158420 2016-06-06 08:29:52 -0700 URI fragment of location header not appended in case of further redirect 2020-11-30 14:19:36 -0800 1 1 1 Unclassified WebKit Page Loading Safari 9 All OS X 10.11 RESOLVED WONTFIX https://bugs.webkit.org/show_bug.cgi?id=24175 https://bugs.webkit.org/show_bug.cgi?id=205294 InRadar P2 Normal --- 210490 1 tgerlach achristensen achristensen ap beidson bokan brian fetis26 manian mcatanzaro pogris rwlbuis scott thierry.allardsaintalbin tomac totten webkit-bug-importer whq731 wilander ysuzuki oldest_to_newest 1199555 0 280593 tgerlach 2016-06-06 08:29:52 -0700 Created attachment 280593 simple php test scenario As a variant of the BUG 24175 the following scenario still fails in Safari 9 (iPhone 9, Mac 10) 1. request a URI 2. response is 302 with a URI with fragment as location header 3. the location header's URI is redirected again with 302 4. the last URI has no fragment anymore. example: 1. request: http://localhost/fragmenttest 2. response: 302, location header /fragmenttest/old/#somewhere 3. response: 302, location header /fragmenttest/new/ 4. FAIL: agent requests just http://localhost/fragmenttest/new/ instead of http://localhost/fragmenttest/new/#somewhere important: This behaviour is only reproducable with the two redirects. If you enter the 2. URI directly in the address line of the browser, the fragment will be kept! 2' request: http://localhost/fragmenttest/old/#somewhere 3. response: 302, location header /fragmenttest/new/ 4. SUCCESS: agent requests http://localhost/fragmenttest/new/#somewhere test: insert the attached folder "fragmenttest" into a webserver with php and call the above mentioned URIs. (index.php and index.html need to be the configured as default files for folders) 1199655 1 beidson 2016-06-06 11:58:20 -0700 rdar://problem/26654828 1276504 2 scott 2017-02-13 18:10:40 -0800 This a fairly critical bug as it impacts page fragment handling in cases where a single sign-on server is used, especially OpenID Connect. Additionally, latest versions of Firefox, Chrome, and Internet Explorer do not exhibit this bug. This leaves web software vendors either having to not support Safari or invent work arounds. 1290958 3 ap 2017-03-24 12:59:20 -0700 *** Bug 170058 has been marked as a duplicate of this bug. *** 1294026 4 mcatanzaro 2017-04-04 06:15:56 -0700 Note: Carlos says r214807 fixes this for the soup backend. 1294027 5 mcatanzaro 2017-04-04 06:17:45 -0700 Looks like he added a layout test there that's failing on Mac/iOS and marked against this bug. Hopefully that helps a bit with writing a fix. 1294520 6 306291 achristensen 2017-04-05 09:36:27 -0700 Created attachment 306291 Patch 1295372 7 306291 beidson 2017-04-07 10:18:29 -0700 Comment on attachment 306291 Patch I think we need to do a little more exploration first. 1295373 8 beidson 2017-04-07 10:20:17 -0700 (In reply to Brady Eidson from comment #7) > Comment on attachment 306291 [details] > Patch > > I think we need to do a little more exploration first. To elaborate, I'm not sure *always* doing this is necessarily right. e.g. What if the redirect is cross domain? What if the redirect is cross protocol (http -> https, or vice versa)? What if the redirect is a different status code from 302? I don't know that there's a single, pretty spec that covers this, but we should have a matrix of tests covering all of those cases, verify the other browsers agree, and then then go for it. 1295406 9 mcatanzaro 2017-04-07 11:27:20 -0700 Hm, good point Brady. 1295464 10 scott 2017-04-07 12:59:11 -0700 RFC 7231, section 7.1.2 https://tools.ietf.org/html/rfc7231#section-7.1.2 If the Location value provided in a 3xx (Redirection) response does not have a fragment component, a user agent MUST process the redirection as if the value inherits the fragment component of the URI reference used to generate the request target (i.e., the redirection inherits the original reference's fragment, if any). 1295521 11 achristensen 2017-04-07 15:59:25 -0700 Given that it is a part of the HTTP spec, we should probably fix this in CFNetwork for non-WebKit clients. Now the decision of whether we want to cover up this bug with this patch in WebKit... 1295622 12 beidson 2017-04-07 19:34:21 -0700 (In reply to Scott from comment #10) > RFC 7231, section 7.1.2 > > https://tools.ietf.org/html/rfc7231#section-7.1.2 > > If the Location value provided in a 3xx (Redirection) response does > not have a fragment component, a user agent MUST process the > redirection as if the value inherits the fragment component of the > URI reference used to generate the request target (i.e., the > redirection inherits the original reference's fragment, if any). The HTTP spec doesn't seem to distinguish between the concerns I mentioned, but I still wonder if the other browsers do. 1295658 13 scott 2017-04-08 09:45:57 -0700 (In reply to Brady Eidson from comment #12) > (In reply to Scott from comment #10) > > RFC 7231, section 7.1.2 > > > > https://tools.ietf.org/html/rfc7231#section-7.1.2 > > > > If the Location value provided in a 3xx (Redirection) response does > > not have a fragment component, a user agent MUST process the > > redirection as if the value inherits the fragment component of the > > URI reference used to generate the request target (i.e., the > > redirection inherits the original reference's fragment, if any). > > The HTTP spec doesn't seem to distinguish between the concerns I mentioned, > but I still wonder if the other browsers do. Chrome & Firefox: HTTP -> HTTPS: fragment is preserved Cross domain: fragment is preserved Preservation happens for all 3xx redirection 1295659 14 beidson 2017-04-08 09:49:37 -0700 (In reply to Scott from comment #13) > (In reply to Brady Eidson from comment #12) > > (In reply to Scott from comment #10) > > > RFC 7231, section 7.1.2 > > > > > > https://tools.ietf.org/html/rfc7231#section-7.1.2 > > > > > > If the Location value provided in a 3xx (Redirection) response does > > > not have a fragment component, a user agent MUST process the > > > redirection as if the value inherits the fragment component of the > > > URI reference used to generate the request target (i.e., the > > > redirection inherits the original reference's fragment, if any). > > > > The HTTP spec doesn't seem to distinguish between the concerns I mentioned, > > but I still wonder if the other browsers do. > > Chrome & Firefox: > > HTTP -> HTTPS: fragment is preserved > Cross domain: fragment is preserved > Preservation happens for all 3xx redirection That's great: We should make sure we have layout tests for all of those cases. 1443200 15 brian 2018-07-18 15:33:53 -0700 Hello maintainers, Has there been any update on a fix for this bug? It looks like this ticket, and it's predecessor, have been open for a while. I develop an application that was running into this bug and we've had to workaround it for now. We have an OAuth system that requires a user to be redirected (with a login token fragment), after successful login, to a URL that checks for additional actions the user needs to take before redirecting them again to the web-app itself. Because of this bug, that intermediary check causes the fragment to be stripped and the web-app cannot see that the user is logged in. For what it's worth, this bug doesn't seem to be affecting certain macOS clients. I was originally able to reproduce the issue on my development machine (running High Sierra), but after a few failed login cycles, the fragments are successfully passed (not sure if this is because the Dev Tools are open or not), and once Safari successfully passed the fragments once, it does so every single subsequent time. Others who are not developers are never able to get through the checks, and iOS users consequently can never log in. I'd appreciate any help or information about this bug and a fix, and I'm happy to provide more info if needed. Thanks. 1529547 16 thierry.allardsaintalbin 2019-04-23 02:55:36 -0700 Hello, Has there any update on this subject, does someone have a workaround ? 1561976 17 fetis26 2019-08-16 01:22:23 -0700 I think we faced this issue as well with Auth0 auth-provider. After successful login Auth0 redirects you with 302 to your configured callback url (URL fragment contains issued token) and we redirect from generic callback to a specific language version. What I still don't understand, the problem triggers not every time but only sometimes and this sometimes I still can't get. Thomas, maybe you know some additional conditions to trigger the bug? 1660464 18 totten 2020-06-08 16:06:28 -0700 Just to give an example of the impact of this from a downstream POV: > It's worth considering that (when handling a web-system that uses #fragments), the browsers only agree on what to do if you limit request-handling to a maximum of 1 redirect. Multiple redirects are not portable. That's a very annoying realization. Long-term, it basically means either (a) we regulate to keep the overall system within budget ("maximum 1 redirect"), or (b) we get out of the #fragment business, or (c) Apple fixes Safari. (from https://github.com/civicrm/civicrm-core/pull/17422) 1668571 19 bokan 2020-07-03 07:53:36 -0700 > What if the redirect is cross domain? > What if the redirect is cross protocol (http -> https, or vice versa)? > What if the redirect is a different status code from 302? > > I don't know that there's a single, pretty spec that covers this, but we should have a matrix of tests covering all of those cases, verify the other browsers agree, and then then go for it. FWIW - I've added a web platform test that covers all these cases and a few more: https://wpt.fyi/results/fetch/redirect-navigate/preserve-fragment.html?label=experimental&label=master&aligned It captures the bug here - where there's multiple redirects, Safari loses the fragment provided in the intermediate/first redirect. Both Chromium and Firefox keep the fragment, as has been pointed out in other comments here. 1671229 20 achristensen 2020-07-13 16:40:36 -0700 All NSURLConnection and NSURLSession requests behave this way, and there isn't a good way to work around this in WebKit. I filed rdar://problem/65508577 and further investigation will be done there. David, thanks for making a web platform test for this. It makes it easy to see what needs to change. 1671232 21 brian 2020-07-13 16:48:29 -0700 Glad to hear there's progress being made on this, but I'm sad to see this bug moved to an internal process. We here on the outside can't see or track progress of radars. Will you be posting here when the feature is merged into NSURLConnection/NSURLSession? We've been following this thread for years now and I'm sure we'd all really appreciate knowing it's being worked or completed. 1710760 22 achristensen 2020-11-30 14:01:06 -0800 I believe this is fixed in Big Sur / iOS 14. 1710768 23 bokan 2020-11-30 14:13:57 -0800 Great to hear, thanks Alex! One question: On WPT.fyi the test still shows failures for the last case, where we have a redirect chain that looks like: urlA#target -> urlB#fromRedirect -> urlC. In this case, Firefox and Chrome both use #fromRedirect (which is correct based on my read of https://tools.ietf.org/html/rfc7231#section-7.1.2) but Safari still keeps #target. WPT says that's running on Safari 116 on macOS 10.15, is that still broken or does it just need to update to a newer version of Safari/Mac? 1710771 24 achristensen 2020-11-30 14:15:14 -0800 It is still broken on macOS 10.15. 1710775 25 bokan 2020-11-30 14:19:36 -0800 Oops, I mixed up the iOS and Mac version numbering. Thanks! 280593 2016-06-06 08:29:52 -0700 2016-06-06 08:29:52 -0700 simple php test scenario fragmenttest.zip image/zip 4308 tgerlach UEsDBAoAAAAAAG6JxkgAAAAAAAAAAAAAAAANABAAZnJhZ21lbnR0ZXN0L1VYDABuklVXoJJVV/UB UABQSwMEFAAIAAgAlInGSAAAAAAAAAAAAAAAABYAEABmcmFnbWVudHRlc3QvLkRTX1N0b3JlVVgM AOiSVVfoklVX9QFQAO1ZTWwbRRR+z0nT9W5/Jj9t3aZQQ5uoTUOaKAltCm0dxymFNjTCSZw/cNfe abKw2bW8azshiggICagQIOCAhLg0oUUIlVPFgQMgxM8Bib9KUC5ckBBwQuICJ2Z2x6kdYqSeish+ 1uabeW/f7s6bb+dpNgCA0ZzWARACAAk8JgqsCUkc/0BA8BZ2IIuHtJGyLIM1oWrtS/nw4cOHDx8+ bjXQI6lC3ffhw8c6Bl8fwoIjghc9RuEPCK4uiSGCw4Ijghc9RnFeQHC1YEkwERwWHBG86LFYtFBs PlDcGcUOBYngsODITQ3Zh491Bb53rwITKBQ0u3T/7pqMqY542prJlAQIz4wVi2k5Jw3w7XzfpnKP VsGTmV7jahYYoKUKdiZlWClm+TOVMXTbaW+/joGq6g01G6WgrPAfqZUfjk9bhbijOjk7qmYn3J6u 0ZRoD6rOdLE9xAay0lZTIzotJElDn2U6qm7SbEnoZEI3NasQtXKmZk8KY0LXnOkk2TaYpXkWOqia dES39ZRu6M6cFOS/JAnNz3f3tIa7OrsWWsPzHZ2dd7eGD3d0LyyQK5LUeKC7d2Ass3Dh4tLym5cu v/XxJ96IiwsY1K+aiU9vpKN8JlzTmjPheez8oJe7gFXM3fcludsUq+uXk6SOj+NsxtEt0x6hWZtx kmy1WR7uT1umGGeS1KZVI50zVIf2GkZcf5zaibRl5GZMe9Shsw63jNtW1ulzjaM6i+W2JCE5mz5E WaCepzEWbhMMSm9v3t64Z9+Bts4jx65t2Upq6+pleZxl2HT08zrNDhd4msdUO01NTTenEnmeY4MO meoMra2CYNCN2hFS5EmNXXPA0nicRq5Knmd3SFEmuKcvS9lfTZJcc/gORR6y2WMRVZzY1CzLQ4+x iSa2uGjLQVkZNtQUNYgW9MIOtctKIu/lhpwWxq5uWRllmZ9hD23XYqsw9xxVlEf4nc+otnM2Q032 VJ+z2x8/EdmihJS+4lBWD1GSxnhUr6ZRbW9kvzeTeyPtXiPIquBOaGM1bwgm2SuTgTl4Hl6AF+El eB2W4V24Ch/AZ/AFfAlfwdfwA/wMv8Cv8Bv8wQorYgAVJFiH9diAt+GduA+bsBkPYTcexiPYg1F8 AM/gAD6ICTyHadSQookL+AQu4pN4AV/G1/AiLuEyXsH38EPvoQJFxd5XLlj8qEyE4gUOJNYUYX/D yVslwuubPek1bNsutBhdmdBVU1iqJVdAnkJc5RSV4YqzTI7XdoR27mrczfTETqOzlVRNNnry4Wcz hSpEchXDu03NrBtgsva6LQcVmVS54uVdrkuywZUp7zJFyqTaFTLv9hxl3hpXr7x7/ATzgvfy8H6w WZGl4M1JbQnegfddmX0D38GP8BP8Dn8xgdUwcYVwF5PW7bgH92MLtuJd2MbE1YP34L14DE/iKSax 00xkw0xiYziOE0xk53EadXwUbcxhAWdxDp/Cp/EZfBafY5J7BV/FN/DSKrGdWiW2yzfEVlZ7akrX wrLaU+apXHvy8axpWOYUrGyI1wvER/oQ3//3V/7+78OHj/8xsDoWj0Wh8vrH99phdpwrBsC/fwjA kn8Y/uc+BPj134Vf/9d3/f8bUEsHCHbj9jOyBAAABCAAAFBLAwQKAAAAAACQi8ZIAAAAAAAAAAAA AAAACQAQAF9fTUFDT1NYL1VYDACfllVXn5ZVV/UBFABQSwMECgAAAAAAkIvGSAAAAAAAAAAAAAAA ABYAEABfX01BQ09TWC9mcmFnbWVudHRlc3QvVVgMAJ+WVVefllVX9QEUAFBLAwQUAAgACACUicZI AAAAAAAAAAAAAAAAIQAQAF9fTUFDT1NYL2ZyYWdtZW50dGVzdC8uXy5EU19TdG9yZVVYDADoklVX 6JJVV/UBUABjYBVjZ2BiYPBNTFbwD1aIUIACkBgDJxAbAbEbEIP4FUDMAFchwIADOIaEBEGZFTBd 6AAAUEsHCPQZ17w0AAAAeAAAAFBLAwQUAAgACABRisZIAAAAAAAAAAAAAAAAFgAQAGZyYWdtZW50 dGVzdC9pbmRleC5waHBVWAwAbpZVV0qUVVf1AVAAs7EvyCjgykhNTEkt0lDKyU9OLMnMz7NS0E8r SkzPTc0rKUktLtHPz0nRV4aJKOkoGBsYaVpz2dsBAFBLBwhKVokqOgAAAD4AAABQSwMEFAAIAAgA UYrGSAAAAAAAAAAAAAAAACEAEABfX01BQ09TWC9mcmFnbWVudHRlc3QvLl9pbmRleC5waHBVWAwA bpZVV0qUVVf1AVAAY2AVY2dgYmDwTUxW8A9WiFCAApAYAycQGwFxJRCD+KsZiAKOISFBUCZIxxwg 5kdTwogQF0/Oz9VLLCjISdULSa0occ1Lzk/JzEsHSoaGuOlaWBsamxgZmltamAAAUEsHCMMXUjZd AAAAqwAAAFBLAwQKAAAAAAB3icZIAAAAAAAAAAAAAAAAEQAQAGZyYWdtZW50dGVzdC9uZXcvVVgM AIySVVeyklVX9QFQAFBLAwQUAAgACAAqicZIAAAAAAAAAAAAAAAAGwAQAGZyYWdtZW50dGVzdC9u ZXcvaW5kZXguaHRtbFVYDACAllVXH5JVV/UBUADtlsFKA0EMhu/7FL978CQOenUckFJB8NSleJ7t pjuB3ZkySQt9e6dVUcSbCB7mlOSHfLd8xAadJ9dYZZ3IoV3RwJk2ik3wHDGlJCTYZj/OFBUl6vzW Z26teVtpbJ+GYynhxuHx4el5vVpaU4aS3Dq8BIo4pj1GUmiCBhZMHOmqtPQFLJhZhON4jdNicxl7 2d3ZPhv3+7bSKq3S/oRmQ9HH6frBw337cc+tQ7deLJZd95MLhOhTBPB6VoGm3TcnyD4f+EDDRWFU I1RapVXav6JZ8/77mPMX9QpQSwcIoxXfItgAAABMCQAAUEsDBAoAAAAAAJCLxkgAAAAAAAAAAAAA AAAaABAAX19NQUNPU1gvZnJhZ21lbnR0ZXN0L25ldy9VWAwAn5ZVV5+WVVf1ARQAUEsDBBQACAAI ACqJxkgAAAAAAAAAAAAAAAAmABAAX19NQUNPU1gvZnJhZ21lbnR0ZXN0L25ldy8uX2luZGV4Lmh0 bWxVWAwAgJZVVx+SVVf1AVAAY2AVY2dgYmDwTUxW8A9WiFCAApAYAycQGwFxJRCD+KsZiAKOISFB UCZIxxwg5kdTwogQF0/Oz9VLLCjISdULSa0occ1Lzk/JzEsHSoaGuOlaWBsamxgZmltamAAAUEsH CMMXUjZdAAAAqwAAAFBLAwQKAAAAAACUicZIAAAAAAAAAAAAAAAAEQAQAGZyYWdtZW50dGVzdC9v bGQvVVgMAIaSVVfoklVX9QFQAFBLAwQUAAgACABhisZIAAAAAAAAAAAAAAAAGgAQAGZyYWdtZW50 dGVzdC9vbGQvaW5kZXgucGhwVVgMAICWVVdllFVX9QFQALOxL8go4MpITUxJLdJQyslPTizJzM+z UtBPK0pMz03NKylJLS7Rz0st11fSUTA2MNK05rK3AwBQSwcIj0sCIjcAAAA1AAAAUEsDBAoAAAAA AJCLxkgAAAAAAAAAAAAAAAAaABAAX19NQUNPU1gvZnJhZ21lbnR0ZXN0L29sZC9VWAwAn5ZVV5+W VVf1ARQAUEsDBBQACAAIAGGKxkgAAAAAAAAAAAAAAAAlABAAX19NQUNPU1gvZnJhZ21lbnR0ZXN0 L29sZC8uX2luZGV4LnBocFVYDACAllVXZZRVV/UBUABjYBVjZ2BiYPBNTFbwD1aIUIACkBgDJxAb AXElEIP4qxmIAo4hIUFQJkjHHCDmR1PCiBAXT87P1UssKMhJ1QtJrShxzUvOT8nMSwdKhoa46VpY GxqbGBmaW1qYAABQSwcIwxdSNl0AAACrAAAAUEsBAhUDCgAAAAAAbonGSAAAAAAAAAAAAAAAAA0A DAAAAAAAAAAAQO1BAAAAAGZyYWdtZW50dGVzdC9VWAgAbpJVV6CSVVdQSwECFQMUAAgACACUicZI duP2M7IEAAAEIAAAFgAMAAAAAAAAAABApIE7AAAAZnJhZ21lbnR0ZXN0Ly5EU19TdG9yZVVYCADo klVX6JJVV1BLAQIVAwoAAAAAAJCLxkgAAAAAAAAAAAAAAAAJAAwAAAAAAAAAAED9QUEFAABfX01B Q09TWC9VWAgAn5ZVV5+WVVdQSwECFQMKAAAAAACQi8ZIAAAAAAAAAAAAAAAAFgAMAAAAAAAAAABA /UF4BQAAX19NQUNPU1gvZnJhZ21lbnR0ZXN0L1VYCACfllVXn5ZVV1BLAQIVAxQACAAIAJSJxkj0 Gde8NAAAAHgAAAAhAAwAAAAAAAAAAECkgbwFAABfX01BQ09TWC9mcmFnbWVudHRlc3QvLl8uRFNf U3RvcmVVWAgA6JJVV+iSVVdQSwECFQMUAAgACABRisZISlaJKjoAAAA+AAAAFgAMAAAAAAAAAABA pIFPBgAAZnJhZ21lbnR0ZXN0L2luZGV4LnBocFVYCABullVXSpRVV1BLAQIVAxQACAAIAFGKxkjD F1I2XQAAAKsAAAAhAAwAAAAAAAAAAECkgd0GAABfX01BQ09TWC9mcmFnbWVudHRlc3QvLl9pbmRl eC5waHBVWAgAbpZVV0qUVVdQSwECFQMKAAAAAAB3icZIAAAAAAAAAAAAAAAAEQAMAAAAAAAAAABA 7UGZBwAAZnJhZ21lbnR0ZXN0L25ldy9VWAgAjJJVV7KSVVdQSwECFQMUAAgACAAqicZIoxXfItgA AABMCQAAGwAMAAAAAAAAAABApIHYBwAAZnJhZ21lbnR0ZXN0L25ldy9pbmRleC5odG1sVVgIAICW VVcfklVXUEsBAhUDCgAAAAAAkIvGSAAAAAAAAAAAAAAAABoADAAAAAAAAAAAQP1BCQkAAF9fTUFD T1NYL2ZyYWdtZW50dGVzdC9uZXcvVVgIAJ+WVVefllVXUEsBAhUDFAAIAAgAKonGSMMXUjZdAAAA qwAAACYADAAAAAAAAAAAQKSBUQkAAF9fTUFDT1NYL2ZyYWdtZW50dGVzdC9uZXcvLl9pbmRleC5o dG1sVVgIAICWVVcfklVXUEsBAhUDCgAAAAAAlInGSAAAAAAAAAAAAAAAABEADAAAAAAAAAAAQO1B EgoAAGZyYWdtZW50dGVzdC9vbGQvVVgIAIaSVVfoklVXUEsBAhUDFAAIAAgAYYrGSI9LAiI3AAAA NQAAABoADAAAAAAAAAAAQKSBUQoAAGZyYWdtZW50dGVzdC9vbGQvaW5kZXgucGhwVVgIAICWVVdl lFVXUEsBAhUDCgAAAAAAkIvGSAAAAAAAAAAAAAAAABoADAAAAAAAAAAAQP1B4AoAAF9fTUFDT1NY L2ZyYWdtZW50dGVzdC9vbGQvVVgIAJ+WVVefllVXUEsBAhUDFAAIAAgAYYrGSMMXUjZdAAAAqwAA ACUADAAAAAAAAAAAQKSBKAsAAF9fTUFDT1NYL2ZyYWdtZW50dGVzdC9vbGQvLl9pbmRleC5waHBV WAgAgJZVV2WUVVdQSwUGAAAAAA8ADwDWBAAA6AsAAAAA 306291 2017-04-05 09:36:27 -0700 2017-04-07 10:18:29 -0700 Patch bug-158420-20170405093626.patch text/plain 5971 achristensen SW5kZXg6IFNvdXJjZS9XZWJDb3JlL0NoYW5nZUxvZwo9PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09Ci0tLSBTb3VyY2UvV2Vi Q29yZS9DaGFuZ2VMb2cJKHJldmlzaW9uIDIxNDk0NCkKKysrIFNvdXJjZS9XZWJDb3JlL0NoYW5n ZUxvZwkod29ya2luZyBjb3B5KQpAQCAtMSwzICsxLDE3IEBACisyMDE3LTA0LTA1ICBBbGV4IENo cmlzdGVuc2VuICA8YWNocmlzdGVuc2VuQHdlYmtpdC5vcmc+CisKKyAgICAgICAgVVJJIGZyYWdt ZW50IG9mIGxvY2F0aW9uIGhlYWRlciBub3QgYXBwZW5kZWQgaW4gY2FzZSBvZiBmdXJ0aGVyIHJl ZGlyZWN0CisgICAgICAgIGh0dHBzOi8vYnVncy53ZWJraXQub3JnL3Nob3dfYnVnLmNnaT9pZD0x NTg0MjAKKyAgICAgICAgPHJkYXI6Ly9wcm9ibGVtLzI2NjU0ODI4PgorCisgICAgICAgIFJldmll d2VkIGJ5IE5PQk9EWSAoT09QUyEpLgorCisgICAgICAgIENvdmVyZWQgYnkgYSB0ZXN0IGFkZGVk IGluIHIyMTQ4MDcuCisKKyAgICAgICAgKiBwbGF0Zm9ybS9VUkwuaDoKKyAgICAgICAgKiBwbGF0 Zm9ybS9uZXR3b3JrL21hYy9SZXNvdXJjZUhhbmRsZU1hYy5tbToKKyAgICAgICAgKFdlYkNvcmU6 OlJlc291cmNlSGFuZGxlOjp3aWxsU2VuZFJlcXVlc3QpOgorCiAyMDE3LTA0LTA1ICBDaHJpcyBE dW1leiAgPGNkdW1lekBhcHBsZS5jb20+CiAKICAgICAgICAgX2JsYW5rIC8gX3NlbGYgLyBfcGFy ZW50IC8gX3RvcCBicm93c2luZyBjb250ZXh0IG5hbWVzIHNob3VsZCBiZSBjYXNlLWluc2Vuc2l0 aXZlCkluZGV4OiBTb3VyY2UvV2ViQ29yZS9wbGF0Zm9ybS9VUkwuaAo9PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09Ci0tLSBT b3VyY2UvV2ViQ29yZS9wbGF0Zm9ybS9VUkwuaAkocmV2aXNpb24gMjE0OTQ0KQorKysgU291cmNl L1dlYkNvcmUvcGxhdGZvcm0vVVJMLmgJKHdvcmtpbmcgY29weSkKQEAgLTE1OSw3ICsxNTksNyBA QCBwdWJsaWM6CiAgICAgLy8gVVJMICh3aXRoIG5vdGhpbmcgYWZ0ZXIgaXQpLiBUbyBjbGVhciB0 aGUgcXVlcnksIHBhc3MgYSBudWxsIHN0cmluZy4KICAgICB2b2lkIHNldFF1ZXJ5KGNvbnN0IFN0 cmluZyYpOwogCi0gICAgdm9pZCBzZXRGcmFnbWVudElkZW50aWZpZXIoU3RyaW5nVmlldyk7Cisg ICAgV0VCQ09SRV9FWFBPUlQgdm9pZCBzZXRGcmFnbWVudElkZW50aWZpZXIoU3RyaW5nVmlldyk7 CiAgICAgdm9pZCByZW1vdmVGcmFnbWVudElkZW50aWZpZXIoKTsKIAogICAgIFdFQkNPUkVfRVhQ T1JUIGZyaWVuZCBib29sIGVxdWFsSWdub3JpbmdGcmFnbWVudElkZW50aWZpZXIoY29uc3QgVVJM JiwgY29uc3QgVVJMJik7CkluZGV4OiBTb3VyY2UvV2ViQ29yZS9wbGF0Zm9ybS9uZXR3b3JrL21h Yy9SZXNvdXJjZUhhbmRsZU1hYy5tbQo9PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09Ci0tLSBTb3VyY2UvV2ViQ29yZS9wbGF0 Zm9ybS9uZXR3b3JrL21hYy9SZXNvdXJjZUhhbmRsZU1hYy5tbQkocmV2aXNpb24gMjE0OTQ0KQor KysgU291cmNlL1dlYkNvcmUvcGxhdGZvcm0vbmV0d29yay9tYWMvUmVzb3VyY2VIYW5kbGVNYWMu bW0JKHdvcmtpbmcgY29weSkKQEAgLTQ3Myw2ICs0NzMsMTIgQEAgUmVzb3VyY2VSZXF1ZXN0IFJl c291cmNlSGFuZGxlOjp3aWxsU2VuZAogICAgIGQtPm1fbGFzdEhUVFBNZXRob2QgPSByZXF1ZXN0 Lmh0dHBNZXRob2QoKTsKICAgICByZXF1ZXN0LnJlbW92ZUNyZWRlbnRpYWxzKCk7CiAKKyAgICBp ZiAocmVkaXJlY3RSZXNwb25zZS51cmwoKS5oYXNGcmFnbWVudElkZW50aWZpZXIoKSAmJiAhcmVx dWVzdC51cmwoKS5oYXNGcmFnbWVudElkZW50aWZpZXIoKSkgeworICAgICAgICBhdXRvIHVybCA9 IHJlcXVlc3QudXJsKCk7CisgICAgICAgIHVybC5zZXRGcmFnbWVudElkZW50aWZpZXIocmVkaXJl Y3RSZXNwb25zZS51cmwoKS5mcmFnbWVudElkZW50aWZpZXIoKSk7CisgICAgICAgIHJlcXVlc3Qu c2V0VVJMKHVybCk7CisgICAgfQorCiAgICAgaWYgKCFwcm90b2NvbEhvc3RBbmRQb3J0QXJlRXF1 YWwocmVxdWVzdC51cmwoKSwgcmVkaXJlY3RSZXNwb25zZS51cmwoKSkpIHsKICAgICAgICAgLy8g VGhlIG5ldHdvcmsgbGF5ZXIgbWlnaHQgY2Fycnkgb3ZlciBzb21lIGhlYWRlcnMgZnJvbSB0aGUg b3JpZ2luYWwgcmVxdWVzdCB0aGF0CiAgICAgICAgIC8vIHdlIHdhbnQgdG8gc3RyaXAgaGVyZSBi ZWNhdXNlIHRoZSByZWRpcmVjdCBpcyBjcm9zcy1vcmlnaW4uCkluZGV4OiBTb3VyY2UvV2ViS2l0 Mi9DaGFuZ2VMb2cKPT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PQotLS0gU291cmNlL1dlYktpdDIvQ2hhbmdlTG9nCShyZXZp c2lvbiAyMTQ5NDYpCisrKyBTb3VyY2UvV2ViS2l0Mi9DaGFuZ2VMb2cJKHdvcmtpbmcgY29weSkK QEAgLTEsMyArMSwxNCBAQAorMjAxNy0wNC0wNSAgQWxleCBDaHJpc3RlbnNlbiAgPGFjaHJpc3Rl bnNlbkB3ZWJraXQub3JnPgorCisgICAgICAgIFVSSSBmcmFnbWVudCBvZiBsb2NhdGlvbiBoZWFk ZXIgbm90IGFwcGVuZGVkIGluIGNhc2Ugb2YgZnVydGhlciByZWRpcmVjdAorICAgICAgICBodHRw czovL2J1Z3Mud2Via2l0Lm9yZy9zaG93X2J1Zy5jZ2k/aWQ9MTU4NDIwCisgICAgICAgIDxyZGFy Oi8vcHJvYmxlbS8yNjY1NDgyOD4KKworICAgICAgICBSZXZpZXdlZCBieSBOT0JPRFkgKE9PUFMh KS4KKworICAgICAgICAqIE5ldHdvcmtQcm9jZXNzL2NvY29hL05ldHdvcmtEYXRhVGFza0NvY29h Lm1tOgorICAgICAgICAoV2ViS2l0OjpOZXR3b3JrRGF0YVRhc2tDb2NvYTo6d2lsbFBlcmZvcm1I VFRQUmVkaXJlY3Rpb24pOgorCiAyMDE3LTA0LTA0ICBDYXJsb3MgR2FyY2lhIENhbXBvcyAgPGNn YXJjaWFAaWdhbGlhLmNvbT4KIAogICAgICAgICBNb3ZlIFdlYkVycm9ycyBmcm9tIFdlYlByb2Nl c3MgdG8gU2hhcmVkIGFuZCBnZXQgcmlkIG9mIEVycm9yc0d0ayBpbiBXZWJDb3JlCkluZGV4OiBT b3VyY2UvV2ViS2l0Mi9OZXR3b3JrUHJvY2Vzcy9jb2NvYS9OZXR3b3JrRGF0YVRhc2tDb2NvYS5t bQo9PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09Ci0tLSBTb3VyY2UvV2ViS2l0Mi9OZXR3b3JrUHJvY2Vzcy9jb2NvYS9OZXR3 b3JrRGF0YVRhc2tDb2NvYS5tbQkocmV2aXNpb24gMjE0OTQ0KQorKysgU291cmNlL1dlYktpdDIv TmV0d29ya1Byb2Nlc3MvY29jb2EvTmV0d29ya0RhdGFUYXNrQ29jb2EubW0JKHdvcmtpbmcgY29w eSkKQEAgLTIwOSw2ICsyMDksMTIgQEAgdm9pZCBOZXR3b3JrRGF0YVRhc2tDb2NvYTo6d2lsbFBl cmZvcm1IVAogICAgIG1fcGFzc3dvcmQgPSB1cmwucGFzcygpOwogICAgIG1fbGFzdEhUVFBNZXRo b2QgPSByZXF1ZXN0Lmh0dHBNZXRob2QoKTsKICAgICByZXF1ZXN0LnJlbW92ZUNyZWRlbnRpYWxz KCk7CisKKyAgICBpZiAocmVkaXJlY3RSZXNwb25zZS51cmwoKS5oYXNGcmFnbWVudElkZW50aWZp ZXIoKSAmJiAhcmVxdWVzdC51cmwoKS5oYXNGcmFnbWVudElkZW50aWZpZXIoKSkgeworICAgICAg ICBhdXRvIHVybCA9IHJlcXVlc3QudXJsKCk7CisgICAgICAgIHVybC5zZXRGcmFnbWVudElkZW50 aWZpZXIocmVkaXJlY3RSZXNwb25zZS51cmwoKS5mcmFnbWVudElkZW50aWZpZXIoKSk7CisgICAg ICAgIHJlcXVlc3Quc2V0VVJMKHVybCk7CisgICAgfQogICAgIAogICAgIGlmICghcHJvdG9jb2xI b3N0QW5kUG9ydEFyZUVxdWFsKHJlcXVlc3QudXJsKCksIHJlZGlyZWN0UmVzcG9uc2UudXJsKCkp KSB7CiAgICAgICAgIC8vIFRoZSBuZXR3b3JrIGxheWVyIG1pZ2h0IGNhcnJ5IG92ZXIgc29tZSBo ZWFkZXJzIGZyb20gdGhlIG9yaWdpbmFsIHJlcXVlc3QgdGhhdApJbmRleDogTGF5b3V0VGVzdHMv Q2hhbmdlTG9nCj09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT0KLS0tIExheW91dFRlc3RzL0NoYW5nZUxvZwkocmV2aXNpb24g MjE0OTQ2KQorKysgTGF5b3V0VGVzdHMvQ2hhbmdlTG9nCSh3b3JraW5nIGNvcHkpCkBAIC0xLDMg KzEsMTUgQEAKKzIwMTctMDQtMDUgIEFsZXggQ2hyaXN0ZW5zZW4gIDxhY2hyaXN0ZW5zZW5Ad2Vi a2l0Lm9yZz4KKworICAgICAgICBVUkkgZnJhZ21lbnQgb2YgbG9jYXRpb24gaGVhZGVyIG5vdCBh cHBlbmRlZCBpbiBjYXNlIG9mIGZ1cnRoZXIgcmVkaXJlY3QKKyAgICAgICAgaHR0cHM6Ly9idWdz LndlYmtpdC5vcmcvc2hvd19idWcuY2dpP2lkPTE1ODQyMAorICAgICAgICA8cmRhcjovL3Byb2Js ZW0vMjY2NTQ4Mjg+CisKKyAgICAgICAgUmV2aWV3ZWQgYnkgTk9CT0RZIChPT1BTISkuCisKKyAg ICAgICAgKiBwbGF0Zm9ybS9pb3MvVGVzdEV4cGVjdGF0aW9uczoKKyAgICAgICAgKiBwbGF0Zm9y bS9tYWMvVGVzdEV4cGVjdGF0aW9uczoKKyAgICAgICAgVGhlIHRlc3QgQ2FybG9zIGFkZGVkIGlu IHIyMTQ4MDcgcGFzc2VzIG9uIENvY29hIHBsYXRmb3JtcyBub3chCisKIDIwMTctMDQtMDUgIEph dmllciBGZXJuYW5kZXogIDxqZmVybmFuZGV6QGlnYWxpYS5jb20+CiAKICAgICAgICAgW0dUS10g VW5yZXZpZXdlZCB0ZXN0cyBnYXJkZW5pbmcKSW5kZXg6IExheW91dFRlc3RzL3BsYXRmb3JtL2lv cy9UZXN0RXhwZWN0YXRpb25zCj09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT0KLS0tIExheW91dFRlc3RzL3BsYXRmb3JtL2lv cy9UZXN0RXhwZWN0YXRpb25zCShyZXZpc2lvbiAyMTQ5NDQpCisrKyBMYXlvdXRUZXN0cy9wbGF0 Zm9ybS9pb3MvVGVzdEV4cGVjdGF0aW9ucwkod29ya2luZyBjb3B5KQpAQCAtMjkzMSw1ICsyOTMx LDMgQEAgZmFzdC9jc3MtZ2VuZXJhdGVkLWNvbnRlbnQvaW5pdGlhbC1sZXR0ZQogZmFzdC9jc3Mt Z2VuZXJhdGVkLWNvbnRlbnQvaW5pdGlhbC1sZXR0ZXItcGFnaW5hdGlvbi1zdW5rZW4uaHRtbCBb IFNraXAgXQogZmFzdC9jc3MtZ2VuZXJhdGVkLWNvbnRlbnQvaW5pdGlhbC1sZXR0ZXItcGFnaW5h dGlvbi1yYWlzZWQtcmwuaHRtbCBbIFNraXAgXQogZmFzdC9jc3MtZ2VuZXJhdGVkLWNvbnRlbnQv aW5pdGlhbC1sZXR0ZXItcGFnaW5hdGlvbi1zdW5rZW4tcmwuaHRtbCBbIFNraXAgXQotCi13ZWJr aXQub3JnL2IvMTU4NDIwIGh0dHAvdGVzdHMvbmF2aWdhdGlvbi9yZWRpcmVjdC10by1mcmFnbWVu dDIuaHRtbCBbIEZhaWx1cmUgXQpJbmRleDogTGF5b3V0VGVzdHMvcGxhdGZvcm0vbWFjL1Rlc3RF eHBlY3RhdGlvbnMKPT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PQotLS0gTGF5b3V0VGVzdHMvcGxhdGZvcm0vbWFjL1Rlc3RF eHBlY3RhdGlvbnMJKHJldmlzaW9uIDIxNDk0NCkKKysrIExheW91dFRlc3RzL3BsYXRmb3JtL21h Yy9UZXN0RXhwZWN0YXRpb25zCSh3b3JraW5nIGNvcHkpCkBAIC0xNTY5LDggKzE1NjksNiBAQCB3 ZWJraXQub3JnL2IvMTY4MTMyIGh0dHAvdGVzdHMveG1saHR0cHJlCiAKIHdlYmtpdC5vcmcvYi8x Njk4MzggWyBSZWxlYXNlIF0gZmFzdC93b3JrZXJzL3dvcmtlci1jbG9zZS1tb3JlLmh0bWwgWyBQ YXNzIFRpbWVvdXQgXQogCi13ZWJraXQub3JnL2IvMTU4NDIwIGh0dHAvdGVzdHMvbmF2aWdhdGlv bi9yZWRpcmVjdC10by1mcmFnbWVudDIuaHRtbCBbIEZhaWx1cmUgXQotCiB3ZWJraXQub3JnL2Iv MTcwMTc3IGZhc3QvaW1hZ2VzL3Jlc2V0LWltYWdlLWFuaW1hdGlvbi5odG1sIFsgUGFzcyBGYWls dXJlIF0KIAogd2Via2l0Lm9yZy9iLzE2ODM5MCBmYXN0L2ltYWdlcy9zbG93ZXItYW5pbWF0aW9u LXRoYW4tZGVjb2RpbmctaW1hZ2UuaHRtbCBbIFBhc3MgRmFpbHVyZSBdCg==