Network cache: Subresource referer header wrong after cached redirect
authorantti@apple.com <antti@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Thu, 1 Oct 2015 18:09:07 +0000 (18:09 +0000)
committerantti@apple.com <antti@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Thu, 1 Oct 2015 18:09:07 +0000 (18:09 +0000)
https://bugs.webkit.org/show_bug.cgi?id=149709
rdar://problem/22917174

Reviewed by Chris Dumez.

Source/WebKit2:

If a main resource is loaded from a cache entry that involved redirects the document
will end up setting the Referer-headers of the subresources to the request URL not the redirected URL

* NetworkProcess/NetworkResourceLoader.cpp:
(WebKit::NetworkResourceLoader::didRetrieveCacheEntry):

    If a cache entry involved a redirect synthesize a minimal willSendRequest message so that WebCore side
    runs through the same code paths as when receiving a redirect from network.

LayoutTests:

* http/tests/cache/redirect-referer-expected.html: Added.
* http/tests/cache/redirect-referer.html: Added.
* http/tests/cache/resources/load-and-check-referer.php: Added.
* http/tests/cache/resources/permanent-redirect.php: Added.
* http/tests/cache/resources/redirect-referer-iframe.html: Added.
* http/tests/cache/resources/redirect-referer-iframe-expected.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@190418 268f45cc-cd09-0410-ab3c-d52691b4dbfc

LayoutTests/ChangeLog
LayoutTests/http/tests/cache/redirect-referer-expected.html [new file with mode: 0644]
LayoutTests/http/tests/cache/redirect-referer.html [new file with mode: 0644]
LayoutTests/http/tests/cache/resources/load-and-check-referer.php [new file with mode: 0644]
LayoutTests/http/tests/cache/resources/permanent-redirect.php [new file with mode: 0644]
LayoutTests/http/tests/cache/resources/redirect-referer-iframe-expected.html [new file with mode: 0644]
LayoutTests/http/tests/cache/resources/redirect-referer-iframe.html [new file with mode: 0644]
Source/WebKit2/ChangeLog
Source/WebKit2/NetworkProcess/NetworkResourceLoader.cpp

index 6bfe9b4..158dedc 100644 (file)
@@ -1,3 +1,18 @@
+2015-10-01  Antti Koivisto  <antti@apple.com>
+
+        Network cache: Subresource referer header wrong after cached redirect
+        https://bugs.webkit.org/show_bug.cgi?id=149709
+        rdar://problem/22917174
+
+        Reviewed by Chris Dumez.
+
+        * http/tests/cache/redirect-referer-expected.html: Added.
+        * http/tests/cache/redirect-referer.html: Added.
+        * http/tests/cache/resources/load-and-check-referer.php: Added.
+        * http/tests/cache/resources/permanent-redirect.php: Added.
+        * http/tests/cache/resources/redirect-referer-iframe.html: Added.
+        * http/tests/cache/resources/redirect-referer-iframe-expected.html: Added.
+
 2015-10-01  Myles C. Maxfield  <mmaxfield@apple.com>
 
         accessibility/mac/aria-expanded-notifications.html is flaky
diff --git a/LayoutTests/http/tests/cache/redirect-referer-expected.html b/LayoutTests/http/tests/cache/redirect-referer-expected.html
new file mode 100644 (file)
index 0000000..76309cd
--- /dev/null
@@ -0,0 +1,2 @@
+<iframe src="resources/redirect-referer-iframe-expected.html"></iframe>
+<iframe src="resources/redirect-referer-iframe-expected.html"></iframe>
diff --git a/LayoutTests/http/tests/cache/redirect-referer.html b/LayoutTests/http/tests/cache/redirect-referer.html
new file mode 100644 (file)
index 0000000..cd84ffb
--- /dev/null
@@ -0,0 +1,17 @@
+<body>
+<script>
+var rnd = Math.floor(Math.random() * 1000000000000000);
+var iframeSrc = "resources/permanent-redirect.php?location=redirect-referer-iframe.html&rnd=" + rnd;
+
+var iframe = document.createElement("iframe");
+iframe.src = iframeSrc;
+iframe.onload = function () {
+    if (window.internals)
+        internals.clearMemoryCache();
+    var iframe = document.createElement("iframe");
+    iframe.src = iframeSrc;
+    document.body.appendChild(iframe);
+}
+document.body.appendChild(iframe);
+
+</script>
diff --git a/LayoutTests/http/tests/cache/resources/load-and-check-referer.php b/LayoutTests/http/tests/cache/resources/load-and-check-referer.php
new file mode 100644 (file)
index 0000000..7838b49
--- /dev/null
@@ -0,0 +1,40 @@
+<?
+function contentType($path)
+{
+    if (preg_match("/\.html$/", $path))
+        return "text/html";
+    if (preg_match("/\.manifest$/", $path))
+        return "text/cache-manifest";
+    if (preg_match("/\.js$/", $path))
+        return "text/javascript";
+    if (preg_match("/\.xml$/", $path))
+        return "application/xml";
+    if (preg_match("/\.xhtml$/", $path))
+        return "application/xhtml+xml";
+    if (preg_match("/\.svg$/", $path))
+        return "application/svg+xml";
+    if (preg_match("/\.xsl$/", $path))
+        return "application/xslt+xml";
+    if (preg_match("/\.gif$/", $path))
+        return "image/gif";
+    if (preg_match("/\.jpg$/", $path))
+        return "image/jpeg";
+    if (preg_match("/\.png$/", $path))
+        return "image/png";
+    return "text/plain";
+}
+
+$path = $_GET['path'];
+$expectedReferer = $_GET['expected-referer'];
+$referer = $_SERVER["HTTP_REFERER"];
+
+if ($expectedReferer == $referer && file_exists($path)) {
+    header('HTTP/1.1 200 OK');
+    header("Cache-control: no-store");
+    header("Content-Type: " . contentType($path));
+    print file_get_contents($path);
+} else {
+    header('HTTP/1.1 404 Not Found');
+}
+
+?>
diff --git a/LayoutTests/http/tests/cache/resources/permanent-redirect.php b/LayoutTests/http/tests/cache/resources/permanent-redirect.php
new file mode 100644 (file)
index 0000000..da94e56
--- /dev/null
@@ -0,0 +1,6 @@
+<?
+$location = $_GET['location'];
+
+header('HTTP/1.1 301 Permanent Redirect');
+header('Location:' . $location);
+?>
diff --git a/LayoutTests/http/tests/cache/resources/redirect-referer-iframe-expected.html b/LayoutTests/http/tests/cache/resources/redirect-referer-iframe-expected.html
new file mode 100644 (file)
index 0000000..a6178db
--- /dev/null
@@ -0,0 +1 @@
+<img src="compass-no-cache.jpg">
diff --git a/LayoutTests/http/tests/cache/resources/redirect-referer-iframe.html b/LayoutTests/http/tests/cache/resources/redirect-referer-iframe.html
new file mode 100644 (file)
index 0000000..38d6467
--- /dev/null
@@ -0,0 +1 @@
+<img src="load-and-check-referer.php?path=compass-no-cache.jpg&expected-referer=http://127.0.0.1:8000/cache/resources/redirect-referer-iframe.html">
index ba42715..86bbe48 100644 (file)
@@ -1,3 +1,20 @@
+2015-10-01  Antti Koivisto  <antti@apple.com>
+
+        Network cache: Subresource referer header wrong after cached redirect
+        https://bugs.webkit.org/show_bug.cgi?id=149709
+        rdar://problem/22917174
+
+        Reviewed by Chris Dumez.
+
+        If a main resource is loaded from a cache entry that involved redirects the document
+        will end up setting the Referer-headers of the subresources to the request URL not the redirected URL
+
+        * NetworkProcess/NetworkResourceLoader.cpp:
+        (WebKit::NetworkResourceLoader::didRetrieveCacheEntry):
+
+            If a cache entry involved a redirect synthesize a minimal willSendRequest message so that WebCore side
+            runs through the same code paths as when receiving a redirect from network.
+
 2015-10-01  Carlos Garcia Campos  <cgarcia@igalia.com>
 
         [GTK] Websites with invalid auth header keep loading forever
index f58bd88..689c2d1 100644 (file)
@@ -570,6 +570,14 @@ void NetworkResourceLoader::didRetrieveCacheEntry(std::unique_ptr<NetworkCache::
         m_synchronousLoadData->response = entry->response();
         sendReplyToSynchronousRequest(*m_synchronousLoadData, entry->buffer());
     } else {
+        if (entry->response().url() != originalRequest().url()) {
+            // This is a cached redirect. Synthesize a minimal redirect so we get things like referer header right.
+            // FIXME: We should cache the actual redirects.
+            ResourceRequest syntheticRedirectRequest(entry->response().url());
+            ResourceResponse syntheticRedirectResponse(originalRequest().url(), { }, 0, { });
+            sendAbortingOnFailure(Messages::WebResourceLoader::WillSendRequest(syntheticRedirectRequest, syntheticRedirectResponse));
+        }
+
         bool needsContinueDidReceiveResponseMessage = originalRequest().requester() == ResourceRequest::Requester::Main;
         sendAbortingOnFailure(Messages::WebResourceLoader::DidReceiveResponse(entry->response(), needsContinueDidReceiveResponseMessage));