Modified: branches/safari-605-branch/Source/WebCore/ChangeLog (228956 => 228957)
--- branches/safari-605-branch/Source/WebCore/ChangeLog 2018-02-23 20:30:01 UTC (rev 228956)
+++ branches/safari-605-branch/Source/WebCore/ChangeLog 2018-02-23 20:30:04 UTC (rev 228957)
@@ -1,5 +1,25 @@
2018-02-23 Jason Marcell <jmarc...@apple.com>
+ Cherry-pick r228931. rdar://problem/37816658
+
+ 2018-02-22 Chris Dumez <cdu...@apple.com>
+
+ ServiceWorkerContainer::startScriptFetchForJob() fails to isolate copy the registrationKey before passing it to the main thread
+ https://bugs.webkit.org/show_bug.cgi?id=183050
+ <rdar://problem/37796881>
+
+ Reviewed by Youenn Fablet.
+
+ Create an isolated copy of the registrationKey before passing it to the main thread in ServiceWorkerContainer's
+ startScriptFetchForJob() / jobFinishedLoadingScript() / jobFailedLoadingScript().
+
+ * workers/service/ServiceWorkerContainer.cpp:
+ (WebCore::ServiceWorkerContainer::startScriptFetchForJob):
+ (WebCore::ServiceWorkerContainer::jobFinishedLoadingScript):
+ (WebCore::ServiceWorkerContainer::jobFailedLoadingScript):
+
+2018-02-23 Jason Marcell <jmarc...@apple.com>
+
Cherry-pick r228928. rdar://problem/37816673
2018-02-22 Chris Dumez <cdu...@apple.com>
Modified: branches/safari-605-branch/Source/WebCore/workers/service/ServiceWorkerContainer.cpp (228956 => 228957)
--- branches/safari-605-branch/Source/WebCore/workers/service/ServiceWorkerContainer.cpp 2018-02-23 20:30:01 UTC (rev 228956)
+++ branches/safari-605-branch/Source/WebCore/workers/service/ServiceWorkerContainer.cpp 2018-02-23 20:30:04 UTC (rev 228957)
@@ -487,7 +487,7 @@
auto* context = scriptExecutionContext();
if (!context) {
LOG_ERROR("ServiceWorkerContainer::jobResolvedWithRegistration called but the container's ScriptExecutionContext is gone");
- callOnMainThread([connection = m_swConnection, jobIdentifier = job.identifier(), registrationKey = job.data().registrationKey(), scriptURL = job.data().scriptURL.isolatedCopy()] {
+ callOnMainThread([connection = m_swConnection, jobIdentifier = job.identifier(), registrationKey = job.data().registrationKey().isolatedCopy(), scriptURL = job.data().scriptURL.isolatedCopy()] {
connection->failedFetchingScript(jobIdentifier, registrationKey, { errorDomainWebKitInternal, 0, scriptURL, ASCIILiteral("Attempt to fetch service worker script with no ScriptExecutionContext") });
});
jobDidFinish(job);
@@ -505,7 +505,7 @@
CONTAINER_RELEASE_LOG_IF_ALLOWED("jobFinishedLoadingScript: Successfuly finished fetching script for job %llu", job.identifier().toUInt64());
- callOnMainThread([connection = m_swConnection, jobDataIdentifier = job.data().identifier(), registrationKey = job.data().registrationKey(), script = script.isolatedCopy(), contentSecurityPolicy = contentSecurityPolicy.isolatedCopy()] {
+ callOnMainThread([connection = m_swConnection, jobDataIdentifier = job.data().identifier(), registrationKey = job.data().registrationKey().isolatedCopy(), script = script.isolatedCopy(), contentSecurityPolicy = contentSecurityPolicy.isolatedCopy()] {
connection->finishFetchingScriptInServer({ jobDataIdentifier, registrationKey, script, contentSecurityPolicy, { } });
});
}
@@ -522,7 +522,7 @@
if (exception && job.promise())
job.promise()->reject(*exception);
- callOnMainThread([connection = m_swConnection, jobIdentifier = job.identifier(), registrationKey = job.data().registrationKey(), error = error.isolatedCopy()] {
+ callOnMainThread([connection = m_swConnection, jobIdentifier = job.identifier(), registrationKey = job.data().registrationKey().isolatedCopy(), error = error.isolatedCopy()] {
connection->failedFetchingScript(jobIdentifier, registrationKey, error);
});
}
