Diff
Modified: trunk/LayoutTests/ChangeLog (281011 => 281012)
--- trunk/LayoutTests/ChangeLog 2021-08-13 09:38:55 UTC (rev 281011)
+++ trunk/LayoutTests/ChangeLog 2021-08-13 10:22:38 UTC (rev 281012)
@@ -1,3 +1,31 @@
+2021-08-13 Youenn Fablet <you...@apple.com>
+
+ Overly verbose catchable fetch error messages lead to cross-origin leaks
+ https://bugs.webkit.org/show_bug.cgi?id=228861
+
+ Reviewed by Brent Fulgham.
+
+ * http/tests/contentextensions/block-ping-resource-type-raw-expected.txt:
+ * http/tests/contentextensions/fetch-redirect-blocked.html:
+ * http/tests/security/contentSecurityPolicy/worker-blob-inherits-csp-importScripts-redirect-cross-origin-blocked-expected.txt:
+ * http/tests/security/contentSecurityPolicy/worker-csp-importScripts-redirect-cross-origin-blocked-expected.txt:
+ * http/tests/subresource-integrity/sri-module-expected.txt:
+ * http/tests/workers/service/shift-reload-navigation-expected.txt:
+ * http/tests/workers/resources/worker-importScripts.js: changed error logging for better readability.
+ * http/tests/workers/worker-importScripts-expected.txt:
+ * http/wpt/service-workers/cors-preflight-star.any-serviceworker-expected.txt:
+ * js/dom/modules/module-fetch-failure-not-cached-expected.txt:
+ * platform/mac-wk1/http/tests/security/contentSecurityPolicy/worker-blob-inherits-csp-importScripts-redirect-cross-origin-blocked-expected.txt:
+ * platform/mac-wk1/http/tests/security/contentSecurityPolicy/worker-csp-importScripts-redirect-cross-origin-blocked-expected.txt:
+ * platform/mac-wk1/imported/w3c/web-platform-tests/FileAPI/url/url-with-fetch.any-expected.txt:
+ * platform/mac-wk1/imported/w3c/web-platform-tests/FileAPI/url/url-with-fetch.any.worker-expected.txt:
+ * platform/mac-wk1/imported/w3c/web-platform-tests/clipboard-apis/async-navigator-clipboard-basics.https-expected.txt:
+ * platform/mac-wk1/imported/w3c/web-platform-tests/content-security-policy/inside-worker/dedicatedworker-report-only-expected.txt:
+ * platform/mac-wk1/imported/w3c/web-platform-tests/fetch/api/request/request-cache-only-if-cached.any-expected.txt:
+ * platform/mac-wk1/imported/w3c/web-platform-tests/fetch/api/request/request-cache-only-if-cached.any.worker-expected.txt:
+ * platform/mac-wk1/imported/w3c/web-platform-tests/fetch/http-cache/cc-request.any-expected.txt:
+ * platform/mac-wk1/imported/w3c/web-platform-tests/fetch/http-cache/cc-request.any.worker-expected.txt:
+
2021-08-13 Martin Robinson <mrobin...@webkit.org>
Get lint-test-expectations passing
Modified: trunk/LayoutTests/http/tests/contentextensions/block-ping-resource-type-raw-expected.txt (281011 => 281012)
--- trunk/LayoutTests/http/tests/contentextensions/block-ping-resource-type-raw-expected.txt 2021-08-13 09:38:55 UTC (rev 281011)
+++ trunk/LayoutTests/http/tests/contentextensions/block-ping-resource-type-raw-expected.txt 2021-08-13 10:22:38 UTC (rev 281012)
@@ -2,7 +2,7 @@
CONSOLE MESSAGE: Content blocker prevented frame displaying http://127.0.0.1:8000/contentextensions/block-ping-resource-type-raw.html from loading a resource from http://127.0.0.1:8000/contentextensions/resources/save-ping.py?test=contentextensions-block-ping-resource-type-raw
CONSOLE MESSAGE: Resource blocked by content blocker
CONSOLE MESSAGE: Fetch API cannot load http://127.0.0.1:8000/contentextensions/resources/save-ping.py?test=contentextensions-block-ping-resource-type-raw due to access control checks.
-ALERT: PASS:TypeError: Resource blocked by content blocker
+ALERT: PASS:TypeError: Load failed
This test follows a link with a ping attribute where the ping URL matches a 'block' rule.
--------
Modified: trunk/LayoutTests/http/tests/contentextensions/fetch-redirect-blocked.html (281011 => 281012)
--- trunk/LayoutTests/http/tests/contentextensions/fetch-redirect-blocked.html 2021-08-13 09:38:55 UTC (rev 281011)
+++ trunk/LayoutTests/http/tests/contentextensions/fetch-redirect-blocked.html 2021-08-13 10:22:38 UTC (rev 281012)
@@ -7,7 +7,7 @@
return fetch("resources/subresource-redirect.py", { mode : "no-cors" }).then(() => {
assert_not_reached("fetch should fail");
}, (e) => {
- assert_equals(e.message, "Blocked by Content Security Policy.");
+ assert_equals(e.message, "Load failed");
});
}, "Ensure CSP happens before content blocker checks");
</script>
Modified: trunk/LayoutTests/http/tests/security/contentSecurityPolicy/worker-blob-inherits-csp-importScripts-redirect-cross-origin-blocked-expected.txt (281011 => 281012)
--- trunk/LayoutTests/http/tests/security/contentSecurityPolicy/worker-blob-inherits-csp-importScripts-redirect-cross-origin-blocked-expected.txt 2021-08-13 09:38:55 UTC (rev 281011)
+++ trunk/LayoutTests/http/tests/security/contentSecurityPolicy/worker-blob-inherits-csp-importScripts-redirect-cross-origin-blocked-expected.txt 2021-08-13 10:22:38 UTC (rev 281012)
@@ -2,4 +2,4 @@
CONSOLE MESSAGE: Blocked by Content Security Policy.
This tests that the Content Security Policy of the parent origin (this page) blocks a Web Worker from importing a script from a different origin, not listed in script-src, through a redirect.
-PASS threw exception NetworkError: Blocked by Content Security Policy..
+PASS threw exception NetworkError: Load failed.
Modified: trunk/LayoutTests/http/tests/security/contentSecurityPolicy/worker-csp-importScripts-redirect-cross-origin-blocked-expected.txt (281011 => 281012)
--- trunk/LayoutTests/http/tests/security/contentSecurityPolicy/worker-csp-importScripts-redirect-cross-origin-blocked-expected.txt 2021-08-13 09:38:55 UTC (rev 281011)
+++ trunk/LayoutTests/http/tests/security/contentSecurityPolicy/worker-csp-importScripts-redirect-cross-origin-blocked-expected.txt 2021-08-13 10:22:38 UTC (rev 281012)
@@ -2,4 +2,4 @@
CONSOLE MESSAGE: Blocked by Content Security Policy.
This tests a Web Worker with Content Security Policy "script-src 'self'" blocks the import of a script from a different origin through a redirect.
-PASS threw exception NetworkError: Blocked by Content Security Policy..
+PASS threw exception NetworkError: Load failed.
Modified: trunk/LayoutTests/http/tests/subresource-integrity/sri-module-expected.txt (281011 => 281012)
--- trunk/LayoutTests/http/tests/subresource-integrity/sri-module-expected.txt 2021-08-13 09:38:55 UTC (rev 281011)
+++ trunk/LayoutTests/http/tests/subresource-integrity/sri-module-expected.txt 2021-08-13 10:22:38 UTC (rev 281012)
@@ -1,10 +1,10 @@
-CONSOLE MESSAGE: TypeError: Cannot load script http://127.0.0.1:8000/subresource-integrity/resources/non-matching-digest-module.js. Failed integrity metadata check. Content length: 33, Expected content length: 33, Expected metadata: sha256-cWh9nPfm7/mRbKhzarnRYlsJWz5XTNcsqPFzKEx+zSU=
-CONSOLE MESSAGE: TypeError: Cannot load script http://127.0.0.1:8000/subresource-integrity/resources/matching-digest-module.js. Failed integrity metadata check. Content length: 29, Expected content length: 29, Expected metadata: sha512-deadbeefspbnUnwooKGNNCb39nvg+EW0O9hDScTXeo/9pVZztLSUYU3LNV6H0lZapo8bCJUpyPPLAzE9fDzpxg== sha256-cWh9nPfm7/mRbKhzarnRYlsJWz5XTNcsqPFzKEx+zSU=
-CONSOLE MESSAGE: TypeError: Cannot load script http://localhost:8000/subresource-integrity/resources/crossorigin-anon-script-module.js. Failed integrity metadata check. Content length: 37, Expected content length: 37, Expected metadata: sha256-deadbeefcSLlbFZCj1OACLxTxVck2TOrBTEdUbwz1yU=
-CONSOLE MESSAGE: TypeError: Cannot load script http://localhost:8000/subresource-integrity/resources/crossorigin-creds-script-module.js. Failed integrity metadata check. Content length: 38, Expected content length: 38, Expected metadata: sha256-deadbeef2S+pTRZgiw3DWrhC6JLDlt2zRyGpwH7unU8=
+CONSOLE MESSAGE: TypeError: Cannot load script due to integrity mismatch
+CONSOLE MESSAGE: TypeError: Cannot load script due to integrity mismatch
+CONSOLE MESSAGE: TypeError: Cannot load script due to integrity mismatch
+CONSOLE MESSAGE: TypeError: Cannot load script due to integrity mismatch
CONSOLE MESSAGE: Origin http://127.0.0.1:8000 is not allowed by Access-Control-Allow-Origin.
-CONSOLE MESSAGE: TypeError: Cannot load script http://127.0.0.1:8000/subresource-integrity/resources/matching-digest-module.js. Failed integrity metadata check. Content length: 29, Expected content length: 29, Expected metadata: sha256-cWh9nPfm7_mRbKhzarnRYlsJWz5XTNcsqPFzKEx+zSU=
-CONSOLE MESSAGE: TypeError: Cannot load script http://127.0.0.1:8000/subresource-integrity/resources/matching-digest-module.js. Failed integrity metadata check. Content length: 29, Expected content length: 29, Expected metadata: sha256-U9WYDtBWkcHx13+9UKk/3Q5eoqDc4YGxYb07EPWzb9e=?foo=bar?spam=eggs
+CONSOLE MESSAGE: TypeError: Cannot load script due to integrity mismatch
+CONSOLE MESSAGE: TypeError: Cannot load script due to integrity mismatch
PASS Module: Same-origin with correct sha256 hash.
PASS Module: Same-origin with correct sha384 hash.
Modified: trunk/LayoutTests/http/tests/workers/resources/worker-importScripts.js (281011 => 281012)
--- trunk/LayoutTests/http/tests/workers/resources/worker-importScripts.js 2021-08-13 09:38:55 UTC (rev 281011)
+++ trunk/LayoutTests/http/tests/workers/resources/worker-importScripts.js 2021-08-13 10:22:38 UTC (rev 281012)
@@ -100,7 +100,7 @@
try {
importScripts(source1, fakeSource, source2);
} catch(e) {
- postMessage("PASS: Threw " + e + " when load failed");
+ postMessage("PASS: Threw " + e + " when importing script");
}
if (!loadedSource1 && !loadedSource2)
postMessage("FAIL: Nothing was executed when network error occurred.");
Modified: trunk/LayoutTests/http/tests/workers/service/shift-reload-navigation-expected.txt (281011 => 281012)
--- trunk/LayoutTests/http/tests/workers/service/shift-reload-navigation-expected.txt 2021-08-13 09:38:55 UTC (rev 281011)
+++ trunk/LayoutTests/http/tests/workers/service/shift-reload-navigation-expected.txt 2021-08-13 10:22:38 UTC (rev 281012)
@@ -2,7 +2,7 @@
CONSOLE MESSAGE: Fetch API cannot load http://localhost:8080/resources/square100.png.fromserviceworker due to access control checks.
CONSOLE MESSAGE: Origin http://127.0.0.1:8000 is not allowed by Access-Control-Allow-Origin.
CONSOLE MESSAGE: Fetch API cannot load http://localhost:8080/resources/square100.png.fromserviceworker due to access control checks.
-PASS: Fetch failed as expected with: TypeError: Origin http://127.0.0.1:8000 is not allowed by Access-Control-Allow-Origin.
+PASS: Fetch failed as expected with: TypeError: Load failed
PASS: Got response with buffer byte length being 12940
-PASS: Fetch failed as expected with: TypeError: Origin http://127.0.0.1:8000 is not allowed by Access-Control-Allow-Origin.
+PASS: Fetch failed as expected with: TypeError: Load failed
Modified: trunk/LayoutTests/http/tests/workers/worker-importScripts-expected.txt (281011 => 281012)
--- trunk/LayoutTests/http/tests/workers/worker-importScripts-expected.txt 2021-08-13 09:38:55 UTC (rev 281011)
+++ trunk/LayoutTests/http/tests/workers/worker-importScripts-expected.txt 2021-08-13 10:22:38 UTC (rev 281012)
@@ -24,7 +24,7 @@
Loaded resource 2
PASS: all resources executed.
Loaded resource 1
-PASS: Threw NetworkError: Response is not 2xx when load failed
+PASS: Threw NetworkError: Load failed when importing script
PASS: some resources were loaded despite the network error
Loaded resource 1
PASS: Threw SyntaxError: Unexpected identifier 'syntax' when encountering a syntax error in imported script
Modified: trunk/LayoutTests/http/wpt/service-workers/cors-preflight-star.any-serviceworker-expected.txt (281011 => 281012)
--- trunk/LayoutTests/http/wpt/service-workers/cors-preflight-star.any-serviceworker-expected.txt 2021-08-13 09:38:55 UTC (rev 281011)
+++ trunk/LayoutTests/http/wpt/service-workers/cors-preflight-star.any-serviceworker-expected.txt 2021-08-13 10:22:38 UTC (rev 281012)
@@ -1,13 +1,13 @@
PASS Setting up tests
-FAIL CORS that succeeds with credentials: false; method: GET (allowed: get); header: X-Test,1 (allowed: x-test) promise_test: Unhandled rejection with value: object "TypeError: Preflight response is not successful"
-FAIL CORS that succeeds with credentials: false; method: SUPER (allowed: *); header: X-Test,1 (allowed: x-test) promise_test: Unhandled rejection with value: object "TypeError: Preflight response is not successful"
-FAIL CORS that succeeds with credentials: false; method: OK (allowed: *); header: X-Test,1 (allowed: *) promise_test: Unhandled rejection with value: object "TypeError: Preflight response is not successful"
+FAIL CORS that succeeds with credentials: false; method: GET (allowed: get); header: X-Test,1 (allowed: x-test) promise_test: Unhandled rejection with value: object "TypeError: Load failed"
+FAIL CORS that succeeds with credentials: false; method: SUPER (allowed: *); header: X-Test,1 (allowed: x-test) promise_test: Unhandled rejection with value: object "TypeError: Load failed"
+FAIL CORS that succeeds with credentials: false; method: OK (allowed: *); header: X-Test,1 (allowed: *) promise_test: Unhandled rejection with value: object "TypeError: Load failed"
PASS CORS that fails with credentials: true; method: OK (allowed: *); header: X-Test,1 (allowed: *)
PASS CORS that fails with credentials: true; method: PUT (allowed: *); header: (allowed: )
-FAIL CORS that succeeds with credentials: true; method: PUT (allowed: PUT); header: (allowed: *) promise_test: Unhandled rejection with value: object "TypeError: Preflight response is not successful"
+FAIL CORS that succeeds with credentials: true; method: PUT (allowed: PUT); header: (allowed: *) promise_test: Unhandled rejection with value: object "TypeError: Load failed"
PASS CORS that fails with credentials: true; method: PUT (allowed: put); header: (allowed: *)
PASS CORS that fails with credentials: true; method: GET (allowed: get); header: X-Test,1 (allowed: *)
PASS CORS that fails with credentials: true; method: GET (allowed: *); header: X-Test,1 (allowed: *)
-FAIL CORS that succeeds with credentials: true; method: * (allowed: *); header: *,1 (allowed: *) promise_test: Unhandled rejection with value: object "TypeError: Preflight response is not successful"
+FAIL CORS that succeeds with credentials: true; method: * (allowed: *); header: *,1 (allowed: *) promise_test: Unhandled rejection with value: object "TypeError: Load failed"
Modified: trunk/LayoutTests/imported/w3c/ChangeLog (281011 => 281012)
--- trunk/LayoutTests/imported/w3c/ChangeLog 2021-08-13 09:38:55 UTC (rev 281011)
+++ trunk/LayoutTests/imported/w3c/ChangeLog 2021-08-13 10:22:38 UTC (rev 281012)
@@ -1,3 +1,39 @@
+2021-08-13 Youenn Fablet <you...@apple.com>
+
+ Overly verbose catchable fetch error messages lead to cross-origin leaks
+ https://bugs.webkit.org/show_bug.cgi?id=228861
+
+ Reviewed by Brent Fulgham.
+
+ Rebasing tests with new error message.
+
+ * web-platform-tests/FileAPI/url/url-with-fetch.any-expected.txt:
+ * web-platform-tests/FileAPI/url/url-with-fetch.any.worker-expected.txt:
+ * web-platform-tests/clipboard-apis/async-navigator-clipboard-basics.https-expected.txt:
+ * web-platform-tests/content-security-policy/inside-worker/dedicatedworker-report-only-expected.txt:
+ * web-platform-tests/content-security-policy/inside-worker/serviceworker-report-only.https.sub-expected.txt:
+ * web-platform-tests/fetch/api/cors/cors-cookies.any.worker-expected.txt:
+ * web-platform-tests/fetch/api/policies/referrer-origin-when-cross-origin-service-worker.https-expected.txt:
+ * web-platform-tests/fetch/http-cache/cc-request.any-expected.txt:
+ * web-platform-tests/fetch/http-cache/cc-request.any.worker-expected.txt:
+ * web-platform-tests/html/cross-origin-embedder-policy/coep-on-response-from-service-worker.https-expected.txt:
+ * web-platform-tests/html/cross-origin-embedder-policy/none-sw-from-none.https-expected.txt:
+ * web-platform-tests/html/cross-origin-embedder-policy/none-sw-from-require-corp.https-expected.txt:
+ * web-platform-tests/html/cross-origin-embedder-policy/require-corp-sw-from-none.https-expected.txt:
+ * web-platform-tests/html/cross-origin-embedder-policy/require-corp-sw-from-require-corp.https-expected.txt:
+ * web-platform-tests/html/semantics/scripting-1/the-script-element/css-module/credentials.sub-expected.txt:
+ * web-platform-tests/html/semantics/scripting-1/the-script-element/json-module/credentials.sub-expected.txt:
+ * web-platform-tests/html/semantics/scripting-1/the-script-element/module/credentials.sub-expected.txt:
+ * web-platform-tests/html/semantics/scripting-1/the-script-element/module/dynamic-import/dynamic-imports-credentials-setTimeout.sub-expected.txt:
+ * web-platform-tests/html/semantics/scripting-1/the-script-element/module/dynamic-import/dynamic-imports-credentials.sub-expected.txt:
+ * web-platform-tests/html/semantics/scripting-1/the-script-element/module/integrity-expected.txt:
+ * web-platform-tests/service-workers/service-worker/fetch-event-referrer-policy.https-expected.txt:
+ * web-platform-tests/service-workers/service-worker/import-scripts-cross-origin.https-expected.txt:
+ * web-platform-tests/service-workers/service-worker/redirected-response.https-expected.txt:
+ * web-platform-tests/wasm/jsapi/table/constructor-reftypes.tentative.any.worker-expected.txt:
+ * web-platform-tests/wasm/jsapi/table/grow-reftypes.tentative.any.worker-expected.txt:
+ * web-platform-tests/wasm/jsapi/table/set-reftypes.tentative.any.worker-expected.txt:
+
2021-08-12 Alex Christensen <achristen...@webkit.org>
Unprefix -webkit-backface-visibility
Modified: trunk/LayoutTests/imported/w3c/web-platform-tests/FileAPI/url/url-with-fetch.any-expected.txt (281011 => 281012)
--- trunk/LayoutTests/imported/w3c/web-platform-tests/FileAPI/url/url-with-fetch.any-expected.txt 2021-08-13 09:38:55 UTC (rev 281011)
+++ trunk/LayoutTests/imported/w3c/web-platform-tests/FileAPI/url/url-with-fetch.any-expected.txt 2021-08-13 10:22:38 UTC (rev 281012)
@@ -12,6 +12,6 @@
PASS fetch with method "PUT" should fail
PASS fetch with method "CUSTOM" should fail
PASS fetch should return Content-Type from Blob
-FAIL Revoke blob URL after creating Request, will fetch promise_test: Unhandled rejection with value: object "TypeError: The operation couldn’t be completed. (WebKitBlobResource error 1.)"
+FAIL Revoke blob URL after creating Request, will fetch promise_test: Unhandled rejection with value: object "TypeError: Load failed"
PASS Revoke blob URL after calling fetch, fetch should succeed
Modified: trunk/LayoutTests/imported/w3c/web-platform-tests/FileAPI/url/url-with-fetch.any.worker-expected.txt (281011 => 281012)
--- trunk/LayoutTests/imported/w3c/web-platform-tests/FileAPI/url/url-with-fetch.any.worker-expected.txt 2021-08-13 09:38:55 UTC (rev 281011)
+++ trunk/LayoutTests/imported/w3c/web-platform-tests/FileAPI/url/url-with-fetch.any.worker-expected.txt 2021-08-13 10:22:38 UTC (rev 281012)
@@ -12,6 +12,6 @@
PASS fetch with method "PUT" should fail
PASS fetch with method "CUSTOM" should fail
PASS fetch should return Content-Type from Blob
-FAIL Revoke blob URL after creating Request, will fetch promise_test: Unhandled rejection with value: object "TypeError: The operation couldn’t be completed. (WebKitBlobResource error 1.)"
+FAIL Revoke blob URL after creating Request, will fetch promise_test: Unhandled rejection with value: object "TypeError: Load failed"
PASS Revoke blob URL after calling fetch, fetch should succeed
Modified: trunk/LayoutTests/imported/w3c/web-platform-tests/clipboard-apis/async-navigator-clipboard-basics.https-expected.txt (281011 => 281012)
--- trunk/LayoutTests/imported/w3c/web-platform-tests/clipboard-apis/async-navigator-clipboard-basics.https-expected.txt 2021-08-13 09:38:55 UTC (rev 281011)
+++ trunk/LayoutTests/imported/w3c/web-platform-tests/clipboard-apis/async-navigator-clipboard-basics.https-expected.txt 2021-08-13 10:22:38 UTC (rev 281012)
@@ -11,7 +11,7 @@
PASS navigator.clipboard.write(Blob) fails (expect [ClipboardItem])
PASS navigator.clipboard.writeText(DOMString) succeeds
PASS navigator.clipboard.writeText() fails (expect DOMString)
-FAIL navigator.clipboard.write({string : image/png Blob}) succeeds promise_test: Unhandled rejection with value: object "TypeError: Not allowed to request resource"
+FAIL navigator.clipboard.write({string : image/png Blob}) succeeds promise_test: Unhandled rejection with value: object "TypeError: Load failed"
PASS navigator.clipboard.read() succeeds
PASS navigator.clipboard.readText() succeeds
Modified: trunk/LayoutTests/imported/w3c/web-platform-tests/content-security-policy/inside-worker/dedicatedworker-report-only-expected.txt (281011 => 281012)
--- trunk/LayoutTests/imported/w3c/web-platform-tests/content-security-policy/inside-worker/dedicatedworker-report-only-expected.txt 2021-08-13 09:38:55 UTC (rev 281011)
+++ trunk/LayoutTests/imported/w3c/web-platform-tests/content-security-policy/inside-worker/dedicatedworker-report-only-expected.txt 2021-08-13 10:22:38 UTC (rev 281012)
@@ -4,8 +4,8 @@
PASS Same-origin 'fetch()'.
PASS Same-origin XHR.
-FAIL Cross-origin 'fetch()'. promise_test: Unhandled rejection with value: object "TypeError: Type error"
+FAIL Cross-origin 'fetch()'. promise_test: Unhandled rejection with value: object "TypeError: Load failed"
FAIL Cross-origin XHR. promise_test: Unhandled rejection with value: "xhr.open should not have thrown."
-FAIL Same-origin => cross-origin 'fetch()'. promise_test: Unhandled rejection with value: object "TypeError: cancelled"
+FAIL Same-origin => cross-origin 'fetch()'. promise_test: Unhandled rejection with value: object "TypeError: Load failed"
FAIL connect-src-self-report-only assert_array_equals: Reports do not match lengths differ, expected array ["http://localhost:8800/common/redirect-opt-in.py?status=307&location=https://www.localhost:9444/content-security-policy/support/resource.py?cross-origin-fetch", "https://www.localhost:9444/content-security-policy/support/resource.py?cross-origin-fetch", "https://www.localhost:9444/content-security-policy/support/resource.py?cross-origin-xhr"] length 3, got [] length 0
Modified: trunk/LayoutTests/imported/w3c/web-platform-tests/content-security-policy/inside-worker/serviceworker-report-only.https.sub-expected.txt (281011 => 281012)
--- trunk/LayoutTests/imported/w3c/web-platform-tests/content-security-policy/inside-worker/serviceworker-report-only.https.sub-expected.txt 2021-08-13 09:38:55 UTC (rev 281011)
+++ trunk/LayoutTests/imported/w3c/web-platform-tests/content-security-policy/inside-worker/serviceworker-report-only.https.sub-expected.txt 2021-08-13 10:22:38 UTC (rev 281012)
@@ -1,7 +1,7 @@
PASS serviceworker-report-only
PASS Same-origin 'fetch()'.
-FAIL Cross-origin 'fetch()'. promise_test: Unhandled rejection with value: object "TypeError: A server with the specified hostname could not be found."
-FAIL Same-origin => cross-origin 'fetch()'. promise_test: Unhandled rejection with value: object "TypeError: A server with the specified hostname could not be found."
+FAIL Cross-origin 'fetch()'. promise_test: Unhandled rejection with value: object "TypeError: Load failed"
+FAIL Same-origin => cross-origin 'fetch()'. promise_test: Unhandled rejection with value: object "TypeError: Load failed"
FAIL connect-src-self-report-only assert_array_equals: Reports do not match lengths differ, expected array ["https://localhost:9443/common/redirect-opt-in.py?status=307&location=https://www.localhost:9444/content-security-policy/support/resource.py?cross-origin-fetch", "https://www.localhost:9444/content-security-policy/support/resource.py?cross-origin-fetch"] length 2, got [] length 0
Modified: trunk/LayoutTests/imported/w3c/web-platform-tests/fetch/api/cors/cors-cookies.any.worker-expected.txt (281011 => 281012)
--- trunk/LayoutTests/imported/w3c/web-platform-tests/fetch/api/cors/cors-cookies.any.worker-expected.txt 2021-08-13 09:38:55 UTC (rev 281011)
+++ trunk/LayoutTests/imported/w3c/web-platform-tests/fetch/api/cors/cors-cookies.any.worker-expected.txt 2021-08-13 10:22:38 UTC (rev 281012)
@@ -5,5 +5,5 @@
PASS Include mode: local cookies are not sent with remote request
PASS Include mode: remote cookies are not sent with local request
PASS Same-origin mode: cookies are discarded in cors request
-FAIL Include mode: remote cookies are not sent with other remote request promise_test: Unhandled rejection with value: object "TypeError: Type error"
+FAIL Include mode: remote cookies are not sent with other remote request promise_test: Unhandled rejection with value: object "TypeError: Load failed"
Modified: trunk/LayoutTests/imported/w3c/web-platform-tests/fetch/api/policies/referrer-origin-when-cross-origin-service-worker.https-expected.txt (281011 => 281012)
--- trunk/LayoutTests/imported/w3c/web-platform-tests/fetch/api/policies/referrer-origin-when-cross-origin-service-worker.https-expected.txt 2021-08-13 09:38:55 UTC (rev 281011)
+++ trunk/LayoutTests/imported/w3c/web-platform-tests/fetch/api/policies/referrer-origin-when-cross-origin-service-worker.https-expected.txt 2021-08-13 10:22:38 UTC (rev 281012)
@@ -1,4 +1,4 @@
PASS Fetch in service worker: referrer with origin-when-cross-origin policy
-FAIL Request's referrer is origin promise_test: Unhandled rejection with value: object "TypeError: Not allowed to request resource"
+FAIL Request's referrer is origin promise_test: Unhandled rejection with value: object "TypeError: Load failed"
Modified: trunk/LayoutTests/imported/w3c/web-platform-tests/fetch/http-cache/cc-request.any-expected.txt (281011 => 281012)
--- trunk/LayoutTests/imported/w3c/web-platform-tests/fetch/http-cache/cc-request.any-expected.txt 2021-08-13 09:38:55 UTC (rev 281011)
+++ trunk/LayoutTests/imported/w3c/web-platform-tests/fetch/http-cache/cc-request.any-expected.txt 2021-08-13 10:22:38 UTC (rev 281012)
@@ -10,5 +10,5 @@
PASS HTTP cache validates fresh response with Last-Modified when request contains Cache-Control: no-cache
PASS HTTP cache validates fresh response with ETag when request contains Cache-Control: no-cache
FAIL HTTP cache doesn't reuse fresh response when request contains Cache-Control: no-store assert_equals: Response 2 comes from cache expected 2 but got 1
-FAIL HTTP cache generates 504 status code when nothing is in cache and request contains Cache-Control: only-if-cached promise_test: Unhandled rejection with value: object "TypeError: can’t load from network"
+FAIL HTTP cache generates 504 status code when nothing is in cache and request contains Cache-Control: only-if-cached promise_test: Unhandled rejection with value: object "TypeError: Load failed"
Modified: trunk/LayoutTests/imported/w3c/web-platform-tests/fetch/http-cache/cc-request.any.worker-expected.txt (281011 => 281012)
--- trunk/LayoutTests/imported/w3c/web-platform-tests/fetch/http-cache/cc-request.any.worker-expected.txt 2021-08-13 09:38:55 UTC (rev 281011)
+++ trunk/LayoutTests/imported/w3c/web-platform-tests/fetch/http-cache/cc-request.any.worker-expected.txt 2021-08-13 10:22:38 UTC (rev 281012)
@@ -10,5 +10,5 @@
PASS HTTP cache validates fresh response with Last-Modified when request contains Cache-Control: no-cache
PASS HTTP cache validates fresh response with ETag when request contains Cache-Control: no-cache
FAIL HTTP cache doesn't reuse fresh response when request contains Cache-Control: no-store assert_equals: Response 2 comes from cache expected 2 but got 1
-FAIL HTTP cache generates 504 status code when nothing is in cache and request contains Cache-Control: only-if-cached promise_test: Unhandled rejection with value: object "TypeError: can’t load from network"
+FAIL HTTP cache generates 504 status code when nothing is in cache and request contains Cache-Control: only-if-cached promise_test: Unhandled rejection with value: object "TypeError: Load failed"
Modified: trunk/LayoutTests/imported/w3c/web-platform-tests/html/cross-origin-embedder-policy/coep-on-response-from-service-worker.https-expected.txt (281011 => 281012)
--- trunk/LayoutTests/imported/w3c/web-platform-tests/html/cross-origin-embedder-policy/coep-on-response-from-service-worker.https-expected.txt 2021-08-13 09:38:55 UTC (rev 281011)
+++ trunk/LayoutTests/imported/w3c/web-platform-tests/html/cross-origin-embedder-policy/coep-on-response-from-service-worker.https-expected.txt 2021-08-13 10:22:38 UTC (rev 281012)
@@ -1,4 +1,4 @@
-CONSOLE MESSAGE: FetchEvent.respondWith received an error: TypeError: Cancelled load to https://127.0.0.1:9443/html/cross-origin-embedder-policy/resources/nothing-same-origin-corp.txt because it violates the resource's Cross-Origin-Resource-Policy response header.
+CONSOLE MESSAGE: FetchEvent.respondWith received an error: TypeError: Load failed
CONSOLE MESSAGE: Fetch API cannot load https://127.0.0.1:9443/html/cross-origin-embedder-policy/resources/nothing-same-origin-corp.txt.
CONSOLE MESSAGE: Cancelled load to https://127.0.0.1:9443/common/blank.html because it violates the resource's Cross-Origin-Resource-Policy response header.
CONSOLE MESSAGE: Fetch API cannot load https://127.0.0.1:9443/common/blank.html due to access control checks.
@@ -6,7 +6,7 @@
CONSOLE MESSAGE: Fetch API cannot load https://127.0.0.1:9443/html/cross-origin-embedder-policy/resources/nothing-same-origin-corp.txt?passthrough due to access control checks.
CONSOLE MESSAGE: Cancelled load to https://127.0.0.1:9443/common/blank.html?passthrough because it violates the resource's Cross-Origin-Resource-Policy response header.
CONSOLE MESSAGE: Fetch API cannot load https://127.0.0.1:9443/common/blank.html?passthrough due to access control checks.
-CONSOLE MESSAGE: FetchEvent.respondWith received an error: TypeError: Origin https://localhost:9443 is not allowed by Access-Control-Allow-Origin.
+CONSOLE MESSAGE: FetchEvent.respondWith received an error: TypeError: Load failed
CONSOLE MESSAGE: Fetch API cannot load https://127.0.0.1:9443/common/blank.html.
PASS setup
Modified: trunk/LayoutTests/imported/w3c/web-platform-tests/html/cross-origin-embedder-policy/none-sw-from-none.https-expected.txt (281011 => 281012)
--- trunk/LayoutTests/imported/w3c/web-platform-tests/html/cross-origin-embedder-policy/none-sw-from-none.https-expected.txt 2021-08-13 09:38:55 UTC (rev 281011)
+++ trunk/LayoutTests/imported/w3c/web-platform-tests/html/cross-origin-embedder-policy/none-sw-from-none.https-expected.txt 2021-08-13 10:22:38 UTC (rev 281012)
@@ -1,8 +1,8 @@
-CONSOLE MESSAGE: FetchEvent.respondWith received an error: TypeError: Cancelled load to https://127.0.0.1:9443/html/cross-origin-embedder-policy/resources/nothing-same-origin-corp.txt because it violates the resource's Cross-Origin-Resource-Policy response header.
+CONSOLE MESSAGE: FetchEvent.respondWith received an error: TypeError: Load failed
CONSOLE MESSAGE: Fetch API cannot load https://127.0.0.1:9443/html/cross-origin-embedder-policy/resources/nothing-same-origin-corp.txt.
CONSOLE MESSAGE: Cancelled load to https://127.0.0.1:9443/html/cross-origin-embedder-policy/resources/nothing-same-origin-corp.txt?passthrough because it violates the resource's Cross-Origin-Resource-Policy response header.
CONSOLE MESSAGE: Fetch API cannot load https://127.0.0.1:9443/html/cross-origin-embedder-policy/resources/nothing-same-origin-corp.txt?passthrough due to access control checks.
-CONSOLE MESSAGE: FetchEvent.respondWith received an error: TypeError: Origin https://localhost:9443 is not allowed by Access-Control-Allow-Origin.
+CONSOLE MESSAGE: FetchEvent.respondWith received an error: TypeError: Load failed
CONSOLE MESSAGE: Fetch API cannot load https://127.0.0.1:9443/common/blank.html.
PASS setting up
Modified: trunk/LayoutTests/imported/w3c/web-platform-tests/html/cross-origin-embedder-policy/none-sw-from-require-corp.https-expected.txt (281011 => 281012)
--- trunk/LayoutTests/imported/w3c/web-platform-tests/html/cross-origin-embedder-policy/none-sw-from-require-corp.https-expected.txt 2021-08-13 09:38:55 UTC (rev 281011)
+++ trunk/LayoutTests/imported/w3c/web-platform-tests/html/cross-origin-embedder-policy/none-sw-from-require-corp.https-expected.txt 2021-08-13 10:22:38 UTC (rev 281012)
@@ -1,4 +1,4 @@
-CONSOLE MESSAGE: FetchEvent.respondWith received an error: TypeError: Cancelled load to https://127.0.0.1:9443/html/cross-origin-embedder-policy/resources/nothing-same-origin-corp.txt because it violates the resource's Cross-Origin-Resource-Policy response header.
+CONSOLE MESSAGE: FetchEvent.respondWith received an error: TypeError: Load failed
CONSOLE MESSAGE: Fetch API cannot load https://127.0.0.1:9443/html/cross-origin-embedder-policy/resources/nothing-same-origin-corp.txt.
CONSOLE MESSAGE: Cancelled load to https://127.0.0.1:9443/common/blank.html because it violates the resource's Cross-Origin-Resource-Policy response header.
CONSOLE MESSAGE: Fetch API cannot load https://127.0.0.1:9443/common/blank.html due to access control checks.
@@ -6,7 +6,7 @@
CONSOLE MESSAGE: Fetch API cannot load https://127.0.0.1:9443/html/cross-origin-embedder-policy/resources/nothing-same-origin-corp.txt?passthrough due to access control checks.
CONSOLE MESSAGE: Cancelled load to https://127.0.0.1:9443/common/blank.html?passthrough because it violates the resource's Cross-Origin-Resource-Policy response header.
CONSOLE MESSAGE: Fetch API cannot load https://127.0.0.1:9443/common/blank.html?passthrough due to access control checks.
-CONSOLE MESSAGE: FetchEvent.respondWith received an error: TypeError: Origin https://localhost:9443 is not allowed by Access-Control-Allow-Origin.
+CONSOLE MESSAGE: FetchEvent.respondWith received an error: TypeError: Load failed
CONSOLE MESSAGE: Fetch API cannot load https://127.0.0.1:9443/common/blank.html.
PASS setting up
Modified: trunk/LayoutTests/imported/w3c/web-platform-tests/html/cross-origin-embedder-policy/require-corp-sw-from-none.https-expected.txt (281011 => 281012)
--- trunk/LayoutTests/imported/w3c/web-platform-tests/html/cross-origin-embedder-policy/require-corp-sw-from-none.https-expected.txt 2021-08-13 09:38:55 UTC (rev 281011)
+++ trunk/LayoutTests/imported/w3c/web-platform-tests/html/cross-origin-embedder-policy/require-corp-sw-from-none.https-expected.txt 2021-08-13 10:22:38 UTC (rev 281012)
@@ -1,10 +1,10 @@
-CONSOLE MESSAGE: FetchEvent.respondWith received an error: TypeError: Cancelled load to https://127.0.0.1:9443/html/cross-origin-embedder-policy/resources/nothing-same-origin-corp.txt because it violates the resource's Cross-Origin-Resource-Policy response header.
+CONSOLE MESSAGE: FetchEvent.respondWith received an error: TypeError: Load failed
CONSOLE MESSAGE: Fetch API cannot load https://127.0.0.1:9443/html/cross-origin-embedder-policy/resources/nothing-same-origin-corp.txt.
-CONSOLE MESSAGE: FetchEvent.respondWith received an error: TypeError: Cancelled load to https://127.0.0.1:9443/common/blank.html because it violates the resource's Cross-Origin-Resource-Policy response header.
+CONSOLE MESSAGE: FetchEvent.respondWith received an error: TypeError: Load failed
CONSOLE MESSAGE: Fetch API cannot load https://127.0.0.1:9443/common/blank.html.
CONSOLE MESSAGE: Cancelled load to https://127.0.0.1:9443/html/cross-origin-embedder-policy/resources/nothing-same-origin-corp.txt?passthrough because it violates the resource's Cross-Origin-Resource-Policy response header.
CONSOLE MESSAGE: Fetch API cannot load https://127.0.0.1:9443/html/cross-origin-embedder-policy/resources/nothing-same-origin-corp.txt?passthrough due to access control checks.
-CONSOLE MESSAGE: FetchEvent.respondWith received an error: TypeError: Origin https://localhost:9443 is not allowed by Access-Control-Allow-Origin.
+CONSOLE MESSAGE: FetchEvent.respondWith received an error: TypeError: Load failed
CONSOLE MESSAGE: Fetch API cannot load https://127.0.0.1:9443/common/blank.html.
PASS setting up
Modified: trunk/LayoutTests/imported/w3c/web-platform-tests/html/cross-origin-embedder-policy/require-corp-sw-from-require-corp.https-expected.txt (281011 => 281012)
--- trunk/LayoutTests/imported/w3c/web-platform-tests/html/cross-origin-embedder-policy/require-corp-sw-from-require-corp.https-expected.txt 2021-08-13 09:38:55 UTC (rev 281011)
+++ trunk/LayoutTests/imported/w3c/web-platform-tests/html/cross-origin-embedder-policy/require-corp-sw-from-require-corp.https-expected.txt 2021-08-13 10:22:38 UTC (rev 281012)
@@ -1,12 +1,12 @@
-CONSOLE MESSAGE: FetchEvent.respondWith received an error: TypeError: Cancelled load to https://127.0.0.1:9443/html/cross-origin-embedder-policy/resources/nothing-same-origin-corp.txt because it violates the resource's Cross-Origin-Resource-Policy response header.
+CONSOLE MESSAGE: FetchEvent.respondWith received an error: TypeError: Load failed
CONSOLE MESSAGE: Fetch API cannot load https://127.0.0.1:9443/html/cross-origin-embedder-policy/resources/nothing-same-origin-corp.txt.
-CONSOLE MESSAGE: FetchEvent.respondWith received an error: TypeError: Cancelled load to https://127.0.0.1:9443/common/blank.html because it violates the resource's Cross-Origin-Resource-Policy response header.
+CONSOLE MESSAGE: FetchEvent.respondWith received an error: TypeError: Load failed
CONSOLE MESSAGE: Fetch API cannot load https://127.0.0.1:9443/common/blank.html.
CONSOLE MESSAGE: Cancelled load to https://127.0.0.1:9443/html/cross-origin-embedder-policy/resources/nothing-same-origin-corp.txt?passthrough because it violates the resource's Cross-Origin-Resource-Policy response header.
CONSOLE MESSAGE: Fetch API cannot load https://127.0.0.1:9443/html/cross-origin-embedder-policy/resources/nothing-same-origin-corp.txt?passthrough due to access control checks.
CONSOLE MESSAGE: Cancelled load to https://127.0.0.1:9443/common/blank.html?passthrough because it violates the resource's Cross-Origin-Resource-Policy response header.
CONSOLE MESSAGE: Fetch API cannot load https://127.0.0.1:9443/common/blank.html?passthrough due to access control checks.
-CONSOLE MESSAGE: FetchEvent.respondWith received an error: TypeError: Origin https://localhost:9443 is not allowed by Access-Control-Allow-Origin.
+CONSOLE MESSAGE: FetchEvent.respondWith received an error: TypeError: Load failed
CONSOLE MESSAGE: Fetch API cannot load https://127.0.0.1:9443/common/blank.html.
PASS setting up
Modified: trunk/LayoutTests/imported/w3c/web-platform-tests/html/semantics/scripting-1/the-script-element/css-module/credentials.sub-expected.txt (281011 => 281012)
--- trunk/LayoutTests/imported/w3c/web-platform-tests/html/semantics/scripting-1/the-script-element/css-module/credentials.sub-expected.txt 2021-08-13 09:38:55 UTC (rev 281011)
+++ trunk/LayoutTests/imported/w3c/web-platform-tests/html/semantics/scripting-1/the-script-element/css-module/credentials.sub-expected.txt 2021-08-13 10:22:38 UTC (rev 281012)
@@ -1,5 +1,5 @@
Blocked access to external URL http://www2.localhost:8800/cookies/resources/set-cookie.py?name=milk&path=/html/semantics/scripting-1/the-script-element/css-module/
CONSOLE MESSAGE: Fetch API cannot load http://www2.localhost:8800/cookies/resources/set-cookie.py?name=milk&path=/html/semantics/scripting-1/the-script-element/css-module/ due to access control checks.
-FAIL CSS Modules should be loaded with or without the credentials based on the same-origin-ness and the crossOrigin attribute promise_test: Unhandled rejection with value: object "TypeError: Type error"
+FAIL CSS Modules should be loaded with or without the credentials based on the same-origin-ness and the crossOrigin attribute promise_test: Unhandled rejection with value: object "TypeError: Load failed"
Modified: trunk/LayoutTests/imported/w3c/web-platform-tests/html/semantics/scripting-1/the-script-element/json-module/credentials.sub-expected.txt (281011 => 281012)
--- trunk/LayoutTests/imported/w3c/web-platform-tests/html/semantics/scripting-1/the-script-element/json-module/credentials.sub-expected.txt 2021-08-13 09:38:55 UTC (rev 281011)
+++ trunk/LayoutTests/imported/w3c/web-platform-tests/html/semantics/scripting-1/the-script-element/json-module/credentials.sub-expected.txt 2021-08-13 10:22:38 UTC (rev 281012)
@@ -1,5 +1,5 @@
Blocked access to external URL http://www2.localhost:8800/cookies/resources/set-cookie.py?name=milk&path=/html/semantics/scripting-1/the-script-element/json-module/
CONSOLE MESSAGE: Fetch API cannot load http://www2.localhost:8800/cookies/resources/set-cookie.py?name=milk&path=/html/semantics/scripting-1/the-script-element/json-module/ due to access control checks.
-FAIL JSON Modules should be loaded with or without the credentials based on the same-origin-ness and the crossOrigin attribute promise_test: Unhandled rejection with value: object "TypeError: Type error"
+FAIL JSON Modules should be loaded with or without the credentials based on the same-origin-ness and the crossOrigin attribute promise_test: Unhandled rejection with value: object "TypeError: Load failed"
Modified: trunk/LayoutTests/imported/w3c/web-platform-tests/html/semantics/scripting-1/the-script-element/module/credentials.sub-expected.txt (281011 => 281012)
--- trunk/LayoutTests/imported/w3c/web-platform-tests/html/semantics/scripting-1/the-script-element/module/credentials.sub-expected.txt 2021-08-13 09:38:55 UTC (rev 281011)
+++ trunk/LayoutTests/imported/w3c/web-platform-tests/html/semantics/scripting-1/the-script-element/module/credentials.sub-expected.txt 2021-08-13 10:22:38 UTC (rev 281012)
@@ -1,5 +1,5 @@
Blocked access to external URL http://www2.localhost:8800/cookies/resources/set-cookie.py?name=cross&path=/html/semantics/scripting-1/the-script-element/module/
CONSOLE MESSAGE: Fetch API cannot load http://www2.localhost:8800/cookies/resources/set-cookie.py?name=cross&path=/html/semantics/scripting-1/the-script-element/module/ due to access control checks.
-FAIL Modules should be loaded with or without the credentials based on the same-origin-ness and the crossOrigin attribute promise_test: Unhandled rejection with value: object "TypeError: Type error"
+FAIL Modules should be loaded with or without the credentials based on the same-origin-ness and the crossOrigin attribute promise_test: Unhandled rejection with value: object "TypeError: Load failed"
Modified: trunk/LayoutTests/imported/w3c/web-platform-tests/html/semantics/scripting-1/the-script-element/module/dynamic-import/dynamic-imports-credentials-setTimeout.sub-expected.txt (281011 => 281012)
--- trunk/LayoutTests/imported/w3c/web-platform-tests/html/semantics/scripting-1/the-script-element/module/dynamic-import/dynamic-imports-credentials-setTimeout.sub-expected.txt 2021-08-13 09:38:55 UTC (rev 281011)
+++ trunk/LayoutTests/imported/w3c/web-platform-tests/html/semantics/scripting-1/the-script-element/module/dynamic-import/dynamic-imports-credentials-setTimeout.sub-expected.txt 2021-08-13 10:22:38 UTC (rev 281012)
@@ -1,7 +1,7 @@
Blocked access to external URL http://www2.localhost:8800/cookies/resources/set-cookie.py?name=cross&path=/html/semantics/scripting-1/the-script-element/module/
CONSOLE MESSAGE: Fetch API cannot load http://www2.localhost:8800/cookies/resources/set-cookie.py?name=cross&path=/html/semantics/scripting-1/the-script-element/module/ due to access control checks.
-CONSOLE MESSAGE: Unhandled Promise Rejection: TypeError: Type error
+CONSOLE MESSAGE: Unhandled Promise Rejection: TypeError: Load failed
-Harness Error (FAIL), message = Unhandled rejection: Type error
+Harness Error (FAIL), message = Unhandled rejection: Load failed
Modified: trunk/LayoutTests/imported/w3c/web-platform-tests/html/semantics/scripting-1/the-script-element/module/dynamic-import/dynamic-imports-credentials.sub-expected.txt (281011 => 281012)
--- trunk/LayoutTests/imported/w3c/web-platform-tests/html/semantics/scripting-1/the-script-element/module/dynamic-import/dynamic-imports-credentials.sub-expected.txt 2021-08-13 09:38:55 UTC (rev 281011)
+++ trunk/LayoutTests/imported/w3c/web-platform-tests/html/semantics/scripting-1/the-script-element/module/dynamic-import/dynamic-imports-credentials.sub-expected.txt 2021-08-13 10:22:38 UTC (rev 281012)
@@ -1,7 +1,7 @@
Blocked access to external URL http://www2.localhost:8800/cookies/resources/set-cookie.py?name=cross&path=/html/semantics/scripting-1/the-script-element/module/
CONSOLE MESSAGE: Fetch API cannot load http://www2.localhost:8800/cookies/resources/set-cookie.py?name=cross&path=/html/semantics/scripting-1/the-script-element/module/ due to access control checks.
-CONSOLE MESSAGE: Unhandled Promise Rejection: TypeError: Type error
+CONSOLE MESSAGE: Unhandled Promise Rejection: TypeError: Load failed
-Harness Error (FAIL), message = Unhandled rejection: Type error
+Harness Error (FAIL), message = Unhandled rejection: Load failed
Modified: trunk/LayoutTests/imported/w3c/web-platform-tests/html/semantics/scripting-1/the-script-element/module/integrity-expected.txt (281011 => 281012)
--- trunk/LayoutTests/imported/w3c/web-platform-tests/html/semantics/scripting-1/the-script-element/module/integrity-expected.txt 2021-08-13 09:38:55 UTC (rev 281011)
+++ trunk/LayoutTests/imported/w3c/web-platform-tests/html/semantics/scripting-1/the-script-element/module/integrity-expected.txt 2021-08-13 10:22:38 UTC (rev 281012)
@@ -1,4 +1,4 @@
-CONSOLE MESSAGE: TypeError: Cannot load script http://localhost:8800/html/semantics/scripting-1/the-script-element/module/integrity-mismatches.js. Failed integrity metadata check. Content length: 93, Expected content length: -1, Expected metadata: sha384-doesnotmatch
+CONSOLE MESSAGE: TypeError: Cannot load script due to integrity mismatch
PASS The integrity attribute must have no affect on inline module scripts
PASS The integrity attribute must be verified on the top-level of a module and allow it to execute when it matches
Modified: trunk/LayoutTests/imported/w3c/web-platform-tests/service-workers/service-worker/fetch-event-referrer-policy.https-expected.txt (281011 => 281012)
--- trunk/LayoutTests/imported/w3c/web-platform-tests/service-workers/service-worker/fetch-event-referrer-policy.https-expected.txt 2021-08-13 09:38:55 UTC (rev 281011)
+++ trunk/LayoutTests/imported/w3c/web-platform-tests/service-workers/service-worker/fetch-event-referrer-policy.https-expected.txt 2021-08-13 10:22:38 UTC (rev 281012)
@@ -1,6 +1,6 @@
-FAIL Service Worker responds to fetch event with the referrer policy promise_test: Unhandled rejection with value: object "TypeError: Not allowed to request resource"
+FAIL Service Worker responds to fetch event with the referrer policy promise_test: Unhandled rejection with value: object "TypeError: Load failed"
PASS Service Worker should respond to fetch with the default referrer policy
PASS Service Worker should respond to fetch with the referrer URL when a member of RequestInit is present - Default Referrer
Modified: trunk/LayoutTests/imported/w3c/web-platform-tests/service-workers/service-worker/import-scripts-cross-origin.https-expected.txt (281011 => 281012)
--- trunk/LayoutTests/imported/w3c/web-platform-tests/service-workers/service-worker/import-scripts-cross-origin.https-expected.txt 2021-08-13 09:38:55 UTC (rev 281011)
+++ trunk/LayoutTests/imported/w3c/web-platform-tests/service-workers/service-worker/import-scripts-cross-origin.https-expected.txt 2021-08-13 10:22:38 UTC (rev 281012)
@@ -1,3 +1,3 @@
-FAIL importScripts() supports cross-origin requests promise_test: Unhandled rejection with value: object "TypeError: NetworkError: A server with the specified hostname could not be found."
+FAIL importScripts() supports cross-origin requests promise_test: Unhandled rejection with value: object "TypeError: NetworkError: Load failed"
Modified: trunk/LayoutTests/imported/w3c/web-platform-tests/service-workers/service-worker/redirected-response.https-expected.txt (281011 => 281012)
--- trunk/LayoutTests/imported/w3c/web-platform-tests/service-workers/service-worker/redirected-response.https-expected.txt 2021-08-13 09:38:55 UTC (rev 281011)
+++ trunk/LayoutTests/imported/w3c/web-platform-tests/service-workers/service-worker/redirected-response.https-expected.txt 2021-08-13 10:22:38 UTC (rev 281012)
@@ -19,7 +19,7 @@
PASS mode: "manual", manually-generated redirect response
PASS mode: "follow", generated relative redirect response
PASS mode: "error", generated relative redirect response
-FAIL mode: "manual", generated relative redirect response promise_test: Unhandled rejection with value: object "TypeError: The URL can’t be shown"
+FAIL mode: "manual", generated relative redirect response promise_test: Unhandled rejection with value: object "TypeError: Load failed"
PASS Fetch should follow the redirect response 20 times
PASS Fetch should not follow the redirect response 21 times.
PASS The URL for the service worker redirected request should be propagated to response.
Modified: trunk/LayoutTests/imported/w3c/web-platform-tests/wasm/jsapi/table/constructor-reftypes.tentative.any.worker-expected.txt (281011 => 281012)
--- trunk/LayoutTests/imported/w3c/web-platform-tests/wasm/jsapi/table/constructor-reftypes.tentative.any.worker-expected.txt 2021-08-13 09:38:55 UTC (rev 281011)
+++ trunk/LayoutTests/imported/w3c/web-platform-tests/wasm/jsapi/table/constructor-reftypes.tentative.any.worker-expected.txt 2021-08-13 10:22:38 UTC (rev 281012)
@@ -1,5 +1,5 @@
-CONSOLE MESSAGE: NetworkError: Response is not 2xx
+CONSOLE MESSAGE: NetworkError: Load failed
-Harness Error (FAIL), message = NetworkError: Response is not 2xx
+Harness Error (FAIL), message = NetworkError: Load failed
Modified: trunk/LayoutTests/imported/w3c/web-platform-tests/wasm/jsapi/table/grow-reftypes.tentative.any.worker-expected.txt (281011 => 281012)
--- trunk/LayoutTests/imported/w3c/web-platform-tests/wasm/jsapi/table/grow-reftypes.tentative.any.worker-expected.txt 2021-08-13 09:38:55 UTC (rev 281011)
+++ trunk/LayoutTests/imported/w3c/web-platform-tests/wasm/jsapi/table/grow-reftypes.tentative.any.worker-expected.txt 2021-08-13 10:22:38 UTC (rev 281012)
@@ -1,5 +1,5 @@
-CONSOLE MESSAGE: NetworkError: Response is not 2xx
+CONSOLE MESSAGE: NetworkError: Load failed
-Harness Error (FAIL), message = NetworkError: Response is not 2xx
+Harness Error (FAIL), message = NetworkError: Load failed
Modified: trunk/LayoutTests/imported/w3c/web-platform-tests/wasm/jsapi/table/set-reftypes.tentative.any.worker-expected.txt (281011 => 281012)
--- trunk/LayoutTests/imported/w3c/web-platform-tests/wasm/jsapi/table/set-reftypes.tentative.any.worker-expected.txt 2021-08-13 09:38:55 UTC (rev 281011)
+++ trunk/LayoutTests/imported/w3c/web-platform-tests/wasm/jsapi/table/set-reftypes.tentative.any.worker-expected.txt 2021-08-13 10:22:38 UTC (rev 281012)
@@ -1,5 +1,5 @@
-CONSOLE MESSAGE: NetworkError: Response is not 2xx
+CONSOLE MESSAGE: NetworkError: Load failed
-Harness Error (FAIL), message = NetworkError: Response is not 2xx
+Harness Error (FAIL), message = NetworkError: Load failed
Modified: trunk/LayoutTests/js/dom/modules/module-fetch-failure-not-cached-expected.txt (281011 => 281012)
--- trunk/LayoutTests/js/dom/modules/module-fetch-failure-not-cached-expected.txt 2021-08-13 09:38:55 UTC (rev 281011)
+++ trunk/LayoutTests/js/dom/modules/module-fetch-failure-not-cached-expected.txt 2021-08-13 10:22:38 UTC (rev 281012)
@@ -1,4 +1,4 @@
-CONSOLE MESSAGE: TypeError: Cannot load script module-fetch-failure-not-cached.js. Failed integrity metadata check. Content length: 30, Expected content length: 30, Expected metadata: sha256-badbeef
+CONSOLE MESSAGE: TypeError: Cannot load script due to integrity mismatch
PASS Module fetch failure is not cached in module pipeline
Modified: trunk/LayoutTests/platform/mac-wk1/http/tests/security/contentSecurityPolicy/worker-blob-inherits-csp-importScripts-redirect-cross-origin-blocked-expected.txt (281011 => 281012)
--- trunk/LayoutTests/platform/mac-wk1/http/tests/security/contentSecurityPolicy/worker-blob-inherits-csp-importScripts-redirect-cross-origin-blocked-expected.txt 2021-08-13 09:38:55 UTC (rev 281011)
+++ trunk/LayoutTests/platform/mac-wk1/http/tests/security/contentSecurityPolicy/worker-blob-inherits-csp-importScripts-redirect-cross-origin-blocked-expected.txt 2021-08-13 10:22:38 UTC (rev 281012)
@@ -1,3 +1,3 @@
This tests that the Content Security Policy of the parent origin (this page) blocks a Web Worker from importing a script from a different origin, not listed in script-src, through a redirect.
-PASS threw exception NetworkError: Blocked by Content Security Policy..
+PASS threw exception NetworkError: Load failed.
Modified: trunk/LayoutTests/platform/mac-wk1/http/tests/security/contentSecurityPolicy/worker-csp-importScripts-redirect-cross-origin-blocked-expected.txt (281011 => 281012)
--- trunk/LayoutTests/platform/mac-wk1/http/tests/security/contentSecurityPolicy/worker-csp-importScripts-redirect-cross-origin-blocked-expected.txt 2021-08-13 09:38:55 UTC (rev 281011)
+++ trunk/LayoutTests/platform/mac-wk1/http/tests/security/contentSecurityPolicy/worker-csp-importScripts-redirect-cross-origin-blocked-expected.txt 2021-08-13 10:22:38 UTC (rev 281012)
@@ -1,3 +1,3 @@
This tests a Web Worker with Content Security Policy "script-src 'self'" blocks the import of a script from a different origin through a redirect.
-PASS threw exception NetworkError: Blocked by Content Security Policy..
+PASS threw exception NetworkError: Load failed.
Modified: trunk/LayoutTests/platform/mac-wk1/imported/w3c/web-platform-tests/FileAPI/url/url-with-fetch.any-expected.txt (281011 => 281012)
--- trunk/LayoutTests/platform/mac-wk1/imported/w3c/web-platform-tests/FileAPI/url/url-with-fetch.any-expected.txt 2021-08-13 09:38:55 UTC (rev 281011)
+++ trunk/LayoutTests/platform/mac-wk1/imported/w3c/web-platform-tests/FileAPI/url/url-with-fetch.any-expected.txt 2021-08-13 10:22:38 UTC (rev 281012)
@@ -12,6 +12,6 @@
PASS fetch with method "PUT" should fail
PASS fetch with method "CUSTOM" should fail
PASS fetch should return Content-Type from Blob
-FAIL Revoke blob URL after creating Request, will fetch promise_test: Unhandled rejection with value: object "TypeError: Type error"
+FAIL Revoke blob URL after creating Request, will fetch promise_test: Unhandled rejection with value: object "TypeError: Load failed"
PASS Revoke blob URL after calling fetch, fetch should succeed
Modified: trunk/LayoutTests/platform/mac-wk1/imported/w3c/web-platform-tests/FileAPI/url/url-with-fetch.any.worker-expected.txt (281011 => 281012)
--- trunk/LayoutTests/platform/mac-wk1/imported/w3c/web-platform-tests/FileAPI/url/url-with-fetch.any.worker-expected.txt 2021-08-13 09:38:55 UTC (rev 281011)
+++ trunk/LayoutTests/platform/mac-wk1/imported/w3c/web-platform-tests/FileAPI/url/url-with-fetch.any.worker-expected.txt 2021-08-13 10:22:38 UTC (rev 281012)
@@ -12,6 +12,6 @@
PASS fetch with method "PUT" should fail
PASS fetch with method "CUSTOM" should fail
PASS fetch should return Content-Type from Blob
-FAIL Revoke blob URL after creating Request, will fetch promise_test: Unhandled rejection with value: object "TypeError: Type error"
+FAIL Revoke blob URL after creating Request, will fetch promise_test: Unhandled rejection with value: object "TypeError: Load failed"
PASS Revoke blob URL after calling fetch, fetch should succeed
Modified: trunk/LayoutTests/platform/mac-wk1/imported/w3c/web-platform-tests/clipboard-apis/async-navigator-clipboard-basics.https-expected.txt (281011 => 281012)
--- trunk/LayoutTests/platform/mac-wk1/imported/w3c/web-platform-tests/clipboard-apis/async-navigator-clipboard-basics.https-expected.txt 2021-08-13 09:38:55 UTC (rev 281011)
+++ trunk/LayoutTests/platform/mac-wk1/imported/w3c/web-platform-tests/clipboard-apis/async-navigator-clipboard-basics.https-expected.txt 2021-08-13 10:22:38 UTC (rev 281012)
@@ -11,7 +11,7 @@
FAIL navigator.clipboard.write(Blob) fails (expect [ClipboardItem]) promise_test: Unhandled rejection with value: object "TypeError: undefined is not an object (evaluating 'navigator.clipboard.write')"
FAIL navigator.clipboard.writeText(DOMString) succeeds promise_test: Unhandled rejection with value: object "TypeError: undefined is not an object (evaluating 'navigator.clipboard.writeText')"
FAIL navigator.clipboard.writeText() fails (expect DOMString) promise_test: Unhandled rejection with value: object "TypeError: undefined is not an object (evaluating 'navigator.clipboard.writeText')"
-FAIL navigator.clipboard.write({string : image/png Blob}) succeeds promise_test: Unhandled rejection with value: object "TypeError: Not allowed to request resource"
+FAIL navigator.clipboard.write({string : image/png Blob}) succeeds promise_test: Unhandled rejection with value: object "TypeError: Load failed"
FAIL navigator.clipboard.read() succeeds promise_test: Unhandled rejection with value: object "TypeError: undefined is not an object (evaluating 'navigator.clipboard.read')"
FAIL navigator.clipboard.readText() succeeds promise_test: Unhandled rejection with value: object "TypeError: undefined is not an object (evaluating 'navigator.clipboard.readText')"
Modified: trunk/LayoutTests/platform/mac-wk1/imported/w3c/web-platform-tests/content-security-policy/inside-worker/dedicatedworker-report-only-expected.txt (281011 => 281012)
--- trunk/LayoutTests/platform/mac-wk1/imported/w3c/web-platform-tests/content-security-policy/inside-worker/dedicatedworker-report-only-expected.txt 2021-08-13 09:38:55 UTC (rev 281011)
+++ trunk/LayoutTests/platform/mac-wk1/imported/w3c/web-platform-tests/content-security-policy/inside-worker/dedicatedworker-report-only-expected.txt 2021-08-13 10:22:38 UTC (rev 281012)
@@ -4,8 +4,8 @@
PASS Same-origin 'fetch()'.
PASS Same-origin XHR.
-FAIL Cross-origin 'fetch()'. promise_test: Unhandled rejection with value: object "TypeError: Type error"
+FAIL Cross-origin 'fetch()'. promise_test: Unhandled rejection with value: object "TypeError: Load failed"
FAIL Cross-origin XHR. promise_test: Unhandled rejection with value: "xhr.open should not have thrown."
-FAIL Same-origin => cross-origin 'fetch()'. promise_test: Unhandled rejection with value: object "TypeError: Type error"
+FAIL Same-origin => cross-origin 'fetch()'. promise_test: Unhandled rejection with value: object "TypeError: Load failed"
FAIL connect-src-self-report-only assert_array_equals: Reports do not match lengths differ, expected array ["http://localhost:8800/common/redirect-opt-in.py?status=307&location=https://www.localhost:9444/content-security-policy/support/resource.py?cross-origin-fetch", "https://www.localhost:9444/content-security-policy/support/resource.py?cross-origin-fetch", "https://www.localhost:9444/content-security-policy/support/resource.py?cross-origin-xhr"] length 3, got [] length 0
Modified: trunk/LayoutTests/platform/mac-wk1/imported/w3c/web-platform-tests/fetch/api/request/request-cache-only-if-cached.any-expected.txt (281011 => 281012)
--- trunk/LayoutTests/platform/mac-wk1/imported/w3c/web-platform-tests/fetch/api/request/request-cache-only-if-cached.any-expected.txt 2021-08-13 09:38:55 UTC (rev 281011)
+++ trunk/LayoutTests/platform/mac-wk1/imported/w3c/web-platform-tests/fetch/api/request/request-cache-only-if-cached.any-expected.txt 2021-08-13 10:22:38 UTC (rev 281012)
@@ -5,10 +5,10 @@
PASS RequestCache "only-if-cached" mode checks the cache for previously cached content and avoids revalidation for fresh responses with Last-Modified and fresh response
PASS RequestCache "only-if-cached" mode checks the cache for previously cached content and does not go to the network if a cached response is not found with Etag and fresh response
PASS RequestCache "only-if-cached" mode checks the cache for previously cached content and does not go to the network if a cached response is not found with Last-Modified and fresh response
-FAIL RequestCache "only-if-cached" (with "same-origin") uses cached same-origin redirects to same-origin content with Etag and fresh response promise_test: Unhandled rejection with value: object "TypeError: resource unavailable"
-FAIL RequestCache "only-if-cached" (with "same-origin") uses cached same-origin redirects to same-origin content with Last-Modified and fresh response promise_test: Unhandled rejection with value: object "TypeError: resource unavailable"
-FAIL RequestCache "only-if-cached" (with "same-origin") uses cached same-origin redirects to same-origin content with Etag and stale response promise_test: Unhandled rejection with value: object "TypeError: resource unavailable"
-FAIL RequestCache "only-if-cached" (with "same-origin") uses cached same-origin redirects to same-origin content with Last-Modified and stale response promise_test: Unhandled rejection with value: object "TypeError: resource unavailable"
+FAIL RequestCache "only-if-cached" (with "same-origin") uses cached same-origin redirects to same-origin content with Etag and fresh response promise_test: Unhandled rejection with value: object "TypeError: Load failed"
+FAIL RequestCache "only-if-cached" (with "same-origin") uses cached same-origin redirects to same-origin content with Last-Modified and fresh response promise_test: Unhandled rejection with value: object "TypeError: Load failed"
+FAIL RequestCache "only-if-cached" (with "same-origin") uses cached same-origin redirects to same-origin content with Etag and stale response promise_test: Unhandled rejection with value: object "TypeError: Load failed"
+FAIL RequestCache "only-if-cached" (with "same-origin") uses cached same-origin redirects to same-origin content with Last-Modified and stale response promise_test: Unhandled rejection with value: object "TypeError: Load failed"
PASS RequestCache "only-if-cached" (with "same-origin") does not follow redirects across origins and rejects with Etag and fresh response
PASS RequestCache "only-if-cached" (with "same-origin") does not follow redirects across origins and rejects with Last-Modified and fresh response
PASS RequestCache "only-if-cached" (with "same-origin") does not follow redirects across origins and rejects with Etag and stale response
Modified: trunk/LayoutTests/platform/mac-wk1/imported/w3c/web-platform-tests/fetch/api/request/request-cache-only-if-cached.any.worker-expected.txt (281011 => 281012)
--- trunk/LayoutTests/platform/mac-wk1/imported/w3c/web-platform-tests/fetch/api/request/request-cache-only-if-cached.any.worker-expected.txt 2021-08-13 09:38:55 UTC (rev 281011)
+++ trunk/LayoutTests/platform/mac-wk1/imported/w3c/web-platform-tests/fetch/api/request/request-cache-only-if-cached.any.worker-expected.txt 2021-08-13 10:22:38 UTC (rev 281012)
@@ -5,10 +5,10 @@
PASS RequestCache "only-if-cached" mode checks the cache for previously cached content and avoids revalidation for fresh responses with Last-Modified and fresh response
PASS RequestCache "only-if-cached" mode checks the cache for previously cached content and does not go to the network if a cached response is not found with Etag and fresh response
PASS RequestCache "only-if-cached" mode checks the cache for previously cached content and does not go to the network if a cached response is not found with Last-Modified and fresh response
-FAIL RequestCache "only-if-cached" (with "same-origin") uses cached same-origin redirects to same-origin content with Etag and fresh response promise_test: Unhandled rejection with value: object "TypeError: resource unavailable"
-FAIL RequestCache "only-if-cached" (with "same-origin") uses cached same-origin redirects to same-origin content with Last-Modified and fresh response promise_test: Unhandled rejection with value: object "TypeError: resource unavailable"
-FAIL RequestCache "only-if-cached" (with "same-origin") uses cached same-origin redirects to same-origin content with Etag and stale response promise_test: Unhandled rejection with value: object "TypeError: resource unavailable"
-FAIL RequestCache "only-if-cached" (with "same-origin") uses cached same-origin redirects to same-origin content with Last-Modified and stale response promise_test: Unhandled rejection with value: object "TypeError: resource unavailable"
+FAIL RequestCache "only-if-cached" (with "same-origin") uses cached same-origin redirects to same-origin content with Etag and fresh response promise_test: Unhandled rejection with value: object "TypeError: Load failed"
+FAIL RequestCache "only-if-cached" (with "same-origin") uses cached same-origin redirects to same-origin content with Last-Modified and fresh response promise_test: Unhandled rejection with value: object "TypeError: Load failed"
+FAIL RequestCache "only-if-cached" (with "same-origin") uses cached same-origin redirects to same-origin content with Etag and stale response promise_test: Unhandled rejection with value: object "TypeError: Load failed"
+FAIL RequestCache "only-if-cached" (with "same-origin") uses cached same-origin redirects to same-origin content with Last-Modified and stale response promise_test: Unhandled rejection with value: object "TypeError: Load failed"
PASS RequestCache "only-if-cached" (with "same-origin") does not follow redirects across origins and rejects with Etag and fresh response
PASS RequestCache "only-if-cached" (with "same-origin") does not follow redirects across origins and rejects with Last-Modified and fresh response
PASS RequestCache "only-if-cached" (with "same-origin") does not follow redirects across origins and rejects with Etag and stale response
Modified: trunk/LayoutTests/platform/mac-wk1/imported/w3c/web-platform-tests/fetch/http-cache/cc-request.any-expected.txt (281011 => 281012)
--- trunk/LayoutTests/platform/mac-wk1/imported/w3c/web-platform-tests/fetch/http-cache/cc-request.any-expected.txt 2021-08-13 09:38:55 UTC (rev 281011)
+++ trunk/LayoutTests/platform/mac-wk1/imported/w3c/web-platform-tests/fetch/http-cache/cc-request.any-expected.txt 2021-08-13 10:22:38 UTC (rev 281012)
@@ -10,5 +10,5 @@
PASS HTTP cache validates fresh response with Last-Modified when request contains Cache-Control: no-cache
PASS HTTP cache validates fresh response with ETag when request contains Cache-Control: no-cache
PASS HTTP cache doesn't reuse fresh response when request contains Cache-Control: no-store
-FAIL HTTP cache generates 504 status code when nothing is in cache and request contains Cache-Control: only-if-cached promise_test: Unhandled rejection with value: object "TypeError: can’t load from network"
+FAIL HTTP cache generates 504 status code when nothing is in cache and request contains Cache-Control: only-if-cached promise_test: Unhandled rejection with value: object "TypeError: Load failed"
Modified: trunk/LayoutTests/platform/mac-wk1/imported/w3c/web-platform-tests/fetch/http-cache/cc-request.any.worker-expected.txt (281011 => 281012)
--- trunk/LayoutTests/platform/mac-wk1/imported/w3c/web-platform-tests/fetch/http-cache/cc-request.any.worker-expected.txt 2021-08-13 09:38:55 UTC (rev 281011)
+++ trunk/LayoutTests/platform/mac-wk1/imported/w3c/web-platform-tests/fetch/http-cache/cc-request.any.worker-expected.txt 2021-08-13 10:22:38 UTC (rev 281012)
@@ -10,5 +10,5 @@
PASS HTTP cache validates fresh response with Last-Modified when request contains Cache-Control: no-cache
PASS HTTP cache validates fresh response with ETag when request contains Cache-Control: no-cache
PASS HTTP cache doesn't reuse fresh response when request contains Cache-Control: no-store
-FAIL HTTP cache generates 504 status code when nothing is in cache and request contains Cache-Control: only-if-cached promise_test: Unhandled rejection with value: object "TypeError: can’t load from network"
+FAIL HTTP cache generates 504 status code when nothing is in cache and request contains Cache-Control: only-if-cached promise_test: Unhandled rejection with value: object "TypeError: Load failed"
Modified: trunk/Source/WebCore/ChangeLog (281011 => 281012)
--- trunk/Source/WebCore/ChangeLog 2021-08-13 09:38:55 UTC (rev 281011)
+++ trunk/Source/WebCore/ChangeLog 2021-08-13 10:22:38 UTC (rev 281012)
@@ -1,3 +1,45 @@
+2021-08-13 Youenn Fablet <you...@apple.com>
+
+ Overly verbose catchable fetch error messages lead to cross-origin leaks
+ https://bugs.webkit.org/show_bug.cgi?id=228861
+
+ Reviewed by Brent Fulgham.
+
+ Standardize error messages to get more uniform with other browsers.
+ To continue supporting service worker errors going to page errors,
+ we add a boolean to ResourceError to control whether sanitizing the error message or not.
+ This allows to keep error messages from service worker type exceptions to be exposed in window environments through fetch rejection.
+ Also handle ScriptModuleLoader since it is doing its own SRI checks.
+ Covered by rebased tests.
+
+ * Modules/fetch/FetchBodyOwner.cpp:
+ (WebCore::FetchBodyOwner::loadingException const):
+ * Modules/fetch/FetchResponse.cpp:
+ (WebCore::FetchResponse::BodyLoader::didFail):
+ * platform/network/ResourceErrorBase.h:
+ (WebCore::ResourceErrorBase::sanitizedDescription const):
+ (WebCore::ResourceErrorBase::isSanitized const):
+ (WebCore::ResourceErrorBase::setAsSanitized):
+ (WebCore::ResourceErrorBase::ResourceErrorBase):
+ * platform/network/cf/ResourceError.h:
+ (WebCore::ResourceError::ResourceError):
+ * platform/network/curl/ResourceError.h:
+ (WebCore::ResourceError::ResourceError):
+ * platform/network/soup/ResourceError.h:
+ (WebCore::ResourceError::ResourceError):
+ * workers/WorkerScriptLoader.cpp:
+ (WebCore::WorkerScriptLoader::loadSynchronously):
+ * workers/service/FetchEvent.cpp:
+ (WebCore::FetchEvent::createResponseError):
+ (WebCore::FetchEvent::respondWith):
+ (WebCore::FetchEvent::promiseIsSettled):
+ * workers/service/FetchEvent.h:
+ * workers/service/context/ServiceWorkerFetch.cpp:
+ (WebCore::ServiceWorkerFetch::processResponse):
+ (WebCore::ServiceWorkerFetch::dispatchFetchEvent):
+ * bindings/js/ScriptModuleLoader.cpp:
+ (WebCore::ScriptModuleLoader::notifyFinished):
+
2021-08-13 Sergio Villar Senin <svil...@igalia.com>
Crash in MockMediaSourcePrivate
Modified: trunk/Source/WebCore/Modules/fetch/FetchBodyOwner.cpp (281011 => 281012)
--- trunk/Source/WebCore/Modules/fetch/FetchBodyOwner.cpp 2021-08-13 09:38:55 UTC (rev 281011)
+++ trunk/Source/WebCore/Modules/fetch/FetchBodyOwner.cpp 2021-08-13 10:22:38 UTC (rev 281012)
@@ -389,7 +389,7 @@
std::optional<Exception> FetchBodyOwner::loadingException() const
{
return WTF::switchOn(m_loadingError, [](const ResourceError& error) {
- return Exception { TypeError, error.localizedDescription().isEmpty() ? "Loading failed"_s : error.localizedDescription() };
+ return Exception { TypeError, error.sanitizedDescription() };
}, [](const Exception& exception) {
return Exception { exception };
}, [](auto&&) -> std::optional<Exception> {
Modified: trunk/Source/WebCore/Modules/fetch/FetchResponse.cpp (281011 => 281012)
--- trunk/Source/WebCore/Modules/fetch/FetchResponse.cpp 2021-08-13 09:38:55 UTC (rev 281011)
+++ trunk/Source/WebCore/Modules/fetch/FetchResponse.cpp 2021-08-13 10:22:38 UTC (rev 281012)
@@ -298,10 +298,10 @@
m_response.setLoadingError(ResourceError { error });
if (auto responseCallback = WTFMove(m_responseCallback))
- responseCallback(Exception { TypeError, error.localizedDescription() });
+ responseCallback(Exception { TypeError, error.sanitizedDescription() });
if (auto consumeDataCallback = WTFMove(m_consumeDataCallback))
- consumeDataCallback(Exception { TypeError, error.localizedDescription() });
+ consumeDataCallback(Exception { TypeError, error.sanitizedDescription() });
if (m_response.m_readableStreamSource) {
if (!m_response.m_readableStreamSource->isCancelling())
Modified: trunk/Source/WebCore/bindings/js/ScriptModuleLoader.cpp (281011 => 281012)
--- trunk/Source/WebCore/bindings/js/ScriptModuleLoader.cpp 2021-08-13 09:38:55 UTC (rev 281011)
+++ trunk/Source/WebCore/bindings/js/ScriptModuleLoader.cpp 2021-08-13 10:22:38 UTC (rev 281012)
@@ -401,7 +401,7 @@
if (auto* parameters = loader.parameters()) {
if (!matchIntegrityMetadata(cachedScript, parameters->integrity())) {
- promise->reject(TypeError, makeString("Cannot load script ", integrityMismatchDescription(cachedScript, parameters->integrity())));
+ promise->reject(TypeError, "Cannot load script due to integrity mismatch"_s);
return;
}
}
Modified: trunk/Source/WebCore/platform/network/ResourceErrorBase.h (281011 => 281012)
--- trunk/Source/WebCore/platform/network/ResourceErrorBase.h 2021-08-13 09:38:55 UTC (rev 281011)
+++ trunk/Source/WebCore/platform/network/ResourceErrorBase.h 2021-08-13 10:22:38 UTC (rev 281012)
@@ -47,6 +47,8 @@
const URL& failingURL() const { lazyInit(); return m_failingURL; }
const String& localizedDescription() const { lazyInit(); return m_localizedDescription; }
+ String sanitizedDescription() const { return m_isSanitized == IsSanitized::Yes ? m_localizedDescription : "Load failed"_s; }
+
enum class Type : uint8_t {
Null,
General,
@@ -54,6 +56,7 @@
Cancellation,
Timeout
};
+ enum class IsSanitized : bool { No, Yes };
bool isNull() const { return m_type == Type::Null; }
bool isGeneral() const { return m_type == Type::General; }
@@ -66,15 +69,19 @@
WEBCORE_EXPORT void setType(Type);
Type type() const { return m_type; }
+ bool isSanitized() const { return m_isSanitized == IsSanitized::Yes; }
+ void setAsSanitized() { m_isSanitized = IsSanitized::Yes; }
+
protected:
ResourceErrorBase(Type type) : m_type(type) { }
- ResourceErrorBase(const String& domain, int errorCode, const URL& failingURL, const String& localizedDescription, Type type)
+ ResourceErrorBase(const String& domain, int errorCode, const URL& failingURL, const String& localizedDescription, Type type, IsSanitized isSanitized)
: m_domain(domain)
, m_failingURL(failingURL)
, m_localizedDescription(localizedDescription)
, m_errorCode(errorCode)
, m_type(type)
+ , m_isSanitized(isSanitized)
{
}
@@ -91,6 +98,7 @@
String m_localizedDescription;
int m_errorCode { 0 };
Type m_type { Type::General };
+ IsSanitized m_isSanitized { IsSanitized::No };
private:
const ResourceError& asResourceError() const;
Modified: trunk/Source/WebCore/platform/network/cf/ResourceError.h (281011 => 281012)
--- trunk/Source/WebCore/platform/network/cf/ResourceError.h 2021-08-13 09:38:55 UTC (rev 281011)
+++ trunk/Source/WebCore/platform/network/cf/ResourceError.h 2021-08-13 10:22:38 UTC (rev 281012)
@@ -50,8 +50,8 @@
{
}
- ResourceError(const String& domain, int errorCode, const URL& failingURL, const String& localizedDescription, Type type = Type::General)
- : ResourceErrorBase(domain, errorCode, failingURL, localizedDescription, type)
+ ResourceError(const String& domain, int errorCode, const URL& failingURL, const String& localizedDescription, Type type = Type::General, IsSanitized isSanitized = IsSanitized::No)
+ : ResourceErrorBase(domain, errorCode, failingURL, localizedDescription, type, isSanitized)
, m_dataIsUpToDate(true)
{
#if PLATFORM(COCOA)
Modified: trunk/Source/WebCore/platform/network/curl/ResourceError.h (281011 => 281012)
--- trunk/Source/WebCore/platform/network/curl/ResourceError.h 2021-08-13 09:38:55 UTC (rev 281011)
+++ trunk/Source/WebCore/platform/network/curl/ResourceError.h 2021-08-13 10:22:38 UTC (rev 281012)
@@ -39,8 +39,8 @@
{
}
- ResourceError(const String& domain, int errorCode, const URL& failingURL, const String& localizedDescription, Type type = Type::General)
- : ResourceErrorBase(domain, errorCode, failingURL, localizedDescription, type)
+ ResourceError(const String& domain, int errorCode, const URL& failingURL, const String& localizedDescription, Type type = Type::General, IsSanitized isSanitized = IsSanitized::No)
+ : ResourceErrorBase(domain, errorCode, failingURL, localizedDescription, type, isSanitized)
{
}
Modified: trunk/Source/WebCore/platform/network/soup/ResourceError.h (281011 => 281012)
--- trunk/Source/WebCore/platform/network/soup/ResourceError.h 2021-08-13 09:38:55 UTC (rev 281011)
+++ trunk/Source/WebCore/platform/network/soup/ResourceError.h 2021-08-13 10:22:38 UTC (rev 281012)
@@ -43,8 +43,8 @@
{
}
- ResourceError(const String& domain, int errorCode, const URL& failingURL, const String& localizedDescription, Type type = Type::General)
- : ResourceErrorBase(domain, errorCode, failingURL, localizedDescription, type)
+ ResourceError(const String& domain, int errorCode, const URL& failingURL, const String& localizedDescription, Type type = Type::General, IsSanitized isSanitized = IsSanitized::No)
+ : ResourceErrorBase(domain, errorCode, failingURL, localizedDescription, type, isSanitized)
{
}
Modified: trunk/Source/WebCore/workers/WorkerScriptLoader.cpp (281011 => 281012)
--- trunk/Source/WebCore/workers/WorkerScriptLoader.cpp 2021-08-13 09:38:55 UTC (rev 281011)
+++ trunk/Source/WebCore/workers/WorkerScriptLoader.cpp 2021-08-13 10:22:38 UTC (rev 281012)
@@ -99,7 +99,7 @@
// If the fetching attempt failed, throw a NetworkError exception and abort all these steps.
if (failed())
- return Exception { NetworkError, error().localizedDescription() };
+ return Exception { NetworkError, m_error.sanitizedDescription() };
#if ENABLE(SERVICE_WORKER)
if (isServiceWorkerGlobalScope) {
Modified: trunk/Source/WebCore/workers/service/FetchEvent.cpp (281011 => 281012)
--- trunk/Source/WebCore/workers/service/FetchEvent.cpp 2021-08-13 09:38:55 UTC (rev 281011)
+++ trunk/Source/WebCore/workers/service/FetchEvent.cpp 2021-08-13 10:22:38 UTC (rev 281012)
@@ -61,9 +61,9 @@
}
}
-ResourceError FetchEvent::createResponseError(const URL& url, const String& errorMessage)
+ResourceError FetchEvent::createResponseError(const URL& url, const String& errorMessage, ResourceError::IsSanitized isSanitized)
{
- return ResourceError { errorDomainWebKitServiceWorker, 0, url, makeString("FetchEvent.respondWith received an error: ", errorMessage), ResourceError::Type::General };
+ return ResourceError { errorDomainWebKitServiceWorker, 0, url, makeString("FetchEvent.respondWith received an error: ", errorMessage), ResourceError::Type::General, isSanitized };
}
@@ -89,7 +89,7 @@
m_waitToRespond = true;
if (isRegistered == DOMPromise::IsCallbackRegistered::No)
- respondWithError(createResponseError(m_request->url(), "FetchEvent unable to handle respondWith promise."_s));
+ respondWithError(createResponseError(m_request->url(), "FetchEvent unable to handle respondWith promise."_s, ResourceError::IsSanitized::Yes));
return { };
}
@@ -118,7 +118,7 @@
{
if (m_respondPromise->status() == DOMPromise::Status::Rejected) {
auto reason = m_respondPromise->result().toWTFString(m_respondPromise->globalObject());
- respondWithError(createResponseError(m_request->url(), reason));
+ respondWithError(createResponseError(m_request->url(), reason, ResourceError::IsSanitized::Yes));
return;
}
@@ -125,12 +125,12 @@
ASSERT(m_respondPromise->status() == DOMPromise::Status::Fulfilled);
auto response = JSFetchResponse::toWrapped(m_respondPromise->globalObject()->vm(), m_respondPromise->result());
if (!response) {
- respondWithError(createResponseError(m_request->url(), "Returned response is null."_s));
+ respondWithError(createResponseError(m_request->url(), "Returned response is null."_s, ResourceError::IsSanitized::Yes));
return;
}
if (response->isDisturbedOrLocked()) {
- respondWithError(createResponseError(m_request->url(), "Response is disturbed or locked."_s));
+ respondWithError(createResponseError(m_request->url(), "Response is disturbed or locked."_s, ResourceError::IsSanitized::Yes));
return;
}
Modified: trunk/Source/WebCore/workers/service/FetchEvent.h (281011 => 281012)
--- trunk/Source/WebCore/workers/service/FetchEvent.h 2021-08-13 09:38:55 UTC (rev 281011)
+++ trunk/Source/WebCore/workers/service/FetchEvent.h 2021-08-13 10:22:38 UTC (rev 281012)
@@ -69,7 +69,7 @@
bool respondWithEntered() const { return m_respondWithEntered; }
- static ResourceError createResponseError(const URL&, const String&);
+ static ResourceError createResponseError(const URL&, const String&, ResourceError::IsSanitized = ResourceError::IsSanitized::No);
private:
WEBCORE_EXPORT FetchEvent(const AtomString&, Init&&, IsTrusted);
Modified: trunk/Source/WebCore/workers/service/context/ServiceWorkerFetch.cpp (281011 => 281012)
--- trunk/Source/WebCore/workers/service/context/ServiceWorkerFetch.cpp 2021-08-13 09:38:55 UTC (rev 281011)
+++ trunk/Source/WebCore/workers/service/context/ServiceWorkerFetch.cpp 2021-08-13 10:22:38 UTC (rev 281012)
@@ -49,17 +49,17 @@
static inline std::optional<ResourceError> validateResponse(const ResourceResponse& response, FetchOptions::Mode mode, FetchOptions::Redirect redirect)
{
if (response.type() == ResourceResponse::Type::Error)
- return ResourceError { errorDomainWebKitInternal, 0, response.url(), "Response served by service worker is an error"_s, ResourceError::Type::General };
+ return ResourceError { errorDomainWebKitInternal, 0, response.url(), "Response served by service worker is an error"_s, ResourceError::Type::General, ResourceError::IsSanitized::Yes };
if (mode != FetchOptions::Mode::NoCors && response.tainting() == ResourceResponse::Tainting::Opaque)
- return ResourceError { errorDomainWebKitInternal, 0, response.url(), "Response served by service worker is opaque"_s, ResourceError::Type::AccessControl };
+ return ResourceError { errorDomainWebKitInternal, 0, response.url(), "Response served by service worker is opaque"_s, ResourceError::Type::AccessControl, ResourceError::IsSanitized::Yes };
// Navigate mode induces manual redirect.
if (redirect != FetchOptions::Redirect::Manual && mode != FetchOptions::Mode::Navigate && response.tainting() == ResourceResponse::Tainting::Opaqueredirect)
- return ResourceError { errorDomainWebKitInternal, 0, response.url(), "Response served by service worker is opaque redirect"_s, ResourceError::Type::AccessControl };
+ return ResourceError { errorDomainWebKitInternal, 0, response.url(), "Response served by service worker is opaque redirect"_s, ResourceError::Type::AccessControl, ResourceError::IsSanitized::Yes };
if ((redirect != FetchOptions::Redirect::Follow || mode == FetchOptions::Mode::Navigate) && response.isRedirected())
- return ResourceError { errorDomainWebKitInternal, 0, response.url(), "Response served by service worker has redirections"_s, ResourceError::Type::AccessControl };
+ return ResourceError { errorDomainWebKitInternal, 0, response.url(), "Response served by service worker has redirections"_s, ResourceError::Type::AccessControl, ResourceError::IsSanitized::Yes };
return { };
}
@@ -115,7 +115,8 @@
if (response->isBodyReceivedByChunk()) {
response->consumeBodyReceivedByChunk([client = WTFMove(client)] (auto&& result) mutable {
if (result.hasException()) {
- client->didFail(FetchEvent::createResponseError(URL { }, result.exception().message()));
+ auto error = FetchEvent::createResponseError(URL { }, result.exception().message(), ResourceError::IsSanitized::Yes);
+ client->didFail(error);
return;
}
@@ -188,7 +189,8 @@
if (!event->respondWithEntered()) {
if (event->defaultPrevented()) {
- client->didFail(ResourceError { errorDomainWebKitInternal, 0, requestURL, "Fetch event was canceled"_s });
+ ResourceError error { errorDomainWebKitInternal, 0, requestURL, "Fetch event was canceled"_s, ResourceError::Type::General, ResourceError::IsSanitized::Yes };
+ client->didFail(error);
return;
}
client->didNotHandle();
Modified: trunk/Source/WebKit/ChangeLog (281011 => 281012)
--- trunk/Source/WebKit/ChangeLog 2021-08-13 09:38:55 UTC (rev 281011)
+++ trunk/Source/WebKit/ChangeLog 2021-08-13 10:22:38 UTC (rev 281012)
@@ -1,3 +1,14 @@
+2021-08-13 Youenn Fablet <you...@apple.com>
+
+ Overly verbose catchable fetch error messages lead to cross-origin leaks
+ https://bugs.webkit.org/show_bug.cgi?id=228861
+
+ Reviewed by Brent Fulgham.
+
+ * Shared/WebCoreArgumentCoders.cpp:
+ (IPC::ArgumentCoder<ResourceError>::encode):
+ (IPC::ArgumentCoder<ResourceError>::decode):
+
2021-08-12 Peng Liu <peng.l...@apple.com>
REGRESSION (r280951): [ Big Sur ] TestWebKitAPI.AudioRoutingArbitration.Close is failing
Modified: trunk/Source/WebKit/Shared/WebCoreArgumentCoders.cpp (281011 => 281012)
--- trunk/Source/WebKit/Shared/WebCoreArgumentCoders.cpp 2021-08-13 09:38:55 UTC (rev 281011)
+++ trunk/Source/WebKit/Shared/WebCoreArgumentCoders.cpp 2021-08-13 10:22:38 UTC (rev 281012)
@@ -1297,6 +1297,7 @@
if (resourceError.type() == ResourceError::Type::Null)
return;
encodePlatformData(encoder, resourceError);
+ encoder << resourceError.isSanitized();
}
bool ArgumentCoder<ResourceError>::decode(Decoder& decoder, ResourceError& resourceError)
@@ -1313,7 +1314,14 @@
if (!decodePlatformData(decoder, resourceError))
return false;
+ bool isSanitized;
+ if (!decoder.decode(isSanitized))
+ return false;
+
resourceError.setType(type);
+ if (isSanitized)
+ resourceError.setAsSanitized();
+
return true;
}