From https://bugs.webkit.org/show_bug.cgi?id=86323: (In reply to comment #22) > (From update of attachment 141783 [details] [details]) > Clearing flags on attachment: 141783 > > Committed r117006: <http://trac.webkit.org/changeset/117006> After this, script-src-redirect.html has been really flaky. I wonder if we should roll it out. --- Looks like `script-src-redirect.html` is another iframe ordering test. I'll rewrite it to use the same methodology as `source-list-parsing.html`.
Created attachment 141971 [details] Patch
Can you take a look at this, Adam? :)
Comment on attachment 141971 [details] Patch Clearing flags on attachment: 141971 Committed r117123: <http://trac.webkit.org/changeset/117123>
All reviewed patches have been landed. Closing bug.
It looks worse. http://test-results.appspot.com/dashboards/flakiness_dashboard.html#tests=script-src-redirect.html
It does look worse. (In reply to comment #5) > It looks worse. > http://test-results.appspot.com/dashboards/flakiness_dashboard.html#tests=script-src-redirect.html It's flaking in a very weird way: Instead of blocking `http://127.0.0.1:8000/security/contentSecurityPolicy/resources/redir.php?url=http://localhost:8000/security/contentSecurityPolicy/resources/script.js`, CSP is blocking `http://127.0.0.1:8000/security/contentSecurityPolicy/resources/echo-script-src.pl?should_run=no&csp=%20script-src%20localhost&q=http://127.0.0.1:8000/security/contentSecurityPolicy/resources/redir.php%3furl=http://localhost:8000/security/contentSecurityPolicy/resources/script.js`, which doesn't make any sense. I haven't been able to replicate this locally. Do you have any ideas, Adam?
Thanks really strange. Maybe it's some kind of strange race where we're loading about:blank but it's using the URL of the parent document for the CSP check somehow? Another possibility is that we're using "" as the src somehow and that's getting resolve to match the URL of the parent document.
http/tests/security/contentSecurityPolicy/script-src-redirect.html skipped on Qt in trac.webkit.org/changeset/117243 . Please unskip the test when it works again.
Arg. It's not a strange race. It's a stupid typo. :/ I'll have a patch for review in a few minutes.
Created attachment 142669 [details] Patch
Comment on attachment 142669 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=142669&action=review > LayoutTests/http/tests/security/contentSecurityPolicy/resources/multiple-iframe-test.js:2 > + layoutTestController.waitUntilDone(); 4 spaces indenting > LayoutTests/http/tests/security/contentSecurityPolicy/resources/multiple-iframe-test.js:11 > + var baseURL = 'http://127.0.0.1:8000/security/contentSecurityPolicy/'; please either use ' or " > LayoutTests/platform/chromium/test_expectations.txt:-3724 > -BUGWK86433 : http/tests/security/contentSecurityPolicy/script-src-redirect.html = TEXT PASS why not unskip it for the other platforms as well?
Created attachment 142698 [details] Patch
Thanks, Jochen. I've addressed your comments.
Comment on attachment 142698 [details] Patch Clearing flags on attachment: 142698 Committed r117583: <http://trac.webkit.org/changeset/117583>
It looks like http://test-results.appspot.com/dashboards/flakiness_dashboard.html#tests=script-src-redirect.html is greening up nicely.