[webkit-changes] [WebKit/WebKit] 2fbadf: Fix bug with empty header values in Headers object...

Andreu Botella noreply at github.com
Thu Feb 9 09:01:11 PST 2023 

  Branch: refs/heads/main
  Home:   https://github.com/WebKit/WebKit
  Commit: 2fbadf6b9f239a07d7480fc0ae39fe96b74ac093
      https://github.com/WebKit/WebKit/commit/2fbadf6b9f239a07d7480fc0ae39fe96b74ac093
  Author: Andreu Botella <abotella at igalia.com>
  Date:   2023-02-09 (Thu, 09 Feb 2023)

  Changed paths:
    M LayoutTests/imported/w3c/web-platform-tests/fetch/api/request/request-headers.any-expected.txt
    M LayoutTests/imported/w3c/web-platform-tests/fetch/api/request/request-headers.any.js
    M LayoutTests/imported/w3c/web-platform-tests/fetch/api/request/request-headers.any.serviceworker-expected.txt
    M LayoutTests/imported/w3c/web-platform-tests/fetch/api/request/request-headers.any.sharedworker-expected.txt
    M LayoutTests/imported/w3c/web-platform-tests/fetch/api/request/request-headers.any.worker-expected.txt
    M Source/WebCore/Modules/fetch/FetchHeaders.cpp

  Log Message:
  -----------
  Fix bug with empty header values in Headers objects with "request-no-cors" guard
https://bugs.webkit.org/show_bug.cgi?id=251936

Reviewed by Youenn Fablet.

The `canWriteHeader` function in `FetchHeaders.cpp` checks whether a
header name and value are valid for the guard of a Headers object.
However, for the "request-no-cors" guard, this check only applies if the
combined value of that header name is not the empty string.

This check is not in the fetch specification, and seems to be there
because such validation is skipped for the "request-no-cors" guard when
deleting a header, and in the spec this validation happens as if the
combined value was the empty string. However, WebKit's implementation
does not currently use this method when removing headers, and as shown
here, this extra condition allows setting headers when they should not
be allowed.

* LayoutTests/imported/w3c/web-platform-tests/fetch/api/request/request-headers.any-expected.txt:
* LayoutTests/imported/w3c/web-platform-tests/fetch/api/request/request-headers.any.js:
* LayoutTests/imported/w3c/web-platform-tests/fetch/api/request/request-headers.any.serviceworker-expected.txt:
* LayoutTests/imported/w3c/web-platform-tests/fetch/api/request/request-headers.any.sharedworker-expected.txt:
* LayoutTests/imported/w3c/web-platform-tests/fetch/api/request/request-headers.any.worker-expected.txt:
* Source/WebCore/Modules/fetch/FetchHeaders.cpp:
(WebCore::canWriteHeader):

Canonical link: https://commits.webkit.org/260066@main

More information about the webkit-changes mailing list