[webkit-changes] [288219] trunk

[commit-queue]

Title: [288219] trunk

Revision

288219

Author

commit-qu...@webkit.org

Date

2022-01-19 11:37:40 -0800 (Wed, 19 Jan 2022)

Log Message

[ResourceTiming] nextHopProtocol is exposed regardless of Timing-Allow-Origin
https://bugs.webkit.org/show_bug.cgi?id=235294

Patch by Alex Christensen <achristen...@webkit.org> on 2022-01-19
Reviewed by Chris Dumez.

LayoutTests/imported/w3c:

* web-platform-tests/resource-timing/nextHopProtocol-is-tao-protected.https-expected.txt:

Source/WebCore:

Covered by an existing WPT test that starts passing.
This was recently fixed in Chromium in https://chromium-review.googlesource.com/c/chromium/src/+/3354335

* page/PerformanceResourceTiming.cpp:
(WebCore::PerformanceResourceTiming::nextHopProtocol const):

Modified Paths

• trunk/LayoutTests/imported/w3c/ChangeLog
• trunk/LayoutTests/imported/w3c/web-platform-tests/resource-timing/nextHopProtocol-is-tao-protected.https-expected.txt
• trunk/LayoutTests/imported/w3c/web-platform-tests/resource-timing/nextHopProtocol-tao-protected.https-expected.txt
• trunk/Source/WebCore/ChangeLog
• trunk/Source/WebCore/page/PerformanceResourceTiming.cpp

Removed Paths

• trunk/LayoutTests/platform/mac-wk1/imported/w3c/web-platform-tests/resource-timing/nextHopProtocol-tao-protected.https-expected.txt

Diff

Modified: trunk/LayoutTests/imported/w3c/ChangeLog (288218 => 288219)

--- trunk/LayoutTests/imported/w3c/ChangeLog	2022-01-19 19:32:56 UTC (rev 288218)
+++ trunk/LayoutTests/imported/w3c/ChangeLog	2022-01-19 19:37:40 UTC (rev 288219)
@@ -1,3 +1,12 @@
+2022-01-19  Alex Christensen  <achristen...@webkit.org>
+
+        [ResourceTiming] nextHopProtocol is exposed regardless of Timing-Allow-Origin
+        https://bugs.webkit.org/show_bug.cgi?id=235294
+
+        Reviewed by Chris Dumez.
+
+        * web-platform-tests/resource-timing/nextHopProtocol-is-tao-protected.https-expected.txt:
+
 2022-01-19  Youenn Fablet  <you...@apple.com>
 
         Improve computation of service worker FetchEvent.resultingClientId

Modified: trunk/LayoutTests/imported/w3c/web-platform-tests/resource-timing/nextHopProtocol-is-tao-protected.https-expected.txt (288218 => 288219)

--- trunk/LayoutTests/imported/w3c/web-platform-tests/resource-timing/nextHopProtocol-is-tao-protected.https-expected.txt	2022-01-19 19:32:56 UTC (rev 288218)
+++ trunk/LayoutTests/imported/w3c/web-platform-tests/resource-timing/nextHopProtocol-is-tao-protected.https-expected.txt	2022-01-19 19:37:40 UTC (rev 288219)
@@ -1,4 +1,4 @@
 
-FAIL Add TAO-less iframe from remote origin. Make sure nextHopProtocol is the empty string assert_equals: nextHopProtocol should be the empty string expected "" but got "http/1.1"
+PASS Add TAO-less iframe from remote origin. Make sure nextHopProtocol is the empty string
 PASS Add TAO'd iframe from remote origin. Make sure nextHopProtocol is not the empty string
 

Modified: trunk/LayoutTests/imported/w3c/web-platform-tests/resource-timing/nextHopProtocol-tao-protected.https-expected.txt (288218 => 288219)

--- trunk/LayoutTests/imported/w3c/web-platform-tests/resource-timing/nextHopProtocol-tao-protected.https-expected.txt	2022-01-19 19:32:56 UTC (rev 288218)
+++ trunk/LayoutTests/imported/w3c/web-platform-tests/resource-timing/nextHopProtocol-tao-protected.https-expected.txt	2022-01-19 19:37:40 UTC (rev 288219)
@@ -1,5 +1,5 @@
 
 
-FAIL Add TAO-less iframe to remote origin. Make sure nextHopProtocol is the empty string promise_test: Unhandled rejection with value: "nextHopProtocol should be the empty string"
+PASS Add TAO-less iframe to remote origin. Make sure nextHopProtocol is the empty string
 PASS Add TAO iframe to remote origin. Make sure nextHopProtocol is not the empty string
 

Deleted: trunk/LayoutTests/platform/mac-wk1/imported/w3c/web-platform-tests/resource-timing/nextHopProtocol-tao-protected.https-expected.txt (288218 => 288219)

--- trunk/LayoutTests/platform/mac-wk1/imported/w3c/web-platform-tests/resource-timing/nextHopProtocol-tao-protected.https-expected.txt	2022-01-19 19:32:56 UTC (rev 288218)
+++ trunk/LayoutTests/platform/mac-wk1/imported/w3c/web-platform-tests/resource-timing/nextHopProtocol-tao-protected.https-expected.txt	2022-01-19 19:37:40 UTC (rev 288219)
@@ -1,5 +0,0 @@
-
-
-FAIL Add TAO-less iframe to remote origin. Make sure nextHopProtocol is the empty string promise_test: Unhandled rejection with value: "nextHopProtocol should be the empty string"
-PASS Add TAO iframe to remote origin. Make sure nextHopProtocol is not the empty string
-

Modified: trunk/Source/WebCore/ChangeLog (288218 => 288219)

--- trunk/Source/WebCore/ChangeLog	2022-01-19 19:32:56 UTC (rev 288218)
+++ trunk/Source/WebCore/ChangeLog	2022-01-19 19:37:40 UTC (rev 288219)
@@ -1,3 +1,16 @@
+2022-01-19  Alex Christensen  <achristen...@webkit.org>
+
+        [ResourceTiming] nextHopProtocol is exposed regardless of Timing-Allow-Origin
+        https://bugs.webkit.org/show_bug.cgi?id=235294
+
+        Reviewed by Chris Dumez.
+
+        Covered by an existing WPT test that starts passing.
+        This was recently fixed in Chromium in https://chromium-review.googlesource.com/c/chromium/src/+/3354335
+
+        * page/PerformanceResourceTiming.cpp:
+        (WebCore::PerformanceResourceTiming::nextHopProtocol const):
+
 2022-01-19  Rob Buis  <rb...@igalia.com>
 
         Null check player in taintsOrigin

Modified: trunk/Source/WebCore/page/PerformanceResourceTiming.cpp (288218 => 288219)

--- trunk/Source/WebCore/page/PerformanceResourceTiming.cpp	2022-01-19 19:32:56 UTC (rev 288218)
+++ trunk/Source/WebCore/page/PerformanceResourceTiming.cpp	2022-01-19 19:37:40 UTC (rev 288219)
@@ -99,6 +99,9 @@
 
 const String& PerformanceResourceTiming::nextHopProtocol() const
 {
+    if (m_resourceTiming.networkLoadMetrics().failsTAOCheck)
+        return emptyString();
+
     return m_resourceTiming.networkLoadMetrics().protocol;
 }
 

_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes