Diff
Modified: trunk/Source/WebCore/ChangeLog (196655 => 196656)
--- trunk/Source/WebCore/ChangeLog 2016-02-16 21:18:19 UTC (rev 196655)
+++ trunk/Source/WebCore/ChangeLog 2016-02-16 21:25:30 UTC (rev 196656)
@@ -1,3 +1,16 @@
+2016-02-16 Alex Christensen <[email protected]>
+
+ Add checks before redirecting with NetworkSession
+ https://bugs.webkit.org/show_bug.cgi?id=154298
+
+ Reviewed by Andy Estes.
+
+ This fixes http/tests/security/cors-post-redirect-307.html and
+ http/tests/navigation/post-307-response.html when using NetworkSession.
+
+ * platform/network/ResourceRequestBase.h:
+ WEBCORE_EXPORT some functions newly used in WebKit2.
+
2016-02-16 Daniel Bates <[email protected]>
CSP: Fix parsing of 'host/path' source expressions
Modified: trunk/Source/WebCore/platform/network/ResourceRequestBase.h (196655 => 196656)
--- trunk/Source/WebCore/platform/network/ResourceRequestBase.h 2016-02-16 21:18:19 UTC (rev 196655)
+++ trunk/Source/WebCore/platform/network/ResourceRequestBase.h 2016-02-16 21:25:30 UTC (rev 196656)
@@ -93,19 +93,19 @@
template<size_t length> void setHTTPHeaderField(const char (&)[length], const String&) = delete;
template<size_t length> void addHTTPHeaderField(const char (&)[length], const String&) = delete;
- void clearHTTPAuthorization();
+ WEBCORE_EXPORT void clearHTTPAuthorization();
WEBCORE_EXPORT String httpContentType() const;
WEBCORE_EXPORT void setHTTPContentType(const String&);
void clearHTTPContentType();
- String httpReferrer() const;
+ WEBCORE_EXPORT String httpReferrer() const;
WEBCORE_EXPORT void setHTTPReferrer(const String&);
- void clearHTTPReferrer();
+ WEBCORE_EXPORT void clearHTTPReferrer();
String httpOrigin() const;
void setHTTPOrigin(const String&);
- void clearHTTPOrigin();
+ WEBCORE_EXPORT void clearHTTPOrigin();
String httpUserAgent() const;
void setHTTPUserAgent(const String&);
Modified: trunk/Source/WebKit2/ChangeLog (196655 => 196656)
--- trunk/Source/WebKit2/ChangeLog 2016-02-16 21:18:19 UTC (rev 196655)
+++ trunk/Source/WebKit2/ChangeLog 2016-02-16 21:25:30 UTC (rev 196656)
@@ -1,3 +1,29 @@
+2016-02-16 Alex Christensen <[email protected]>
+
+ Add checks before redirecting with NetworkSession
+ https://bugs.webkit.org/show_bug.cgi?id=154298
+
+ Reviewed by Andy Estes.
+
+ * NetworkProcess/NetworkDataTask.h:
+ (WebKit::NetworkDataTask::create):
+ (WebKit::NetworkDataTask::setPendingDownload):
+ * NetworkProcess/NetworkLoad.cpp:
+ (WebKit::NetworkLoad::NetworkLoad):
+ * NetworkProcess/cocoa/NetworkDataTaskCocoa.mm:
+ (WebKit::NetworkDataTask::NetworkDataTask):
+ (WebKit::NetworkDataTask::~NetworkDataTask):
+ (WebKit::NetworkDataTask::willPerformHTTPRedirection):
+ Implemented based on ResourceHandle::willSendRequest but with two notable exceptions:
+ 1. When using NSURLConnection, the last http method and the current http method are not always equal, and this
+ check needs to change the current http method to match the last http method when being redirected with an http
+ status code 307. When using NSURLSession, the current http method is already updated properly.
+ 2. I did not copy the part of ResourceHandle::willSendRequest that uses a CredentialStorage. I'm trying to avoid
+ using CredentialStorages with NSURLSession.
+ (WebKit::NetworkDataTask::scheduleFailure):
+ * NetworkProcess/cocoa/NetworkSessionCocoa.mm:
+ (-[WKNetworkSessionDelegate URLSession:task:willPerformHTTPRedirection:newRequest:completionHandler:]):
+
2016-02-16 Brady Eidson <[email protected]>
Modern IDB: WK2 IPC Scaffolding.
Modified: trunk/Source/WebKit2/NetworkProcess/NetworkDataTask.h (196655 => 196656)
--- trunk/Source/WebKit2/NetworkProcess/NetworkDataTask.h 2016-02-16 21:18:19 UTC (rev 196655)
+++ trunk/Source/WebKit2/NetworkProcess/NetworkDataTask.h 2016-02-16 21:25:30 UTC (rev 196656)
@@ -29,6 +29,7 @@
#include <WebCore/FrameLoaderTypes.h>
#include <WebCore/ResourceHandleTypes.h>
#include <WebCore/ResourceLoaderOptions.h>
+#include <WebCore/ResourceRequest.h>
#include <WebCore/Timer.h>
#include <wtf/RetainPtr.h>
#include <wtf/text/WTFString.h>
@@ -80,9 +81,9 @@
class NetworkDataTask : public RefCounted<NetworkDataTask> {
friend class NetworkSession;
public:
- static Ref<NetworkDataTask> create(NetworkSession& session, NetworkDataTaskClient& client, const WebCore::ResourceRequest& request, WebCore::StoredCredentials storedCredentials, WebCore::ContentSniffingPolicy shouldContentSniff)
+ static Ref<NetworkDataTask> create(NetworkSession& session, NetworkDataTaskClient& client, const WebCore::ResourceRequest& request, WebCore::StoredCredentials storedCredentials, WebCore::ContentSniffingPolicy shouldContentSniff, bool shouldClearReferrerOnHTTPSToHTTPRedirect)
{
- return adoptRef(*new NetworkDataTask(session, client, request, storedCredentials, shouldContentSniff));
+ return adoptRef(*new NetworkDataTask(session, client, request, storedCredentials, shouldContentSniff, shouldClearReferrerOnHTTPSToHTTPRedirect));
}
void suspend();
@@ -110,9 +111,10 @@
m_pendingDownload = &pendingDownload;
}
bool tryPasswordBasedAuthentication(const WebCore::AuthenticationChallenge&, ChallengeCompletionHandler);
+ void willPerformHTTPRedirection(const WebCore::ResourceResponse&, WebCore::ResourceRequest&&, RedirectCompletionHandler);
private:
- NetworkDataTask(NetworkSession&, NetworkDataTaskClient&, const WebCore::ResourceRequest&, WebCore::StoredCredentials, WebCore::ContentSniffingPolicy);
+ NetworkDataTask(NetworkSession&, NetworkDataTaskClient&, const WebCore::ResourceRequest&, WebCore::StoredCredentials, WebCore::ContentSniffingPolicy, bool shouldClearReferrerOnHTTPSToHTTPRedirect);
enum FailureType {
NoFailure,
@@ -130,6 +132,9 @@
DownloadID m_pendingDownloadID;
String m_user;
String m_password;
+ String m_lastHTTPMethod;
+ WebCore::ResourceRequest m_firstRequest;
+ bool m_shouldClearReferrerOnHTTPSToHTTPRedirect;
#if PLATFORM(COCOA)
RetainPtr<NSURLSessionDataTask> m_task;
#endif
Modified: trunk/Source/WebKit2/NetworkProcess/NetworkLoad.cpp (196655 => 196656)
--- trunk/Source/WebKit2/NetworkProcess/NetworkLoad.cpp 2016-02-16 21:18:19 UTC (rev 196655)
+++ trunk/Source/WebKit2/NetworkProcess/NetworkLoad.cpp 2016-02-16 21:25:30 UTC (rev 196656)
@@ -54,7 +54,7 @@
return;
}
if (auto* networkSession = SessionTracker::networkSession(parameters.sessionID)) {
- m_task = NetworkDataTask::create(*networkSession, *this, parameters.request, parameters.allowStoredCredentials, parameters.contentSniffingPolicy);
+ m_task = NetworkDataTask::create(*networkSession, *this, parameters.request, parameters.allowStoredCredentials, parameters.contentSniffingPolicy, parameters.shouldClearReferrerOnHTTPSToHTTPRedirect);
if (!parameters.defersLoading)
m_task->resume();
} else
Modified: trunk/Source/WebKit2/NetworkProcess/cocoa/NetworkDataTaskCocoa.mm (196655 => 196656)
--- trunk/Source/WebKit2/NetworkProcess/cocoa/NetworkDataTaskCocoa.mm 2016-02-16 21:18:19 UTC (rev 196655)
+++ trunk/Source/WebKit2/NetworkProcess/cocoa/NetworkDataTaskCocoa.mm 2016-02-16 21:25:30 UTC (rev 196656)
@@ -35,10 +35,13 @@
namespace WebKit {
-NetworkDataTask::NetworkDataTask(NetworkSession& session, NetworkDataTaskClient& client, const WebCore::ResourceRequest& requestWithCredentials, WebCore::StoredCredentials storedCredentials, WebCore::ContentSniffingPolicy shouldContentSniff)
+NetworkDataTask::NetworkDataTask(NetworkSession& session, NetworkDataTaskClient& client, const WebCore::ResourceRequest& requestWithCredentials, WebCore::StoredCredentials storedCredentials, WebCore::ContentSniffingPolicy shouldContentSniff, bool shouldClearReferrerOnHTTPSToHTTPRedirect)
: m_failureTimer(*this, &NetworkDataTask::failureTimerFired)
, m_session(session)
, m_client(client)
+ , m_lastHTTPMethod(requestWithCredentials.httpMethod())
+ , m_firstRequest(requestWithCredentials)
+ , m_shouldClearReferrerOnHTTPSToHTTPRedirect(shouldClearReferrerOnHTTPSToHTTPRedirect)
{
ASSERT(isMainThread());
@@ -83,6 +86,39 @@
}
}
+void NetworkDataTask::willPerformHTTPRedirection(const WebCore::ResourceResponse& redirectResponse, WebCore::ResourceRequest&& request, RedirectCompletionHandler completionHandler)
+{
+ if (redirectResponse.httpStatusCode() == 307) {
+ ASSERT(m_lastHTTPMethod == request.httpMethod());
+ WebCore::FormData* body = m_firstRequest.httpBody();
+ if (body && !body->isEmpty() && !equalLettersIgnoringASCIICase(m_lastHTTPMethod, "get"))
+ request.setHTTPBody(body);
+
+ String originalContentType = m_firstRequest.httpContentType();
+ if (!originalContentType.isEmpty())
+ request.setHTTPHeaderField(WebCore::HTTPHeaderName::ContentType, originalContentType);
+ }
+
+ // Should not set Referer after a redirect from a secure resource to non-secure one.
+ if (m_shouldClearReferrerOnHTTPSToHTTPRedirect && !request.url().protocolIs("https") && WebCore::protocolIs(request.httpReferrer(), "https"))
+ request.clearHTTPReferrer();
+
+ const auto& url = ""
+ m_user = url.user();
+ m_password = url.pass();
+ m_lastHTTPMethod = request.httpMethod();
+ request.removeCredentials();
+
+ if (!protocolHostAndPortAreEqual(request.url(), redirectResponse.url())) {
+ // The network layer might carry over some headers from the original request that
+ // we want to strip here because the redirect is cross-origin.
+ request.clearHTTPAuthorization();
+ request.clearHTTPOrigin();
+ }
+
+ client().willPerformHTTPRedirection(redirectResponse, request, completionHandler);
+}
+
void NetworkDataTask::scheduleFailure(FailureType type)
{
ASSERT(type != NoFailure);
Modified: trunk/Source/WebKit2/NetworkProcess/cocoa/NetworkSessionCocoa.mm (196655 => 196656)
--- trunk/Source/WebKit2/NetworkProcess/cocoa/NetworkSessionCocoa.mm 2016-02-16 21:18:19 UTC (rev 196655)
+++ trunk/Source/WebKit2/NetworkProcess/cocoa/NetworkSessionCocoa.mm 2016-02-16 21:25:30 UTC (rev 196656)
@@ -105,7 +105,7 @@
{
if (auto* networkDataTask = _session->dataTaskForIdentifier(task.taskIdentifier)) {
auto completionHandlerCopy = Block_copy(completionHandler);
- networkDataTask->client().willPerformHTTPRedirection(response, request, [completionHandlerCopy](const WebCore::ResourceRequest& request) {
+ networkDataTask->willPerformHTTPRedirection(response, request, [completionHandlerCopy](const WebCore::ResourceRequest& request) {
completionHandlerCopy(request.nsURLRequest(WebCore::UpdateHTTPBody));
Block_release(completionHandlerCopy);
});
