WebKit Bugzilla
Attachment 348739 Details for
Bug 184910
: Adjust XMLHttpRequest username/password precedence rules
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
Patch
bug-184910-20180902195253.patch (text/plain), 5.86 KB, created by
Rob Buis
on 2018-09-02 10:52:55 PDT
(
hide
)
Description:
Patch
Filename:
MIME Type:
Creator:
Rob Buis
Created:
2018-09-02 10:52:55 PDT
Size:
5.86 KB
patch
obsolete
>Subversion Revision: 235357 >diff --git a/Source/WebCore/ChangeLog b/Source/WebCore/ChangeLog >index 11cb33ea1abf219350f43901ec46d1b277da7169..dcb5af6e65595ca5fc457cc5b1ac6ab8adf0dd97 100644 >--- a/Source/WebCore/ChangeLog >+++ b/Source/WebCore/ChangeLog >@@ -1,3 +1,23 @@ >+2018-09-02 Rob Buis <rbuis@igalia.com> >+ >+ Adjust XMLHttpRequest username/password precedence rules >+ https://bugs.webkit.org/show_bug.cgi?id=184910 >+ >+ Reviewed by NOBODY (OOPS!). >+ >+ Step 9.1 and 9.2 in the XMLHTTPRequest::open [1] algorithm >+ specify that non null user or non null password ought >+ to be set on the URL, so implement this. >+ >+ Behavior matches Firefox and Chrome. >+ >+ [1] https://xhr.spec.whatwg.org/#dom-xmlhttprequest-open [1] >+ >+ Test: xhr/send-authentication-competing-names-passwords.htm >+ >+ * xml/XMLHttpRequest.cpp: >+ (WebCore::XMLHttpRequest::open): >+ > 2018-08-25 Yusuke Suzuki <yusukesuzuki@slowstart.org> > > Shrink size of HTMLCollection >diff --git a/Source/WebCore/xml/XMLHttpRequest.cpp b/Source/WebCore/xml/XMLHttpRequest.cpp >index 6e72c1638ced9e540917c09dac597f544fe84a68..76982cfdbe7a450c9fed979379701bb13fc78e32 100644 >--- a/Source/WebCore/xml/XMLHttpRequest.cpp >+++ b/Source/WebCore/xml/XMLHttpRequest.cpp >@@ -389,11 +389,10 @@ ExceptionOr<void> XMLHttpRequest::open(const String& method, const URL& url, boo > ExceptionOr<void> XMLHttpRequest::open(const String& method, const String& url, bool async, const String& user, const String& password) > { > URL urlWithCredentials = scriptExecutionContext()->completeURL(url); >- if (!user.isNull()) { >+ if (!user.isNull()) > urlWithCredentials.setUser(user); >- if (!password.isNull()) >- urlWithCredentials.setPass(password); >- } >+ if (!password.isNull()) >+ urlWithCredentials.setPass(password); > > return open(method, urlWithCredentials, async); > } >diff --git a/LayoutTests/ChangeLog b/LayoutTests/ChangeLog >index 1282d3bcbafca2264b21c52b03684c1db1ab7b41..81afdbee04c4a66103fd096cdc20249ee69b08ff 100644 >--- a/LayoutTests/ChangeLog >+++ b/LayoutTests/ChangeLog >@@ -1,3 +1,12 @@ >+2018-09-02 Rob Buis <rbuis@igalia.com> >+ >+ Adjust XMLHttpRequest username/password precedence rules >+ https://bugs.webkit.org/show_bug.cgi?id=184910 >+ >+ Reviewed by NOBODY (OOPS!). >+ >+ * TestExpectations: >+ > 2018-08-27 Youenn Fablet <youenn@apple.com> > > Update WPT XHR tests to 87329a1 >diff --git a/LayoutTests/imported/w3c/ChangeLog b/LayoutTests/imported/w3c/ChangeLog >index f560fa41f9caecec64ad9082413276a4c016c07c..4ae744ae641d925d3e20c80c2fdf3e7364131a22 100644 >--- a/LayoutTests/imported/w3c/ChangeLog >+++ b/LayoutTests/imported/w3c/ChangeLog >@@ -1,3 +1,14 @@ >+2018-09-02 Rob Buis <rbuis@igalia.com> >+ >+ Adjust XMLHttpRequest username/password precedence rules >+ https://bugs.webkit.org/show_bug.cgi?id=184910 >+ >+ Reviewed by NOBODY (OOPS!). >+ >+ Update test result. >+ >+ * web-platform-tests/xhr/send-authentication-competing-names-passwords-expected.txt: >+ > 2018-08-27 Youenn Fablet <youenn@apple.com> > > Update WPT XHR tests to 87329a1 >diff --git a/LayoutTests/TestExpectations b/LayoutTests/TestExpectations >index 48c4ab1ba8fff72252e21fc77f9e36efebb497cf..72a89e6bc447e7b190b0a28eff44b94bcbd4c5f0 100644 >--- a/LayoutTests/TestExpectations >+++ b/LayoutTests/TestExpectations >@@ -272,7 +272,6 @@ imported/w3c/web-platform-tests/xhr/event-error-order.sub.html [ DumpJSConsoleLo > > imported/w3c/web-platform-tests/xhr/event-error.sub.html [ Failure ] > imported/w3c/web-platform-tests/xhr/send-authentication-basic-setrequestheader-existing-session.htm [ Failure ] >-imported/w3c/web-platform-tests/xhr/send-authentication-competing-names-passwords.htm [ Failure ] > imported/w3c/web-platform-tests/xhr/preserve-ua-header-on-redirect.htm [ Failure ] > imported/w3c/web-platform-tests/xhr/setrequestheader-case-insensitive.htm [ Failure ] > imported/w3c/web-platform-tests/xhr/send-network-error-async-events.sub.htm [ Failure ] >diff --git a/LayoutTests/imported/w3c/web-platform-tests/xhr/send-authentication-competing-names-passwords-expected.txt b/LayoutTests/imported/w3c/web-platform-tests/xhr/send-authentication-competing-names-passwords-expected.txt >index c503dd5fee4df0fcdaa42b279af9e26082908c1f..07463e2756011acc4fc96ceebdb1c6b412bfdba7 100644 >--- a/LayoutTests/imported/w3c/web-platform-tests/xhr/send-authentication-competing-names-passwords-expected.txt >+++ b/LayoutTests/imported/w3c/web-platform-tests/xhr/send-authentication-competing-names-passwords-expected.txt >@@ -5,11 +5,11 @@ PASS XMLHttpRequest user/pass options: another user/pass in open(); must overrid > PASS XMLHttpRequest user/pass options: pass in URL, user in open() > PASS XMLHttpRequest user/pass options: pass in URL, user/pass in open() > PASS XMLHttpRequest user/pass options: user in URL >-FAIL XMLHttpRequest user/pass options: user in URL, pass in open() assert_equals: responseText should contain the right user and password expected "a89b5bdc-8844-4e0c-8b67-bccb90cc5006\n8ae16e77-30e0-4758-8c85-ddbac8ff9923" but got "a89b5bdc-8844-4e0c-8b67-bccb90cc5006\n" >+PASS XMLHttpRequest user/pass options: user in URL, pass in open() > PASS XMLHttpRequest user/pass options: user/pass in URL > PASS XMLHttpRequest user/pass options: user in URL and open() > PASS XMLHttpRequest user/pass options: user in URL; user/pass in open() > PASS XMLHttpRequest user/pass options: user/pass in URL; user in open() >-FAIL XMLHttpRequest user/pass options: user/pass in URL; pass in open() assert_equals: responseText should contain the right user and password expected "7add18d7-4945-4a7c-b1d3-e50eff2f65c8\nbce2a8d7-ce76-48be-8c8f-ff29647b78ff" but got "7add18d7-4945-4a7c-b1d3-e50eff2f65c8\nbcf673a4-b893-48cd-95ec-3bd4c0d72a84" >+PASS XMLHttpRequest user/pass options: user/pass in URL; pass in open() > PASS XMLHttpRequest user/pass options: user/pass in URL and open() >
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=348739">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Formatted Diff
|
Diff
Attachments on
bug 184910
:
348730
|
348731
|
348732
|
348735
|
348736
|
348737
|
348739
|
348742
|
348744
|
348747
|
348748
|
348842