[webkit-changes] [86693] trunk

Tue, 17 May 2011 12:00:46 -0700

Title: [86693] trunk
Revision
86693
Author
[email protected]
Date
2011-05-17 12:00:37 -0700 (Tue, 17 May 2011)

Log Message

[Qt] Redirection of HTTP POST (3xx) incorrectly includes original POST data
https://bugs.webkit.org/show_bug.cgi?id=60440

Reviewed by Kenneth Rohde Christiansen.

Source/WebCore:

Makes sure that the HTTP headers Content-type and Content-length are not included in
the requests that do not have any content.

Tests: http/tests/navigation/post-301-response.html
       http/tests/navigation/post-302-response.html
       http/tests/navigation/post-303-response.html
       http/tests/navigation/post-307-response.html

* platform/network/qt/QNetworkReplyHandler.cpp:
(WebCore::QNetworkReplyHandler::sendNetworkRequest):

LayoutTests:

These new tests check that no POST content is sent to the new URL after receiving http
status codes 301, 302 and 303, and checks that the POST content is sent to the new URL
after receiving a 307 http status code.

* http/tests/navigation/post-301-response-expected.txt: Added.
* http/tests/navigation/post-301-response.html: Added.
* http/tests/navigation/post-302-response-expected.txt: Added.
* http/tests/navigation/post-302-response.html: Added.
* http/tests/navigation/post-303-response-expected.txt: Added.
* http/tests/navigation/post-303-response.html: Added.
* http/tests/navigation/post-307-response-expected.txt: Added.
* http/tests/navigation/post-307-response.html: Added.
* http/tests/navigation/resources/redirected-post-request-contents.php: Added.
* http/tests/navigation/resources/redirection-response.php: Added.

Modified Paths

Added Paths

Diff

Modified: trunk/LayoutTests/ChangeLog (86692 => 86693)


--- trunk/LayoutTests/ChangeLog	2011-05-17 18:57:54 UTC (rev 86692)
+++ trunk/LayoutTests/ChangeLog	2011-05-17 19:00:37 UTC (rev 86693)
@@ -1,3 +1,25 @@
+2011-05-09  Luiz Agostini  <[email protected]>
+
+        Reviewed by Kenneth Rohde Christiansen.
+
+        [Qt] Redirection of HTTP POST (3xx) incorrectly includes original POST data
+        https://bugs.webkit.org/show_bug.cgi?id=60440
+
+        These new tests check that no POST content is sent to the new URL after receiving http
+        status codes 301, 302 and 303, and checks that the POST content is sent to the new URL
+        after receiving a 307 http status code.
+
+        * http/tests/navigation/post-301-response-expected.txt: Added.
+        * http/tests/navigation/post-301-response.html: Added.
+        * http/tests/navigation/post-302-response-expected.txt: Added.
+        * http/tests/navigation/post-302-response.html: Added.
+        * http/tests/navigation/post-303-response-expected.txt: Added.
+        * http/tests/navigation/post-303-response.html: Added.
+        * http/tests/navigation/post-307-response-expected.txt: Added.
+        * http/tests/navigation/post-307-response.html: Added.
+        * http/tests/navigation/resources/redirected-post-request-contents.php: Added.
+        * http/tests/navigation/resources/redirection-response.php: Added.
+
 2011-05-17  Sakamuri Ramakrishna  <[email protected]>
 
         Reviewed by Andreas Kling.

Added: trunk/LayoutTests/http/tests/navigation/post-301-response-expected.txt (0 => 86693)


--- trunk/LayoutTests/http/tests/navigation/post-301-response-expected.txt	                        (rev 0)
+++ trunk/LayoutTests/http/tests/navigation/post-301-response-expected.txt	2011-05-17 19:00:37 UTC (rev 86693)
@@ -0,0 +1,6 @@
+headers CONTENT_TYPE and CONTENT_LENGTH should not be present.
+headers CONTENT_TYPE and CONTENT_LENGTH are not present.
+
+no POST data should be present.
+no POST data is present.
+

Added: trunk/LayoutTests/http/tests/navigation/post-301-response.html (0 => 86693)


--- trunk/LayoutTests/http/tests/navigation/post-301-response.html	                        (rev 0)
+++ trunk/LayoutTests/http/tests/navigation/post-301-response.html	2011-05-17 19:00:37 UTC (rev 86693)
@@ -0,0 +1,18 @@
+<html>
+<head>
+<script>
+var doTest = function () {
+    if (window.layoutTestController) {
+        window.layoutTestController.dumpAsText();
+        window.layoutTestController.waitUntilDone();
+    }
+    document.getElementById("form1").submit();
+};
+</script>
+</head>
+<body _onload_="doTest()">
+<form id="form1" action="" method="post">
+<input type="text" name="text1" value="some text"><br>
+</form>
+</body>
+</html>

Added: trunk/LayoutTests/http/tests/navigation/post-302-response-expected.txt (0 => 86693)


--- trunk/LayoutTests/http/tests/navigation/post-302-response-expected.txt	                        (rev 0)
+++ trunk/LayoutTests/http/tests/navigation/post-302-response-expected.txt	2011-05-17 19:00:37 UTC (rev 86693)
@@ -0,0 +1,6 @@
+headers CONTENT_TYPE and CONTENT_LENGTH should not be present.
+headers CONTENT_TYPE and CONTENT_LENGTH are not present.
+
+no POST data should be present.
+no POST data is present.
+

Added: trunk/LayoutTests/http/tests/navigation/post-302-response.html (0 => 86693)


--- trunk/LayoutTests/http/tests/navigation/post-302-response.html	                        (rev 0)
+++ trunk/LayoutTests/http/tests/navigation/post-302-response.html	2011-05-17 19:00:37 UTC (rev 86693)
@@ -0,0 +1,18 @@
+<html>
+<head>
+<script>
+var doTest = function () {
+    if (window.layoutTestController) {
+        window.layoutTestController.dumpAsText();
+        window.layoutTestController.waitUntilDone();
+    }
+    document.getElementById("form1").submit();
+};
+</script>
+</head>
+<body _onload_="doTest()">
+<form id="form1" action="" method="post">
+<input type="text" name="text1" value="some text"><br>
+</form>
+</body>
+</html>

Added: trunk/LayoutTests/http/tests/navigation/post-303-response-expected.txt (0 => 86693)


--- trunk/LayoutTests/http/tests/navigation/post-303-response-expected.txt	                        (rev 0)
+++ trunk/LayoutTests/http/tests/navigation/post-303-response-expected.txt	2011-05-17 19:00:37 UTC (rev 86693)
@@ -0,0 +1,6 @@
+headers CONTENT_TYPE and CONTENT_LENGTH should not be present.
+headers CONTENT_TYPE and CONTENT_LENGTH are not present.
+
+no POST data should be present.
+no POST data is present.
+

Added: trunk/LayoutTests/http/tests/navigation/post-303-response.html (0 => 86693)


--- trunk/LayoutTests/http/tests/navigation/post-303-response.html	                        (rev 0)
+++ trunk/LayoutTests/http/tests/navigation/post-303-response.html	2011-05-17 19:00:37 UTC (rev 86693)
@@ -0,0 +1,18 @@
+<html>
+<head>
+<script>
+var doTest = function () {
+    if (window.layoutTestController) {
+        window.layoutTestController.dumpAsText();
+        window.layoutTestController.waitUntilDone();
+    }
+    document.getElementById("form1").submit();
+};
+</script>
+</head>
+<body _onload_="doTest()">
+<form id="form1" action="" method="post">
+<input type="text" name="text1" value="some text"><br>
+</form>
+</body>
+</html>

Added: trunk/LayoutTests/http/tests/navigation/post-307-response-expected.txt (0 => 86693)


--- trunk/LayoutTests/http/tests/navigation/post-307-response-expected.txt	                        (rev 0)
+++ trunk/LayoutTests/http/tests/navigation/post-307-response-expected.txt	2011-05-17 19:00:37 UTC (rev 86693)
@@ -0,0 +1,7 @@
+headers CONTENT_TYPE and CONTENT_LENGTH should be present.
+CONTENT_TYPE is present. Its value is: application/x-www-form-urlencoded
+CONTENT_LENGTH is present. Its value is: 15
+
+POST data should be present.
+POST data is present.
+

Added: trunk/LayoutTests/http/tests/navigation/post-307-response.html (0 => 86693)


--- trunk/LayoutTests/http/tests/navigation/post-307-response.html	                        (rev 0)
+++ trunk/LayoutTests/http/tests/navigation/post-307-response.html	2011-05-17 19:00:37 UTC (rev 86693)
@@ -0,0 +1,18 @@
+<html>
+<head>
+<script>
+var doTest = function () {
+    if (window.layoutTestController) {
+        window.layoutTestController.dumpAsText();
+        window.layoutTestController.waitUntilDone();
+    }
+    document.getElementById("form1").submit();
+};
+</script>
+</head>
+<body _onload_="doTest()">
+<form id="form1" action="" method="post">
+<input type="text" name="text1" value="some text"><br>
+</form>
+</body>
+</html>

Added: trunk/LayoutTests/http/tests/navigation/resources/redirected-post-request-contents.php (0 => 86693)


--- trunk/LayoutTests/http/tests/navigation/resources/redirected-post-request-contents.php	                        (rev 0)
+++ trunk/LayoutTests/http/tests/navigation/resources/redirected-post-request-contents.php	2011-05-17 19:00:37 UTC (rev 86693)
@@ -0,0 +1,38 @@
+<?php
+function checkHeader($header) {
+    if (array_key_exists($header, $_SERVER)) {
+        echo $header . " is present. Its value is: " . $_SERVER[$header] . "<br>";
+        return true;
+    }
+    return false;
+}
+
+if ($_GET["content"] == "true") {
+    echo "headers CONTENT_TYPE and CONTENT_LENGTH should be present.<br>";
+} else {
+    echo "headers CONTENT_TYPE and CONTENT_LENGTH should not be present.<br>";
+}
+
+$content_type = checkHeader("CONTENT_TYPE");
+$content_length = checkHeader("CONTENT_LENGTH");
+
+if (!$content_type && !$content_length) {
+    echo "headers CONTENT_TYPE and CONTENT_LENGTH are not present.<br>";
+}
+
+echo "<br>";
+
+if ($_GET["content"] == "true") {
+    echo "POST data should be present.<br>";
+} else {
+    echo "no POST data should be present.<br>";
+}
+
+if (sizeof($_POST) > 0 || sizeof($_FILES) > 0) {
+    echo "POST data is present.<br>";
+} else {
+    echo "no POST data is present.<br>";
+}
+
+echo "<script>if (window.layoutTestController) layoutTestController.notifyDone();</script>"
+?>

Added: trunk/LayoutTests/http/tests/navigation/resources/redirection-response.php (0 => 86693)


--- trunk/LayoutTests/http/tests/navigation/resources/redirection-response.php	                        (rev 0)
+++ trunk/LayoutTests/http/tests/navigation/resources/redirection-response.php	2011-05-17 19:00:37 UTC (rev 86693)
@@ -0,0 +1,27 @@
+<?php
+$status_code = $_GET['status'];
+
+$uri = rtrim(dirname($_SERVER['PHP_SELF']), '/\\') . "/" . $_GET['target'];
+
+switch ($status_code) {
+    case 301:
+        header("HTTP/1.1 301 Moved Permanently");
+        header("Location: http://" . $_SERVER['HTTP_HOST'] . $uri);
+        break;
+    case 302:
+        header("HTTP/1.1 302 Found");
+        header("Location: http://" . $_SERVER['HTTP_HOST'] . $uri);
+        break;
+    case 303:
+        header("HTTP/1.1 303 See Other");
+        header("Location: http://" . $_SERVER['HTTP_HOST'] . $uri);
+        break;
+    case 307:
+        header("HTTP/1.1 307 Temporary Redirect");
+        header("Location: http://" . $_SERVER['HTTP_HOST'] . $uri);
+        break;
+    default:
+        header("HTTP/1.1 500 Internal Server Error");
+        echo "Unexpected status code ($status_code) received.";
+}
+?>

Modified: trunk/Source/WebCore/ChangeLog (86692 => 86693)


--- trunk/Source/WebCore/ChangeLog	2011-05-17 18:57:54 UTC (rev 86692)
+++ trunk/Source/WebCore/ChangeLog	2011-05-17 19:00:37 UTC (rev 86693)
@@ -1,3 +1,21 @@
+2011-05-09  Luiz Agostini  <[email protected]>
+
+        Reviewed by Kenneth Rohde Christiansen.
+
+        [Qt] Redirection of HTTP POST (3xx) incorrectly includes original POST data
+        https://bugs.webkit.org/show_bug.cgi?id=60440
+
+        Makes sure that the HTTP headers Content-type and Content-length are not included in
+        the requests that do not have any content.
+
+        Tests: http/tests/navigation/post-301-response.html
+               http/tests/navigation/post-302-response.html
+               http/tests/navigation/post-303-response.html
+               http/tests/navigation/post-307-response.html
+
+        * platform/network/qt/QNetworkReplyHandler.cpp:
+        (WebCore::QNetworkReplyHandler::sendNetworkRequest):
+
 2011-05-17  Andreas Kling  <[email protected]>
 
         Reviewed by Benjamin Poulain.

Modified: trunk/Source/WebCore/platform/network/qt/QNetworkReplyHandler.cpp (86692 => 86693)


--- trunk/Source/WebCore/platform/network/qt/QNetworkReplyHandler.cpp	2011-05-17 18:57:54 UTC (rev 86692)
+++ trunk/Source/WebCore/platform/network/qt/QNetworkReplyHandler.cpp	2011-05-17 19:00:37 UTC (rev 86693)
@@ -615,6 +615,12 @@
         && (!url.toLocalFile().isEmpty() || url.scheme() == QLatin1String("data")))
         m_method = QNetworkAccessManager::GetOperation;
 
+    if (m_method != QNetworkAccessManager::PostOperation && m_method != QNetworkAccessManager::PutOperation) {
+        // clearing Contents-length and Contents-type of the requests that do not have contents.
+        m_request.setHeader(QNetworkRequest::ContentTypeHeader, QVariant());
+        m_request.setHeader(QNetworkRequest::ContentLengthHeader, QVariant());
+    }
+
     switch (m_method) {
         case QNetworkAccessManager::GetOperation:
             return manager->get(m_request);

_______________________________________________
webkit-changes mailing list
[email protected]
http://lists.webkit.org/mailman/listinfo.cgi/webkit-changes

Reply via email to