Branch: refs/heads/main
Home: https://github.com/WebKit/WebKit
Commit: a2a9dc4ec4d0e1b6e4e86cad315b9e5b675cdae9
https://github.com/WebKit/WebKit/commit/a2a9dc4ec4d0e1b6e4e86cad315b9e5b675cdae9
Author: Ronan Turner <[email protected]>
Date: 2026-01-25 (Sun, 25 Jan 2026)
Changed paths:
M Source/WebCore/loader/SubresourceLoader.cpp
M Source/WebCore/loader/cache/CachedResourceLoader.cpp
M Source/WebCore/loader/cache/CachedResourceLoader.h
M Tools/TestWebKitAPI/Tests/WebKitCocoa/EnhancedSecurityPolicies.mm
M Tools/TestWebKitAPI/Tests/WebKitCocoa/Navigation.mm
Log Message:
-----------
Fix HTTPSOnly behaviour when PSON occurs
https://bugs.webkit.org/show_bug.cgi?id=305385
rdar://168062302
Reviewed by Per Arne Vollan.
The WKNavigation.HTTPSOnlyWithHTTPRedirect failed when enabling
the EnhancedSecurityHeuristics flag by default.
Investigating this uncovered a slight issue in the HTTPS upgrade /
same-site HTTP upgrade prevention logic which can also occur outside of
the EnhancedSecurityHeuristics being enabled.
The attached change to the HTTPSOnlyWithHTTPRedirect test shows this,
which ensures we do a process swap for the initial load, rather than on
the first redirect. Without this, we do a proces swap on the redirect,
and the original request site that is used in upgradeRequestAfterRedirection
is the newly redirected site - at which point we decide not to attempt
a HTTPS upgrade because this is a same site HTTPS -> HTTP redirect.
The issue appears to be that on a PSON, the original URL used in
updateRequestAfterRedirection always remains as the initial load site,
which prevents our HTTPS -> HTTP same-site logic from stopping the HTTPS
upgrade, which results in a continuous loop of this request until it
caps out at the max redirects count.
This fix adds another parameter to updateRequestAfterRedirection which
tracks the last redirect URL and uses this when determining if a HTTPS
upgrade should occur. The original preRedirectURL is still required as
this is later used for reporting CSP violations.
The HTTPSOnlyWithHTTPRedirect test is modified to now test this PSON
case, as well as standardise behaviour between EnhancedSecurityHeuristics
flag being enabled or disabled.
Another test is added to EnhancedSecurityPolicies, which ensures this
HTTPSOnly behaviour is always tested with Enhanced Security:
* HttpsOnlyExplicitlyBypassedWithHttpRedirect
Tests: Tools/TestWebKitAPI/Tests/WebKitCocoa/EnhancedSecurityPolicies.mm
Tools/TestWebKitAPI/Tests/WebKitCocoa/Navigation.mm
* Source/WebCore/loader/SubresourceLoader.cpp:
(WebCore::SubresourceLoader::willSendRequestInternal):
* Source/WebCore/loader/cache/CachedResourceLoader.cpp:
(WebCore::CachedResourceLoader::updateRequestAfterRedirection):
* Source/WebCore/loader/cache/CachedResourceLoader.h:
* Tools/TestWebKitAPI/Tests/WebKitCocoa/EnhancedSecurityPolicies.mm:
(runHttpsOnlyExplicitlyBypassedWithHttpRedirect):
* Tools/TestWebKitAPI/Tests/WebKitCocoa/Navigation.mm:
(TEST(WKNavigation, HTTPSOnlyWithHTTPRedirect)):
Canonical link: https://commits.webkit.org/306166@main
To unsubscribe from these emails, change your notification settings at
https://github.com/WebKit/WebKit/settings/notifications
