Title: [148310] trunk
- Revision
- 148310
- Author
- a...@apple.com
- Date
- 2013-04-12 16:11:29 -0700 (Fri, 12 Apr 2013)
Log Message
<rdar://problem/13277362> REGRESSION (r141981): Crash when closing a Google Docs document
https://bugs.webkit.org/show_bug.cgi?id=114541
Reviewed by Brady Eidson.
Test: http/tests/ssl/ping-with-unsafe-redirect.html
* loader/FrameNetworkingContext.h:
(WebCore::FrameNetworkingContext::shouldClearReferrerOnHTTPSToHTTPRedirect):
Added a null check. All NetworkingContext functions except for this one had it already.
Modified Paths
Added Paths
Diff
Modified: trunk/LayoutTests/ChangeLog (148309 => 148310)
--- trunk/LayoutTests/ChangeLog 2013-04-12 23:07:57 UTC (rev 148309)
+++ trunk/LayoutTests/ChangeLog 2013-04-12 23:11:29 UTC (rev 148310)
@@ -1,3 +1,14 @@
+2013-04-12 Alexey Proskuryakov <a...@apple.com>
+
+ <rdar://problem/13277362> REGRESSION (r141981): Crash when closing a Google Docs document
+ https://bugs.webkit.org/show_bug.cgi?id=114541
+
+ Reviewed by Brady Eidson.
+
+ * http/tests/ssl/ping-with-unsafe-redirect.html: Added.
+ * http/tests/ssl/resources/ping-with-unsafe-redirect-frame.html: Added.
+ * http/tests/ssl/resources/redirect-ping-to-http.php: Added.
+
2013-04-12 Ryosuke Niwa <rn...@webkit.org>
Unreviewed. Don't forget to skip the test in WebKit2 for now.
Added: trunk/LayoutTests/http/tests/ssl/ping-with-unsafe-redirect.html (0 => 148310)
--- trunk/LayoutTests/http/tests/ssl/ping-with-unsafe-redirect.html (rev 0)
+++ trunk/LayoutTests/http/tests/ssl/ping-with-unsafe-redirect.html 2013-04-12 23:11:29 UTC (rev 148310)
@@ -0,0 +1,6 @@
+<p>Should not crash when closed.</p>
+<script>
+if (window.testRunner)
+ testRunner.dumpAsText();
+</script>
+<iframe src=""
Property changes on: trunk/LayoutTests/http/tests/ssl/ping-with-unsafe-redirect.html
___________________________________________________________________
Added: svn:mime-type
Added: trunk/LayoutTests/http/tests/ssl/resources/ping-with-unsafe-redirect-frame.html (0 => 148310)
--- trunk/LayoutTests/http/tests/ssl/resources/ping-with-unsafe-redirect-frame.html (rev 0)
+++ trunk/LayoutTests/http/tests/ssl/resources/ping-with-unsafe-redirect-frame.html 2013-04-12 23:11:29 UTC (rev 148310)
@@ -0,0 +1,6 @@
+<script>
+window._onunload_ = function() {
+ var img = new Image;
+ img.src = ""
+}
+</script>
Property changes on: trunk/LayoutTests/http/tests/ssl/resources/ping-with-unsafe-redirect-frame.html
___________________________________________________________________
Added: svn:mime-type
Added: trunk/LayoutTests/http/tests/ssl/resources/redirect-ping-to-http.php (0 => 148310)
--- trunk/LayoutTests/http/tests/ssl/resources/redirect-ping-to-http.php (rev 0)
+++ trunk/LayoutTests/http/tests/ssl/resources/redirect-ping-to-http.php 2013-04-12 23:11:29 UTC (rev 148310)
@@ -0,0 +1,4 @@
+<?
+header('Status: 303 See Other');
+header('Location: http://127.0.0.1:8000/ping-target-does-not-exist');
+?>
Modified: trunk/Source/WebCore/ChangeLog (148309 => 148310)
--- trunk/Source/WebCore/ChangeLog 2013-04-12 23:07:57 UTC (rev 148309)
+++ trunk/Source/WebCore/ChangeLog 2013-04-12 23:11:29 UTC (rev 148310)
@@ -1,3 +1,16 @@
+2013-04-12 Alexey Proskuryakov <a...@apple.com>
+
+ <rdar://problem/13277362> REGRESSION (r141981): Crash when closing a Google Docs document
+ https://bugs.webkit.org/show_bug.cgi?id=114541
+
+ Reviewed by Brady Eidson.
+
+ Test: http/tests/ssl/ping-with-unsafe-redirect.html
+
+ * loader/FrameNetworkingContext.h:
+ (WebCore::FrameNetworkingContext::shouldClearReferrerOnHTTPSToHTTPRedirect):
+ Added a null check. All NetworkingContext functions except for this one had it already.
+
2013-04-12 Ryosuke Niwa <rn...@webkit.org>
[Mac] REGRESSION: Auto substitution strips new lines
Modified: trunk/Source/WebCore/loader/FrameNetworkingContext.h (148309 => 148310)
--- trunk/Source/WebCore/loader/FrameNetworkingContext.h 2013-04-12 23:07:57 UTC (rev 148309)
+++ trunk/Source/WebCore/loader/FrameNetworkingContext.h 2013-04-12 23:11:29 UTC (rev 148310)
@@ -36,6 +36,10 @@
virtual bool shouldClearReferrerOnHTTPSToHTTPRedirect() const
{
+ // FIXME: PingLoader finishes without a frame, but it should use its document's referrer policy.
+ if (!m_frame)
+ return true;
+
return m_frame->document()->referrerPolicy() == ReferrerPolicyDefault;
}
_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes