Diff
Modified: branches/safari-609-branch/Source/WebCore/ChangeLog (254644 => 254645)
--- branches/safari-609-branch/Source/WebCore/ChangeLog 2020-01-15 23:07:19 UTC (rev 254644)
+++ branches/safari-609-branch/Source/WebCore/ChangeLog 2020-01-15 23:07:23 UTC (rev 254645)
@@ -1,5 +1,56 @@
2020-01-15 Alan Coon <[email protected]>
+ Cherry-pick r254089. rdar://problem/58606252
+
+ XMLHTTPRequest POSTs blob data to a custom WKURLSchemeHandler protocol crash
+ https://bugs.webkit.org/show_bug.cgi?id=205685
+
+ Reviewed by Alex Christensen.
+
+ Source/WebCore:
+
+ There is no blob registry in the UIProcess.
+ This should not matter since we do not yet support blobs in custom scheme handlers.
+ But we are calling the blob registry when creating a request body, which does not work in UIProcess.
+ Instead, pass a lambda that will be called in case of blobs.
+ Covered by API test.
+
+ * platform/network/FormData.cpp:
+ (WebCore::FormDataElement::lengthInBytes const):
+ (WebCore::FormData::resolveBlobReferences):
+ * platform/network/FormData.h:
+ * platform/network/cf/FormDataStreamCFNet.cpp:
+ (WebCore::createHTTPBodyCFReadStream):
+
+ Tools:
+
+ * TestWebKitAPI/Tests/WebKitCocoa/WKURLSchemeHandler-1.mm:
+
+
+ git-svn-id: https://svn.webkit.org/repository/webkit/trunk@254089 268f45cc-cd09-0410-ab3c-d52691b4dbfc
+
+ 2020-01-06 youenn fablet <[email protected]>
+
+ XMLHTTPRequest POSTs blob data to a custom WKURLSchemeHandler protocol crash
+ https://bugs.webkit.org/show_bug.cgi?id=205685
+
+ Reviewed by Alex Christensen.
+
+ There is no blob registry in the UIProcess.
+ This should not matter since we do not yet support blobs in custom scheme handlers.
+ But we are calling the blob registry when creating a request body, which does not work in UIProcess.
+ Instead, pass a lambda that will be called in case of blobs.
+ Covered by API test.
+
+ * platform/network/FormData.cpp:
+ (WebCore::FormDataElement::lengthInBytes const):
+ (WebCore::FormData::resolveBlobReferences):
+ * platform/network/FormData.h:
+ * platform/network/cf/FormDataStreamCFNet.cpp:
+ (WebCore::createHTTPBodyCFReadStream):
+
+2020-01-15 Alan Coon <[email protected]>
+
Cherry-pick r254007. rdar://problem/58605939
REGRESSION: [iOS 13] webrtc/datachannel/mdns-ice-candidates.html is failing
Modified: branches/safari-609-branch/Source/WebCore/platform/network/FormData.cpp (254644 => 254645)
--- branches/safari-609-branch/Source/WebCore/platform/network/FormData.cpp 2020-01-15 23:07:19 UTC (rev 254644)
+++ branches/safari-609-branch/Source/WebCore/platform/network/FormData.cpp 2020-01-15 23:07:23 UTC (rev 254645)
@@ -123,9 +123,9 @@
return formData;
}
-static inline uint64_t computeLengthInBytes(const FormDataElement& element, const Function<uint64_t(const URL&)>& blobSize)
+uint64_t FormDataElement::lengthInBytes(const Function<uint64_t(const URL&)>& blobSize) const
{
- return switchOn(element.data,
+ return switchOn(data,
[] (const Vector<char>& bytes) {
return static_cast<uint64_t>(bytes.size());
}, [] (const FormDataElement::EncodedFileData& fileData) {
@@ -141,16 +141,9 @@
);
}
-uint64_t FormDataElement::lengthInBytes(BlobRegistryImpl* blobRegistry) const
-{
- return computeLengthInBytes(*this, [&](auto& url) {
- return blobRegistry ? blobRegistry->blobSize(url) : 0;
- });
-}
-
uint64_t FormDataElement::lengthInBytes() const
{
- return computeLengthInBytes(*this, [](auto& url) {
+ return lengthInBytes([](auto& url) {
return blobRegistry().blobSize(url);
});
}
@@ -323,7 +316,7 @@
}
}
-Ref<FormData> FormData::resolveBlobReferences(BlobRegistryImpl* blobRegistry)
+Ref<FormData> FormData::resolveBlobReferences(BlobRegistryImpl* blobRegistryImpl)
{
// First check if any blobs needs to be resolved, or we can take the fast path.
bool hasBlob = false;
@@ -349,7 +342,7 @@
}, [&] (const FormDataElement::EncodedFileData& fileData) {
newFormData->appendFileRange(fileData.filename, fileData.fileStart, fileData.fileLength, fileData.expectedFileModificationTime);
}, [&] (const FormDataElement::EncodedBlobData& blobData) {
- appendBlobResolved(blobRegistry, newFormData.get(), blobData.url);
+ appendBlobResolved(blobRegistryImpl ? blobRegistryImpl : blobRegistry().blobRegistryImpl(), newFormData.get(), blobData.url);
}
);
}
Modified: branches/safari-609-branch/Source/WebCore/platform/network/FormData.h (254644 => 254645)
--- branches/safari-609-branch/Source/WebCore/platform/network/FormData.h 2020-01-15 23:07:19 UTC (rev 254644)
+++ branches/safari-609-branch/Source/WebCore/platform/network/FormData.h 2020-01-15 23:07:23 UTC (rev 254645)
@@ -50,7 +50,7 @@
explicit FormDataElement(const URL& blobURL)
: data(EncodedBlobData { blobURL }) { }
- uint64_t lengthInBytes(BlobRegistryImpl*) const;
+ uint64_t lengthInBytes(const Function<uint64_t(const URL&)>&) const;
uint64_t lengthInBytes() const;
FormDataElement isolatedCopy() const;
@@ -220,7 +220,7 @@
// Resolve all blob references so we only have file and data.
// If the FormData has no blob references to resolve, this is returned.
- WEBCORE_EXPORT Ref<FormData> resolveBlobReferences(BlobRegistryImpl*);
+ WEBCORE_EXPORT Ref<FormData> resolveBlobReferences(BlobRegistryImpl* = nullptr);
WEBCORE_EXPORT FormDataForUpload prepareForUpload();
Modified: branches/safari-609-branch/Source/WebCore/platform/network/cf/FormDataStreamCFNet.cpp (254644 => 254645)
--- branches/safari-609-branch/Source/WebCore/platform/network/cf/FormDataStreamCFNet.cpp 2020-01-15 23:07:19 UTC (rev 254644)
+++ branches/safari-609-branch/Source/WebCore/platform/network/cf/FormDataStreamCFNet.cpp 2020-01-15 23:07:23 UTC (rev 254645)
@@ -29,8 +29,7 @@
#include "config.h"
#include "FormDataStreamCFNet.h"
-#include "BlobData.h"
-#include "BlobRegistry.h"
+#include "BlobRegistryImpl.h"
#include "FormData.h"
#include <sys/stat.h>
#include <sys/types.h>
@@ -371,14 +370,16 @@
RetainPtr<CFReadStreamRef> createHTTPBodyCFReadStream(FormData& formData)
{
- auto resolvedFormData = formData.resolveBlobReferences(blobRegistry().blobRegistryImpl());
+ auto resolvedFormData = formData.resolveBlobReferences();
auto dataForUpload = resolvedFormData->prepareForUpload();
// Precompute the content length so CFNetwork doesn't use chunked mode.
unsigned long long length = 0;
- for (auto& element : dataForUpload.data().elements())
- length += element.lengthInBytes(blobRegistry().blobRegistryImpl());
-
+ for (auto& element : dataForUpload.data().elements()) {
+ length += element.lengthInBytes([](auto& url) {
+ return blobRegistry().blobRegistryImpl()->blobSize(url);
+ });
+ }
FormCreationContext* formContext = new FormCreationContext { WTFMove(dataForUpload), length };
CFReadStreamCallBacksV1 callBacks = { 1, formCreate, formFinalize, nullptr, formOpen, nullptr, formRead, nullptr, formCanRead, formClose, formCopyProperty, nullptr, nullptr, formSchedule, formUnschedule };
return adoptCF(CFReadStreamCreate(nullptr, static_cast<const void*>(&callBacks), formContext));
Modified: branches/safari-609-branch/Tools/ChangeLog (254644 => 254645)
--- branches/safari-609-branch/Tools/ChangeLog 2020-01-15 23:07:19 UTC (rev 254644)
+++ branches/safari-609-branch/Tools/ChangeLog 2020-01-15 23:07:23 UTC (rev 254645)
@@ -1,5 +1,45 @@
2020-01-15 Alan Coon <[email protected]>
+ Cherry-pick r254089. rdar://problem/58606252
+
+ XMLHTTPRequest POSTs blob data to a custom WKURLSchemeHandler protocol crash
+ https://bugs.webkit.org/show_bug.cgi?id=205685
+
+ Reviewed by Alex Christensen.
+
+ Source/WebCore:
+
+ There is no blob registry in the UIProcess.
+ This should not matter since we do not yet support blobs in custom scheme handlers.
+ But we are calling the blob registry when creating a request body, which does not work in UIProcess.
+ Instead, pass a lambda that will be called in case of blobs.
+ Covered by API test.
+
+ * platform/network/FormData.cpp:
+ (WebCore::FormDataElement::lengthInBytes const):
+ (WebCore::FormData::resolveBlobReferences):
+ * platform/network/FormData.h:
+ * platform/network/cf/FormDataStreamCFNet.cpp:
+ (WebCore::createHTTPBodyCFReadStream):
+
+ Tools:
+
+ * TestWebKitAPI/Tests/WebKitCocoa/WKURLSchemeHandler-1.mm:
+
+
+ git-svn-id: https://svn.webkit.org/repository/webkit/trunk@254089 268f45cc-cd09-0410-ab3c-d52691b4dbfc
+
+ 2020-01-06 youenn fablet <[email protected]>
+
+ XMLHTTPRequest POSTs blob data to a custom WKURLSchemeHandler protocol crash
+ https://bugs.webkit.org/show_bug.cgi?id=205685
+
+ Reviewed by Alex Christensen.
+
+ * TestWebKitAPI/Tests/WebKitCocoa/WKURLSchemeHandler-1.mm:
+
+2020-01-15 Alan Coon <[email protected]>
+
Cherry-pick r254389. rdar://problem/58548648
REGRESSION(r185816): In the Hong Kong locale, navigator.language reports it's in the Taiwan locale
Modified: branches/safari-609-branch/Tools/TestWebKitAPI/Tests/WebKitCocoa/WKURLSchemeHandler-1.mm (254644 => 254645)
--- branches/safari-609-branch/Tools/TestWebKitAPI/Tests/WebKitCocoa/WKURLSchemeHandler-1.mm 2020-01-15 23:07:19 UTC (rev 254644)
+++ branches/safari-609-branch/Tools/TestWebKitAPI/Tests/WebKitCocoa/WKURLSchemeHandler-1.mm 2020-01-15 23:07:23 UTC (rev 254645)
@@ -623,6 +623,12 @@
}
{
var xhr = new XMLHttpRequest();
+ xhr.open('POST', '/string-upload');
+ var upload = xhr.upload;
+ xhr.send('foo=bar2');
+ }
+ {
+ var xhr = new XMLHttpRequest();
xhr.open('POST', '/document');
xhr.send(window.document);
}
@@ -665,6 +671,21 @@
reached = true;
EXPECT_EQ(task.request.HTTPBody.length, 7u);
EXPECT_STREQ(static_cast<const char*>(task.request.HTTPBody.bytes), "foo=bar");
+ } else if ([task.request.URL.absoluteString isEqualToString:@"xhrpost://example/string-upload"]) {
+ static bool reached;
+ EXPECT_FALSE(reached);
+ reached = true;
+ auto stream = task.request.HTTPBodyStream;
+ EXPECT_TRUE(!!stream);
+ [stream open];
+ EXPECT_TRUE(stream.hasBytesAvailable);
+ uint8_t buffer[9];
+ memset(buffer, 0, 9);
+ auto length = [stream read:buffer maxLength:9];
+ EXPECT_EQ(length, 8);
+ EXPECT_STREQ(reinterpret_cast<const char*>(buffer), "foo=bar2");
+ EXPECT_FALSE(stream.hasBytesAvailable);
+ [stream close];
} else if ([task.request.URL.absoluteString isEqualToString:@"xhrpost://example/arraybuffer"]) {
static bool reached;
EXPECT_FALSE(reached);
@@ -704,7 +725,7 @@
[task didReceiveResponse:response.get()];
[task didFinish];
- if (++seenTasks == 4)
+ if (++seenTasks == 5)
done = true;
}];
