<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN"

"http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">

<head><meta http-equiv="content-type" content="text/html; charset=utf-8" />

<title>[202480] trunk</title>

</head>

<body>

<style type="text/css"><!--

#msg dl.meta { border: 1px #006 solid; background: #369; padding: 6px; color: #fff; }

#msg dl.meta dt { float: left; width: 6em; font-weight: bold; }

#msg dt:after { content:':';}

#msg dl, #msg dt, #msg ul, #msg li, #header, #footer, #logmsg { font-family: verdana,arial,helvetica,sans-serif; font-size: 10pt;  }

#msg dl a { font-weight: bold}

#msg dl a:link    { color:#fc3; }

#msg dl a:active  { color:#ff0; }

#msg dl a:visited { color:#cc6; }

h3 { font-family: verdana,arial,helvetica,sans-serif; font-size: 10pt; font-weight: bold; }

#msg pre { overflow: auto; background: #ffc; border: 1px #fa0 solid; padding: 6px; }

#logmsg { background: #ffc; border: 1px #fa0 solid; padding: 1em 1em 0 1em; }

#logmsg p, #logmsg pre, #logmsg blockquote { margin: 0 0 1em 0; }

#logmsg p, #logmsg li, #logmsg dt, #logmsg dd { line-height: 14pt; }

#logmsg h1, #logmsg h2, #logmsg h3, #logmsg h4, #logmsg h5, #logmsg h6 { margin: .5em 0; }

#logmsg h1:first-child, #logmsg h2:first-child, #logmsg h3:first-child, #logmsg h4:first-child, #logmsg h5:first-child, #logmsg h6:first-child { margin-top: 0; }

#logmsg ul, #logmsg ol { padding: 0; list-style-position: inside; margin: 0 0 0 1em; }

#logmsg ul { text-indent: -1em; padding-left: 1em; }#logmsg ol { text-indent: -1.5em; padding-left: 1.5em; }

#logmsg > ul, #logmsg > ol { margin: 0 0 1em 0; }

#logmsg pre { background: #eee; padding: 1em; }

#logmsg blockquote { border: 1px solid #fa0; border-left-width: 10px; padding: 1em 1em 0 1em; background: white;}

#logmsg dl { margin: 0; }

#logmsg dt { font-weight: bold; }

#logmsg dd { margin: 0; padding: 0 0 0.5em 0; }

#logmsg dd:before { content:'\00bb';}

#logmsg table { border-spacing: 0px; border-collapse: collapse; border-top: 4px solid #fa0; border-bottom: 1px solid #fa0; background: #fff; }

#logmsg table th { text-align: left; font-weight: normal; padding: 0.2em 0.5em; border-top: 1px dotted #fa0; }

#logmsg table td { text-align: right; border-top: 1px dotted #fa0; padding: 0.2em 0.5em; }

#logmsg table thead th { text-align: center; border-bottom: 1px solid #fa0; }

#logmsg table th.Corner { text-align: left; }

#logmsg hr { border: none 0; border-top: 2px dashed #fa0; height: 1px; }

#header, #footer { color: #fff; background: #636; border: 1px #300 solid; padding: 6px; }

#patch { width: 100%; }

#patch h4 {font-family: verdana,arial,helvetica,sans-serif;font-size:10pt;padding:8px;background:#369;color:#fff;margin:0;}

#patch .propset h4, #patch .binary h4 {margin:0;}

#patch pre {padding:0;line-height:1.2em;margin:0;}

#patch .diff {width:100%;background:#eee;padding: 0 0 10px 0;overflow:auto;}

#patch .propset .diff, #patch .binary .diff  {padding:10px 0;}

#patch span {display:block;padding:0 10px;}

#patch .modfile, #patch .addfile, #patch .delfile, #patch .propset, #patch .binary, #patch .copfile {border:1px solid #ccc;margin:10px 0;}

#patch ins {background:#dfd;text-decoration:none;display:block;padding:0 10px;}

#patch del {background:#fdd;text-decoration:none;display:block;padding:0 10px;}

#patch .lines, .info {color:#888;background:#fff;}

--></style>

<div id="msg">

<dl class="meta">

<dt>Revision</dt> <dd><a href="http://trac.webkit.org/projects/webkit/changeset/202480">202480</a></dd>

<dt>Author</dt> <dd>commit-queue@webkit.org</dd>

<dt>Date</dt> <dd>2016-06-27 01:28:30 -0700 (Mon, 27 Jun 2016)</dd>

</dl>

<h3>Log Message</h3>

<pre>Remove didFailRedirectCheck ThreadableLoaderClient callback

https://bugs.webkit.org/show_bug.cgi?id=159085

Patch by Youenn Fablet &lt;youenn@apple.com&gt; on 2016-06-27

Reviewed by Daniel Bates.

Source/WebCore:

Removing didFailRedirectCheck and using didFailAccessControlCheck instead.

The change in behavior is that additional error messages are outputted in the console.

These messages give additional debugging information.

Covered by rebased tests.

* Modules/fetch/FetchLoader.cpp: Removing didFailRedirectCheck.

* Modules/fetch/FetchLoader.h: Ditto.

* inspector/InspectorNetworkAgent.cpp: Ditto.

* loader/DocumentThreadableLoader.cpp:

(WebCore::DocumentThreadableLoader::redirectReceived): Calling didFailAccessControlCheck with information on failing

URL.

(WebCore::DocumentThreadableLoader::loadRequest): Ditto.

* loader/ThreadableLoaderClient.h: Removing didFailRedirectCheck.

* loader/ThreadableLoaderClientWrapper.h: Ditto.

* loader/WorkerThreadableLoader.cpp: Ditto.

* loader/WorkerThreadableLoader.h: Ditto.

* page/EventSource.cpp: Ditto.

* page/EventSource.h: Ditto.

* workers/WorkerScriptLoader.cpp: Ditto.

* workers/WorkerScriptLoader.h: Ditto.

* xml/XMLHttpRequest.cpp: Ditto.

* xml/XMLHttpRequest.h: Ditto.

LayoutTests:

* http/tests/security/contentSecurityPolicy/connect-src-eventsource-redirect-to-blocked-expected.txt:

* http/tests/security/contentSecurityPolicy/connect-src-xmlhttprequest-redirect-to-blocked-expected.txt:

* http/tests/security/contentSecurityPolicy/worker-csp-blocks-xhr-redirect-cross-origin-expected.txt:

* http/tests/xmlhttprequest/access-control-and-redirects-async-expected.txt:

* http/tests/xmlhttprequest/access-control-and-redirects-expected.txt:</pre>

<h3>Modified Paths</h3>

<ul>

<li><a href="#trunkLayoutTestsChangeLog">trunk/LayoutTests/ChangeLog</a></li>

<li><a href="#trunkLayoutTestshttptestssecuritycontentSecurityPolicyconnectsrceventsourceredirecttoblockedexpectedtxt">trunk/LayoutTests/http/tests/security/contentSecurityPolicy/connect-src-eventsource-redirect-to-blocked-expected.txt</a></li>

<li><a href="#trunkLayoutTestshttptestssecuritycontentSecurityPolicyconnectsrcxmlhttprequestredirecttoblockedexpectedtxt">trunk/LayoutTests/http/tests/security/contentSecurityPolicy/connect-src-xmlhttprequest-redirect-to-blocked-expected.txt</a></li>

<li><a href="#trunkLayoutTestshttptestssecuritycontentSecurityPolicyworkercspblocksxhrredirectcrossoriginexpectedtxt">trunk/LayoutTests/http/tests/security/contentSecurityPolicy/worker-csp-blocks-xhr-redirect-cross-origin-expected.txt</a></li>

<li><a href="#trunkLayoutTestshttptestsxmlhttprequestaccesscontrolandredirectsasyncexpectedtxt">trunk/LayoutTests/http/tests/xmlhttprequest/access-control-and-redirects-async-expected.txt</a></li>

<li><a href="#trunkLayoutTestshttptestsxmlhttprequestaccesscontrolandredirectsexpectedtxt">trunk/LayoutTests/http/tests/xmlhttprequest/access-control-and-redirects-expected.txt</a></li>

<li><a href="#trunkSourceWebCoreChangeLog">trunk/Source/WebCore/ChangeLog</a></li>

<li><a href="#trunkSourceWebCoreModulesfetchFetchLoadercpp">trunk/Source/WebCore/Modules/fetch/FetchLoader.cpp</a></li>

<li><a href="#trunkSourceWebCoreModulesfetchFetchLoaderh">trunk/Source/WebCore/Modules/fetch/FetchLoader.h</a></li>

<li><a href="#trunkSourceWebCoreinspectorInspectorNetworkAgentcpp">trunk/Source/WebCore/inspector/InspectorNetworkAgent.cpp</a></li>

<li><a href="#trunkSourceWebCoreloaderDocumentThreadableLoadercpp">trunk/Source/WebCore/loader/DocumentThreadableLoader.cpp</a></li>

<li><a href="#trunkSourceWebCoreloaderThreadableLoaderClienth">trunk/Source/WebCore/loader/ThreadableLoaderClient.h</a></li>

<li><a href="#trunkSourceWebCoreloaderThreadableLoaderClientWrapperh">trunk/Source/WebCore/loader/ThreadableLoaderClientWrapper.h</a></li>

<li><a href="#trunkSourceWebCoreloaderWorkerThreadableLoadercpp">trunk/Source/WebCore/loader/WorkerThreadableLoader.cpp</a></li>

<li><a href="#trunkSourceWebCoreloaderWorkerThreadableLoaderh">trunk/Source/WebCore/loader/WorkerThreadableLoader.h</a></li>

<li><a href="#trunkSourceWebCorepageEventSourcecpp">trunk/Source/WebCore/page/EventSource.cpp</a></li>

<li><a href="#trunkSourceWebCorepageEventSourceh">trunk/Source/WebCore/page/EventSource.h</a></li>

<li><a href="#trunkSourceWebCoreworkersWorkerScriptLoadercpp">trunk/Source/WebCore/workers/WorkerScriptLoader.cpp</a></li>

<li><a href="#trunkSourceWebCoreworkersWorkerScriptLoaderh">trunk/Source/WebCore/workers/WorkerScriptLoader.h</a></li>

<li><a href="#trunkSourceWebCorexmlXMLHttpRequestcpp">trunk/Source/WebCore/xml/XMLHttpRequest.cpp</a></li>

<li><a href="#trunkSourceWebCorexmlXMLHttpRequesth">trunk/Source/WebCore/xml/XMLHttpRequest.h</a></li>

</ul>

</div>

<div id="patch">

<h3>Diff</h3>

<a id="trunkLayoutTestsChangeLog"></a>

<div class="modfile"><h4>Modified: trunk/LayoutTests/ChangeLog (202479 => 202480)</h4>

<pre class="diff"><span>

<span class="info">--- trunk/LayoutTests/ChangeLog        2016-06-27 05:10:05 UTC (rev 202479)

+++ trunk/LayoutTests/ChangeLog        2016-06-27 08:28:30 UTC (rev 202480)

</span><span class="lines">@@ -1,3 +1,16 @@

</span><ins>+2016-06-27  Youenn Fablet  &lt;youenn@apple.com&gt;

+

+        Remove didFailRedirectCheck ThreadableLoaderClient callback

+        https://bugs.webkit.org/show_bug.cgi?id=159085

+

+        Reviewed by Daniel Bates.

+

+        * http/tests/security/contentSecurityPolicy/connect-src-eventsource-redirect-to-blocked-expected.txt:

+        * http/tests/security/contentSecurityPolicy/connect-src-xmlhttprequest-redirect-to-blocked-expected.txt:

+        * http/tests/security/contentSecurityPolicy/worker-csp-blocks-xhr-redirect-cross-origin-expected.txt:

+        * http/tests/xmlhttprequest/access-control-and-redirects-async-expected.txt:

+        * http/tests/xmlhttprequest/access-control-and-redirects-expected.txt:

+

</ins><span class="cx"> 2016-06-26  Chris Dumez  &lt;cdumez@apple.com&gt;

</span><span class="cx"> 

</span><span class="cx">         Regression: HTMLOptionsCollection's named properties have precedence over indexed properties

</span></span></pre></div>

<a id="trunkLayoutTestshttptestssecuritycontentSecurityPolicyconnectsrceventsourceredirecttoblockedexpectedtxt"></a>

<div class="modfile"><h4>Modified: trunk/LayoutTests/http/tests/security/contentSecurityPolicy/connect-src-eventsource-redirect-to-blocked-expected.txt (202479 => 202480)</h4>

<pre class="diff"><span>

<span class="info">--- trunk/LayoutTests/http/tests/security/contentSecurityPolicy/connect-src-eventsource-redirect-to-blocked-expected.txt        2016-06-27 05:10:05 UTC (rev 202479)

+++ trunk/LayoutTests/http/tests/security/contentSecurityPolicy/connect-src-eventsource-redirect-to-blocked-expected.txt        2016-06-27 08:28:30 UTC (rev 202480)

</span><span class="lines">@@ -1,4 +1,5 @@

<span class="cx"> CONSOLE MESSAGE: Refused to connect to http://localhost:8000/eventsource/resources/simple-event-stream.asis because it does not appear in the connect-src directive of the Content Security Policy.

<ins>+CONSOLE MESSAGE: EventSource cannot load http://127.0.0.1:8000/security/contentSecurityPolicy/resources/redir.php?url=http://localhost:8000/eventsource/resources/simple-event-stream.asis. Cross-origin redirection denied by Content Security Policy.

</ins><span class="cx"> PASS EventSource() did not follow the disallowed redirect.

</span><span class="cx"> PASS successfullyParsed is true

</span><span class="cx"> 

</span></span></pre></div>

<a id="trunkLayoutTestshttptestssecuritycontentSecurityPolicyconnectsrcxmlhttprequestredirecttoblockedexpectedtxt"></a>

<div class="modfile"><h4>Modified: trunk/LayoutTests/http/tests/security/contentSecurityPolicy/connect-src-xmlhttprequest-redirect-to-blocked-expected.txt (202479 => 202480)</h4>

<pre class="diff"><span>

<span class="info">--- trunk/LayoutTests/http/tests/security/contentSecurityPolicy/connect-src-xmlhttprequest-redirect-to-blocked-expected.txt        2016-06-27 05:10:05 UTC (rev 202479)

+++ trunk/LayoutTests/http/tests/security/contentSecurityPolicy/connect-src-xmlhttprequest-redirect-to-blocked-expected.txt        2016-06-27 08:28:30 UTC (rev 202480)

</span><span class="lines">@@ -1,4 +1,5 @@

<span class="cx"> CONSOLE MESSAGE: Refused to connect to http://localhost:8000/security/contentSecurityPolicy/resources/xhr-redirect-not-allowed.pl because it does not appear in the connect-src directive of the Content Security Policy.

<ins>+CONSOLE MESSAGE: XMLHttpRequest cannot load http://127.0.0.1:8000/security/contentSecurityPolicy/resources/redir.php?url=http://localhost:8000/security/contentSecurityPolicy/resources/xhr-redirect-not-allowed.pl. Cross-origin redirection denied by Content Security Policy.

</ins><span class="cx"> PASS XMLHttpRequest.send() did not follow the disallowed redirect.

</span><span class="cx"> PASS successfullyParsed is true

</span><span class="cx"> 

</span></span></pre></div>

<a id="trunkLayoutTestshttptestssecuritycontentSecurityPolicyworkercspblocksxhrredirectcrossoriginexpectedtxt"></a>

<div class="modfile"><h4>Modified: trunk/LayoutTests/http/tests/security/contentSecurityPolicy/worker-csp-blocks-xhr-redirect-cross-origin-expected.txt (202479 => 202480)</h4>

<pre class="diff"><span>

<span class="info">--- trunk/LayoutTests/http/tests/security/contentSecurityPolicy/worker-csp-blocks-xhr-redirect-cross-origin-expected.txt        2016-06-27 05:10:05 UTC (rev 202479)

+++ trunk/LayoutTests/http/tests/security/contentSecurityPolicy/worker-csp-blocks-xhr-redirect-cross-origin-expected.txt        2016-06-27 08:28:30 UTC (rev 202480)

</span><span class="lines">@@ -1,3 +1,4 @@

<ins>+CONSOLE MESSAGE: XMLHttpRequest cannot load http://127.0.0.1:8000/security/contentSecurityPolicy/resources/redir.php?url=http://localhost:8000/xmlhttprequest/resources/access-control-basic-allow.cgi. Cross-origin redirection denied by Content Security Policy.

</ins><span class="cx"> This tests an XHR request made from a worker is blocked if it redirects to a cross-origin resource that is not listed as a connect-src in the CSP of the worker.

</span><span class="cx"> 

<span class="cx"> PASS threw exception Error: NetworkError: DOM Exception 19.

</span></span></pre></div>

<a id="trunkLayoutTestshttptestsxmlhttprequestaccesscontrolandredirectsasyncexpectedtxt"></a>

<div class="modfile"><h4>Modified: trunk/LayoutTests/http/tests/xmlhttprequest/access-control-and-redirects-async-expected.txt (202479 => 202480)</h4>

<pre class="diff"><span>

<span class="info">--- trunk/LayoutTests/http/tests/xmlhttprequest/access-control-and-redirects-async-expected.txt        2016-06-27 05:10:05 UTC (rev 202479)

+++ trunk/LayoutTests/http/tests/xmlhttprequest/access-control-and-redirects-async-expected.txt        2016-06-27 08:28:30 UTC (rev 202480)

</span><span class="lines">@@ -1,4 +1,9 @@

<ins>+CONSOLE MESSAGE: XMLHttpRequest cannot load http://localhost:8000/xmlhttprequest/resources/redirect-cors.php?url=http://localhost:8000/xmlhttprequest/resources/access-control-basic-allow-star.cgi. Cross-origin redirection denied by Cross-Origin Resource Sharing policy.

+CONSOLE MESSAGE: XMLHttpRequest cannot load http://localhost:8000/xmlhttprequest/resources/redirect-cors.php?url=http://localhost:8000/xmlhttprequest/resources/access-control-basic-allow-star.cgi&amp;%20%20access-control-allow-origin=http://localhost:8000. Cross-origin redirection denied by Cross-Origin Resource Sharing policy.

+CONSOLE MESSAGE: XMLHttpRequest cannot load http://localhost:8000/xmlhttprequest/resources/redirect-cors.php?url=http://username:password@localhost:8000/xmlhttprequest/resources/access-control-basic-allow-star.cgi&amp;%20%20access-control-allow-origin=http://localhost:8000. Cross-origin redirection denied by Cross-Origin Resource Sharing policy.

+CONSOLE MESSAGE: XMLHttpRequest cannot load http://localhost:8000/xmlhttprequest/resources/redirect-cors.php?url=foo://bar.cgi&amp;%20%20access-control-allow-origin=http://localhost:8000. Cross-origin redirection denied by Cross-Origin Resource Sharing policy.

</ins><span class="cx"> CONSOLE MESSAGE: XMLHttpRequest cannot load http://localhost:8000/xmlhttprequest/resources/redirect-cors.php?redirect-preflight=true&amp;%20%20url=http://localhost:8000/xmlhttprequest/resources/access-control-basic-allow-star.cgi&amp;%20%20access-control-allow-origin=*. Preflight response is not successful

<ins>+CONSOLE MESSAGE: XMLHttpRequest cannot load http://localhost:8000/xmlhttprequest/resources/redirect-cors.php?redirect-preflight=false&amp;%20%20url=http://localhost:8000/xmlhttprequest/resources/access-control-basic-allow-star.cgi&amp;%20%20access-control-allow-origin=*&amp;%20%20access-control-allow-headers=x-webkit. Cross-origin redirection denied by Cross-Origin Resource Sharing policy.

</ins><span class="cx"> Tests that asynchronous XMLHttpRequests handle redirects according to the CORS standard.

</span><span class="cx"> 

</span><span class="cx"> Testing http://localhost:8000/xmlhttprequest/resources/redirect-cors.php?url=http://localhost:8000/xmlhttprequest/resources/access-control-basic-allow-star.cgi without credentials

</span></span></pre></div>

<a id="trunkLayoutTestshttptestsxmlhttprequestaccesscontrolandredirectsexpectedtxt"></a>

<div class="modfile"><h4>Modified: trunk/LayoutTests/http/tests/xmlhttprequest/access-control-and-redirects-expected.txt (202479 => 202480)</h4>

<pre class="diff"><span>

<span class="info">--- trunk/LayoutTests/http/tests/xmlhttprequest/access-control-and-redirects-expected.txt        2016-06-27 05:10:05 UTC (rev 202479)

+++ trunk/LayoutTests/http/tests/xmlhttprequest/access-control-and-redirects-expected.txt        2016-06-27 08:28:30 UTC (rev 202480)

</span><span class="lines">@@ -1,3 +1,6 @@

<ins>+CONSOLE MESSAGE: XMLHttpRequest cannot load http://localhost:8000/resources/redirect.php?url=http://127.0.0.1:8000/xmlhttprequest/resources/access-control-basic-allow.cgi. Cross-origin redirection denied by Cross-Origin Resource Sharing policy.

+CONSOLE MESSAGE: line 25: XMLHttpRequest cannot load http://localhost:8000/resources/redirect.php?url=http://localhost:8000/xmlhttprequest/resources/access-control-basic-allow.cgi. Cross-origin redirection denied by Cross-Origin Resource Sharing policy.

+CONSOLE MESSAGE: XMLHttpRequest cannot load http://localhost:8000/resources/redirect.php?url=http://localhost:8000/xmlhttprequest/resources/access-control-basic-allow.cgi. Cross-origin redirection denied by Cross-Origin Resource Sharing policy.

</ins><span class="cx"> Tests that redirects between origins are never allowed, even when access control is involved.

</span><span class="cx"> 

<span class="cx"> Per the spec, these test cases should be allowed, but cross-origin redirects are currently unsupported in WebCore.

</span></span></pre></div>

<a id="trunkSourceWebCoreChangeLog"></a>

<div class="modfile"><h4>Modified: trunk/Source/WebCore/ChangeLog (202479 => 202480)</h4>

<pre class="diff"><span>

<span class="info">--- trunk/Source/WebCore/ChangeLog        2016-06-27 05:10:05 UTC (rev 202479)

+++ trunk/Source/WebCore/ChangeLog        2016-06-27 08:28:30 UTC (rev 202480)

</span><span class="lines">@@ -1,3 +1,34 @@

</span><ins>+2016-06-27  Youenn Fablet  &lt;youenn@apple.com&gt;

+

+        Remove didFailRedirectCheck ThreadableLoaderClient callback

+        https://bugs.webkit.org/show_bug.cgi?id=159085

+

+        Reviewed by Daniel Bates.

+

+        Removing didFailRedirectCheck and using didFailAccessControlCheck instead.

+        The change in behavior is that additional error messages are outputted in the console.

+        These messages give additional debugging information.

+

+        Covered by rebased tests.

+

+        * Modules/fetch/FetchLoader.cpp: Removing didFailRedirectCheck.

+        * Modules/fetch/FetchLoader.h: Ditto.

+        * inspector/InspectorNetworkAgent.cpp: Ditto.

+        * loader/DocumentThreadableLoader.cpp:

+        (WebCore::DocumentThreadableLoader::redirectReceived): Calling didFailAccessControlCheck with information on failing

+        URL.

+        (WebCore::DocumentThreadableLoader::loadRequest): Ditto.

+        * loader/ThreadableLoaderClient.h: Removing didFailRedirectCheck.

+        * loader/ThreadableLoaderClientWrapper.h: Ditto.

+        * loader/WorkerThreadableLoader.cpp: Ditto.

+        * loader/WorkerThreadableLoader.h: Ditto.

+        * page/EventSource.cpp: Ditto.

+        * page/EventSource.h: Ditto.

+        * workers/WorkerScriptLoader.cpp: Ditto.

+        * workers/WorkerScriptLoader.h: Ditto.

+        * xml/XMLHttpRequest.cpp: Ditto.

+        * xml/XMLHttpRequest.h: Ditto.

+

</ins><span class="cx"> 2016-06-26  Gyuyoung Kim  &lt;gyuyoung.kim@webkit.org&gt;

</span><span class="cx"> 

</span><span class="cx">         [EFL] Fix build warning when using geoclue2

</span></span></pre></div>

<a id="trunkSourceWebCoreModulesfetchFetchLoadercpp"></a>

<div class="modfile"><h4>Modified: trunk/Source/WebCore/Modules/fetch/FetchLoader.cpp (202479 => 202480)</h4>

<pre class="diff"><span>

<span class="info">--- trunk/Source/WebCore/Modules/fetch/FetchLoader.cpp        2016-06-27 05:10:05 UTC (rev 202479)

+++ trunk/Source/WebCore/Modules/fetch/FetchLoader.cpp        2016-06-27 08:28:30 UTC (rev 202480)

</span><span class="lines">@@ -144,11 +144,6 @@

</span><span class="cx">     m_client.didFail();

</span><span class="cx"> }

</span><span class="cx"> 

</span><del>-void FetchLoader::didFailRedirectCheck()

-{

-    m_client.didFail();

-}

-

</del><span class="cx"> } // namespace WebCore

</span><span class="cx"> 

</span><span class="cx"> #endif // ENABLE(FETCH_API)

</span></span></pre></div>

<a id="trunkSourceWebCoreModulesfetchFetchLoaderh"></a>

<div class="modfile"><h4>Modified: trunk/Source/WebCore/Modules/fetch/FetchLoader.h (202479 => 202480)</h4>

<pre class="diff"><span>

<span class="info">--- trunk/Source/WebCore/Modules/fetch/FetchLoader.h        2016-06-27 05:10:05 UTC (rev 202479)

+++ trunk/Source/WebCore/Modules/fetch/FetchLoader.h        2016-06-27 08:28:30 UTC (rev 202480)

</span><span class="lines">@@ -62,7 +62,6 @@

</span><span class="cx">     void didReceiveData(const char*, int) final;

</span><span class="cx">     void didFinishLoading(unsigned long, double) final;

</span><span class="cx">     void didFail(const ResourceError&amp;) final;

</span><del>-    void didFailRedirectCheck() final;

</del><span class="cx"> 

</span><span class="cx">     Type type() const { return m_type; }

</span><span class="cx"> 

</span></span></pre></div>

<a id="trunkSourceWebCoreinspectorInspectorNetworkAgentcpp"></a>

<div class="modfile"><h4>Modified: trunk/Source/WebCore/inspector/InspectorNetworkAgent.cpp (202479 => 202480)</h4>

<pre class="diff"><span>

<span class="info">--- trunk/Source/WebCore/inspector/InspectorNetworkAgent.cpp        2016-06-27 05:10:05 UTC (rev 202479)

+++ trunk/Source/WebCore/inspector/InspectorNetworkAgent.cpp        2016-06-27 08:28:30 UTC (rev 202480)

</span><span class="lines">@@ -128,9 +128,9 @@

</span><span class="cx">         dispose();

</span><span class="cx">     }

</span><span class="cx"> 

</span><del>-    void didFailRedirectCheck() override

</del><ins>+    void didFailAccessControlCheck(const ResourceError&amp;) final

</ins><span class="cx">     {

</span><del>-        m_callback-&gt;sendFailure(ASCIILiteral(&quot;Loading resource for inspector failed redirect check&quot;));

</del><ins>+        m_callback-&gt;sendFailure(ASCIILiteral(&quot;Loading resource for inspector failed access control check&quot;));

</ins><span class="cx">         dispose();

</span><span class="cx">     }

</span><span class="cx"> 

</span></span></pre></div>

<a id="trunkSourceWebCoreloaderDocumentThreadableLoadercpp"></a>

<div class="modfile"><h4>Modified: trunk/Source/WebCore/loader/DocumentThreadableLoader.cpp (202479 => 202480)</h4>

<pre class="diff"><span>

<span class="info">--- trunk/Source/WebCore/loader/DocumentThreadableLoader.cpp        2016-06-27 05:10:05 UTC (rev 202479)

+++ trunk/Source/WebCore/loader/DocumentThreadableLoader.cpp        2016-06-27 08:28:30 UTC (rev 202480)

</span><span class="lines">@@ -192,6 +192,16 @@

</span><span class="cx">         m_preflightChecker = Nullopt;

</span><span class="cx"> }

</span><span class="cx"> 

</span><ins>+static inline void reportContentSecurityPolicyError(ThreadableLoaderClient&amp; client, const URL&amp; url)

+{

+    client.didFailAccessControlCheck(ResourceError(errorDomainWebKitInternal, 0, url, &quot;Cross-origin redirection denied by Content Security Policy.&quot;));

+}

+

+static inline void reportCrossOriginResourceSharingError(ThreadableLoaderClient&amp; client, const URL&amp; url)

+{

+    client.didFailAccessControlCheck(ResourceError(errorDomainWebKitInternal, 0, url, &quot;Cross-origin redirection denied by Cross-Origin Resource Sharing policy.&quot;));

+}

+

</ins><span class="cx"> void DocumentThreadableLoader::redirectReceived(CachedResource* resource, ResourceRequest&amp; request, const ResourceResponse&amp; redirectResponse)

</span><span class="cx"> {

</span><span class="cx">     ASSERT(m_client);

</span><span class="lines">@@ -199,7 +209,7 @@

</span><span class="cx"> 

</span><span class="cx">     Ref&lt;DocumentThreadableLoader&gt; protectedThis(*this);

</span><span class="cx">     if (!isAllowedByContentSecurityPolicy(request.url(), !redirectResponse.isNull())) {

</span><del>-        m_client-&gt;didFailRedirectCheck();

</del><ins>+        reportContentSecurityPolicyError(*m_client, redirectResponse.url());

</ins><span class="cx">         request = ResourceRequest();

</span><span class="cx">         return;

</span><span class="cx">     }

</span><span class="lines">@@ -245,7 +255,7 @@

</span><span class="cx">         }

</span><span class="cx">     }

</span><span class="cx"> 

</span><del>-    m_client-&gt;didFailRedirectCheck();

</del><ins>+    reportCrossOriginResourceSharingError(*m_client, redirectResponse.url());

</ins><span class="cx">     request = ResourceRequest();

</span><span class="cx"> }

</span><span class="cx"> 

</span><span class="lines">@@ -381,9 +391,15 @@

</span><span class="cx">     // request and response URLs. This isn't a perfect test though, since a server can serve a redirect to the same URL that was

<span class="cx">     // requested. Also comparing the request and response URLs as strings will fail if the requestURL still has its credentials.

</span><span class="cx">     bool didRedirect = requestURL != response.url();

</span><del>-    if (didRedirect &amp;&amp; (!isAllowedByContentSecurityPolicy(response.url(), didRedirect) || !isAllowedRedirect(response.url()))) {

-        m_client-&gt;didFailRedirectCheck();

-        return;

</del><ins>+    if (didRedirect) {

+        if (!isAllowedByContentSecurityPolicy(response.url(), didRedirect)) {

+            reportContentSecurityPolicyError(*m_client, requestURL);

+            return;

+        }

+        if (!isAllowedRedirect(response.url())) {

+            reportCrossOriginResourceSharingError(*m_client, requestURL);

+            return;

+        }

</ins><span class="cx">     }

</span><span class="cx"> 

</span><span class="cx">     didReceiveResponse(identifier, response);

</span></span></pre></div>

<a id="trunkSourceWebCoreloaderThreadableLoaderClienth"></a>

<div class="modfile"><h4>Modified: trunk/Source/WebCore/loader/ThreadableLoaderClient.h (202479 => 202480)</h4>

<pre class="diff"><span>

<span class="info">--- trunk/Source/WebCore/loader/ThreadableLoaderClient.h        2016-06-27 05:10:05 UTC (rev 202479)

+++ trunk/Source/WebCore/loader/ThreadableLoaderClient.h        2016-06-27 08:28:30 UTC (rev 202480)

</span><span class="lines">@@ -47,7 +47,6 @@

</span><span class="cx">         virtual void didFinishLoading(unsigned long /*identifier*/, double /*finishTime*/) { }

</span><span class="cx">         virtual void didFail(const ResourceError&amp;) { }

</span><span class="cx">         virtual void didFailAccessControlCheck(const ResourceError&amp; error) { didFail(error); }

</span><del>-        virtual void didFailRedirectCheck() { }

</del><span class="cx"> 

</span><span class="cx">     protected:

</span><span class="cx">         ThreadableLoaderClient() { }

</span></span></pre></div>

<a id="trunkSourceWebCoreloaderThreadableLoaderClientWrapperh"></a>

<div class="modfile"><h4>Modified: trunk/Source/WebCore/loader/ThreadableLoaderClientWrapper.h (202479 => 202480)</h4>

<pre class="diff"><span>

<span class="info">--- trunk/Source/WebCore/loader/ThreadableLoaderClientWrapper.h        2016-06-27 05:10:05 UTC (rev 202479)

+++ trunk/Source/WebCore/loader/ThreadableLoaderClientWrapper.h        2016-06-27 08:28:30 UTC (rev 202480)

</span><span class="lines">@@ -95,13 +95,6 @@

</span><span class="cx">             m_client-&gt;didFailAccessControlCheck(error);

</span><span class="cx">     }

</span><span class="cx"> 

</span><del>-    void didFailRedirectCheck()

-    {

-        m_done = true;

-        if (m_client)

-            m_client-&gt;didFailRedirectCheck();

-    }

-

</del><span class="cx">     void didReceiveAuthenticationCancellation(unsigned long identifier, const ResourceResponse&amp; response)

</span><span class="cx">     {

</span><span class="cx">         if (m_client)

</span></span></pre></div>

<a id="trunkSourceWebCoreloaderWorkerThreadableLoadercpp"></a>

<div class="modfile"><h4>Modified: trunk/Source/WebCore/loader/WorkerThreadableLoader.cpp (202479 => 202480)</h4>

<pre class="diff"><span>

<span class="info">--- trunk/Source/WebCore/loader/WorkerThreadableLoader.cpp        2016-06-27 05:10:05 UTC (rev 202479)

+++ trunk/Source/WebCore/loader/WorkerThreadableLoader.cpp        2016-06-27 08:28:30 UTC (rev 202480)

</span><span class="lines">@@ -206,14 +206,4 @@

</span><span class="cx">     }, m_taskMode);

</span><span class="cx"> }

</span><span class="cx"> 

</span><del>-void WorkerThreadableLoader::MainThreadBridge::didFailRedirectCheck()

-{

-    m_loadingFinished = true;

-    Ref&lt;ThreadableLoaderClientWrapper&gt; protectedWorkerClientWrapper = *m_workerClientWrapper;

-    m_loaderProxy.postTaskForModeToWorkerGlobalScope([protectedWorkerClientWrapper = WTFMove(protectedWorkerClientWrapper)] (ScriptExecutionContext&amp; context) mutable {

-        ASSERT_UNUSED(context, context.isWorkerGlobalScope());

-        protectedWorkerClientWrapper-&gt;didFailRedirectCheck();

-    }, m_taskMode);

-}

-

</del><span class="cx"> } // namespace WebCore

</span></span></pre></div>

<a id="trunkSourceWebCoreloaderWorkerThreadableLoaderh"></a>

<div class="modfile"><h4>Modified: trunk/Source/WebCore/loader/WorkerThreadableLoader.h (202479 => 202480)</h4>

<pre class="diff"><span>

<span class="info">--- trunk/Source/WebCore/loader/WorkerThreadableLoader.h        2016-06-27 05:10:05 UTC (rev 202479)

+++ trunk/Source/WebCore/loader/WorkerThreadableLoader.h        2016-06-27 08:28:30 UTC (rev 202480)

</span><span class="lines">@@ -105,7 +105,6 @@

</span><span class="cx">             void didFinishLoading(unsigned long identifier, double finishTime) override;

</span><span class="cx">             void didFail(const ResourceError&amp;) override;

</span><span class="cx">             void didFailAccessControlCheck(const ResourceError&amp;) override;

</span><del>-            void didFailRedirectCheck() override;

</del><span class="cx"> 

<span class="cx">             // Only to be used on the main thread.

</span><span class="cx">             RefPtr&lt;ThreadableLoader&gt; m_mainThreadLoader;

</span></span></pre></div>

<a id="trunkSourceWebCorepageEventSourcecpp"></a>

<div class="modfile"><h4>Modified: trunk/Source/WebCore/page/EventSource.cpp (202479 => 202480)</h4>

<pre class="diff"><span>

<span class="info">--- trunk/Source/WebCore/page/EventSource.cpp        2016-06-27 05:10:05 UTC (rev 202479)

+++ trunk/Source/WebCore/page/EventSource.cpp        2016-06-27 08:28:30 UTC (rev 202480)

</span><span class="lines">@@ -261,11 +261,6 @@

</span><span class="cx">     abortConnectionAttempt();

</span><span class="cx"> }

</span><span class="cx"> 

</span><del>-void EventSource::didFailRedirectCheck()

-{

-    abortConnectionAttempt();

-}

-

</del><span class="cx"> void EventSource::abortConnectionAttempt()

</span><span class="cx"> {

</span><span class="cx">     ASSERT(m_state == CONNECTING);

</span></span></pre></div>

<a id="trunkSourceWebCorepageEventSourceh"></a>

<div class="modfile"><h4>Modified: trunk/Source/WebCore/page/EventSource.h (202479 => 202480)</h4>

<pre class="diff"><span>

<span class="info">--- trunk/Source/WebCore/page/EventSource.h        2016-06-27 05:10:05 UTC (rev 202479)

+++ trunk/Source/WebCore/page/EventSource.h        2016-06-27 08:28:30 UTC (rev 202480)

</span><span class="lines">@@ -82,7 +82,6 @@

</span><span class="cx">     void didFinishLoading(unsigned long, double) final;

</span><span class="cx">     void didFail(const ResourceError&amp;) final;

</span><span class="cx">     void didFailAccessControlCheck(const ResourceError&amp;) final;

</span><del>-    void didFailRedirectCheck() final;

</del><span class="cx"> 

</span><span class="cx">     void stop() final;

</span><span class="cx">     const char* activeDOMObjectName() const final;

</span></span></pre></div>

<a id="trunkSourceWebCoreworkersWorkerScriptLoadercpp"></a>

<div class="modfile"><h4>Modified: trunk/Source/WebCore/workers/WorkerScriptLoader.cpp (202479 => 202480)</h4>

<pre class="diff"><span>

<span class="info">--- trunk/Source/WebCore/workers/WorkerScriptLoader.cpp        2016-06-27 05:10:05 UTC (rev 202479)

+++ trunk/Source/WebCore/workers/WorkerScriptLoader.cpp        2016-06-27 08:28:30 UTC (rev 202480)

</span><span class="lines">@@ -161,11 +161,6 @@

</span><span class="cx">     notifyError();

</span><span class="cx"> }

</span><span class="cx"> 

</span><del>-void WorkerScriptLoader::didFailRedirectCheck()

-{

-    notifyError();

-}

-

</del><span class="cx"> void WorkerScriptLoader::notifyError()

</span><span class="cx"> {

</span><span class="cx">     m_failed = true;

</span></span></pre></div>

<a id="trunkSourceWebCoreworkersWorkerScriptLoaderh"></a>

<div class="modfile"><h4>Modified: trunk/Source/WebCore/workers/WorkerScriptLoader.h (202479 => 202480)</h4>

<pre class="diff"><span>

<span class="info">--- trunk/Source/WebCore/workers/WorkerScriptLoader.h        2016-06-27 05:10:05 UTC (rev 202479)

+++ trunk/Source/WebCore/workers/WorkerScriptLoader.h        2016-06-27 08:28:30 UTC (rev 202480)

</span><span class="lines">@@ -69,7 +69,6 @@

</span><span class="cx">         void didReceiveData(const char* data, int dataLength) override;

</span><span class="cx">         void didFinishLoading(unsigned long identifier, double) override;

</span><span class="cx">         void didFail(const ResourceError&amp;) override;

</span><del>-        void didFailRedirectCheck() override;

</del><span class="cx"> 

</span><span class="cx">     private:

</span><span class="cx">         friend class WTF::RefCounted&lt;WorkerScriptLoader&gt;;

</span></span></pre></div>

<a id="trunkSourceWebCorexmlXMLHttpRequestcpp"></a>

<div class="modfile"><h4>Modified: trunk/Source/WebCore/xml/XMLHttpRequest.cpp (202479 => 202480)</h4>

<pre class="diff"><span>

<span class="info">--- trunk/Source/WebCore/xml/XMLHttpRequest.cpp        2016-06-27 05:10:05 UTC (rev 202479)

+++ trunk/Source/WebCore/xml/XMLHttpRequest.cpp        2016-06-27 08:28:30 UTC (rev 202480)

</span><span class="lines">@@ -1038,11 +1038,6 @@

</span><span class="cx">     networkError();

</span><span class="cx"> }

</span><span class="cx"> 

</span><del>-void XMLHttpRequest::didFailRedirectCheck()

-{

-    networkError();

-}

-

</del><span class="cx"> void XMLHttpRequest::didFinishLoading(unsigned long identifier, double)

</span><span class="cx"> {

</span><span class="cx">     if (m_error)

</span></span></pre></div>

<a id="trunkSourceWebCorexmlXMLHttpRequesth"></a>

<div class="modfile"><h4>Modified: trunk/Source/WebCore/xml/XMLHttpRequest.h (202479 => 202480)</h4>

<pre class="diff"><span>

<span class="info">--- trunk/Source/WebCore/xml/XMLHttpRequest.h        2016-06-27 05:10:05 UTC (rev 202479)

+++ trunk/Source/WebCore/xml/XMLHttpRequest.h        2016-06-27 08:28:30 UTC (rev 202480)

</span><span class="lines">@@ -151,7 +151,6 @@

</span><span class="cx">     void didReceiveData(const char* data, int dataLength) override;

</span><span class="cx">     void didFinishLoading(unsigned long identifier, double finishTime) override;

</span><span class="cx">     void didFail(const ResourceError&amp;) override;

</span><del>-    void didFailRedirectCheck() override;

</del><span class="cx"> 

</span><span class="cx">     bool responseIsXML() const;

</span><span class="cx"> 

</span></span></pre>

</div>

</div>

</body>

</html>