Bug 235475 - REGRESSION (iOS 15.2): Loading gets stuck after back-navigation involving COOP header
Summary: REGRESSION (iOS 15.2): Loading gets stuck after back-navigation involving COO...
Status: RESOLVED FIXED
Alias: None
Product: WebKit
Classification: Unclassified
Component: New Bugs (show other bugs)
Version: Safari 15
Hardware: iPhone / iPad iOS 15
: P2 Normal
Assignee: Chris Dumez
URL:
Keywords: InRadar
: 237137 237566 (view as bug list)
Depends on:
Blocks:
 
Reported: 2022-01-22 05:58 PST by Rémi
Modified: 2022-06-23 15:50 PDT (History)
12 users (show)

See Also:

Attachments
API Test reproducing the issue (2.41 KB, patch)
2022-01-24 16:07 PST, Chris Dumez 		no flags Details | Formatted Diff | Diff
Patch (18.55 KB, patch)
2022-01-25 12:53 PST, Chris Dumez 		no flags Details | Formatted Diff | Diff
Patch (27.27 KB, patch)
2022-01-25 14:08 PST, Chris Dumez 		no flags Details | Formatted Diff | Diff
Show Obsolete (2) View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Rémi 2022-01-22 05:58:06 PST 
Overview
========

Back-navigation gets stuck in infinite loading under some circumstances when the Cross-Origin-Opener-Policy header is in use.
This bug seems to impact only iOS and iPadOS 15.2, using any browser (e.g. we tried on Safari, Brave and Firefox).
It seems like the COOP header was not supported before this version (https://webkit.org/blog/12140/new-webkit-features-in-safari-15-2/)

Steps to reproduce
==================

Here is a page which allows to reproduce the issue: https://fmarier.org/coop-safari/link.html (Thank you Francois)
The flow is the following:
- 'Site 1' sets the COOP header (either with value 'same-origin-allow-popups' or 'same-origin')
- User navigates to 'site 2' from 'site 1' (e.g. in this case Instagram, which is how we discovered the issue in the first place)
- User navigates backward from 'site 2' to 'site 1', but the loading gets stuck.

Expected result
===============

It should be possible to navigate backward from 'site 2' to 'site 1' without the browser getting stuck loading.

Additional information
======================

Removing the COOP header from 'site 1' results in back-navigation working as expected.

Speculation
===========

It is not 100% clear what is causing this issue, but it seems to happen in some cases when 'site 1' and 'site 2' both define a COOP header, and user tries to navigation back from 'site 2' to 'site 1'.

Build Date & Hardware
=====================

The version of iOS where the issue was observed is 15.2.1 (19C63), the same issue appears on iPadOS 15.2 as well. We could not reproduce on the previous iOS version nor on the desktop version of Safari.
Comment 1 Radar WebKit Bug Importer 2022-01-23 17:29:17 PST 
<rdar://problem/87948317>
Comment 2 Chris Dumez 2022-01-24 15:07:33 PST 
I am able to reproduce. Thank you for the bug report, I will investigate shortly.
Comment 3 Chris Dumez 2022-01-24 16:07:03 PST 
Created attachment 449878 [details]
API Test reproducing the issue

From the output it appears we keep launching new WebProcesses in a loop when we get in the bad state.
Comment 4 Chris Dumez 2022-01-25 12:53:49 PST 
Created attachment 449957 [details]
Patch
Comment 5 Chris Dumez 2022-01-25 14:08:42 PST 
Created attachment 449965 [details]
Patch
Comment 6 Geoffrey Garen 2022-01-25 16:08:44 PST 
Comment on attachment 449965 [details]
Patch

r=me
Comment 7 EWS 2022-01-25 23:01:23 PST 
Committed r288605 (246424@main): <https://commits.webkit.org/246424@main>

All reviewed patches have been landed. Closing bug and clearing flags on attachment 449965 [details].
Comment 8 Chris Dumez 2022-05-16 08:55:12 PDT 
*** Bug 237137 has been marked as a duplicate of this bug. ***
Comment 9 Brent Fulgham 2022-06-23 15:50:43 PDT 
*** Bug 237566 has been marked as a duplicate of this bug. ***