[webkit-changes] [WebKit/WebKit] a3d8b6: [Site Isolation] deflake http/tests/security/mixed...

Wed, 06 May 2026 16:03:28 -0700 

  Branch: refs/heads/main
  Home:   https://github.com/WebKit/WebKit
  Commit: a3d8b660f6405841078093118d3db3fa82969b1e
      
https://github.com/WebKit/WebKit/commit/a3d8b660f6405841078093118d3db3fa82969b1e
  Author: Anthony Tarbinian <[email protected]>
  Date:   2026-05-06 (Wed, 06 May 2026)

  Changed paths:
    M 
LayoutTests/http/tests/security/mixedContent/resources/frame-with-insecure-css-secure-cookies.html

  Log Message:
  -----------
  [Site Isolation] deflake 
http/tests/security/mixedContent/insecure-css-with-secure-cookies-UpgradeMixedContent.html
https://bugs.webkit.org/show_bug.cgi?id=314240
rdar://176396263

Reviewed by Ryosuke Niwa.

The test is failing flakily with the following diff on macOS post-commit bots
http/tests/security/mixedContent/insecure-css-with-secure-cookies-UpgradeMixedContent.html

```
--- 
/Volumes/Data/worker/Apple-Tahoe-Release-WK2-Site-Isolation-Tree-Tests/build/layout-test-results/http/tests/security/mixedContent/insecure-css-with-secure-cookies-UpgradeMixedContent-expected.txt
+++ 
/Volumes/Data/worker/Apple-Tahoe-Release-WK2-Site-Isolation-Tree-Tests/build/layout-test-results/http/tests/security/mixedContent/insecure-css-with-secure-cookies-UpgradeMixedContent-actual.txt
@@ -1,4 +1,2 @@
 CONSOLE MESSAGE: secureCookie=yes
-CONSOLE MESSAGE: The page at 
https://127.0.0.1:8443/security/mixedContent/resources/frame-with-insecure-css-secure-cookies.html
 requested insecure content from 
http://127.0.0.1:8080/security/resources/greenbox-hotspot5-4.cur. This content 
was automatically upgraded and should be served over HTTPS.
-
 This test opens a window that loads a secure style sheet with insecure cursor 
content after reading secure cookies. This should be allowed because loading of 
the insecure cursor does not pose a security risk since it can only affect the 
display.
```

I wasn't able to reproduce this failure locally so this patch is a speculative
fix which waits until the stylesheet finishes loading before calling
window.opener.postMessage.
This patch also calls getComputedStyle(...).cursor to force the engine
to resolve the cursor property earlier.

* 
LayoutTests/http/tests/security/mixedContent/resources/frame-with-insecure-css-secure-cookies.html:

Canonical link: https://commits.webkit.org/312746@main



To unsubscribe from these emails, change your notification settings at 
https://github.com/WebKit/WebKit/settings/notifications

Reply via email to