HTTPS-Only should support redirects from https to http

https://bugs.webkit.org/show_bug.cgi?id=260294 rdar://107491418 Reviewed by Alex Christensen. The current implementation only allows loading a HTTP URL if the current URL is HTTP. That isn't correct because we could receive a request for loading a HTTPS URL with same-site bypass enabled, and then the HTTPS URL redirects to a HTTP URL. In this case, we should continue loading the HTTP URL. This patch adapts and extends the existing test for this behavior. * Source/WebCore/loader/FrameLoader.cpp: (WebCore::FrameLoader::shouldUpgradeRequestforHTTPSOnly const): * Tools/TestWebKitAPI/Tests/WebKitCocoa/Navigation.mm: (TEST): Canonical link: https://commits.webkit.org/267160@main
WebKit · Aug 22, 2023 · c7835fe · c7835fe
1 parent c923b30
commit c7835fe
Showing 1 changed file with 32 additions and 2 deletions.
diff --git a/Tools/TestWebKitAPI/Tests/WebKitCocoa/Navigation.mm b/Tools/TestWebKitAPI/Tests/WebKitCocoa/Navigation.mm
@@ -1720,8 +1720,6 @@ HTTPServer httpServer({
 
     delegate.get().didFailProvisionalNavigation = ^(WKWebView *, WKNavigation *, NSError *error) {
         EXPECT_NOT_NULL(error);
-        EXPECT_NOT_NULL(error.userInfo[@"errorRecoveryMethod"]);
-        EXPECT_WK_STREQ(@"HTTPSOnlyHTTPFallback", error.userInfo[@"errorRecoveryMethod"]);
         EXPECT_NOT_NULL(error.userInfo[@"NSErrorFailingURLKey"]);
         EXPECT_WK_STREQ(@"https://site2.example/secure2", error.userInfo[@"NSErrorFailingURLStringKey"]);
         errorCode = error.code;
@@ -1740,6 +1738,38 @@ HTTPServer httpServer({
     EXPECT_EQ(errorCode, kCFURLErrorHTTPTooManyRedirects);
     EXPECT_FALSE(finishedSuccessfully);
     EXPECT_EQ(loadCount, 21);
+
+    configuration.get().defaultWebpagePreferences._networkConnectionIntegrityPolicy = _WKWebsiteNetworkConnectionIntegrityPolicyHTTPSOnly | _WKWebsiteNetworkConnectionIntegrityPolicyHTTPSOnlyExplicitlyBypassedForDomain;
+    errorCode = 0;
+    finishedSuccessfully = false;
+    loadCount = 0;
+    delegate.get().didFailProvisionalNavigation = ^(WKWebView *, WKNavigation *, NSError *error) {
+        EXPECT_NULL(error);
+        if (error)
+            errorCode = error.code;
+    };
+    [webView loadRequest:[NSURLRequest requestWithURL:[NSURL URLWithString:@"https://site.example/secure"]]];
+
+    while (!errorCode && !finishedSuccessfully)
+        TestWebKitAPI::Util::spinRunLoop(5);
+
+    EXPECT_EQ(errorCode, 0);
+    EXPECT_TRUE(finishedSuccessfully);
+    EXPECT_EQ(loadCount, 2);
+    EXPECT_WK_STREQ(@"http://site.example/secure", [webView _mainFrameURL].absoluteString);
+
+    errorCode = 0;
+    finishedSuccessfully = false;
+    loadCount = 0;
+    [webView loadRequest:[NSURLRequest requestWithURL:[NSURL URLWithString:@"https://site.example/secure2"]]];
+
+    while (!errorCode && !finishedSuccessfully)
+        TestWebKitAPI::Util::spinRunLoop(5);
+
+    EXPECT_EQ(errorCode, 0);
+    EXPECT_TRUE(finishedSuccessfully);
+    EXPECT_EQ(loadCount, 2);
+    EXPECT_WK_STREQ(@"http://site2.example/secure3", [webView _mainFrameURL].absoluteString);
 }
 
 TEST(WKNavigation, LeakCheck)