Add sanity check for source origin in WebLoaderStrategy::startPingLoad()
authorcdumez@apple.com <cdumez@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Tue, 22 Aug 2017 18:16:39 +0000 (18:16 +0000)
committercdumez@apple.com <cdumez@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Tue, 22 Aug 2017 18:16:39 +0000 (18:16 +0000)
https://bugs.webkit.org/show_bug.cgi?id=175827

Reviewed by Geoffrey Garen.

* WebProcess/Network/WebLoaderStrategy.cpp:
(WebKit::WebLoaderStrategy::startPingLoad):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@221027 268f45cc-cd09-0410-ab3c-d52691b4dbfc

Source/WebKit/ChangeLog
Source/WebKit/WebProcess/Network/WebLoaderStrategy.cpp

index 42ec101..00b82e5 100644 (file)
@@ -1,3 +1,13 @@
+2017-08-22  Chris Dumez  <cdumez@apple.com>
+
+        Add sanity check for source origin in WebLoaderStrategy::startPingLoad()
+        https://bugs.webkit.org/show_bug.cgi?id=175827
+
+        Reviewed by Geoffrey Garen.
+
+        * WebProcess/Network/WebLoaderStrategy.cpp:
+        (WebKit::WebLoaderStrategy::startPingLoad):
+
 2017-08-22  Alex Christensen  <achristensen@webkit.org>
 
         Add UIDelegatePrivate SPI corresponding to WKPageUIClient.showPage
index 1f0a213..5b0cc18 100644 (file)
@@ -425,13 +425,14 @@ void WebLoaderStrategy::startPingLoad(Frame& frame, ResourceRequest& request, co
     loadParameters.identifier = generatePingLoadIdentifier();
     loadParameters.request = request;
     loadParameters.sourceOrigin = &document->securityOrigin();
+    ASSERT(loadParameters.request.httpHeaderField(HTTPHeaderName::Origin).isNull() || loadParameters.request.httpHeaderField(HTTPHeaderName::Origin) == loadParameters.sourceOrigin->toString());
     loadParameters.sessionID = webPage ? webPage->sessionID() : PAL::SessionID::defaultSessionID();
     loadParameters.allowStoredCredentials = options.credentials == FetchOptions::Credentials::Omit ? DoNotAllowStoredCredentials : AllowStoredCredentials;
     loadParameters.mode = options.mode;
     loadParameters.shouldFollowRedirects = options.redirect == FetchOptions::Redirect::Follow;
     loadParameters.shouldClearReferrerOnHTTPSToHTTPRedirect = networkingContext->shouldClearReferrerOnHTTPSToHTTPRedirect();
     if (!document->shouldBypassMainWorldContentSecurityPolicy()) {
-        if (auto * contentSecurityPolicy = document->contentSecurityPolicy())
+        if (auto* contentSecurityPolicy = document->contentSecurityPolicy())
             loadParameters.cspResponseHeaders = contentSecurityPolicy->responseHeaders();
     }