Bug 28313 - Combine ThreadableLoaderOptions::CrossOriginRequestPolicy and CrossOriginRedirectPolicy
Summary: Combine ThreadableLoaderOptions::CrossOriginRequestPolicy and CrossOriginRedi...
Status: RESOLVED FIXED
Alias: None
Product: WebKit
Classification: Unclassified
Component: WebCore Misc. (show other bugs)
Version: 528+ (Nightly build)
Hardware: PC OS X 10.5
: P2 Normal
Assignee: Nobody
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2009-08-14 13:03 PDT by Aaron Boodman
Modified: 2009-08-17 13:44 PDT (History)
4 users (show)

See Also:


Attachments
Combines flags and fixes some edge case behavior with redirects (16.50 KB, patch)
2009-08-16 11:25 PDT, Aaron Boodman
no flags Details | Formatted Diff | Diff
Fix formatting in WebCore/ChangeLog (16.51 KB, patch)
2009-08-16 11:27 PDT, Aaron Boodman
ap: review-
Details | Formatted Diff | Diff
respond to comments (17.29 KB, patch)
2009-08-16 23:31 PDT, Aaron Boodman
no flags Details | Formatted Diff | Diff
isLegalRedirect->isAllowedRedirect in WebCore/ChangeLog (17.29 KB, patch)
2009-08-16 23:34 PDT, Aaron Boodman
ap: review+
eric: commit-queue-
Details | Formatted Diff | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Aaron Boodman 2009-08-14 13:03:20 PDT
They are always set the same way. Also, I believe that ::resolveURL() no longer has to do the same origin check -- we can rely on ThreadableLoader to do it.
Comment 1 Aaron Boodman 2009-08-14 13:04:01 PDT
(In reply to comment #0)
> Also, I believe that ::resolveURL() no longer has to do the same origin check

Talking here about AbstractWorker::resolveURL().
Comment 2 Aaron Boodman 2009-08-16 11:25:13 PDT
Created attachment 34929 [details]
Combines flags and fixes some edge case behavior with redirects

Requesting ap because I imagine he's he best person for this review.
Comment 3 Aaron Boodman 2009-08-16 11:27:59 PDT
Created attachment 34930 [details]
Fix formatting in WebCore/ChangeLog
Comment 4 Alexey Proskuryakov 2009-08-16 19:35:34 PDT
Comment on attachment 34930 [details]
Fix formatting in WebCore/ChangeLog

How does this fix relate to bug 27740?

+        Bug 28313: Combine ThreadableLoaderOptions::crossOriginRequestPolicy and ThreadableLoaderOptions::crossOriginRedirectPolicy
+        since they are always set the same way.

Please also include bug URL for easy clicking. Personally, I think that "Bug 28313: " prefix becomes unnecessary with that, and do not use it, but in the past, some people have indicated that they liked it.

+        for access control, so we should never redirect across origins. But in two edge cases, we were:
+
+        * Synchronous XHR: cross-origin request that redirects to same-origin resource.

Were we? I think this is caught by checks in ResourceHandle, e.g. in connection:willSendRequest:redirectResponse: in ResourceHandleMac.mm. The first time this function is called, original url is stored to m_url, and then, the redirected URL is compared to that, not to document origin.

+        (WebCore::DocumentThreadableLoader::isLegalRedirect): Ditto.

Maybe "allowed" would be more neutral? "Legal" makes me think that this is a precisely defined term from some spec (like characters legal in some production), which it isn't.

Just asking for your opinion.

+    // request and response URLs. This isn't a perfect though, since a URL could redirect to itself.

Do you mean that a series of redirects could return us to the same host? "Redirect to itself" seem confusing.

+#include "KURL.h"

No need to include the header, KURL is only used as a reference here.

+        Also, tightened up behavior of XMLHttpRequest with cross-origin redirects and access control. We have not implemented redirects
+        for access control, so we should never redirect across origins. But in two edge cases, we were:

LayoutTests ChangeLog lacks bug URL, and starts with "also".

+Tests that a cross-origin request that redirects to a same-origin resource succeeds.

Looks like all subtests actually expect failure, not success.

There are tabs in layout test.

r- since you are not a committer yet, and this needs some fix-up - but all these comments could be addressed during landing otherwise.
Comment 5 Aaron Boodman 2009-08-16 23:31:50 PDT
Created attachment 34956 [details]
respond to comments

Sorry, switched to git, so this patch will not diff with the previous super cleanly.
Comment 6 Aaron Boodman 2009-08-16 23:34:45 PDT
Created attachment 34957 [details]
isLegalRedirect->isAllowedRedirect in WebCore/ChangeLog
Comment 7 Aaron Boodman 2009-08-16 23:43:41 PDT
(In reply to comment #4)
> (From update of attachment 34930 [details])
> How does this fix relate to bug 27740?

Sorry, I wasn't aware of that bug. The checks here are a superset (more strict) than the existing checks.  I think that this patch makes the check in WebCoreSynchronousLoader unnecessary, but I'm not sure. I don't think this patch is incompatible with it.

> +        Bug 28313: Combine ThreadableLoaderOptions::crossOriginRequestPolicy
> and ThreadableLoaderOptions::crossOriginRedirectPolicy
> +        since they are always set the same way.
> 
> Please also include bug URL for easy clicking. Personally, I think that "Bug
> 28313: " prefix becomes unnecessary with that, and do not use it, but in the
> past, some people have indicated that they liked it.

Done.

> +        for access control, so we should never redirect across origins. But in
> two edge cases, we were:
> +
> +        * Synchronous XHR: cross-origin request that redirects to same-origin
> resource.
> 
> Were we? I think this is caught by checks in ResourceHandle, e.g. in
> connection:willSendRequest:redirectResponse: in ResourceHandleMac.mm. The first
> time this function is called, original url is stored to m_url, and then, the
> redirected URL is compared to that, not to document origin.

[Side note: I messed up the change log in my first patch. It was not synchronous loads this case didn't work with, but asynchronous load. I've fixed that now.]

For the case of page on origin A requesting resource from origin B that redirects back to a resource on origin A, we do trigger the check in ResourceHandleMac.mm.  However, it does not seem to stop the redirect from proceeding. Without this patch, the redirect occurs and we load the same-origin resource.

> +        (WebCore::DocumentThreadableLoader::isLegalRedirect): Ditto.
> 
> Maybe "allowed" would be more neutral? "Legal" makes me think that this is a
> precisely defined term from some spec (like characters legal in some
> production), which it isn't.
> 
> Just asking for your opinion.

Good idea, I've changed this.

> +    // request and response URLs. This isn't a perfect though, since a URL
> could redirect to itself.
> 
> Do you mean that a series of redirects could return us to the same host?
> "Redirect to itself" seem confusing.
> 
> +#include "KURL.h"
>
> No need to include the header, KURL is only used as a reference here.

Right. I did need a forward declare of KURL though. I changed this.

> +        Also, tightened up behavior of XMLHttpRequest with cross-origin
> redirects and access control. We have not implemented redirects
> +        for access control, so we should never redirect across origins. But in
> two edge cases, we were:
> 
> LayoutTests ChangeLog lacks bug URL, and starts with "also".

Done.

> +Tests that a cross-origin request that redirects to a same-origin resource
> succeeds.
> 
> Looks like all subtests actually expect failure, not success.

Fixed.

> There are tabs in layout test.

Fixed.
Comment 8 Alexey Proskuryakov 2009-08-17 09:07:04 PDT
Comment on attachment 34957 [details]
isLegalRedirect->isAllowedRedirect in WebCore/ChangeLog

r=me
Comment 9 Eric Seidel (no email) 2009-08-17 10:50:05 PDT
Comment on attachment 34957 [details]
isLegalRedirect->isAllowedRedirect in WebCore/ChangeLog

Rejecting patch 34957 from commit-queue.  This patch will require manual commit.

WebKitTools/Scripts/build-webkit failed with exit code 1
Comment 10 Eric Seidel (no email) 2009-08-17 11:05:43 PDT
Comment on attachment 34957 [details]
isLegalRedirect->isAllowedRedirect in WebCore/ChangeLog

Sorry.  There was an error in the commit-queue over the weekend.  :(  Adding it back in...
Comment 11 Eric Seidel (no email) 2009-08-17 11:08:11 PDT
Comment on attachment 34957 [details]
isLegalRedirect->isAllowedRedirect in WebCore/ChangeLog

Rejecting patch 34957 from commit-queue.  This patch will require manual commit.

WebKitTools/Scripts/build-webkit failed with exit code 1
Comment 12 Eric Seidel (no email) 2009-08-17 11:10:17 PDT
Comment on attachment 34957 [details]
isLegalRedirect->isAllowedRedirect in WebCore/ChangeLog

Looks like the tree is just red at the moment.  The commit queue is not smart enough to detect that before attempting to build the patch in question.  We'll wait for the tree to green up again and then add this back.
Comment 13 Eric Seidel (no email) 2009-08-17 13:24:59 PDT
Comment on attachment 34957 [details]
isLegalRedirect->isAllowedRedirect in WebCore/ChangeLog

Bots have rolled green adding back to the queue.
Comment 14 Eric Seidel (no email) 2009-08-17 13:40:11 PDT
Comment on attachment 34957 [details]
isLegalRedirect->isAllowedRedirect in WebCore/ChangeLog

Rejecting patch 34957 from commit-queue.  This patch will require manual commit.

Failed to run "['git', 'svn', 'rebase']"  exit_code: 1  cwd: None
Comment 15 Eric Seidel (no email) 2009-08-17 13:44:05 PDT
Committing to http://svn.webkit.org/repository/webkit/trunk ...
	M	LayoutTests/ChangeLog
	A	LayoutTests/http/tests/xmlhttprequest/access-control-and-redirects-expected.txt
	A	LayoutTests/http/tests/xmlhttprequest/access-control-and-redirects.html
	M	WebCore/ChangeLog
	M	WebCore/loader/DocumentThreadableLoader.cpp
	M	WebCore/loader/DocumentThreadableLoader.h
	M	WebCore/loader/ThreadableLoader.h
	M	WebCore/page/EventSource.cpp
	M	WebCore/workers/Worker.cpp
	M	WebCore/workers/WorkerContext.cpp
	M	WebCore/workers/WorkerScriptLoader.cpp
	M	WebCore/workers/WorkerScriptLoader.h
	M	WebCore/xml/XMLHttpRequest.cpp
Committed r47388
	M	WebCore/ChangeLog
	M	WebCore/page/EventSource.cpp
	M	WebCore/workers/WorkerScriptLoader.cpp
	M	WebCore/workers/Worker.cpp
	M	WebCore/workers/WorkerContext.cpp
	M	WebCore/workers/WorkerScriptLoader.h
	M	WebCore/xml/XMLHttpRequest.cpp
	M	WebCore/loader/DocumentThreadableLoader.h
	M	WebCore/loader/ThreadableLoader.h
	M	WebCore/loader/DocumentThreadableLoader.cpp
	A	LayoutTests/http/tests/xmlhttprequest/access-control-and-redirects.html
	A	LayoutTests/http/tests/xmlhttprequest/access-control-and-redirects-expected.txt
	M	LayoutTests/ChangeLog
r47388 = f058c85c1ae34ce90d2d0d8e2cf53ca0cd80d221 (trunk)
No changes between current HEAD and refs/remotes/trunk
Resetting to the latest refs/remotes/trunk
http://trac.webkit.org/changeset/47388