- Revision
- 254408
- Author
- [email protected]
- Date
- 2020-01-11 17:25:25 -0800 (Sat, 11 Jan 2020)
Log Message
[WebCore] Fix crash in module loader due to change in fragment reservation
https://bugs.webkit.org/show_bug.cgi?id=206125
Reviewed by Dean Jackson.
LayoutTests/imported/w3c:
* web-platform-tests/html/semantics/scripting-1/the-script-element/module/import-meta/import-meta-url-expected.txt:
Source/WebCore:
At some point, CachedResource::url() starts returning URL without fragment.
However, this was invariant in ScriptModuleLoader, so one of WPT test is crashing.
We save source URL so that we preserve fragment information.
Still we need to have fragment information after the redirect to fix a bug filed in [1].
[1]: https://bugs.webkit.org/show_bug.cgi?id=205294
* bindings/js/CachedModuleScriptLoader.cpp:
(WebCore::CachedModuleScriptLoader::load):
* bindings/js/CachedModuleScriptLoader.h:
* bindings/js/ScriptModuleLoader.cpp:
(WebCore::ScriptModuleLoader::notifyFinished):
LayoutTests:
* TestExpectations:
Modified Paths
Diff
Modified: trunk/LayoutTests/ChangeLog (254407 => 254408)
--- trunk/LayoutTests/ChangeLog 2020-01-12 00:49:34 UTC (rev 254407)
+++ trunk/LayoutTests/ChangeLog 2020-01-12 01:25:25 UTC (rev 254408)
@@ -1,3 +1,12 @@
+2020-01-10 Yusuke Suzuki <[email protected]>
+
+ [WebCore] Fix crash in module loader due to change in fragment reservation
+ https://bugs.webkit.org/show_bug.cgi?id=206125
+
+ Reviewed by Dean Jackson.
+
+ * TestExpectations:
+
2020-01-11 Noam Rosenthal <[email protected]>
Support image-set() standard syntax
Modified: trunk/LayoutTests/TestExpectations (254407 => 254408)
--- trunk/LayoutTests/TestExpectations 2020-01-12 00:49:34 UTC (rev 254407)
+++ trunk/LayoutTests/TestExpectations 2020-01-12 01:25:25 UTC (rev 254408)
@@ -338,7 +338,6 @@
imported/w3c/web-platform-tests/html/infrastructure/urls/resolving-urls/query-encoding/utf-16le.html [ Skip ]
imported/w3c/web-platform-tests/html/infrastructure/urls/resolving-urls/query-encoding/utf-8.html [ Skip ]
imported/w3c/web-platform-tests/html/browsers/browsing-the-web/history-traversal/browsing_context_name_cross_origin_2.html [ Skip ]
-imported/w3c/web-platform-tests/html/semantics/scripting-1/the-script-element/module/import-meta/import-meta-url.html [ Skip ]
imported/w3c/web-platform-tests/html/browsers/offline/application-cache-api/api_update.https.html [ Skip ]
imported/w3c/web-platform-tests/cors/image-tainting-in-cross-origin-iframe.sub.html [ Skip ]
imported/w3c/web-platform-tests/dom/events/EventListener-incumbent-global-1.sub.html [ Skip ]
Modified: trunk/LayoutTests/imported/w3c/ChangeLog (254407 => 254408)
--- trunk/LayoutTests/imported/w3c/ChangeLog 2020-01-12 00:49:34 UTC (rev 254407)
+++ trunk/LayoutTests/imported/w3c/ChangeLog 2020-01-12 01:25:25 UTC (rev 254408)
@@ -1,3 +1,12 @@
+2020-01-10 Yusuke Suzuki <[email protected]>
+
+ [WebCore] Fix crash in module loader due to change in fragment reservation
+ https://bugs.webkit.org/show_bug.cgi?id=206125
+
+ Reviewed by Dean Jackson.
+
+ * web-platform-tests/html/semantics/scripting-1/the-script-element/module/import-meta/import-meta-url-expected.txt:
+
2020-01-11 Cathie Chen <[email protected]>
Import WPT test cases for 2dcontext/imagebitmap
Modified: trunk/LayoutTests/imported/w3c/web-platform-tests/html/semantics/scripting-1/the-script-element/module/import-meta/import-meta-url-expected.txt (254407 => 254408)
--- trunk/LayoutTests/imported/w3c/web-platform-tests/html/semantics/scripting-1/the-script-element/module/import-meta/import-meta-url-expected.txt 2020-01-12 00:49:34 UTC (rev 254407)
+++ trunk/LayoutTests/imported/w3c/web-platform-tests/html/semantics/scripting-1/the-script-element/module/import-meta/import-meta-url-expected.txt 2020-01-12 01:25:25 UTC (rev 254408)
@@ -0,0 +1,9 @@
+
+PASS import.meta.url in a root inline script
+PASS import.meta.url in a root external script
+PASS import.meta.url in a dependent external script
+PASS import.meta is an object
+PASS import.meta is extensible
+PASS import.meta's properties are writable, configurable, and enumerable
+PASS import.meta.url when importing the module with different fragments
+
Modified: trunk/Source/WebCore/ChangeLog (254407 => 254408)
--- trunk/Source/WebCore/ChangeLog 2020-01-12 00:49:34 UTC (rev 254407)
+++ trunk/Source/WebCore/ChangeLog 2020-01-12 01:25:25 UTC (rev 254408)
@@ -1,3 +1,24 @@
+2020-01-10 Yusuke Suzuki <[email protected]>
+
+ [WebCore] Fix crash in module loader due to change in fragment reservation
+ https://bugs.webkit.org/show_bug.cgi?id=206125
+
+ Reviewed by Dean Jackson.
+
+ At some point, CachedResource::url() starts returning URL without fragment.
+ However, this was invariant in ScriptModuleLoader, so one of WPT test is crashing.
+
+ We save source URL so that we preserve fragment information.
+ Still we need to have fragment information after the redirect to fix a bug filed in [1].
+
+ [1]: https://bugs.webkit.org/show_bug.cgi?id=205294
+
+ * bindings/js/CachedModuleScriptLoader.cpp:
+ (WebCore::CachedModuleScriptLoader::load):
+ * bindings/js/CachedModuleScriptLoader.h:
+ * bindings/js/ScriptModuleLoader.cpp:
+ (WebCore::ScriptModuleLoader::notifyFinished):
+
2020-01-11 Zalan Bujtas <[email protected]>
[LFC] isOkToAccessDisplayBox should return false on formatting context root access.
Modified: trunk/Source/WebCore/bindings/js/CachedModuleScriptLoader.cpp (254407 => 254408)
--- trunk/Source/WebCore/bindings/js/CachedModuleScriptLoader.cpp 2020-01-12 00:49:34 UTC (rev 254407)
+++ trunk/Source/WebCore/bindings/js/CachedModuleScriptLoader.cpp 2020-01-12 01:25:25 UTC (rev 254408)
@@ -68,6 +68,7 @@
m_cachedScript = m_scriptFetcher->requestModuleScript(document, sourceURL, WTFMove(integrity));
if (!m_cachedScript)
return false;
+ m_sourceURL = sourceURL;
// If the content is already cached, this immediately calls notifyFinished.
m_cachedScript->addClient(*this);
Modified: trunk/Source/WebCore/bindings/js/CachedModuleScriptLoader.h (254407 => 254408)
--- trunk/Source/WebCore/bindings/js/CachedModuleScriptLoader.h 2020-01-12 00:49:34 UTC (rev 254407)
+++ trunk/Source/WebCore/bindings/js/CachedModuleScriptLoader.h 2020-01-12 01:25:25 UTC (rev 254408)
@@ -30,6 +30,7 @@
#include <wtf/Ref.h>
#include <wtf/RefCounted.h>
#include <wtf/RefPtr.h>
+#include <wtf/URL.h>
namespace WebCore {
@@ -52,6 +53,7 @@
CachedScriptFetcher& scriptFetcher() { return m_scriptFetcher.get(); }
CachedScript* cachedScript() { return m_cachedScript.get(); }
ModuleFetchParameters* parameters() { return m_parameters.get(); }
+ const URL& sourceURL() const { return m_sourceURL; }
void clearClient()
{
@@ -69,6 +71,7 @@
Ref<CachedScriptFetcher> m_scriptFetcher;
RefPtr<ModuleFetchParameters> m_parameters;
CachedResourceHandle<CachedScript> m_cachedScript;
+ URL m_sourceURL;
};
} // namespace WebCore
Modified: trunk/Source/WebCore/bindings/js/ScriptModuleLoader.cpp (254407 => 254408)
--- trunk/Source/WebCore/bindings/js/ScriptModuleLoader.cpp 2020-01-12 00:49:34 UTC (rev 254407)
+++ trunk/Source/WebCore/bindings/js/ScriptModuleLoader.cpp 2020-01-12 01:25:25 UTC (rev 254408)
@@ -281,6 +281,7 @@
{
// https://html.spec.whatwg.org/multipage/webappapis.html#fetch-a-single-module-script
+ URL sourceURL = loader.sourceURL();
if (!m_loaders.remove(&loader))
return;
loader.clearClient();
@@ -317,7 +318,7 @@
}
}
- m_requestURLToResponseURLMap.add(cachedScript.url(), cachedScript.response().url());
+ m_requestURLToResponseURLMap.add(WTFMove(sourceURL), cachedScript.response().url());
promise->resolveWithCallback([&] (JSDOMGlobalObject& jsGlobalObject) {
return JSC::JSSourceCode::create(jsGlobalObject.vm(),
JSC::SourceCode { ScriptSourceCode { &cachedScript, JSC::SourceProviderSourceType::Module, loader.scriptFetcher() }.jsSourceCode() });
