Make FrameLoader::open() set outgoing referrer properly

author Hironori.Fujii@sony.com <Hironori.Fujii@sony.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>

Wed, 28 Aug 2019 01:40:42 +0000 (01:40 +0000)

committer Hironori.Fujii@sony.com <Hironori.Fujii@sony.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>

Wed, 28 Aug 2019 01:40:42 +0000 (01:40 +0000)
author Hironori.Fujii@sony.com <Hironori.Fujii@sony.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Wed, 28 Aug 2019 01:40:42 +0000 (01:40 +0000)
committer Hironori.Fujii@sony.com <Hironori.Fujii@sony.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Wed, 28 Aug 2019 01:40:42 +0000 (01:40 +0000)
diff --git a/LayoutTests/ChangeLog b/LayoutTests/ChangeLog

index d010507..7e6823f 100644 (file)
--- a/LayoutTests/ChangeLog
+++ b/LayoutTests/ChangeLog
@@ -1,3 +1,14 @@
+2019-08-27  Fujii Hironori  <Hironori.Fujii@sony.com>
+
+        Make FrameLoader::open() set outgoing referrer properly
+        https://bugs.webkit.org/show_bug.cgi?id=167050
+
+        Reviewed by Youenn Fablet.
+
+        * http/tests/navigation/page-cache-fragment-referrer-expected.html: Added.
+        * http/tests/navigation/page-cache-fragment-referrer.html: Added.
+        * http/tests/navigation/resources/referrer.php: Added.
+
  2019-08-27  Devin Rousso  <drousso@apple.com>
  
          Web Inspector: replace uses of added utility `Array.prototype.keySet` with an actual `Set`
diff --git a/LayoutTests/http/tests/navigation/page-cache-fragment-referrer-expected.txt b/LayoutTests/http/tests/navigation/page-cache-fragment-referrer-expected.txt

new file mode 100644 (file)

index 0000000..c63f4fc
--- /dev/null
+++ b/LayoutTests/http/tests/navigation/page-cache-fragment-referrer-expected.txt
@@ -0,0 +1,11 @@
+A cached page with a URL fragment shouldn't send the fragment in the referrer
+
+On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".
+
+
+PASS successfullyParsed is true
+
+TEST COMPLETE
+PASS xhr.responseText is "http://127.0.0.1:8000/navigation/page-cache-fragment-referrer.html"
+PASS xhr.responseText is "http://127.0.0.1:8000/navigation/page-cache-fragment-referrer.html"
+
diff --git a/LayoutTests/http/tests/navigation/page-cache-fragment-referrer.html b/LayoutTests/http/tests/navigation/page-cache-fragment-referrer.html

new file mode 100644 (file)

index 0000000..fa0176f
--- /dev/null
+++ b/LayoutTests/http/tests/navigation/page-cache-fragment-referrer.html
@@ -0,0 +1,33 @@
+<!DOCTYPE html>
+<html>
+<head>
+<script src="../resources/js-test-pre.js"></script>
+<script>
+description("A cached page with a URL fragment shouldn't send the fragment in the referrer");
+
+if (window.testRunner) {
+    testRunner.clearBackForwardList();
+    testRunner.overridePreference('WebKitUsesPageCachePreferenceKey', 1);
+    testRunner.dumpAsText();
+
+    testRunner.queueLoad('resources/success.html');
+    testRunner.queueBackNavigation(1);
+}
+
+const locationWithoutHash = document.location.href;
+
+document.location = '#fragment';
+
+window.addEventListener('pageshow', () => {
+    xhr = new XMLHttpRequest();
+    xhr.open('GET', 'resources/referrer.php', false);
+    xhr.send(null);
+    shouldBeEqualToString('xhr.responseText', locationWithoutHash);
+});
+</script>
+</head>
+<body>
+</body>
+<script src="../resources/js-test-post.js"></script>
+</head>
+</html>
diff --git a/LayoutTests/http/tests/navigation/resources/referrer.php b/LayoutTests/http/tests/navigation/resources/referrer.php

new file mode 100644 (file)

index 0000000..226afda
--- /dev/null
+++ b/LayoutTests/http/tests/navigation/resources/referrer.php
@@ -0,0 +1,6 @@
+<?php
+    // Prevent from being cached.
+    header("Cache-Control: no-store, private, max-age=0");
+    header("Content-Type: text/plain");
+?>
+<?php echo $_SERVER['HTTP_REFERER']; ?>
diff --git a/Source/WebCore/ChangeLog b/Source/WebCore/ChangeLog

index a1b7fad..b03aff0 100644 (file)
--- a/Source/WebCore/ChangeLog
+++ b/Source/WebCore/ChangeLog
@@ -1,3 +1,24 @@
+2019-08-27  John Wilander  <wilander@apple.com>  and  Fujii Hironori  <Hironori.Fujii@sony.com>
+
+        Make FrameLoader::open() set outgoing referrer properly
+        https://bugs.webkit.org/show_bug.cgi?id=167050
+        <rdar://problem/27972404>
+
+        Reviewed by Youenn Fablet.
+
+        In debug builds, an assertion failed in WebCore::SecurityPolicy::generateReferrerHeader:
+        ASSERTION FAILED: referrer == URL(URL(), referrer).strippedForUseAsReferrer()
+
+        In release builds, cached pages with a URL fragment sent its URL fragment in the referrer.
+
+        m_outgoingReferrer mistakenly had a URL fragment.
+
+        Test: http/tests/navigation/page-cache-fragment-referrer.html
+
+        * loader/FrameLoader.cpp:
+        (WebCore::FrameLoader::open): Set m_outgoingReferrer by using
+        FrameLoader::setOutgoingReferrer to remove URL fragments.
+
  2019-08-27  Said Abou-Hallawa  <sabouhallawa@apple.com>
  
          Unreviewed. Build fix after r249175.
diff --git a/Source/WebCore/loader/FrameLoader.cpp b/Source/WebCore/loader/FrameLoader.cpp

index 83beb27..f50b115 100644 (file)
--- a/Source/WebCore/loader/FrameLoader.cpp
+++ b/Source/WebCore/loader/FrameLoader.cpp
@@ -2309,7 +2309,7 @@ void FrameLoader::open(CachedFrameBase& cachedFrame)
      m_needsClear = true;
      m_isComplete = false;
      m_didCallImplicitClose = false;
-    m_outgoingReferrer = url.string();
+    setOutgoingReferrer(url);
  
      FrameView* view = cachedFrame.view();
author	Hironori.Fujii@sony.com <Hironori.Fujii@sony.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
	Wed, 28 Aug 2019 01:40:42 +0000 (01:40 +0000)
committer	Hironori.Fujii@sony.com <Hironori.Fujii@sony.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
	Wed, 28 Aug 2019 01:40:42 +0000 (01:40 +0000)
LayoutTests/ChangeLog		patch \| blob \| history
LayoutTests/http/tests/navigation/page-cache-fragment-referrer-expected.txt	[new file with mode: 0644]	patch \| blob
LayoutTests/http/tests/navigation/page-cache-fragment-referrer.html	[new file with mode: 0644]	patch \| blob
LayoutTests/http/tests/navigation/resources/referrer.php	[new file with mode: 0644]	patch \| blob
Source/WebCore/ChangeLog		patch \| blob \| history
Source/WebCore/loader/FrameLoader.cpp		patch \| blob \| history