[webkit-changes] [WebKit/WebKit] 06ef05: Stop guessing the content type if there's X-Conten...

Basuke Suzuki noreply at github.com
Thu Oct 3 09:25:17 PDT 2024 

  Branch: refs/heads/main
  Home:   https://github.com/WebKit/WebKit
  Commit: 06ef057f2ff284fb423686bf51c418322f11f1d4
      https://github.com/WebKit/WebKit/commit/06ef057f2ff284fb423686bf51c418322f11f1d4
  Author: Basuke Suzuki <basuke at apple.com>
  Date:   2024-10-03 (Thu, 03 Oct 2024)

  Changed paths:
    A LayoutTests/http/tests/workers/service/resources/download-octet-stream.py
    A LayoutTests/http/tests/workers/service/service-worker-download-octet-stream-nosniff.https-expected.txt
    A LayoutTests/http/tests/workers/service/service-worker-download-octet-stream-nosniff.https.html
    M Source/WebCore/platform/network/ResourceResponseBase.cpp
    M Source/WebCore/platform/network/ResourceResponseBase.h
    M Source/WebCore/workers/service/context/ServiceWorkerFetch.cpp

  Log Message:
  -----------
  Stop guessing the content type if there's X-Content-Type-Options: nosniff header.
https://bugs.webkit.org/show_bug.cgi?id=280714
rdar://131857015

Reviewed by Chris Dumez.

Respect the site's policy not to sniff the content. If the server sends the X-Content-Type-Options: nosniff header,
we should not replace the content type to text/html if it is application/octet-stream.

* LayoutTests/http/tests/workers/service/resources/download-octet-stream.py: Added.
* LayoutTests/http/tests/workers/service/service-worker-download-octet-stream-nosniff.https-expected.txt: Added.
* LayoutTests/http/tests/workers/service/service-worker-download-octet-stream-nosniff.https.html: Added.
* Source/WebCore/platform/network/ResourceResponseBase.cpp:
(WebCore::isScriptAllowedByNosniff):
(WebCore::ResourceResponseBase::isNosniff const):
* Source/WebCore/platform/network/ResourceResponseBase.h:
* Source/WebCore/workers/service/context/ServiceWorkerFetch.cpp:
(WebCore::ServiceWorkerFetch::processResponse):

Canonical link: https://commits.webkit.org/284615@main



To unsubscribe from these emails, change your notification settings at https://github.com/WebKit/WebKit/settings/notifications

More information about the webkit-changes mailing list