Title: [253501] trunk
- Revision
- 253501
- Author
- [email protected]
- Date
- 2019-12-13 14:38:25 -0800 (Fri, 13 Dec 2019)
Log Message
Allow cross-origin requests to WKURLSchemeHandlers
https://bugs.webkit.org/show_bug.cgi?id=205198
<rdar://problem/57897836>
Patch by Alex Christensen <[email protected]> on 2019-12-13
Reviewed by Brady Eidson.
Source/WebKit:
Covered by an API test.
* UIProcess/API/Cocoa/WKURLSchemeTask.h:
Document the requirements for cross-origin requests.
* WebProcess/WebPage/WebPage.cpp:
(WebKit::WebPage::registerURLSchemeHandler):
When we register a scheme handler, allow cross origin resources for that scheme.
This will make the check in DocumentThreadableLoader::checkURLSchemeAsCORSEnabled allow the request to get to the WKURLSchemeHandler.
The resposne must still have CORS header fields in order for the data to get to the web content, like CORS with HTTP.
Tools:
* TestWebKitAPI/Tests/WebKitCocoa/WKURLSchemeHandler-1.mm:
Verify that a cross origin request is received by the WKURLSchemeHandler. It was not before.
Verify that loading will fail unless there are CORS headers in the response.
Modified Paths
Diff
Modified: trunk/Source/WebKit/ChangeLog (253500 => 253501)
--- trunk/Source/WebKit/ChangeLog 2019-12-13 22:37:52 UTC (rev 253500)
+++ trunk/Source/WebKit/ChangeLog 2019-12-13 22:38:25 UTC (rev 253501)
@@ -1,3 +1,21 @@
+2019-12-13 Alex Christensen <[email protected]>
+
+ Allow cross-origin requests to WKURLSchemeHandlers
+ https://bugs.webkit.org/show_bug.cgi?id=205198
+ <rdar://problem/57897836>
+
+ Reviewed by Brady Eidson.
+
+ Covered by an API test.
+
+ * UIProcess/API/Cocoa/WKURLSchemeTask.h:
+ Document the requirements for cross-origin requests.
+ * WebProcess/WebPage/WebPage.cpp:
+ (WebKit::WebPage::registerURLSchemeHandler):
+ When we register a scheme handler, allow cross origin resources for that scheme.
+ This will make the check in DocumentThreadableLoader::checkURLSchemeAsCORSEnabled allow the request to get to the WKURLSchemeHandler.
+ The resposne must still have CORS header fields in order for the data to get to the web content, like CORS with HTTP.
+
2019-12-13 Wenson Hsieh <[email protected]>
Implement encoding/decoding for DisplayList::DrawNativeImage
Modified: trunk/Source/WebKit/UIProcess/API/Cocoa/WKURLSchemeTask.h (253500 => 253501)
--- trunk/Source/WebKit/UIProcess/API/Cocoa/WKURLSchemeTask.h 2019-12-13 22:37:52 UTC (rev 253500)
+++ trunk/Source/WebKit/UIProcess/API/Cocoa/WKURLSchemeTask.h 2019-12-13 22:38:25 UTC (rev 253501)
@@ -39,6 +39,7 @@
/*! @abstract Set the current response object for the task.
@param response The response to use.
@discussion This method must be called at least once for each URL scheme handler task.
+ Cross-origin requests require CORS header fields.
An exception will be thrown if you try to send a new response object after the task has already been completed.
An exception will be thrown if your app has been told to stop loading this task via the registered WKURLSchemeHandler object.
*/
Modified: trunk/Source/WebKit/WebProcess/WebPage/WebPage.cpp (253500 => 253501)
--- trunk/Source/WebKit/WebProcess/WebPage/WebPage.cpp 2019-12-13 22:37:52 UTC (rev 253500)
+++ trunk/Source/WebKit/WebProcess/WebPage/WebPage.cpp 2019-12-13 22:38:25 UTC (rev 253501)
@@ -6445,6 +6445,7 @@
void WebPage::registerURLSchemeHandler(uint64_t handlerIdentifier, const String& scheme)
{
+ WebCore::LegacySchemeRegistry::registerURLSchemeAsCORSEnabled(scheme);
auto schemeResult = m_schemeToURLSchemeHandlerProxyMap.add(scheme, WebURLSchemeHandlerProxy::create(*this, handlerIdentifier));
m_identifierToURLSchemeHandlerProxyMap.add(handlerIdentifier, schemeResult.iterator->value.get());
}
Modified: trunk/Tools/ChangeLog (253500 => 253501)
--- trunk/Tools/ChangeLog 2019-12-13 22:37:52 UTC (rev 253500)
+++ trunk/Tools/ChangeLog 2019-12-13 22:38:25 UTC (rev 253501)
@@ -1,3 +1,15 @@
+2019-12-13 Alex Christensen <[email protected]>
+
+ Allow cross-origin requests to WKURLSchemeHandlers
+ https://bugs.webkit.org/show_bug.cgi?id=205198
+ <rdar://problem/57897836>
+
+ Reviewed by Brady Eidson.
+
+ * TestWebKitAPI/Tests/WebKitCocoa/WKURLSchemeHandler-1.mm:
+ Verify that a cross origin request is received by the WKURLSchemeHandler. It was not before.
+ Verify that loading will fail unless there are CORS headers in the response.
+
2019-12-13 Devin Rousso <[email protected]>
Teach prepare-ChangeLog about _javascript_ async functions
Modified: trunk/Tools/TestWebKitAPI/Tests/WebKitCocoa/WKURLSchemeHandler-1.mm (253500 => 253501)
--- trunk/Tools/TestWebKitAPI/Tests/WebKitCocoa/WKURLSchemeHandler-1.mm 2019-12-13 22:37:52 UTC (rev 253500)
+++ trunk/Tools/TestWebKitAPI/Tests/WebKitCocoa/WKURLSchemeHandler-1.mm 2019-12-13 22:38:25 UTC (rev 253501)
@@ -30,6 +30,7 @@
#import "TestNavigationDelegate.h"
#import "TestURLSchemeHandler.h"
#import "TestWKWebView.h"
+#import <WebKit/WKProcessPoolPrivate.h>
#import <WebKit/WKURLSchemeHandler.h>
#import <WebKit/WKURLSchemeTaskPrivate.h>
#import <WebKit/WKWebViewConfigurationPrivate.h>
@@ -748,3 +749,57 @@
theTask = nil;
})->waitForCompletion();
}
+
+TEST(URLSchemeHandler, CORS)
+{
+ auto handler = adoptNS([[TestURLSchemeHandler alloc] init]);
+ auto configuration = adoptNS([[WKWebViewConfiguration alloc] init]);
+ [configuration setURLSchemeHandler:handler.get() forURLScheme:@"cors"];
+ auto webView = adoptNS([[TestWKWebView alloc] initWithFrame:CGRectMake(0, 0, 800, 600) configuration:configuration.get()]);
+
+ __block bool done = false;
+ __block bool includeCORSHeaderFieldInResponse = false;
+ __block bool corssuccess = false;
+ __block bool corsfailure = false;
+ [handler setStartURLSchemeTaskHandler:^(WKWebView *, id<WKURLSchemeTask> task) {
+ if ([task.request.URL.path isEqualToString:@"/main.html"]) {
+ NSData *data = "" dataUsingEncoding:NSUTF8StringEncoding];
+ [task didReceiveResponse:[[[NSURLResponse alloc] initWithURL:task.request.URL MIMEType:@"text/html" expectedContentLength:data.length textEncodingName:nil] autorelease]];
+ [task didReceiveData:data];
+ [task didFinish];
+ } else if ([task.request.URL.path isEqualToString:@"/corsresource"]) {
+ if (includeCORSHeaderFieldInResponse) {
+ [task didReceiveResponse:[[[NSHTTPURLResponse alloc] initWithURL:task.request.URL statusCode:200 HTTPVersion:nil headerFields:@{
+ @"Access-Control-Allow-Origin": @"*",
+ @"Content-Length": @"2",
+ @"Content-Type":@"text/html"
+ }] autorelease]];
+ } else
+ [task didReceiveResponse:[[[NSURLResponse alloc] initWithURL:task.request.URL MIMEType:@"text/html" expectedContentLength:0 textEncodingName:nil] autorelease]];
+ [task didReceiveData:[@"HI" dataUsingEncoding:NSUTF8StringEncoding]];
+ [task didFinish];
+ } else if ([task.request.URL.path isEqualToString:@"/corssuccess"]) {
+ corssuccess = true;
+ done = true;
+ } else if ([task.request.URL.path isEqualToString:@"/corsfailure"]) {
+ corsfailure = true;
+ done = true;
+ }
+ }];
+
+ [webView loadRequest:[NSURLRequest requestWithURL:[NSURL URLWithString:@"cors://host1/main.html"]]];
+ TestWebKitAPI::Util::run(&done);
+ EXPECT_TRUE(corsfailure);
+ EXPECT_FALSE(corssuccess);
+
+ corsfailure = false;
+ corssuccess = false;
+ done = false;
+
+ includeCORSHeaderFieldInResponse = true;
+
+ [webView loadRequest:[NSURLRequest requestWithURL:[NSURL URLWithString:@"cors://host1/main.html"]]];
+ TestWebKitAPI::Util::run(&done);
+ EXPECT_TRUE(corssuccess);
+ EXPECT_FALSE(corsfailure);
+}
_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes
