RESOLVED FIXED314037
[Site Isolation] subtest 4 of imported/w3c/web-platform-tests/html/infrastructure/safe-passing-of-structured-data/shared-array-buffers/window-iframe-messagechannel.https.html is failing 
https://bugs.webkit.org/show_bug.cgi?id=314037
Summary [Site Isolation] subtest 4 of imported/w3c/web-platform-tests/html/infrastruc...
Anthony Tarbinian
Reported 2026-05-04 17:04:39 PDT
This bug pertains to subtest 4 of imported/w3c/web-platform-tests/html/infrastructure/safe-passing-of-structured-data/shared-array-buffers/window-iframe-messagechannel.https.html which fails with site isolation enabled. This subtest is the one titled: "postMessaging with a MessageChannel that's been cross-site should succeed " Here's the order of events in the test: 1. cross-origin iframe sends port1 to parent 2.parent sends SAB across port1 (port2 is currently in cross-origin iframe). WebKit drops the SharedArrayBuffer since it's trying to be sent across processes (this is because SharedArrayBuffers are not serialized over IPC. I'll explain this below) 3. cross-origin iframe sends port2 to parent 4. parent starts listening for onmessage and tries to read the SAB. I think WebKit should wait until this point to send the message WebKit drops SharedArrayBuffers that are attempted to be sent cross-process: 1. Start off in MessagePort::postMessage. Note how we create a SerializedScriptValue with a SerializationContext of SerializationContext::WorkerPostMessage, this will be relevant in the next step.     https://github.com/WebKit/WebKit/blob/013da9aa8cc1a0e26f5f34408efa118956499193/Source/WebCore/dom/MessagePort.cpp#L158 2. When the data is serialized in SerializedScriptValue::dumpIfTerminal, there's a case for SerializationContext::WorkerPostMessage where it copies over the contents of the shared array buffer.     https://github.com/WebKit/WebKit/blob/013da9aa8cc1a0e26f5f34408efa118956499193/Source/WebCore/bindings/js/SerializedScriptValue.cpp#L2190-L2203 3. The message is actually sent over IPC in WebMessagePortChannelProvider::postMessageToRemote     https://github.com/WebKit/WebKit/blob/013da9aa8cc1a0e26f5f34408efa118956499193/Source/WebKit/WebProcess/WebCoreSupport/WebMessagePortChannelProvider.cpp#L127 4. However, this IPC message which is defined in MessageWithMessagePorts and contains SerialiazedScriptValue which contains the sharedBufferContentsArray which is defined as [NotSerialized] :   [NotSerialized] std::unique_ptr<Vector<JSC::ArrayBufferContents>> sharedBufferContentsArray;   https://github.com/WebKit/WebKit/blob/013da9aa8cc1a0e26f5f34408efa118956499193/Source/WebKit/Shared/WebCoreArgumentCoders.serialization.in#L8011
Attachments
Add attachment proposed patch, testcase, etc.
Radar WebKit Bug Importer
Comment 1 2026-05-04 17:04:45 PDT
<rdar://problem/176222943>
Anthony Tarbinian
Comment 2 2026-05-04 18:39:37 PDT
Pull request: https://github.com/WebKit/WebKit/pull/64231
EWS
Comment 3 2026-05-13 23:54:43 PDT
Committed 313226@main (49d2e914a4cc): <https://commits.webkit.org/313226@main> Reviewed commits have been landed. Closing PR #64231 and removing active labels.
Note You need to log in before you can comment on or make changes to this bug.