35824 2010-03-05 17:51:23 -0800 Relax 3rd party cookie policy in certain cases 2010-03-10 10:52:53 -0800 1 1 1 Unclassified WebKit Page Loading 528+ (Nightly build) All All RESOLVED FIXED InRadar P2 Normal --- 1 beidson beidson abarth ap eric fishd mjs opendarwin oldest_to_newest 196830 0 beidson 2010-03-05 17:51:23 -0800 Currently the default WebKit + CFNetwork 3rd party cookie policy prevents any changes to non-1st party cookies. This is to prevent undesirable user tracking from 3rd parties. We should relax this policy a tad to allow setting 3rd party cookies when the 3rd party in question already has a cookie set. This shouldn't actually open up any new tracking vectors but will fix certain real world compatibility issues. Since the policy is only implemented by CFNetwork on Mac and Windows, and Mac + Windows only patch to WebCore is upcoming. 196831 1 beidson 2010-03-05 17:52:11 -0800 <rdar://problem/7163012> 196833 2 50145 beidson 2010-03-05 17:59:56 -0800 Created attachment 50145 Fix for Mac + Win Fix by setting the first party url for a request to the url of the request itself if we mean to relax the policy for that particular request. 196871 3 50145 mitz 2010-03-06 00:50:43 -0800 Comment on attachment 50145 Fix for Mac + Win > - CFURLRequestSetHTTPCookieStorageAcceptPolicy(newRequest, CFHTTPCookieStorageGetCookieAcceptPolicy(cookieStorage)); > + > + int policy = CFHTTPCookieStorageAcceptPolicy(cookieStorage); I think you meant to use CFHTTPCookieStorageGetCookieAcceptPolicy()! This is just casting cookieStorage to a CFHTTPCookieStorageAcceptPolicy, which happens to be int. So this should be CFHTTPCookieStorageAcceptPolicy policy = CFHTTPCookieStorageGetCookieAcceptPolicy(cookieStorage); I didn’t review the rest of the patch, but r- based on that. Sorry. 196926 4 beidson 2010-03-06 11:25:47 -0800 > I didn’t review the rest of the patch. Awwwwww.... 197216 5 50232 beidson 2010-03-08 10:15:19 -0800 Created attachment 50232 Fix for Mac + Win (tested on Windows, now) 197219 6 50232 andersca 2010-03-08 10:24:50 -0800 Comment on attachment 50232 Fix for Mac + Win (tested on Windows, now) > if (CFHTTPCookieStorageRef cookieStorage = currentCookieStorage()) { > CFURLRequestSetHTTPCookieStorage(newRequest, cookieStorage); > - CFURLRequestSetHTTPCookieStorageAcceptPolicy(newRequest, CFHTTPCookieStorageGetCookieAcceptPolicy(cookieStorage)); > + CFHTTPCookieStorageAcceptPolicy policy = CFHTTPCookieStorageGetCookieAcceptPolicy(cookieStorage); > + CFURLRequestSetHTTPCookieStorageAcceptPolicy(newRequest, policy); > + if (policy == CFHTTPCookieStorageAcceptPolicyOnlyFromMainDocumentDomain) { You should add the same comment here that you added in ResourceHandleMac.mm. Have you tried this on Tiger as well? r=me 197220 7 beidson 2010-03-08 10:30:35 -0800 Thanks! (In reply to comment #6) > > Have you tried this on Tiger as well? > No, but the APIs used are documented as having existed since 10.2.7 so I'll trust in the bots to confirm or deny. 197231 8 beidson 2010-03-08 10:50:17 -0800 Fixed in http://trac.webkit.org/changeset/55672 197232 9 beidson 2010-03-08 10:50:17 -0800 Fixed in http://trac.webkit.org/changeset/55672 197269 10 fishd 2010-03-08 12:26:52 -0800 I'm confused by the change. It seems like this change would allow a third-party site to do things like increment a visitation counter. Doesn't that go against the privacy goals of blocking third-party cookies? Do you have a list of popular websites for which this change helps? 197273 11 beidson 2010-03-08 12:36:21 -0800 (In reply to comment #10) > I'm confused by the change. It seems like this change would allow a > third-party site to do things like increment a visitation counter. Doesn't > that go against the privacy goals of blocking third-party cookies? If you already have a cookie set, you can implement a server-side visit counter. > Do you have a list of popular websites for which this change helps? Facebook, and many Windows Live ID enabled sites. 197305 12 opendarwin 2010-03-08 13:56:20 -0800 I see several problems here. First, there's this bug: https://bugs.webkit.org/show_bug.cgi?id=26391 So, you visit a site with third-party Flash content, and unbeknownst to you, a third-party cookie gets set. Combined with the change here, it basically becomes anything goes for third-party cookies, as long as they can get that first cookie on your machine somehow. Second, Brady, when you say, "If you already have a cookie set, you can implement a server-side visit counter", I don't think this is true of any old cookie. It's only true of a uniquely identifying cookie. Suppose you visit a site, set some kind of site-specific preference (e.g., location, language, color scheme, sorting, filtering), leave the site, and then delete all of the site's cookies except the one containing the site-specific preference you're interested in. Then you have a cookie for the site on your machine, but it's not a tracking cookie. However, combined with the change here, you're now allowing any cookies to be set for that domain even when you're not visiting the site directly. 197313 13 beidson 2010-03-08 14:23:56 -0800 (In reply to comment #12) > I see several problems here. First, there's this bug: > > https://bugs.webkit.org/show_bug.cgi?id=26391 > > So, you visit a site with third-party Flash content, and unbeknownst to you, a > third-party cookie gets set. Combined with the change here, it basically > becomes anything goes for third-party cookies, as long as they can get that > first cookie on your machine somehow. This argument basically says "they can get a cookie on your machine anyway" which implicitly argues that WebKit's cookie policy is irrelevant. That said, we plan on fixing this hole. > Second, Brady, when you say, "If you already have a cookie set, you can > implement a server-side visit > counter", I don't think this is true of any old cookie. It's only true of a > uniquely identifying cookie. Possibly. Depending on the setup of a particular ad provider's content, they may or may not be able to gleam additional information through the content requested. There'd certainly be no way for WebKit to tell whether a cookie is "uniquely identifying" or not. > Suppose you visit a site, set some kind of site-specific preference (e.g., > location, language, color scheme, sorting, filtering), leave the site, and then > delete all of the site's cookies except the one containing the site-specific > preference you're interested in. Then you have a cookie for the site on your > machine, but it's not a tracking cookie. However, combined with the change > here, you're now allowing any cookies to be set for that domain even when > you're not visiting the site directly. This is a *very* uncommon power-user scenario. If you're managing individual cookies such as "preferred language" or "color scheme", we're probably talking about a site that you visit as a first party and not some 3rd party advertiser that you're concerned is tracking you as a 3rd party. 197326 14 abarth 2010-03-08 14:41:37 -0800 I'm sorry I didn't see this bug earlier. This change is lame. You're right that third-party cookie blocking isn't 100% effective, but when thinking about the feature, you can't think of it as a security feature (because its not a security feature). It's a privacy feature. Anyway, this change basically makes third-party cookie blocking toothless. You might as well just turn it off. 197328 15 mjs 2010-03-08 14:52:39 -0800 (In reply to comment #14) > I'm sorry I didn't see this bug earlier. This change is lame. You're right > that third-party cookie blocking isn't 100% effective, but when thinking about > the feature, you can't think of it as a security feature (because its not a > security feature). It's a privacy feature. > > Anyway, this change basically makes third-party cookie blocking toothless. You > might as well just turn it off. I agree that it's a privacy feature. I think the Flash loophole is a red herring and is something we should fix separately. Do you think being able to update a pre-existing cookie is significantly more "lame" than being able to track you via a pre-existing cookie that isn't updated? It's true that there may be a privacy delta if the original cookie doesn't uniquely identify the user, however, third-party cookie blocking is targeted at users who don't carefully manage their cookies by hand. 197330 16 abarth 2010-03-08 14:57:47 -0800 IMHO, we should make this feature stronger by blocking both read and writing cookies in a third-party context. That would have the benefit of blocking tracking even if the user has already interacted with the site in a first-party context. You still won't be able to stop cooperative tracking (where the first-party and the third-party collude to track the user), but you'll be much better off again non-cooperative tracking. 197331 17 beidson 2010-03-08 15:00:04 -0800 (In reply to comment #16) > IMHO, we should make this feature stronger by blocking both read and writing > cookies in a third-party context. That would have the benefit of blocking > tracking even if the user has already interacted with the site in a first-party > context. You still won't be able to stop cooperative tracking (where the > first-party and the third-party collude to track the user), but you'll be much > better off again non-cooperative tracking. Users use some sites as both a 1st and 3rd party and expect it to work. For example, facebook.com and facebook connect enabled sites. IE/Firefox/Opera would all work but WebKit browsers wouldn't. You want this real world incompatibility? 197344 18 mjs 2010-03-08 15:21:45 -0800 (In reply to comment #16) > IMHO, we should make this feature stronger by blocking both read and writing > cookies in a third-party context. That would have the benefit of blocking > tracking even if the user has already interacted with the site in a first-party > context. You still won't be able to stop cooperative tracking (where the > first-party and the third-party collude to track the user), but you'll be much > better off again non-cooperative tracking. We could do that. But that would be a different feature, one we probably could not ship by default, because it would break too many features that users see as legitimate (such as Facebook Connect). Regards, Maciej 197350 19 mjs 2010-03-08 15:25:54 -0800 (In reply to comment #18) > (In reply to comment #16) > > IMHO, we should make this feature stronger by blocking both read and writing > > cookies in a third-party context. That would have the benefit of blocking > > tracking even if the user has already interacted with the site in a first-party > > context. You still won't be able to stop cooperative tracking (where the > > first-party and the third-party collude to track the user), but you'll be much > > better off again non-cooperative tracking. > > We could do that. But that would be a different feature, one we probably could > not ship by default, because it would break too many features that users see as > legitimate (such as Facebook Connect). > By the way, it may be that the weakened third-party cookie blocking is too weak to have at all. I do think it would typically stop, say, doubleclick.net from tracking you (assuming we fix the Flash loophole), but not sites that most users also interact with as a first party, such as google.com of facebook.com. That's more or less the same as the current default policy, though. The only difference is for users who have carefully hand-pruned their cookies down to ones that are useful but which do not uniquely identify them. We could certainly consider adding a non-default policy that is worse for compatibility but better for privacy, though not as much as blocking all cookies. That might be better for the sort of user who would carefully go over his or her cookies and handpick which ones to keep. 197354 20 abarth 2010-03-08 15:27:39 -0800 I wrote the below before Maciej wrote his comments. It seems we're pretty much in agreement. === > You want this real world incompatibility? Alright, I'm regretting stepping into the morass that is third-party cookie blocking. The overarching problem is that third-party cookie blocking can't actually provide decent privacy benefits without breaking sites. We can machinate around the privacy / compatibility trade-off forever. Compatibility always has a stronger pull because you can see that XYZ works after you bolster compatibility whereas you don't see the privacy costs because they're harder to measure. There are essentially three reasonable design points for third-party cookie blocking 1) Block writing in third-party contexts. 2) Block reading in third-party contexts. 3) Block reading and writing in third-party contexts. with roughly increasing security benefits. WebKit already has a number of hacks to try to improve the compatibility of (1), which end up making the web platform more complex. For example, forms submitted from third-party context have the cookie blocking ban lifted. That means that an advertiser who wants to track users can just use form submissions instead of using other kinds of loads. At some level, the problem is that we have third-party cookie blocking on by default. That means that we're forcing everyone to give up compatibility to gain some amount of privacy. That means we get pushed harder by every compatibility problem and end up doing a diservice to folks who have stronger privacy goals. If we turned off third-party cookie blocking by default, we'd gain the following benefits: 1) The web platform would be more predictable because the default behavior would be much simpler. 2) Folks who care more about privacy end up with a privacy/compatibility trade off that better suits their desires because they aren't forced to make compromises on behalf of the proletariat. 197370 21 mjs 2010-03-08 15:41:37 -0800 (In reply to comment #20) > > There are essentially three reasonable design points for third-party cookie > blocking > > 1) Block writing in third-party contexts. > 2) Block reading in third-party contexts. > 3) Block reading and writing in third-party contexts. > > with roughly increasing security benefits. WebKit already has a number of > hacks to try to improve the compatibility of (1), which end up making the web > platform more complex. For example, forms submitted from third-party context > have the cookie blocking ban lifted. That means that an advertiser who wants > to track users can just use form submissions instead of using other kinds of > loads. > > At some level, the problem is that we have third-party cookie blocking on by > default. That means that we're forcing everyone to give up compatibility to > gain some amount of privacy. That means we get pushed harder by every > compatibility problem and end up doing a diservice to folks who have stronger > privacy goals. If we turned off third-party cookie blocking by default, we'd > gain the following benefits: > > 1) The web platform would be more predictable because the default behavior > would be much simpler. > 2) Folks who care more about privacy end up with a privacy/compatibility trade > off that better suits their desires because they aren't forced to make > compromises on behalf of the proletariat. We'll consider adding a stronger cookie blocking mode, though I think it would likely require CFNetwork changes to implement it on Mac, and UI approval to make it a visible option in Safari's UI (other browsers are of course free to pick their own defaults). It's probably more useful for "power users" than 100% cookie blocking. We'd certainly take patches to support the concept of that mode in WebKit. I think the weak third-party blocking is still useful and viable as a default option, even if there is also stronger cookie blocking available. If it provides a smaller privacy benefit but achieves much better Web compatibility, then it's still a benefit to the vast majority of users who will never change their preferences. I am not yet convinced that the privacy benefit is completely nonexistent. I'm also not convinced that the level of complexity in the restrictions is so high as to negate the user benefit for users running with default settings. More relevant to the immediate situation, I think the patch for this bug does not substantially affect the level of privacy benefit that third-party cookie blocking provides. Your argument above does not seem to justify your earlier comment that "this change is lame". For the issues of creating a new stronnger cookie policy, I think a separate bug is called for. For the possibility of changing Safari's default settings, that should be filed at bugreport.apple.com (or we can bring it up ourselves with the relevant security and HI folks). 197378 22 abarth 2010-03-08 15:57:16 -0800 > More relevant to the immediate situation, I think the patch for this bug does > not substantially affect the level of privacy benefit that third-party cookie > blocking provides. Your argument above does not seem to justify your earlier > comment that "this change is lame". Well, the change is lame: + CFURLRequestSetMainDocumentURL(newRequest, url); That line isn't correct. The main document URL isn't |url|. To the extent that things besides cookie blocking are using the main document URL, they'll get the wrong answer. Also, w.r.t. <http://code.google.com/p/chromium/issues/detail?id=37684>, I'm not sure I'd recommend that Chrome loosen its non-default, block-on-write third party cookie policy to match this new behavior because the compatibility cost isn't as acute. That means Chrome and Safari's third-party cookie policies will likely diverge, which is bad for the web platform. 197379 23 beidson 2010-03-08 16:01:21 -0800 (In reply to comment #22) > > More relevant to the immediate situation, I think the patch for this bug does > > not substantially affect the level of privacy benefit that third-party cookie > > blocking provides. Your argument above does not seem to justify your earlier > > comment that "this change is lame". > > Well, the change is lame: > > + CFURLRequestSetMainDocumentURL(newRequest, url); > > That line isn't correct. The main document URL isn't |url|. To the extent > that things besides cookie blocking are using the main document URL, they'll > get the wrong answer. Nothing in our networking layer uses the main document url for anything besides determining 3rd party cookie policy. > > Also, w.r.t. <http://code.google.com/p/chromium/issues/detail?id=37684>, I'm > not sure I'd recommend that Chrome loosen its non-default, block-on-write third > party cookie policy to match this new behavior because the compatibility cost > isn't as acute. That means Chrome and Safari's third-party cookie policies > will likely diverge, which is bad for the web platform. In that bug, the reporter mentions "for all I know, chrome already has this relaxed behavior?" Does it? > I'm not sure I'd recommend that Chrome loosen its non-default, block-on-write third > party cookie policy to match this new behavior because the compatibility cost > isn't as acute. I don't understand how - if the cookie policies of Chrome and shipping Safari/WebKit are identical - that Chrome doesn't have the same facebook.com vs Facebook connect website incompatibility. Can you explain how it doesn't? 197380 24 opendarwin 2010-03-08 16:08:14 -0800 (In reply to comment #21) > We'll consider adding a stronger cookie blocking mode, though I think it would > likely require CFNetwork changes to implement it on Mac, and UI approval to > make it a visible option in Safari's UI (other browsers are of course free to > pick their own defaults). It's probably more useful for "power users" than 100% > cookie blocking. We'd certainly take patches to support the concept of that > mode in WebKit. I would be in favor of this. What CFNetwork changes do you envision that aren't already handled by -[NSMutableURLRequest setMainDocumentURL:] and -[NSMutableURLRequest setHTTPShouldHandleCookies:]? 197381 25 beidson 2010-03-08 16:11:20 -0800 (In reply to comment #24) > (In reply to comment #21) > > We'll consider adding a stronger cookie blocking mode, though I think it would > > likely require CFNetwork changes to implement it on Mac, and UI approval to > > make it a visible option in Safari's UI (other browsers are of course free to > > pick their own defaults). It's probably more useful for "power users" than 100% > > cookie blocking. We'd certainly take patches to support the concept of that > > mode in WebKit. > > I would be in favor of this. What CFNetwork changes do you envision that aren't > already handled by -[NSMutableURLRequest setMainDocumentURL:] and > -[NSMutableURLRequest setHTTPShouldHandleCookies:]? The proposal for the FOURTH cookie mode is "Don't send or accept any cookie from 3rd parties" Yes, setting the main document URL is necessary to specify who the 1st party is. But CFNetwork doesn't currently have the 4th mode. 197386 26 abarth 2010-03-08 16:19:51 -0800 > Nothing in our networking layer uses the main document url for anything besides > determining 3rd party cookie policy. Isn't it a layering violation to know that? (Although I've never understood why a URL request should know anything about documents, much less main documents, so I might not understand the layering abstractions here.) Regardless of what we use the field for currently, that line of code is, on it's face, inaccurate. > > > Also, w.r.t. <http://code.google.com/p/chromium/issues/detail?id=37684>, I'm > > not sure I'd recommend that Chrome loosen its non-default, block-on-write third > > party cookie policy to match this new behavior because the compatibility cost > > isn't as acute. That means Chrome and Safari's third-party cookie policies > > will likely diverge, which is bad for the web platform. > > In that bug, the reporter mentions "for all I know, chrome already has this > relaxed behavior?" > > Does it? As far as I know, previous to this change, Chrome's third-party cookie blocking matches Safari's. Chrome has a "default deny" implementation, so it takes a while to flesh out all the bugs w.r.t. URL requests from plug-ins, workers, etc, but the intent is/was to match Safari identically. > > I'm not sure I'd recommend that Chrome loosen its non-default, block-on-write third > > party cookie policy to match this new behavior because the compatibility cost > > isn't as acute. > > I don't understand how - if the cookie policies of Chrome and shipping > Safari/WebKit are identical - that Chrome doesn't have the same facebook.com vs > Facebook connect website incompatibility. Can you explain how it doesn't? Is that an issue fixed by this patch? I see a vague reference above that this patch helps Facebook, but nothing specific about Facebook connect. The broader answer is that because the feature is not enabled by default, Chrome's incentives are to balance the privacy/compatibility trade off in the direction of privacy because the folks who turn this feature on want better privacy. (Whether the feature actually delivers what they want is a separate question.) Maciej would tell me that I shouldn't be writing these posts without a goal in mind. I'm not sure I have a specific goal. I don't see how you can avoid the gravitational pull of fixing the compatibility issue at hand given the current equilibrium. However, there's another equilibrium that's a better global social optimum and this is a step in the opposite direction. 197389 27 opendarwin 2010-03-08 16:27:38 -0800 (In reply to comment #25) > (In reply to comment #24) > > (In reply to comment #21) > > > We'll consider adding a stronger cookie blocking mode, though I think it would > > > likely require CFNetwork changes to implement it on Mac, and UI approval to > > > make it a visible option in Safari's UI (other browsers are of course free to > > > pick their own defaults). It's probably more useful for "power users" than 100% > > > cookie blocking. We'd certainly take patches to support the concept of that > > > mode in WebKit. > > > > I would be in favor of this. What CFNetwork changes do you envision that aren't > > already handled by -[NSMutableURLRequest setMainDocumentURL:] and > > -[NSMutableURLRequest setHTTPShouldHandleCookies:]? > > The proposal for the FOURTH cookie mode is "Don't send or accept any cookie > from 3rd parties" > > Yes, setting the main document URL is necessary to specify who the 1st party > is. > > But CFNetwork doesn't currently have the 4th mode. I apologize if I'm misunderstanding something, but my assumption was that this would be a WebKit preference rather than an additional NSHTTPCookieAcceptPolicy. The issue here seems to be a dispute over WebKit logic rather than a deficiency in CFNetwork code. One possible implementation of the 'strict' WebKit cookie preference would be simply to call setHTTPShouldHandleCookies:NO for 3rd-party URL requests. 197401 28 beidson 2010-03-08 16:53:23 -0800 I'll send two separate replies, as one is objective and the other a point of debate. (In reply to comment #26) > > Nothing in our networking layer uses the main document url for anything besides > > determining 3rd party cookie policy. > > Isn't it a layering violation to know that? (Although I've never understood > why a URL request should know anything about documents, much less main > documents, so I might not understand the layering abstractions here.) > Regardless of what we use the field for currently, that line of code is, on > it's face, inaccurate. Well, it's certainly no secret what the API is for: http://developer.apple.com/mac/library/DOCUMENTATION/Cocoa/Reference/Foundation/Classes/NSURLRequest_Class/Reference/Reference.html#//apple_ref/occ/instm/NSURLRequest/mainDocumentURL http://developer.apple.com/mac/library/DOCUMENTATION/Cocoa/Reference/Foundation/Classes/NSMutableURLRequest_Class/Reference/Reference.html#//apple_ref/occ/instm/NSMutableURLRequest/setMainDocumentURL: Only VERY recently was this field renamed to "firstPartyForCookies" in WebCore. That is certainly a more accurate name. Imagine we could rename existing API. Lets pretend instead of: CFURLRequestSetMainDocumentURL(newRequest, url); ... the line of code read: CFURLRequestSetFirstPartyForHTTPCookies(newRequest, url); Would it then still be incorrect? That line of code says "I want the networking layer to make 3rd party cookie policy decisions as if the 1st party was this URL", and that is intended. I think the only problem is that the Mac/Windows ports implement this new policy using unfortunately named API. We'll try to get it changed in future releases but that's an Apple internal matter. 197406 29 beidson 2010-03-08 17:13:24 -0800 (In reply to comment #26) > Maciej would tell me that I shouldn't be writing these posts without a goal in > mind. I'm not sure I have a specific goal. I don't see how you can avoid the > gravitational pull of fixing the compatibility issue at hand given the current > equilibrium. However, there's another equilibrium that's a better global > social optimum and this is a step in the opposite direction. I think what you're trying to say is that you (and Chrome) would actually like to see this policy be more strict - no read, no write - and therefore move up into a new sphere of privacy. And therefore you're disappointed in the conditional relaxation of it. Disappointment noted. Since moving into that new sphere of privacy would also involve moving into a new sphere of incompatibility, Safari can't accept that change to its default cookie policy (for the same reasons that Chrome would probably be unwilling to make it the default there). Also... (In reply to comment #22) > That means Chrome and Safari's third-party cookie policies > will likely diverge, which is bad for the web platform. This change makes Safari's DEFAULT cookie policy MORE compatible with the web platform. I think this hyperbole unnecessarily limits the conversation by assuming as fact that there can only be a single 3rd party cookie policy in a browser. Why can't a browser have the following 4 policies, listed by order of decreasing privacy: 1 - Accept all cookies. An option in all browsers, and default for most users today. Least amount of privacy. Best compatibility. 2 - Send 3rd party cookies, but don't accept new ones. Default in Safari. A small privacy increase over option #1. Less compatibility. 3 - Don't send or receive 3rd party cookies. Not currently implemented in any browser. Definitely more privacy than #2. Definitely worse compatibility. 4 - Never accept any cookies. An option in most (all?) browsers, will always be there for the truly paranoid. Absolute privacy (cookie-wise...) but also tons of broken websites. Only #1 (most) and #2 (only Safari) are the default in major browsers. How would tweaking #2 and adding the optional #3 be any worse for the web than what is already out there now? Would Chrome having all 4 of these options be any worse for the web than having only 3 of them? Would Safari having all 4 of these options be any worse for the web than having only 3 of them. 197408 30 beidson 2010-03-08 17:13:54 -0800 Maybe this discussion needs to move to webkit-dev - we're way past the scope of this bug at this point. 197417 31 abarth 2010-03-08 17:59:22 -0800 > Only VERY recently was this field renamed to "firstPartyForCookies" in WebCore. Yeah, I made that change after noticing a number of places in Chrome that were using the value assuming it had more natural semantics. > I think the only problem is that the Mac/Windows ports implement this new > policy using unfortunately named API. IMHO, the networking layer should expose two flags: 1) Allow reading of cookies. 2) Allow writing of cookies. The client can then mix and match those to its hearts content. I've never really completely understood how redirects are handled, but I assume we'll get a chance to twiddle the mainDocumentURL at this codepoint on redirects (otherwise the patch has correctness issues). BTW, does this patch affect the behavior of document.cookie, or just cookies received over the network? > I think what you're trying to say is that you (and Chrome) would actually like > to see this policy be more strict - no read, no write - and therefore move up > into a new sphere of privacy. And therefore you're disappointed in the > conditional relaxation of it. > > Disappointment noted. I'll need to think carefully about balancing our desire to keep WebKit a unified platform with the privacy costs (which I don't have a concrete way to measure). > > That means Chrome and Safari's third-party cookie policies > > will likely diverge, which is bad for the web platform. > > This change makes Safari's DEFAULT cookie policy MORE compatible with the web > platform. I think this hyperbole unnecessarily limits the conversation by > assuming as fact that there can only be a single 3rd party cookie policy in a > browser. > > Why can't a browser have the following 4 policies, listed by order of > decreasing privacy: Chrome actually used to have exactly those settings. Under pressure from confused users and the UX team, we simplified the options to (1), (2), and (4). > Only #1 (most) and #2 (only Safari) are the default in major browsers. How > would tweaking #2 and adding the optional #3 be any worse for the web than what > is already out there now? The main issue is that it increases the complexity and reduces the stability of the web platform. For example, have you compared the behavior here to Firefox's third-party cookie blocking? What about IE? How is a web developer supposed to make their web site work in the face of all these fractured cookie policies? Proximately, it improves compatibility in these cases, but in the long run, it introduces structural compatibility problems between browsers. > Would Chrome having all 4 of these options be any > worse for the web than having only 3 of them? Would Safari having all 4 of > these options be any worse for the web than having only 3 of them. Every option has a cost because it increases complexity and expands the testing matrix for web developers. In reality, the testing matrix is already too big, which is why we're seeing compatibility problems with Safari's default behavior. Surely the long-term solution to compatibility problems is to increase interoperability among browsers rather than reduce it. 197421 32 mjs 2010-03-08 19:09:20 -0800 (In reply to comment #24) > (In reply to comment #21) > > We'll consider adding a stronger cookie blocking mode, though I think it would > > likely require CFNetwork changes to implement it on Mac, and UI approval to > > make it a visible option in Safari's UI (other browsers are of course free to > > pick their own defaults). It's probably more useful for "power users" than 100% > > cookie blocking. We'd certainly take patches to support the concept of that > > mode in WebKit. > > I would be in favor of this. What CFNetwork changes do you envision that aren't > already handled by -[NSMutableURLRequest setMainDocumentURL:] and > -[NSMutableURLRequest setHTTPShouldHandleCookies:]? It might be possible to implement an additional mode purely in WebKit without CFNetwork changes. If so, we'll take patches. Though exposing that mode in the Safari preferences UI would be gated on Apple. 197442 33 mjs 2010-03-08 21:00:54 -0800 (In reply to comment #26) > > > > I don't understand how - if the cookie policies of Chrome and shipping > > Safari/WebKit are identical - that Chrome doesn't have the same facebook.com vs > > Facebook connect website incompatibility. Can you explain how it doesn't? > > Is that an issue fixed by this patch? I see a vague reference above that this > patch helps Facebook, but nothing specific about Facebook connect. Brady is probably hesitant to say what the specific issue is, since it was originally reported via Apple-internal channels. I'll make the call that it's worth saying what the bug actually is, since I'm sure external folks using Safari enough have experienced it. If a user is logged into Facebook, then under shipping Safari's default cookie policy, if they visit a Facebook connect site twice with a separation of an hour (or so), they will be logged out the next time they visit facebook.com. That's because Facebook attempts to refresh the login cookie fairly frequently, but the default cookie policy was preventing it from updating it. Note that it's not at all obvious *why* the logout happened - it took us an immense amount of debugging to narrow this down, starting with reports that just said "sometimes I randomly get logged out of facebook." We also believe this change will fix other bugs with the current policy, where sites attempt to log the user out by overwriting an existing cookie with an expired one. Granted, we could address those cases with a much narrower exception. > Maciej would tell me that I shouldn't be writing these posts without a goal in > mind. I'm not sure I have a specific goal. I don't see how you can avoid the > gravitational pull of fixing the compatibility issue at hand given the current > equilibrium. However, there's another equilibrium that's a better global > social optimum and this is a step in the opposite direction. I think it's fine to post without a goal in mind, but probably bug comments are not the best place. Might be good to discuss this on webkit-dev. 197472 34 abarth 2010-03-08 23:24:51 -0800 Oh, that's an interesting bug. Thanks for explaining. 198202 35 eric 2010-03-10 10:39:47 -0800 http/tests/cookies/third-party-cookie-relaxing.html -> failed is occasionally failing on the commit-bot when testing "does trunk actually build and test" which is done before applying the patch for commit. This may be a more recent regression than this bug, or it may be flakey from this original checkin. 198205 36 eric 2010-03-10 10:42:09 -0800 Looks like the new flakiness is from bug 26391. 198208 37 beidson 2010-03-10 10:47:54 -0800 (In reply to comment #36) > Looks like the new flakiness is from bug 26391. Please delete the ~/Library/Cookies/Cookies.plist file from whatever bot this is that's failing to clear the failure. 198213 38 eric 2010-03-10 10:52:53 -0800 (In reply to comment #37) > (In reply to comment #36) > > Looks like the new flakiness is from bug 26391. > > Please delete the ~/Library/Cookies/Cookies.plist file from whatever bot this > is that's failing to clear the failure. Done just now per your instructions. I'll let you know if it reproduces. 50145 2010-03-05 17:59:56 -0800 2010-03-08 10:15:19 -0800 Fix for Mac + Win patch.txt text/plain 14521 beidson SW5kZXg6IFdlYkNvcmUvQ2hhbmdlTG9nCj09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT0KLS0tIFdlYkNvcmUvQ2hhbmdlTG9n CShyZXZpc2lvbiA1NTYwNCkKKysrIFdlYkNvcmUvQ2hhbmdlTG9nCSh3b3JraW5nIGNvcHkpCkBA IC0xLDMgKzEsMjIgQEAKKzIwMTAtMDMtMDUgIEJyYWR5IEVpZHNvbiAgPGJlaWRzb25AYXBwbGUu Y29tPgorCisgICAgICAgIFJldmlld2VkIGJ5IE5PQk9EWSAoT09QUyEpLgorCisgICAgICAgIFJl bGF4IHRoZSAzcmQgcGFydHkgY29va2llIHBvbGljeSBpbiBjYXNlcyB3aGVyZSBpdCB3b24ndCBh ZGQgYSBuZXcgdHJhY2tpbmcgdmVjdG9yLgorICAgICAgICA8cmRhcjovL3Byb2JsZW0vNzE2MzAx Mj4gYW5kIGh0dHBzOi8vYnVncy53ZWJraXQub3JnL3Nob3dfYnVnLmNnaT9pZD0zNTgyNAorCisg ICAgICAgIFRlc3Q6IGh0dHAvdGVzdHMvY29va2llcy90aGlyZC1wYXJ0eS1jb29raWUtcmVsYXhp bmcuaHRtbAorCisgICAgICAgIElmIHRoZSAzcmQtcGFydHkgZG9tYWluIGluIHF1ZXN0aW9uIGFs cmVhZHkgaGFzIGEgY29va2llIHNldCwgYWxsb3cgY2hhbmdlcworICAgICAgICBieSBzZXR0aW5n IHRoZSBmaXJzdCBwYXJ0eSB1cmwgb2YgdGhlIHJlcXVlc3QgdG8gYmUgdGhlIHVybCBvZiB0aGUg cmVxdWVzdCBpdHNlbGY6ICAgICAgICAKKyAgICAgICAgKiBwbGF0Zm9ybS9uZXR3b3JrL2NmL1Jl c291cmNlSGFuZGxlQ0ZOZXQuY3BwOgorICAgICAgICAoV2ViQ29yZTo6bWFrZUZpbmFsUmVxdWVz dCk6CisKKyAgICAgICAgRGl0dG86CisgICAgICAgICogcGxhdGZvcm0vbmV0d29yay9tYWMvUmVz b3VyY2VIYW5kbGVNYWMubW06CisgICAgICAgIChXZWJDb3JlOjpSZXNvdXJjZUhhbmRsZTo6c3Rh cnQpOgorICAgICAgICAoV2ViQ29yZTo6UmVzb3VyY2VIYW5kbGU6OmxvYWRSZXNvdXJjZVN5bmNo cm9ub3VzbHkpOgorCiAyMDEwLTAzLTA1ICBEZWFuIEphY2tzb24gIDxkaW5vQGFwcGxlLmNvbT4K IAogICAgICAgICBSZXZpZXdlZCBieSBTaW1vbiBGcmFzZXIKSW5kZXg6IFdlYkNvcmUvcGxhdGZv cm0vbmV0d29yay9jZi9SZXNvdXJjZUhhbmRsZUNGTmV0LmNwcAo9PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09Ci0tLSBXZWJD b3JlL3BsYXRmb3JtL25ldHdvcmsvY2YvUmVzb3VyY2VIYW5kbGVDRk5ldC5jcHAJKHJldmlzaW9u IDU1NjA0KQorKysgV2ViQ29yZS9wbGF0Zm9ybS9uZXR3b3JrL2NmL1Jlc291cmNlSGFuZGxlQ0ZO ZXQuY3BwCSh3b3JraW5nIGNvcHkpCkBAIC0zNTIsNyArMzUyLDE1IEBAIHN0YXRpYyBDRlVSTFJl cXVlc3RSZWYgbWFrZUZpbmFsUmVxdWVzdCgKIAogICAgIGlmIChDRkhUVFBDb29raWVTdG9yYWdl UmVmIGNvb2tpZVN0b3JhZ2UgPSBjdXJyZW50Q29va2llU3RvcmFnZSgpKSB7CiAgICAgICAgIENG VVJMUmVxdWVzdFNldEhUVFBDb29raWVTdG9yYWdlKG5ld1JlcXVlc3QsIGNvb2tpZVN0b3JhZ2Up OwotICAgICAgICBDRlVSTFJlcXVlc3RTZXRIVFRQQ29va2llU3RvcmFnZUFjY2VwdFBvbGljeShu ZXdSZXF1ZXN0LCBDRkhUVFBDb29raWVTdG9yYWdlR2V0Q29va2llQWNjZXB0UG9saWN5KGNvb2tp ZVN0b3JhZ2UpKTsKKyAgICAgICAgCisgICAgICAgIGludCBwb2xpY3kgPSBDRkhUVFBDb29raWVT dG9yYWdlQWNjZXB0UG9saWN5KGNvb2tpZVN0b3JhZ2UpOworICAgICAgICBDRlVSTFJlcXVlc3RT ZXRIVFRQQ29va2llU3RvcmFnZUFjY2VwdFBvbGljeShuZXdSZXF1ZXN0LCBwb2xpY3kpOworICAg ICAgICBpZiAocG9saWN5ID09IENGSFRUUENvb2tpZVN0b3JhZ2VBY2NlcHRQb2xpY3lPbmx5RnJv bU1haW5Eb2N1bWVudERvbWFpbikgeworICAgICAgICAgICAgQ0ZVUkxSZWYgdXJsID0gQ0ZVUkxS ZXF1ZXN0R2V0VVJMKG5ld1JlcXVlc3QpOworICAgICAgICAgICAgUmV0YWluUHRyPENGQXJyYXlS ZWY+IGNvb2tpZXMoQWRvcHRDRiwgQ0ZIVFRQQ29va2llU3RvcmFnZUNvcHlDb29raWVzRm9yVVJM KGNvb2tpZVN0b3JhZ2UsIHVybCwgZmFsc2UpKTsKKyAgICAgICAgICAgIGlmIChDRkFycmF5R2V0 Q291bnQoY29va2llcy5nZXQoKSkpCisgICAgICAgICAgICAgICAgQ0ZVUkxSZXF1ZXN0U2V0TWFp bkRvY3VtZW50VVJMKG5ld1JlcXVlc3QsIHVybCk7CisgICAgICAgIH0KICAgICB9CiAKICAgICBy ZXR1cm4gbmV3UmVxdWVzdDsKSW5kZXg6IFdlYkNvcmUvcGxhdGZvcm0vbmV0d29yay9tYWMvUmVz b3VyY2VIYW5kbGVNYWMubW0KPT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PQotLS0gV2ViQ29yZS9wbGF0Zm9ybS9uZXR3b3Jr L21hYy9SZXNvdXJjZUhhbmRsZU1hYy5tbQkocmV2aXNpb24gNTU2MDQpCisrKyBXZWJDb3JlL3Bs YXRmb3JtL25ldHdvcmsvbWFjL1Jlc291cmNlSGFuZGxlTWFjLm1tCSh3b3JraW5nIGNvcHkpCkBA IC0yMjMsNiArMjIzLDEyIEBAIGJvb2wgUmVzb3VyY2VIYW5kbGU6OnN0YXJ0KEZyYW1lKiBmcmFt ZSkKIAogICAgIGQtPm1fbmVlZHNTaXRlU3BlY2lmaWNRdWlya3MgPSBmcmFtZS0+c2V0dGluZ3Mo KSAmJiBmcmFtZS0+c2V0dGluZ3MoKS0+bmVlZHNTaXRlU3BlY2lmaWNRdWlya3MoKTsKIAorICAg IC8vIElmIGEgVVJMIGFscmVhZHkgaGFzIGNvb2tpZXMsIHRoZW4gd2UnbGwgcmVsYXggdGhlIDNy ZCBwYXJ0eSBjb29raWUgcG9saWN5IGFuZCBhY2NlcHQgbmV3IGNvb2tpZXMuCisgICAgTlNIVFRQ Q29va2llU3RvcmFnZSAqc2hhcmVkU3RvcmFnZSA9IFtOU0hUVFBDb29raWVTdG9yYWdlIHNoYXJl ZEhUVFBDb29raWVTdG9yYWdlXTsKKyAgICBpZiAoW3NoYXJlZFN0b3JhZ2UgY29va2llQWNjZXB0 UG9saWN5XSA9PSBOU0hUVFBDb29raWVBY2NlcHRQb2xpY3lPbmx5RnJvbU1haW5Eb2N1bWVudERv bWFpbgorICAgICAgICAmJiBbW3NoYXJlZFN0b3JhZ2UgY29va2llc0ZvclVSTDpkLT5tX3JlcXVl c3QudXJsKCldIGNvdW50XSkKKyAgICAgICAgZC0+bV9yZXF1ZXN0LnNldEZpcnN0UGFydHlGb3JD b29raWVzKGQtPm1fcmVxdWVzdC51cmwoKSk7CisKICAgICBOU1VSTENvbm5lY3Rpb24gKmNvbm5l Y3Rpb247CiAgICAgCiAgICAgaWYgKGQtPm1fc2hvdWxkQ29udGVudFNuaWZmIHx8IGZyYW1lLT5z ZXR0aW5ncygpLT5sb2NhbEZpbGVDb250ZW50U25pZmZpbmdFbmFibGVkKCkpIApAQCAtNDE5LDEz ICs0MjUsMjIgQEAgdm9pZCBSZXNvdXJjZUhhbmRsZTo6bG9hZFJlc291cmNlU3luY2hybwogCiAg ICAgQVNTRVJUKCFyZXF1ZXN0LmlzRW1wdHkoKSk7CiAgICAgCi0gICAgTlNVUkxSZXF1ZXN0ICpu c1JlcXVlc3Q7CisgICAgTlNNdXRhYmxlVVJMUmVxdWVzdCAqbXV0YWJsZVJlcXVlc3QgPSBuaWw7 CiAgICAgaWYgKCFzaG91bGRDb250ZW50U25pZmZVUkwocmVxdWVzdC51cmwoKSkpIHsKLSAgICAg ICAgTlNNdXRhYmxlVVJMUmVxdWVzdCAqbXV0YWJsZVJlcXVlc3QgPSBbW3JlcXVlc3QubnNVUkxS ZXF1ZXN0KCkgbXV0YWJsZUNvcHldIGF1dG9yZWxlYXNlXTsKKyAgICAgICAgbXV0YWJsZVJlcXVl c3QgPSBbW3JlcXVlc3QubnNVUkxSZXF1ZXN0KCkgbXV0YWJsZUNvcHldIGF1dG9yZWxlYXNlXTsK ICAgICAgICAgd2tTZXROU1VSTFJlcXVlc3RTaG91bGRDb250ZW50U25pZmYobXV0YWJsZVJlcXVl c3QsIE5PKTsKLSAgICAgICAgbnNSZXF1ZXN0ID0gbXV0YWJsZVJlcXVlc3Q7Ci0gICAgfSBlbHNl Ci0gICAgICAgIG5zUmVxdWVzdCA9IHJlcXVlc3QubnNVUkxSZXF1ZXN0KCk7CisgICAgfSAKKwor ICAgIC8vIElmIGEgVVJMIGFscmVhZHkgaGFzIGNvb2tpZXMsIHRoZW4gd2UnbGwgaWdub3JlIHRo ZSAzcmQgcGFydHkgY29va2llIHBvbGljeSBhbmQgYWNjZXB0IG5ldyBjb29raWVzLgorICAgIE5T SFRUUENvb2tpZVN0b3JhZ2UgKnNoYXJlZFN0b3JhZ2UgPSBbTlNIVFRQQ29va2llU3RvcmFnZSBz aGFyZWRIVFRQQ29va2llU3RvcmFnZV07CisgICAgaWYgKFtzaGFyZWRTdG9yYWdlIGNvb2tpZUFj Y2VwdFBvbGljeV0gPT0gTlNIVFRQQ29va2llQWNjZXB0UG9saWN5T25seUZyb21NYWluRG9jdW1l bnREb21haW4KKyAgICAgICAgJiYgW1tzaGFyZWRTdG9yYWdlIGNvb2tpZXNGb3JVUkw6cmVxdWVz dC51cmwoKV0gY291bnRdKSB7CisgICAgICAgIGlmICghbXV0YWJsZVJlcXVlc3QpCisgICAgICAg ICAgICBtdXRhYmxlUmVxdWVzdCA9IFtbcmVxdWVzdC5uc1VSTFJlcXVlc3QoKSBtdXRhYmxlQ29w eV0gYXV0b3JlbGVhc2VdOworICAgICAgICBbbXV0YWJsZVJlcXVlc3Qgc2V0TWFpbkRvY3VtZW50 VVJMOlttdXRhYmxlUmVxdWVzdCBVUkxdXTsKKyAgICB9CisgICAgCisgICAgTlNVUkxSZXF1ZXN0 ICpuc1JlcXVlc3QgPSBtdXRhYmxlUmVxdWVzdCA/IG11dGFibGVSZXF1ZXN0IDogcmVxdWVzdC5u c1VSTFJlcXVlc3QoKTsKICAgICAgICAgICAgIAogICAgIEJFR0lOX0JMT0NLX09CSkNfRVhDRVBU SU9OUzsKICAgICAKSW5kZXg6IExheW91dFRlc3RzL0NoYW5nZUxvZwo9PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09Ci0tLSBM YXlvdXRUZXN0cy9DaGFuZ2VMb2cJKHJldmlzaW9uIDU1NjA0KQorKysgTGF5b3V0VGVzdHMvQ2hh bmdlTG9nCSh3b3JraW5nIGNvcHkpCkBAIC0xLDMgKzEsMTggQEAKKzIwMTAtMDMtMDUgIEJyYWR5 IEVpZHNvbiAgPGJlaWRzb25AYXBwbGUuY29tPgorCisgICAgICAgIFJldmlld2VkIGJ5IE5PQk9E WSAoT09QUyEpLgorCisgICAgICAgIFJlbGF4IHRoZSAzcmQgcGFydHkgY29va2llIHBvbGljeSBp biBjYXNlcyB3aGVyZSBpdCB3b24ndCBhZGQgYSBuZXcgdHJhY2tpbmcgdmVjdG9yLgorICAgICAg ICA8cmRhcjovL3Byb2JsZW0vNzE2MzAxMj4gYW5kIGh0dHBzOi8vYnVncy53ZWJraXQub3JnL3No b3dfYnVnLmNnaT9pZD0zNTgyNAorCisgICAgICAgICogaHR0cC90ZXN0cy9jb29raWVzL3Jlc291 cmNlcy9jb29raWUtdXRpbGl0eS5waHA6IEFkZGVkLgorICAgICAgICAqIGh0dHAvdGVzdHMvY29v a2llcy9yZXNvdXJjZXMvdGhpcmQtcGFydHktY29va2llLXJlbGF4aW5nLWlmcmFtZS5odG1sOiBB ZGRlZC4KKyAgICAgICAgKiBodHRwL3Rlc3RzL2Nvb2tpZXMvdGhpcmQtcGFydHktY29va2llLXJl bGF4aW5nLWV4cGVjdGVkLnR4dDogQWRkZWQuCisgICAgICAgICogaHR0cC90ZXN0cy9jb29raWVz L3RoaXJkLXBhcnR5LWNvb2tpZS1yZWxheGluZy5odG1sOiBBZGRlZC4KKworICAgICAgICAqIHBs YXRmb3JtL2d0ay9Ta2lwcGVkOgorICAgICAgICAqIHBsYXRmb3JtL3F0L1NraXBwZWQ6CisKIDIw MTAtMDMtMDUgIEVyaWMgU2VpZGVsICA8ZXJpY0B3ZWJraXQub3JnPgogCiAgICAgICAgIE5vIHJl dmlldy4gIFNraXBwaW5nIHJlY2VudGx5IHJlZ3Jlc3NlZCB0ZXN0IHRvIHVuYmxvY2sgdGhlIGNv bW1pdC1xdWV1ZSAoMjAgcGF0Y2hlcyB3YWl0aW5nKS4KSW5kZXg6IExheW91dFRlc3RzL2h0dHAv dGVzdHMvY29va2llcy90aGlyZC1wYXJ0eS1jb29raWUtcmVsYXhpbmctZXhwZWN0ZWQudHh0Cj09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT0KLS0tIExheW91dFRlc3RzL2h0dHAvdGVzdHMvY29va2llcy90aGlyZC1wYXJ0eS1j b29raWUtcmVsYXhpbmctZXhwZWN0ZWQudHh0CShyZXZpc2lvbiAwKQorKysgTGF5b3V0VGVzdHMv aHR0cC90ZXN0cy9jb29raWVzL3RoaXJkLXBhcnR5LWNvb2tpZS1yZWxheGluZy1leHBlY3RlZC50 eHQJKHJldmlzaW9uIDApCkBAIC0wLDAgKzEsNDcgQEAKK0FMRVJUOiAKKworQUxFUlQ6IEFsbG93 aW5nIGFsbCBjb29raWVzCitBTEVSVDogaHR0cDovL2xvY2FsaG9zdDo4MDAwL2Nvb2tpZXMvcmVz b3VyY2VzL2Nvb2tpZS11dGlsaXR5LnBocD9xdWVyeWZ1bmN0aW9uPWRlbGV0ZUNvb2tpZXMKK0FM RVJUOiBYSFIgcmVzcG9uc2UgLSBEZWxldGVkIGFsbCBjb29raWVzCitBTEVSVDogVGVzdCBzdGFn ZSAxIGRvY3VtZW50LmNvb2tpZSBpczogCitBTEVSVDogUmVzdHJpY3RpbmcgdG8gZmlyc3QgcGFy dHkgb25seSBjb29raWVzCitBTEVSVDogaHR0cDovL2xvY2FsaG9zdDo4MDAwL2Nvb2tpZXMvcmVz b3VyY2VzL2Nvb2tpZS11dGlsaXR5LnBocD9xdWVyeWZ1bmN0aW9uPXNldEZvb0Nvb2tpZQorQUxF UlQ6IFhIUiByZXNwb25zZSAtIFNldCB0aGUgZm9vIGNvb2tpZQorQUxFUlQ6IFRlc3Qgc3RhZ2Ug MiBkb2N1bWVudC5jb29raWUgaXM6IAorQUxFUlQ6IAorCitBTEVSVDogQWxsb3dpbmcgYWxsIGNv b2tpZXMKK0FMRVJUOiBodHRwOi8vbG9jYWxob3N0OjgwMDAvY29va2llcy9yZXNvdXJjZXMvY29v a2llLXV0aWxpdHkucGhwP3F1ZXJ5ZnVuY3Rpb249ZGVsZXRlQ29va2llcworQUxFUlQ6IFhIUiBy ZXNwb25zZSAtIERlbGV0ZWQgYWxsIGNvb2tpZXMKK0FMRVJUOiBUZXN0IHN0YWdlIDMgZG9jdW1l bnQuY29va2llIGlzOiAKK0FMRVJUOiBSZXN0cmljdGluZyB0byBmaXJzdCBwYXJ0eSBvbmx5IGNv b2tpZXMKK0FMRVJUOiBodHRwOi8vbG9jYWxob3N0OjgwMDAvY29va2llcy9yZXNvdXJjZXMvY29v a2llLXV0aWxpdHkucGhwP3F1ZXJ5ZnVuY3Rpb249c2V0Rm9vQW5kQmFyQ29va2llCitBTEVSVDog WEhSIHJlc3BvbnNlIC0gU2V0IHRoZSBmb28gYW5kIGJhciBjb29raWVzCitBTEVSVDogVGVzdCBz dGFnZSA0IGRvY3VtZW50LmNvb2tpZSBpczogCitBTEVSVDogCisKK0FMRVJUOiBBbGxvd2luZyBh bGwgY29va2llcworQUxFUlQ6IGh0dHA6Ly9sb2NhbGhvc3Q6ODAwMC9jb29raWVzL3Jlc291cmNl cy9jb29raWUtdXRpbGl0eS5waHA/cXVlcnlmdW5jdGlvbj1kZWxldGVDb29raWVzCitBTEVSVDog WEhSIHJlc3BvbnNlIC0gRGVsZXRlZCBhbGwgY29va2llcworQUxFUlQ6IFRlc3Qgc3RhZ2UgNSBk b2N1bWVudC5jb29raWUgaXM6IAorQUxFUlQ6IGh0dHA6Ly9sb2NhbGhvc3Q6ODAwMC9jb29raWVz L3Jlc291cmNlcy9jb29raWUtdXRpbGl0eS5waHA/cXVlcnlmdW5jdGlvbj1zZXRGb29Db29raWUK K0FMRVJUOiBYSFIgcmVzcG9uc2UgLSBTZXQgdGhlIGZvbyBjb29raWUKK0FMRVJUOiBUZXN0IHN0 YWdlIDYgZG9jdW1lbnQuY29va2llIGlzOiBmb289YXdlc29tZXZhbHVlCitBTEVSVDogUmVzdHJp Y3RpbmcgdG8gZmlyc3QgcGFydHkgb25seSBjb29raWVzCitBTEVSVDogaHR0cDovL2xvY2FsaG9z dDo4MDAwL2Nvb2tpZXMvcmVzb3VyY2VzL2Nvb2tpZS11dGlsaXR5LnBocD9xdWVyeWZ1bmN0aW9u PWRlbGV0ZUNvb2tpZXMKK0FMRVJUOiBYSFIgcmVzcG9uc2UgLSBEZWxldGVkIGFsbCBjb29raWVz CitBTEVSVDogVGVzdCBzdGFnZSA3IGRvY3VtZW50LmNvb2tpZSBpczogCitBTEVSVDogCisKK0FM RVJUOiBBbGxvd2luZyBhbGwgY29va2llcworQUxFUlQ6IGh0dHA6Ly9sb2NhbGhvc3Q6ODAwMC9j b29raWVzL3Jlc291cmNlcy9jb29raWUtdXRpbGl0eS5waHA/cXVlcnlmdW5jdGlvbj1kZWxldGVD b29raWVzCitBTEVSVDogWEhSIHJlc3BvbnNlIC0gRGVsZXRlZCBhbGwgY29va2llcworQUxFUlQ6 IFRlc3Qgc3RhZ2UgOCBkb2N1bWVudC5jb29raWUgaXM6IAorQUxFUlQ6IGh0dHA6Ly9sb2NhbGhv c3Q6ODAwMC9jb29raWVzL3Jlc291cmNlcy9jb29raWUtdXRpbGl0eS5waHA/cXVlcnlmdW5jdGlv bj1zZXRGb29Db29raWUKK0FMRVJUOiBYSFIgcmVzcG9uc2UgLSBTZXQgdGhlIGZvbyBjb29raWUK K0FMRVJUOiBUZXN0IHN0YWdlIDkgZG9jdW1lbnQuY29va2llIGlzOiBmb289YXdlc29tZXZhbHVl CitBTEVSVDogUmVzdHJpY3RpbmcgdG8gZmlyc3QgcGFydHkgb25seSBjb29raWVzCitBTEVSVDog aHR0cDovL2xvY2FsaG9zdDo4MDAwL2Nvb2tpZXMvcmVzb3VyY2VzL2Nvb2tpZS11dGlsaXR5LnBo cD9xdWVyeWZ1bmN0aW9uPXNldEZvb0FuZEJhckNvb2tpZQorQUxFUlQ6IFhIUiByZXNwb25zZSAt IFNldCB0aGUgZm9vIGFuZCBiYXIgY29va2llcworQUxFUlQ6IFRlc3Qgc3RhZ2UgMTAgZG9jdW1l bnQuY29va2llIGlzOiBiYXI9YW5vdGhlcmF3ZXNvbWV2YWx1ZTsgZm9vPWF3ZXNvbWV2YWx1ZQor CkluZGV4OiBMYXlvdXRUZXN0cy9odHRwL3Rlc3RzL2Nvb2tpZXMvdGhpcmQtcGFydHktY29va2ll LXJlbGF4aW5nLmh0bWwKPT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PQotLS0gTGF5b3V0VGVzdHMvaHR0cC90ZXN0cy9jb29r aWVzL3RoaXJkLXBhcnR5LWNvb2tpZS1yZWxheGluZy5odG1sCShyZXZpc2lvbiAwKQorKysgTGF5 b3V0VGVzdHMvaHR0cC90ZXN0cy9jb29raWVzL3RoaXJkLXBhcnR5LWNvb2tpZS1yZWxheGluZy5o dG1sCShyZXZpc2lvbiAwKQpAQCAtMCwwICsxLDkyIEBACis8aHRtbD4KKzxoZWFkPgorPHNjcmlw dD4KKworaWYgKHdpbmRvdy5sYXlvdXRUZXN0Q29udHJvbGxlcikgeworICAgIGxheW91dFRlc3RD b250cm9sbGVyLmR1bXBBc1RleHQoKTsKKyAgICBsYXlvdXRUZXN0Q29udHJvbGxlci53YWl0VW50 aWxEb25lKCk7Cit9CisKK3dpbmRvdy5vbm1lc3NhZ2UgPSBmdW5jdGlvbihldnQpCit7CisgICAg aWYgKGV2dC5kYXRhICE9ICJkb25lIikgeworICAgICAgICBhbGVydCgiVW5leHBlY3RlZCBtZXNz YWdlOiAiICsgZXZ0LmRhdGEpOworICAgICAgICByZXR1cm47CisgICAgfQorICAgIAorICAgIHJ1 bk5leHRUZXN0T3JGaW5pc2goKTsKK30KKworZnVuY3Rpb24gYWxsb3dBbGxDb29raWVzKCkKK3sK KyAgICBhbGVydCgiQWxsb3dpbmcgYWxsIGNvb2tpZXMiKTsKKyAgICBpZiAod2luZG93LmxheW91 dFRlc3RDb250cm9sbGVyKQorICAgICAgICBsYXlvdXRUZXN0Q29udHJvbGxlci5zZXRBbHdheXNB Y2NlcHRDb29raWVzKHRydWUpOworICAgIHJ1bk5leHRUZXN0T3JGaW5pc2goKTsKK30KKworZnVu Y3Rpb24gcmVzdHJpY3RDb29raWVzKCkKK3sKKyAgICBhbGVydCgiUmVzdHJpY3RpbmcgdG8gZmly c3QgcGFydHkgb25seSBjb29raWVzIik7CisgICAgaWYgKHdpbmRvdy5sYXlvdXRUZXN0Q29udHJv bGxlcikKKyAgICAgICAgbGF5b3V0VGVzdENvbnRyb2xsZXIuc2V0QWx3YXlzQWNjZXB0Q29va2ll cyhmYWxzZSk7CisgICAgcnVuTmV4dFRlc3RPckZpbmlzaCgpOworfQorCitmdW5jdGlvbiBkZWxl dGVBbGxDb29raWVzKCkKK3sKKyAgICBzZW5kWEhSKCJkZWxldGVDb29raWVzIik7Cit9CisKK2Z1 bmN0aW9uIGVjaG9Db29raWVzKCkKK3sKKyAgICB3aW5kb3cuZnJhbWVzWzBdLnBvc3RNZXNzYWdl KCJzaG93Q29va2llcyIsICIqIik7Cit9CisKK2Z1bmN0aW9uIHNlbmRYSFIoY29tbWFuZCkKK3sK KyAgICB3aW5kb3cuZnJhbWVzWzBdLnBvc3RNZXNzYWdlKCJzZW5kWEhSICIgKyBjb21tYW5kLCAi KiIpOworfQorCitmdW5jdGlvbiBzZXRGb29Db29raWUoKQoreworICAgIHNlbmRYSFIoInNldEZv b0Nvb2tpZSIpOworfQorCitmdW5jdGlvbiBzZXRGb29BbmRCYXJDb29raWVzKCkKK3sKKyAgICBz ZW5kWEhSKCJzZXRGb29BbmRCYXJDb29raWUiKTsKK30KKworZnVuY3Rpb24gc3RhcnROZXdUZXN0 KCkKK3sKKyAgICBhbGVydCgiXG4iKTsKKyAgICBydW5OZXh0VGVzdE9yRmluaXNoKCk7Cit9CisK K3ZhciBjdXJyZW50RnVuY3Rpb24gPSAwOwordmFyIGZ1bmN0aW9ucyA9IG5ldyBBcnJheSgKKyAg ICBzdGFydE5ld1Rlc3QsIGFsbG93QWxsQ29va2llcywgZGVsZXRlQWxsQ29va2llcywgZWNob0Nv b2tpZXMsIHJlc3RyaWN0Q29va2llcywgc2V0Rm9vQ29va2llLCBlY2hvQ29va2llcywKKyAgICBz dGFydE5ld1Rlc3QsIGFsbG93QWxsQ29va2llcywgZGVsZXRlQWxsQ29va2llcywgZWNob0Nvb2tp ZXMsIHJlc3RyaWN0Q29va2llcywgc2V0Rm9vQW5kQmFyQ29va2llcywgZWNob0Nvb2tpZXMsCisg ICAgc3RhcnROZXdUZXN0LCBhbGxvd0FsbENvb2tpZXMsIGRlbGV0ZUFsbENvb2tpZXMsIGVjaG9D b29raWVzLCBzZXRGb29Db29raWUsIGVjaG9Db29raWVzLCByZXN0cmljdENvb2tpZXMsIGRlbGV0 ZUFsbENvb2tpZXMsIGVjaG9Db29raWVzLAorICAgIHN0YXJ0TmV3VGVzdCwgYWxsb3dBbGxDb29r aWVzLCBkZWxldGVBbGxDb29raWVzLCBlY2hvQ29va2llcywgc2V0Rm9vQ29va2llLCBlY2hvQ29v a2llcywgcmVzdHJpY3RDb29raWVzLCBzZXRGb29BbmRCYXJDb29raWVzLCBlY2hvQ29va2llcwor KTsKKworZnVuY3Rpb24gcnVuTmV4dFRlc3RPckZpbmlzaCgpCit7CisgICAgaWYgKGN1cnJlbnRG dW5jdGlvbiA+PSBmdW5jdGlvbnMubGVuZ3RoKSB7CisgICAgICAgIGlmICh3aW5kb3cubGF5b3V0 VGVzdENvbnRyb2xsZXIpCisgICAgICAgICAgICBsYXlvdXRUZXN0Q29udHJvbGxlci5ub3RpZnlE b25lKCk7CisgICAgICAgIHJldHVybjsKKyAgICB9CisgICAgCisgICAgdmFyIGZ1bmN0aW9uVG9S dW4gPSBjdXJyZW50RnVuY3Rpb24rKzsKKyAgICBmdW5jdGlvbnNbZnVuY3Rpb25Ub1J1bl0oKTsK K30KKworPC9zY3JpcHQ+Cis8L2hlYWQ+Cis8Ym9keSBvbmxvYWQ9InJ1bk5leHRUZXN0T3JGaW5p c2goKTsiPgorPGlmcmFtZSBpZD0ndGVzdEZyYW1lJyBzcmM9Imh0dHA6Ly9sb2NhbGhvc3Q6ODAw MC9jb29raWVzL3Jlc291cmNlcy90aGlyZC1wYXJ0eS1jb29raWUtcmVsYXhpbmctaWZyYW1lLmh0 bWwiPjwvaWZyYW1lPgorPC9ib2R5PgorPC9odG1sPgpJbmRleDogTGF5b3V0VGVzdHMvaHR0cC90 ZXN0cy9jb29raWVzL3Jlc291cmNlcy9jb29raWUtdXRpbGl0eS5waHAKPT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PQotLS0g TGF5b3V0VGVzdHMvaHR0cC90ZXN0cy9jb29raWVzL3Jlc291cmNlcy9jb29raWUtdXRpbGl0eS5w aHAJKHJldmlzaW9uIDApCisrKyBMYXlvdXRUZXN0cy9odHRwL3Rlc3RzL2Nvb2tpZXMvcmVzb3Vy Y2VzL2Nvb2tpZS11dGlsaXR5LnBocAkocmV2aXNpb24gMCkKQEAgLTAsMCArMSw0MCBAQAorPD9w aHAKK3BhcnNlX3N0cigkX1NFUlZFUlsiUVVFUllfU1RSSU5HIl0pOworCitmdW5jdGlvbiBkZWxl dGVDb29raWUoJHZhbHVlLCAkbmFtZSkKK3sKKyAgICBzZXRjb29raWUoJG5hbWUsICJkZWxldGVk IiwgdGltZSgpIC0gODY0MDApOworfQorCitpZiAoJHF1ZXJ5ZnVuY3Rpb24gPT0gImRlbGV0ZUNv b2tpZXMiKSB7CisgICAgYXJyYXlfd2FsaygkX0NPT0tJRSwgZGVsZXRlQ29va2llKTsKKyAgICBl Y2hvICJEZWxldGVkIGFsbCBjb29raWVzIjsKKyAgICByZXR1cm47Cit9CisKK2lmICgkcXVlcnlm dW5jdGlvbiA9PSAic2V0Rm9vQ29va2llIikgeworICAgIHNldGNvb2tpZSgiZm9vIiwgImF3ZXNv bWV2YWx1ZSIsIHRpbWUoKSArIDg2NDAwKTsKKyAgICBlY2hvICJTZXQgdGhlIGZvbyBjb29raWUi OworICAgIHJldHVybjsKK30KKworaWYgKCRxdWVyeWZ1bmN0aW9uID09ICJzZXRGb29BbmRCYXJD b29raWUiKSB7CisgICAgc2V0Y29va2llKCJmb28iLCAiYXdlc29tZXZhbHVlIiwgdGltZSgpICsg ODY0MDApOworICAgIHNldGNvb2tpZSgiYmFyIiwgImFub3RoZXJhd2Vzb21ldmFsdWUiLCB0aW1l KCkgKyA4NjQwMCk7CisgICAgZWNobyAiU2V0IHRoZSBmb28gYW5kIGJhciBjb29raWVzIjsKKyAg ICByZXR1cm47Cit9CisKKy8vIERlZmF1bHQgZm9yIGFueSBvdGhlciBzdHJpbmcgaXMgZWNobyBj b29raWVzLgorZnVuY3Rpb24gZWNob0Nvb2tpZSgkdmFsdWUsICRuYW1lKQoreworICAgIGVjaG8g IiRuYW1lID0gJHZhbHVlXG4iOworfQorCitmdW5jdGlvbiBlY2hvQWxsQ29va2llcygpCit7Cisg ICAgZWNobyAiQ29va2llcyBhcmU6XG4iOworICAgIGFycmF5X3dhbGsoJF9DT09LSUUsIGVjaG9D b29raWUpOyAgICAKK30KKworPz4KSW5kZXg6IExheW91dFRlc3RzL2h0dHAvdGVzdHMvY29va2ll cy9yZXNvdXJjZXMvdGhpcmQtcGFydHktY29va2llLXJlbGF4aW5nLWlmcmFtZS5odG1sCj09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT0KLS0tIExheW91dFRlc3RzL2h0dHAvdGVzdHMvY29va2llcy9yZXNvdXJjZXMvdGhpcmQt cGFydHktY29va2llLXJlbGF4aW5nLWlmcmFtZS5odG1sCShyZXZpc2lvbiAwKQorKysgTGF5b3V0 VGVzdHMvaHR0cC90ZXN0cy9jb29raWVzL3Jlc291cmNlcy90aGlyZC1wYXJ0eS1jb29raWUtcmVs YXhpbmctaWZyYW1lLmh0bWwJKHJldmlzaW9uIDApCkBAIC0wLDAgKzEsNDcgQEAKKzxodG1sPgor PHNjcmlwdD4KKworaWYgKHdpbmRvdy5sYXlvdXRUZXN0Q29udHJvbGxlcikKKyAgICBsYXlvdXRU ZXN0Q29udHJvbGxlci5kdW1wQXNUZXh0KCk7CisKK3dpbmRvdy5vbm1lc3NhZ2UgPSBmdW5jdGlv bihldnQpCit7CisgICAgaWYgKGV2dC5kYXRhID09ICJzaG93Q29va2llcyIpIHsKKyAgICAgICAg c2hvd0Nvb2tpZXMoKTsKKyAgICAgICAgcmV0dXJuOworICAgIH0gZWxzZSBpZiAoZXZ0LmRhdGEu c3BsaXQoIiAiKVswXSA9PSAic2VuZFhIUiIpIHsKKyAgICAgICAgc2VuZFhIUihldnQuZGF0YS5z cGxpdCgiICIpWzFdKTsKKyAgICAgICAgcmV0dXJuOworICAgIH0gZWxzZQorICAgICAgICBhbGVy dCgiVW5rbm93biBtZXNzYWdlLiIpOworfQorCit2YXIgc3RhZ2UgPSAxOworZnVuY3Rpb24gc2hv d0Nvb2tpZXMoKQoreworICAgIGFsZXJ0KCJUZXN0IHN0YWdlICIgKyBzdGFnZSsrICsgIiBkb2N1 bWVudC5jb29raWUgaXM6ICIgKyBkb2N1bWVudC5jb29raWUpOworICAgIHBhcmVudC53aW5kb3cu cG9zdE1lc3NhZ2UoImRvbmUiLCAiKiIpOyAgICAKK30KKworZnVuY3Rpb24gc2VuZFhIUihxdWVy eUNvbW1hbmQpCit7CisgICAgdmFyIGJhc2V1cmwgPSAiaHR0cDovL2xvY2FsaG9zdDo4MDAwL2Nv b2tpZXMvcmVzb3VyY2VzL2Nvb2tpZS11dGlsaXR5LnBocCI7CisgICAgdmFyIHVybCA9IHF1ZXJ5 Q29tbWFuZCA/IGJhc2V1cmwgKyAiP3F1ZXJ5ZnVuY3Rpb249IiArIHF1ZXJ5Q29tbWFuZCA6IGJh c2V1cmw7CisgICAgYWxlcnQodXJsKTsKKyAgICB2YXIgcmVxID0gbmV3IFhNTEh0dHBSZXF1ZXN0 KCk7CisgICAgcmVxLm9wZW4oJ0dFVCcsIHVybCwgZmFsc2UpOworICAgIHJlcS5zZW5kKCk7CisK KyAgICBpZiAocmVxLnN0YXR1cyA9PSAyMDApCisgICAgICAgIGFsZXJ0KCJYSFIgcmVzcG9uc2Ug LSAiICsgcmVxLnJlc3BvbnNlVGV4dCk7CisgICAgZWxzZQorICAgICAgICBhbGVydCgieGhyIGVy cm9yIik7CisgICAgCisgICAgcGFyZW50LndpbmRvdy5wb3N0TWVzc2FnZSgiZG9uZSIsICIqIik7 ICAgIAorfQorCis8L3NjcmlwdD4KKzxib2R5PgorSEVMTE8gVEhFUkUKKzwvYm9keT4KKzwvaHRt bD4KSW5kZXg6IExheW91dFRlc3RzL3BsYXRmb3JtL2d0ay9Ta2lwcGVkCj09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT0KLS0t IExheW91dFRlc3RzL3BsYXRmb3JtL2d0ay9Ta2lwcGVkCShyZXZpc2lvbiA1NTYwNCkKKysrIExh eW91dFRlc3RzL3BsYXRmb3JtL2d0ay9Ta2lwcGVkCSh3b3JraW5nIGNvcHkpCkBAIC01ODA2LDMg KzU4MDYsNiBAQCBmYXN0L2RvbS9HZW9sb2NhdGlvbi9wZXJtaXNzaW9uLWRlbmllZC5oCiAKICMg aHR0cHM6Ly9idWdzLndlYmtpdC5vcmcvc2hvd19idWcuY2dpP2lkPTM1NzkzCiBtZWRpYS92aWRl by1wcmVsb2FkLmh0bWwKKworIyBodHRwczovL2J1Z3Mud2Via2l0Lm9yZy9zaG93X2J1Zy5jZ2k/ aWQ9MzU4MjQgLSBEb2Vzbid0IGFwcGx5IHRvIHBsYXRmb3JtcyB0aGF0IGRvbid0IGVuZm9yY2Ug dGhlIENGTmV0d29yay1zdHlsZSAzcmQgcGFydHkgY29va2llIHBvbGljeQoraHR0cC90ZXN0cy9j b29raWVzL3RoaXJkLXBhcnR5LWNvb2tpZS1yZWxheGluZy5odG1sCkluZGV4OiBMYXlvdXRUZXN0 cy9wbGF0Zm9ybS9xdC9Ta2lwcGVkCj09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT0KLS0tIExheW91dFRlc3RzL3BsYXRmb3Jt L3F0L1NraXBwZWQJKHJldmlzaW9uIDU1NjA0KQorKysgTGF5b3V0VGVzdHMvcGxhdGZvcm0vcXQv U2tpcHBlZAkod29ya2luZyBjb3B5KQpAQCAtNTA5OCwzICs1MDk4LDYgQEAgcGx1Z2lucy9wcml2 YXRlLWJyb3dzaW5nLW1vZGUuaHRtbAogCiAjIFF0J3MgRFJUIGRvZXNuJ3Qgbm90IHNlZW0gdG8g c3VwcG9ydCB0aGUgbGF5b3V0VGVzdENvbnRyb2xsZXIuZXZhbHVhdGVTY3JpcHRJbklzb2xhdGVk V29ybGQoKSBjYWxsLgogc3RvcmFnZS9vcGVuLWRhdGFiYXNlLWNyZWF0aW9uLWNhbGxiYWNrLWlz b2xhdGVkLXdvcmxkLmh0bWwKKworIyBodHRwczovL2J1Z3Mud2Via2l0Lm9yZy9zaG93X2J1Zy5j Z2k/aWQ9MzU4MjQgLSBEb2Vzbid0IGFwcGx5IHRvIHBsYXRmb3JtcyB0aGF0IGRvbid0IGVuZm9y Y2UgdGhlIENGTmV0d29yay1zdHlsZSAzcmQgcGFydHkgY29va2llIHBvbGljeQoraHR0cC90ZXN0 cy9jb29raWVzL3RoaXJkLXBhcnR5LWNvb2tpZS1yZWxheGluZy5odG1sCg== 50232 2010-03-08 10:15:19 -0800 2010-03-08 10:24:50 -0800 Fix for Mac + Win (tested on Windows, now) patch.txt text/plain 14742 beidson SW5kZXg6IFdlYkNvcmUvQ2hhbmdlTG9nCj09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT0KLS0tIFdlYkNvcmUvQ2hhbmdlTG9n CShyZXZpc2lvbiA1NTY2NikKKysrIFdlYkNvcmUvQ2hhbmdlTG9nCSh3b3JraW5nIGNvcHkpCkBA IC0xLDMgKzEsMjIgQEAKKzIwMTAtMDMtMDggIEJyYWR5IEVpZHNvbiAgPGJlaWRzb25AYXBwbGUu Y29tPgorCisgICAgICAgIFJldmlld2VkIGJ5IE5PQk9EWSAoT09QUyEpLgorCisgICAgICAgIFJl bGF4IHRoZSAzcmQgcGFydHkgY29va2llIHBvbGljeSBpbiBjYXNlcyB3aGVyZSBpdCB3b24ndCBh ZGQgYSBuZXcgdHJhY2tpbmcgdmVjdG9yLgorICAgICAgICA8cmRhcjovL3Byb2JsZW0vNzE2MzAx Mj4gYW5kIGh0dHBzOi8vYnVncy53ZWJraXQub3JnL3Nob3dfYnVnLmNnaT9pZD0zNTgyNAorCisg ICAgICAgIFRlc3Q6IGh0dHAvdGVzdHMvY29va2llcy90aGlyZC1wYXJ0eS1jb29raWUtcmVsYXhp bmcuaHRtbAorCisgICAgICAgIElmIHRoZSAzcmQtcGFydHkgZG9tYWluIGluIHF1ZXN0aW9uIGFs cmVhZHkgaGFzIGEgY29va2llIHNldCwgYWxsb3cgY2hhbmdlcworICAgICAgICBieSBzZXR0aW5n IHRoZSBmaXJzdCBwYXJ0eSB1cmwgb2YgdGhlIHJlcXVlc3QgdG8gYmUgdGhlIHVybCBvZiB0aGUg cmVxdWVzdCBpdHNlbGY6ICAgICAgICAKKyAgICAgICAgKiBwbGF0Zm9ybS9uZXR3b3JrL2NmL1Jl c291cmNlSGFuZGxlQ0ZOZXQuY3BwOgorICAgICAgICAoV2ViQ29yZTo6bWFrZUZpbmFsUmVxdWVz dCk6CisKKyAgICAgICAgRGl0dG86CisgICAgICAgICogcGxhdGZvcm0vbmV0d29yay9tYWMvUmVz b3VyY2VIYW5kbGVNYWMubW06CisgICAgICAgIChXZWJDb3JlOjpSZXNvdXJjZUhhbmRsZTo6c3Rh cnQpOgorICAgICAgICAoV2ViQ29yZTo6UmVzb3VyY2VIYW5kbGU6OmxvYWRSZXNvdXJjZVN5bmNo cm9ub3VzbHkpOgorCiAyMDEwLTAzLTA4ICBFcmljIFVocmhhbmUgIDxlcmljdUBjaHJvbWl1bS5v cmc+CiAKICAgICAgICAgUmV2aWV3ZWQgYnkgRGF2aWQgTGV2aW4uCkluZGV4OiBXZWJDb3JlL3Bs YXRmb3JtL25ldHdvcmsvY2YvUmVzb3VyY2VIYW5kbGVDRk5ldC5jcHAKPT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PQotLS0g V2ViQ29yZS9wbGF0Zm9ybS9uZXR3b3JrL2NmL1Jlc291cmNlSGFuZGxlQ0ZOZXQuY3BwCShyZXZp c2lvbiA1NTY2NikKKysrIFdlYkNvcmUvcGxhdGZvcm0vbmV0d29yay9jZi9SZXNvdXJjZUhhbmRs ZUNGTmV0LmNwcAkod29ya2luZyBjb3B5KQpAQCAtMzUwLDcgKzM1MCwxNCBAQCBzdGF0aWMgQ0ZV UkxSZXF1ZXN0UmVmIG1ha2VGaW5hbFJlcXVlc3QoCiAKICAgICBpZiAoQ0ZIVFRQQ29va2llU3Rv cmFnZVJlZiBjb29raWVTdG9yYWdlID0gY3VycmVudENvb2tpZVN0b3JhZ2UoKSkgewogICAgICAg ICBDRlVSTFJlcXVlc3RTZXRIVFRQQ29va2llU3RvcmFnZShuZXdSZXF1ZXN0LCBjb29raWVTdG9y YWdlKTsKLSAgICAgICAgQ0ZVUkxSZXF1ZXN0U2V0SFRUUENvb2tpZVN0b3JhZ2VBY2NlcHRQb2xp Y3kobmV3UmVxdWVzdCwgQ0ZIVFRQQ29va2llU3RvcmFnZUdldENvb2tpZUFjY2VwdFBvbGljeShj b29raWVTdG9yYWdlKSk7CisgICAgICAgIENGSFRUUENvb2tpZVN0b3JhZ2VBY2NlcHRQb2xpY3kg cG9saWN5ID0gQ0ZIVFRQQ29va2llU3RvcmFnZUdldENvb2tpZUFjY2VwdFBvbGljeShjb29raWVT dG9yYWdlKTsKKyAgICAgICAgQ0ZVUkxSZXF1ZXN0U2V0SFRUUENvb2tpZVN0b3JhZ2VBY2NlcHRQ b2xpY3kobmV3UmVxdWVzdCwgcG9saWN5KTsKKyAgICAgICAgaWYgKHBvbGljeSA9PSBDRkhUVFBD b29raWVTdG9yYWdlQWNjZXB0UG9saWN5T25seUZyb21NYWluRG9jdW1lbnREb21haW4pIHsKKyAg ICAgICAgICAgIENGVVJMUmVmIHVybCA9IENGVVJMUmVxdWVzdEdldFVSTChuZXdSZXF1ZXN0KTsK KyAgICAgICAgICAgIFJldGFpblB0cjxDRkFycmF5UmVmPiBjb29raWVzKEFkb3B0Q0YsIENGSFRU UENvb2tpZVN0b3JhZ2VDb3B5Q29va2llc0ZvclVSTChjb29raWVTdG9yYWdlLCB1cmwsIGZhbHNl KSk7CisgICAgICAgICAgICBpZiAoQ0ZBcnJheUdldENvdW50KGNvb2tpZXMuZ2V0KCkpKQorICAg ICAgICAgICAgICAgIENGVVJMUmVxdWVzdFNldE1haW5Eb2N1bWVudFVSTChuZXdSZXF1ZXN0LCB1 cmwpOworICAgICAgICB9CiAgICAgfQogCiAgICAgcmV0dXJuIG5ld1JlcXVlc3Q7CkluZGV4OiBX ZWJDb3JlL3BsYXRmb3JtL25ldHdvcmsvbWFjL1Jlc291cmNlSGFuZGxlTWFjLm1tCj09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT0KLS0tIFdlYkNvcmUvcGxhdGZvcm0vbmV0d29yay9tYWMvUmVzb3VyY2VIYW5kbGVNYWMubW0J KHJldmlzaW9uIDU1NjY2KQorKysgV2ViQ29yZS9wbGF0Zm9ybS9uZXR3b3JrL21hYy9SZXNvdXJj ZUhhbmRsZU1hYy5tbQkod29ya2luZyBjb3B5KQpAQCAtMjIzLDYgKzIyMywxMiBAQCBib29sIFJl c291cmNlSGFuZGxlOjpzdGFydChGcmFtZSogZnJhbWUpCiAKICAgICBkLT5tX25lZWRzU2l0ZVNw ZWNpZmljUXVpcmtzID0gZnJhbWUtPnNldHRpbmdzKCkgJiYgZnJhbWUtPnNldHRpbmdzKCktPm5l ZWRzU2l0ZVNwZWNpZmljUXVpcmtzKCk7CiAKKyAgICAvLyBJZiBhIFVSTCBhbHJlYWR5IGhhcyBj b29raWVzLCB0aGVuIHdlJ2xsIHJlbGF4IHRoZSAzcmQgcGFydHkgY29va2llIHBvbGljeSBhbmQg YWNjZXB0IG5ldyBjb29raWVzLgorICAgIE5TSFRUUENvb2tpZVN0b3JhZ2UgKnNoYXJlZFN0b3Jh Z2UgPSBbTlNIVFRQQ29va2llU3RvcmFnZSBzaGFyZWRIVFRQQ29va2llU3RvcmFnZV07CisgICAg aWYgKFtzaGFyZWRTdG9yYWdlIGNvb2tpZUFjY2VwdFBvbGljeV0gPT0gTlNIVFRQQ29va2llQWNj ZXB0UG9saWN5T25seUZyb21NYWluRG9jdW1lbnREb21haW4KKyAgICAgICAgJiYgW1tzaGFyZWRT dG9yYWdlIGNvb2tpZXNGb3JVUkw6ZC0+bV9yZXF1ZXN0LnVybCgpXSBjb3VudF0pCisgICAgICAg IGQtPm1fcmVxdWVzdC5zZXRGaXJzdFBhcnR5Rm9yQ29va2llcyhkLT5tX3JlcXVlc3QudXJsKCkp OworCiAgICAgTlNVUkxDb25uZWN0aW9uICpjb25uZWN0aW9uOwogICAgIAogICAgIGlmIChkLT5t X3Nob3VsZENvbnRlbnRTbmlmZiB8fCBmcmFtZS0+c2V0dGluZ3MoKS0+bG9jYWxGaWxlQ29udGVu dFNuaWZmaW5nRW5hYmxlZCgpKSAKQEAgLTQxOSwxMyArNDI1LDIyIEBAIHZvaWQgUmVzb3VyY2VI YW5kbGU6OmxvYWRSZXNvdXJjZVN5bmNocm8KIAogICAgIEFTU0VSVCghcmVxdWVzdC5pc0VtcHR5 KCkpOwogICAgIAotICAgIE5TVVJMUmVxdWVzdCAqbnNSZXF1ZXN0OworICAgIE5TTXV0YWJsZVVS TFJlcXVlc3QgKm11dGFibGVSZXF1ZXN0ID0gbmlsOwogICAgIGlmICghc2hvdWxkQ29udGVudFNu aWZmVVJMKHJlcXVlc3QudXJsKCkpKSB7Ci0gICAgICAgIE5TTXV0YWJsZVVSTFJlcXVlc3QgKm11 dGFibGVSZXF1ZXN0ID0gW1tyZXF1ZXN0Lm5zVVJMUmVxdWVzdCgpIG11dGFibGVDb3B5XSBhdXRv cmVsZWFzZV07CisgICAgICAgIG11dGFibGVSZXF1ZXN0ID0gW1tyZXF1ZXN0Lm5zVVJMUmVxdWVz dCgpIG11dGFibGVDb3B5XSBhdXRvcmVsZWFzZV07CiAgICAgICAgIHdrU2V0TlNVUkxSZXF1ZXN0 U2hvdWxkQ29udGVudFNuaWZmKG11dGFibGVSZXF1ZXN0LCBOTyk7Ci0gICAgICAgIG5zUmVxdWVz dCA9IG11dGFibGVSZXF1ZXN0OwotICAgIH0gZWxzZQotICAgICAgICBuc1JlcXVlc3QgPSByZXF1 ZXN0Lm5zVVJMUmVxdWVzdCgpOworICAgIH0gCisKKyAgICAvLyBJZiBhIFVSTCBhbHJlYWR5IGhh cyBjb29raWVzLCB0aGVuIHdlJ2xsIGlnbm9yZSB0aGUgM3JkIHBhcnR5IGNvb2tpZSBwb2xpY3kg YW5kIGFjY2VwdCBuZXcgY29va2llcy4KKyAgICBOU0hUVFBDb29raWVTdG9yYWdlICpzaGFyZWRT dG9yYWdlID0gW05TSFRUUENvb2tpZVN0b3JhZ2Ugc2hhcmVkSFRUUENvb2tpZVN0b3JhZ2VdOwor ICAgIGlmIChbc2hhcmVkU3RvcmFnZSBjb29raWVBY2NlcHRQb2xpY3ldID09IE5TSFRUUENvb2tp ZUFjY2VwdFBvbGljeU9ubHlGcm9tTWFpbkRvY3VtZW50RG9tYWluCisgICAgICAgICYmIFtbc2hh cmVkU3RvcmFnZSBjb29raWVzRm9yVVJMOnJlcXVlc3QudXJsKCldIGNvdW50XSkgeworICAgICAg ICBpZiAoIW11dGFibGVSZXF1ZXN0KQorICAgICAgICAgICAgbXV0YWJsZVJlcXVlc3QgPSBbW3Jl cXVlc3QubnNVUkxSZXF1ZXN0KCkgbXV0YWJsZUNvcHldIGF1dG9yZWxlYXNlXTsKKyAgICAgICAg W211dGFibGVSZXF1ZXN0IHNldE1haW5Eb2N1bWVudFVSTDpbbXV0YWJsZVJlcXVlc3QgVVJMXV07 CisgICAgfQorICAgIAorICAgIE5TVVJMUmVxdWVzdCAqbnNSZXF1ZXN0ID0gbXV0YWJsZVJlcXVl c3QgPyBtdXRhYmxlUmVxdWVzdCA6IHJlcXVlc3QubnNVUkxSZXF1ZXN0KCk7CiAgICAgICAgICAg ICAKICAgICBCRUdJTl9CTE9DS19PQkpDX0VYQ0VQVElPTlM7CiAgICAgCkluZGV4OiBMYXlvdXRU ZXN0cy9DaGFuZ2VMb2cKPT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PQotLS0gTGF5b3V0VGVzdHMvQ2hhbmdlTG9nCShyZXZp c2lvbiA1NTY2NikKKysrIExheW91dFRlc3RzL0NoYW5nZUxvZwkod29ya2luZyBjb3B5KQpAQCAt MSwzICsxLDE4IEBACisyMDEwLTAzLTA4ICBCcmFkeSBFaWRzb24gIDxiZWlkc29uQGFwcGxlLmNv bT4KKworICAgICAgICBSZXZpZXdlZCBieSBOT0JPRFkgKE9PUFMhKS4KKworICAgICAgICBSZWxh eCB0aGUgM3JkIHBhcnR5IGNvb2tpZSBwb2xpY3kgaW4gY2FzZXMgd2hlcmUgaXQgd29uJ3QgYWRk IGEgbmV3IHRyYWNraW5nIHZlY3Rvci4KKyAgICAgICAgPHJkYXI6Ly9wcm9ibGVtLzcxNjMwMTI+ IGFuZCBodHRwczovL2J1Z3Mud2Via2l0Lm9yZy9zaG93X2J1Zy5jZ2k/aWQ9MzU4MjQKKworICAg ICAgICAqIGh0dHAvdGVzdHMvY29va2llcy9yZXNvdXJjZXMvY29va2llLXV0aWxpdHkucGhwOiBB ZGRlZC4KKyAgICAgICAgKiBodHRwL3Rlc3RzL2Nvb2tpZXMvcmVzb3VyY2VzL3RoaXJkLXBhcnR5 LWNvb2tpZS1yZWxheGluZy1pZnJhbWUuaHRtbDogQWRkZWQuCisgICAgICAgICogaHR0cC90ZXN0 cy9jb29raWVzL3RoaXJkLXBhcnR5LWNvb2tpZS1yZWxheGluZy1leHBlY3RlZC50eHQ6IEFkZGVk LgorICAgICAgICAqIGh0dHAvdGVzdHMvY29va2llcy90aGlyZC1wYXJ0eS1jb29raWUtcmVsYXhp bmcuaHRtbDogQWRkZWQuCisKKyAgICAgICAgKiBwbGF0Zm9ybS9ndGsvU2tpcHBlZDoKKyAgICAg ICAgKiBwbGF0Zm9ybS9xdC9Ta2lwcGVkOgorCiAyMDEwLTAzLTA4ICBTaHUgQ2hhbmcgIDxDaGFu Zy5TaHVAbm9raWEuY29tPgogCiAgICAgICAgIFJldmlld2VkIGJ5IEhvbGdlciBGcmV5dGhlci4K SW5kZXg6IExheW91dFRlc3RzL2h0dHAvdGVzdHMvY29va2llcy90aGlyZC1wYXJ0eS1jb29raWUt cmVsYXhpbmctZXhwZWN0ZWQudHh0Cj09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT0KLS0tIExheW91dFRlc3RzL2h0dHAvdGVz dHMvY29va2llcy90aGlyZC1wYXJ0eS1jb29raWUtcmVsYXhpbmctZXhwZWN0ZWQudHh0CShyZXZp c2lvbiAwKQorKysgTGF5b3V0VGVzdHMvaHR0cC90ZXN0cy9jb29raWVzL3RoaXJkLXBhcnR5LWNv b2tpZS1yZWxheGluZy1leHBlY3RlZC50eHQJKHJldmlzaW9uIDApCkBAIC0wLDAgKzEsNDcgQEAK K0FMRVJUOiAKKworQUxFUlQ6IEFsbG93aW5nIGFsbCBjb29raWVzCitBTEVSVDogaHR0cDovL2xv Y2FsaG9zdDo4MDAwL2Nvb2tpZXMvcmVzb3VyY2VzL2Nvb2tpZS11dGlsaXR5LnBocD9xdWVyeWZ1 bmN0aW9uPWRlbGV0ZUNvb2tpZXMKK0FMRVJUOiBYSFIgcmVzcG9uc2UgLSBEZWxldGVkIGFsbCBj b29raWVzCitBTEVSVDogVGVzdCBzdGFnZSAxIGRvY3VtZW50LmNvb2tpZSBpczogCitBTEVSVDog UmVzdHJpY3RpbmcgdG8gZmlyc3QgcGFydHkgb25seSBjb29raWVzCitBTEVSVDogaHR0cDovL2xv Y2FsaG9zdDo4MDAwL2Nvb2tpZXMvcmVzb3VyY2VzL2Nvb2tpZS11dGlsaXR5LnBocD9xdWVyeWZ1 bmN0aW9uPXNldEZvb0Nvb2tpZQorQUxFUlQ6IFhIUiByZXNwb25zZSAtIFNldCB0aGUgZm9vIGNv b2tpZQorQUxFUlQ6IFRlc3Qgc3RhZ2UgMiBkb2N1bWVudC5jb29raWUgaXM6IAorQUxFUlQ6IAor CitBTEVSVDogQWxsb3dpbmcgYWxsIGNvb2tpZXMKK0FMRVJUOiBodHRwOi8vbG9jYWxob3N0Ojgw MDAvY29va2llcy9yZXNvdXJjZXMvY29va2llLXV0aWxpdHkucGhwP3F1ZXJ5ZnVuY3Rpb249ZGVs ZXRlQ29va2llcworQUxFUlQ6IFhIUiByZXNwb25zZSAtIERlbGV0ZWQgYWxsIGNvb2tpZXMKK0FM RVJUOiBUZXN0IHN0YWdlIDMgZG9jdW1lbnQuY29va2llIGlzOiAKK0FMRVJUOiBSZXN0cmljdGlu ZyB0byBmaXJzdCBwYXJ0eSBvbmx5IGNvb2tpZXMKK0FMRVJUOiBodHRwOi8vbG9jYWxob3N0Ojgw MDAvY29va2llcy9yZXNvdXJjZXMvY29va2llLXV0aWxpdHkucGhwP3F1ZXJ5ZnVuY3Rpb249c2V0 Rm9vQW5kQmFyQ29va2llCitBTEVSVDogWEhSIHJlc3BvbnNlIC0gU2V0IHRoZSBmb28gYW5kIGJh ciBjb29raWVzCitBTEVSVDogVGVzdCBzdGFnZSA0IGRvY3VtZW50LmNvb2tpZSBpczogCitBTEVS VDogCisKK0FMRVJUOiBBbGxvd2luZyBhbGwgY29va2llcworQUxFUlQ6IGh0dHA6Ly9sb2NhbGhv c3Q6ODAwMC9jb29raWVzL3Jlc291cmNlcy9jb29raWUtdXRpbGl0eS5waHA/cXVlcnlmdW5jdGlv bj1kZWxldGVDb29raWVzCitBTEVSVDogWEhSIHJlc3BvbnNlIC0gRGVsZXRlZCBhbGwgY29va2ll cworQUxFUlQ6IFRlc3Qgc3RhZ2UgNSBkb2N1bWVudC5jb29raWUgaXM6IAorQUxFUlQ6IGh0dHA6 Ly9sb2NhbGhvc3Q6ODAwMC9jb29raWVzL3Jlc291cmNlcy9jb29raWUtdXRpbGl0eS5waHA/cXVl cnlmdW5jdGlvbj1zZXRGb29Db29raWUKK0FMRVJUOiBYSFIgcmVzcG9uc2UgLSBTZXQgdGhlIGZv byBjb29raWUKK0FMRVJUOiBUZXN0IHN0YWdlIDYgZG9jdW1lbnQuY29va2llIGlzOiBmb289YXdl c29tZXZhbHVlCitBTEVSVDogUmVzdHJpY3RpbmcgdG8gZmlyc3QgcGFydHkgb25seSBjb29raWVz CitBTEVSVDogaHR0cDovL2xvY2FsaG9zdDo4MDAwL2Nvb2tpZXMvcmVzb3VyY2VzL2Nvb2tpZS11 dGlsaXR5LnBocD9xdWVyeWZ1bmN0aW9uPWRlbGV0ZUNvb2tpZXMKK0FMRVJUOiBYSFIgcmVzcG9u c2UgLSBEZWxldGVkIGFsbCBjb29raWVzCitBTEVSVDogVGVzdCBzdGFnZSA3IGRvY3VtZW50LmNv b2tpZSBpczogCitBTEVSVDogCisKK0FMRVJUOiBBbGxvd2luZyBhbGwgY29va2llcworQUxFUlQ6 IGh0dHA6Ly9sb2NhbGhvc3Q6ODAwMC9jb29raWVzL3Jlc291cmNlcy9jb29raWUtdXRpbGl0eS5w aHA/cXVlcnlmdW5jdGlvbj1kZWxldGVDb29raWVzCitBTEVSVDogWEhSIHJlc3BvbnNlIC0gRGVs ZXRlZCBhbGwgY29va2llcworQUxFUlQ6IFRlc3Qgc3RhZ2UgOCBkb2N1bWVudC5jb29raWUgaXM6 IAorQUxFUlQ6IGh0dHA6Ly9sb2NhbGhvc3Q6ODAwMC9jb29raWVzL3Jlc291cmNlcy9jb29raWUt dXRpbGl0eS5waHA/cXVlcnlmdW5jdGlvbj1zZXRGb29Db29raWUKK0FMRVJUOiBYSFIgcmVzcG9u c2UgLSBTZXQgdGhlIGZvbyBjb29raWUKK0FMRVJUOiBUZXN0IHN0YWdlIDkgZG9jdW1lbnQuY29v a2llIGlzOiBmb289YXdlc29tZXZhbHVlCitBTEVSVDogUmVzdHJpY3RpbmcgdG8gZmlyc3QgcGFy dHkgb25seSBjb29raWVzCitBTEVSVDogaHR0cDovL2xvY2FsaG9zdDo4MDAwL2Nvb2tpZXMvcmVz b3VyY2VzL2Nvb2tpZS11dGlsaXR5LnBocD9xdWVyeWZ1bmN0aW9uPXNldEZvb0FuZEJhckNvb2tp ZQorQUxFUlQ6IFhIUiByZXNwb25zZSAtIFNldCB0aGUgZm9vIGFuZCBiYXIgY29va2llcworQUxF UlQ6IFRlc3Qgc3RhZ2UgMTAgZG9jdW1lbnQuY29va2llIGlzOiBiYXI9YW5vdGhlcmF3ZXNvbWV2 YWx1ZTsgZm9vPWF3ZXNvbWV2YWx1ZQorCkluZGV4OiBMYXlvdXRUZXN0cy9odHRwL3Rlc3RzL2Nv b2tpZXMvdGhpcmQtcGFydHktY29va2llLXJlbGF4aW5nLmh0bWwKPT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PQotLS0gTGF5 b3V0VGVzdHMvaHR0cC90ZXN0cy9jb29raWVzL3RoaXJkLXBhcnR5LWNvb2tpZS1yZWxheGluZy5o dG1sCShyZXZpc2lvbiAwKQorKysgTGF5b3V0VGVzdHMvaHR0cC90ZXN0cy9jb29raWVzL3RoaXJk LXBhcnR5LWNvb2tpZS1yZWxheGluZy5odG1sCShyZXZpc2lvbiAwKQpAQCAtMCwwICsxLDkyIEBA Cis8aHRtbD4KKzxoZWFkPgorPHNjcmlwdD4KKworaWYgKHdpbmRvdy5sYXlvdXRUZXN0Q29udHJv bGxlcikgeworICAgIGxheW91dFRlc3RDb250cm9sbGVyLmR1bXBBc1RleHQoKTsKKyAgICBsYXlv dXRUZXN0Q29udHJvbGxlci53YWl0VW50aWxEb25lKCk7Cit9CisKK3dpbmRvdy5vbm1lc3NhZ2Ug PSBmdW5jdGlvbihldnQpCit7CisgICAgaWYgKGV2dC5kYXRhICE9ICJkb25lIikgeworICAgICAg ICBhbGVydCgiVW5leHBlY3RlZCBtZXNzYWdlOiAiICsgZXZ0LmRhdGEpOworICAgICAgICByZXR1 cm47CisgICAgfQorICAgIAorICAgIHJ1bk5leHRUZXN0T3JGaW5pc2goKTsKK30KKworZnVuY3Rp b24gYWxsb3dBbGxDb29raWVzKCkKK3sKKyAgICBhbGVydCgiQWxsb3dpbmcgYWxsIGNvb2tpZXMi KTsKKyAgICBpZiAod2luZG93LmxheW91dFRlc3RDb250cm9sbGVyKQorICAgICAgICBsYXlvdXRU ZXN0Q29udHJvbGxlci5zZXRBbHdheXNBY2NlcHRDb29raWVzKHRydWUpOworICAgIHJ1bk5leHRU ZXN0T3JGaW5pc2goKTsKK30KKworZnVuY3Rpb24gcmVzdHJpY3RDb29raWVzKCkKK3sKKyAgICBh bGVydCgiUmVzdHJpY3RpbmcgdG8gZmlyc3QgcGFydHkgb25seSBjb29raWVzIik7CisgICAgaWYg KHdpbmRvdy5sYXlvdXRUZXN0Q29udHJvbGxlcikKKyAgICAgICAgbGF5b3V0VGVzdENvbnRyb2xs ZXIuc2V0QWx3YXlzQWNjZXB0Q29va2llcyhmYWxzZSk7CisgICAgcnVuTmV4dFRlc3RPckZpbmlz aCgpOworfQorCitmdW5jdGlvbiBkZWxldGVBbGxDb29raWVzKCkKK3sKKyAgICBzZW5kWEhSKCJk ZWxldGVDb29raWVzIik7Cit9CisKK2Z1bmN0aW9uIGVjaG9Db29raWVzKCkKK3sKKyAgICB3aW5k b3cuZnJhbWVzWzBdLnBvc3RNZXNzYWdlKCJzaG93Q29va2llcyIsICIqIik7Cit9CisKK2Z1bmN0 aW9uIHNlbmRYSFIoY29tbWFuZCkKK3sKKyAgICB3aW5kb3cuZnJhbWVzWzBdLnBvc3RNZXNzYWdl KCJzZW5kWEhSICIgKyBjb21tYW5kLCAiKiIpOworfQorCitmdW5jdGlvbiBzZXRGb29Db29raWUo KQoreworICAgIHNlbmRYSFIoInNldEZvb0Nvb2tpZSIpOworfQorCitmdW5jdGlvbiBzZXRGb29B bmRCYXJDb29raWVzKCkKK3sKKyAgICBzZW5kWEhSKCJzZXRGb29BbmRCYXJDb29raWUiKTsKK30K KworZnVuY3Rpb24gc3RhcnROZXdUZXN0KCkKK3sKKyAgICBhbGVydCgiXG4iKTsKKyAgICBydW5O ZXh0VGVzdE9yRmluaXNoKCk7Cit9CisKK3ZhciBjdXJyZW50RnVuY3Rpb24gPSAwOwordmFyIGZ1 bmN0aW9ucyA9IG5ldyBBcnJheSgKKyAgICBzdGFydE5ld1Rlc3QsIGFsbG93QWxsQ29va2llcywg ZGVsZXRlQWxsQ29va2llcywgZWNob0Nvb2tpZXMsIHJlc3RyaWN0Q29va2llcywgc2V0Rm9vQ29v a2llLCBlY2hvQ29va2llcywKKyAgICBzdGFydE5ld1Rlc3QsIGFsbG93QWxsQ29va2llcywgZGVs ZXRlQWxsQ29va2llcywgZWNob0Nvb2tpZXMsIHJlc3RyaWN0Q29va2llcywgc2V0Rm9vQW5kQmFy Q29va2llcywgZWNob0Nvb2tpZXMsCisgICAgc3RhcnROZXdUZXN0LCBhbGxvd0FsbENvb2tpZXMs IGRlbGV0ZUFsbENvb2tpZXMsIGVjaG9Db29raWVzLCBzZXRGb29Db29raWUsIGVjaG9Db29raWVz LCByZXN0cmljdENvb2tpZXMsIGRlbGV0ZUFsbENvb2tpZXMsIGVjaG9Db29raWVzLAorICAgIHN0 YXJ0TmV3VGVzdCwgYWxsb3dBbGxDb29raWVzLCBkZWxldGVBbGxDb29raWVzLCBlY2hvQ29va2ll cywgc2V0Rm9vQ29va2llLCBlY2hvQ29va2llcywgcmVzdHJpY3RDb29raWVzLCBzZXRGb29BbmRC YXJDb29raWVzLCBlY2hvQ29va2llcworKTsKKworZnVuY3Rpb24gcnVuTmV4dFRlc3RPckZpbmlz aCgpCit7CisgICAgaWYgKGN1cnJlbnRGdW5jdGlvbiA+PSBmdW5jdGlvbnMubGVuZ3RoKSB7Cisg ICAgICAgIGlmICh3aW5kb3cubGF5b3V0VGVzdENvbnRyb2xsZXIpCisgICAgICAgICAgICBsYXlv dXRUZXN0Q29udHJvbGxlci5ub3RpZnlEb25lKCk7CisgICAgICAgIHJldHVybjsKKyAgICB9Cisg ICAgCisgICAgdmFyIGZ1bmN0aW9uVG9SdW4gPSBjdXJyZW50RnVuY3Rpb24rKzsKKyAgICBmdW5j dGlvbnNbZnVuY3Rpb25Ub1J1bl0oKTsKK30KKworPC9zY3JpcHQ+Cis8L2hlYWQ+Cis8Ym9keSBv bmxvYWQ9InJ1bk5leHRUZXN0T3JGaW5pc2goKTsiPgorPGlmcmFtZSBpZD0ndGVzdEZyYW1lJyBz cmM9Imh0dHA6Ly9sb2NhbGhvc3Q6ODAwMC9jb29raWVzL3Jlc291cmNlcy90aGlyZC1wYXJ0eS1j b29raWUtcmVsYXhpbmctaWZyYW1lLmh0bWwiPjwvaWZyYW1lPgorPC9ib2R5PgorPC9odG1sPgpJ bmRleDogTGF5b3V0VGVzdHMvaHR0cC90ZXN0cy9jb29raWVzL3Jlc291cmNlcy9jb29raWUtdXRp bGl0eS5waHAKPT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PQotLS0gTGF5b3V0VGVzdHMvaHR0cC90ZXN0cy9jb29raWVzL3Jl c291cmNlcy9jb29raWUtdXRpbGl0eS5waHAJKHJldmlzaW9uIDApCisrKyBMYXlvdXRUZXN0cy9o dHRwL3Rlc3RzL2Nvb2tpZXMvcmVzb3VyY2VzL2Nvb2tpZS11dGlsaXR5LnBocAkocmV2aXNpb24g MCkKQEAgLTAsMCArMSw0MCBAQAorPD9waHAKK3BhcnNlX3N0cigkX1NFUlZFUlsiUVVFUllfU1RS SU5HIl0pOworCitmdW5jdGlvbiBkZWxldGVDb29raWUoJHZhbHVlLCAkbmFtZSkKK3sKKyAgICBz ZXRjb29raWUoJG5hbWUsICJkZWxldGVkIiwgdGltZSgpIC0gODY0MDApOworfQorCitpZiAoJHF1 ZXJ5ZnVuY3Rpb24gPT0gImRlbGV0ZUNvb2tpZXMiKSB7CisgICAgYXJyYXlfd2FsaygkX0NPT0tJ RSwgZGVsZXRlQ29va2llKTsKKyAgICBlY2hvICJEZWxldGVkIGFsbCBjb29raWVzIjsKKyAgICBy ZXR1cm47Cit9CisKK2lmICgkcXVlcnlmdW5jdGlvbiA9PSAic2V0Rm9vQ29va2llIikgeworICAg IHNldGNvb2tpZSgiZm9vIiwgImF3ZXNvbWV2YWx1ZSIsIHRpbWUoKSArIDg2NDAwKTsKKyAgICBl Y2hvICJTZXQgdGhlIGZvbyBjb29raWUiOworICAgIHJldHVybjsKK30KKworaWYgKCRxdWVyeWZ1 bmN0aW9uID09ICJzZXRGb29BbmRCYXJDb29raWUiKSB7CisgICAgc2V0Y29va2llKCJmb28iLCAi YXdlc29tZXZhbHVlIiwgdGltZSgpICsgODY0MDApOworICAgIHNldGNvb2tpZSgiYmFyIiwgImFu b3RoZXJhd2Vzb21ldmFsdWUiLCB0aW1lKCkgKyA4NjQwMCk7CisgICAgZWNobyAiU2V0IHRoZSBm b28gYW5kIGJhciBjb29raWVzIjsKKyAgICByZXR1cm47Cit9CisKKy8vIERlZmF1bHQgZm9yIGFu eSBvdGhlciBzdHJpbmcgaXMgZWNobyBjb29raWVzLgorZnVuY3Rpb24gZWNob0Nvb2tpZSgkdmFs dWUsICRuYW1lKQoreworICAgIGVjaG8gIiRuYW1lID0gJHZhbHVlXG4iOworfQorCitmdW5jdGlv biBlY2hvQWxsQ29va2llcygpCit7CisgICAgZWNobyAiQ29va2llcyBhcmU6XG4iOworICAgIGFy cmF5X3dhbGsoJF9DT09LSUUsIGVjaG9Db29raWUpOyAgICAKK30KKworPz4KSW5kZXg6IExheW91 dFRlc3RzL2h0dHAvdGVzdHMvY29va2llcy9yZXNvdXJjZXMvdGhpcmQtcGFydHktY29va2llLXJl bGF4aW5nLWlmcmFtZS5odG1sCj09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT0KLS0tIExheW91dFRlc3RzL2h0dHAvdGVzdHMv Y29va2llcy9yZXNvdXJjZXMvdGhpcmQtcGFydHktY29va2llLXJlbGF4aW5nLWlmcmFtZS5odG1s CShyZXZpc2lvbiAwKQorKysgTGF5b3V0VGVzdHMvaHR0cC90ZXN0cy9jb29raWVzL3Jlc291cmNl cy90aGlyZC1wYXJ0eS1jb29raWUtcmVsYXhpbmctaWZyYW1lLmh0bWwJKHJldmlzaW9uIDApCkBA IC0wLDAgKzEsNDcgQEAKKzxodG1sPgorPHNjcmlwdD4KKworaWYgKHdpbmRvdy5sYXlvdXRUZXN0 Q29udHJvbGxlcikKKyAgICBsYXlvdXRUZXN0Q29udHJvbGxlci5kdW1wQXNUZXh0KCk7CisKK3dp bmRvdy5vbm1lc3NhZ2UgPSBmdW5jdGlvbihldnQpCit7CisgICAgaWYgKGV2dC5kYXRhID09ICJz aG93Q29va2llcyIpIHsKKyAgICAgICAgc2hvd0Nvb2tpZXMoKTsKKyAgICAgICAgcmV0dXJuOwor ICAgIH0gZWxzZSBpZiAoZXZ0LmRhdGEuc3BsaXQoIiAiKVswXSA9PSAic2VuZFhIUiIpIHsKKyAg ICAgICAgc2VuZFhIUihldnQuZGF0YS5zcGxpdCgiICIpWzFdKTsKKyAgICAgICAgcmV0dXJuOwor ICAgIH0gZWxzZQorICAgICAgICBhbGVydCgiVW5rbm93biBtZXNzYWdlLiIpOworfQorCit2YXIg c3RhZ2UgPSAxOworZnVuY3Rpb24gc2hvd0Nvb2tpZXMoKQoreworICAgIGFsZXJ0KCJUZXN0IHN0 YWdlICIgKyBzdGFnZSsrICsgIiBkb2N1bWVudC5jb29raWUgaXM6ICIgKyBkb2N1bWVudC5jb29r aWUpOworICAgIHBhcmVudC53aW5kb3cucG9zdE1lc3NhZ2UoImRvbmUiLCAiKiIpOyAgICAKK30K KworZnVuY3Rpb24gc2VuZFhIUihxdWVyeUNvbW1hbmQpCit7CisgICAgdmFyIGJhc2V1cmwgPSAi aHR0cDovL2xvY2FsaG9zdDo4MDAwL2Nvb2tpZXMvcmVzb3VyY2VzL2Nvb2tpZS11dGlsaXR5LnBo cCI7CisgICAgdmFyIHVybCA9IHF1ZXJ5Q29tbWFuZCA/IGJhc2V1cmwgKyAiP3F1ZXJ5ZnVuY3Rp b249IiArIHF1ZXJ5Q29tbWFuZCA6IGJhc2V1cmw7CisgICAgYWxlcnQodXJsKTsKKyAgICB2YXIg cmVxID0gbmV3IFhNTEh0dHBSZXF1ZXN0KCk7CisgICAgcmVxLm9wZW4oJ0dFVCcsIHVybCwgZmFs c2UpOworICAgIHJlcS5zZW5kKCk7CisKKyAgICBpZiAocmVxLnN0YXR1cyA9PSAyMDApCisgICAg ICAgIGFsZXJ0KCJYSFIgcmVzcG9uc2UgLSAiICsgcmVxLnJlc3BvbnNlVGV4dCk7CisgICAgZWxz ZQorICAgICAgICBhbGVydCgieGhyIGVycm9yIik7CisgICAgCisgICAgcGFyZW50LndpbmRvdy5w b3N0TWVzc2FnZSgiZG9uZSIsICIqIik7ICAgIAorfQorCis8L3NjcmlwdD4KKzxib2R5PgorSEVM TE8gVEhFUkUKKzwvYm9keT4KKzwvaHRtbD4KSW5kZXg6IExheW91dFRlc3RzL3BsYXRmb3JtL2d0 ay9Ta2lwcGVkCj09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT0KLS0tIExheW91dFRlc3RzL3BsYXRmb3JtL2d0ay9Ta2lwcGVk CShyZXZpc2lvbiA1NTY2NikKKysrIExheW91dFRlc3RzL3BsYXRmb3JtL2d0ay9Ta2lwcGVkCSh3 b3JraW5nIGNvcHkpCkBAIC01ODA4LDYgKzU4MDgsOSBAQCBmYXN0L2RvbS9HZW9sb2NhdGlvbi9w ZXJtaXNzaW9uLWRlbmllZC5oCiAjIGh0dHBzOi8vYnVncy53ZWJraXQub3JnL3Nob3dfYnVnLmNn aT9pZD0zNTc5MwogbWVkaWEvdmlkZW8tcHJlbG9hZC5odG1sCiAKKyMgaHR0cHM6Ly9idWdzLndl YmtpdC5vcmcvc2hvd19idWcuY2dpP2lkPTM1ODI0IC0gRG9lc24ndCBhcHBseSB0byBwbGF0Zm9y bXMgdGhhdCBkb24ndCBlbmZvcmNlIHRoZSBDRk5ldHdvcmstc3R5bGUgM3JkIHBhcnR5IGNvb2tp ZSBwb2xpY3kKK2h0dHAvdGVzdHMvY29va2llcy90aGlyZC1wYXJ0eS1jb29raWUtcmVsYXhpbmcu aHRtbAorCiAjIE5lZWRzIGRvdWJsZSBjbGljayBzdXBwb3J0IGluIERSVAogIyBTZWUgaHR0cHM6 Ly9idWdzLndlYmtpdC5vcmcvc2hvd19idWcuY2dpP2lkPTM1ODYyCiBmYXN0L2V2ZW50cy96b29t LWRibGNsaWNrLmh0bWwKSW5kZXg6IExheW91dFRlc3RzL3BsYXRmb3JtL3F0L1NraXBwZWQKPT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PQotLS0gTGF5b3V0VGVzdHMvcGxhdGZvcm0vcXQvU2tpcHBlZAkocmV2aXNpb24gNTU2 NjYpCisrKyBMYXlvdXRUZXN0cy9wbGF0Zm9ybS9xdC9Ta2lwcGVkCSh3b3JraW5nIGNvcHkpCkBA IC01MDk0LDMgKzUwOTQsOSBAQCBqYXZhCiAjIHNlZSBodHRwczovL2J1Z3Mud2Via2l0Lm9yZy9z aG93X2J1Zy5jZ2k/aWQ9MzMxODAuCiAjIENvcmUgZnVuY3Rpb25hbGl0eSBpcyB0ZXN0ZWQgaW4g cGx1Z2lucy9wcml2YXRlLWJyb3dzaW5nLW1vZGUtMi5odG1sCiBwbHVnaW5zL3ByaXZhdGUtYnJv d3NpbmctbW9kZS5odG1sCisKKyMgUXQncyBEUlQgZG9lc24ndCBub3Qgc2VlbSB0byBzdXBwb3J0 IHRoZSBsYXlvdXRUZXN0Q29udHJvbGxlci5ldmFsdWF0ZVNjcmlwdEluSXNvbGF0ZWRXb3JsZCgp IGNhbGwuCitzdG9yYWdlL29wZW4tZGF0YWJhc2UtY3JlYXRpb24tY2FsbGJhY2staXNvbGF0ZWQt d29ybGQuaHRtbAorCisjIGh0dHBzOi8vYnVncy53ZWJraXQub3JnL3Nob3dfYnVnLmNnaT9pZD0z NTgyNCAtIERvZXNuJ3QgYXBwbHkgdG8gcGxhdGZvcm1zIHRoYXQgZG9uJ3QgZW5mb3JjZSB0aGUg Q0ZOZXR3b3JrLXN0eWxlIDNyZCBwYXJ0eSBjb29raWUgcG9saWN5CitodHRwL3Rlc3RzL2Nvb2tp ZXMvdGhpcmQtcGFydHktY29va2llLXJlbGF4aW5nLmh0bWwK