Diff
Modified: branches/safari-602-branch/LayoutTests/ChangeLog (205224 => 205225)
--- branches/safari-602-branch/LayoutTests/ChangeLog 2016-08-31 06:45:34 UTC (rev 205224)
+++ branches/safari-602-branch/LayoutTests/ChangeLog 2016-08-31 07:19:43 UTC (rev 205225)
@@ -1,3 +1,19 @@
+2016-08-30 Babak Shafiei <[email protected]>
+
+ Merge r203542. rdar://problem/27991570
+
+ 2016-07-21 John Wilander <[email protected]>
+
+ Block mixed content synchronous XHR
+ https://bugs.webkit.org/show_bug.cgi?id=105462
+ <rdar://problem/13666424>
+
+ Reviewed by Brent Fulgham.
+
+ * http/tests/security/mixedContent/insecure-xhr-sync-in-main-frame-expected.txt: Added.
+ * http/tests/security/mixedContent/insecure-xhr-sync-in-main-frame.html: Added.
+ * http/tests/security/mixedContent/resources/insecure-xhr-sync-in-main-frame-window.html: Added.
+
2016-08-23 Babak Shafiei <[email protected]>
Merge r204521. rdar://problem/27075526
Added: branches/safari-602-branch/LayoutTests/http/tests/security/mixedContent/insecure-xhr-sync-in-main-frame-expected.txt (0 => 205225)
--- branches/safari-602-branch/LayoutTests/http/tests/security/mixedContent/insecure-xhr-sync-in-main-frame-expected.txt (rev 0)
+++ branches/safari-602-branch/LayoutTests/http/tests/security/mixedContent/insecure-xhr-sync-in-main-frame-expected.txt 2016-08-31 07:19:43 UTC (rev 205225)
@@ -0,0 +1,3 @@
+CONSOLE MESSAGE: line 26: [blocked] The page at https://127.0.0.1:8443/security/mixedContent/resources/insecure-xhr-sync-in-main-frame-window.html was not allowed to run insecure content from http://127.0.0.1:8000/.
+
+This test opens a HTTPS window that loads insecure data via synchronous XHR. We should trigger a mixed content callback because the main frame in the window is HTTPS but now has insecure data.
Added: branches/safari-602-branch/LayoutTests/http/tests/security/mixedContent/insecure-xhr-sync-in-main-frame.html (0 => 205225)
--- branches/safari-602-branch/LayoutTests/http/tests/security/mixedContent/insecure-xhr-sync-in-main-frame.html (rev 0)
+++ branches/safari-602-branch/LayoutTests/http/tests/security/mixedContent/insecure-xhr-sync-in-main-frame.html 2016-08-31 07:19:43 UTC (rev 205225)
@@ -0,0 +1,21 @@
+<html>
+<body>
+<script>
+if (window.testRunner) {
+ testRunner.waitUntilDone();
+ testRunner.dumpAsText();
+ testRunner.setCanOpenWindows();
+ testRunner.setCloseRemainingWindowsWhenComplete(true);
+}
+
+</script>
+<p>This test opens a HTTPS window that loads insecure data via synchronous XHR. We
+should trigger a mixed content callback because the main frame in the window is
+HTTPS but now has insecure data.</p>
+<script>
+_onload_ = function() {
+ window.open("https://127.0.0.1:8443/security/mixedContent/resources/insecure-xhr-sync-in-main-frame-window.html");
+}
+</script>
+</body>
+</html>
Added: branches/safari-602-branch/LayoutTests/http/tests/security/mixedContent/resources/insecure-xhr-sync-in-main-frame-window.html (0 => 205225)
--- branches/safari-602-branch/LayoutTests/http/tests/security/mixedContent/resources/insecure-xhr-sync-in-main-frame-window.html (rev 0)
+++ branches/safari-602-branch/LayoutTests/http/tests/security/mixedContent/resources/insecure-xhr-sync-in-main-frame-window.html 2016-08-31 07:19:43 UTC (rev 205225)
@@ -0,0 +1,31 @@
+<html>
+<body>
+<script>
+
+window._onload_ = function() {
+ var xhr = new XMLHttpRequest();
+ xhr._onload_ = function() {
+ alert("FAIL: load was not blocked");
+ if (window.testRunner)
+ testRunner.notifyDone();
+ };
+
+ setTimeout(function() {
+ if (window.testRunner)
+ testRunner.notifyDone();
+ }, 2000);
+
+ try {
+ xhr.open("GET", "http://127.0.0.1:8000/", false);
+ } catch (ex) {
+ // Firefox raises an exception, which is one way to make this detectable.
+ if (window.testRunner)
+ testRunner.notifyDone();
+ }
+
+ xhr.send(null);
+};
+</script>
+
+</body>
+</html>
Modified: branches/safari-602-branch/Source/WebCore/ChangeLog (205224 => 205225)
--- branches/safari-602-branch/Source/WebCore/ChangeLog 2016-08-31 06:45:34 UTC (rev 205224)
+++ branches/safari-602-branch/Source/WebCore/ChangeLog 2016-08-31 07:19:43 UTC (rev 205225)
@@ -1,3 +1,20 @@
+2016-08-30 Babak Shafiei <[email protected]>
+
+ Merge r203542. rdar://problem/27991570
+
+ 2016-07-21 John Wilander <[email protected]>
+
+ Block mixed content synchronous XHR
+ https://bugs.webkit.org/show_bug.cgi?id=105462
+ <rdar://problem/13666424>
+
+ Reviewed by Brent Fulgham.
+
+ Test: http/tests/security/mixedContent/insecure-xhr-sync-in-main-frame.html
+
+ * loader/DocumentThreadableLoader.cpp:
+ (WebCore::DocumentThreadableLoader::loadRequest):
+
2016-08-23 Babak Shafiei <[email protected]>
Merge r204521. rdar://problem/27075526
Modified: branches/safari-602-branch/Source/WebCore/loader/DocumentThreadableLoader.cpp (205224 => 205225)
--- branches/safari-602-branch/Source/WebCore/loader/DocumentThreadableLoader.cpp 2016-08-31 06:45:34 UTC (rev 205224)
+++ branches/safari-602-branch/Source/WebCore/loader/DocumentThreadableLoader.cpp 2016-08-31 07:19:43 UTC (rev 205225)
@@ -372,8 +372,12 @@
ResourceError error;
ResourceResponse response;
unsigned long identifier = std::numeric_limits<unsigned long>::max();
- if (m_document.frame())
- identifier = m_document.frame()->loader().loadResourceSynchronously(request, m_options.allowCredentials(), m_options.clientCredentialPolicy(), error, response, data);
+ if (m_document.frame()) {
+ auto& frameLoader = m_document.frame()->loader();
+ if (!frameLoader.mixedContentChecker().canRunInsecureContent(m_document.securityOrigin(), requestURL))
+ return;
+ identifier = frameLoader.loadResourceSynchronously(request, m_options.allowCredentials(), m_options.clientCredentialPolicy(), error, response, data);
+ }
if (!error.isNull() && response.httpStatusCode() <= 0) {
if (requestURL.isLocalFile()) {
