Diff
Modified: tags/Safari-601.1.6/LayoutTests/ChangeLog (175367 => 175368)
--- tags/Safari-601.1.6/LayoutTests/ChangeLog 2014-10-30 05:02:33 UTC (rev 175367)
+++ tags/Safari-601.1.6/LayoutTests/ChangeLog 2014-10-30 07:37:16 UTC (rev 175368)
@@ -1,3 +1,22 @@
+2014-10-29 Babak Shafiei <[email protected]>
+
+ Merge r175312.
+
+ 2014-10-29 Chris Dumez <[email protected]>
+
+ Crash in CachedRawResource::canReuse() when reloading http://dnd.wizards.com/dungeons-and-dragons/story
+ https://bugs.webkit.org/show_bug.cgi?id=138164
+
+ Reviewed by Andreas Kling.
+
+ Add a layout test that does XHR loads from cache with only uncommon
+ HTTP headers to reproduce a crash in CachedRawResource::canReuse()
+ when iterating over a HTTPHeaderMap that had uncommon HTTP headers
+ but no common ones.
+
+ * http/tests/cache/xhr-uncommon-header-expected.txt: Added.
+ * http/tests/cache/xhr-uncommon-header.html: Added.
+
2014-10-28 Benjamin Poulain <[email protected]>
CSS4 Selectors: Add the pseudo class :any-link
Copied: tags/Safari-601.1.6/LayoutTests/http/tests/cache/xhr-uncommon-header-expected.txt (from rev 175312, trunk/LayoutTests/http/tests/cache/xhr-uncommon-header-expected.txt) (0 => 175368)
--- tags/Safari-601.1.6/LayoutTests/http/tests/cache/xhr-uncommon-header-expected.txt (rev 0)
+++ tags/Safari-601.1.6/LayoutTests/http/tests/cache/xhr-uncommon-header-expected.txt 2014-10-30 07:37:16 UTC (rev 175368)
@@ -0,0 +1,11 @@
+Test that we don't crash on xhr loads from cache with only uncommon HTTP headers
+
+On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".
+
+
+load
+load
+PASS successfullyParsed is true
+
+TEST COMPLETE
+
Copied: tags/Safari-601.1.6/LayoutTests/http/tests/cache/xhr-uncommon-header.html (from rev 175312, trunk/LayoutTests/http/tests/cache/xhr-uncommon-header.html) (0 => 175368)
--- tags/Safari-601.1.6/LayoutTests/http/tests/cache/xhr-uncommon-header.html (rev 0)
+++ tags/Safari-601.1.6/LayoutTests/http/tests/cache/xhr-uncommon-header.html 2014-10-30 07:37:16 UTC (rev 175368)
@@ -0,0 +1,26 @@
+<script src=""
+<body>
+<script type="text/_javascript_">
+description("Test that we don't crash on xhr loads from cache with only uncommon HTTP headers");
+jsTestIsAsync = true;
+
+function repeat() {
+ var request2 = new XMLHttpRequest();
+ request2.addEventListener("load", function() { debug("load"); finishJSTest(); }, false);
+ request2.addEventListener("error", function() { debug("error"); finishJSTest(); }, false);
+ request2.addEventListener("abort", function() { debug("abort"); finishJSTest(); }, false);
+ request2.open("GET", "resources/empty.txt", true);
+ request2.setRequestHeader("X-Custom1", "test1");
+ request2.send();
+}
+
+var request = new XMLHttpRequest();
+request.addEventListener("load", function() { debug("load"); repeat(); }, false);
+request.addEventListener("error", function() { debug("error"); repeat(); }, false);
+request.addEventListener("abort", function() { debug("abort"); repeat(); }, false);
+request.open("GET", "resources/empty.txt", true);
+request.setRequestHeader("X-Custom1", "test1");
+request.send();
+</script>
+<script src=""
+</body>
Modified: tags/Safari-601.1.6/Source/WebCore/ChangeLog (175367 => 175368)
--- tags/Safari-601.1.6/Source/WebCore/ChangeLog 2014-10-30 05:02:33 UTC (rev 175367)
+++ tags/Safari-601.1.6/Source/WebCore/ChangeLog 2014-10-30 07:37:16 UTC (rev 175368)
@@ -1,3 +1,36 @@
+2014-10-29 Babak Shafiei <[email protected]>
+
+ Merge r175312.
+
+ 2014-10-29 Chris Dumez <[email protected]>
+
+ Crash in CachedRawResource::canReuse() when reloading http://dnd.wizards.com/dungeons-and-dragons/story
+ https://bugs.webkit.org/show_bug.cgi?id=138164
+
+ Reviewed by Andreas Kling.
+
+ This patch fixes a crash when reloading the following URL:
+ http://dnd.wizards.com/dungeons-and-dragons/story
+
+ We were crashing in CachedRawResource::canReuse() because header.key
+ would sometimes be a null String and we would call
+ HashMap::get(nullString).
+
+ The real issue was that header.key was null in the first place, which
+ means that even though the HTTPHeaderMap iterator is valid, it->key
+ is a null String, which should never happen. There was a bug in the
+ HTTPHeaderMapConstIterator() constructor that would cause the
+ iterator key/value pair to not get initialized if the HTTPHeaderMap
+ contained *only* uncommon HTTP headers. This patch updates the
+ constructor so that we fall back to updating the key/value from the
+ uncommon header map, if we failed to initialized from the common
+ header map (because it was empty).
+
+ Test: http/tests/cache/xhr-uncommon-header.html
+
+ * platform/network/HTTPHeaderMap.h:
+ (WebCore::HTTPHeaderMap::HTTPHeaderMapConstIterator::HTTPHeaderMapConstIterator):
+
2014-10-28 Benjamin Poulain <[email protected]>
CSS4 Selectors: Add the pseudo class :any-link
Modified: tags/Safari-601.1.6/Source/WebCore/platform/network/HTTPHeaderMap.h (175367 => 175368)
--- tags/Safari-601.1.6/Source/WebCore/platform/network/HTTPHeaderMap.h 2014-10-30 05:02:33 UTC (rev 175367)
+++ tags/Safari-601.1.6/Source/WebCore/platform/network/HTTPHeaderMap.h 2014-10-30 07:37:16 UTC (rev 175368)
@@ -57,7 +57,8 @@
, m_commonHeadersIt(commonHeadersIt)
, m_uncommonHeadersIt(uncommonHeadersIt)
{
- updateKeyValue(m_commonHeadersIt);
+ if (!updateKeyValue(m_commonHeadersIt))
+ updateKeyValue(m_uncommonHeadersIt);
}
struct KeyValue {
