[webkit-changes] [228114] trunk/Source

[dbates]

Title: [228114] trunk/Source

Revision

228114

Author

dba...@webkit.org

Date

2018-02-05 12:46:46 -0800 (Mon, 05 Feb 2018)

Log Message

REGRESSION (r222795): Nike app "Refused to set unsafe header" when adding and viewing cart
https://bugs.webkit.org/show_bug.cgi?id=182491
<rdar://problem/36533447>

Reviewed by Brent Fulgham.

Exempt Nike from the XHR header restrictions in r222795.

Following r222795 only Dashboard widgets are allowed to set arbitrary XHR headers.
However Nike also depends on such functionality.

Source/WebCore:

* platform/RuntimeApplicationChecks.h:
* platform/cocoa/RuntimeApplicationChecksCocoa.mm:
(WebCore::IOSApplication::isNike):

Source/WebKit:

* UIProcess/API/Cocoa/WKWebView.mm:
(shouldAllowSettingAnyXHRHeaderFromFileURLs):

Modified Paths

• trunk/Source/WebCore/ChangeLog
• trunk/Source/WebCore/platform/RuntimeApplicationChecks.h
• trunk/Source/WebCore/platform/cocoa/RuntimeApplicationChecksCocoa.mm
• trunk/Source/WebKit/ChangeLog
• trunk/Source/WebKit/UIProcess/API/Cocoa/WKWebView.mm

Diff

Modified: trunk/Source/WebCore/ChangeLog (228113 => 228114)

--- trunk/Source/WebCore/ChangeLog	2018-02-05 20:26:45 UTC (rev 228113)
+++ trunk/Source/WebCore/ChangeLog	2018-02-05 20:46:46 UTC (rev 228114)
@@ -1,3 +1,20 @@
+2018-02-05  Daniel Bates  <daba...@apple.com>
+
+        REGRESSION (r222795): Nike app "Refused to set unsafe header" when adding and viewing cart
+        https://bugs.webkit.org/show_bug.cgi?id=182491
+        <rdar://problem/36533447>
+
+        Reviewed by Brent Fulgham.
+
+        Exempt Nike from the XHR header restrictions in r222795.
+
+        Following r222795 only Dashboard widgets are allowed to set arbitrary XHR headers.
+        However Nike also depends on such functionality.
+
+        * platform/RuntimeApplicationChecks.h:
+        * platform/cocoa/RuntimeApplicationChecksCocoa.mm:
+        (WebCore::IOSApplication::isNike):
+
 2018-02-02  Brent Fulgham  <bfulg...@apple.com>
 
         Improve NetworkResourceLoader logging so it can be used for 'setCookiesFromDOM'

Modified: trunk/Source/WebCore/platform/RuntimeApplicationChecks.h (228113 => 228114)

--- trunk/Source/WebCore/platform/RuntimeApplicationChecks.h	2018-02-05 20:26:45 UTC (rev 228113)
+++ trunk/Source/WebCore/platform/RuntimeApplicationChecks.h	2018-02-05 20:46:46 UTC (rev 228114)
@@ -84,6 +84,7 @@
 bool isIBooksStorytime();
 WEBCORE_EXPORT bool isTheSecretSocietyHiddenMystery();
 WEBCORE_EXPORT bool isCardiogram();
+WEBCORE_EXPORT bool isNike();
 
 } // IOSApplication
 

Modified: trunk/Source/WebCore/platform/cocoa/RuntimeApplicationChecksCocoa.mm (228113 => 228114)

--- trunk/Source/WebCore/platform/cocoa/RuntimeApplicationChecksCocoa.mm	2018-02-05 20:26:45 UTC (rev 228113)
+++ trunk/Source/WebCore/platform/cocoa/RuntimeApplicationChecksCocoa.mm	2018-02-05 20:46:46 UTC (rev 228114)
@@ -242,6 +242,12 @@
     return isCardiogram;
 }
 
+bool IOSApplication::isNike()
+{
+    static bool isNike = applicationBundleIsEqualTo("com.nike.omega");
+    return isNike;
+}
+
 #endif
 
 } // namespace WebCore

Modified: trunk/Source/WebKit/ChangeLog (228113 => 228114)

--- trunk/Source/WebKit/ChangeLog	2018-02-05 20:26:45 UTC (rev 228113)
+++ trunk/Source/WebKit/ChangeLog	2018-02-05 20:46:46 UTC (rev 228114)
@@ -1,3 +1,19 @@
+2018-02-05  Daniel Bates  <daba...@apple.com>
+
+        REGRESSION (r222795): Nike app "Refused to set unsafe header" when adding and viewing cart
+        https://bugs.webkit.org/show_bug.cgi?id=182491
+        <rdar://problem/36533447>
+
+        Reviewed by Brent Fulgham.
+
+        Exempt Nike from the XHR header restrictions in r222795.
+
+        Following r222795 only Dashboard widgets are allowed to set arbitrary XHR headers.
+        However Nike also depends on such functionality.
+
+        * UIProcess/API/Cocoa/WKWebView.mm:
+        (shouldAllowSettingAnyXHRHeaderFromFileURLs):
+
 2018-02-02  Brent Fulgham  <bfulg...@apple.com>
 
         Improve NetworkResourceLoader logging so it can be used for 'setCookiesFromDOM'

Modified: trunk/Source/WebKit/UIProcess/API/Cocoa/WKWebView.mm (228113 => 228114)

--- trunk/Source/WebKit/UIProcess/API/Cocoa/WKWebView.mm	2018-02-05 20:26:45 UTC (rev 228113)
+++ trunk/Source/WebKit/UIProcess/API/Cocoa/WKWebView.mm	2018-02-05 20:46:46 UTC (rev 228114)
@@ -424,7 +424,7 @@
 
 static bool shouldAllowSettingAnyXHRHeaderFromFileURLs()
 {
-    static bool shouldAllowSettingAnyXHRHeaderFromFileURLs = WebCore::IOSApplication::isCardiogram() && !linkedOnOrAfter(WebKit::SDKVersion::FirstThatDisallowsSettingAnyXHRHeaderFromFileURLs);
+    static bool shouldAllowSettingAnyXHRHeaderFromFileURLs = (WebCore::IOSApplication::isCardiogram() || WebCore::IOSApplication::isNike()) && !linkedOnOrAfter(WebKit::SDKVersion::FirstThatDisallowsSettingAnyXHRHeaderFromFileURLs);
     return shouldAllowSettingAnyXHRHeaderFromFileURLs;
 }
 

_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes