4b0a22b5f3
https://bugs.webkit.org/show_bug.cgi?id=226316 <rdar://problem/78552912> Reviewed by Alex Christensen. Source/WebCore: Tests: http/tests/security/contentSecurityPolicy/report-blocked-uri-after-blocked-redirect.html http/tests/security/contentSecurityPolicy/report-blocked-uri-after-multiple-redirects.html Currently for a blocked redirection we report the blocked URI as the target URL. This is not up to spec and we should actually report the requested URL. * loader/DocumentThreadableLoader.cpp: (WebCore::DocumentThreadableLoader::redirectReceived): (WebCore::DocumentThreadableLoader::isAllowedByContentSecurityPolicy): * loader/DocumentThreadableLoader.h: * page/csp/ContentSecurityPolicy.cpp: (WebCore::ContentSecurityPolicy::allowConnectToSource const): (WebCore::ContentSecurityPolicy::reportViolation const): * page/csp/ContentSecurityPolicy.h: Source/WebKit: Currently for a blocked redirection we report the blocked URI as the target URL. This is not up to spec and we should actually report the requested URL. * NetworkProcess/NetworkLoadChecker.cpp: (WebKit::NetworkLoadChecker::check): (WebKit::NetworkLoadChecker::checkRedirection): (WebKit::NetworkLoadChecker::checkRequest): (WebKit::NetworkLoadChecker::isAllowedByContentSecurityPolicy): * NetworkProcess/NetworkLoadChecker.h: LayoutTests: * http/tests/security/contentSecurityPolicy/report-blocked-uri-after-blocked-redirect-expected.txt: Added. * http/tests/security/contentSecurityPolicy/report-blocked-uri-after-blocked-redirect.html: Added. * http/tests/security/contentSecurityPolicy/report-blocked-uri-after-multiple-redirects-expected.txt: Added. * http/tests/security/contentSecurityPolicy/report-blocked-uri-after-multiple-redirects.html: Added. * platform/mac-wk1/http/tests/security/contentSecurityPolicy/report-blocked-uri-after-multiple-redirects-expected.txt: Added. * platform/mac-wk1/http/tests/security/contentSecurityPolicy/report-blocked-uri-after-blocked-redirect-expected.txt: Added. * platform/win/http/tests/security/contentSecurityPolicy/report-blocked-uri-after-blocked-redirect-expected.txt: Added. * platform/win/http/tests/security/contentSecurityPolicy/report-blocked-uri-after-multiple-redirects-expected.txt: Added. WebKitLegacy and Win have different console logging. Canonical link: https://commits.webkit.org/240818@main git-svn-id: https://svn.webkit.org/repository/webkit/trunk@281431 268f45cc-cd09-0410-ab3c-d52691b4dbfc |
||
---|---|---|
.. | ||
accessibility | ||
animations | ||
compositing | ||
css1 | ||
css2.1 | ||
css3 | ||
editing | ||
fast | ||
fonts | ||
http | ||
ietestcenter/css3 | ||
imported/w3c/web-platform-tests | ||
inspector-protocol/debugger | ||
inverted-colors | ||
js/dom | ||
mathml | ||
media | ||
performance-api | ||
platform | ||
plugins | ||
printing | ||
scrollbars | ||
streams/reference-implementation | ||
svg | ||
tables | ||
transforms | ||
transitions | ||
webarchive/loading | ||
TestExpectations | ||
aria-labelledby-overrides-aria-label-actual.txt |