REGRESSION(r204163): Web Inspector: Page crashes when Inspector tries to load insecur...
authorcommit-queue@webkit.org <commit-queue@webkit.org@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Wed, 14 Dec 2016 00:20:11 +0000 (00:20 +0000)
committercommit-queue@webkit.org <commit-queue@webkit.org@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Wed, 14 Dec 2016 00:20:11 +0000 (00:20 +0000)
https://bugs.webkit.org/show_bug.cgi?id=165806
<rdar://problem/28169025>

Patch by Joseph Pecoraro <pecoraro@apple.com> on 2016-12-13
Reviewed by Alex Christensen.

Source/WebCore:

Test: http/tests/inspector/network/loadResource-insecure-resource.html

* inspector/InspectorNetworkAgent.cpp:
(WebCore::InspectorNetworkAgent::loadResource):
DocumentThreadableLoader now triggers the ThreadableLoaderClient's didFail
callback, so this didFailLoaderCreation is now redundent and incorrect.

LayoutTests:

* http/tests/inspector/network/loadResource-insecure-resource-expected.txt: Added.
* http/tests/inspector/network/loadResource-insecure-resource.html: Added.
* http/tests/inspector/network/resource-timing.html:
* http/tests/inspector/resources/inspector-test.js:
(runTestHTTPS):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@209784 268f45cc-cd09-0410-ab3c-d52691b4dbfc

LayoutTests/ChangeLog
LayoutTests/http/tests/inspector/network/loadResource-insecure-resource-expected.txt [new file with mode: 0644]
LayoutTests/http/tests/inspector/network/loadResource-insecure-resource.html [new file with mode: 0644]
LayoutTests/http/tests/inspector/network/resource-timing.html
LayoutTests/http/tests/inspector/resources/inspector-test.js
Source/WebCore/ChangeLog
Source/WebCore/inspector/InspectorNetworkAgent.cpp
Source/WebCore/loader/cache/CachedResourceLoader.cpp

index 9faaa39..2be9a33 100644 (file)
@@ -1,3 +1,17 @@
+2016-12-13  Joseph Pecoraro  <pecoraro@apple.com>
+
+        REGRESSION(r204163): Web Inspector: Page crashes when Inspector tries to load insecure SourceMap
+        https://bugs.webkit.org/show_bug.cgi?id=165806
+        <rdar://problem/28169025>
+
+        Reviewed by Alex Christensen.
+
+        * http/tests/inspector/network/loadResource-insecure-resource-expected.txt: Added.
+        * http/tests/inspector/network/loadResource-insecure-resource.html: Added.
+        * http/tests/inspector/network/resource-timing.html:
+        * http/tests/inspector/resources/inspector-test.js:
+        (runTestHTTPS):
+
 2016-12-13  Ryan Haddad  <ryanhaddad@apple.com>
 
         Rebaseline js/dom/global-constructors-attributes.html after r209777.
diff --git a/LayoutTests/http/tests/inspector/network/loadResource-insecure-resource-expected.txt b/LayoutTests/http/tests/inspector/network/loadResource-insecure-resource-expected.txt
new file mode 100644 (file)
index 0000000..4b3125d
--- /dev/null
@@ -0,0 +1,14 @@
+CONSOLE MESSAGE: [blocked] The page at https://127.0.0.1:8443/inspector/network/loadResource-insecure-resource.html was not allowed to display insecure content from http://127.0.0.0:8000/inspector/network/resources/data.json?2.
+
+Tests loading resources on a secure page with Network.loadResource.
+
+
+== Running test suite: Network.loadResource.MixedContent
+-- Running test case: Network.loadResource.MixedContent.SecureSuccess
+PASS: Should not be an error loading a secure resource.
+PASS: Should be a 200 OK status.
+
+-- Running test case: Network.loadResource.MixedContent.InsecureFailure
+PASS: Should be an error loading an insecure resource.
+PASS: Loading resource for inspector failed access control check
+
diff --git a/LayoutTests/http/tests/inspector/network/loadResource-insecure-resource.html b/LayoutTests/http/tests/inspector/network/loadResource-insecure-resource.html
new file mode 100644 (file)
index 0000000..de96e3f
--- /dev/null
@@ -0,0 +1,43 @@
+<!DOCTYPE html>
+<html>
+<head>
+<script src="../resources/inspector-test.js"></script>
+<script>
+function test()
+{
+    let suite = InspectorTest.createAsyncSuite("Network.loadResource.MixedContent");
+
+    suite.addTestCase({
+        name: "Network.loadResource.MixedContent.SecureSuccess",
+        description: "Ensure trying to load an https resource from a secure page succeeds.",
+        test(resolve, reject) {
+            const url = "https://127.0.0.1:8443/inspector/network/resources/data.json?1";
+            NetworkAgent.loadResource(WebInspector.frameResourceManager.mainFrame.id, url, (error, content, mimeType, status) => {
+                InspectorTest.expectThat(!error, "Should not be an error loading a secure resource.");
+                InspectorTest.expectEqual(status, 200, "Should be a 200 OK status.");
+                resolve();
+            });
+        }
+    });
+
+    suite.addTestCase({
+        name: "Network.loadResource.MixedContent.InsecureFailure",
+        description: "Ensure trying to load an http resource from a secure page fails.",
+        test(resolve, reject) {
+            const url = "http://127.0.0.0:8000/inspector/network/resources/data.json?2";
+            NetworkAgent.loadResource(WebInspector.frameResourceManager.mainFrame.id, url, (error, content, mimeType, status) => {
+                InspectorTest.expectThat(error, "Should be an error loading an insecure resource.");
+                InspectorTest.pass(error);
+                resolve();
+            });
+        }
+    });
+
+    suite.runTestCasesAndFinish();
+}
+</script>
+</head>
+<body onload="runTestHTTPS()">
+<p>Tests loading resources on a secure page with Network.loadResource.</p>
+</body>
+</html>
index d5a34cf..10bef54 100644 (file)
@@ -10,9 +10,10 @@ function createRequest() {
     document.body.appendChild(img);
 }
 
-function test() {
+function test()
+{
     let suite = InspectorTest.createAsyncSuite("ResourceTimingData");
-    InspectorTest.debug();
+
     suite.addTestCase({
         name: "CheckResourceTimingInformationForResource",
         description: "Check if a resource has timing information.",
index 2349c4e..b36c13d 100644 (file)
@@ -101,6 +101,24 @@ function runTest()
     testRunner.evaluateInWebInspector(testFunctionCodeString);
 }
 
+function runTestHTTPS()
+{
+    if (window.testRunner) {
+        testRunner.dumpAsText();
+        testRunner.waitUntilDone();
+    }
+
+    let url = new URL(document.URL);
+    if (url.protocol !== "https:") {
+        url.protocol = "https:";
+        url.port = "8443";
+        window.location.href = url.toString();
+        return;
+    }
+
+    runTest();
+}
+
 TestPage.completeTest = function()
 {
     // Don't try to use testRunner if running through the browser.
index 8b6d993..51e39ca 100644 (file)
@@ -1,3 +1,18 @@
+2016-12-13  Joseph Pecoraro  <pecoraro@apple.com>
+
+        REGRESSION(r204163): Web Inspector: Page crashes when Inspector tries to load insecure SourceMap
+        https://bugs.webkit.org/show_bug.cgi?id=165806
+        <rdar://problem/28169025>
+
+        Reviewed by Alex Christensen.
+
+        Test: http/tests/inspector/network/loadResource-insecure-resource.html
+
+        * inspector/InspectorNetworkAgent.cpp:
+        (WebCore::InspectorNetworkAgent::loadResource):
+        DocumentThreadableLoader now triggers the ThreadableLoaderClient's didFail
+        callback, so this didFailLoaderCreation is now redundent and incorrect.
+
 2016-12-13  Dave Hyatt  <hyatt@apple.com>
 
         [CSS Parser] Enhance fast path translate transforms to allow percentages
index 48e7149..1291ec8 100644 (file)
@@ -129,12 +129,6 @@ public:
         dispose();
     }
 
-    void didFailLoaderCreation()
-    {
-        m_callback->sendFailure(ASCIILiteral("Could not create a loader"));
-        dispose();
-    }
-
     void setLoader(RefPtr<ThreadableLoader>&& loader)
     {
         m_loader = WTFMove(loader);
@@ -683,14 +677,11 @@ void InspectorNetworkAgent::loadResource(ErrorString& errorString, const String&
     options.credentials = FetchOptions::Credentials::SameOrigin;
     options.contentSecurityPolicyEnforcement = ContentSecurityPolicyEnforcement::DoNotEnforce;
 
-    // InspectorThreadableLoaderClient deletes itself when the load completes.
+    // InspectorThreadableLoaderClient deletes itself when the load completes or fails.
     InspectorThreadableLoaderClient* inspectorThreadableLoaderClient = new InspectorThreadableLoaderClient(callback.copyRef());
-
     auto loader = DocumentThreadableLoader::create(*document, *inspectorThreadableLoaderClient, WTFMove(request), options);
-    if (!loader) {
-        inspectorThreadableLoaderClient->didFailLoaderCreation();
+    if (!loader)
         return;
-    }
 
     // If the load already completed, inspectorThreadableLoaderClient will have been deleted and we will have already called the callback.
     if (!callback->isActive())
index c13e8fc..940d311 100644 (file)
@@ -331,7 +331,6 @@ static MixedContentChecker::ContentType contentTypeFromResourceType(CachedResour
 
 bool CachedResourceLoader::checkInsecureContent(CachedResource::Type type, const URL& url) const
 {
-
     if (!canRequestInContentDispositionAttachmentSandbox(type, url))
         return false;