[webkit-changes] [WebKit/WebKit] 8ab0a1: Incorrect CORS mode for ApplicationManifest
Tyler Wilcock
noreply at github.com
Tue Aug 8 16:31:53 PDT 2023
Branch: refs/heads/main
Home: https://github.com/WebKit/WebKit
Commit: 8ab0a195bae77ce58336c296af72acdd2b098329
https://github.com/WebKit/WebKit/commit/8ab0a195bae77ce58336c296af72acdd2b098329
Author: Marcos Caceres <marcosc at apple.com>
Date: 2023-08-08 (Tue, 08 Aug 2023)
Changed paths:
M LayoutTests/TestExpectations
A LayoutTests/http/wpt/content-security-policy/manifest.json
A LayoutTests/http/wpt/content-security-policy/sandbox-manifest-blocked-cross-origin.sub-expected.txt
A LayoutTests/http/wpt/content-security-policy/sandbox-manifest-blocked-cross-origin.sub.html
A LayoutTests/http/wpt/content-security-policy/sandbox-manifest-blocked-cross-origin.sub.html.headers
A LayoutTests/http/wpt/content-security-policy/sandbox-manifest-blocked-expected.txt
A LayoutTests/http/wpt/content-security-policy/sandbox-manifest-blocked.html
A LayoutTests/http/wpt/content-security-policy/sandbox-manifest-blocked.html.headers
M LayoutTests/platform/ios-wk2/TestExpectations
M LayoutTests/platform/mac-wk2/TestExpectations
M Source/WebCore/loader/ApplicationManifestLoader.cpp
M Tools/TestWebKitAPI/Tests/WebKitCocoa/ApplicationManifest.mm
Log Message:
-----------
Incorrect CORS mode for ApplicationManifest
https://bugs.webkit.org/show_bug.cgi?id=256686
rdar://109154572
Reviewed by Brent Fulgham.
* LayoutTests/TestExpectations:
* LayoutTests/http/wpt/content-security-policy/manifest.json: Added.
* LayoutTests/http/wpt/content-security-policy/sandbox-manifest-blocked-cross-origin.sub-expected.txt: Added.
* LayoutTests/http/wpt/content-security-policy/sandbox-manifest-blocked-cross-origin.sub.html: Added.
* LayoutTests/http/wpt/content-security-policy/sandbox-manifest-blocked-cross-origin.sub.html.headers: Added.
* LayoutTests/http/wpt/content-security-policy/sandbox-manifest-blocked-expected.txt: Added.
* LayoutTests/http/wpt/content-security-policy/sandbox-manifest-blocked.html: Added.
* LayoutTests/http/wpt/content-security-policy/sandbox-manifest-blocked.html.headers: Added.
* LayoutTests/platform/ios-wk2/TestExpectations:
* LayoutTests/platform/mac-wk2/TestExpectations:
* Source/WebCore/loader/ApplicationManifestLoader.cpp:
(WebCore::ApplicationManifestLoader::startLoading):
* Tools/TestWebKitAPI/Tests/WebKitCocoa/ApplicationManifest.mm:
(TestWebKitAPI::TEST):
Originally-landed-as: 259548.816 at safari-7615-branch (8437c2302b67). rdar://113581463
Canonical link: https://commits.webkit.org/266703@main
Commit: ef41761618aa0f95c860291d02d7bab31e638c62
https://github.com/WebKit/WebKit/commit/ef41761618aa0f95c860291d02d7bab31e638c62
Author: Alex Christensen <achristensen at apple.com>
Date: 2023-08-08 (Tue, 08 Aug 2023)
Changed paths:
M Source/WebCore/editing/markup.cpp
Log Message:
-----------
Disable link preload when sanitizing web content
https://bugs.webkit.org/show_bug.cgi?id=258100
rdar://109675198
Reviewed by Chris Dumez.
Otherwise we get a request in the network process with an invalid pageID,
and it MESSAGE_CHECKs and terminates the process.
* Source/WebCore/editing/markup.cpp:
(WebCore::createPageForSanitizingWebContent):
Originally-landed-as: 259548.830 at safari-7615-branch (9cd44913c84e). rdar://113581524
Canonical link: https://commits.webkit.org/266704@main
Commit: 1a9dba69538046f2417bbe80b024119652a92a40
https://github.com/WebKit/WebKit/commit/1a9dba69538046f2417bbe80b024119652a92a40
Author: Alex Christensen <achristensen at apple.com>
Date: 2023-08-08 (Tue, 08 Aug 2023)
Changed paths:
M Source/WTF/wtf/URLHelpers.cpp
M Tools/TestWebKitAPI/Tests/WTF/cocoa/URLExtras.mm
Log Message:
-----------
Expand list of URL spoofing characters
https://bugs.webkit.org/show_bug.cgi?id=256813
rdar://109105078, rdar://109056841, and rdar://109056217
Reviewed by Tim Horton.
U+1E9C and U+1E9D are Medievalist characters, which means they haven't been used much
in the last several centuries. They look kind of like 'f' and other browsers punycode
encode them when seen in URL hosts, so let's do the same. Same with U+1EFE and U+1EFF.
Deseret has been used much more recently, but still not much since the late 1800's.
There is a sign in a restaurant in the Salt Lake City airport that uses it, but it
seems to be a historical reference. Classify Deseret like we do the International
Phonetic Alphabet and punycode encode it if seen in URL hosts.
* Source/WTF/wtf/URLHelpers.cpp:
(WTF::URLHelpers::isLookalikeCharacter):
* Tools/TestWebKitAPI/Tests/WTF/cocoa/URLExtras.mm:
(TestWebKitAPI::TEST):
Originally-landed-as: 259548.832 at safari-7615-branch (aecf4d579f39). rdar://113581615
Canonical link: https://commits.webkit.org/266705@main
Commit: 44ab01dd7c251c97393b56ba5bca83947b911a13
https://github.com/WebKit/WebKit/commit/44ab01dd7c251c97393b56ba5bca83947b911a13
Author: Tyler Wilcock <tyler_w at apple.com>
Date: 2023-08-08 (Tue, 08 Aug 2023)
Changed paths:
M Source/WebCore/accessibility/AXLogger.cpp
M Source/WebCore/accessibility/AXObjectCache.h
M Source/WebCore/accessibility/isolatedtree/AXIsolatedObject.cpp
Log Message:
-----------
AX: Improve smart pointer hygiene in AXObjectCache and AXIsolatedObject::updateBackingStore
rdar://111341681
Reviewed by Chris Fleizach.
Per https://github.com/WebKit/WebKit/wiki/Smart-Pointer-Usage-Guidelines, continue refactoring
to replace raw pointer usage with smart pointers where appropriate.
* Source/WebCore/accessibility/AXObjectCache.cpp:
(WebCore::AXObjectCache::remove):
(WebCore::AXObjectCache::deferNodeAddedOrRemoved):
(WebCore::AXObjectCache::prepareForDocumentDestruction):
(WebCore::AXObjectCache::performDeferredCacheUpdate):
* Source/WebCore/accessibility/AXObjectCache.h:
* Source/WebCore/accessibility/isolatedtree/AXIsolatedObject.cpp:
Originally-landed-as: 259548.864 at safari-7615-branch (c047b91f5ccb). rdar://113582260
Canonical link: https://commits.webkit.org/266706@main
Compare: https://github.com/WebKit/WebKit/compare/b148a49fc1bd...44ab01dd7c25
More information about the webkit-changes
mailing list