Unreviewed, rolling out r224019.
authorryanhaddad@apple.com <ryanhaddad@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Thu, 26 Oct 2017 17:45:19 +0000 (17:45 +0000)
committerryanhaddad@apple.com <ryanhaddad@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Thu, 26 Oct 2017 17:45:19 +0000 (17:45 +0000)
This change caused API test WebKit.MSEIsPlayingAudio to time
out.

Reverted changeset:

"XMLHttpRequest should not treat file URLs as same origin"
https://bugs.webkit.org/show_bug.cgi?id=178565
https://trac.webkit.org/changeset/224019

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@224025 268f45cc-cd09-0410-ab3c-d52691b4dbfc

14 files changed:
LayoutTests/ChangeLog
LayoutTests/fast/xmlhttprequest/resources/xmlhttprequest-access-self-as-blob-real.html [deleted file]
LayoutTests/fast/xmlhttprequest/resources/xmlhttprequest-access-self-as-file-real.html [deleted file]
LayoutTests/fast/xmlhttprequest/xmlhttprequest-access-self-as-blob-expected.txt [deleted file]
LayoutTests/fast/xmlhttprequest/xmlhttprequest-access-self-as-blob.html [deleted file]
LayoutTests/fast/xmlhttprequest/xmlhttprequest-access-self-as-file-expected.txt [deleted file]
LayoutTests/fast/xmlhttprequest/xmlhttprequest-access-self-as-file.html [deleted file]
LayoutTests/fast/xmlhttprequest/xmlhttprequest-nonexistent-file-expected.txt
LayoutTests/platform/ios/fast/xmlhttprequest/xmlhttprequest-nonexistent-file-expected.txt
LayoutTests/platform/wk2/TestExpectations
Source/WebCore/ChangeLog
Source/WebCore/loader/DocumentThreadableLoader.cpp
Source/WebCore/page/SecurityOrigin.cpp
Source/WebCore/page/SecurityOrigin.h

index 62ef0f0..983cf51 100644 (file)
@@ -1,5 +1,18 @@
 2017-10-26  Ryan Haddad  <ryanhaddad@apple.com>
 
+        Unreviewed, rolling out r224019.
+
+        This change caused API test WebKit.MSEIsPlayingAudio to time
+        out.
+
+        Reverted changeset:
+
+        "XMLHttpRequest should not treat file URLs as same origin"
+        https://bugs.webkit.org/show_bug.cgi?id=178565
+        https://trac.webkit.org/changeset/224019
+
+2017-10-26  Ryan Haddad  <ryanhaddad@apple.com>
+
         Unreviewed, rolling out r223994.
 
         The LayoutTest for this change is failing.
diff --git a/LayoutTests/fast/xmlhttprequest/resources/xmlhttprequest-access-self-as-blob-real.html b/LayoutTests/fast/xmlhttprequest/resources/xmlhttprequest-access-self-as-blob-real.html
deleted file mode 100644 (file)
index b066bdb..0000000
+++ /dev/null
@@ -1,41 +0,0 @@
-<!DOCTYPE html>
-<html>
-<head>
-<script src="../../../resources/js-test-pre.js"></script>
-</head>
-<body>
-<div id="console"/>
-<script>
-description("We're checking we can't read from a file-origin Blob.");
-
-window.addEventListener('message', function(event) {
-    testPassed('Got the BURL message data');
-    if ("BURL" in event.data)
-        runTest(event.data.BURL);
-});
-
-testPassed('Added a message handler.');
-
-function runTest(fileBlob) {
-    testPassed('Executing Blob URL test.');
-
-    var xhr = new XMLHttpRequest();
-    try {
-        xhr.open("GET", fileBlob, false);
-        xhr.send("");
-    } catch (e) {
-        testFailed("Exception: " + e.message);
-    }
-
-    debug("Response length: " + xhr.responseText.length);
-    if (xhr.responseText == "")
-        testPassed('Access was not permitted.');
-    else
-        testFailed('We should not have gotten a response.');
-
-    window.parent.postMessage('done', '*');
-}
-</script>
-<script src="../../../resources/js-test-post.js"></script>
-</body>
-</html>
\ No newline at end of file
diff --git a/LayoutTests/fast/xmlhttprequest/resources/xmlhttprequest-access-self-as-file-real.html b/LayoutTests/fast/xmlhttprequest/resources/xmlhttprequest-access-self-as-file-real.html
deleted file mode 100644 (file)
index ff424d2..0000000
+++ /dev/null
@@ -1,39 +0,0 @@
-<!DOCTYPE html>
-<html>
-<head>
-<script>
-if (window.testRunner)
-    testRunner.waitUntilDone();
-
-function log(message)
-{
-    var console = document.getElementById('console');
-    console.appendChild(document.createTextNode(message));
-    console.appendChild(document.createElement('br'));
-}
-
-function runTest() {
-    var xhr = new XMLHttpRequest();
-    try {
-        xhr.open("GET", "", false);
-        xhr.send("");
-    } catch (e) {
-        log("Exception: " + e.message);
-    }
-
-    log("Response length: " + xhr.responseText.length);
-    if (xhr.responseText == "")
-        log('PASSED: Access was not permitted.');
-    else
-        log('FAILED: We should not have gotten a response.');
-
-    if (window.testRunner)
-        testRunner.notifyDone();
-}
-</script>
-</head>
-<body onload="runTest()">
-    <p> We're checking we can't read the current file. </p>
-    <div id="console"/>
-</body>
-</html>
\ No newline at end of file
diff --git a/LayoutTests/fast/xmlhttprequest/xmlhttprequest-access-self-as-blob-expected.txt b/LayoutTests/fast/xmlhttprequest/xmlhttprequest-access-self-as-blob-expected.txt
deleted file mode 100644 (file)
index 5266484..0000000
+++ /dev/null
@@ -1,40 +0,0 @@
-CONSOLE MESSAGE: line 25: XMLHttpRequest cannot load [object%20File]. Cross origin requests are only supported for HTTP.
-
-Tests that you cannot XHR to the current file as a file-origin Blob.
-
-On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".
-
-
-Got files: resources/xmlhttprequest-access-self-as-blob-real.html
-PASS Moved to center of file input.
-PASS Drag event received.
-PASS Generated file-origin blob successfully.
-PASS Sent Blob URL to frame.
-PASS Recvied message
-PASS successfullyParsed is true
-
-TEST COMPLETE
-
-
---------
-Frame: '<!--framePath //<!--frame0-->-->'
---------
-We're checking we can't read from a file-origin Blob.
-
-On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".
-
-
-
-PASS Added a message handler.
-
-PASS successfullyParsed is true
-
-TEST COMPLETE
-
-
-PASS Got the BURL message data
-PASS Executing Blob URL test.
-FAIL Exception:  A network error occurred.
-Response length: 0
-PASS Access was not permitted.
-
diff --git a/LayoutTests/fast/xmlhttprequest/xmlhttprequest-access-self-as-blob.html b/LayoutTests/fast/xmlhttprequest/xmlhttprequest-access-self-as-blob.html
deleted file mode 100644 (file)
index c3dfd26..0000000
+++ /dev/null
@@ -1,64 +0,0 @@
-<!DOCTYPE html>
-<html>
-<head>
-<script src="../../resources/js-test-pre.js"></script>
-</head>
-<body>
-<input type="file" id="singleFile" name="upfile" onchange="onFileChanged()" />
-<div id="console"></div>
-<script>
-description("Tests that you cannot XHR to the current file as a file-origin Blob.");
-
-window.jsTestIsAsync = true;
-
-const sourcePath = "resources/xmlhttprequest-access-self-as-blob-real.html";
-var fileUrl;
-
-window.addEventListener('message', function(event) {
-    testPassed('Recvied message');
-    if (event.data === 'done')
-        finishJSTest();
-});
-
-if (window.testRunner) {
-    testRunner.dumpAsText();
-    testRunner.dumpChildFramesAsText();
-    testRunner.setAllowUniversalAccessFromFileURLs(false);
-
-    var singleFileInput = document.getElementById("singleFile");
-    dragFilesOntoInput(singleFileInput, [sourcePath]);
-}
-
-function onFileChanged() {
-    testPassed("Drag event received.");
-    var file = document.getElementById("singleFile").files[0];
-    testPassed("Generated file-origin blob successfully.");
-
-    var frameTarget = document.createElement('iframe');
-    frameTarget.src = sourcePath;
-    document.body.appendChild(frameTarget);
-
-    setTimeout(function() {
-        window.frames[0].postMessage( { BURL: file }, '*');
-        testPassed('Sent Blob URL to frame.');
-    }, 0);
-}
-
-function moveMouseToCenterOfElement(element)
-{
-    var centerX = element.offsetLeft + element.offsetWidth / 2;
-    var centerY = element.offsetTop + element.offsetHeight / 2;
-    eventSender.mouseMoveTo(centerX, centerY);
-    testPassed("Moved to center of file input.");
-}
-
-function dragFilesOntoInput(input, files) {
-    debug("Got files: " + files);
-    eventSender.beginDragWithFiles(files);
-    moveMouseToCenterOfElement(input);
-    eventSender.mouseUp();
-}
-</script>
-<script src="../../resources/js-test-post.js"></script>
-</body>
-</html>
diff --git a/LayoutTests/fast/xmlhttprequest/xmlhttprequest-access-self-as-file-expected.txt b/LayoutTests/fast/xmlhttprequest/xmlhttprequest-access-self-as-file-expected.txt
deleted file mode 100644 (file)
index 3371c2f..0000000
+++ /dev/null
@@ -1,20 +0,0 @@
-CONSOLE MESSAGE: line 19: XMLHttpRequest cannot load xmlhttprequest-access-self-as-file-real.html. Cross origin requests are only supported for HTTP.
-Tests that you cannot XHR to the current file URL.
-
-On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".
-
-
-PASS successfullyParsed is true
-
-TEST COMPLETE
-
-
---------
-Frame: '<!--framePath //<!--frame0-->-->'
---------
-We're checking we can't read the current file.
-
-Exception: A network error occurred.
-Response length: 0
-PASSED: Access was not permitted.
-
diff --git a/LayoutTests/fast/xmlhttprequest/xmlhttprequest-access-self-as-file.html b/LayoutTests/fast/xmlhttprequest/xmlhttprequest-access-self-as-file.html
deleted file mode 100644 (file)
index 022a590..0000000
+++ /dev/null
@@ -1,18 +0,0 @@
-<!DOCTYPE html>
-<html>
-<head>
-<script src="../../resources/js-test.js"></script>
-<script>
-description("Tests that you cannot XHR to the current file URL.");
-
-if (window.testRunner) {
-    testRunner.dumpAsText();
-    testRunner.dumpChildFramesAsText();
-    testRunner.setAllowUniversalAccessFromFileURLs(false);
-}
-</script>
-</head>
-<body>
-<iframe src="resources/xmlhttprequest-access-self-as-file-real.html"></iframe>
-</body>
-</html>
index e3b0913..ec7ecfb 100644 (file)
@@ -1,5 +1,5 @@
-CONSOLE MESSAGE: line 64: XMLHttpRequest cannot load nonexistent.html. Cross origin requests are only supported for HTTP.
-CONSOLE MESSAGE: line 42: XMLHttpRequest cannot load . Cross origin requests are only supported for HTTP.
+CONSOLE MESSAGE: line 64: Not allowed to load local resource: nonexistent.html
+CONSOLE MESSAGE: line 64: XMLHttpRequest cannot load nonexistent.html. Not allowed to request resource
 
 Bug 22475: REGRESSION: Async XMLHttpRequest never finishes on nonexistent files anymore
 
@@ -13,5 +13,4 @@ Error handler: readyState = 4
 Doing an XHR to a directory.
 ReadyState handler: readyState = 1
 ReadyState handler: readyState = 4
-Error handler: readyState = 4
 
index e3b0913..4758c99 100644 (file)
@@ -1,5 +1,3 @@
-CONSOLE MESSAGE: line 64: XMLHttpRequest cannot load nonexistent.html. Cross origin requests are only supported for HTTP.
-CONSOLE MESSAGE: line 42: XMLHttpRequest cannot load . Cross origin requests are only supported for HTTP.
 
 Bug 22475: REGRESSION: Async XMLHttpRequest never finishes on nonexistent files anymore
 
@@ -13,5 +11,4 @@ Error handler: readyState = 4
 Doing an XHR to a directory.
 ReadyState handler: readyState = 1
 ReadyState handler: readyState = 4
-Error handler: readyState = 4
 
index 5c53775..402f73a 100644 (file)
@@ -196,7 +196,6 @@ fast/events/moving-text-should-fire-drop-and-dragend-events.html
 fast/events/moving-text-should-fire-drop-and-dragend-events-2.html
 fast/events/ondrop-text-html.html
 editing/pasteboard/drag-drop-url-with-style.html
-fast/xmlhttprequest/xmlhttprequest-access-self-as-blob.html
 
 # WTR needs an implementation for eventSender.continuousMouseScrollBy
 # https://bugs.webkit.org/show_bug.cgi?id=69417
index 671bc71..61141f3 100644 (file)
@@ -1,5 +1,18 @@
 2017-10-26  Ryan Haddad  <ryanhaddad@apple.com>
 
+        Unreviewed, rolling out r224019.
+
+        This change caused API test WebKit.MSEIsPlayingAudio to time
+        out.
+
+        Reverted changeset:
+
+        "XMLHttpRequest should not treat file URLs as same origin"
+        https://bugs.webkit.org/show_bug.cgi?id=178565
+        https://trac.webkit.org/changeset/224019
+
+2017-10-26  Ryan Haddad  <ryanhaddad@apple.com>
+
         Unreviewed, rolling out r223994.
 
         The LayoutTest for this change is failing.
index 46e1e8f..4b48f51 100644 (file)
@@ -94,7 +94,7 @@ DocumentThreadableLoader::DocumentThreadableLoader(Document& document, Threadabl
     , m_options(options)
     , m_origin(WTFMove(origin))
     , m_referrer(WTFMove(referrer))
-    , m_sameOriginRequest(securityOrigin().requestIsSameOrigin(request))
+    , m_sameOriginRequest(securityOrigin().canRequest(request.url()))
     , m_simpleRequest(true)
     , m_async(blockingBehavior == LoadAsynchronously)
     , m_delayCallbacksForIntegrityCheck(!m_options.integrity.isEmpty())
index e66c1c1..3bd18bc 100644 (file)
@@ -31,7 +31,6 @@
 
 #include "BlobURL.h"
 #include "FileSystem.h"
-#include "ResourceRequest.h"
 #include "URL.h"
 #include "SchemeRegistry.h"
 #include "SecurityPolicy.h"
@@ -317,27 +316,6 @@ bool SecurityOrigin::canRequest(const URL& url) const
     return false;
 }
 
-bool SecurityOrigin::requestIsSameOrigin(const ResourceRequest& request)
-{
-    if (m_universalAccess)
-        return true;
-
-    if (!canRequest(request.url()))
-        return false;
-
-    if (request.requester() != ResourceRequest::Requester::XHR)
-        return true;
-
-    // XHR to a file URL should never be treated as same-origin.
-    if (request.url().protocolIs("file"))
-        return false;
-
-    if (auto blobOrigin = getCachedOrigin(request.url()))
-        return blobOrigin->protocol() != "file";
-
-    return true;
-}
-
 bool SecurityOrigin::canReceiveDragData(const SecurityOrigin& dragInitiator) const
 {
     if (this == &dragInitiator)
index 947f0d7..ee10b7e 100644 (file)
@@ -33,7 +33,6 @@
 
 namespace WebCore {
 
-class ResourceRequest;
 class URL;
 
 class SecurityOrigin : public ThreadSafeRefCounted<SecurityOrigin> {
@@ -150,8 +149,6 @@ public:
     bool canRequestGeolocation() const { return !isUnique(); }
     Policy canShowNotifications() const;
 
-    bool requestIsSameOrigin(const ResourceRequest&);
-
     // The local SecurityOrigin is the most privileged SecurityOrigin.
     // The local SecurityOrigin can script any document, navigate to local
     // resources, and can set arbitrary headers on XMLHttpRequests.