<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN"
"http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head><meta http-equiv="content-type" content="text/html; charset=utf-8" />
<title>[202546] trunk/Source/WebCore</title>
</head>
<body>
<style type="text/css"><!--
#msg dl.meta { border: 1px #006 solid; background: #369; padding: 6px; color: #fff; }
#msg dl.meta dt { float: left; width: 6em; font-weight: bold; }
#msg dt:after { content:':';}
#msg dl, #msg dt, #msg ul, #msg li, #header, #footer, #logmsg { font-family: verdana,arial,helvetica,sans-serif; font-size: 10pt; }
#msg dl a { font-weight: bold}
#msg dl a:link { color:#fc3; }
#msg dl a:active { color:#ff0; }
#msg dl a:visited { color:#cc6; }
h3 { font-family: verdana,arial,helvetica,sans-serif; font-size: 10pt; font-weight: bold; }
#msg pre { overflow: auto; background: #ffc; border: 1px #fa0 solid; padding: 6px; }
#logmsg { background: #ffc; border: 1px #fa0 solid; padding: 1em 1em 0 1em; }
#logmsg p, #logmsg pre, #logmsg blockquote { margin: 0 0 1em 0; }
#logmsg p, #logmsg li, #logmsg dt, #logmsg dd { line-height: 14pt; }
#logmsg h1, #logmsg h2, #logmsg h3, #logmsg h4, #logmsg h5, #logmsg h6 { margin: .5em 0; }
#logmsg h1:first-child, #logmsg h2:first-child, #logmsg h3:first-child, #logmsg h4:first-child, #logmsg h5:first-child, #logmsg h6:first-child { margin-top: 0; }
#logmsg ul, #logmsg ol { padding: 0; list-style-position: inside; margin: 0 0 0 1em; }
#logmsg ul { text-indent: -1em; padding-left: 1em; }#logmsg ol { text-indent: -1.5em; padding-left: 1.5em; }
#logmsg > ul, #logmsg > ol { margin: 0 0 1em 0; }
#logmsg pre { background: #eee; padding: 1em; }
#logmsg blockquote { border: 1px solid #fa0; border-left-width: 10px; padding: 1em 1em 0 1em; background: white;}
#logmsg dl { margin: 0; }
#logmsg dt { font-weight: bold; }
#logmsg dd { margin: 0; padding: 0 0 0.5em 0; }
#logmsg dd:before { content:'\00bb';}
#logmsg table { border-spacing: 0px; border-collapse: collapse; border-top: 4px solid #fa0; border-bottom: 1px solid #fa0; background: #fff; }
#logmsg table th { text-align: left; font-weight: normal; padding: 0.2em 0.5em; border-top: 1px dotted #fa0; }
#logmsg table td { text-align: right; border-top: 1px dotted #fa0; padding: 0.2em 0.5em; }
#logmsg table thead th { text-align: center; border-bottom: 1px solid #fa0; }
#logmsg table th.Corner { text-align: left; }
#logmsg hr { border: none 0; border-top: 2px dashed #fa0; height: 1px; }
#header, #footer { color: #fff; background: #636; border: 1px #300 solid; padding: 6px; }
#patch { width: 100%; }
#patch h4 {font-family: verdana,arial,helvetica,sans-serif;font-size:10pt;padding:8px;background:#369;color:#fff;margin:0;}
#patch .propset h4, #patch .binary h4 {margin:0;}
#patch pre {padding:0;line-height:1.2em;margin:0;}
#patch .diff {width:100%;background:#eee;padding: 0 0 10px 0;overflow:auto;}
#patch .propset .diff, #patch .binary .diff {padding:10px 0;}
#patch span {display:block;padding:0 10px;}
#patch .modfile, #patch .addfile, #patch .delfile, #patch .propset, #patch .binary, #patch .copfile {border:1px solid #ccc;margin:10px 0;}
#patch ins {background:#dfd;text-decoration:none;display:block;padding:0 10px;}
#patch del {background:#fdd;text-decoration:none;display:block;padding:0 10px;}
#patch .lines, .info {color:#888;background:#fff;}
--></style>
<div id="msg">
<dl class="meta">
<dt>Revision</dt> <dd><a href="http://trac.webkit.org/projects/webkit/changeset/202546">202546</a></dd>
<dt>Author</dt> <dd>jer.noble@apple.com</dd>
<dt>Date</dt> <dd>2016-06-27 23:44:01 -0700 (Mon, 27 Jun 2016)</dd>
</dl>
<h3>Log Message</h3>
<pre>REGRESSION?(<a href="http://trac.webkit.org/projects/webkit/changeset/202466">r202466</a>): http/tests/security/canvas-remote-read-remote-video-redirect.html failing on Sierra
https://bugs.webkit.org/show_bug.cgi?id=159172
<rdar://problem/27030025>
Reviewed by Brent Fulgham.
Add a hasSingleSecurityOrigin property to WebCoreNSURLSession that gets updated each time one of that
sessions' tasks receieves a response or a redirect request. Check that property from the MediaPlayerPrivate.
* platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
(WebCore::MediaPlayerPrivateAVFoundationObjC::hasSingleSecurityOrigin):
* platform/network/cocoa/WebCoreNSURLSession.h:
* platform/network/cocoa/WebCoreNSURLSession.mm:
(-[WebCoreNSURLSession updateHasSingleSecurityOrigin:]):
(-[WebCoreNSURLSession dataTaskWithRequest:]):
(-[WebCoreNSURLSession dataTaskWithURL:]):
(-[WebCoreNSURLSessionDataTask resource:receivedResponse:]):
(-[WebCoreNSURLSessionDataTask resource:receivedRedirect:request:]):</pre>
<h3>Modified Paths</h3>
<ul>
<li><a href="#trunkSourceWebCoreChangeLog">trunk/Source/WebCore/ChangeLog</a></li>
<li><a href="#trunkSourceWebCoreplatformgraphicsavfoundationobjcMediaPlayerPrivateAVFoundationObjCmm">trunk/Source/WebCore/platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm</a></li>
<li><a href="#trunkSourceWebCoreplatformnetworkcocoaWebCoreNSURLSessionh">trunk/Source/WebCore/platform/network/cocoa/WebCoreNSURLSession.h</a></li>
<li><a href="#trunkSourceWebCoreplatformnetworkcocoaWebCoreNSURLSessionmm">trunk/Source/WebCore/platform/network/cocoa/WebCoreNSURLSession.mm</a></li>
</ul>
</div>
<div id="patch">
<h3>Diff</h3>
<a id="trunkSourceWebCoreChangeLog"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/ChangeLog (202545 => 202546)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/ChangeLog 2016-06-28 06:38:32 UTC (rev 202545)
+++ trunk/Source/WebCore/ChangeLog 2016-06-28 06:44:01 UTC (rev 202546)
</span><span class="lines">@@ -1,3 +1,24 @@
</span><ins>+2016-06-27 Jer Noble <jer.noble@apple.com>
+
+ REGRESSION?(r202466): http/tests/security/canvas-remote-read-remote-video-redirect.html failing on Sierra
+ https://bugs.webkit.org/show_bug.cgi?id=159172
+ <rdar://problem/27030025>
+
+ Reviewed by Brent Fulgham.
+
+ Add a hasSingleSecurityOrigin property to WebCoreNSURLSession that gets updated each time one of that
+ sessions' tasks receieves a response or a redirect request. Check that property from the MediaPlayerPrivate.
+
+ * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
+ (WebCore::MediaPlayerPrivateAVFoundationObjC::hasSingleSecurityOrigin):
+ * platform/network/cocoa/WebCoreNSURLSession.h:
+ * platform/network/cocoa/WebCoreNSURLSession.mm:
+ (-[WebCoreNSURLSession updateHasSingleSecurityOrigin:]):
+ (-[WebCoreNSURLSession dataTaskWithRequest:]):
+ (-[WebCoreNSURLSession dataTaskWithURL:]):
+ (-[WebCoreNSURLSessionDataTask resource:receivedResponse:]):
+ (-[WebCoreNSURLSessionDataTask resource:receivedRedirect:request:]):
+
</ins><span class="cx"> 2016-06-27 Alex Christensen <achristensen@webkit.org>
</span><span class="cx">
</span><span class="cx"> CMake build fix.
</span></span></pre></div>
<a id="trunkSourceWebCoreplatformgraphicsavfoundationobjcMediaPlayerPrivateAVFoundationObjCmm"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm (202545 => 202546)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm 2016-06-28 06:38:32 UTC (rev 202545)
+++ trunk/Source/WebCore/platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm 2016-06-28 06:44:01 UTC (rev 202546)
</span><span class="lines">@@ -2241,7 +2241,18 @@
</span><span class="cx">
</span><span class="cx"> Ref<SecurityOrigin> resolvedOrigin(SecurityOrigin::create(resolvedURL()));
</span><span class="cx"> Ref<SecurityOrigin> requestedOrigin(SecurityOrigin::createFromString(assetURL()));
</span><del>- return resolvedOrigin.get().isSameSchemeHostPort(&requestedOrigin.get());
</del><ins>+ if (!resolvedOrigin.get().isSameSchemeHostPort(&requestedOrigin.get()))
+ return false;
+
+#if PLATFORM(IOS) || __MAC_OS_X_VERSION_MIN_REQUIRED > 101100
+ AVAssetResourceLoader *resourceLoader = m_avAsset.get().resourceLoader;
+ if (Settings::isAVFoundationNSURLSessionEnabled() && [resourceLoader respondsToSelector:@selector(URLSession)]) {
+ WebCoreNSURLSession *session = (WebCoreNSURLSession *)resourceLoader.URLSession;
+ if ([session respondsToSelector:@selector(hasSingleSecurityOrigin)])
+ return session.hasSingleSecurityOrigin;
+ }
+#endif
+ return true;
</ins><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> bool MediaPlayerPrivateAVFoundationObjC::didPassCORSAccessCheck() const
</span></span></pre></div>
<a id="trunkSourceWebCoreplatformnetworkcocoaWebCoreNSURLSessionh"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/platform/network/cocoa/WebCoreNSURLSession.h (202545 => 202546)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/platform/network/cocoa/WebCoreNSURLSession.h 2016-06-28 06:38:32 UTC (rev 202545)
+++ trunk/Source/WebCore/platform/network/cocoa/WebCoreNSURLSession.h 2016-06-28 06:44:01 UTC (rev 202546)
</span><span class="lines">@@ -46,6 +46,7 @@
</span><span class="cx"> class PlatformMediaResource;
</span><span class="cx"> class PlatformMediaResourceLoader;
</span><span class="cx"> class WebCoreNSURLSessionDataTaskClient;
</span><ins>+class SecurityOrigin;
</ins><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> enum class WebCoreNSURLSessionCORSAccessCheckResults {
</span><span class="lines">@@ -63,9 +64,11 @@
</span><span class="cx"> NSString *_sessionDescription;
</span><span class="cx"> HashSet<RetainPtr<WebCoreNSURLSessionDataTask>> _dataTasks;
</span><span class="cx"> BOOL _invalidated;
</span><ins>+ BOOL _hasSingleSecurityOrigin;
</ins><span class="cx"> NSUInteger _nextTaskIdentifier;
</span><span class="cx"> OSObjectPtr<dispatch_queue_t> _internalQueue;
</span><span class="cx"> WebCoreNSURLSessionCORSAccessCheckResults _corsResults;
</span><ins>+ RefPtr<WebCore::SecurityOrigin> _requestedOrigin;
</ins><span class="cx"> }
</span><span class="cx"> - (id)initWithResourceLoader:(WebCore::PlatformMediaResourceLoader&)loader delegate:(id<NSURLSessionTaskDelegate>)delegate delegateQueue:(NSOperationQueue*)queue;
</span><span class="cx"> @property (readonly, retain) NSOperationQueue *delegateQueue;
</span><span class="lines">@@ -73,6 +76,7 @@
</span><span class="cx"> @property (readonly, copy) NSURLSessionConfiguration *configuration;
</span><span class="cx"> @property (copy) NSString *sessionDescription;
</span><span class="cx"> @property (readonly) BOOL didPassCORSAccessChecks;
</span><ins>+@property (readonly) BOOL hasSingleSecurityOrigin;
</ins><span class="cx"> - (void)finishTasksAndInvalidate;
</span><span class="cx"> - (void)invalidateAndCancel;
</span><span class="cx">
</span></span></pre></div>
<a id="trunkSourceWebCoreplatformnetworkcocoaWebCoreNSURLSessionmm"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/platform/network/cocoa/WebCoreNSURLSession.mm (202545 => 202546)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/platform/network/cocoa/WebCoreNSURLSession.mm 2016-06-28 06:38:32 UTC (rev 202545)
+++ trunk/Source/WebCore/platform/network/cocoa/WebCoreNSURLSession.mm 2016-06-28 06:44:01 UTC (rev 202546)
</span><span class="lines">@@ -30,6 +30,7 @@
</span><span class="cx">
</span><span class="cx"> #import "CachedResourceRequest.h"
</span><span class="cx"> #import "PlatformMediaResourceLoader.h"
</span><ins>+#import "SecurityOrigin.h"
</ins><span class="cx"> #import "SubresourceLoader.h"
</span><span class="cx">
</span><span class="cx"> using namespace WebCore;
</span><span class="lines">@@ -44,6 +45,7 @@
</span><span class="cx"> - (void)taskCompleted:(WebCoreNSURLSessionDataTask *)task;
</span><span class="cx"> - (void)addDelegateOperation:(void (^)(void))operation;
</span><span class="cx"> - (void)task:(WebCoreNSURLSessionDataTask *)task didReceiveCORSAccessCheckResult:(BOOL)result;
</span><ins>+- (void)updateHasSingleSecurityOrigin:(SecurityOrigin&)origin;
</ins><span class="cx"> @end
</span><span class="cx">
</span><span class="cx"> @interface WebCoreNSURLSessionDataTask ()
</span><span class="lines">@@ -83,6 +85,7 @@
</span><span class="cx"> self.delegate = inDelegate;
</span><span class="cx"> _queue = inQueue ? inQueue : [NSOperationQueue mainQueue];
</span><span class="cx"> _internalQueue = adoptOSObject(dispatch_queue_create("WebCoreNSURLSession _internalQueue", DISPATCH_QUEUE_SERIAL));
</span><ins>+ _hasSingleSecurityOrigin = YES;
</ins><span class="cx">
</span><span class="cx"> return self;
</span><span class="cx"> }
</span><span class="lines">@@ -139,8 +142,21 @@
</span><span class="cx"> _corsResults = WebCoreNSURLSessionCORSAccessCheckResults::Pass;
</span><span class="cx"> }
</span><span class="cx">
</span><ins>+- (void)updateHasSingleSecurityOrigin:(SecurityOrigin&)origin
+{
+ if (!_requestedOrigin) {
+ _requestedOrigin = &origin;
+ return;
+ }
+
+ if (!origin.isSameSchemeHostPort(_requestedOrigin.get()))
+ _hasSingleSecurityOrigin = false;
+}
+
</ins><span class="cx"> #pragma mark - NSURLSession API
</span><span class="cx"> @synthesize sessionDescription=_sessionDescription;
</span><ins>+@synthesize hasSingleSecurityOrigin=_hasSingleSecurityOrigin;
+
</ins><span class="cx"> @dynamic delegate;
</span><span class="cx"> - (__nullable id<NSURLSessionDelegate>)delegate
</span><span class="cx"> {
</span><span class="lines">@@ -234,6 +250,8 @@
</span><span class="cx"> if (_invalidated)
</span><span class="cx"> return nil;
</span><span class="cx">
</span><ins>+ [self updateHasSingleSecurityOrigin:SecurityOrigin::create([request URL])];
+
</ins><span class="cx"> WebCoreNSURLSessionDataTask *task = [[WebCoreNSURLSessionDataTask alloc] initWithSession:self identifier:_nextTaskIdentifier++ request:request];
</span><span class="cx"> _dataTasks.add(task);
</span><span class="cx"> return (NSURLSessionDataTask *)[task autorelease];
</span><span class="lines">@@ -244,6 +262,8 @@
</span><span class="cx"> if (_invalidated)
</span><span class="cx"> return nil;
</span><span class="cx">
</span><ins>+ [self updateHasSingleSecurityOrigin:SecurityOrigin::create(url)];
+
</ins><span class="cx"> WebCoreNSURLSessionDataTask *task = [[WebCoreNSURLSessionDataTask alloc] initWithSession:self identifier:_nextTaskIdentifier++ URL:url];
</span><span class="cx"> _dataTasks.add(task);
</span><span class="cx"> return (NSURLSessionDataTask *)[task autorelease];
</span><span class="lines">@@ -524,6 +544,7 @@
</span><span class="cx"> ASSERT_UNUSED(resource, &resource == _resource);
</span><span class="cx"> ASSERT(isMainThread());
</span><span class="cx"> [self.session task:self didReceiveCORSAccessCheckResult:resource.didPassAccessControlCheck()];
</span><ins>+ [self.session updateHasSingleSecurityOrigin:SecurityOrigin::create(response.url())];
</ins><span class="cx"> self.countOfBytesExpectedToReceive = response.expectedContentLength();
</span><span class="cx"> [self _setDefersLoading:YES];
</span><span class="cx"> RetainPtr<NSURLResponse> strongResponse { response.nsURLResponse() };
</span><span class="lines">@@ -608,6 +629,8 @@
</span><span class="cx"> // current request during responseReceieved: to work around a CoreMedia bug.
</span><span class="cx"> if (response.httpStatusCode() != 302 && response.httpStatusCode() != 307)
</span><span class="cx"> self.currentRequest = [NSURLRequest requestWithURL:request.url()];
</span><ins>+
+ [self.session updateHasSingleSecurityOrigin:SecurityOrigin::create(request.url())];
</ins><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> - (void)_resource:(PlatformMediaResource&)resource loadFinishedWithError:(NSError *)error
</span></span></pre>
</div>
</div>
</body>
</html>