- Revision
- 229191
- Author
- cdu...@apple.com
- Date
- 2018-03-02 15:14:33 -0800 (Fri, 02 Mar 2018)
Log Message
imported/w3c/web-platform-tests/html/browsers/history/the-location-interface/location-protocol-setter-non-broken.html crashes with async policy delegates
https://bugs.webkit.org/show_bug.cgi?id=183294
<rdar://problem/38073596>
Reviewed by Youenn Fablet.
Source/WebCore:
Drop code that was added to SubresourceLoader::willCancel() in r228852. The purpose of this code
was to make sure that SubresourceLoader::m_policyForResponseCompletionHandler always gets called,
even when the load is cancelled. However, this code is not needed (since m_policyForResponseCompletionHandler
is a CompletionHandler, an assertion will be hit if we fail to call it and we'll know). Calling
the completionHandler inside SubresourceLoader::willCancel() is too early and leads to crashes.
The completionHandler currently gets called DocumentLoader::responseReceived() via a call to
mainResourceLoader->didReceiveResponsePolicy(). Note that in r229177, we made sure that the
call to didReceiveResponsePolicy() happens *after* the call to continueAfterContentPolicy()
to maintain our non-async policy delegate behavior. However, continueAfterContentPolicy()
would end up calling willCancel() and call the completionHandler when shouldContinue was
false.
Test: http/wpt/html/browsers/history/the-location-interface/location-protocol-setter-non-broken-async-delegate.html
* loader/SubresourceLoader.cpp:
(WebCore::SubresourceLoader::willCancel):
LayoutTests:
Add layout test coverage.
* http/wpt/html/browsers/history/the-location-interface/location-protocol-setter-non-broken-async-delegate-expected.txt: Added.
* http/wpt/html/browsers/history/the-location-interface/location-protocol-setter-non-broken-async-delegate.html: Added.
Modified Paths
Added Paths
Removed Paths
- trunk/LayoutTests/platform/ios-wk2/imported/w3c/web-platform-tests/html/browsers/history/
Diff
Modified: trunk/LayoutTests/ChangeLog (229190 => 229191)
--- trunk/LayoutTests/ChangeLog 2018-03-02 22:55:12 UTC (rev 229190)
+++ trunk/LayoutTests/ChangeLog 2018-03-02 23:14:33 UTC (rev 229191)
@@ -1,5 +1,18 @@
2018-03-02 Chris Dumez <cdu...@apple.com>
+ imported/w3c/web-platform-tests/html/browsers/history/the-location-interface/location-protocol-setter-non-broken.html crashes with async policy delegates
+ https://bugs.webkit.org/show_bug.cgi?id=183294
+ <rdar://problem/38073596>
+
+ Reviewed by Youenn Fablet.
+
+ Add layout test coverage.
+
+ * http/wpt/html/browsers/history/the-location-interface/location-protocol-setter-non-broken-async-delegate-expected.txt: Added.
+ * http/wpt/html/browsers/history/the-location-interface/location-protocol-setter-non-broken-async-delegate.html: Added.
+
+2018-03-02 Chris Dumez <cdu...@apple.com>
+
fast/events/before-unload-remove-itself.html crashes with async policy delegates
https://bugs.webkit.org/show_bug.cgi?id=183290
<rdar://problem/38069045>
Modified: trunk/LayoutTests/TestExpectations (229190 => 229191)
--- trunk/LayoutTests/TestExpectations 2018-03-02 22:55:12 UTC (rev 229190)
+++ trunk/LayoutTests/TestExpectations 2018-03-02 23:14:33 UTC (rev 229191)
@@ -174,6 +174,11 @@
imported/w3c/web-platform-tests/service-workers/service-worker/websocket.https.html [ Pass Failure ]
+# Console log lines may appear in a different order so we silence them.
+http/wpt/html/browsers/history/the-location-interface/location-protocol-setter-non-broken-async-delegate.html [ DumpJSConsoleLogInStdErr ]
+imported/w3c/web-platform-tests/html/browsers/history/the-location-interface/location-protocol-setter-non-broken.html [ DumpJSConsoleLogInStdErr ]
+imported/w3c/web-platform-tests/html/browsers/history/the-location-interface/location-protocol-setter-non-broken-weird.html [ DumpJSConsoleLogInStdErr ]
+
webkit.org/b/181901 imported/w3c/web-platform-tests/service-workers/service-worker/fetch-cors-xhr.https.html [ DumpJSConsoleLogInStdErr ]
webkit.org/b/181897 imported/w3c/web-platform-tests/service-workers/service-worker/fetch-canvas-tainting.https.html [ DumpJSConsoleLogInStdErr ]
webkit.org/b/181900 imported/w3c/web-platform-tests/service-workers/service-worker/fetch-canvas-tainting-cache.https.html [ DumpJSConsoleLogInStdErr ]
@@ -613,7 +618,6 @@
imported/w3c/web-platform-tests/fetch/http-cache/partial.html [ Failure ]
webkit.org/b/159724 imported/w3c/web-platform-tests/XMLHttpRequest/send-redirect-post-upload.htm [ Failure Pass ]
-webkit.org/b/167380 imported/w3c/web-platform-tests/html/browsers/history/the-location-interface/location-protocol-setter-non-broken.html [ Failure Pass ]
# Flaky tests due to always changing assertion error message
imported/w3c/web-platform-tests/html/semantics/forms/form-submission-0/url-encoded.html [ Failure ]
Copied: trunk/LayoutTests/http/wpt/html/browsers/history/the-location-interface/location-protocol-setter-non-broken-async-delegate-expected.txt (from rev 229190, trunk/LayoutTests/imported/w3c/web-platform-tests/html/browsers/history/the-location-interface/location-protocol-setter-non-broken-expected.txt) (0 => 229191)
--- trunk/LayoutTests/http/wpt/html/browsers/history/the-location-interface/location-protocol-setter-non-broken-async-delegate-expected.txt (rev 0)
+++ trunk/LayoutTests/http/wpt/html/browsers/history/the-location-interface/location-protocol-setter-non-broken-async-delegate-expected.txt 2018-03-02 23:14:33 UTC (rev 229191)
@@ -0,0 +1,14 @@
+
+PASS Set HTTP URL frame location.protocol to x
+PASS Set data URL frame location.protocol to x
+PASS Set HTTP URL frame location.protocol to data
+PASS Set data URL frame location.protocol to data
+PASS Set HTTP URL frame location.protocol to file
+PASS Set data URL frame location.protocol to file
+PASS Set HTTP URL frame location.protocol to ftp
+PASS Set data URL frame location.protocol to ftp
+PASS Set HTTP URL frame location.protocol to gopher
+PASS Set data URL frame location.protocol to gopher
+PASS Set HTTP URL frame location.protocol to http+x
+PASS Set data URL frame location.protocol to http+x
+
Added: trunk/LayoutTests/http/wpt/html/browsers/history/the-location-interface/location-protocol-setter-non-broken-async-delegate.html (0 => 229191)
--- trunk/LayoutTests/http/wpt/html/browsers/history/the-location-interface/location-protocol-setter-non-broken-async-delegate.html (rev 0)
+++ trunk/LayoutTests/http/wpt/html/browsers/history/the-location-interface/location-protocol-setter-non-broken-async-delegate.html 2018-03-02 23:14:33 UTC (rev 229191)
@@ -0,0 +1,63 @@
+<!doctype html>
+<title>Set location.protocol to a non-broken-non-functioning scheme</title>
+<!-- In particular, valid non-broken schemes that are nevertheless not going to work -->
+<script src=""
+<script src=""
+<div id=log></div>
+<script>
+if (window.testRunner && testRunner.setShouldDecideResponsePolicyAfterDelay)
+ testRunner.setShouldDecideResponsePolicyAfterDelay(true);
+
+self._onload_ = () => {
+ [
+ 'x',
+ 'data',
+ // 'mailto' opens an email client in Firefox...
+ 'file',
+ 'ftp',
+ 'gopher',
+ 'http+x'
+ ].forEach((val) => {
+ async_test((t) => {
+ // HTTP URL <iframe>
+ const frame = document.createElement("iframe")
+ frame.src = ""
+ frame._onload_ = t.step_func(() => {
+ frame.contentWindow.location.protocol = val
+ t.step_timeout(() => {
+ assert_equals(frame.contentWindow.location.protocol, location.protocol)
+ assert_equals(frame.contentWindow.location.host, location.host)
+ assert_equals(frame.contentWindow.location.port, location.port)
+ t.done()
+ }, 500)
+ })
+ document.body.appendChild(frame)
+ }, "Set HTTP URL frame location.protocol to " + val)
+
+ async_test((t) => {
+ // data URL <iframe>
+ const dataFrame = document.createElement("iframe")
+ const channel = new MessageChannel()
+ dataFrame.src = ""
+_onmessage_ = (e) => {
+ let result = false;
+ try {
+ location.protocol = e.data
+ } catch(e) {
+ result = true
+ }
+ setTimeout(() => e.ports[0].postMessage([result, location.protocol]), 100)
+}
+<\/script>`
+ dataFrame._onload_ = t.step_func(() => {
+ dataFrame.contentWindow.postMessage(val, "*", [channel.port2])
+ })
+ channel.port1._onmessage_ = t.step_func_done((e) => {
+ assert_false(e.data[0])
+ assert_equals(e.data[1], "data:")
+ })
+ document.body.appendChild(dataFrame)
+ }, "Set data URL frame location.protocol to " + val)
+ })
+}
+</script>
Modified: trunk/LayoutTests/imported/w3c/web-platform-tests/html/browsers/history/the-location-interface/location-protocol-setter-non-broken-expected.txt (229190 => 229191)
--- trunk/LayoutTests/imported/w3c/web-platform-tests/html/browsers/history/the-location-interface/location-protocol-setter-non-broken-expected.txt 2018-03-02 22:55:12 UTC (rev 229190)
+++ trunk/LayoutTests/imported/w3c/web-platform-tests/html/browsers/history/the-location-interface/location-protocol-setter-non-broken-expected.txt 2018-03-02 23:14:33 UTC (rev 229191)
@@ -1,5 +1,3 @@
-CONSOLE MESSAGE: Not allowed to load local resource: script%3E
-CONSOLE MESSAGE: Not allowed to load local resource: blank.html
PASS Set HTTP URL frame location.protocol to x
PASS Set data URL frame location.protocol to x
Modified: trunk/LayoutTests/imported/w3c/web-platform-tests/html/browsers/history/the-location-interface/location-protocol-setter-non-broken-weird-expected.txt (229190 => 229191)
--- trunk/LayoutTests/imported/w3c/web-platform-tests/html/browsers/history/the-location-interface/location-protocol-setter-non-broken-weird-expected.txt 2018-03-02 22:55:12 UTC (rev 229190)
+++ trunk/LayoutTests/imported/w3c/web-platform-tests/html/browsers/history/the-location-interface/location-protocol-setter-non-broken-weird-expected.txt 2018-03-02 23:14:33 UTC (rev 229191)
@@ -1,4 +1,3 @@
-CONSOLE MESSAGE: Not allowed to load local resource: blank.html
PASS Set location.protocol to x
PASS Set location.protocol to data
Modified: trunk/LayoutTests/platform/ios/TestExpectations (229190 => 229191)
--- trunk/LayoutTests/platform/ios/TestExpectations 2018-03-02 22:55:12 UTC (rev 229190)
+++ trunk/LayoutTests/platform/ios/TestExpectations 2018-03-02 23:14:33 UTC (rev 229191)
@@ -2877,9 +2877,6 @@
# Requires changes to QuickLook.framework tracked by rdar://problem/28544527
quicklook/password-protected.html [ Skip ]
-webkit.org/b/167376 imported/w3c/web-platform-tests/html/browsers/history/the-location-interface/location-protocol-setter-non-broken.html [ Pass Failure ]
-webkit.org/b/167211 imported/w3c/web-platform-tests/html/browsers/history/the-location-interface/location-protocol-setter-non-broken-weird.html [ Pass Failure ]
-
webkit.org/b/167619 css3/filters/backdrop/dynamic-with-clip-path.html [ ImageOnlyFailure ]
webkit.org/b/168215 imported/w3c/web-platform-tests/html/semantics/text-level-semantics/the-a-element/a-download-click.html [ Skip ]
Copied: trunk/LayoutTests/platform/mac-wk1/http/wpt/html/browsers/history/the-location-interface/location-protocol-setter-non-broken-async-delegate-expected.txt (from rev 229190, trunk/LayoutTests/platform/ios-wk2/imported/w3c/web-platform-tests/html/browsers/history/the-location-interface/location-protocol-setter-non-broken-expected.txt) (0 => 229191)
--- trunk/LayoutTests/platform/mac-wk1/http/wpt/html/browsers/history/the-location-interface/location-protocol-setter-non-broken-async-delegate-expected.txt (rev 0)
+++ trunk/LayoutTests/platform/mac-wk1/http/wpt/html/browsers/history/the-location-interface/location-protocol-setter-non-broken-async-delegate-expected.txt 2018-03-02 23:14:33 UTC (rev 229191)
@@ -0,0 +1,14 @@
+
+PASS Set HTTP URL frame location.protocol to x
+PASS Set data URL frame location.protocol to x
+PASS Set HTTP URL frame location.protocol to data
+FAIL Set data URL frame location.protocol to data The object can not be cloned.
+PASS Set HTTP URL frame location.protocol to file
+PASS Set data URL frame location.protocol to file
+PASS Set HTTP URL frame location.protocol to ftp
+PASS Set data URL frame location.protocol to ftp
+PASS Set HTTP URL frame location.protocol to gopher
+PASS Set data URL frame location.protocol to gopher
+PASS Set HTTP URL frame location.protocol to http+x
+PASS Set data URL frame location.protocol to http+x
+
Modified: trunk/Source/WebCore/ChangeLog (229190 => 229191)
--- trunk/Source/WebCore/ChangeLog 2018-03-02 22:55:12 UTC (rev 229190)
+++ trunk/Source/WebCore/ChangeLog 2018-03-02 23:14:33 UTC (rev 229191)
@@ -1,3 +1,29 @@
+2018-03-02 Chris Dumez <cdu...@apple.com>
+
+ imported/w3c/web-platform-tests/html/browsers/history/the-location-interface/location-protocol-setter-non-broken.html crashes with async policy delegates
+ https://bugs.webkit.org/show_bug.cgi?id=183294
+ <rdar://problem/38073596>
+
+ Reviewed by Youenn Fablet.
+
+ Drop code that was added to SubresourceLoader::willCancel() in r228852. The purpose of this code
+ was to make sure that SubresourceLoader::m_policyForResponseCompletionHandler always gets called,
+ even when the load is cancelled. However, this code is not needed (since m_policyForResponseCompletionHandler
+ is a CompletionHandler, an assertion will be hit if we fail to call it and we'll know). Calling
+ the completionHandler inside SubresourceLoader::willCancel() is too early and leads to crashes.
+
+ The completionHandler currently gets called DocumentLoader::responseReceived() via a call to
+ mainResourceLoader->didReceiveResponsePolicy(). Note that in r229177, we made sure that the
+ call to didReceiveResponsePolicy() happens *after* the call to continueAfterContentPolicy()
+ to maintain our non-async policy delegate behavior. However, continueAfterContentPolicy()
+ would end up calling willCancel() and call the completionHandler when shouldContinue was
+ false.
+
+ Test: http/wpt/html/browsers/history/the-location-interface/location-protocol-setter-non-broken-async-delegate.html
+
+ * loader/SubresourceLoader.cpp:
+ (WebCore::SubresourceLoader::willCancel):
+
2018-03-02 Tim Horton <timothy_hor...@apple.com>
Fix the build after r229185 and r229184
Modified: trunk/Source/WebCore/loader/SubresourceLoader.cpp (229190 => 229191)
--- trunk/Source/WebCore/loader/SubresourceLoader.cpp 2018-03-02 22:55:12 UTC (rev 229190)
+++ trunk/Source/WebCore/loader/SubresourceLoader.cpp 2018-03-02 23:14:33 UTC (rev 229191)
@@ -674,9 +674,6 @@
ASSERT(!reachedTerminalState());
LOG(ResourceLoading, "Cancelled load of '%s'.\n", m_resource->url().string().latin1().data());
- if (auto policyForResponseCompletionHandler = WTFMove(m_policyForResponseCompletionHandler))
- policyForResponseCompletionHandler();
-
Ref<SubresourceLoader> protectedThis(*this);
#if PLATFORM(IOS)
m_state = m_state == Uninitialized ? CancelledWhileInitializing : Finishing;