[webkit-changes] [283913] branches/safari-612-branch

Mon, 11 Oct 2021 11:17:27 -0700

Title: [283913] branches/safari-612-branch

Diff

Modified: branches/safari-612-branch/LayoutTests/imported/w3c/ChangeLog (283912 => 283913)


--- branches/safari-612-branch/LayoutTests/imported/w3c/ChangeLog	2021-10-11 18:05:45 UTC (rev 283912)
+++ branches/safari-612-branch/LayoutTests/imported/w3c/ChangeLog	2021-10-11 18:16:38 UTC (rev 283913)
@@ -1,3 +1,16 @@
+2021-08-31  Chris Dumez  <[email protected]>
+
+        [COOP] html/cross-origin-opener-policy/coop-same-origin-allow-popups-document-write.html WPT test is failing
+        https://bugs.webkit.org/show_bug.cgi?id=229692
+
+        Reviewed by Darin Adler.
+
+        * web-platform-tests/html/cross-origin-opener-policy/coop-same-origin-allow-popups-document-write-expected.txt:
+        Rebaseline WPT test that is now passing.
+
+        * web-platform-tests/html/cross-origin-opener-policy/coop-same-origin-allow-popups-document-write.html:
+        Merge typo fix from https://github.com/web-platform-tests/wpt/commit/0adccdd2cd38e2217a11d3d6dd14260f32a8a0a6
+
 2021-08-30  Chris Dumez  <[email protected]>
 
         Resync COOP / COEP WPT tests from upstream

Modified: branches/safari-612-branch/LayoutTests/imported/w3c/web-platform-tests/html/cross-origin-opener-policy/coop-same-origin-allow-popups-document-write-expected.txt (283912 => 283913)


--- branches/safari-612-branch/LayoutTests/imported/w3c/web-platform-tests/html/cross-origin-opener-policy/coop-same-origin-allow-popups-document-write-expected.txt	2021-10-11 18:05:45 UTC (rev 283912)
+++ branches/safari-612-branch/LayoutTests/imported/w3c/web-platform-tests/html/cross-origin-opener-policy/coop-same-origin-allow-popups-document-write-expected.txt	2021-10-11 18:16:38 UTC (rev 283913)
@@ -1,3 +1,3 @@
 
-FAIL coop-same-origin-allow-popups-document-write assert_equals: opener == null expected "true" but got "false"
+PASS coop-same-origin-allow-popups-document-write

Modified: branches/safari-612-branch/LayoutTests/imported/w3c/web-platform-tests/html/cross-origin-opener-policy/coop-same-origin-allow-popups-document-write.html (283912 => 283913)


--- branches/safari-612-branch/LayoutTests/imported/w3c/web-platform-tests/html/cross-origin-opener-policy/coop-same-origin-allow-popups-document-write.html	2021-10-11 18:05:45 UTC (rev 283912)
+++ branches/safari-612-branch/LayoutTests/imported/w3c/web-platform-tests/html/cross-origin-opener-policy/coop-same-origin-allow-popups-document-write.html	2021-10-11 18:16:38 UTC (rev 283913)
@@ -52,7 +52,7 @@
   // for the openee' document to load and the various fetch() with the
   // dispatcher should be largely enough. However these aren't causal guarantee.
   // So wait a bit to be sure:
-  await new Promise(r => test.step_timeout(r, 1000));
+  await new Promise(r => t.step_timeout(r, 1000));
 
   // Check the opener see the openee as 'closed' after the navigation.
   send(opener_token, `

Modified: branches/safari-612-branch/Source/WebCore/ChangeLog (283912 => 283913)


--- branches/safari-612-branch/Source/WebCore/ChangeLog	2021-10-11 18:05:45 UTC (rev 283912)
+++ branches/safari-612-branch/Source/WebCore/ChangeLog	2021-10-11 18:16:38 UTC (rev 283913)
@@ -1,3 +1,52 @@
+2021-08-31  Chris Dumez  <[email protected]>
+
+        [COOP] html/cross-origin-opener-policy/coop-same-origin-allow-popups-document-write.html WPT test is failing
+        https://bugs.webkit.org/show_bug.cgi?id=229692
+
+        Reviewed by Darin Adler.
+
+        The test does the following:
+        1. An opener document with `COOP=same-origin-allow-popups` opens a new window that shows the initial empty document.
+           Note that the openee inherits `COOP=same-origin-allow-popups` from its opener.
+        2. The opener document then calls document.write() on the openee.
+           Note that, as per the HTML specification, this clears the 'is displaying initial empty document' flag.
+        3. The openee is navigated cross-origin to a destination without COOP.
+
+        Normally, `COOP=same-origin-allow-popups` would allow the popup to be navigated cross-origin as per the logic here [1]:
+        """
+        If all of the following are true:
+            - isInitialAboutBlank,
+            - activeDocumentCOOPValue's value is "same-origin-allow-popups".
+            - responseCOOPValue is "unsafe-none",
+        then return false (meaning, no context group switch).
+        """
+
+        However, because of the document.write() call at step 2, the isInitialAboutBlank flag is no longer true
+        and the check should fail, thus causing a browsing context group switch.
+
+        [1] https://html.spec.whatwg.org/multipage/origin.html#check-browsing-context-group-switch-coop-value
+
+        No new tests, rebaselined existing test.
+
+        * loader/DocumentLoader.cpp:
+        (WebCore::DocumentLoader::maybeLoadEmpty):
+        Replace the bad check to committedFirstRealDocumentLoad (which stays true after calling document.write()
+        on the initial empty document) with a check to !isDisplayingInitialEmptyDocument, which matches the
+        specification text. isDisplayingInitialEmptyDocument correctly becomes false after calling document.write()
+        on the initial empty document.
+
+        * loader/DocumentLoader.h:
+        (WebCore::DocumentLoader::crossOriginOpenerPolicy const):
+        * loader/FrameLoader.cpp:
+        (WebCore::FrameLoader::didBeginDocument):
+        Fix didBeginDocument() so that it doesn't overwrite the document's cross-origin-opener-policy when the
+        DocumentLoader does not know what the policy is. When opening a popup, Document::initSecurityContext()
+        will set the popup's cross-origin-opener-policy to the one of its opener. When didBeginDocument()
+        gets called later for the initial empty document, we don't want to overwrite the inherited policy
+        with a new default cross-origin-opener-policy of unsafe-none. The reason the DocumentLoader does not
+        have a policy for us is because this is the initial empty document and DocumentLoader's
+        doCrossOriginOpenerHandlingOfResponse() was thus never called with an actual network response.
+
 2021-08-24  Chris Dumez  <[email protected]>
 
         [WK2] Implement process-swapping based on Cross-Origin-Opener-Policy HTTP header

Modified: branches/safari-612-branch/Source/WebCore/loader/DocumentLoader.cpp (283912 => 283913)


--- branches/safari-612-branch/Source/WebCore/loader/DocumentLoader.cpp	2021-10-11 18:05:45 UTC (rev 283912)
+++ branches/safari-612-branch/Source/WebCore/loader/DocumentLoader.cpp	2021-10-11 18:16:38 UTC (rev 283913)
@@ -2023,7 +2023,7 @@
     String mimeType = shouldLoadEmpty ? "text/html" : frameLoader()->client().generatedMIMETypeForURLScheme(m_request.url().protocol().toStringWithoutCopying());
     m_response = ResourceResponse(m_request.url(), mimeType, 0, "UTF-8"_s);
 
-    if (frameLoader()->stateMachine().committedFirstRealDocumentLoad()) {
+    if (!frameLoader()->stateMachine().isDisplayingInitialEmptyDocument()) {
         doCrossOriginOpenerHandlingOfResponse(m_response);
 
         // FIXME: Non-initial about:blank loads may cause a browsing context group switch. However, such load is synchronous and doesn't

Modified: branches/safari-612-branch/Source/WebCore/loader/DocumentLoader.h (283912 => 283913)


--- branches/safari-612-branch/Source/WebCore/loader/DocumentLoader.h	2021-10-11 18:05:45 UTC (rev 283912)
+++ branches/safari-612-branch/Source/WebCore/loader/DocumentLoader.h	2021-10-11 18:16:38 UTC (rev 283913)
@@ -424,7 +424,7 @@
     void setLastNavigationWasAppInitiated(bool lastNavigationWasAppInitiated) { m_lastNavigationWasAppInitiated = lastNavigationWasAppInitiated; }
 
     ContentSecurityPolicy* contentSecurityPolicy() const { return m_contentSecurityPolicy.get(); }
-    CrossOriginOpenerPolicy crossOriginOpenerPolicy() const { return m_currentCoopEnforcementResult ? m_currentCoopEnforcementResult->crossOriginOpenerPolicy : CrossOriginOpenerPolicy { }; }
+    std::optional<CrossOriginOpenerPolicy> crossOriginOpenerPolicy() const { return m_currentCoopEnforcementResult ? std::make_optional(m_currentCoopEnforcementResult->crossOriginOpenerPolicy) : std::nullopt; }
 
     bool isContinuingLoadAfterResponsePolicyCheck() const { return m_isContinuingLoadAfterResponsePolicyCheck; }
     void setIsContinuingLoadAfterResponsePolicyCheck(bool isContinuingLoadAfterResponsePolicyCheck) { m_isContinuingLoadAfterResponsePolicyCheck = isContinuingLoadAfterResponsePolicyCheck; }

Modified: branches/safari-612-branch/Source/WebCore/loader/FrameLoader.cpp (283912 => 283913)


--- branches/safari-612-branch/Source/WebCore/loader/FrameLoader.cpp	2021-10-11 18:05:45 UTC (rev 283912)
+++ branches/safari-612-branch/Source/WebCore/loader/FrameLoader.cpp	2021-10-11 18:16:38 UTC (rev 283913)
@@ -772,8 +772,10 @@
         }
 
         // https://html.spec.whatwg.org/multipage/browsing-the-web.html#initialise-the-document-object (Step 7)
-        if (m_frame.isMainFrame())
-            m_frame.document()->setCrossOriginOpenerPolicy(m_documentLoader->crossOriginOpenerPolicy());
+        if (m_frame.isMainFrame()) {
+            if (auto crossOriginOpenerPolicy = m_documentLoader->crossOriginOpenerPolicy())
+                m_frame.document()->setCrossOriginOpenerPolicy(WTFMove(*crossOriginOpenerPolicy));
+        }
     }
 
     history().restoreDocumentState();

_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes

Reply via email to