Redirected iframe loading with Request.redirect=follow should fail
authorcommit-queue@webkit.org <commit-queue@webkit.org@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Thu, 11 Jan 2018 19:54:59 +0000 (19:54 +0000)
committercommit-queue@webkit.org <commit-queue@webkit.org@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Thu, 11 Jan 2018 19:54:59 +0000 (19:54 +0000)
https://bugs.webkit.org/show_bug.cgi?id=181491

Patch by Youenn Fablet <youenn@apple.com> on 2018-01-11
Reviewed by Alex Christensen.

LayoutTests/imported/w3c:

Updated tests to output a more deterministic output, more debuggable.
Made use of media.js to allow loading either oga or mp3 when oga is not supported.

* web-platform-tests/service-workers/service-worker/fetch-request-redirect.https-expected.txt:
* web-platform-tests/service-workers/service-worker/fetch-request-redirect.https.html:

Source/WebKit:

* WebProcess/Storage/ServiceWorkerClientFetch.cpp:
(WebKit::ServiceWorkerClientFetch::validateResponse):

LayoutTests:

* TestExpectations:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@226792 268f45cc-cd09-0410-ab3c-d52691b4dbfc

LayoutTests/ChangeLog
LayoutTests/TestExpectations
LayoutTests/imported/w3c/ChangeLog
LayoutTests/imported/w3c/web-platform-tests/service-workers/service-worker/fetch-request-redirect.https-expected.txt
LayoutTests/imported/w3c/web-platform-tests/service-workers/service-worker/fetch-request-redirect.https.html
LayoutTests/imported/w3c/web-platform-tests/service-workers/service-worker/resources/fetch-request-redirect-iframe.html
Source/WebKit/ChangeLog
Source/WebKit/WebProcess/Storage/ServiceWorkerClientFetch.cpp

index 46ca2c0..55ed96c 100644 (file)
@@ -1,3 +1,12 @@
+2018-01-11  Youenn Fablet  <youenn@apple.com>
+
+        Redirected iframe loading with Request.redirect=follow should fail
+        https://bugs.webkit.org/show_bug.cgi?id=181491
+
+        Reviewed by Alex Christensen.
+
+        * TestExpectations:
+
 2018-01-10  Simon Fraser  <simon.fraser@apple.com>
 
         On macOS, getBoundingClientRect gives incorrect values when pinch-zoomed
index 08d2c83..8b529ae 100644 (file)
@@ -167,7 +167,6 @@ imported/w3c/web-platform-tests/service-workers/service-worker/claim-shared-work
 imported/w3c/web-platform-tests/service-workers/service-worker/about-blank-replacement.https.html [ Pass Failure ]
 webkit.org/b/179248 imported/w3c/web-platform-tests/service-workers/service-worker/fetch-event-within-sw.https.html [ Pass Failure ]
 imported/w3c/web-platform-tests/service-workers/service-worker/fetch-event-respond-with-response-body-with-invalid-chunk.https.html [ Pass Failure ]
-imported/w3c/web-platform-tests/service-workers/service-worker/fetch-request-redirect.https.html [ Pass Failure ]
 imported/w3c/web-platform-tests/service-workers/service-worker/multiple-update.https.html [ Pass Failure ]
 imported/w3c/web-platform-tests/service-workers/service-worker/performance-timeline.https.html [ Pass Failure ]
 imported/w3c/web-platform-tests/service-workers/service-worker/registration-service-worker-attributes.https.html [ Pass Failure ]
@@ -182,6 +181,7 @@ imported/w3c/web-platform-tests/service-workers/service-worker/fetch-cors-xhr.ht
 imported/w3c/web-platform-tests/service-workers/service-worker/fetch-canvas-tainting.https.html [ DumpJSConsoleLogInStdErr ]
 imported/w3c/web-platform-tests/service-workers/service-worker/fetch-canvas-tainting-cache.https.html [ DumpJSConsoleLogInStdErr ]
 imported/w3c/web-platform-tests/service-workers/service-worker/fetch-response-taint.https.html [ DumpJSConsoleLogInStdErr ]
+imported/w3c/web-platform-tests/service-workers/service-worker/fetch-request-redirect.https.html [ Slow ]
 [ Debug ] imported/w3c/web-platform-tests/service-workers/service-worker/getregistrations.https.html [ Slow ]
 [ Debug ] imported/w3c/web-platform-tests/service-workers/service-worker/interfaces-sw.https.html [ Slow ]
 [ Debug ] imported/w3c/web-platform-tests/service-workers/service-worker/ready.https.html [ Slow ]
index e915577..f2d0fba 100644 (file)
@@ -1,3 +1,16 @@
+2018-01-11  Youenn Fablet  <youenn@apple.com>
+
+        Redirected iframe loading with Request.redirect=follow should fail
+        https://bugs.webkit.org/show_bug.cgi?id=181491
+
+        Reviewed by Alex Christensen.
+
+        Updated tests to output a more deterministic output, more debuggable.
+        Made use of media.js to allow loading either oga or mp3 when oga is not supported.
+
+        * web-platform-tests/service-workers/service-worker/fetch-request-redirect.https-expected.txt:
+        * web-platform-tests/service-workers/service-worker/fetch-request-redirect.https.html:
+
 2018-01-10  Youenn Fablet  <youenn@apple.com>
 
         Use no-cache fetch mode when loading main documents with location.reload()
index c01a58c..f562b2d 100644 (file)
@@ -1,8 +1,41 @@
+CONSOLE MESSAGE: XMLHttpRequest cannot load https://localhost:9443/service-workers/service-worker/resources/redirect.py?Redirect=%2Fservice-workers%2Fservice-worker%2Fresources%2Fsimple.txt. Response served by service worker is opaque redirect
 CONSOLE MESSAGE: Cross-origin image load denied by Cross-Origin Resource Sharing policy.
 CONSOLE MESSAGE: XMLHttpRequest cannot load https://localhost:9443/service-workers/service-worker/resources/redirect.py?Redirect=%2Fservice-workers%2Fservice-worker%2Fresources%2Fsimple.txt. Response served by service worker is opaque redirect
+CONSOLE MESSAGE: XMLHttpRequest cannot load https://localhost:9443/service-workers/service-worker/resources/redirect.py?Redirect=%2Fservice-workers%2Fservice-worker%2Fresources%2Fsimple.txt. Response served by service worker is opaque redirect
 
-
-FAIL Verify redirect mode of Fetch API and ServiceWorker FetchEvent. promise_test: Unhandled rejection with value: object "Error: Redirected iframe loading with Request.redirect=follow should fail."
-FAIL Verify redirected of Response(Fetch API) and ServiceWorker FetchEvent. promise_test: Unhandled rejection with value: object "Error: wait_for_state must be passed a ServiceWorker"
-FAIL Verify redirected of Response(Fetch API), Cache API and ServiceWorker FetchEvent. promise_test: Unhandled rejection with value: object "Error: wait_for_state must be passed a ServiceWorker"
+PASS Verify redirect mode of Fetch API and ServiceWorker FetchEvent. 
+PASS Verify redirected of Response(Fetch API) and ServiceWorker FetchEvent. 
+PASS Verify redirected of Response(Fetch API), Cache API and ServiceWorker FetchEvent. 
+PASS Normal XHR should succeed. - default 
+PASS Redirected XHR should succeed. - default 
+PASS Redirected XHR with Request.redirect=follow should succeed. - default 
+PASS Redirected XHR with Request.redirect=error should fail. - default 
+PASS Redirected XHR with Request.redirect=manual should fail. - default 
+PASS Normal image resource should be loaded. - default 
+PASS Redirected image resource should be loaded. - default 
+PASS Loading redirected image with Request.redirect=follow should succeed. - default 
+PASS Loading redirected image with Request.redirect=error should fail. - default 
+PASS Loading redirected image with Request.redirect=manual should fail. - default 
+PASS Normal audio resource should be loaded. - default 
+PASS Redirected audio resource should be loaded. - default 
+PASS Loading redirected audio with Request.redirect=follow should succeed. - default 
+PASS Loading redirected audio with Request.redirect=error should fail. - default 
+PASS Loading redirected audio with Request.redirect=manual should fail. - default 
+PASS Normal iframe loading should succeed. - default 
+PASS Normal redirected iframe loading should succeed. - default 
+PASS Redirected iframe loading with Request.redirect=follow should fail. - default 
+PASS Redirected iframe loading with Request.redirect=error should fail. - default 
+PASS Redirected iframe loading with Request.redirect=manual should succeed. - default 
+PASS Normal XHR should be resolved and response should not be redirected. - redirected 
+PASS Redirected XHR should be resolved and response should be redirected. - redirected 
+PASS Normal XHR should be resolved and response should not be redirected even with CORS mode. - redirected 
+PASS Redirected XHR should be resolved and response.redirected should be redirected with CORS mode. - redirected 
+PASS Redirected XHR should be reject and response should be redirected with NO-CORS mode and redirect-mode=manual. - redirected 
+PASS Redirected CORS image should be reject and response should not be redirected with NO-CORS mode. - redirected 
+PASS Normal XHR should be resolved and response should not be redirected. - cache 
+PASS Redirected XHR should be resolved and response should be redirected. - cache 
+PASS Normal XHR should be resolved and response should not be redirected even with CORS mode. - cache 
+PASS Redirected XHR should be resolved and response.redirected should be redirected with CORS mode. - cache 
+PASS Redirected XHR should be reject and response should be redirected with NO-CORS mode and redirect-mode=manual. - cache 
+PASS Redirected CORS image should be reject and response should not be redirected with NO-CORS mode. - cache 
 
index 18bfa61..e8e90cf 100644 (file)
@@ -4,19 +4,22 @@
 <script src="/resources/testharness.js"></script>
 <script src="/resources/testharnessreport.js"></script>
 <script src="/common/get-host-info.sub.js"></script>
+<script src="/common/media.js"></script>
 <script src="resources/test-helpers.sub.js"></script>
 <script>
-
+var test_scope = ""
 function assert_resolves(promise, description) {
-  return promise.catch(function(reason) {
-      throw new Error(description + ' - ' + reason.message);
-  });
+    return promise.then(
+        () => test(() => {}, description + " - " + test_scope),
+        (e) => test(() => { throw e; }, description + " - " + test_scope)
+    );
 }
 
 function assert_rejects(promise, description) {
-  return promise.then(
-      function() { throw new Error(description); },
-      function() {});
+    return promise.then(
+        () => test(() => { assert_unreached(); }, description + " - " + test_scope),
+        () => test(() => {}, description + " - " + test_scope)
+    );
 }
 
 function iframe_test(url, timeout_enabled) {
@@ -52,11 +55,13 @@ function iframe_test(url, timeout_enabled) {
 }
 
 promise_test(function(t) {
+    test_scope = "default";
+
     var SCOPE = 'resources/fetch-request-redirect-iframe.html';
     var SCRIPT = 'resources/fetch-rewrite-worker.js';
     var REDIRECT_URL = base_path() + 'resources/redirect.py?Redirect=';
     var IMAGE_URL = base_path() + 'resources/square.png';
-    var AUDIO_URL = base_path() + 'resources/silence.oga';
+    var AUDIO_URL = getAudioURI("/media/sound_5");
     var XHR_URL = base_path() + 'resources/simple.txt';
     var HTML_URL = base_path() + 'resources/dummy.html';
 
@@ -73,108 +78,106 @@ promise_test(function(t) {
           return wait_for_state(t, worker, 'activated');
         })
       .then(function() { return with_iframe(SCOPE); })
-      .then(function(f) {
-          frame = f;
-          return Promise.all([
+      .then(async function(f) {
+            frame = f;
             // XMLHttpRequest tests.
-            assert_resolves(frame.contentWindow.xhr(XHR_URL),
-                            'Normal XHR should succeed.'),
-            assert_resolves(frame.contentWindow.xhr(REDIRECT_TO_XHR_URL),
-                            'Redirected XHR should succeed.'),
-            assert_resolves(
+            await assert_resolves(frame.contentWindow.xhr(XHR_URL),
+                            'Normal XHR should succeed.');
+            await assert_resolves(frame.contentWindow.xhr(REDIRECT_TO_XHR_URL),
+                            'Redirected XHR should succeed.');
+            await assert_resolves(
                 frame.contentWindow.xhr(
                     './?url=' + encodeURIComponent(REDIRECT_TO_XHR_URL) +
                     '&redirect-mode=follow'),
-                'Redirected XHR with Request.redirect=follow should succeed.'),
-            assert_rejects(
+                'Redirected XHR with Request.redirect=follow should succeed.');
+            await assert_rejects(
                 frame.contentWindow.xhr(
                     './?url=' + encodeURIComponent(REDIRECT_TO_XHR_URL) +
                     '&redirect-mode=error'),
-                'Redirected XHR with Request.redirect=error should fail.'),
-            assert_rejects(
+                'Redirected XHR with Request.redirect=error should fail.');
+            await assert_rejects(
                 frame.contentWindow.xhr(
                     './?url=' + encodeURIComponent(REDIRECT_TO_XHR_URL) +
                     '&redirect-mode=manual'),
-                'Redirected XHR with Request.redirect=manual should fail.'),
+                'Redirected XHR with Request.redirect=manual should fail.');
 
             // Image loading tests.
-            assert_resolves(frame.contentWindow.load_image(IMAGE_URL),
-                            'Normal image resource should be loaded.'),
-            assert_resolves(
+            await assert_resolves(frame.contentWindow.load_image(IMAGE_URL),
+                            'Normal image resource should be loaded.');
+            await assert_resolves(
                 frame.contentWindow.load_image(REDIRECT_TO_IMAGE_URL),
-                'Redirected image resource should be loaded.'),
-            assert_resolves(
+                'Redirected image resource should be loaded.');
+            await assert_resolves(
                 frame.contentWindow.load_image(
                     './?url=' + encodeURIComponent(REDIRECT_TO_IMAGE_URL) +
                     '&redirect-mode=follow'),
                 'Loading redirected image with Request.redirect=follow should' +
-                ' succeed.'),
-            assert_rejects(
+                ' succeed.');
+            await assert_rejects(
                 frame.contentWindow.load_image(
                     './?url=' + encodeURIComponent(REDIRECT_TO_IMAGE_URL) +
                     '&redirect-mode=error'),
                 'Loading redirected image with Request.redirect=error should ' +
-                'fail.'),
-            assert_rejects(
+                'fail.');
+            await assert_rejects(
                 frame.contentWindow.load_image(
                     './?url=' + encodeURIComponent(REDIRECT_TO_IMAGE_URL) +
                     '&redirect-mode=manual'),
                 'Loading redirected image with Request.redirect=manual should' +
-                ' fail.'),
+                ' fail.');
 
             // Audio loading tests.
-            assert_resolves(frame.contentWindow.load_audio(AUDIO_URL),
-                            'Normal audio resource should be loaded.'),
-            assert_resolves(
+            await assert_resolves(frame.contentWindow.load_audio(AUDIO_URL),
+                            'Normal audio resource should be loaded.');
+            await assert_resolves(
                 frame.contentWindow.load_audio(REDIRECT_TO_AUDIO_URL),
-                'Redirected audio resource should be loaded.'),
-            assert_resolves(
+                'Redirected audio resource should be loaded.');
+            await assert_resolves(
                 frame.contentWindow.load_audio(
                     './?url=' + encodeURIComponent(REDIRECT_TO_AUDIO_URL) +
                     '&redirect-mode=follow'),
                 'Loading redirected audio with Request.redirect=follow should' +
-                ' succeed.'),
-            assert_rejects(
+                ' succeed.');
+            await assert_rejects(
                 frame.contentWindow.load_audio(
                     './?url=' + encodeURIComponent(REDIRECT_TO_AUDIO_URL) +
                     '&redirect-mode=error'),
                 'Loading redirected audio with Request.redirect=error should ' +
-                'fail.'),
-            assert_rejects(
+                'fail.');
+            await assert_rejects(
                 frame.contentWindow.load_audio(
                     './?url=' + encodeURIComponent(REDIRECT_TO_AUDIO_URL) +
                     '&redirect-mode=manual'),
                 'Loading redirected audio with Request.redirect=manual should' +
-                ' fail.'),
+                ' fail.');
 
             // Iframe tests.
-            assert_resolves(iframe_test(HTML_URL),
-                            'Normal iframe loading should succeed.'),
-            assert_resolves(
+            await assert_resolves(iframe_test(HTML_URL),
+                            'Normal iframe loading should succeed.');
+            await assert_resolves(
                 iframe_test(REDIRECT_TO_HTML_URL),
-                'Normal redirected iframe loading should succeed.'),
-            assert_rejects(
+                'Normal redirected iframe loading should succeed.');
+            await assert_rejects(
                 iframe_test(SCOPE + '?url=' +
                             encodeURIComponent(REDIRECT_TO_HTML_URL) +
                             '&redirect-mode=follow',
                             true /* timeout_enabled */),
                 'Redirected iframe loading with Request.redirect=follow should'+
-                ' fail.'),
-            assert_rejects(
+                ' fail.');
+            await assert_rejects(
                 iframe_test(SCOPE + '?url=' +
                             encodeURIComponent(REDIRECT_TO_HTML_URL) +
                             '&redirect-mode=error',
                             true /* timeout_enabled */),
                 'Redirected iframe loading with Request.redirect=error should '+
-                'fail.'),
-            assert_resolves(
+                'fail.');
+            await assert_resolves(
                 iframe_test(SCOPE + '?url=' +
                             encodeURIComponent(REDIRECT_TO_HTML_URL) +
                             '&redirect-mode=manual',
                             true /* timeout_enabled */),
                 'Redirected iframe loading with Request.redirect=manual should'+
-                ' succeed.'),
-          ]);
+                ' succeed.');
         })
       .then(function() {
           frame.remove();
@@ -184,6 +187,8 @@ promise_test(function(t) {
 
 // test for reponse.redirected
 promise_test(function(t) {
+    test_scope = "redirected";
+
     var SCOPE = 'resources/fetch-request-redirect-iframe.html';
     var SCRIPT = 'resources/fetch-rewrite-worker.js';
     var REDIRECT_URL = base_path() + 'resources/redirect.py?Redirect=';
@@ -207,35 +212,34 @@ promise_test(function(t) {
           return wait_for_state(t, worker, 'activated');
         })
       .then(function() { return with_iframe(SCOPE); })
-      .then(function(f) {
+      .then(async function(f) {
           frame = f;
-          return Promise.all([
             // XMLHttpRequest tests.
-            assert_resolves(
+            await assert_resolves(
                 frame.contentWindow.xhr(
                     './?url=' + encodeURIComponent(XHR_URL) +
                     '&expected_redirected=false' +
                     '&expected_resolves=true'),
                 'Normal XHR should be resolved and response should not be ' +
-                'redirected.'),
-            assert_resolves(
+                'redirected.');
+            await assert_resolves(
                 frame.contentWindow.xhr(
                     './?url=' + encodeURIComponent(REDIRECT_TO_XHR_URL) +
                     '&expected_redirected=true' +
                     '&expected_resolves=true'),
                 'Redirected XHR should be resolved and response should be ' +
-                'redirected.'),
+                'redirected.');
 
             // tests for request's mode = cors
-            assert_resolves(
+            await assert_resolves(
                 frame.contentWindow.xhr(
                     './?url=' + encodeURIComponent(XHR_URL) +
                     '&mode=cors' +
                     '&expected_redirected=false' +
                     '&expected_resolves=true'),
                 'Normal XHR should be resolved and response should not be ' +
-                'redirected even with CORS mode.'),
-            assert_resolves(
+                'redirected even with CORS mode.');
+            await assert_resolves(
                 frame.contentWindow.xhr(
                     './?url=' + encodeURIComponent(REDIRECT_TO_XHR_URL) +
                     '&mode=cors' +
@@ -243,12 +247,12 @@ promise_test(function(t) {
                     '&expected_redirected=true' +
                     '&expected_resolves=true'),
                 'Redirected XHR should be resolved and response.redirected ' +
-                'should be redirected with CORS mode.'),
+                'should be redirected with CORS mode.');
 
             // tests for request's mode = no-cors
             // The response.redirect should be false since we will not add
             // redirected url list when redirect-mode is not follow.
-            assert_rejects(
+            await assert_rejects(
                 frame.contentWindow.xhr(
                     './?url=' + encodeURIComponent(REDIRECT_TO_XHR_URL) +
                     '&mode=no-cors' +
@@ -256,19 +260,18 @@ promise_test(function(t) {
                     '&expected_redirected=false' +
                     '&expected_resolves=false'),
                 'Redirected XHR should be reject and response should be ' +
-                'redirected with NO-CORS mode and redirect-mode=manual.'),
+                'redirected with NO-CORS mode and redirect-mode=manual.');
 
             // tests for redirecting to a cors
-            assert_resolves(
+            await assert_resolves(
                 frame.contentWindow.load_image(
                     './?url=' + encodeURIComponent(REDIRECT_TO_CROSS_ORIGIN) +
                     '&mode=no-cors' +
                     '&redirect-mode=follow' +
                     '&expected_redirected=false' +
                     '&expected_resolves=true'),
-                'Redirected COS image should be reject and response should ' +
-                'not be redirected with NO-CORS mode.'),
-          ]);
+                'Redirected CORS image should be reject and response should ' +
+                'not be redirected with NO-CORS mode.');
         })
       .then(function() {
           frame.remove();
@@ -278,6 +281,8 @@ promise_test(function(t) {
 
 // test for reponse.redirected after cached
 promise_test(function(t) {
+    test_scope = "cache";
+
     var SCOPE = 'resources/fetch-request-redirect-iframe.html';
     var SCRIPT = 'resources/fetch-rewrite-worker.js';
     var REDIRECT_URL = base_path() + 'resources/redirect.py?Redirect=';
@@ -301,29 +306,28 @@ promise_test(function(t) {
           return wait_for_state(t, worker, 'activated');
         })
       .then(function() { return with_iframe(SCOPE); })
-      .then(function(f) {
+      .then(async function(f) {
           frame = f;
-          return Promise.all([
             // XMLHttpRequest tests.
-            assert_resolves(
+            await assert_resolves(
                 frame.contentWindow.xhr(
                     './?url=' + encodeURIComponent(XHR_URL) +
                     '&expected_redirected=false' +
                     '&expected_resolves=true' +
                     '&cache'),
                 'Normal XHR should be resolved and response should not be ' +
-                'redirected.'),
-            assert_resolves(
+                'redirected.');
+            await assert_resolves(
                 frame.contentWindow.xhr(
                     './?url=' + encodeURIComponent(REDIRECT_TO_XHR_URL) +
                     '&expected_redirected=true' +
                     '&expected_resolves=true' +
                     '&cache'),
                 'Redirected XHR should be resolved and response should be ' +
-                'redirected.'),
+                'redirected.');
 
             // tests for request's mode = cors
-            assert_resolves(
+            await assert_resolves(
                 frame.contentWindow.xhr(
                     './?url=' + encodeURIComponent(XHR_URL) +
                     '&mode=cors' +
@@ -331,8 +335,8 @@ promise_test(function(t) {
                     '&expected_resolves=true' +
                     '&cache'),
                 'Normal XHR should be resolved and response should not be ' +
-                'redirected even with CORS mode.'),
-            assert_resolves(
+                'redirected even with CORS mode.');
+            await assert_resolves(
                 frame.contentWindow.xhr(
                     './?url=' + encodeURIComponent(REDIRECT_TO_XHR_URL) +
                     '&mode=cors' +
@@ -341,12 +345,12 @@ promise_test(function(t) {
                     '&expected_resolves=true' +
                     '&cache'),
                 'Redirected XHR should be resolved and response.redirected ' +
-                'should be redirected with CORS mode.'),
+                'should be redirected with CORS mode.');
 
             // tests for request's mode = no-cors
             // The response.redirect should be false since we will not add
             // redirected url list when redirect-mode is not follow.
-            assert_rejects(
+            await assert_rejects(
                 frame.contentWindow.xhr(
                     './?url=' + encodeURIComponent(REDIRECT_TO_XHR_URL) +
                     '&mode=no-cors' +
@@ -355,10 +359,10 @@ promise_test(function(t) {
                     '&expected_resolves=false' +
                     '&cache'),
                 'Redirected XHR should be reject and response should be ' +
-                'redirected with NO-CORS mode and redirect-mode=manual.'),
+                'redirected with NO-CORS mode and redirect-mode=manual.');
 
             // tests for redirecting to a cors
-            assert_resolves(
+            await assert_resolves(
                 frame.contentWindow.load_image(
                     './?url=' + encodeURIComponent(REDIRECT_TO_CROSS_ORIGIN) +
                     '&mode=no-cors' +
@@ -366,9 +370,8 @@ promise_test(function(t) {
                     '&expected_redirected=false' +
                     '&expected_resolves=true' +
                     '&cache'),
-                'Redirected COS image should be reject and response should ' +
-                'not be redirected with NO-CORS mode.'),
-          ]);
+                'Redirected CORS image should be reject and response should ' +
+                'not be redirected with NO-CORS mode.');
         })
       .then(function() {
           frame.remove();
index ffd76bf..4c52ca9 100644 (file)
@@ -20,6 +20,7 @@ function load_image(url) {
       img.onload = resolve;
       img.onerror = reject;
       img.src = url;
+      setTimeout(() => { reject("image load timed out") }, 5000);
     });
 }
 
@@ -30,6 +31,7 @@ function load_audio(url) {
       audio.oncanplay = resolve;
       audio.onerror = reject;
       audio.src = url;
+      setTimeout(() => { reject("audio load timed out") }, 5000);
     });
 }
 </script>
index baae967..f060c15 100644 (file)
@@ -1,5 +1,15 @@
 2018-01-11  Youenn Fablet  <youenn@apple.com>
 
+        Redirected iframe loading with Request.redirect=follow should fail
+        https://bugs.webkit.org/show_bug.cgi?id=181491
+
+        Reviewed by Alex Christensen.
+
+        * WebProcess/Storage/ServiceWorkerClientFetch.cpp:
+        (WebKit::ServiceWorkerClientFetch::validateResponse):
+
+2018-01-11  Youenn Fablet  <youenn@apple.com>
+
         Replace WebRTCLegacyAPIDisabled by WebRTCLegacyAPIEnabled and switch off WebRTC legacy flag by default
         https://bugs.webkit.org/show_bug.cgi?id=181480
 
index 2a5c12a..83b2ade 100644 (file)
@@ -90,7 +90,7 @@ std::optional<ResourceError> ServiceWorkerClientFetch::validateResponse(const Re
     if (options.redirect != FetchOptions::Redirect::Manual && options.mode != FetchOptions::Mode::Navigate && response.tainting() == ResourceResponse::Tainting::Opaqueredirect)
         return ResourceError { errorDomainWebKitInternal, 0, response.url(), ASCIILiteral("Response served by service worker is opaque redirect"), ResourceError::Type::AccessControl };
 
-    if (options.redirect != FetchOptions::Redirect::Follow && response.isRedirected())
+    if ((options.redirect != FetchOptions::Redirect::Follow || options.mode == FetchOptions::Mode::Navigate) && response.isRedirected())
         return ResourceError { errorDomainWebKitInternal, 0, response.url(), ASCIILiteral("Response served by service worker has redirections"), ResourceError::Type::AccessControl };
 
     return std::nullopt;