RESOLVED FIXED Bug 82354
AssociatedURLLoader does not support Cross Origin Redirects when using Access Control 
https://bugs.webkit.org/show_bug.cgi?id=82354
Summary AssociatedURLLoader does not support Cross Origin Redirects when using Access...
Bill Budge
Reported 2012-03-27 10:23:43 PDT
AssociatedURLLoader should handle CORS requests that redirect. Specifically, it should cancel the load when the redirect fails the CORS check.
Attachments
Proposed patch (3.77 KB, patch)
2012-03-27 10:31 PDT, Bill Budge 		no flags
DetailsFormatted DiffDiff
Proposed Patch (6.33 KB, patch)
2012-03-27 16:37 PDT, Bill Budge 		no flags
DetailsFormatted DiffDiff
Proposed Patch (6.01 KB, patch)
2012-03-28 13:29 PDT, Bill Budge 		abarth: review+
webkit.review.bot: commit-queue-
DetailsFormatted DiffDiff
Proposed Patch (5.63 KB, patch)
2012-03-28 16:34 PDT, Bill Budge 		no flags
DetailsFormatted DiffDiff
Show Obsolete (3) View All Add attachment proposed patch, testcase, etc.
Bill Budge
Comment 1 2012-03-27 10:31:43 PDT
Created attachment 134096 [details] Proposed patch
Adam Barth
Comment 2 2012-03-27 10:54:33 PDT
Comment on attachment 134096 [details] Proposed patch View in context: https://bugs.webkit.org/attachment.cgi?id=134096&action=review > Source/WebKit/chromium/tests/AssociatedURLLoaderTest.cpp:471 > - EXPECT_TRUE(m_willSendRequest); > + // CORS requires that the redirect be transparent. > + EXPECT_FALSE(m_willSendRequest); I'm not sure I understand this comment. This means that willSendRequest isn't called, right?
Bill Budge
Comment 3 2012-03-27 12:30:51 PDT
Yes, that's right. I'll make it clearer. (In reply to comment #2) > (From update of attachment 134096 [details]) > View in context: https://bugs.webkit.org/attachment.cgi?id=134096&action=review > > > Source/WebKit/chromium/tests/AssociatedURLLoaderTest.cpp:471 > > - EXPECT_TRUE(m_willSendRequest); > > + // CORS requires that the redirect be transparent. > > + EXPECT_FALSE(m_willSendRequest); > > I'm not sure I understand this comment. This means that willSendRequest isn't called, right?
Bill Budge
Comment 4 2012-03-27 16:37:10 PDT
Created attachment 134165 [details] Proposed Patch I worked around the test crash on Mac by not clearing the mocked responses in the test class's TearDown method.
Adam Barth
Comment 5 2012-03-27 16:38:45 PDT
Comment on attachment 134165 [details] Proposed Patch Thanks Bill.
WebKit Review Bot
Comment 6 2012-03-27 17:20:05 PDT
Comment on attachment 134165 [details] Proposed Patch Clearing flags on attachment: 134165 Committed r112339: <http://trac.webkit.org/changeset/112339>
WebKit Review Bot
Comment 7 2012-03-27 17:20:16 PDT
All reviewed patches have been landed. Closing bug.
Dirk Pranke
Comment 8 2012-03-27 17:52:07 PDT
This change seems to have caused crashes in webkit_unit_tests on snow leopard and lion (chromium) http://build.chromium.org/p/chromium.webkit/builders/Webkit%20Mac10.7/builds/2934/steps/webkit_unit_tests/logs/stdio
Dirk Pranke
Comment 9 2012-03-27 17:52:51 PDT
Reverted r112339 for reason: webkit_unit_tests crashing on chromium mac bots Committed r112346: <http://trac.webkit.org/changeset/112346>
Bill Budge
Comment 11 2012-03-28 10:59:13 PDT
I'll like to re-land this after the fix lands in webkit_support. http://codereview.chromium.org/9874008/
Adam Barth
Comment 12 2012-03-28 11:04:09 PDT
After that patch lands, would you be willing to update http://trac.webkit.org/browser/trunk/Source/WebKit/chromium/DEPS past that revision so that webkit.org builds see the fix as well?
Bill Budge
Comment 13 2012-03-28 12:37:17 PDT
I will update DEPS before resubmitting.
Bill Budge
Comment 14 2012-03-28 13:29:21 PDT
Created attachment 134382 [details] Proposed Patch Fixed WebURLLoaderMockFactory to handle canceled loaders. Bumped DEPS to get fix.
WebKit Review Bot
Comment 15 2012-03-28 16:19:31 PDT
Comment on attachment 134382 [details] Proposed Patch Rejecting attachment 134382 [details] from commit-queue. Failed to run "['/mnt/git/webkit-commit-queue/Tools/Scripts/webkit-patch', '--status-host=queues.webkit.org', '-..." exit_code: 2 Last 500 characters of output: rce/WebKit/chromium/src/AssociatedURLLoader.cpp patching file Source/WebKit/chromium/tests/AssociatedURLLoaderTest.cpp Failed to run "[u'/mnt/git/webkit-commit-queue/Tools/Scripts/svn-apply', u'--force', u'--reviewer', u'Adam Barth']" exit_code: 1 cwd: /mnt/git/webkit-commit-queue/ --mac-only' in '/mnt/git/webkit-commit-queue/Source/WebKit/chromium' ________ running '/usr/bin/python gyp_webkit' in '/mnt/git/webkit-commit-queue/Source/WebKit/chromium' Updating webkit projects from gyp files... Full output: http://queues.webkit.org/results/12156375
Bill Budge
Comment 16 2012-03-28 16:34:28 PDT
Created attachment 134440 [details] Proposed Patch Refreshed patch. DEPS got rolled by someone else.
WebKit Review Bot
Comment 17 2012-03-28 18:14:23 PDT
Comment on attachment 134440 [details] Proposed Patch Clearing flags on attachment: 134440 Committed r112485: <http://trac.webkit.org/changeset/112485>
WebKit Review Bot
Comment 18 2012-03-28 18:14:28 PDT
All reviewed patches have been landed. Closing bug.
Note You need to log in before you can comment on or make changes to this bug.