WebKit GIT trees - WebKit-https.git/commit

Cross origin Beacon requests with a ArrayBuffer / ArrayBufferView payload should not do a CORS preflight
https://bugs.webkit.org/show_bug.cgi?id=175628
<rdar://problem/33919278>

Reviewed by Geoffrey Garen.

LayoutTests/imported/w3c:

Rebaseline a few web-platform-tests due to revert of r220779.

* web-platform-tests/beacon/headers/header-content-type-expected.txt:
* web-platform-tests/fetch/api/basic/request-headers.any-expected.txt:
* web-platform-tests/fetch/api/basic/request-headers.any.worker-expected.txt:

Source/WebCore:

Cross origin Beacon requests with a ArrayBuffer / ArrayBufferView payload should not do a CORS preflight.
To achieve this, the following changes were made:
1. Revert r220779 which caused us to use a non CORS-safelisted Content-Type header for such payload
2. Teach PingLoad how to deal with "simple" cross origin requests (i.e. Don't assume we need a CORS
preflight merely because the fetch mode is set to "cors").

Test: http/wpt/beacon/cors/crossorigin-arraybufferview-no-preflight.html

* Modules/fetch/FetchBody.cpp:
(WebCore::FetchBody::extract):
* loader/CrossOriginAccessControl.h:
* loader/LoaderStrategy.h:
* loader/PingLoader.cpp:
(WebCore::PingLoader::loadImage):
(WebCore::PingLoader::sendPing):
(WebCore::PingLoader::sendViolationReport):
(WebCore::PingLoader::startPingLoad):
* loader/PingLoader.h:
* loader/cache/CachedResource.cpp:
(WebCore::CachedResource::CachedResource):
(WebCore::CachedResource::load):
* loader/cache/CachedResource.h:
* loader/cache/CachedResourceRequest.cpp:
(WebCore::CachedResourceRequest::CachedResourceRequest):
* loader/cache/CachedResourceRequest.h:
(WebCore::CachedResourceRequest::releaseOriginalRequestHeaders):
* platform/network/HTTPHeaderValues.cpp:
* platform/network/HTTPHeaderValues.h:

Source/WebKit:

Cross origin Beacon requests with a ArrayBuffer / ArrayBufferView payload should not do a CORS preflight.
To achieve this, the following changes were made:
1. Revert r220779 which caused us to use a non CORS-safelisted Content-Type header for such payload
2. Teach PingLoad how to deal with "simple" cross origin requests (i.e. Don't assume we need a CORS
preflight merely because the fetch mode is set to "cors").

* NetworkProcess/NetworkCORSPreflightChecker.cpp:
(WebKit::NetworkCORSPreflightChecker::startPreflight):
* NetworkProcess/NetworkResourceLoadParameters.cpp:
(WebKit::NetworkResourceLoadParameters::encode const):
(WebKit::NetworkResourceLoadParameters::decode):
* NetworkProcess/NetworkResourceLoadParameters.h:
* NetworkProcess/PingLoad.cpp:
(WebKit::PingLoad::PingLoad):
(WebKit::PingLoad::loadRequest):
(WebKit::PingLoad::originalRequestHeaders const):
(WebKit::PingLoad::willPerformHTTPRedirection):
(WebKit::PingLoad::isAllowedRedirect const):
(WebKit::PingLoad::makeCrossOriginAccessRequest):
(WebKit::PingLoad::makeSimpleCrossOriginAccessRequest):
(WebKit::PingLoad::makeCrossOriginAccessRequestWithPreflight):
(WebKit::PingLoad::preflightSuccess):
* NetworkProcess/PingLoad.h:
* WebProcess/Network/WebLoaderStrategy.cpp:
(WebKit::WebLoaderStrategy::createPingHandle):
* WebProcess/Network/WebLoaderStrategy.h:

Source/WebKitLegacy:

* WebCoreSupport/WebResourceLoadScheduler.cpp:
(WebResourceLoadScheduler::createPingHandle):
* WebCoreSupport/WebResourceLoadScheduler.h:

LayoutTests:

* http/tests/blink/sendbeacon/beacon-same-origin-expected.txt:
* http/wpt/fetch/fetch-request-arraybuffer-content-type-expected.txt:
* http/wpt/fetch/fetch-request-arraybuffer-content-type.html:
Rebaseline test due to revert of r220779.

* http/wpt/beacon/cors/cors-preflight-arraybufferview-failure-expected.txt: Removed.
* http/wpt/beacon/cors/cors-preflight-arraybufferview-failure.html: Removed.
Drop outdated test. CORS preflight failure is still covered by the corresponding Blob payload test.

* http/wpt/beacon/cors/cors-preflight-arraybufferview-success-expected.txt: Removed.
* http/wpt/beacon/cors/cors-preflight-arraybufferview-success.html: Removed.
* http/wpt/beacon/cors/crossorigin-arraybufferview-no-preflight-expected.txt: Added.
* http/wpt/beacon/cors/crossorigin-arraybufferview-no-preflight.html: Added.
Rename and update test so that it checks that we no longer do a CORS preflight for cross origin
beacons that have an ArrayBuffer payload.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@220817 268f45cc-cd09-0410-ab3c-d52691b4dbfc

author	cdumez@apple.com <cdumez@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
	Thu, 17 Aug 2017 00:28:25 +0000 (00:28 +0000)
committer	cdumez@apple.com <cdumez@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
	Thu, 17 Aug 2017 00:28:25 +0000 (00:28 +0000)
commit	e83433a30b440170e9d3b86cbd93e1eecbe3694a
tree	c9b2a45e61d8a8dfe08cf7af229996f5bdaa4987	tree \| snapshot
parent	fe4347e7089885e8ed7bf4006d3fd8e5d4e344bb	commit \| diff

LayoutTests/ChangeLog		diff \| blob \| history
LayoutTests/http/tests/blink/sendbeacon/beacon-same-origin-expected.txt		diff \| blob \| history
LayoutTests/http/wpt/beacon/cors/cors-preflight-arraybufferview-failure-expected.txt	[deleted file]	blob \| history
LayoutTests/http/wpt/beacon/cors/cors-preflight-arraybufferview-failure.html	[deleted file]	blob \| history
LayoutTests/http/wpt/beacon/cors/cors-preflight-arraybufferview-success-expected.txt	[deleted file]	blob \| history
LayoutTests/http/wpt/beacon/cors/crossorigin-arraybufferview-no-preflight-expected.txt	[new file with mode: 0644]	blob
LayoutTests/http/wpt/beacon/cors/crossorigin-arraybufferview-no-preflight.html	[moved from LayoutTests/http/wpt/beacon/cors/cors-preflight-arraybufferview-success.html with 68% similarity]	diff \| blob \| history
LayoutTests/http/wpt/fetch/fetch-request-arraybuffer-content-type-expected.txt		diff \| blob \| history
LayoutTests/http/wpt/fetch/fetch-request-arraybuffer-content-type.html		diff \| blob \| history
LayoutTests/imported/w3c/ChangeLog		diff \| blob \| history
LayoutTests/imported/w3c/web-platform-tests/beacon/headers/header-content-type-expected.txt		diff \| blob \| history
LayoutTests/imported/w3c/web-platform-tests/fetch/api/basic/request-headers.any-expected.txt		diff \| blob \| history
LayoutTests/imported/w3c/web-platform-tests/fetch/api/basic/request-headers.any.worker-expected.txt		diff \| blob \| history
Source/WebCore/ChangeLog		diff \| blob \| history
Source/WebCore/Modules/fetch/FetchBody.cpp		diff \| blob \| history
Source/WebCore/loader/CrossOriginAccessControl.h		diff \| blob \| history
Source/WebCore/loader/LoaderStrategy.h		diff \| blob \| history
Source/WebCore/loader/PingLoader.cpp		diff \| blob \| history
Source/WebCore/loader/PingLoader.h		diff \| blob \| history
Source/WebCore/loader/cache/CachedResource.cpp		diff \| blob \| history
Source/WebCore/loader/cache/CachedResource.h		diff \| blob \| history
Source/WebCore/loader/cache/CachedResourceRequest.cpp		diff \| blob \| history
Source/WebCore/loader/cache/CachedResourceRequest.h		diff \| blob \| history
Source/WebCore/platform/network/HTTPHeaderValues.cpp		diff \| blob \| history
Source/WebCore/platform/network/HTTPHeaderValues.h		diff \| blob \| history
Source/WebKit/ChangeLog		diff \| blob \| history
Source/WebKit/NetworkProcess/NetworkCORSPreflightChecker.cpp		diff \| blob \| history
Source/WebKit/NetworkProcess/NetworkResourceLoadParameters.cpp		diff \| blob \| history
Source/WebKit/NetworkProcess/NetworkResourceLoadParameters.h		diff \| blob \| history
Source/WebKit/NetworkProcess/PingLoad.cpp		diff \| blob \| history
Source/WebKit/NetworkProcess/PingLoad.h		diff \| blob \| history
Source/WebKit/WebProcess/Network/WebLoaderStrategy.cpp		diff \| blob \| history
Source/WebKit/WebProcess/Network/WebLoaderStrategy.h		diff \| blob \| history
Source/WebKitLegacy/ChangeLog		diff \| blob \| history
Source/WebKitLegacy/WebCoreSupport/WebResourceLoadScheduler.cpp		diff \| blob \| history
Source/WebKitLegacy/WebCoreSupport/WebResourceLoadScheduler.h		diff \| blob \| history