map and then return it. Why is it OK to not copy? Yes, this looks risky. I'll use toString().
Chris Dumez
Comment 5 2021-08-02 19:28:08 PDT
Created attachment 434812 [details] Patch
Chris Dumez
Comment 6 2021-08-02 19:31:22 PDT
Created attachment 434813 [details] Patch
EWS
Comment 7 2021-08-02 20:53:32 PDT
Committed r280582 (240204@main): <https://commits.webkit.org/240204@main> All reviewed patches have been landed. Closing bug and clearing flags on attachment 434813 [details].
Radar WebKit Bug Importer
Comment 8 2021-08-02 20:54:16 PDT
<rdar://problem/81442770>
Note You need to log in before you can comment on or make changes to this bug.