http/tests/security/xss-DENIED-xsl-document.xml fails with Qt 4.8 HEAD, but passes with released Qt 4.7.2 . --- /ramdisk/qt-linux-32-release-qt470/build/layout-test-results/http/tests/security/xss-DENIED-xsl-document-expected.txt 2011-05-04 08:28:53.690215995 -0700 +++ /ramdisk/qt-linux-32-release-qt470/build/layout-test-results/http/tests/security/xss-DENIED-xsl-document-actual.txt 2011-05-04 08:28:53.690215995 -0700 @@ -1,4 +1,4 @@ CONSOLE MESSAGE: line 2: <html xmlns='http://www.w3.org/1999/xhtml/'><body><p>Running an XSL-T 1.0 stylesheet with a 2.0 processor.</p></body></html> -CONSOLE MESSAGE: line -1: <html xmlns='http://www.w3.org/1999/xhtml/'><body><p>Cannot open /: Path is a directory</p></body></html> +CONSOLE MESSAGE: line -1: <html xmlns='http://www.w3.org/1999/xhtml/'><body><p>Protocol "" is unknown</p></body></html> layer at (0,0) size 800x600 RenderView at (0,0) size 800x600
Could you guys take up this task (and https://bugs.webkit.org/show_bug.cgi?id=60176)? You must know much more about the differences between Qt 4.7 and Qt 4.8 than me. 4.8 bots (one for WebKit trunk, one for QtWebKit 2.2 branch )should be green to be able to catch new regressions.
Skipped by http://trac.webkit.org/changeset/86148 and http://trac.webkit.org/changeset/86149
I meant: http://trac.webkit.org/changeset/86148 http://trac.webkit.org/changeset/86149 http://trac.webkit.org/changeset/86150
No need to block qtwebkit-2.2 anymore, as XSLT is currently disabled in production branches (See bug 60824 for details).
Qt bug report filed about it: http://bugreports.qt.nokia.com/browse/QTBUG-19556
*** Bug 52394 has been marked as a duplicate of this bug. ***
Ends with: ASSERT failure in QUrl QPatternist::ReportContext::resolveURI(const QUrl&, const QUrl&) const: "The QAbstractUriResolver must return an absolute URI.", file environment/qreportcontext.cpp, line 472 See also: https://bugs.webkit.org/show_bug.cgi?id=33423 It looks like returning a QUrl() for cross-origin requests in: QUrl XSLTUriResolver::resolve(const QUrl& relative, const QUrl& baseURI) const { QUrl url = baseURI.resolved(relative); if (!m_document->frame() || !m_document->securityOrigin()->canRequest(url)) return QUrl(); return url; } now triggers an assert in this in qreportcontext.cpp in Qt: QUrl ReportContext::resolveURI(const QUrl &relative, const QUrl &baseURI) const { Q_ASSERT_X(!baseURI.isRelative(), Q_FUNC_INFO, "The base URI passed from the engine wasn't absolute."); const QAbstractUriResolver *const resolver(uriResolver()); if(resolver) { const QUrl final(resolver->resolve(relative, baseURI)); Q_ASSERT_X(final.isValid() || final.isEmpty(), Q_FUNC_INFO, "The QAbstractUriResolver must return a valid URI."); Q_ASSERT_X(!final.isRelative(), Q_FUNC_INFO, "The QAbstractUriResolver must return an absolute URI."); return final; } else return baseURI.resolved(relative); }
I suspect it's a change in QUrl that's causing this assert. Anyway, as the code is not shipping and there does not seem to be any chance the XSLT support will improve in the near future (per http://labs.qt.nokia.com/2011/05/12/qt-modules-maturity-level-the-list/, which renders the whole module "Done", which means no new features as I understand it) as well as the API is not really well suited for the integration in QtWebKit (of which this bug is an example of), I suggest simply ditching this.
This bug is still valid, it wasn't fixed in http://bugreports.qt.nokia.com/browse/QTBUG-19556 ...
The bug is still vaild with Qt 4.8.0 and the recent Qt5 too.
Still valid bug with Qt 4.8 and Qt 5. Qt 4.8 fail: --- /home/oszi/WebKit/WebKitBuild/Release/layout-test-results/http/tests/security/xss-DENIED-xsl-document-expected.txt +++ /home/oszi/WebKit/WebKitBuild/Release/layout-test-results/http/tests/security/xss-DENIED-xsl-document-actual.txt @@ -1,4 +1,4 @@ CONSOLE MESSAGE: line 2: <html xmlns='http://www.w3.org/1999/xhtml/'><body><p>Running an XSL-T 1.0 stylesheet with a 2.0 processor.</p></body></html> -CONSOLE MESSAGE: line -1: <html xmlns='http://www.w3.org/1999/xhtml/'><body><p>Cannot open /: Path is a directory</p></body></html> +CONSOLE MESSAGE: line -1: <html xmlns='http://www.w3.org/1999/xhtml/'><body><p>Protocol "" is unknown</p></body></html> layer at (0,0) size 800x600 RenderView at (0,0) size 800x600 Qt 5 fail: --- /home/oszi/WebKit/WebKitBuild/Release/layout-test-results/http/tests/security/xss-DENIED-xsl-document-expected.txt +++ /home/oszi/WebKit/WebKitBuild/Release/layout-test-results/http/tests/security/xss-DENIED-xsl-document-actual.txt @@ -1,4 +1,4 @@ CONSOLE MESSAGE: line 2: <html xmlns='http://www.w3.org/1999/xhtml/'><body><p>Running an XSL-T 1.0 stylesheet with a 2.0 processor.</p></body></html> -CONSOLE MESSAGE: line -1: <html xmlns='http://www.w3.org/1999/xhtml/'><body><p>Cannot open /: Path is a directory</p></body></html> +CONSOLE MESSAGE: line -1: <html xmlns='http://www.w3.org/1999/xhtml/'><body><p>Protocol "" is unknown</p></body></html> layer at (0,0) size 800x600 RenderView at (0,0) size 800x600
Qt5 fail: (in the previous comment it was copy/paste error) --- /mnt/raptor1/WebKit/WebKitBuild/Release/layout-test-results/http/tests/security/xss-DENIED-xsl-document-expected.txt +++ /mnt/raptor1/WebKit/WebKitBuild/Release/layout-test-results/http/tests/security/xss-DENIED-xsl-document-actual.txt @@ -1,4 +1,3 @@ -CONSOLE MESSAGE: line 2: <html xmlns='http://www.w3.org/1999/xhtml/'><body><p>Running an XSL-T 1.0 stylesheet with a 2.0 processor.</p></body></html> -CONSOLE MESSAGE: line -1: <html xmlns='http://www.w3.org/1999/xhtml/'><body><p>Cannot open /: Path is a directory</p></body></html> -layer at (0,0) size 800x600 - RenderView at (0,0) size 800x600 +CONSOLE MESSAGE: Unsafe attempt to load URL http://localhost:8000/security/resources/target.xml from frame with URL http://127.0.0.1:8000/security/xss-DENIED-xsl-document.xml. Domains, protocols and ports must match. + +This test includes content via a cross-origin document() command. It passes if the load fails and thus there is no text below this line.
This bug is still valid.
still valid