Crash when following a Google search link to Twitter with Limit Adult Content enabled
authoraestes@apple.com <aestes@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Wed, 26 Aug 2015 21:15:49 +0000 (21:15 +0000)
committeraestes@apple.com <aestes@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Wed, 26 Aug 2015 21:15:49 +0000 (21:15 +0000)
https://bugs.webkit.org/show_bug.cgi?id=147651

Rubber-stamped by Brady Eidson.

Tools:

Taught TestRunner how to decide the navigation policy after a delay.

* WebKitTestRunner/InjectedBundle/Bindings/TestRunner.idl:
* WebKitTestRunner/InjectedBundle/InjectedBundlePage.cpp:
(WTR::InjectedBundlePage::decidePolicyForNavigationAction):
* WebKitTestRunner/InjectedBundle/TestRunner.cpp:
(WTR::TestRunner::setShouldDecideNavigationPolicyAfterDelay):
* WebKitTestRunner/InjectedBundle/TestRunner.h:
(WTR::TestRunner::shouldDecideNavigationPolicyAfterDelay):
* WebKitTestRunner/TestController.cpp:
(WTR::TestController::initialize):
(WTR::TestController::resetStateToConsistentValues):
(WTR::TestController::decidePolicyForNavigationAction):
* WebKitTestRunner/TestController.h:
(WTR::TestController::setShouldDecideNavigationPolicyAfterDelay):
* WebKitTestRunner/TestInvocation.cpp:
(WTR::TestInvocation::didReceiveMessageFromInjectedBundle):

LayoutTests:

Added a layout test.

* http/tests/contentfiltering/load-substitute-data-from-appcache-expected.txt: Added.
* http/tests/contentfiltering/load-substitute-data-from-appcache.html: Added.
* http/tests/contentfiltering/resources/appcache.html: Added.
* http/tests/contentfiltering/resources/appcache.manifest: Added.
* platform/mac-wk1/TestExpectations:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@188988 268f45cc-cd09-0410-ab3c-d52691b4dbfc

14 files changed:
LayoutTests/ChangeLog
LayoutTests/http/tests/contentfiltering/load-substitute-data-from-appcache-expected.txt [new file with mode: 0644]
LayoutTests/http/tests/contentfiltering/load-substitute-data-from-appcache.html [new file with mode: 0644]
LayoutTests/http/tests/contentfiltering/resources/appcache.html [new file with mode: 0644]
LayoutTests/http/tests/contentfiltering/resources/appcache.manifest [new file with mode: 0644]
LayoutTests/platform/mac-wk1/TestExpectations
Tools/ChangeLog
Tools/WebKitTestRunner/InjectedBundle/Bindings/TestRunner.idl
Tools/WebKitTestRunner/InjectedBundle/InjectedBundlePage.cpp
Tools/WebKitTestRunner/InjectedBundle/TestRunner.cpp
Tools/WebKitTestRunner/InjectedBundle/TestRunner.h
Tools/WebKitTestRunner/TestController.cpp
Tools/WebKitTestRunner/TestController.h
Tools/WebKitTestRunner/TestInvocation.cpp

index d770b6b..d0ebd85 100644 (file)
@@ -1,3 +1,18 @@
+2015-08-26  Andy Estes  <aestes@apple.com>
+
+        Crash when following a Google search link to Twitter with Limit Adult Content enabled
+        https://bugs.webkit.org/show_bug.cgi?id=147651
+
+        Rubber-stamped by Brady Eidson.
+
+        Added a layout test.
+
+        * http/tests/contentfiltering/load-substitute-data-from-appcache-expected.txt: Added.
+        * http/tests/contentfiltering/load-substitute-data-from-appcache.html: Added.
+        * http/tests/contentfiltering/resources/appcache.html: Added.
+        * http/tests/contentfiltering/resources/appcache.manifest: Added.
+        * platform/mac-wk1/TestExpectations:
+
 2015-08-26  Tim Horton  <timothy_horton@apple.com>
 
         Layout Test platform/mac/fast/events/content-inset-hit-testing-in-frame.html is flaky
diff --git a/LayoutTests/http/tests/contentfiltering/load-substitute-data-from-appcache-expected.txt b/LayoutTests/http/tests/contentfiltering/load-substitute-data-from-appcache-expected.txt
new file mode 100644 (file)
index 0000000..22edd51
--- /dev/null
@@ -0,0 +1,3 @@
+This is a regression test for webkit.org/b/147651. The test passes if it does not crash.
+
+
diff --git a/LayoutTests/http/tests/contentfiltering/load-substitute-data-from-appcache.html b/LayoutTests/http/tests/contentfiltering/load-substitute-data-from-appcache.html
new file mode 100644 (file)
index 0000000..a28d9c8
--- /dev/null
@@ -0,0 +1,24 @@
+<!DOCTYPE html>
+<script>
+if (window.internals) {
+    var settings = window.internals.mockContentFilterSettings;
+    settings.enabled = true;
+    settings.decisionPoint = settings.DECISION_POINT_AFTER_ADD_DATA;
+    settings.decision = settings.DECISION_ALLOW;
+}
+
+if (window.testRunner) {
+    testRunner.dumpAsText();
+    testRunner.waitUntilDone();
+    testRunner.setShouldDecideNavigationPolicyAfterDelay(true);
+}
+
+window.addEventListener("message", function() {
+    frames[0].location = "/resources/redirect.php?url=/contentfiltering/resources/appcache.html";
+});
+</script>
+<body>
+<p>This is a regression test for <a href="https://bugs.webkit.org/show_bug.cgi?id=147651">webkit.org/b/147651</a>. The test passes if it does not crash.</p>
+<iframe src="/contentfiltering/resources/appcache.html"></iframe>
+</body>
+</html>
diff --git a/LayoutTests/http/tests/contentfiltering/resources/appcache.html b/LayoutTests/http/tests/contentfiltering/resources/appcache.html
new file mode 100644 (file)
index 0000000..071b961
--- /dev/null
@@ -0,0 +1,13 @@
+<!DOCTYPE html>
+<html manifest="appcache.manifest">
+<script>
+applicationCache.onnoupdate = function() {
+    if (window.testRunner)
+        testRunner.notifyDone();
+}
+
+applicationCache.oncached = function() {
+    parent.postMessage("cached", "*");
+}
+</script>
+</html>
diff --git a/LayoutTests/http/tests/contentfiltering/resources/appcache.manifest b/LayoutTests/http/tests/contentfiltering/resources/appcache.manifest
new file mode 100644 (file)
index 0000000..af16a0e
--- /dev/null
@@ -0,0 +1 @@
+CACHE MANIFEST
index 84dae4c..705bf55 100644 (file)
@@ -141,3 +141,6 @@ loader/navigation-policy [ Skip ]
 
 ### END OF (2) Failures without bug reports
 ########################################
+
+# This test is WebKit2-only
+http/tests/contentfiltering/load-substitute-data-from-appcache.html
index a6d7005..b1e9a68 100644 (file)
@@ -1,3 +1,28 @@
+2015-08-26  Andy Estes  <aestes@apple.com>
+
+        Crash when following a Google search link to Twitter with Limit Adult Content enabled
+        https://bugs.webkit.org/show_bug.cgi?id=147651
+
+        Rubber-stamped by Brady Eidson.
+
+        Taught TestRunner how to decide the navigation policy after a delay.
+
+        * WebKitTestRunner/InjectedBundle/Bindings/TestRunner.idl:
+        * WebKitTestRunner/InjectedBundle/InjectedBundlePage.cpp:
+        (WTR::InjectedBundlePage::decidePolicyForNavigationAction):
+        * WebKitTestRunner/InjectedBundle/TestRunner.cpp:
+        (WTR::TestRunner::setShouldDecideNavigationPolicyAfterDelay):
+        * WebKitTestRunner/InjectedBundle/TestRunner.h:
+        (WTR::TestRunner::shouldDecideNavigationPolicyAfterDelay):
+        * WebKitTestRunner/TestController.cpp:
+        (WTR::TestController::initialize):
+        (WTR::TestController::resetStateToConsistentValues):
+        (WTR::TestController::decidePolicyForNavigationAction):
+        * WebKitTestRunner/TestController.h:
+        (WTR::TestController::setShouldDecideNavigationPolicyAfterDelay):
+        * WebKitTestRunner/TestInvocation.cpp:
+        (WTR::TestInvocation::didReceiveMessageFromInjectedBundle):
+
 2015-08-26  Brent Fulgham  <bfulgham@apple.com>
 
         [Win] Rename 'WinLauncher' to 'MiniBrowser'
index 1b30759..5fd4242 100644 (file)
@@ -75,6 +75,7 @@ interface TestRunner {
     void setCacheModel(int model);
     void setAsynchronousSpellCheckingEnabled(boolean value);
     void setPrinting();
+    void setShouldDecideNavigationPolicyAfterDelay(boolean value);
 
     // Special DOM functions.
     void clearBackForwardList();
index 9d232ee..cb22d6d 100644 (file)
@@ -1286,6 +1286,9 @@ WKBundlePagePolicyAction InjectedBundlePage::decidePolicyForNavigationAction(WKB
         injectedBundle.outputText(stringBuilder.toString());
     }
 
+    if (injectedBundle.testRunner()->shouldDecideNavigationPolicyAfterDelay())
+        return WKBundlePagePolicyActionPassThrough;
+
     if (!injectedBundle.testRunner()->isPolicyDelegateEnabled())
         return WKBundlePagePolicyActionUse;
 
index 2085607..3b616d5 100644 (file)
@@ -852,4 +852,12 @@ JSValueRef TestRunner::neverInlineFunction(JSValueRef theFunction)
     return JSC::setNeverInline(context, theFunction);
 }
 
+void TestRunner::setShouldDecideNavigationPolicyAfterDelay(bool value)
+{
+    m_shouldDecideNavigationPolicyAfterDelay = value;
+    WKRetainPtr<WKStringRef> messageName(AdoptWK, WKStringCreateWithUTF8CString("SetShouldDecideNavigationPolicyAfterDelay"));
+    WKRetainPtr<WKBooleanRef> messageBody(AdoptWK, WKBooleanCreate(value));
+    WKBundlePagePostMessage(InjectedBundle::singleton().page()->page(), messageName.get(), messageBody.get());
+}
+
 } // namespace WTR
index 81d62b6..4d2f25c 100644 (file)
@@ -283,6 +283,9 @@ public:
     JSValueRef numberOfDFGCompiles(JSValueRef theFunction);
     JSValueRef neverInlineFunction(JSValueRef theFunction);
 
+    bool shouldDecideNavigationPolicyAfterDelay() const { return m_shouldDecideNavigationPolicyAfterDelay; }
+    void setShouldDecideNavigationPolicyAfterDelay(bool);
+
 private:
     TestRunner();
 
@@ -333,6 +336,8 @@ private:
     double m_databaseDefaultQuota;
     double m_databaseMaxQuota;
 
+    bool m_shouldDecideNavigationPolicyAfterDelay { false };
+
     bool m_userStyleSheetEnabled;
     WKRetainPtr<WKStringRef> m_userStyleSheetLocation;
 
index c231076..6fb0caa 100644 (file)
@@ -56,6 +56,7 @@
 #include <ctype.h>
 #include <stdlib.h>
 #include <string>
+#include <wtf/RunLoop.h>
 #include <wtf/text/CString.h>
 
 #if PLATFORM(COCOA)
@@ -312,6 +313,8 @@ const char* TestController::libraryPathForTesting()
 
 void TestController::initialize(int argc, const char* argv[])
 {
+    RunLoop::initializeMainRunLoop();
+
     platformInitialize();
 
     Options options;
@@ -724,6 +727,8 @@ bool TestController::resetStateToConsistentValues()
     // Reset main page back to about:blank
     m_doneResetting = false;
 
+    m_shouldDecideNavigationPolicyAfterDelay = false;
+
     WKPageLoadURL(m_mainWebView->page(), blankURL());
     runUntil(m_doneResetting, shortTimeout);
     return m_doneResetting;
@@ -1493,12 +1498,19 @@ void TestController::decidePolicyForNavigationAction(WKPageRef, WKNavigationActi
 
 void TestController::decidePolicyForNavigationAction(WKFramePolicyListenerRef listener)
 {
-    if (m_policyDelegateEnabled && !m_policyDelegatePermissive) {
-        WKFramePolicyListenerIgnore(listener);
-        return;
-    }
+    WKRetainPtr<WKFramePolicyListenerRef> retainedListener { listener };
+    const bool shouldIgnore { m_policyDelegateEnabled && !m_policyDelegatePermissive };
+    std::function<void()> decisionFunction = [shouldIgnore, retainedListener]() {
+        if (shouldIgnore)
+            WKFramePolicyListenerIgnore(retainedListener.get());
+        else
+            WKFramePolicyListenerUse(retainedListener.get());
+    };
 
-    WKFramePolicyListenerUse(listener);
+    if (m_shouldDecideNavigationPolicyAfterDelay)
+        RunLoop::main().dispatch(decisionFunction);
+    else
+        decisionFunction();
 }
 
 void TestController::decidePolicyForNavigationResponse(WKPageRef, WKNavigationResponseRef navigationResponse, WKFramePolicyListenerRef listener, WKTypeRef, const void* clientInfo)
index dd7f808..27147a4 100644 (file)
@@ -124,6 +124,8 @@ public:
 
     bool isCurrentInvocation(TestInvocation* invocation) const { return invocation == m_currentInvocation.get(); }
 
+    void setShouldDecideNavigationPolicyAfterDelay(bool value) { m_shouldDecideNavigationPolicyAfterDelay = value; }
+
 private:
     void initialize(int argc, const char* argv[]);
     void createWebViewWithOptions(const ViewOptions&);
@@ -285,6 +287,8 @@ private:
     bool m_shouldLogHistoryClientCallbacks;
     bool m_shouldShowWebView;
 
+    bool m_shouldDecideNavigationPolicyAfterDelay { false };
+
     std::unique_ptr<EventSenderProxy> m_eventSenderProxy;
 
     WorkQueueManager m_workQueueManager;
index f154c98..091911e 100644 (file)
@@ -628,6 +628,13 @@ void TestInvocation::didReceiveMessageFromInjectedBundle(WKStringRef messageName
         return;
     }
 
+    if (WKStringIsEqualToUTF8CString(messageName, "SetShouldDecideNavigationPolicyAfterDelay")) {
+        ASSERT(WKGetTypeID(messageBody) == WKBooleanGetTypeID());
+        WKBooleanRef value = static_cast<WKBooleanRef>(messageBody);
+        TestController::singleton().setShouldDecideNavigationPolicyAfterDelay(WKBooleanGetValue(value));
+        return;
+    }
+
     ASSERT_NOT_REACHED();
 }