Diff
Modified: trunk/LayoutTests/ChangeLog (206013 => 206014)
--- trunk/LayoutTests/ChangeLog 2016-09-16 07:56:12 UTC (rev 206013)
+++ trunk/LayoutTests/ChangeLog 2016-09-16 08:24:18 UTC (rev 206014)
@@ -1,5 +1,17 @@
2016-09-16 Youenn Fablet <[email protected]>
+ [Fetch API] Headers should be combine with ',' and not ', '
+ https://bugs.webkit.org/show_bug.cgi?id=161736
+
+ Reviewed by Sam Weinig.
+
+ * http/tests/xmlhttprequest/check-combining-headers-expected.txt:
+ * http/tests/xmlhttprequest/check-combining-headers.html: Checking combined headers.
+ * http/tests/xmlhttprequest/resources/print-headers.php: Printing all request headers in a JSON response.
+ * http/tests/xmlhttprequest/web-apps/005.html: Making ',' combination as expected.
+
+2016-09-16 Youenn Fablet <[email protected]>
+
Custom promise-returning functions should not throw if callee has not the expected type
https://bugs.webkit.org/show_bug.cgi?id=162011
Added: trunk/LayoutTests/http/tests/xmlhttprequest/check-combining-headers-expected.txt (0 => 206014)
--- trunk/LayoutTests/http/tests/xmlhttprequest/check-combining-headers-expected.txt (rev 0)
+++ trunk/LayoutTests/http/tests/xmlhttprequest/check-combining-headers-expected.txt 2016-09-16 08:24:18 UTC (rev 206014)
@@ -0,0 +1,15 @@
+CONSOLE MESSAGE: line 16: Refused to set unsafe header "User-Agent"
+CONSOLE MESSAGE: line 17: Refused to set unsafe header "User-Agent"
+CONSOLE MESSAGE: line 16: Refused to set unsafe header "Content-Transfer-Encoding"
+CONSOLE MESSAGE: line 17: Refused to set unsafe header "Content-Transfer-Encoding"
+
+FAIL XMLHttpRequest: setRequestHeader() - combining headers (Authorization) assert_equals: Combined header value should be t1,t2 expected "t1,t2" but got "t1, t2"
+FAIL XMLHttpRequest: setRequestHeader() - combining headers (Pragma) assert_equals: Combined header value should be t1,t2 expected "t1,t2" but got "t1, t2"
+FAIL XMLHttpRequest: setRequestHeader() - combining headers (User-Agent) assert_true: Combined header value should be t1,t2 expected true got false
+FAIL XMLHttpRequest: setRequestHeader() - combining headers (Content-Transfer-Encoding) assert_equals: Combined header value should be t1,t2 expected (string) "t1,t2" but got (undefined) undefined
+FAIL XMLHttpRequest: setRequestHeader() - combining headers (Content-Type) assert_equals: Combined header value should be t1,t2 expected "t1,t2" but got "t1, t2"
+PASS XMLHttpRequest: setRequestHeader() - combining headers (Overwrite)
+PASS XMLHttpRequest: setRequestHeader() - combining headers (If)
+PASS XMLHttpRequest: setRequestHeader() - combining headers (Status-URI)
+PASS XMLHttpRequest: setRequestHeader() - combining headers (X-Pink-Unicorn)
+
Copied: trunk/LayoutTests/http/tests/xmlhttprequest/check-combining-headers.html (from rev 206011, trunk/LayoutTests/imported/w3c/web-platform-tests/XMLHttpRequest/setrequestheader-header-allowed.htm) (0 => 206014)
--- trunk/LayoutTests/http/tests/xmlhttprequest/check-combining-headers.html (rev 0)
+++ trunk/LayoutTests/http/tests/xmlhttprequest/check-combining-headers.html 2016-09-16 08:24:18 UTC (rev 206014)
@@ -0,0 +1,36 @@
+<!doctype html>
+<html>
+ <head>
+ <title>XMLHttpRequest: setRequestHeader() - combining headers </title>
+ <script src=""
+ <script src=""
+ <link rel="help" href="" data-tested-assertations="/following::ol/li[6] /following::ol/li[7]" />
+ </head>
+ <body>
+ <div id="log"></div>
+ <script>
+ function request(header, doNotshowFullValueInError) {
+ test(function() {
+ var client = new XMLHttpRequest()
+ client.open("POST", "resources/print-headers.php", false)
+ client.setRequestHeader(header, "t1")
+ client.setRequestHeader(header, "t2")
+ client.send(null)
+ if (!doNotshowFullValueInError)
+ assert_equals(JSON.parse(client.response)[header.toLowerCase()], "t1,t2", "Combined header value should be t1,t2")
+ else
+ assert_true(JSON.parse(client.response)[header.toLowerCase()] == "t1,t2", "Combined header value should be t1,t2")
+ }, document.title + " (" + header + ")")
+ }
+ request("Authorization")
+ request("Pragma")
+ request("User-Agent", true)
+ request("Content-Transfer-Encoding")
+ request("Content-Type")
+ request("Overwrite")
+ request("If")
+ request("Status-URI")
+ request("X-Pink-Unicorn")
+ </script>
+ </body>
+</html>
Added: trunk/LayoutTests/http/tests/xmlhttprequest/resources/print-headers.php (0 => 206014)
--- trunk/LayoutTests/http/tests/xmlhttprequest/resources/print-headers.php (rev 0)
+++ trunk/LayoutTests/http/tests/xmlhttprequest/resources/print-headers.php 2016-09-16 08:24:18 UTC (rev 206014)
@@ -0,0 +1,10 @@
+<?php
+$headers = apache_request_headers();
+
+header("Content-Type: text/plain");
+header("Cache-Control: no-store");
+
+foreach ($headers as $header => $value) {
+ $request_headers[strtolower($header)] = $value;
+}
+echo json_encode( $request_headers );
Modified: trunk/LayoutTests/http/tests/xmlhttprequest/web-apps/005.html (206013 => 206014)
--- trunk/LayoutTests/http/tests/xmlhttprequest/web-apps/005.html 2016-09-16 07:56:12 UTC (rev 206013)
+++ trunk/LayoutTests/http/tests/xmlhttprequest/web-apps/005.html 2016-09-16 08:24:18 UTC (rev 206014)
@@ -19,7 +19,7 @@
r.setRequestHeader('X-Test-Header', 'ONE');
r.setRequestHeader('X-Test-Header', 'TWO');
r.send(null);
- if (r.responseText == 'RESULT:[ONE, TWO]') {
+ if (r.responseText == 'RESULT:[ONE,TWO]') {
p.firstChild.data = '';
} else {
p.firstChild.data = '' + r.responseText + ')';
Modified: trunk/LayoutTests/imported/w3c/ChangeLog (206013 => 206014)
--- trunk/LayoutTests/imported/w3c/ChangeLog 2016-09-16 07:56:12 UTC (rev 206013)
+++ trunk/LayoutTests/imported/w3c/ChangeLog 2016-09-16 08:24:18 UTC (rev 206014)
@@ -1,5 +1,20 @@
2016-09-16 Youenn Fablet <[email protected]>
+ [Fetch API] Headers should be combine with ',' and not ', '
+ https://bugs.webkit.org/show_bug.cgi?id=161736
+
+ Reviewed by Sam Weinig.
+
+ * web-platform-tests/XMLHttpRequest/setrequestheader-case-insensitive.htm: Making ',' combination as expected.
+ * web-platform-tests/XMLHttpRequest/setrequestheader-header-allowed-expected.txt: Some new header tests are failing.
+ This is due to the fact that the underlying HTTP code is probably reprocessing those headers and readding ', ' in lieu of ','.
+ * web-platform-tests/XMLHttpRequest/setrequestheader-header-allowed.htm: Ditto.
+ * web-platform-tests/fetch/api/cors/cors-preflight.js:
+ (corsPreflight): Removing stripping of whitespaces
+ * web-platform-tests/fetch/api/headers/headers-combine.html: Making ',' combination as expected.
+
+2016-09-16 Youenn Fablet <[email protected]>
+
[Fetch API] Referrer and Origin header should not be considered as safe request headers
https://bugs.webkit.org/show_bug.cgi?id=161902
Modified: trunk/LayoutTests/imported/w3c/web-platform-tests/XMLHttpRequest/setrequestheader-case-insensitive.htm (206013 => 206014)
--- trunk/LayoutTests/imported/w3c/web-platform-tests/XMLHttpRequest/setrequestheader-case-insensitive.htm 2016-09-16 07:56:12 UTC (rev 206013)
+++ trunk/LayoutTests/imported/w3c/web-platform-tests/XMLHttpRequest/setrequestheader-case-insensitive.htm 2016-09-16 08:24:18 UTC (rev 206014)
@@ -11,7 +11,7 @@
<script>
test(function() {
var client = new XMLHttpRequest()
- client.open("POST", "resources/inspect-headers.py?filter_value=t1, t2, t3", false)
+ client.open("POST", "resources/inspect-headers.py?filter_value=t1,t2,t3", false)
client.setRequestHeader("x-test", "t1")
client.setRequestHeader("X-TEST", "t2")
client.setRequestHeader("X-teST", "t3")
Modified: trunk/LayoutTests/imported/w3c/web-platform-tests/XMLHttpRequest/setrequestheader-header-allowed-expected.txt (206013 => 206014)
--- trunk/LayoutTests/imported/w3c/web-platform-tests/XMLHttpRequest/setrequestheader-header-allowed-expected.txt 2016-09-16 07:56:12 UTC (rev 206013)
+++ trunk/LayoutTests/imported/w3c/web-platform-tests/XMLHttpRequest/setrequestheader-header-allowed-expected.txt 2016-09-16 08:24:18 UTC (rev 206014)
@@ -3,11 +3,11 @@
CONSOLE MESSAGE: line 16: Refused to set unsafe header "Content-Transfer-Encoding"
CONSOLE MESSAGE: line 17: Refused to set unsafe header "Content-Transfer-Encoding"
-PASS XMLHttpRequest: setRequestHeader() - headers that are allowed (Authorization)
-PASS XMLHttpRequest: setRequestHeader() - headers that are allowed (Pragma)
+FAIL XMLHttpRequest: setRequestHeader() - headers that are allowed (Authorization) assert_equals: expected "authorization," but got ""
+FAIL XMLHttpRequest: setRequestHeader() - headers that are allowed (Pragma) assert_equals: expected "pragma," but got ""
FAIL XMLHttpRequest: setRequestHeader() - headers that are allowed (User-Agent) assert_equals: expected "user-agent," but got ""
FAIL XMLHttpRequest: setRequestHeader() - headers that are allowed (Content-Transfer-Encoding) assert_equals: expected "content-transfer-encoding," but got ""
-PASS XMLHttpRequest: setRequestHeader() - headers that are allowed (Content-Type)
+FAIL XMLHttpRequest: setRequestHeader() - headers that are allowed (Content-Type) assert_equals: expected "content-type," but got ""
PASS XMLHttpRequest: setRequestHeader() - headers that are allowed (Overwrite)
PASS XMLHttpRequest: setRequestHeader() - headers that are allowed (If)
PASS XMLHttpRequest: setRequestHeader() - headers that are allowed (Status-URI)
Modified: trunk/LayoutTests/imported/w3c/web-platform-tests/XMLHttpRequest/setrequestheader-header-allowed.htm (206013 => 206014)
--- trunk/LayoutTests/imported/w3c/web-platform-tests/XMLHttpRequest/setrequestheader-header-allowed.htm 2016-09-16 07:56:12 UTC (rev 206013)
+++ trunk/LayoutTests/imported/w3c/web-platform-tests/XMLHttpRequest/setrequestheader-header-allowed.htm 2016-09-16 08:24:18 UTC (rev 206014)
@@ -12,7 +12,7 @@
function request(header) {
test(function() {
var client = new XMLHttpRequest()
- client.open("POST", "resources/inspect-headers.py?filter_value=t1, t2", false)
+ client.open("POST", "resources/inspect-headers.py?filter_value=t1,t2", false)
client.setRequestHeader(header, "t1")
client.setRequestHeader(header, "t2")
client.send(null)
Modified: trunk/LayoutTests/imported/w3c/web-platform-tests/fetch/api/cors/cors-preflight.js (206013 => 206014)
--- trunk/LayoutTests/imported/w3c/web-platform-tests/fetch/api/cors/cors-preflight.js 2016-09-16 07:56:12 UTC (rev 206013)
+++ trunk/LayoutTests/imported/w3c/web-platform-tests/fetch/api/cors/cors-preflight.js 2016-09-16 08:24:18 UTC (rev 206014)
@@ -52,7 +52,7 @@
assert_in_array(header[0].toLowerCase(), actualHeaders, "Preflight asked permission for header: " + header);
let accessControlAllowHeaders = headerNames(headers).sort().join(",");
- assert_equals(resp.headers.get("x-control-request-headers").replace(new RegExp(" ", "g"), ""), accessControlAllowHeaders, "Access-Control-Allow-Headers value");
+ assert_equals(resp.headers.get("x-control-request-headers"), accessControlAllowHeaders, "Access-Control-Allow-Headers value");
return fetch(RESOURCES_DIR + "clean-stash.py?token=" + uuid_token);
}
});
Modified: trunk/LayoutTests/imported/w3c/web-platform-tests/fetch/api/headers/headers-combine-expected.txt (206013 => 206014)
--- trunk/LayoutTests/imported/w3c/web-platform-tests/fetch/api/headers/headers-combine-expected.txt 2016-09-16 07:56:12 UTC (rev 206013)
+++ trunk/LayoutTests/imported/w3c/web-platform-tests/fetch/api/headers/headers-combine-expected.txt 2016-09-16 08:24:18 UTC (rev 206014)
@@ -1,6 +1,6 @@
-FAIL Create headers using same name for different values assert_equals: name: double has value: doubleValue1,doubleValue2 expected "doubleValue1,doubleValue2" but got "doubleValue1, doubleValue2"
+PASS Create headers using same name for different values
PASS Check delete and has methods when using same name for different values
PASS Check set methods when called with already used name
-FAIL Check append methods when called with already used name assert_equals: name: single has value: singleValue, newSingleValue expected "singleValue,newSingleValue" but got "singleValue, newSingleValue"
+PASS Check append methods when called with already used name
Modified: trunk/Source/WebCore/ChangeLog (206013 => 206014)
--- trunk/Source/WebCore/ChangeLog 2016-09-16 07:56:12 UTC (rev 206013)
+++ trunk/Source/WebCore/ChangeLog 2016-09-16 08:24:18 UTC (rev 206014)
@@ -1,5 +1,19 @@
2016-09-16 Youenn Fablet <[email protected]>
+ [Fetch API] Headers should be combine with ',' and not ', '
+ https://bugs.webkit.org/show_bug.cgi?id=161736
+
+ Reviewed by Sam Weinig.
+
+ Covered by updated tests and http/tests/xmlhttprequest/check-combining-headers.html.
+
+ * loader/CrossOriginAccessControl.cpp:
+ (WebCore::createAccessControlPreflightRequest): Combining with ',' for Access-Control-Request-Headers
+ * platform/network/HTTPHeaderMap.cpp:
+ (HTTPHeaderMap::add): Combining with ','
+
+2016-09-16 Youenn Fablet <[email protected]>
+
Custom promise-returning functions should not throw if callee has not the expected type
https://bugs.webkit.org/show_bug.cgi?id=162011
Modified: trunk/Source/WebCore/loader/CrossOriginAccessControl.cpp (206013 => 206014)
--- trunk/Source/WebCore/loader/CrossOriginAccessControl.cpp 2016-09-16 07:56:12 UTC (rev 206013)
+++ trunk/Source/WebCore/loader/CrossOriginAccessControl.cpp 2016-09-16 08:24:18 UTC (rev 206014)
@@ -128,9 +128,8 @@
bool appendComma = false;
for (const auto& headerField : unsafeHeaders) {
- // FIXME: header names should be separated by 0x2C, without space.
if (appendComma)
- headerBuffer.appendLiteral(", ");
+ headerBuffer.append(',');
else
appendComma = true;
Modified: trunk/Source/WebCore/platform/network/HTTPHeaderMap.cpp (206013 => 206014)
--- trunk/Source/WebCore/platform/network/HTTPHeaderMap.cpp 2016-09-16 07:56:12 UTC (rev 206013)
+++ trunk/Source/WebCore/platform/network/HTTPHeaderMap.cpp 2016-09-16 08:24:18 UTC (rev 206014)
@@ -97,7 +97,7 @@
if (!findHTTPHeaderName(name, headerName)) {
auto result = m_uncommonHeaders.add(name, value);
if (!result.isNewEntry)
- result.iterator->value = result.iterator->value + ", " + value;
+ result.iterator->value = makeString(result.iterator->value, ",", value);
return;
}
add(headerName, value);
