Skip to content
Permalink
Browse files
Consider exposing or hiding knowledge of a redirect from clients of W…
…ebCoreNSURLSession

https://bugs.webkit.org/show_bug.cgi?id=156722
<rdar://problem/25780035>

Reviewed by Alex Christensen.

Source/WebCore:

Fixes tests: http/tests/security/contentSecurityPolicy/audio-redirect-allowed2.html
             http/tests/security/contentSecurityPolicy/video-redirect-allowed2.html

When receieving a NSURLResponse containing a redirected URL, AVFoundadtion will use the
URL in the response for subsequent requests. This violates the HTTP specification if the
redirect was temporary, and it also breaks two CSP tests by bypassing the redirect step
for subsequent requests.

Work around this behavior in AVFoundation by recreating the NSURLResponse with the original
request URL in the case of a temporary redirect.

* platform/network/cocoa/WebCoreNSURLSession.mm:
(-[WebCoreNSURLSessionDataTask resource:receivedResponse:]):
(-[WebCoreNSURLSessionDataTask resource:receivedRedirect:request:]):

LayoutTests:

Un-skip http/tests/security/contentSecurityPolicy/audio-redirect-allowed2.html &
http/tests/security/contentSecurityPolicy/video-redirect-allowed2.html.

* platform/mac/TestExpectations:


Canonical link: https://commits.webkit.org/177222@main
git-svn-id: https://svn.webkit.org/repository/webkit/trunk@202466 268f45cc-cd09-0410-ab3c-d52691b4dbfc
  • Loading branch information
jernoble committed Jun 25, 2016
1 parent 6396287 commit 62438110ff0850d49a7b4bcb9af5c722d182a97c
Showing with 54 additions and 4 deletions.
  1. +13 −0 LayoutTests/ChangeLog
  2. +0 −4 LayoutTests/platform/mac/TestExpectations
  3. +23 −0 Source/WebCore/ChangeLog
  4. +18 −0 Source/WebCore/platform/network/cocoa/WebCoreNSURLSession.mm
@@ -1,3 +1,16 @@
2016-06-24 Jer Noble <jer.noble@apple.com>

Consider exposing or hiding knowledge of a redirect from clients of WebCoreNSURLSession
https://bugs.webkit.org/show_bug.cgi?id=156722
<rdar://problem/25780035>

Reviewed by Alex Christensen.

Un-skip http/tests/security/contentSecurityPolicy/audio-redirect-allowed2.html &
http/tests/security/contentSecurityPolicy/video-redirect-allowed2.html.

* platform/mac/TestExpectations:

2016-06-24 Mark Lam <mark.lam@apple.com>

[JSC] Error prototypes are called on remote scripts.
@@ -1404,10 +1404,6 @@ webkit.org/b/158889 media/video-controls-show-on-kb-or-ax-event.html [ Pass Fail
[ Sierra+ ] http/tests/security/anchor-download-allow-sameorigin.html [ Skip ]
[ Sierra+ ] http/tests/security/anchor-download-allow-blob.html [ Skip ]

# <rdar://problem/25780035> CSP does not ignore paths for media redirects
[ Sierra+ ] http/tests/security/contentSecurityPolicy/audio-redirect-allowed2.html [ Skip ]
[ Sierra+ ] http/tests/security/contentSecurityPolicy/video-redirect-allowed2.html [ Skip ]

# <rdar://problem/26590623> LayoutTest http/tests/preload/single_download_preload_runner.html failing
[ Sierra+ ] http/tests/preload/single_download_preload_runner.html [ Pass Failure ]

@@ -1,3 +1,26 @@
2016-06-24 Jer Noble <jer.noble@apple.com>

Consider exposing or hiding knowledge of a redirect from clients of WebCoreNSURLSession
https://bugs.webkit.org/show_bug.cgi?id=156722
<rdar://problem/25780035>

Reviewed by Alex Christensen.

Fixes tests: http/tests/security/contentSecurityPolicy/audio-redirect-allowed2.html
http/tests/security/contentSecurityPolicy/video-redirect-allowed2.html

When receieving a NSURLResponse containing a redirected URL, AVFoundadtion will use the
URL in the response for subsequent requests. This violates the HTTP specification if the
redirect was temporary, and it also breaks two CSP tests by bypassing the redirect step
for subsequent requests.

Work around this behavior in AVFoundation by recreating the NSURLResponse with the original
request URL in the case of a temporary redirect.

* platform/network/cocoa/WebCoreNSURLSession.mm:
(-[WebCoreNSURLSessionDataTask resource:receivedResponse:]):
(-[WebCoreNSURLSessionDataTask resource:receivedRedirect:request:]):

2016-06-24 Jer Noble <jer.noble@apple.com>

MSE gets confused by in-band text tracks
@@ -527,6 +527,18 @@ - (void)resource:(PlatformMediaResource&)resource receivedResponse:(const Resour
self.countOfBytesExpectedToReceive = response.expectedContentLength();
[self _setDefersLoading:YES];
RetainPtr<NSURLResponse> strongResponse { response.nsURLResponse() };

if (response.url() != URL(self.currentRequest.URL)) {
// FIXME(<rdar://problem/27000361>):
// Work around a bug in CoreMedia: CM will pull the URL out of the ResourceResponse
// and use that URL for all future requests for the same piece of media. This breaks
// certain features of CORS, as well as being against the HTTP spec in the case of
// non-permanent redirects.
auto responseData = response.crossThreadData();
responseData.url = URL(self.currentRequest.URL);
strongResponse = ResourceResponseBase::fromCrossThreadData(WTFMove(responseData)).nsURLResponse();
}

RetainPtr<WebCoreNSURLSessionDataTask> strongSelf { self };
[self.session addDelegateOperation:[strongSelf, strongResponse] {
strongSelf->_response = strongResponse.get();
@@ -590,6 +602,12 @@ - (void)resource:(PlatformMediaResource&)resource receivedRedirect:(const Resour
// delegate handles the callback and responds via a completion handler. If, in
// the future, the ResourceLoader exposes a callback-based willSendResponse
// API, this can be implemented.

// FIXME(<rdar://problem/27000361>):
// Do not update the current request if the redirect is temporary; use this
// current request during responseReceieved: to work around a CoreMedia bug.
if (response.httpStatusCode() != 302 && response.httpStatusCode() != 307)
self.currentRequest = [NSURLRequest requestWithURL:request.url()];
}

- (void)_resource:(PlatformMediaResource&)resource loadFinishedWithError:(NSError *)error

0 comments on commit 6243811

Please sign in to comment.