<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN"
"http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head><meta http-equiv="content-type" content="text/html; charset=utf-8" />
<title>[202480] trunk</title>
</head>
<body>
<style type="text/css"><!--
#msg dl.meta { border: 1px #006 solid; background: #369; padding: 6px; color: #fff; }
#msg dl.meta dt { float: left; width: 6em; font-weight: bold; }
#msg dt:after { content:':';}
#msg dl, #msg dt, #msg ul, #msg li, #header, #footer, #logmsg { font-family: verdana,arial,helvetica,sans-serif; font-size: 10pt; }
#msg dl a { font-weight: bold}
#msg dl a:link { color:#fc3; }
#msg dl a:active { color:#ff0; }
#msg dl a:visited { color:#cc6; }
h3 { font-family: verdana,arial,helvetica,sans-serif; font-size: 10pt; font-weight: bold; }
#msg pre { overflow: auto; background: #ffc; border: 1px #fa0 solid; padding: 6px; }
#logmsg { background: #ffc; border: 1px #fa0 solid; padding: 1em 1em 0 1em; }
#logmsg p, #logmsg pre, #logmsg blockquote { margin: 0 0 1em 0; }
#logmsg p, #logmsg li, #logmsg dt, #logmsg dd { line-height: 14pt; }
#logmsg h1, #logmsg h2, #logmsg h3, #logmsg h4, #logmsg h5, #logmsg h6 { margin: .5em 0; }
#logmsg h1:first-child, #logmsg h2:first-child, #logmsg h3:first-child, #logmsg h4:first-child, #logmsg h5:first-child, #logmsg h6:first-child { margin-top: 0; }
#logmsg ul, #logmsg ol { padding: 0; list-style-position: inside; margin: 0 0 0 1em; }
#logmsg ul { text-indent: -1em; padding-left: 1em; }#logmsg ol { text-indent: -1.5em; padding-left: 1.5em; }
#logmsg > ul, #logmsg > ol { margin: 0 0 1em 0; }
#logmsg pre { background: #eee; padding: 1em; }
#logmsg blockquote { border: 1px solid #fa0; border-left-width: 10px; padding: 1em 1em 0 1em; background: white;}
#logmsg dl { margin: 0; }
#logmsg dt { font-weight: bold; }
#logmsg dd { margin: 0; padding: 0 0 0.5em 0; }
#logmsg dd:before { content:'\00bb';}
#logmsg table { border-spacing: 0px; border-collapse: collapse; border-top: 4px solid #fa0; border-bottom: 1px solid #fa0; background: #fff; }
#logmsg table th { text-align: left; font-weight: normal; padding: 0.2em 0.5em; border-top: 1px dotted #fa0; }
#logmsg table td { text-align: right; border-top: 1px dotted #fa0; padding: 0.2em 0.5em; }
#logmsg table thead th { text-align: center; border-bottom: 1px solid #fa0; }
#logmsg table th.Corner { text-align: left; }
#logmsg hr { border: none 0; border-top: 2px dashed #fa0; height: 1px; }
#header, #footer { color: #fff; background: #636; border: 1px #300 solid; padding: 6px; }
#patch { width: 100%; }
#patch h4 {font-family: verdana,arial,helvetica,sans-serif;font-size:10pt;padding:8px;background:#369;color:#fff;margin:0;}
#patch .propset h4, #patch .binary h4 {margin:0;}
#patch pre {padding:0;line-height:1.2em;margin:0;}
#patch .diff {width:100%;background:#eee;padding: 0 0 10px 0;overflow:auto;}
#patch .propset .diff, #patch .binary .diff {padding:10px 0;}
#patch span {display:block;padding:0 10px;}
#patch .modfile, #patch .addfile, #patch .delfile, #patch .propset, #patch .binary, #patch .copfile {border:1px solid #ccc;margin:10px 0;}
#patch ins {background:#dfd;text-decoration:none;display:block;padding:0 10px;}
#patch del {background:#fdd;text-decoration:none;display:block;padding:0 10px;}
#patch .lines, .info {color:#888;background:#fff;}
--></style>
<div id="msg">
<dl class="meta">
<dt>Revision</dt> <dd><a href="http://trac.webkit.org/projects/webkit/changeset/202480">202480</a></dd>
<dt>Author</dt> <dd>commit-queue@webkit.org</dd>
<dt>Date</dt> <dd>2016-06-27 01:28:30 -0700 (Mon, 27 Jun 2016)</dd>
</dl>
<h3>Log Message</h3>
<pre>Remove didFailRedirectCheck ThreadableLoaderClient callback
https://bugs.webkit.org/show_bug.cgi?id=159085
Patch by Youenn Fablet <youenn@apple.com> on 2016-06-27
Reviewed by Daniel Bates.
Source/WebCore:
Removing didFailRedirectCheck and using didFailAccessControlCheck instead.
The change in behavior is that additional error messages are outputted in the console.
These messages give additional debugging information.
Covered by rebased tests.
* Modules/fetch/FetchLoader.cpp: Removing didFailRedirectCheck.
* Modules/fetch/FetchLoader.h: Ditto.
* inspector/InspectorNetworkAgent.cpp: Ditto.
* loader/DocumentThreadableLoader.cpp:
(WebCore::DocumentThreadableLoader::redirectReceived): Calling didFailAccessControlCheck with information on failing
URL.
(WebCore::DocumentThreadableLoader::loadRequest): Ditto.
* loader/ThreadableLoaderClient.h: Removing didFailRedirectCheck.
* loader/ThreadableLoaderClientWrapper.h: Ditto.
* loader/WorkerThreadableLoader.cpp: Ditto.
* loader/WorkerThreadableLoader.h: Ditto.
* page/EventSource.cpp: Ditto.
* page/EventSource.h: Ditto.
* workers/WorkerScriptLoader.cpp: Ditto.
* workers/WorkerScriptLoader.h: Ditto.
* xml/XMLHttpRequest.cpp: Ditto.
* xml/XMLHttpRequest.h: Ditto.
LayoutTests:
* http/tests/security/contentSecurityPolicy/connect-src-eventsource-redirect-to-blocked-expected.txt:
* http/tests/security/contentSecurityPolicy/connect-src-xmlhttprequest-redirect-to-blocked-expected.txt:
* http/tests/security/contentSecurityPolicy/worker-csp-blocks-xhr-redirect-cross-origin-expected.txt:
* http/tests/xmlhttprequest/access-control-and-redirects-async-expected.txt:
* http/tests/xmlhttprequest/access-control-and-redirects-expected.txt:</pre>
<h3>Modified Paths</h3>
<ul>
<li><a href="#trunkLayoutTestsChangeLog">trunk/LayoutTests/ChangeLog</a></li>
<li><a href="#trunkLayoutTestshttptestssecuritycontentSecurityPolicyconnectsrceventsourceredirecttoblockedexpectedtxt">trunk/LayoutTests/http/tests/security/contentSecurityPolicy/connect-src-eventsource-redirect-to-blocked-expected.txt</a></li>
<li><a href="#trunkLayoutTestshttptestssecuritycontentSecurityPolicyconnectsrcxmlhttprequestredirecttoblockedexpectedtxt">trunk/LayoutTests/http/tests/security/contentSecurityPolicy/connect-src-xmlhttprequest-redirect-to-blocked-expected.txt</a></li>
<li><a href="#trunkLayoutTestshttptestssecuritycontentSecurityPolicyworkercspblocksxhrredirectcrossoriginexpectedtxt">trunk/LayoutTests/http/tests/security/contentSecurityPolicy/worker-csp-blocks-xhr-redirect-cross-origin-expected.txt</a></li>
<li><a href="#trunkLayoutTestshttptestsxmlhttprequestaccesscontrolandredirectsasyncexpectedtxt">trunk/LayoutTests/http/tests/xmlhttprequest/access-control-and-redirects-async-expected.txt</a></li>
<li><a href="#trunkLayoutTestshttptestsxmlhttprequestaccesscontrolandredirectsexpectedtxt">trunk/LayoutTests/http/tests/xmlhttprequest/access-control-and-redirects-expected.txt</a></li>
<li><a href="#trunkSourceWebCoreChangeLog">trunk/Source/WebCore/ChangeLog</a></li>
<li><a href="#trunkSourceWebCoreModulesfetchFetchLoadercpp">trunk/Source/WebCore/Modules/fetch/FetchLoader.cpp</a></li>
<li><a href="#trunkSourceWebCoreModulesfetchFetchLoaderh">trunk/Source/WebCore/Modules/fetch/FetchLoader.h</a></li>
<li><a href="#trunkSourceWebCoreinspectorInspectorNetworkAgentcpp">trunk/Source/WebCore/inspector/InspectorNetworkAgent.cpp</a></li>
<li><a href="#trunkSourceWebCoreloaderDocumentThreadableLoadercpp">trunk/Source/WebCore/loader/DocumentThreadableLoader.cpp</a></li>
<li><a href="#trunkSourceWebCoreloaderThreadableLoaderClienth">trunk/Source/WebCore/loader/ThreadableLoaderClient.h</a></li>
<li><a href="#trunkSourceWebCoreloaderThreadableLoaderClientWrapperh">trunk/Source/WebCore/loader/ThreadableLoaderClientWrapper.h</a></li>
<li><a href="#trunkSourceWebCoreloaderWorkerThreadableLoadercpp">trunk/Source/WebCore/loader/WorkerThreadableLoader.cpp</a></li>
<li><a href="#trunkSourceWebCoreloaderWorkerThreadableLoaderh">trunk/Source/WebCore/loader/WorkerThreadableLoader.h</a></li>
<li><a href="#trunkSourceWebCorepageEventSourcecpp">trunk/Source/WebCore/page/EventSource.cpp</a></li>
<li><a href="#trunkSourceWebCorepageEventSourceh">trunk/Source/WebCore/page/EventSource.h</a></li>
<li><a href="#trunkSourceWebCoreworkersWorkerScriptLoadercpp">trunk/Source/WebCore/workers/WorkerScriptLoader.cpp</a></li>
<li><a href="#trunkSourceWebCoreworkersWorkerScriptLoaderh">trunk/Source/WebCore/workers/WorkerScriptLoader.h</a></li>
<li><a href="#trunkSourceWebCorexmlXMLHttpRequestcpp">trunk/Source/WebCore/xml/XMLHttpRequest.cpp</a></li>
<li><a href="#trunkSourceWebCorexmlXMLHttpRequesth">trunk/Source/WebCore/xml/XMLHttpRequest.h</a></li>
</ul>
</div>
<div id="patch">
<h3>Diff</h3>
<a id="trunkLayoutTestsChangeLog"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/ChangeLog (202479 => 202480)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/ChangeLog        2016-06-27 05:10:05 UTC (rev 202479)
+++ trunk/LayoutTests/ChangeLog        2016-06-27 08:28:30 UTC (rev 202480)
</span><span class="lines">@@ -1,3 +1,16 @@
</span><ins>+2016-06-27 Youenn Fablet <youenn@apple.com>
+
+ Remove didFailRedirectCheck ThreadableLoaderClient callback
+ https://bugs.webkit.org/show_bug.cgi?id=159085
+
+ Reviewed by Daniel Bates.
+
+ * http/tests/security/contentSecurityPolicy/connect-src-eventsource-redirect-to-blocked-expected.txt:
+ * http/tests/security/contentSecurityPolicy/connect-src-xmlhttprequest-redirect-to-blocked-expected.txt:
+ * http/tests/security/contentSecurityPolicy/worker-csp-blocks-xhr-redirect-cross-origin-expected.txt:
+ * http/tests/xmlhttprequest/access-control-and-redirects-async-expected.txt:
+ * http/tests/xmlhttprequest/access-control-and-redirects-expected.txt:
+
</ins><span class="cx"> 2016-06-26 Chris Dumez <cdumez@apple.com>
</span><span class="cx">
</span><span class="cx"> Regression: HTMLOptionsCollection's named properties have precedence over indexed properties
</span></span></pre></div>
<a id="trunkLayoutTestshttptestssecuritycontentSecurityPolicyconnectsrceventsourceredirecttoblockedexpectedtxt"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/http/tests/security/contentSecurityPolicy/connect-src-eventsource-redirect-to-blocked-expected.txt (202479 => 202480)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/http/tests/security/contentSecurityPolicy/connect-src-eventsource-redirect-to-blocked-expected.txt        2016-06-27 05:10:05 UTC (rev 202479)
+++ trunk/LayoutTests/http/tests/security/contentSecurityPolicy/connect-src-eventsource-redirect-to-blocked-expected.txt        2016-06-27 08:28:30 UTC (rev 202480)
</span><span class="lines">@@ -1,4 +1,5 @@
</span><span class="cx"> CONSOLE MESSAGE: Refused to connect to http://localhost:8000/eventsource/resources/simple-event-stream.asis because it does not appear in the connect-src directive of the Content Security Policy.
</span><ins>+CONSOLE MESSAGE: EventSource cannot load http://127.0.0.1:8000/security/contentSecurityPolicy/resources/redir.php?url=http://localhost:8000/eventsource/resources/simple-event-stream.asis. Cross-origin redirection denied by Content Security Policy.
</ins><span class="cx"> PASS EventSource() did not follow the disallowed redirect.
</span><span class="cx"> PASS successfullyParsed is true
</span><span class="cx">
</span></span></pre></div>
<a id="trunkLayoutTestshttptestssecuritycontentSecurityPolicyconnectsrcxmlhttprequestredirecttoblockedexpectedtxt"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/http/tests/security/contentSecurityPolicy/connect-src-xmlhttprequest-redirect-to-blocked-expected.txt (202479 => 202480)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/http/tests/security/contentSecurityPolicy/connect-src-xmlhttprequest-redirect-to-blocked-expected.txt        2016-06-27 05:10:05 UTC (rev 202479)
+++ trunk/LayoutTests/http/tests/security/contentSecurityPolicy/connect-src-xmlhttprequest-redirect-to-blocked-expected.txt        2016-06-27 08:28:30 UTC (rev 202480)
</span><span class="lines">@@ -1,4 +1,5 @@
</span><span class="cx"> CONSOLE MESSAGE: Refused to connect to http://localhost:8000/security/contentSecurityPolicy/resources/xhr-redirect-not-allowed.pl because it does not appear in the connect-src directive of the Content Security Policy.
</span><ins>+CONSOLE MESSAGE: XMLHttpRequest cannot load http://127.0.0.1:8000/security/contentSecurityPolicy/resources/redir.php?url=http://localhost:8000/security/contentSecurityPolicy/resources/xhr-redirect-not-allowed.pl. Cross-origin redirection denied by Content Security Policy.
</ins><span class="cx"> PASS XMLHttpRequest.send() did not follow the disallowed redirect.
</span><span class="cx"> PASS successfullyParsed is true
</span><span class="cx">
</span></span></pre></div>
<a id="trunkLayoutTestshttptestssecuritycontentSecurityPolicyworkercspblocksxhrredirectcrossoriginexpectedtxt"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/http/tests/security/contentSecurityPolicy/worker-csp-blocks-xhr-redirect-cross-origin-expected.txt (202479 => 202480)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/http/tests/security/contentSecurityPolicy/worker-csp-blocks-xhr-redirect-cross-origin-expected.txt        2016-06-27 05:10:05 UTC (rev 202479)
+++ trunk/LayoutTests/http/tests/security/contentSecurityPolicy/worker-csp-blocks-xhr-redirect-cross-origin-expected.txt        2016-06-27 08:28:30 UTC (rev 202480)
</span><span class="lines">@@ -1,3 +1,4 @@
</span><ins>+CONSOLE MESSAGE: XMLHttpRequest cannot load http://127.0.0.1:8000/security/contentSecurityPolicy/resources/redir.php?url=http://localhost:8000/xmlhttprequest/resources/access-control-basic-allow.cgi. Cross-origin redirection denied by Content Security Policy.
</ins><span class="cx"> This tests an XHR request made from a worker is blocked if it redirects to a cross-origin resource that is not listed as a connect-src in the CSP of the worker.
</span><span class="cx">
</span><span class="cx"> PASS threw exception Error: NetworkError: DOM Exception 19.
</span></span></pre></div>
<a id="trunkLayoutTestshttptestsxmlhttprequestaccesscontrolandredirectsasyncexpectedtxt"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/http/tests/xmlhttprequest/access-control-and-redirects-async-expected.txt (202479 => 202480)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/http/tests/xmlhttprequest/access-control-and-redirects-async-expected.txt        2016-06-27 05:10:05 UTC (rev 202479)
+++ trunk/LayoutTests/http/tests/xmlhttprequest/access-control-and-redirects-async-expected.txt        2016-06-27 08:28:30 UTC (rev 202480)
</span><span class="lines">@@ -1,4 +1,9 @@
</span><ins>+CONSOLE MESSAGE: XMLHttpRequest cannot load http://localhost:8000/xmlhttprequest/resources/redirect-cors.php?url=http://localhost:8000/xmlhttprequest/resources/access-control-basic-allow-star.cgi. Cross-origin redirection denied by Cross-Origin Resource Sharing policy.
+CONSOLE MESSAGE: XMLHttpRequest cannot load http://localhost:8000/xmlhttprequest/resources/redirect-cors.php?url=http://localhost:8000/xmlhttprequest/resources/access-control-basic-allow-star.cgi&%20%20access-control-allow-origin=http://localhost:8000. Cross-origin redirection denied by Cross-Origin Resource Sharing policy.
+CONSOLE MESSAGE: XMLHttpRequest cannot load http://localhost:8000/xmlhttprequest/resources/redirect-cors.php?url=http://username:password@localhost:8000/xmlhttprequest/resources/access-control-basic-allow-star.cgi&%20%20access-control-allow-origin=http://localhost:8000. Cross-origin redirection denied by Cross-Origin Resource Sharing policy.
+CONSOLE MESSAGE: XMLHttpRequest cannot load http://localhost:8000/xmlhttprequest/resources/redirect-cors.php?url=foo://bar.cgi&%20%20access-control-allow-origin=http://localhost:8000. Cross-origin redirection denied by Cross-Origin Resource Sharing policy.
</ins><span class="cx"> CONSOLE MESSAGE: XMLHttpRequest cannot load http://localhost:8000/xmlhttprequest/resources/redirect-cors.php?redirect-preflight=true&%20%20url=http://localhost:8000/xmlhttprequest/resources/access-control-basic-allow-star.cgi&%20%20access-control-allow-origin=*. Preflight response is not successful
</span><ins>+CONSOLE MESSAGE: XMLHttpRequest cannot load http://localhost:8000/xmlhttprequest/resources/redirect-cors.php?redirect-preflight=false&%20%20url=http://localhost:8000/xmlhttprequest/resources/access-control-basic-allow-star.cgi&%20%20access-control-allow-origin=*&%20%20access-control-allow-headers=x-webkit. Cross-origin redirection denied by Cross-Origin Resource Sharing policy.
</ins><span class="cx"> Tests that asynchronous XMLHttpRequests handle redirects according to the CORS standard.
</span><span class="cx">
</span><span class="cx"> Testing http://localhost:8000/xmlhttprequest/resources/redirect-cors.php?url=http://localhost:8000/xmlhttprequest/resources/access-control-basic-allow-star.cgi without credentials
</span></span></pre></div>
<a id="trunkLayoutTestshttptestsxmlhttprequestaccesscontrolandredirectsexpectedtxt"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/http/tests/xmlhttprequest/access-control-and-redirects-expected.txt (202479 => 202480)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/http/tests/xmlhttprequest/access-control-and-redirects-expected.txt        2016-06-27 05:10:05 UTC (rev 202479)
+++ trunk/LayoutTests/http/tests/xmlhttprequest/access-control-and-redirects-expected.txt        2016-06-27 08:28:30 UTC (rev 202480)
</span><span class="lines">@@ -1,3 +1,6 @@
</span><ins>+CONSOLE MESSAGE: XMLHttpRequest cannot load http://localhost:8000/resources/redirect.php?url=http://127.0.0.1:8000/xmlhttprequest/resources/access-control-basic-allow.cgi. Cross-origin redirection denied by Cross-Origin Resource Sharing policy.
+CONSOLE MESSAGE: line 25: XMLHttpRequest cannot load http://localhost:8000/resources/redirect.php?url=http://localhost:8000/xmlhttprequest/resources/access-control-basic-allow.cgi. Cross-origin redirection denied by Cross-Origin Resource Sharing policy.
+CONSOLE MESSAGE: XMLHttpRequest cannot load http://localhost:8000/resources/redirect.php?url=http://localhost:8000/xmlhttprequest/resources/access-control-basic-allow.cgi. Cross-origin redirection denied by Cross-Origin Resource Sharing policy.
</ins><span class="cx"> Tests that redirects between origins are never allowed, even when access control is involved.
</span><span class="cx">
</span><span class="cx"> Per the spec, these test cases should be allowed, but cross-origin redirects are currently unsupported in WebCore.
</span></span></pre></div>
<a id="trunkSourceWebCoreChangeLog"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/ChangeLog (202479 => 202480)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/ChangeLog        2016-06-27 05:10:05 UTC (rev 202479)
+++ trunk/Source/WebCore/ChangeLog        2016-06-27 08:28:30 UTC (rev 202480)
</span><span class="lines">@@ -1,3 +1,34 @@
</span><ins>+2016-06-27 Youenn Fablet <youenn@apple.com>
+
+ Remove didFailRedirectCheck ThreadableLoaderClient callback
+ https://bugs.webkit.org/show_bug.cgi?id=159085
+
+ Reviewed by Daniel Bates.
+
+ Removing didFailRedirectCheck and using didFailAccessControlCheck instead.
+ The change in behavior is that additional error messages are outputted in the console.
+ These messages give additional debugging information.
+
+ Covered by rebased tests.
+
+ * Modules/fetch/FetchLoader.cpp: Removing didFailRedirectCheck.
+ * Modules/fetch/FetchLoader.h: Ditto.
+ * inspector/InspectorNetworkAgent.cpp: Ditto.
+ * loader/DocumentThreadableLoader.cpp:
+ (WebCore::DocumentThreadableLoader::redirectReceived): Calling didFailAccessControlCheck with information on failing
+ URL.
+ (WebCore::DocumentThreadableLoader::loadRequest): Ditto.
+ * loader/ThreadableLoaderClient.h: Removing didFailRedirectCheck.
+ * loader/ThreadableLoaderClientWrapper.h: Ditto.
+ * loader/WorkerThreadableLoader.cpp: Ditto.
+ * loader/WorkerThreadableLoader.h: Ditto.
+ * page/EventSource.cpp: Ditto.
+ * page/EventSource.h: Ditto.
+ * workers/WorkerScriptLoader.cpp: Ditto.
+ * workers/WorkerScriptLoader.h: Ditto.
+ * xml/XMLHttpRequest.cpp: Ditto.
+ * xml/XMLHttpRequest.h: Ditto.
+
</ins><span class="cx"> 2016-06-26 Gyuyoung Kim <gyuyoung.kim@webkit.org>
</span><span class="cx">
</span><span class="cx"> [EFL] Fix build warning when using geoclue2
</span></span></pre></div>
<a id="trunkSourceWebCoreModulesfetchFetchLoadercpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/Modules/fetch/FetchLoader.cpp (202479 => 202480)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/Modules/fetch/FetchLoader.cpp        2016-06-27 05:10:05 UTC (rev 202479)
+++ trunk/Source/WebCore/Modules/fetch/FetchLoader.cpp        2016-06-27 08:28:30 UTC (rev 202480)
</span><span class="lines">@@ -144,11 +144,6 @@
</span><span class="cx"> m_client.didFail();
</span><span class="cx"> }
</span><span class="cx">
</span><del>-void FetchLoader::didFailRedirectCheck()
-{
- m_client.didFail();
-}
-
</del><span class="cx"> } // namespace WebCore
</span><span class="cx">
</span><span class="cx"> #endif // ENABLE(FETCH_API)
</span></span></pre></div>
<a id="trunkSourceWebCoreModulesfetchFetchLoaderh"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/Modules/fetch/FetchLoader.h (202479 => 202480)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/Modules/fetch/FetchLoader.h        2016-06-27 05:10:05 UTC (rev 202479)
+++ trunk/Source/WebCore/Modules/fetch/FetchLoader.h        2016-06-27 08:28:30 UTC (rev 202480)
</span><span class="lines">@@ -62,7 +62,6 @@
</span><span class="cx"> void didReceiveData(const char*, int) final;
</span><span class="cx"> void didFinishLoading(unsigned long, double) final;
</span><span class="cx"> void didFail(const ResourceError&) final;
</span><del>- void didFailRedirectCheck() final;
</del><span class="cx">
</span><span class="cx"> Type type() const { return m_type; }
</span><span class="cx">
</span></span></pre></div>
<a id="trunkSourceWebCoreinspectorInspectorNetworkAgentcpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/inspector/InspectorNetworkAgent.cpp (202479 => 202480)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/inspector/InspectorNetworkAgent.cpp        2016-06-27 05:10:05 UTC (rev 202479)
+++ trunk/Source/WebCore/inspector/InspectorNetworkAgent.cpp        2016-06-27 08:28:30 UTC (rev 202480)
</span><span class="lines">@@ -128,9 +128,9 @@
</span><span class="cx"> dispose();
</span><span class="cx"> }
</span><span class="cx">
</span><del>- void didFailRedirectCheck() override
</del><ins>+ void didFailAccessControlCheck(const ResourceError&) final
</ins><span class="cx"> {
</span><del>- m_callback->sendFailure(ASCIILiteral("Loading resource for inspector failed redirect check"));
</del><ins>+ m_callback->sendFailure(ASCIILiteral("Loading resource for inspector failed access control check"));
</ins><span class="cx"> dispose();
</span><span class="cx"> }
</span><span class="cx">
</span></span></pre></div>
<a id="trunkSourceWebCoreloaderDocumentThreadableLoadercpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/loader/DocumentThreadableLoader.cpp (202479 => 202480)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/loader/DocumentThreadableLoader.cpp        2016-06-27 05:10:05 UTC (rev 202479)
+++ trunk/Source/WebCore/loader/DocumentThreadableLoader.cpp        2016-06-27 08:28:30 UTC (rev 202480)
</span><span class="lines">@@ -192,6 +192,16 @@
</span><span class="cx"> m_preflightChecker = Nullopt;
</span><span class="cx"> }
</span><span class="cx">
</span><ins>+static inline void reportContentSecurityPolicyError(ThreadableLoaderClient& client, const URL& url)
+{
+ client.didFailAccessControlCheck(ResourceError(errorDomainWebKitInternal, 0, url, "Cross-origin redirection denied by Content Security Policy."));
+}
+
+static inline void reportCrossOriginResourceSharingError(ThreadableLoaderClient& client, const URL& url)
+{
+ client.didFailAccessControlCheck(ResourceError(errorDomainWebKitInternal, 0, url, "Cross-origin redirection denied by Cross-Origin Resource Sharing policy."));
+}
+
</ins><span class="cx"> void DocumentThreadableLoader::redirectReceived(CachedResource* resource, ResourceRequest& request, const ResourceResponse& redirectResponse)
</span><span class="cx"> {
</span><span class="cx"> ASSERT(m_client);
</span><span class="lines">@@ -199,7 +209,7 @@
</span><span class="cx">
</span><span class="cx"> Ref<DocumentThreadableLoader> protectedThis(*this);
</span><span class="cx"> if (!isAllowedByContentSecurityPolicy(request.url(), !redirectResponse.isNull())) {
</span><del>- m_client->didFailRedirectCheck();
</del><ins>+ reportContentSecurityPolicyError(*m_client, redirectResponse.url());
</ins><span class="cx"> request = ResourceRequest();
</span><span class="cx"> return;
</span><span class="cx"> }
</span><span class="lines">@@ -245,7 +255,7 @@
</span><span class="cx"> }
</span><span class="cx"> }
</span><span class="cx">
</span><del>- m_client->didFailRedirectCheck();
</del><ins>+ reportCrossOriginResourceSharingError(*m_client, redirectResponse.url());
</ins><span class="cx"> request = ResourceRequest();
</span><span class="cx"> }
</span><span class="cx">
</span><span class="lines">@@ -381,9 +391,15 @@
</span><span class="cx"> // request and response URLs. This isn't a perfect test though, since a server can serve a redirect to the same URL that was
</span><span class="cx"> // requested. Also comparing the request and response URLs as strings will fail if the requestURL still has its credentials.
</span><span class="cx"> bool didRedirect = requestURL != response.url();
</span><del>- if (didRedirect && (!isAllowedByContentSecurityPolicy(response.url(), didRedirect) || !isAllowedRedirect(response.url()))) {
- m_client->didFailRedirectCheck();
- return;
</del><ins>+ if (didRedirect) {
+ if (!isAllowedByContentSecurityPolicy(response.url(), didRedirect)) {
+ reportContentSecurityPolicyError(*m_client, requestURL);
+ return;
+ }
+ if (!isAllowedRedirect(response.url())) {
+ reportCrossOriginResourceSharingError(*m_client, requestURL);
+ return;
+ }
</ins><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> didReceiveResponse(identifier, response);
</span></span></pre></div>
<a id="trunkSourceWebCoreloaderThreadableLoaderClienth"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/loader/ThreadableLoaderClient.h (202479 => 202480)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/loader/ThreadableLoaderClient.h        2016-06-27 05:10:05 UTC (rev 202479)
+++ trunk/Source/WebCore/loader/ThreadableLoaderClient.h        2016-06-27 08:28:30 UTC (rev 202480)
</span><span class="lines">@@ -47,7 +47,6 @@
</span><span class="cx"> virtual void didFinishLoading(unsigned long /*identifier*/, double /*finishTime*/) { }
</span><span class="cx"> virtual void didFail(const ResourceError&) { }
</span><span class="cx"> virtual void didFailAccessControlCheck(const ResourceError& error) { didFail(error); }
</span><del>- virtual void didFailRedirectCheck() { }
</del><span class="cx">
</span><span class="cx"> protected:
</span><span class="cx"> ThreadableLoaderClient() { }
</span></span></pre></div>
<a id="trunkSourceWebCoreloaderThreadableLoaderClientWrapperh"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/loader/ThreadableLoaderClientWrapper.h (202479 => 202480)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/loader/ThreadableLoaderClientWrapper.h        2016-06-27 05:10:05 UTC (rev 202479)
+++ trunk/Source/WebCore/loader/ThreadableLoaderClientWrapper.h        2016-06-27 08:28:30 UTC (rev 202480)
</span><span class="lines">@@ -95,13 +95,6 @@
</span><span class="cx"> m_client->didFailAccessControlCheck(error);
</span><span class="cx"> }
</span><span class="cx">
</span><del>- void didFailRedirectCheck()
- {
- m_done = true;
- if (m_client)
- m_client->didFailRedirectCheck();
- }
-
</del><span class="cx"> void didReceiveAuthenticationCancellation(unsigned long identifier, const ResourceResponse& response)
</span><span class="cx"> {
</span><span class="cx"> if (m_client)
</span></span></pre></div>
<a id="trunkSourceWebCoreloaderWorkerThreadableLoadercpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/loader/WorkerThreadableLoader.cpp (202479 => 202480)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/loader/WorkerThreadableLoader.cpp        2016-06-27 05:10:05 UTC (rev 202479)
+++ trunk/Source/WebCore/loader/WorkerThreadableLoader.cpp        2016-06-27 08:28:30 UTC (rev 202480)
</span><span class="lines">@@ -206,14 +206,4 @@
</span><span class="cx"> }, m_taskMode);
</span><span class="cx"> }
</span><span class="cx">
</span><del>-void WorkerThreadableLoader::MainThreadBridge::didFailRedirectCheck()
-{
- m_loadingFinished = true;
- Ref<ThreadableLoaderClientWrapper> protectedWorkerClientWrapper = *m_workerClientWrapper;
- m_loaderProxy.postTaskForModeToWorkerGlobalScope([protectedWorkerClientWrapper = WTFMove(protectedWorkerClientWrapper)] (ScriptExecutionContext& context) mutable {
- ASSERT_UNUSED(context, context.isWorkerGlobalScope());
- protectedWorkerClientWrapper->didFailRedirectCheck();
- }, m_taskMode);
-}
-
</del><span class="cx"> } // namespace WebCore
</span></span></pre></div>
<a id="trunkSourceWebCoreloaderWorkerThreadableLoaderh"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/loader/WorkerThreadableLoader.h (202479 => 202480)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/loader/WorkerThreadableLoader.h        2016-06-27 05:10:05 UTC (rev 202479)
+++ trunk/Source/WebCore/loader/WorkerThreadableLoader.h        2016-06-27 08:28:30 UTC (rev 202480)
</span><span class="lines">@@ -105,7 +105,6 @@
</span><span class="cx"> void didFinishLoading(unsigned long identifier, double finishTime) override;
</span><span class="cx"> void didFail(const ResourceError&) override;
</span><span class="cx"> void didFailAccessControlCheck(const ResourceError&) override;
</span><del>- void didFailRedirectCheck() override;
</del><span class="cx">
</span><span class="cx"> // Only to be used on the main thread.
</span><span class="cx"> RefPtr<ThreadableLoader> m_mainThreadLoader;
</span></span></pre></div>
<a id="trunkSourceWebCorepageEventSourcecpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/page/EventSource.cpp (202479 => 202480)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/page/EventSource.cpp        2016-06-27 05:10:05 UTC (rev 202479)
+++ trunk/Source/WebCore/page/EventSource.cpp        2016-06-27 08:28:30 UTC (rev 202480)
</span><span class="lines">@@ -261,11 +261,6 @@
</span><span class="cx"> abortConnectionAttempt();
</span><span class="cx"> }
</span><span class="cx">
</span><del>-void EventSource::didFailRedirectCheck()
-{
- abortConnectionAttempt();
-}
-
</del><span class="cx"> void EventSource::abortConnectionAttempt()
</span><span class="cx"> {
</span><span class="cx"> ASSERT(m_state == CONNECTING);
</span></span></pre></div>
<a id="trunkSourceWebCorepageEventSourceh"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/page/EventSource.h (202479 => 202480)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/page/EventSource.h        2016-06-27 05:10:05 UTC (rev 202479)
+++ trunk/Source/WebCore/page/EventSource.h        2016-06-27 08:28:30 UTC (rev 202480)
</span><span class="lines">@@ -82,7 +82,6 @@
</span><span class="cx"> void didFinishLoading(unsigned long, double) final;
</span><span class="cx"> void didFail(const ResourceError&) final;
</span><span class="cx"> void didFailAccessControlCheck(const ResourceError&) final;
</span><del>- void didFailRedirectCheck() final;
</del><span class="cx">
</span><span class="cx"> void stop() final;
</span><span class="cx"> const char* activeDOMObjectName() const final;
</span></span></pre></div>
<a id="trunkSourceWebCoreworkersWorkerScriptLoadercpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/workers/WorkerScriptLoader.cpp (202479 => 202480)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/workers/WorkerScriptLoader.cpp        2016-06-27 05:10:05 UTC (rev 202479)
+++ trunk/Source/WebCore/workers/WorkerScriptLoader.cpp        2016-06-27 08:28:30 UTC (rev 202480)
</span><span class="lines">@@ -161,11 +161,6 @@
</span><span class="cx"> notifyError();
</span><span class="cx"> }
</span><span class="cx">
</span><del>-void WorkerScriptLoader::didFailRedirectCheck()
-{
- notifyError();
-}
-
</del><span class="cx"> void WorkerScriptLoader::notifyError()
</span><span class="cx"> {
</span><span class="cx"> m_failed = true;
</span></span></pre></div>
<a id="trunkSourceWebCoreworkersWorkerScriptLoaderh"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/workers/WorkerScriptLoader.h (202479 => 202480)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/workers/WorkerScriptLoader.h        2016-06-27 05:10:05 UTC (rev 202479)
+++ trunk/Source/WebCore/workers/WorkerScriptLoader.h        2016-06-27 08:28:30 UTC (rev 202480)
</span><span class="lines">@@ -69,7 +69,6 @@
</span><span class="cx"> void didReceiveData(const char* data, int dataLength) override;
</span><span class="cx"> void didFinishLoading(unsigned long identifier, double) override;
</span><span class="cx"> void didFail(const ResourceError&) override;
</span><del>- void didFailRedirectCheck() override;
</del><span class="cx">
</span><span class="cx"> private:
</span><span class="cx"> friend class WTF::RefCounted<WorkerScriptLoader>;
</span></span></pre></div>
<a id="trunkSourceWebCorexmlXMLHttpRequestcpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/xml/XMLHttpRequest.cpp (202479 => 202480)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/xml/XMLHttpRequest.cpp        2016-06-27 05:10:05 UTC (rev 202479)
+++ trunk/Source/WebCore/xml/XMLHttpRequest.cpp        2016-06-27 08:28:30 UTC (rev 202480)
</span><span class="lines">@@ -1038,11 +1038,6 @@
</span><span class="cx"> networkError();
</span><span class="cx"> }
</span><span class="cx">
</span><del>-void XMLHttpRequest::didFailRedirectCheck()
-{
- networkError();
-}
-
</del><span class="cx"> void XMLHttpRequest::didFinishLoading(unsigned long identifier, double)
</span><span class="cx"> {
</span><span class="cx"> if (m_error)
</span></span></pre></div>
<a id="trunkSourceWebCorexmlXMLHttpRequesth"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/xml/XMLHttpRequest.h (202479 => 202480)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/xml/XMLHttpRequest.h        2016-06-27 05:10:05 UTC (rev 202479)
+++ trunk/Source/WebCore/xml/XMLHttpRequest.h        2016-06-27 08:28:30 UTC (rev 202480)
</span><span class="lines">@@ -151,7 +151,6 @@
</span><span class="cx"> void didReceiveData(const char* data, int dataLength) override;
</span><span class="cx"> void didFinishLoading(unsigned long identifier, double finishTime) override;
</span><span class="cx"> void didFail(const ResourceError&) override;
</span><del>- void didFailRedirectCheck() override;
</del><span class="cx">
</span><span class="cx"> bool responseIsXML() const;
</span><span class="cx">
</span></span></pre>
</div>
</div>
</body>
</html>