Branch: refs/heads/main
Home: https://github.com/WebKit/WebKit
Commit: 0014731cb355ade05b652a70bd0868a047887947
https://github.com/WebKit/WebKit/commit/0014731cb355ade05b652a70bd0868a047887947
Author: Sihui Liu <[email protected]>
Date: 2026-03-16 (Mon, 16 Mar 2026)
Changed paths:
M Source/WebKit/WebProcess/WebPage/WebFrame.cpp
Log Message:
-----------
[Site Isolation] Fix
EnhancedSecurityPolicies.HttpsOnlyExplicitlyBypassedWithHttpRedirect
https://bugs.webkit.org/show_bug.cgi?id=310034
rdar://172673206
Reviewed by Per Arne Vollan.
288437@main sets initial URL of frame to "about:blank", and this has caused
`shouldPerformHTTPSUpgrade` to return
true under Site Isolation in API test
EnhancedSecurityPolicies.HttpsOnlyExplicitlyBypassedWithHttpRedirect. The direct
cause is `originalURL` is empty without Site Isolation for the provisional load
after redirect response, but it is
not with Site Isolation, so `isSameSiteNavigation` is false under Site
Isolation ("about:blank" and normal HTTP URL are
not viewed as "same-site" in this function).
288437@main only mentioned the URL is set to `about:blank` in `SubframeLoader`
and it apparently doesn't work for main
frame according to the existing test; so this patch makes `WebFrame` only set
initial URL for subframe.
* Source/WebKit/WebProcess/WebPage/WebFrame.cpp:
(WebKit::WebFrame::createProvisionalFrame):
Canonical link: https://commits.webkit.org/309361@main
To unsubscribe from these emails, change your notification settings at
https://github.com/WebKit/WebKit/settings/notifications
