Diff
Modified: branches/safari-600.8-branch/LayoutTests/ChangeLog (186618 => 186619)
--- branches/safari-600.8-branch/LayoutTests/ChangeLog 2015-07-09 21:02:45 UTC (rev 186618)
+++ branches/safari-600.8-branch/LayoutTests/ChangeLog 2015-07-09 21:02:51 UTC (rev 186619)
@@ -1,5 +1,28 @@
2015-07-09 Matthew Hanson <matthew_han...@apple.com>
+ Merge r186551. rdar://problem/21716372
+
+ 2015-07-08 Matthew Hanson <matthew_han...@apple.com>
+
+ Merge r180020. rdar://problem/21716511
+
+ 2015-02-12 Chris Dumez <cdu...@apple.com>
+
+ Drop the quirks-mode exception for CSS MIME types
+ https://bugs.webkit.org/show_bug.cgi?id=141501
+
+ Reviewed by Alexey Proskuryakov.
+
+ Update a couple of layout tests now that we dropped the quirks-mode
+ exception for CSS MIME types.
+
+ * http/tests/misc/css-accept-any-type-expected.txt:
+ * http/tests/misc/css-accept-any-type.html:
+ * http/tests/security/cross-origin-css-expected.txt:
+ * http/tests/security/cross-origin-css.html:
+
+2015-07-09 Matthew Hanson <matthew_han...@apple.com>
+
Merge r186539. rdar://problem/21707873
2015-07-08 Lucas Forschler <lforsch...@apple.com>
Modified: branches/safari-600.8-branch/LayoutTests/http/tests/misc/css-accept-any-type-expected.txt (186618 => 186619)
--- branches/safari-600.8-branch/LayoutTests/http/tests/misc/css-accept-any-type-expected.txt 2015-07-09 21:02:45 UTC (rev 186618)
+++ branches/safari-600.8-branch/LayoutTests/http/tests/misc/css-accept-any-type-expected.txt 2015-07-09 21:02:51 UTC (rev 186619)
@@ -1,3 +1,3 @@
-Test for http://bugs.webkit.org/show_bug.cgi?id=11451 REGRESSION: Dell.com does not render correctly in ToT (stylesheet not loaded).
+This was a test for http://bugs.webkit.org/show_bug.cgi?id=11451 REGRESSION: Dell.com does not render correctly in ToT (stylesheet not loaded): given the security implications of accepting bad MIME types, we're now intentionally breaking this case to match other browsers.
SUCCESS
Modified: branches/safari-600.8-branch/LayoutTests/http/tests/misc/css-accept-any-type.html (186618 => 186619)
--- branches/safari-600.8-branch/LayoutTests/http/tests/misc/css-accept-any-type.html 2015-07-09 21:02:45 UTC (rev 186618)
+++ branches/safari-600.8-branch/LayoutTests/http/tests/misc/css-accept-any-type.html 2015-07-09 21:02:51 UTC (rev 186619)
@@ -10,14 +10,17 @@
var target = document.getElementById("target");
var style = getComputedStyle(target);
- target.innerText = style.position == "relative" ? "SUCCESS" : "FAIL";
+ target.innerText = style.position == "relative" ? "FAIL" : "SUCCESS";
}
</script>
</head>
<body _onload_="test()">
<p>
- Test for <i><a href=""
- REGRESSION: Dell.com does not render correctly in ToT (stylesheet not loaded)</i>.
+ This was a test for
+ <i><a href=""
+ REGRESSION: Dell.com does not render correctly in ToT (stylesheet not loaded)</i>:
+ given the security implications of accepting bad MIME types, we're now
+ intentionally breaking this case to match other browsers.
</p>
<p id="target">
</p>
Modified: branches/safari-600.8-branch/LayoutTests/http/tests/security/cross-origin-css-expected.txt (186618 => 186619)
--- branches/safari-600.8-branch/LayoutTests/http/tests/security/cross-origin-css-expected.txt 2015-07-09 21:02:45 UTC (rev 186618)
+++ branches/safari-600.8-branch/LayoutTests/http/tests/security/cross-origin-css-expected.txt 2015-07-09 21:02:51 UTC (rev 186619)
@@ -1,7 +1,11 @@
-LINK Cross-origin, HTML, valid: rgb(255, 255, 0)
-LINK + IMPORT Cross-origin, HTML, invalid: rgba(0, 0, 0, 0)
-LINK Cross-origin, CSS, invalid: rgb(255, 255, 0)
-LINK Same-origin, HTML, invalid: rgb(255, 255, 0)
-IMPORT Cross-origin, HTML, valid: rgb(255, 255, 0)
-IMPORT Cross-origin, CSS, invalid: rgb(255, 255, 0)
-IMPORT Same-origin, HTML, invalid: rgb(255, 255, 0)
+PASS background image loaded
+
+PASS Testing cross-origin and MIME behavior for CSS.
+PASS xorigincss1.html should not be loaded via .
+PASS xorigincss2.html should not be loaded either via or @import.
+PASS xorigincss1.css should be loaded via
+PASS xorigincss3.html should not be loaded, even though it is same-origin
+PASS xorigincss4.html should not be loaded via @import.
+PASS xorigincss2.css should be loaded.
+PASS xorigincss5.html should not be loaded.
+
Modified: branches/safari-600.8-branch/LayoutTests/http/tests/security/cross-origin-css.html (186618 => 186619)
--- branches/safari-600.8-branch/LayoutTests/http/tests/security/cross-origin-css.html 2015-07-09 21:02:45 UTC (rev 186618)
+++ branches/safari-600.8-branch/LayoutTests/http/tests/security/cross-origin-css.html 2015-07-09 21:02:51 UTC (rev 186619)
@@ -1,5 +1,12 @@
+<!DOCTYPE html>
<html>
<head>
+<title>Cross-origin CSS</title>
+
+<script src=""
+<script src=""
+
+<!-- Bring in various same- and cross-origin stylesheets. -->
<link rel="stylesheet"
href=""
<link rel="stylesheet"
@@ -9,39 +16,68 @@
href=""
<link rel="stylesheet"
href=""
-<script>
-if (window.testRunner) {
- testRunner.waitUntilDone();
- testRunner.dumpAsText();
-}
-window._onload_ = function() {
- ele = document.getElementById("id1");
- ele.innerText = "LINK Cross-origin, HTML, valid: " + window.getComputedStyle(ele, null).getPropertyValue('background-color');
- ele = document.getElementById("id2");
- ele.innerText = "LINK + IMPORT Cross-origin, HTML, invalid: " + window.getComputedStyle(ele, null).getPropertyValue('background-color');
- ele = document.getElementById("id3");
- ele.innerText = "LINK Cross-origin, CSS, invalid: " + window.getComputedStyle(ele, null).getPropertyValue('background-color');
- ele = document.getElementById("id4");
- ele.innerText = "LINK Same-origin, HTML, invalid: " + window.getComputedStyle(ele, null).getPropertyValue('background-color');
- ele = document.getElementById("id5");
- ele.innerText = "IMPORT Cross-origin, HTML, valid: " + window.getComputedStyle(ele, null).getPropertyValue('background-color');
- ele = document.getElementById("id6");
- ele.innerText = "IMPORT Cross-origin, CSS, invalid: " + window.getComputedStyle(ele, null).getPropertyValue('background-color');
- ele = document.getElementById("id7");
- ele.innerText = "IMPORT Same-origin, HTML, invalid: " + window.getComputedStyle(ele, null).getPropertyValue('background-color');
-
- if (window.testRunner)
- testRunner.notifyDone();
-}
-</script>
<style>
/* Deliberately reuse the same file / class / id on this first one */
@import "/resources/redirect.php?url=""
@import "/resources/redirect.php?url=""
@import "/resources/redirect.php?url=""
@import "resources/xorigincss5.html";
+
+/* Check that data: is still allowed for non-CORS cross-origin image fetches. */
+#data-background-url {
+ content: "PASS (image loaded)";
+ background: url("data:image/svg+xml;utf8,<svg xmlns='http://www.w3.org/2000/svg' width='0px' height='0px'></svg>");
+}
</style>
+<script>
+function getBackgroundColorForId(id) {
+ return window.getComputedStyle(document.getElementById(id), null).getPropertyValue('background-color')
+}
+
+var _onloadTest_ = async_test("Testing cross-origin and MIME behavior for CSS.");
+
+window._onload_ = function () {
+ test(function () {
+ assert_equals(getBackgroundColorForId('id1'), 'rgba(0, 0, 0, 0)');
+ }, 'xorigincss1.html should not be loaded via <link>.');
+
+ test(function () {
+ assert_equals(getBackgroundColorForId('id2'), 'rgba(0, 0, 0, 0)');
+ }, 'xorigincss2.html should not be loaded either via <link> or @import.');
+
+ test(function () {
+ assert_equals(getBackgroundColorForId('id3'), 'rgb(255, 255, 0)');
+ }, 'xorigincss1.css should be loaded via <link>');
+
+ test(function () {
+ assert_equals(getBackgroundColorForId('id4'), 'rgba(0, 0, 0, 0)');
+ }, 'xorigincss3.html should not be loaded, even though it is same-origin');
+
+ test(function () {
+ assert_equals(getBackgroundColorForId('id5'), 'rgba(0, 0, 0, 0)');
+ }, 'xorigincss4.html should not be loaded via @import.');
+
+ test(function () {
+ assert_equals(getBackgroundColorForId('id6'), 'rgb(255, 255, 0)');
+ }, 'xorigincss2.css should be loaded.');
+
+ test(function () {
+ assert_equals(getBackgroundColorForId('id7'), 'rgba(0, 0, 0, 0)');
+ }, 'xorigincss5.html should not be loaded.');
+
+ onloadTest.done();
+};
+</script>
</head>
-<body><div id="id1" class="id1"></div><div id="id2" class="id2"></div><div id="id3" class="id3"></div><div id="id4" class="id4"></div><div id="id5" class="id5"></div><div id="id6" class="id6"></div><div id="id7" class="id7"></div></body>
+<body>
+ <div id="id1" class="id1"></div>
+ <div id="id2" class="id2"></div>
+ <div id="id3" class="id3"></div>
+ <div id="id4" class="id4"></div>
+ <div id="id5" class="id5"></div>
+ <div id="id6" class="id6"></div>
+ <div id="id7" class="id7"></div>
+ <div id="data-background-url">PASS background image loaded</div>
+</body>
</html>
Modified: branches/safari-600.8-branch/Source/WebCore/ChangeLog (186618 => 186619)
--- branches/safari-600.8-branch/Source/WebCore/ChangeLog 2015-07-09 21:02:45 UTC (rev 186618)
+++ branches/safari-600.8-branch/Source/WebCore/ChangeLog 2015-07-09 21:02:51 UTC (rev 186619)
@@ -1,5 +1,41 @@
2015-07-09 Matthew Hanson <matthew_han...@apple.com>
+ Merge r186551. rdar://problem/21716372
+
+ 2015-07-08 Matthew Hanson <matthew_han...@apple.com>
+
+ Merge r180020. rdar://problem/21716511
+
+ 2015-02-12 Chris Dumez <cdu...@apple.com>
+
+ Drop the quirks-mode exception for CSS MIME types
+ https://bugs.webkit.org/show_bug.cgi?id=141501
+
+ Reviewed by Alexey Proskuryakov.
+
+ Drop the quirks-mode exception for CSS MIME types.
+ This matches Firefox's behavior.
+
+ This patch is based on the following Blink revision:
+ http://src.chromium.org/viewvc/blink?view=revision&revision=189669
+
+ Tests:
+ - http/tests/misc/css-accept-any-type.html
+ - http/tests/security/cross-origin-css.html
+
+ * css/StyleSheetContents.cpp:
+ (WebCore::StyleSheetContents::parseAuthorStyleSheet):
+ * dom/ProcessingInstruction.cpp:
+ (WebCore::ProcessingInstruction::setCSSStyleSheet):
+ * inspector/InspectorPageAgent.cpp:
+ (WebCore::InspectorPageAgent::cachedResourceContent):
+ * loader/cache/CachedCSSStyleSheet.cpp:
+ (WebCore::CachedCSSStyleSheet::sheetText):
+ (WebCore::CachedCSSStyleSheet::canUseSheet):
+ * loader/cache/CachedCSSStyleSheet.h:
+
+2015-07-09 Matthew Hanson <matthew_han...@apple.com>
+
Merge r186539. rdar://problem/21707873
2015-07-08 Lucas Forschler <lforsch...@apple.com>
Modified: branches/safari-600.8-branch/Source/WebCore/css/StyleSheetContents.cpp (186618 => 186619)
--- branches/safari-600.8-branch/Source/WebCore/css/StyleSheetContents.cpp 2015-07-09 21:02:45 UTC (rev 186618)
+++ branches/safari-600.8-branch/Source/WebCore/css/StyleSheetContents.cpp 2015-07-09 21:02:51 UTC (rev 186619)
@@ -285,11 +285,8 @@
void StyleSheetContents::parseAuthorStyleSheet(const CachedCSSStyleSheet* cachedStyleSheet, const SecurityOrigin* securityOrigin)
{
- // Check to see if we should enforce the MIME type of the CSS resource in strict mode.
- // Running in iWeb 2 is one example of where we don't want to - <rdar://problem/6099748>
- bool enforceMIMEType = isStrictParserMode(m_parserContext.mode) && m_parserContext.enforcesCSSMIMETypeInNoQuirksMode;
bool hasValidMIMEType = false;
- String sheetText = cachedStyleSheet->sheetText(enforceMIMEType, &hasValidMIMEType);
+ String sheetText = cachedStyleSheet->sheetText(&hasValidMIMEType);
CSSParser p(parserContext());
p.parseSheet(this, sheetText, 0, 0, true);
Modified: branches/safari-600.8-branch/Source/WebCore/dom/ProcessingInstruction.cpp (186618 => 186619)
--- branches/safari-600.8-branch/Source/WebCore/dom/ProcessingInstruction.cpp 2015-07-09 21:02:45 UTC (rev 186618)
+++ branches/safari-600.8-branch/Source/WebCore/dom/ProcessingInstruction.cpp 2015-07-09 21:02:51 UTC (rev 186619)
@@ -207,7 +207,7 @@
// We don't need the cross-origin security check here because we are
// getting the sheet text in "strict" mode. This enforces a valid CSS MIME
// type.
- parseStyleSheet(sheet->sheetText(true));
+ parseStyleSheet(sheet->sheetText());
}
#if ENABLE(XSLT)
Modified: branches/safari-600.8-branch/Source/WebCore/inspector/InspectorPageAgent.cpp (186618 => 186619)
--- branches/safari-600.8-branch/Source/WebCore/inspector/InspectorPageAgent.cpp 2015-07-09 21:02:45 UTC (rev 186618)
+++ branches/safari-600.8-branch/Source/WebCore/inspector/InspectorPageAgent.cpp 2015-07-09 21:02:51 UTC (rev 186619)
@@ -173,7 +173,7 @@
if (cachedResource) {
switch (cachedResource->type()) {
case CachedResource::CSSStyleSheet:
- *result = toCachedCSSStyleSheet(cachedResource)->sheetText(false);
+ *result = toCachedCSSStyleSheet(cachedResource)->sheetText();
return true;
case CachedResource::Script:
*result = toCachedScript(cachedResource)->script();
Modified: branches/safari-600.8-branch/Source/WebCore/loader/cache/CachedCSSStyleSheet.cpp (186618 => 186619)
--- branches/safari-600.8-branch/Source/WebCore/loader/cache/CachedCSSStyleSheet.cpp 2015-07-09 21:02:45 UTC (rev 186618)
+++ branches/safari-600.8-branch/Source/WebCore/loader/cache/CachedCSSStyleSheet.cpp 2015-07-09 21:02:51 UTC (rev 186619)
@@ -77,17 +77,17 @@
{
return m_decoder->encoding().name();
}
-
-const String CachedCSSStyleSheet::sheetText(bool enforceMIMEType, bool* hasValidMIMEType) const
-{
+
+const String CachedCSSStyleSheet::sheetText(bool* hasValidMIMEType) const
+{
ASSERT(!isPurgeable());
- if (!m_data || m_data->isEmpty() || !canUseSheet(enforceMIMEType, hasValidMIMEType))
+ if (!m_data || m_data->isEmpty() || !canUseSheet(hasValidMIMEType))
return String();
-
+
if (!m_decodedSheetText.isNull())
return m_decodedSheetText;
-
+
// Don't cache the decoded text, regenerating is cheap and it can use quite a bit of memory
return m_decoder->decodeAndFlush(m_data->data(), m_data->size());
}
@@ -115,13 +115,10 @@
c->setCSSStyleSheet(m_resourceRequest.url(), m_response.url(), m_decoder->encoding().name(), this);
}
-bool CachedCSSStyleSheet::canUseSheet(bool enforceMIMEType, bool* hasValidMIMEType) const
+bool CachedCSSStyleSheet::canUseSheet(bool* hasValidMIMEType) const
{
if (errorOccurred())
return false;
-
- if (!enforceMIMEType && !hasValidMIMEType)
- return true;
// This check exactly matches Firefox. Note that we grab the Content-Type
// header directly because we want to see what the value is BEFORE content
@@ -134,8 +131,6 @@
bool typeOK = mimeType.isEmpty() || equalIgnoringCase(mimeType, "text/css") || equalIgnoringCase(mimeType, "application/x-unknown-content-type");
if (hasValidMIMEType)
*hasValidMIMEType = typeOK;
- if (!enforceMIMEType)
- return true;
return typeOK;
}
Modified: branches/safari-600.8-branch/Source/WebCore/loader/cache/CachedCSSStyleSheet.h (186618 => 186619)
--- branches/safari-600.8-branch/Source/WebCore/loader/cache/CachedCSSStyleSheet.h 2015-07-09 21:02:45 UTC (rev 186618)
+++ branches/safari-600.8-branch/Source/WebCore/loader/cache/CachedCSSStyleSheet.h 2015-07-09 21:02:51 UTC (rev 186619)
@@ -41,13 +41,13 @@
CachedCSSStyleSheet(const ResourceRequest&, const String& charset, SessionID);
virtual ~CachedCSSStyleSheet();
- const String sheetText(bool enforceMIMEType = true, bool* hasValidMIMEType = 0) const;
+ const String sheetText(bool* hasValidMIMEType = nullptr) const;
PassRefPtr<StyleSheetContents> restoreParsedStyleSheet(const CSSParserContext&);
void saveParsedStyleSheet(PassRef<StyleSheetContents>);
private:
- bool canUseSheet(bool enforceMIMEType, bool* hasValidMIMEType) const;
+ bool canUseSheet(bool* hasValidMIMEType) const;
virtual PurgePriority purgePriority() const override { return PurgeLast; }
virtual bool mayTryReplaceEncodedData() const override { return true; }