https://bugs.webkit.org/show_bug.cgi?id=175076
<rdar://problem/
33704752>
Reviewed by Alexey Proskuryakov.
LayoutTests/imported/w3c:
Rebaseline tests that are now passing.
* web-platform-tests/fetch/api/cors/cors-basic.any-expected.txt:
* web-platform-tests/fetch/api/cors/cors-basic.any.worker-expected.txt:
* web-platform-tests/fetch/api/cors/cors-no-preflight.any-expected.txt:
* web-platform-tests/fetch/api/cors/cors-origin.any-expected.txt:
* web-platform-tests/fetch/api/cors/cors-origin.any.worker-expected.txt:
Source/WebKit:
* NetworkProcess/NetworkLoad.cpp:
(WebKit::NetworkLoad::completeAuthenticationChallenge):
In the NETWORK_SESSION code path, we did not ask the client about server trust evaluation
when the clientCredentialPolicy was CannotAskClientForCredentials. This is because the
same delegate is used for HTTP authentication and server trust evaluation in the
NETWORK_SESSION code path. To align both code paths, we now ask the client about server
trust evaluation even if the policy CannotAskClientForCredentials. This allows WKTR
to trust certificates for localhost / 127.0.0.1 unconditionally and consistently.
LayoutTests:
* platform/ios-wk2/imported/w3c/web-platform-tests/fetch/api/basic/mode-no-cors-expected.txt: Removed.
* platform/ios-wk2/imported/w3c/web-platform-tests/fetch/api/basic/mode-no-cors-worker-expected.txt: Removed.
* platform/mac-wk1/imported/w3c/web-platform-tests/fetch/api/cors/cors-basic.any-expected.txt: Removed.
* platform/mac-wk1/imported/w3c/web-platform-tests/fetch/api/cors/cors-basic.any.worker-expected.txt: Removed.
* platform/mac-wk1/imported/w3c/web-platform-tests/fetch/api/cors/cors-no-preflight.any-expected.txt: Removed.
* platform/mac-wk1/imported/w3c/web-platform-tests/fetch/api/cors/cors-origin.any-expected.txt: Removed.
* platform/mac-wk1/imported/w3c/web-platform-tests/fetch/api/cors/cors-origin.any.worker-expected.txt: Removed.
* platform/mac-wk2/imported/w3c/web-platform-tests/fetch/api/basic/mode-no-cors-expected.txt: Removed.
* platform/mac-wk2/imported/w3c/web-platform-tests/fetch/api/basic/mode-no-cors-worker-expected.txt: Removed.
Drop platform-specific expectations as those tests are now passing everywhere.
* platform/wk2/TestExpectations:
Unskip tests that are now passing.
git-svn-id: https://svn.webkit.org/repository/webkit/trunk@220245
268f45cc-cd09-0410-ab3c-
d52691b4dbfc
+2017-08-03 Chris Dumez <cdumez@apple.com>
+
+ Multiple Layout tests from web-platform-tests/beacon/ are timing out.
+ https://bugs.webkit.org/show_bug.cgi?id=175076
+ <rdar://problem/33704752>
+
+ Reviewed by Alexey Proskuryakov.
+
+ * platform/ios-wk2/imported/w3c/web-platform-tests/fetch/api/basic/mode-no-cors-expected.txt: Removed.
+ * platform/ios-wk2/imported/w3c/web-platform-tests/fetch/api/basic/mode-no-cors-worker-expected.txt: Removed.
+ * platform/mac-wk1/imported/w3c/web-platform-tests/fetch/api/cors/cors-basic.any-expected.txt: Removed.
+ * platform/mac-wk1/imported/w3c/web-platform-tests/fetch/api/cors/cors-basic.any.worker-expected.txt: Removed.
+ * platform/mac-wk1/imported/w3c/web-platform-tests/fetch/api/cors/cors-no-preflight.any-expected.txt: Removed.
+ * platform/mac-wk1/imported/w3c/web-platform-tests/fetch/api/cors/cors-origin.any-expected.txt: Removed.
+ * platform/mac-wk1/imported/w3c/web-platform-tests/fetch/api/cors/cors-origin.any.worker-expected.txt: Removed.
+ * platform/mac-wk2/imported/w3c/web-platform-tests/fetch/api/basic/mode-no-cors-expected.txt: Removed.
+ * platform/mac-wk2/imported/w3c/web-platform-tests/fetch/api/basic/mode-no-cors-worker-expected.txt: Removed.
+ Drop platform-specific expectations as those tests are now passing everywhere.
+
+ * platform/wk2/TestExpectations:
+ Unskip tests that are now passing.
+
2017-08-03 Matt Baker <mattbaker@apple.com>
Web Inspector: Instrument WebGLProgram created/deleted
+2017-08-03 Chris Dumez <cdumez@apple.com>
+
+ Multiple Layout tests from web-platform-tests/beacon/ are timing out.
+ https://bugs.webkit.org/show_bug.cgi?id=175076
+ <rdar://problem/33704752>
+
+ Reviewed by Alexey Proskuryakov.
+
+ Rebaseline tests that are now passing.
+
+ * web-platform-tests/fetch/api/cors/cors-basic.any-expected.txt:
+ * web-platform-tests/fetch/api/cors/cors-basic.any.worker-expected.txt:
+ * web-platform-tests/fetch/api/cors/cors-no-preflight.any-expected.txt:
+ * web-platform-tests/fetch/api/cors/cors-origin.any-expected.txt:
+ * web-platform-tests/fetch/api/cors/cors-origin.any.worker-expected.txt:
+
2017-08-03 Youenn Fablet <youenn@apple.com>
[Fetch API] Add support for Request keepalive getter
CONSOLE MESSAGE: Origin http://localhost:8800 is not allowed by Access-Control-Allow-Origin.
CONSOLE MESSAGE: Fetch API cannot load http://localhost:8801/fetch/api/resources/top.txt. Origin http://localhost:8800 is not allowed by Access-Control-Allow-Origin.
CONSOLE MESSAGE: Origin http://localhost:8800 is not allowed by Access-Control-Allow-Origin.
+CONSOLE MESSAGE: Fetch API cannot load https://localhost:9443/fetch/api/resources/top.txt. Origin http://localhost:8800 is not allowed by Access-Control-Allow-Origin.
+CONSOLE MESSAGE: Origin http://localhost:8800 is not allowed by Access-Control-Allow-Origin.
CONSOLE MESSAGE: Fetch API cannot load http://127.0.0.1:8800/fetch/api/resources/top.txt. Origin http://localhost:8800 is not allowed by Access-Control-Allow-Origin.
CONSOLE MESSAGE: Origin http://localhost:8800 is not allowed by Access-Control-Allow-Origin.
CONSOLE MESSAGE: Fetch API cannot load http://127.0.0.1:8801/fetch/api/resources/top.txt. Origin http://localhost:8800 is not allowed by Access-Control-Allow-Origin.
+CONSOLE MESSAGE: Origin http://localhost:8800 is not allowed by Access-Control-Allow-Origin.
+CONSOLE MESSAGE: Fetch API cannot load https://127.0.0.1:9443/fetch/api/resources/top.txt. Origin http://localhost:8800 is not allowed by Access-Control-Allow-Origin.
PASS Same domain different port [no-cors mode]
PASS Same domain different port [server forbid CORS]
PASS Same domain different port [cors mode]
-FAIL Same domain different protocol different port [no-cors mode] promise_test: Unhandled rejection with value: object "TypeError: Type error"
+PASS Same domain different protocol different port [no-cors mode]
PASS Same domain different protocol different port [server forbid CORS]
-FAIL Same domain different protocol different port [cors mode] promise_test: Unhandled rejection with value: object "TypeError: Type error"
+PASS Same domain different protocol different port [cors mode]
PASS Cross domain basic usage [no-cors mode]
PASS Cross domain basic usage [server forbid CORS]
PASS Cross domain basic usage [cors mode]
PASS Cross domain different port [no-cors mode]
PASS Cross domain different port [server forbid CORS]
PASS Cross domain different port [cors mode]
-FAIL Cross domain different protocol [no-cors mode] promise_test: Unhandled rejection with value: object "TypeError: Type error"
+PASS Cross domain different protocol [no-cors mode]
PASS Cross domain different protocol [server forbid CORS]
-FAIL Cross domain different protocol [cors mode] promise_test: Unhandled rejection with value: object "TypeError: Type error"
+PASS Cross domain different protocol [cors mode]
CONSOLE MESSAGE: Origin http://localhost:8800 is not allowed by Access-Control-Allow-Origin.
CONSOLE MESSAGE: Origin http://localhost:8800 is not allowed by Access-Control-Allow-Origin.
CONSOLE MESSAGE: Origin http://localhost:8800 is not allowed by Access-Control-Allow-Origin.
+CONSOLE MESSAGE: Origin http://localhost:8800 is not allowed by Access-Control-Allow-Origin.
+CONSOLE MESSAGE: Origin http://localhost:8800 is not allowed by Access-Control-Allow-Origin.
PASS Same domain different port [no-cors mode]
PASS Same domain different port [server forbid CORS]
PASS Same domain different port [cors mode]
-FAIL Same domain different protocol different port [no-cors mode] promise_test: Unhandled rejection with value: object "TypeError: Type error"
+PASS Same domain different protocol different port [no-cors mode]
PASS Same domain different protocol different port [server forbid CORS]
-FAIL Same domain different protocol different port [cors mode] promise_test: Unhandled rejection with value: object "TypeError: Type error"
+PASS Same domain different protocol different port [cors mode]
PASS Cross domain basic usage [no-cors mode]
PASS Cross domain basic usage [server forbid CORS]
PASS Cross domain basic usage [cors mode]
PASS Cross domain different port [no-cors mode]
PASS Cross domain different port [server forbid CORS]
PASS Cross domain different port [cors mode]
-FAIL Cross domain different protocol [no-cors mode] promise_test: Unhandled rejection with value: object "TypeError: Type error"
+PASS Cross domain different protocol [no-cors mode]
PASS Cross domain different protocol [server forbid CORS]
-FAIL Cross domain different protocol [cors mode] promise_test: Unhandled rejection with value: object "TypeError: Type error"
+PASS Cross domain different protocol [cors mode]
PASS Cross domain basic usage [GET]
PASS Same domain different port [GET]
PASS Cross domain different port [GET]
-FAIL Cross domain different protocol [GET] promise_test: Unhandled rejection with value: object "TypeError: Type error"
-FAIL Same domain different protocol different port [GET] promise_test: Unhandled rejection with value: object "TypeError: Type error"
+PASS Cross domain different protocol [GET]
+PASS Same domain different protocol different port [GET]
PASS Cross domain [POST]
PASS Cross domain [HEAD]
PASS Cross domain [GET] [Accept: */*]
PASS Cross domain basic usage [GET]
PASS Same domain different port [GET]
PASS Cross domain different port [GET]
-FAIL Cross domain different protocol [GET] promise_test: Unhandled rejection with value: object "TypeError: Type error"
-FAIL Same domain different protocol different port [GET] promise_test: Unhandled rejection with value: object "TypeError: Type error"
+PASS Cross domain different protocol [GET]
+PASS Same domain different protocol different port [GET]
PASS Cross domain [POST]
PASS Cross domain [HEAD]
PASS Cross domain [GET] [Accept: */*]
PASS Same domain different port [origin KO]
PASS Cross domain different port [origin OK]
PASS Cross domain different port [origin KO]
-FAIL Cross domain different protocol [origin OK] promise_test: Unhandled rejection with value: object "TypeError: Type error"
+PASS Cross domain different protocol [origin OK]
PASS Cross domain different protocol [origin KO]
-FAIL Same domain different protocol different port [origin OK] promise_test: Unhandled rejection with value: object "TypeError: Type error"
+PASS Same domain different protocol different port [origin OK]
PASS Same domain different protocol different port [origin KO]
PASS Cross domain [POST] [origin OK]
PASS Cross domain [POST] [origin KO]
CONSOLE MESSAGE: Origin http://localhost:8800 is not allowed by Access-Control-Allow-Origin.
CONSOLE MESSAGE: Origin http://localhost:8800 is not allowed by Access-Control-Allow-Origin.
CONSOLE MESSAGE: Origin http://localhost:8800 is not allowed by Access-Control-Allow-Origin.
+CONSOLE MESSAGE: Origin http://localhost:8800 is not allowed by Access-Control-Allow-Origin.
+CONSOLE MESSAGE: Origin http://localhost:8800 is not allowed by Access-Control-Allow-Origin.
PASS Cross domain different subdomain [origin OK]
PASS Cross domain different subdomain [origin KO]
PASS Same domain different port [origin KO]
PASS Cross domain different port [origin OK]
PASS Cross domain different port [origin KO]
-FAIL Cross domain different protocol [origin OK] promise_test: Unhandled rejection with value: object "TypeError: Type error"
+PASS Cross domain different protocol [origin OK]
PASS Cross domain different protocol [origin KO]
-FAIL Same domain different protocol different port [origin OK] promise_test: Unhandled rejection with value: object "TypeError: Type error"
+PASS Same domain different protocol different port [origin OK]
PASS Same domain different protocol different port [origin KO]
PASS Cross domain [POST] [origin OK]
PASS Cross domain [POST] [origin KO]
+++ /dev/null
-
-PASS Fetch ../resources/top.txt with no-cors mode
-PASS Fetch http://localhost:8800/fetch/api/resources/top.txt with no-cors mode
-FAIL Fetch https://localhost:9443/fetch/api/resources/top.txt with no-cors mode promise_test: Unhandled rejection with value: object "TypeError: Type error"
-PASS Fetch http://localhost:8801/fetch/api/resources/top.txt with no-cors mode
-
+++ /dev/null
-
-PASS Fetch ../resources/top.txt with no-cors mode
-PASS Fetch http://localhost:8800/fetch/api/resources/top.txt with no-cors mode
-FAIL Fetch https://localhost:9443/fetch/api/resources/top.txt with no-cors mode promise_test: Unhandled rejection with value: object "TypeError: Type error"
-PASS Fetch http://localhost:8801/fetch/api/resources/top.txt with no-cors mode
-
+++ /dev/null
-CONSOLE MESSAGE: Origin http://localhost:8800 is not allowed by Access-Control-Allow-Origin.
-CONSOLE MESSAGE: Fetch API cannot load http://localhost:8801/fetch/api/resources/top.txt. Origin http://localhost:8800 is not allowed by Access-Control-Allow-Origin.
-CONSOLE MESSAGE: Origin http://localhost:8800 is not allowed by Access-Control-Allow-Origin.
-CONSOLE MESSAGE: Fetch API cannot load https://localhost:9443/fetch/api/resources/top.txt. Origin http://localhost:8800 is not allowed by Access-Control-Allow-Origin.
-CONSOLE MESSAGE: Origin http://localhost:8800 is not allowed by Access-Control-Allow-Origin.
-CONSOLE MESSAGE: Fetch API cannot load http://127.0.0.1:8800/fetch/api/resources/top.txt. Origin http://localhost:8800 is not allowed by Access-Control-Allow-Origin.
-CONSOLE MESSAGE: Origin http://localhost:8800 is not allowed by Access-Control-Allow-Origin.
-CONSOLE MESSAGE: Fetch API cannot load http://127.0.0.1:8801/fetch/api/resources/top.txt. Origin http://localhost:8800 is not allowed by Access-Control-Allow-Origin.
-CONSOLE MESSAGE: Origin http://localhost:8800 is not allowed by Access-Control-Allow-Origin.
-CONSOLE MESSAGE: Fetch API cannot load https://127.0.0.1:9443/fetch/api/resources/top.txt. Origin http://localhost:8800 is not allowed by Access-Control-Allow-Origin.
-
-PASS Same domain different port [no-cors mode]
-PASS Same domain different port [server forbid CORS]
-PASS Same domain different port [cors mode]
-PASS Same domain different protocol different port [no-cors mode]
-PASS Same domain different protocol different port [server forbid CORS]
-PASS Same domain different protocol different port [cors mode]
-PASS Cross domain basic usage [no-cors mode]
-PASS Cross domain basic usage [server forbid CORS]
-PASS Cross domain basic usage [cors mode]
-PASS Cross domain different port [no-cors mode]
-PASS Cross domain different port [server forbid CORS]
-PASS Cross domain different port [cors mode]
-PASS Cross domain different protocol [no-cors mode]
-PASS Cross domain different protocol [server forbid CORS]
-PASS Cross domain different protocol [cors mode]
-
+++ /dev/null
-CONSOLE MESSAGE: Origin http://localhost:8800 is not allowed by Access-Control-Allow-Origin.
-CONSOLE MESSAGE: Origin http://localhost:8800 is not allowed by Access-Control-Allow-Origin.
-CONSOLE MESSAGE: Origin http://localhost:8800 is not allowed by Access-Control-Allow-Origin.
-CONSOLE MESSAGE: Origin http://localhost:8800 is not allowed by Access-Control-Allow-Origin.
-CONSOLE MESSAGE: Origin http://localhost:8800 is not allowed by Access-Control-Allow-Origin.
-
-PASS Same domain different port [no-cors mode]
-PASS Same domain different port [server forbid CORS]
-PASS Same domain different port [cors mode]
-PASS Same domain different protocol different port [no-cors mode]
-PASS Same domain different protocol different port [server forbid CORS]
-PASS Same domain different protocol different port [cors mode]
-PASS Cross domain basic usage [no-cors mode]
-PASS Cross domain basic usage [server forbid CORS]
-PASS Cross domain basic usage [cors mode]
-PASS Cross domain different port [no-cors mode]
-PASS Cross domain different port [server forbid CORS]
-PASS Cross domain different port [cors mode]
-PASS Cross domain different protocol [no-cors mode]
-PASS Cross domain different protocol [server forbid CORS]
-PASS Cross domain different protocol [cors mode]
-
+++ /dev/null
-
-PASS Cross domain basic usage [GET]
-PASS Same domain different port [GET]
-PASS Cross domain different port [GET]
-PASS Cross domain different protocol [GET]
-PASS Same domain different protocol different port [GET]
-PASS Cross domain [POST]
-PASS Cross domain [HEAD]
-PASS Cross domain [GET] [Accept: */*]
-PASS Cross domain [GET] [Accept-Language: fr]
-PASS Cross domain [GET] [Content-Language: fr]
-PASS Cross domain [GET] [Content-Type: application/x-www-form-urlencoded]
-PASS Cross domain [GET] [Content-Type: multipart/form-data]
-PASS Cross domain [GET] [Content-Type: text/plain]
-PASS Cross domain [GET] [Content-Type: text/plain;charset=utf-8]
-PASS Cross domain [GET] [Content-Type: Text/Plain;charset=utf-8]
-
+++ /dev/null
-
-PASS Cross domain different subdomain [origin OK]
-PASS Cross domain different subdomain [origin KO]
-PASS Same domain different port [origin OK]
-PASS Same domain different port [origin KO]
-PASS Cross domain different port [origin OK]
-PASS Cross domain different port [origin KO]
-PASS Cross domain different protocol [origin OK]
-PASS Cross domain different protocol [origin KO]
-PASS Same domain different protocol different port [origin OK]
-PASS Same domain different protocol different port [origin KO]
-PASS Cross domain [POST] [origin OK]
-PASS Cross domain [POST] [origin KO]
-PASS Cross domain [HEAD] [origin OK]
-PASS Cross domain [HEAD] [origin KO]
-PASS CORS preflight [PUT] [origin OK]
-PASS CORS preflight [PUT] [origin KO]
-PASS Allowed origin: "" [origin KO]
-
+++ /dev/null
-CONSOLE MESSAGE: Origin http://localhost:8800 is not allowed by Access-Control-Allow-Origin.
-CONSOLE MESSAGE: Origin http://localhost:8800 is not allowed by Access-Control-Allow-Origin.
-CONSOLE MESSAGE: Origin http://localhost:8800 is not allowed by Access-Control-Allow-Origin.
-CONSOLE MESSAGE: Origin http://localhost:8800 is not allowed by Access-Control-Allow-Origin.
-CONSOLE MESSAGE: Origin http://localhost:8800 is not allowed by Access-Control-Allow-Origin.
-CONSOLE MESSAGE: Origin http://localhost:8800 is not allowed by Access-Control-Allow-Origin.
-CONSOLE MESSAGE: Origin http://localhost:8800 is not allowed by Access-Control-Allow-Origin.
-CONSOLE MESSAGE: Origin http://localhost:8800 is not allowed by Access-Control-Allow-Origin.
-
-PASS Cross domain different subdomain [origin OK]
-PASS Cross domain different subdomain [origin KO]
-PASS Same domain different port [origin OK]
-PASS Same domain different port [origin KO]
-PASS Cross domain different port [origin OK]
-PASS Cross domain different port [origin KO]
-PASS Cross domain different protocol [origin OK]
-PASS Cross domain different protocol [origin KO]
-PASS Same domain different protocol different port [origin OK]
-PASS Same domain different protocol different port [origin KO]
-PASS Cross domain [POST] [origin OK]
-PASS Cross domain [POST] [origin KO]
-PASS Cross domain [HEAD] [origin OK]
-PASS Cross domain [HEAD] [origin KO]
-PASS CORS preflight [PUT] [origin OK]
-PASS CORS preflight [PUT] [origin KO]
-PASS Allowed origin: "" [origin KO]
-
+++ /dev/null
-
-PASS Fetch ../resources/top.txt with no-cors mode
-PASS Fetch http://localhost:8800/fetch/api/resources/top.txt with no-cors mode
-FAIL Fetch https://localhost:9443/fetch/api/resources/top.txt with no-cors mode promise_test: Unhandled rejection with value: object "TypeError: Type error"
-PASS Fetch http://localhost:8801/fetch/api/resources/top.txt with no-cors mode
-
+++ /dev/null
-
-PASS Fetch ../resources/top.txt with no-cors mode
-PASS Fetch http://localhost:8800/fetch/api/resources/top.txt with no-cors mode
-FAIL Fetch https://localhost:9443/fetch/api/resources/top.txt with no-cors mode promise_test: Unhandled rejection with value: object "TypeError: Type error"
-PASS Fetch http://localhost:8801/fetch/api/resources/top.txt with no-cors mode
-
http/tests/download/inherited-encoding-form-submission-result.html
http/tests/download/inherited-encoding.html
-# Those tests are loaded over HTTPS and pass locally. However, they get an SSL error on the bots and time out.
-webkit.org/b/175076 imported/w3c/web-platform-tests/beacon/headers/header-referrer-no-referrer-when-downgrade.https.html [ Skip ]
-webkit.org/b/175076 imported/w3c/web-platform-tests/beacon/headers/header-referrer-strict-origin-when-cross-origin.https.html [ Skip ]
-webkit.org/b/175076 imported/w3c/web-platform-tests/beacon/headers/header-referrer-strict-origin.https.html [ Skip ]
-webkit.org/b/175076 imported/w3c/web-platform-tests/beacon/headers/header-referrer-unsafe-url.https.html [ Skip ]
-
### END OF (1) Classified failures with bug reports
########################################
+2017-08-03 Chris Dumez <cdumez@apple.com>
+
+ Multiple Layout tests from web-platform-tests/beacon/ are timing out.
+ https://bugs.webkit.org/show_bug.cgi?id=175076
+ <rdar://problem/33704752>
+
+ Reviewed by Alexey Proskuryakov.
+
+ * NetworkProcess/NetworkLoad.cpp:
+ (WebKit::NetworkLoad::completeAuthenticationChallenge):
+ In the NETWORK_SESSION code path, we did not ask the client about server trust evaluation
+ when the clientCredentialPolicy was CannotAskClientForCredentials. This is because the
+ same delegate is used for HTTP authentication and server trust evaluation in the
+ NETWORK_SESSION code path. To align both code paths, we now ask the client about server
+ trust evaluation even if the policy CannotAskClientForCredentials. This allows WKTR
+ to trust certificates for localhost / 127.0.0.1 unconditionally and consistently.
+
2017-08-03 Yoshiaki Jitsukawa <jitsu@rd.scei.sony.co.jp>
[PAL] Move spi/cf directory into PAL
void NetworkLoad::completeAuthenticationChallenge(ChallengeCompletionHandler&& completionHandler)
{
- if (m_parameters.clientCredentialPolicy == ClientCredentialPolicy::CannotAskClientForCredentials) {
+ bool isServerTrustEvaluation = m_challenge->protectionSpace().authenticationScheme() == ProtectionSpaceAuthenticationSchemeServerTrustEvaluationRequested;
+ if (m_parameters.clientCredentialPolicy == ClientCredentialPolicy::CannotAskClientForCredentials && !isServerTrustEvaluation) {
completionHandler(AuthenticationChallengeDisposition::UseCredential, { });
return;
}