Cross-Origin-Opener-Policy header parsing fails when report-to parameter is present, because parseStructuredFieldValue() doesn't handle parameters whose value is double-quoted.
Created attachment 434793 [details] Patch
Comment on attachment 434793 [details] Patch r=me
Comment on attachment 434793 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=434793&action=review > Source/WebCore/platform/network/HTTPParsers.cpp:634 > + value = header.substring(valueStart, index - valueStart).toStringWithoutCopying(); Not new, but "without copying" here does not seem right, since we move this value into a map and then return it. Why is it OK to not copy?
Comment on attachment 434793 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=434793&action=review >> Source/WebCore/platform/network/HTTPParsers.cpp:634 >> + value = header.substring(valueStart, index - valueStart).toStringWithoutCopying(); > > Not new, but "without copying" here does not seem right, since we move this value into a map and then return it. Why is it OK to not copy? Yes, this looks risky. I'll use toString().
Created attachment 434812 [details] Patch
Created attachment 434813 [details] Patch
Committed r280582 (240204@main): <https://commits.webkit.org/240204@main> All reviewed patches have been landed. Closing bug and clearing flags on attachment 434813 [details].
<rdar://problem/81442770>