haikuwebkit/LayoutTests/fast/url/relative2.html

<!DOCTYPE html>
<html>
<head>
<script src="../../resources/js-test-pre.js"></script>
<script src="resources/utilities.js"></script>
</head>
<body>
<script>
if (window.internals && internals.settings)
  internals.settings.setShouldRestrictBaseURLSchemes(false);

description("Test resolution of relative URLs.");

cases = [ 
  // Format: [baseURL, relativeURL, expectedURL],
  // Basic absolute input.
  ["http://host/a", "http://another/", "http://another/"],
  ["http://host/a", "http:////another/", "http://another/"],
  // Empty relative URLs should only remove the ref part of the URL,
  // leaving the rest unchanged.
  ["http://foo/bar", "", "http://foo/bar"],
  ["http://foo/bar#ref", "", "http://foo/bar"],
  ["http://foo/bar#", "", "http://foo/bar"],
  // Spaces at the ends of the relative path should be ignored.
  ["http://foo/bar", "  another  ", "http://foo/another"],
  ["http://foo/bar", "  .  ", "http://foo/"],
  ["http://foo/bar", " \t ", "http://foo/bar"],
  // Matching schemes without two slashes are treated as relative.
  ["http://host/a", "http:path", "http://host/path"],
  ["http://host/a/", "http:path", "http://host/a/path"],
  ["http://host/a", "http:/path", "http://host/path"],
  ["http://host/a", "HTTP:/path", "http://host/path"],
  // Nonmatching schemes are absolute.
  ["http://host/a", "https:host2", "https://host2/"],
  ["http://host/a", "htto:/host2", "htto:/host2"],
  // Absolute path input
  ["http://host/a", "/b/c/d", "http://host/b/c/d"],
  ["http://host/a", "\\\\b\\\\c\\\\d", "http://host/b/c/d"],
  ["http://host/a", "/b/../c", "http://host/c"],
  ["http://host/a?b#c", "/b/../c", "http://host/c"],
  ["http://host/a", "\\\\b/../c?x#y", "http://host/c?x#y"],
  ["http://host/a?b#c", "/b/../c?x#y", "http://host/c?x#y"],
  // Relative path input
  ["http://host/a", "b", "http://host/b"],
  ["http://host/a", "bc/de", "http://host/bc/de"],
  ["http://host/a/", "bc/de?query#ref", "http://host/a/bc/de?query#ref"],
  ["http://host/a/", ".", "http://host/a/"],
  ["http://host/a/", "..", "http://host/"],
  ["http://host/a/", "./..", "http://host/"],
  ["http://host/a/", "../.", "http://host/"],
  ["http://host/a/", "././.", "http://host/a/"],
  ["http://host/a?query#ref", "../../../foo", "http://host/foo"],
  // Query input
  ["http://host/a", "?foo=bar", "http://host/a?foo=bar"],
  ["http://host/a?x=y#z", "?", "http://host/a?"],
  ["http://host/a?x=y#z", "?foo=bar#com", "http://host/a?foo=bar#com"],
  // Ref input
  ["http://host/a", "#ref", "http://host/a#ref"],
  ["http://host/a#b", "#", "http://host/a#"],
  ["http://host/a?foo=bar#hello", "#bye", "http://host/a?foo=bar#bye"],
  // Non-hierarchical base: no relative handling. Relative input should
  // error, and if a scheme is present, it should be treated as absolute.
  ["data:foobar", "baz.html", ""],
  ["data:foobar", "data:baz", "data:baz"],
  ["data:foobar", "data:/base", "data:/base"],
  // Non-hierarchical base: absolute input should succeed.
  ["data:foobar", "http://host/", "http://host/"],
  ["data:foobar", "http:host", "http://host/"],
  // Invalid schemes should be treated as relative.
  ["http://foo/bar", "./asd:fgh", "http://foo/asd:fgh"],
  ["http://foo/bar", ":foo", "http://foo/:foo"],
  ["http://foo/bar", " hello world", "http://foo/hello%20world"],
  ["data:asdf", ":foo", ""],
  // We should treat semicolons like any other character in URL resolving
  ["http://host/a", ";foo", "http://host/;foo"],
  ["http://host/a;", ";foo", "http://host/;foo"],
  ["http://host/a", ";/../bar", "http://host/bar"],
  // Relative URLs can also be written as "//foo/bar" which is relative to
  // the scheme. In this case, it would take the old scheme, so for http
  // the example would resolve to "http://foo/bar".
  ["http://host/a", "//another", "http://another/"],
  ["http://host/a", "//another/path?query#ref", "http://another/path?query#ref"],
  ["http://host/a", "///another/path", "http://another/path"],
  ["http://host/a", "//Another\\\\path", "http://another/path"],
  ["http://host/a", "//", "http:"],
  // IE will also allow one or the other to be a backslash to get the same
  // behavior.
  ["http://host/a", "\\\\/another/path", "http://another/path"],
  ["http://host/a", "/\\\\Another\\\\path", "http://another/path"],
];

var originalBaseURL = canonicalize(".");

for (var i = 0; i < cases.length; ++i) {
  baseURL = cases[i][0];
  relativeURL = cases[i][1];
  expectedURL = cases[i][2];
  setBaseURL(baseURL);
  shouldBe("canonicalize('" + relativeURL + "')",
           "'" + expectedURL + "'");
}

setBaseURL(originalBaseURL);
</script>
<script src="../../resources/js-test-post.js"></script>
</body>
</html>
Disallow setting base URL to a data or JavaScript URL https://bugs.webkit.org/show_bug.cgi?id=207136 Source/WebCore: Reviewed by Brent Fulgham. Inspired by <https://bugs.chromium.org/p/chromium/issues/detail?id=679318>. Block setting the base URL to a data URL or JavaScript URL as such usage is questionable. This makes WebKit match the behavior of Chrome and Firefox and is in the spirit of the discussion in <https://github.com/whatwg/html/issues/2249>. On Mac and iOS, this restriction is applied only to apps linked against a future SDK to avoid breaking shipped apps. For all other ports, this restriction is enabled by default. Tests: fast/url/relative2.html fast/url/segments-from-data-url2.html http/tests/security/allowed-base-url-data-url-via-setting.html http/tests/security/denied-base-url-data-url.html http/tests/security/denied-base-url-javascript-url.html * dom/Document.cpp: (WebCore::Document::processBaseElement): Condition updating the parsed base URL on whether is has an allowed scheme, if restrictions are enabled. Otherwise, do what we do now. If the scheme is disallowed then log a message to the console to explain this to web developers. * html/parser/HTMLPreloadScanner.cpp: (WebCore::TokenPreloadScanner::scan): Pass whether to apply restrictons to the base URL to updatePredictedBaseURL(). This depends on whether the setting is enabled or not. (WebCore::TokenPreloadScanner::updatePredictedBaseURL): Modifed to take a boolean as to whether to apply restrictions. If restrictions are not to be applied do what we do now. Otherwise, only do what we do now if the scheme for the predicated base URL is allowed. * html/parser/HTMLPreloadScanner.h: * page/SecurityPolicy.cpp: (WebCore::SecurityPolicy::isBaseURLSchemeAllowed): Added. * page/SecurityPolicy.h: * page/Settings.yaml: Add a setting to toggle restrictions on the base URL scheme. Source/WebKit: Reviewed by Brent Fulgham. Apply base URL restrictions to apps linked to a future WebKit to avoid breaking existing apps. * Shared/WebPreferences.yaml: * UIProcess/API/Cocoa/WKWebView.mm: (shouldRestrictBaseURLSchemes): Added. (-[WKWebView _setupPageConfiguration:]): Update settings. * UIProcess/Cocoa/VersionChecks.h: Source/WebKitLegacy/mac: Reviewed by Brent Fulgham. Apply base URL restrictions to apps linked to a future WebKit to avoid breaking existing apps. * Misc/WebKitVersionChecks.h: * WebView/WebView.mm: (shouldRestrictBaseURLSchemes): Added. (-[WebView _commonInitializationWithFrameName:groupName:]): Update settings. Source/WTF: Reviewed by Brent Fulgham. Add some more macro definitions. * wtf/spi/darwin/dyldSPI.h: LayoutTests: RReviewed by Brent Fulgham. Add some tests. Update others to toggle the setting to apply or unapply the new behavior. The test denied-base-url-javascript-url.html is derived from the test base-url-javascript.html, included in <https://chromium.googlesource.com/chromium/src.git/+/c133efa0b915430701930b76a7cfe35608b9a403>. * fast/url/relative-expected.txt: * fast/url/relative.html: * fast/url/relative2-expected.txt: Copied from LayoutTests/fast/url/relative-expected.txt. * fast/url/relative2.html: Copied from LayoutTests/fast/url/relative.html. * fast/url/resources/utilities.js: (setShouldEllipsizeFileURLPaths): Added. Toggles ellipsizing the path portion of a file URL to simplify matching. Otherwise, file URLs could be machine-specific. (canonicalizedPathname): Added. (segments): Modified to optionally call canonicalizedPathname. (canonicalize): Ditto. * fast/url/segments-from-data-url-expected.txt: * fast/url/segments-from-data-url.html: * fast/url/segments-from-data-url2-expected.txt: Copied from LayoutTests/fast/url/segments-from-data-url-expected.txt. * fast/url/segments-from-data-url2.html: Copied from LayoutTests/fast/url/segments-from-data-url.html. * fetch/fetch-url-serialization-expected.txt: * http/tests/plugins/navigation-during-load-embed.html: * http/tests/plugins/navigation-during-load.html: * http/tests/security/allowed-base-url-data-url-via-setting-expected.txt: Added. * http/tests/security/allowed-base-url-data-url-via-setting.html: Added. * http/tests/security/denied-base-url-data-url-expected.txt: Added. * http/tests/security/denied-base-url-data-url.html: Added. * http/tests/security/denied-base-url-javascript-url-expected.txt: Added. * http/tests/security/denied-base-url-javascript-url.html: Added. Canonical link: https://commits.webkit.org/220473@main git-svn-id: https://svn.webkit.org/repository/webkit/trunk@256191 268f45cc-cd09-0410-ab3c-d52691b4dbfc 2020-02-10 18:16:49 +00:00			`<!DOCTYPE html>`
			`<html>`
			`<head>`
			`<script src="../../resources/js-test-pre.js"></script>`
			`<script src="resources/utilities.js"></script>`
			`</head>`
			`<body>`
			`<script>`
			`if (window.internals && internals.settings)`
			`internals.settings.setShouldRestrictBaseURLSchemes(false);`

			`description("Test resolution of relative URLs.");`

			`cases = [`
			`// Format: [baseURL, relativeURL, expectedURL],`
			`// Basic absolute input.`
			`["http://host/a", "http://another/", "http://another/"],`
			`["http://host/a", "http:////another/", "http://another/"],`
			`// Empty relative URLs should only remove the ref part of the URL,`
			`// leaving the rest unchanged.`
			`["http://foo/bar", "", "http://foo/bar"],`
			`["http://foo/bar#ref", "", "http://foo/bar"],`
			`["http://foo/bar#", "", "http://foo/bar"],`
			`// Spaces at the ends of the relative path should be ignored.`
			`["http://foo/bar", " another ", "http://foo/another"],`
			`["http://foo/bar", " . ", "http://foo/"],`
			`["http://foo/bar", " \t ", "http://foo/bar"],`
			`// Matching schemes without two slashes are treated as relative.`
			`["http://host/a", "http:path", "http://host/path"],`
			`["http://host/a/", "http:path", "http://host/a/path"],`
			`["http://host/a", "http:/path", "http://host/path"],`
			`["http://host/a", "HTTP:/path", "http://host/path"],`
			`// Nonmatching schemes are absolute.`
			`["http://host/a", "https:host2", "https://host2/"],`
			`["http://host/a", "htto:/host2", "htto:/host2"],`
			`// Absolute path input`
			`["http://host/a", "/b/c/d", "http://host/b/c/d"],`
			`["http://host/a", "\\\\b\\\\c\\\\d", "http://host/b/c/d"],`
			`["http://host/a", "/b/../c", "http://host/c"],`
			`["http://host/a?b#c", "/b/../c", "http://host/c"],`
			`["http://host/a", "\\\\b/../c?x#y", "http://host/c?x#y"],`
			`["http://host/a?b#c", "/b/../c?x#y", "http://host/c?x#y"],`
			`// Relative path input`
			`["http://host/a", "b", "http://host/b"],`
			`["http://host/a", "bc/de", "http://host/bc/de"],`
			`["http://host/a/", "bc/de?query#ref", "http://host/a/bc/de?query#ref"],`
			`["http://host/a/", ".", "http://host/a/"],`
			`["http://host/a/", "..", "http://host/"],`
			`["http://host/a/", "./..", "http://host/"],`
			`["http://host/a/", "../.", "http://host/"],`
			`["http://host/a/", "././.", "http://host/a/"],`
			`["http://host/a?query#ref", "../../../foo", "http://host/foo"],`
			`// Query input`
			`["http://host/a", "?foo=bar", "http://host/a?foo=bar"],`
			`["http://host/a?x=y#z", "?", "http://host/a?"],`
			`["http://host/a?x=y#z", "?foo=bar#com", "http://host/a?foo=bar#com"],`
			`// Ref input`
			`["http://host/a", "#ref", "http://host/a#ref"],`
			`["http://host/a#b", "#", "http://host/a#"],`
			`["http://host/a?foo=bar#hello", "#bye", "http://host/a?foo=bar#bye"],`
			`// Non-hierarchical base: no relative handling. Relative input should`
			`// error, and if a scheme is present, it should be treated as absolute.`
			`["data:foobar", "baz.html", ""],`
			`["data:foobar", "data:baz", "data:baz"],`
			`["data:foobar", "data:/base", "data:/base"],`
			`// Non-hierarchical base: absolute input should succeed.`
			`["data:foobar", "http://host/", "http://host/"],`
			`["data:foobar", "http:host", "http://host/"],`
			`// Invalid schemes should be treated as relative.`
			`["http://foo/bar", "./asd:fgh", "http://foo/asd:fgh"],`
			`["http://foo/bar", ":foo", "http://foo/:foo"],`
			`["http://foo/bar", " hello world", "http://foo/hello%20world"],`
			`["data:asdf", ":foo", ""],`
			`// We should treat semicolons like any other character in URL resolving`
			`["http://host/a", ";foo", "http://host/;foo"],`
			`["http://host/a;", ";foo", "http://host/;foo"],`
			`["http://host/a", ";/../bar", "http://host/bar"],`
			`// Relative URLs can also be written as "//foo/bar" which is relative to`
			`// the scheme. In this case, it would take the old scheme, so for http`
			`// the example would resolve to "http://foo/bar".`
			`["http://host/a", "//another", "http://another/"],`
			`["http://host/a", "//another/path?query#ref", "http://another/path?query#ref"],`
			`["http://host/a", "///another/path", "http://another/path"],`
			`["http://host/a", "//Another\\\\path", "http://another/path"],`
			`["http://host/a", "//", "http:"],`
			`// IE will also allow one or the other to be a backslash to get the same`
			`// behavior.`
			`["http://host/a", "\\\\/another/path", "http://another/path"],`
			`["http://host/a", "/\\\\Another\\\\path", "http://another/path"],`
			`];`

			`var originalBaseURL = canonicalize(".");`

			`for (var i = 0; i < cases.length; ++i) {`
			`baseURL = cases[i][0];`
			`relativeURL = cases[i][1];`
			`expectedURL = cases[i][2];`
			`setBaseURL(baseURL);`
			`shouldBe("canonicalize('" + relativeURL + "')",`
			`"'" + expectedURL + "'");`
			`}`

			`setBaseURL(originalBaseURL);`
			`</script>`
			`<script src="../../resources/js-test-post.js"></script>`
			`</body>`
			`</html>`