<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN"
"http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head><meta http-equiv="content-type" content="text/html; charset=utf-8" />
<title>[168422] releases/WebKitGTK/webkit-2.4</title>
</head>
<body>
<style type="text/css"><!--
#msg dl.meta { border: 1px #006 solid; background: #369; padding: 6px; color: #fff; }
#msg dl.meta dt { float: left; width: 6em; font-weight: bold; }
#msg dt:after { content:':';}
#msg dl, #msg dt, #msg ul, #msg li, #header, #footer, #logmsg { font-family: verdana,arial,helvetica,sans-serif; font-size: 10pt; }
#msg dl a { font-weight: bold}
#msg dl a:link { color:#fc3; }
#msg dl a:active { color:#ff0; }
#msg dl a:visited { color:#cc6; }
h3 { font-family: verdana,arial,helvetica,sans-serif; font-size: 10pt; font-weight: bold; }
#msg pre { overflow: auto; background: #ffc; border: 1px #fa0 solid; padding: 6px; }
#logmsg { background: #ffc; border: 1px #fa0 solid; padding: 1em 1em 0 1em; }
#logmsg p, #logmsg pre, #logmsg blockquote { margin: 0 0 1em 0; }
#logmsg p, #logmsg li, #logmsg dt, #logmsg dd { line-height: 14pt; }
#logmsg h1, #logmsg h2, #logmsg h3, #logmsg h4, #logmsg h5, #logmsg h6 { margin: .5em 0; }
#logmsg h1:first-child, #logmsg h2:first-child, #logmsg h3:first-child, #logmsg h4:first-child, #logmsg h5:first-child, #logmsg h6:first-child { margin-top: 0; }
#logmsg ul, #logmsg ol { padding: 0; list-style-position: inside; margin: 0 0 0 1em; }
#logmsg ul { text-indent: -1em; padding-left: 1em; }#logmsg ol { text-indent: -1.5em; padding-left: 1.5em; }
#logmsg > ul, #logmsg > ol { margin: 0 0 1em 0; }
#logmsg pre { background: #eee; padding: 1em; }
#logmsg blockquote { border: 1px solid #fa0; border-left-width: 10px; padding: 1em 1em 0 1em; background: white;}
#logmsg dl { margin: 0; }
#logmsg dt { font-weight: bold; }
#logmsg dd { margin: 0; padding: 0 0 0.5em 0; }
#logmsg dd:before { content:'\00bb';}
#logmsg table { border-spacing: 0px; border-collapse: collapse; border-top: 4px solid #fa0; border-bottom: 1px solid #fa0; background: #fff; }
#logmsg table th { text-align: left; font-weight: normal; padding: 0.2em 0.5em; border-top: 1px dotted #fa0; }
#logmsg table td { text-align: right; border-top: 1px dotted #fa0; padding: 0.2em 0.5em; }
#logmsg table thead th { text-align: center; border-bottom: 1px solid #fa0; }
#logmsg table th.Corner { text-align: left; }
#logmsg hr { border: none 0; border-top: 2px dashed #fa0; height: 1px; }
#header, #footer { color: #fff; background: #636; border: 1px #300 solid; padding: 6px; }
#patch { width: 100%; }
#patch h4 {font-family: verdana,arial,helvetica,sans-serif;font-size:10pt;padding:8px;background:#369;color:#fff;margin:0;}
#patch .propset h4, #patch .binary h4 {margin:0;}
#patch pre {padding:0;line-height:1.2em;margin:0;}
#patch .diff {width:100%;background:#eee;padding: 0 0 10px 0;overflow:auto;}
#patch .propset .diff, #patch .binary .diff {padding:10px 0;}
#patch span {display:block;padding:0 10px;}
#patch .modfile, #patch .addfile, #patch .delfile, #patch .propset, #patch .binary, #patch .copfile {border:1px solid #ccc;margin:10px 0;}
#patch ins {background:#dfd;text-decoration:none;display:block;padding:0 10px;}
#patch del {background:#fdd;text-decoration:none;display:block;padding:0 10px;}
#patch .lines, .info {color:#888;background:#fff;}
--></style>
<div id="msg">
<dl class="meta">
<dt>Revision</dt> <dd><a href="http://trac.webkit.org/projects/webkit/changeset/168422">168422</a></dd>
<dt>Author</dt> <dd>carlosgc@webkit.org</dd>
<dt>Date</dt> <dd>2014-05-07 04:21:21 -0700 (Wed, 07 May 2014)</dd>
</dl>
<h3>Log Message</h3>
<pre>Merge <a href="http://trac.webkit.org/projects/webkit/changeset/168417">r168417</a> - [SOUP] TLSErrors do not cause page load to fail when not ignored
https://bugs.webkit.org/show_bug.cgi?id=121548
Reviewed by Sergio Villar Senin.
Source/WebCore:
This only happens in case of redirection, when the initial URL is
an HTTPS site with an invalid certificate, that redirects to
another location. We are starting the redirection without checking
the TLS errors.
* platform/network/soup/ResourceHandleSoup.cpp:
(WebCore::sendRequestCallback): Check TLS errors before starting a
possible redirection.
Tools:
Add unit tests to check that the load fails with TLS errors in
case of a redirection.
* TestWebKitAPI/Tests/WebKit2Gtk/TestSSL.cpp:
(testTLSErrorsRedirect):
(httpsServerCallback):
(beforeAll):</pre>
<h3>Modified Paths</h3>
<ul>
<li><a href="#releasesWebKitGTKwebkit24SourceWebCoreChangeLog">releases/WebKitGTK/webkit-2.4/Source/WebCore/ChangeLog</a></li>
<li><a href="#releasesWebKitGTKwebkit24SourceWebCoreplatformnetworksoupResourceHandleSoupcpp">releases/WebKitGTK/webkit-2.4/Source/WebCore/platform/network/soup/ResourceHandleSoup.cpp</a></li>
<li><a href="#releasesWebKitGTKwebkit24ToolsChangeLog">releases/WebKitGTK/webkit-2.4/Tools/ChangeLog</a></li>
<li><a href="#releasesWebKitGTKwebkit24ToolsTestWebKitAPITestsWebKit2GtkTestSSLcpp">releases/WebKitGTK/webkit-2.4/Tools/TestWebKitAPI/Tests/WebKit2Gtk/TestSSL.cpp</a></li>
</ul>
</div>
<div id="patch">
<h3>Diff</h3>
<a id="releasesWebKitGTKwebkit24SourceWebCoreChangeLog"></a>
<div class="modfile"><h4>Modified: releases/WebKitGTK/webkit-2.4/Source/WebCore/ChangeLog (168421 => 168422)</h4>
<pre class="diff"><span>
<span class="info">--- releases/WebKitGTK/webkit-2.4/Source/WebCore/ChangeLog 2014-05-07 10:59:34 UTC (rev 168421)
+++ releases/WebKitGTK/webkit-2.4/Source/WebCore/ChangeLog 2014-05-07 11:21:21 UTC (rev 168422)
</span><span class="lines">@@ -1,3 +1,19 @@
</span><ins>+2014-05-07 Carlos Garcia Campos <cgarcia@igalia.com>
+
+ [SOUP] TLSErrors do not cause page load to fail when not ignored
+ https://bugs.webkit.org/show_bug.cgi?id=121548
+
+ Reviewed by Sergio Villar Senin.
+
+ This only happens in case of redirection, when the initial URL is
+ an HTTPS site with an invalid certificate, that redirects to
+ another location. We are starting the redirection without checking
+ the TLS errors.
+
+ * platform/network/soup/ResourceHandleSoup.cpp:
+ (WebCore::sendRequestCallback): Check TLS errors before starting a
+ possible redirection.
+
</ins><span class="cx"> 2014-05-05 Zan Dobersek <zdobersek@igalia.com>
</span><span class="cx">
</span><span class="cx"> [Soup] Use std::unique_ptr<char[]> for the read buffer in SocketStreamHandle
</span></span></pre></div>
<a id="releasesWebKitGTKwebkit24SourceWebCoreplatformnetworksoupResourceHandleSoupcpp"></a>
<div class="modfile"><h4>Modified: releases/WebKitGTK/webkit-2.4/Source/WebCore/platform/network/soup/ResourceHandleSoup.cpp (168421 => 168422)</h4>
<pre class="diff"><span>
<span class="info">--- releases/WebKitGTK/webkit-2.4/Source/WebCore/platform/network/soup/ResourceHandleSoup.cpp 2014-05-07 10:59:34 UTC (rev 168421)
+++ releases/WebKitGTK/webkit-2.4/Source/WebCore/platform/network/soup/ResourceHandleSoup.cpp 2014-05-07 11:21:21 UTC (rev 168422)
</span><span class="lines">@@ -677,13 +677,6 @@
</span><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> if (soupMessage) {
</span><del>- if (SOUP_STATUS_IS_REDIRECTION(soupMessage->status_code) && shouldRedirect(handle.get())) {
- d->m_inputStream = inputStream;
- g_input_stream_skip_async(d->m_inputStream.get(), gDefaultReadBufferSize, G_PRIORITY_DEFAULT,
- d->m_cancellable.get(), redirectSkipCallback, handle.get());
- return;
- }
-
</del><span class="cx"> if (handle->shouldContentSniff() && soupMessage->status_code != SOUP_STATUS_NOT_MODIFIED) {
</span><span class="cx"> const char* sniffedType = soup_request_get_content_type(d->m_soupRequest.get());
</span><span class="cx"> d->m_response.setSniffedContentType(sniffedType);
</span><span class="lines">@@ -695,6 +688,12 @@
</span><span class="cx"> return;
</span><span class="cx"> }
</span><span class="cx">
</span><ins>+ if (SOUP_STATUS_IS_REDIRECTION(soupMessage->status_code) && shouldRedirect(handle.get())) {
+ d->m_inputStream = inputStream;
+ g_input_stream_skip_async(d->m_inputStream.get(), gDefaultReadBufferSize, G_PRIORITY_DEFAULT,
+ d->m_cancellable.get(), redirectSkipCallback, handle.get());
+ return;
+ }
</ins><span class="cx"> } else {
</span><span class="cx"> d->m_response.setURL(handle->firstRequest().url());
</span><span class="cx"> const gchar* contentType = soup_request_get_content_type(d->m_soupRequest.get());
</span></span></pre></div>
<a id="releasesWebKitGTKwebkit24ToolsChangeLog"></a>
<div class="modfile"><h4>Modified: releases/WebKitGTK/webkit-2.4/Tools/ChangeLog (168421 => 168422)</h4>
<pre class="diff"><span>
<span class="info">--- releases/WebKitGTK/webkit-2.4/Tools/ChangeLog 2014-05-07 10:59:34 UTC (rev 168421)
+++ releases/WebKitGTK/webkit-2.4/Tools/ChangeLog 2014-05-07 11:21:21 UTC (rev 168422)
</span><span class="lines">@@ -1,3 +1,18 @@
</span><ins>+2014-05-07 Carlos Garcia Campos <cgarcia@igalia.com>
+
+ [SOUP] TLSErrors do not cause page load to fail when not ignored
+ https://bugs.webkit.org/show_bug.cgi?id=121548
+
+ Reviewed by Sergio Villar Senin.
+
+ Add unit tests to check that the load fails with TLS errors in
+ case of a redirection.
+
+ * TestWebKitAPI/Tests/WebKit2Gtk/TestSSL.cpp:
+ (testTLSErrorsRedirect):
+ (httpsServerCallback):
+ (beforeAll):
+
</ins><span class="cx"> 2014-04-01 Mario Sanchez Prada <mario.prada@samsung.com>
</span><span class="cx">
</span><span class="cx"> [GTK] Running minibrowser with url crashes in debug build
</span></span></pre></div>
<a id="releasesWebKitGTKwebkit24ToolsTestWebKitAPITestsWebKit2GtkTestSSLcpp"></a>
<div class="modfile"><h4>Modified: releases/WebKitGTK/webkit-2.4/Tools/TestWebKitAPI/Tests/WebKit2Gtk/TestSSL.cpp (168421 => 168422)</h4>
<pre class="diff"><span>
<span class="info">--- releases/WebKitGTK/webkit-2.4/Tools/TestWebKitAPI/Tests/WebKit2Gtk/TestSSL.cpp 2014-05-07 10:59:34 UTC (rev 168421)
+++ releases/WebKitGTK/webkit-2.4/Tools/TestWebKitAPI/Tests/WebKit2Gtk/TestSSL.cpp 2014-05-07 11:21:21 UTC (rev 168422)
</span><span class="lines">@@ -134,6 +134,16 @@
</span><span class="cx"> g_assert(!test->m_loadEvents.contains(LoadTrackingTest::LoadCommitted));
</span><span class="cx"> }
</span><span class="cx">
</span><ins>+static void testTLSErrorsRedirect(SSLTest* test, gconstpointer)
+{
+ webkit_web_context_set_tls_errors_policy(webkit_web_view_get_context(test->m_webView), WEBKIT_TLS_ERRORS_POLICY_FAIL);
+ test->loadURI(kHttpsServer->getURIForPath("/redirect").data());
+ test->waitUntilLoadFinished();
+ g_assert(test->m_loadFailed);
+ g_assert(test->m_loadEvents.contains(LoadTrackingTest::ProvisionalLoadFailed));
+ g_assert(!test->m_loadEvents.contains(LoadTrackingTest::LoadCommitted));
+}
+
</ins><span class="cx"> class TLSErrorsTest: public SSLTest {
</span><span class="cx"> public:
</span><span class="cx"> MAKE_GLIB_TEST_FIXTURE(TLSErrorsTest);
</span><span class="lines">@@ -233,6 +243,9 @@
</span><span class="cx"> soup_message_set_status(message, SOUP_STATUS_OK);
</span><span class="cx"> soup_message_body_append(message->response_body, SOUP_MEMORY_STATIC, TLSSuccessHTMLString, strlen(TLSSuccessHTMLString));
</span><span class="cx"> soup_message_body_complete(message->response_body);
</span><ins>+ } else if (g_str_equal(path, "/redirect")) {
+ soup_message_set_status(message, SOUP_STATUS_MOVED_PERMANENTLY);
+ soup_message_headers_append(message->response_headers, "Location", kHttpServer->getURIForPath("/test-image").data());
</ins><span class="cx"> } else
</span><span class="cx"> soup_message_set_status(message, SOUP_STATUS_NOT_FOUND);
</span><span class="cx"> }
</span><span class="lines">@@ -280,6 +293,7 @@
</span><span class="cx"> // and expects that no exception will have been added for this certificate and host pair as is
</span><span class="cx"> // done in the tls-permission-request test.
</span><span class="cx"> SSLTest::add("WebKitWebView", "tls-errors-policy", testTLSErrorsPolicy);
</span><ins>+ SSLTest::add("WebKitWebView", "tls-errors-redirect-to-http", testTLSErrorsRedirect);
</ins><span class="cx"> TLSErrorsTest::add("WebKitWebView", "load-failed-with-tls-errors", testLoadFailedWithTLSErrors);
</span><span class="cx"> }
</span><span class="cx">
</span></span></pre>
</div>
</div>
</body>
</html>