45372 2010-09-08 00:27:57 -0700 EventSource fails to connect if Content-Type header has a charset attribute 2011-06-23 10:01:52 -0700 1 1 1 Unclassified WebKit WebCore Misc. 528+ (Nightly build) PC Windows XP RESOLVED FIXED P2 Normal --- 1 richard jchaffraix adam.bergkvist annevk ap commit-queue eric goberman oldest_to_newest 275655 0 richard 2010-09-08 00:27:57 -0700 For example: HTTP/1.1 200 OK Content-Type: text/event-stream; charset=UTF-8 Fails with an error event being received to the onerror handler. 278872 1 adam.bergkvist 2010-09-14 07:09:02 -0700 Since UTF-8 is the only encoding allowed for text/event-stream, the charset parameter doesn't add anything. However, what we perhaps should do is to make sure that anyhow specifying charset=UTF-8 doesn't fail. 279025 2 annevk 2010-09-14 10:53:47 -0700 Tests: http://tc.labs.opera.com/apis/EventSource/format-mime-trailing-semicolon.htm http://tc.labs.opera.com/apis/EventSource/format-utf-8.htm Can be used under any license you want. (Opera should start matching these tests soon too. Hopefully we can then move the specification forward.) 279374 3 67641 jchaffraix 2010-09-14 21:42:57 -0700 Created attachment 67641 Proposed fix: Use the MIME type and not directly the Content-Type header I just saw that Opera has some nice test-cases. The 2 test cases included in the fix are complementary to one mentioned by Anne. We may want to include the whole test suite to make sure we match the specification and Opera (my testing showed that WebKit was the only one to support EventSource for now). 279382 4 67641 ap 2010-09-14 22:11:05 -0700 Comment on attachment 67641 Proposed fix: Use the MIME type and not directly the Content-Type header > + "text/event-stream" does not work. text/event-stream-foobar > - if (statusCode == 200 && response.httpHeaderField("Content-Type") == "text/event-stream") { > + if (statusCode == 200 && response.mimeType() == "text/event-stream") { Do we disable content sniffing for EventSource? MIME type is normally subject to content sniffing, while ResourceResponse.httpHeaderField("Content-Type") is not. So, there is a chance that mimeType() will return text/plain. The rest of the patch looks fine to me. 279422 5 richard 2010-09-15 00:09:01 -0700 Yes we want to disable content sniffing for EventSource. Content sniffing generally requires buffering a certain amount of data before giving it to the application which would be bad for EventSource. 279539 6 adam.bergkvist 2010-09-15 07:26:57 -0700 (In reply to comment #3) > - if (statusCode == 200 && response.httpHeaderField("Content-Type") == "text/event-stream") { > + if (statusCode == 200 && response.mimeType() == "text/event-stream") { Besides checking the mime type, shouldn't we verify that the charset parameter, if present, is UTF-8? I think the test eventsource-content-type-text-event-stream-foobar is redundant, see the existing eventsource-bad-mime-type test. (In reply to comment #4) Yes, content sniffing is indeed disabled for the reason mentioned in comment #5. 279710 7 jchaffraix 2010-09-15 14:18:56 -0700 (In reply to comment #6) > (In reply to comment #3) > > > - if (statusCode == 200 && response.httpHeaderField("Content-Type") == "text/event-stream") { > > + if (statusCode == 200 && response.mimeType() == "text/event-stream") { > > Besides checking the mime type, shouldn't we verify that the charset parameter, > if present, is UTF-8? The question is what should we do if the charset is not UTF-8. The specification does not allow anything else so we need to define this behaviour. My solution was just to ignore anything not part of the MIME type. We may want to send a console warning if we have Content-Type != MIME type. > I think the test eventsource-content-type-text-event-stream-foobar is redundant, see the existing eventsource-bad-mime-type test. Yes and no. Your test checks a completely unrelated mime type ("text/bogus"). I just wanted to make sure we don't match MIME types that starts with "text/event-stream". I think it is still relevant and complement your test. 279799 8 ap 2010-09-15 16:08:01 -0700 >The question is what should we do if the charset is not UTF-8. I slightly prefer failing the connection. It seems unsafe to ignore what the server says, and also, it is not unthinkable that in the future, arbitrary encodings will be supported (not that HTML5 is going to change soon, but what if, say, a dominant browser implements it that way?) 280013 9 adam.bergkvist 2010-09-16 04:41:22 -0700 (In reply to comment #7) >Yes and no. Your test checks a completely unrelated mime type ("text/bogus"). I just wanted to make sure we don't match MIME types that starts with "text/event-stream". I think it is still relevant and complement your test. This could be a test for a test suite to verify that implementations don't rely on only matching the beginning of the mime type. However, it is not a regression test for this particular bug, since mime type "text/event-stream-foobar" already fails with the current implementation. (In reply to comment #8) > I slightly prefer failing the connection. It seems unsafe to ignore what the server says, and also, it is not unthinkable that in the future, arbitrary encodings will be supported (not that HTML5 is going to change soon, but what if, say, a dominant browser implements it that way?) I agree. 280565 10 annevk 2010-09-17 00:38:45 -0700 Per my reading of the specification the charset parameter should just be ignored. No different from text/cache-manifest. That is what our test suite is testing. That makes the most sense as well, given that servers might sometimes append weird things there. 280567 11 ap 2010-09-17 00:46:01 -0700 I feel that the spec is written in a manner that's less than pragmatic in this regard. Trying to pretend that text encodings don't exist on the web doesn't seem helpful neither short term nor long term. It certainly complicates implementation to have "new" features take a different code path for text decoding. 280750 12 ap 2010-09-17 11:09:01 -0700 It also seems that EventSource or HTML5 don't really have a say in how charset should be handled - it's defined by HTTP spec. The higher level specs can mandate that some encodings must be supported, or prohibit establishing a connection when other ones are used, but they can't say that the charset parameter doesn't exist for their purposes. Anyway, I don't see huge harm from going either way. 282044 13 jchaffraix 2010-09-20 20:05:32 -0700 > Anyway, I don't see huge harm from going either way. Currently we are just ignoring anything that is not in the MIME type in our appcache implementation. The appcache standard is also silent on the charset handling so it would make sense to follow the same pattern for coherency in the EventSource. Alexey, you mentioned that there may be security issues involved in ignoring what the server send. If this is the case, then the 2 approaches are not symmetrical and we should just fail early and update our appcache implementation to do the same. 282388 14 ap 2010-09-21 10:12:12 -0700 > it would make sense to follow the same pattern for coherency in the EventSource Or vice versa. > Alexey, you mentioned that there may be security issues involved in ignoring what the server send. I didn't say the "security" word. Some antivirus software may not be aware of this HTTP violation, so it may misparse event streams and manifests, but I don't see why antivirus software would want to look inside those anyway. 283479 15 jchaffraix 2010-09-22 19:58:20 -0700 > > it would make sense to follow the same pattern for coherency in the EventSource > > Or vice versa. Right :) > > Alexey, you mentioned that there may be security issues involved in ignoring what the server send. > > I didn't say the "security" word. Sorry for jumping a bit on this one. > Some antivirus software may not be aware of this HTTP violation, so it may misparse event streams and manifests, but I don't see why antivirus software would want to look inside those anyway. Looks like this is something we would like to avoid in the absolute. I am not set up on the solution but taking the charset into account has this upside (plus the support for other charset in the future). Unless there is some strong resistance from Anne, this is way I will go for the next iteration. 283566 16 annevk 2010-09-23 02:58:43 -0700 I do not think this is a HTTP violation. Each media type gets to decide whether the charset parameter works for it. (It's a feature of the media type, not the Content-Type header.) If you want to change the specifications for EventSource and appcache I suggest you get the relevant specifications changed. 283675 17 ap 2010-09-23 08:54:11 -0700 I'd say that practically, text/ subtypes don't get a chance to pretend that they are binary. I don't think that this change should be blocked on changing (or in my reading, clarifying) HTML5 and EventSource specs. The fact that WebKit will be slightly more strict in this edge case shouldn't do harm to anyone. 284178 18 richard 2010-09-23 18:46:42 -0700 I (the original submitter) am happy with the distinction between mime type and content type as described in comment #16. I agree that the stricter the better. I'm happy for this to be closed as invalid. The main problem is that it was difficult to determine what the issue was because the error handler gets no information about the error. I had to read the source code to determine the possible causes of an error. 284204 19 ap 2010-09-23 20:43:07 -0700 That's a great point, we should definitely add logging here. 321825 20 67641 eric 2010-12-14 01:52:38 -0800 Comment on attachment 67641 Proposed fix: Use the MIME type and not directly the Content-Type header Seems this is approved and only needs to be landed? Logging can be done in a follow-up patch, no? 321861 21 67641 commit-queue 2010-12-14 03:30:01 -0800 Comment on attachment 67641 Proposed fix: Use the MIME type and not directly the Content-Type header Clearing flags on attachment: 67641 Committed r74011: <http://trac.webkit.org/changeset/74011> 321862 22 commit-queue 2010-12-14 03:30:07 -0800 All reviewed patches have been landed. Closing bug. 322074 23 ap 2010-12-14 11:35:41 -0800 > > + "text/event-stream" does not work. > text/event-stream-foobar This comment hasn't been addressed, so the patch shouldn't have been marked cq+. Another reason why it shouldn't have been marked cq+ is that it has been posted by a committer, and never marked cq?. Patches shouldn't be landed like this. 322084 24 eric 2010-12-14 11:51:37 -0800 You should feel welcome to roll it out. It was sitting marked r+ for 2 months, I figured it was time to land or r-. Seemed landable. :) 322098 25 eric 2010-12-14 12:06:04 -0800 I'm also happy to roll it out if that's the desire. Just say: sheriffbot: rollout 74011 "Was landed without addressing final comment" in #webkit or: webkit-patch rollout 74011 "Was landed without addressing final comment" on your command line and the magic will happen for you. 322122 26 ap 2010-12-14 12:39:10 -0800 I don't feel like rolling this out just because of a mistake in ChangeLog. But I'd welcome comments from Julien. 322545 27 adam.bergkvist 2010-12-15 01:58:08 -0800 Still, the new test eventsource-content-type-text-event-stream-foobar.html is not a regression test for this bug. It also duplicates eventsource-bad-mime-type.html. 322549 28 ap 2010-12-15 02:10:09 -0800 Adam, would you be willing to clean this up? I'm not sure if Julien is available at this time. 322551 29 jchaffraix 2010-12-15 02:35:37 -0800 > I don't feel like rolling this out just because of a mistake in ChangeLog. But I'd welcome comments from Julien. Sorry for the mess. This patch should not have gone in because of the issues you and Adam mentioned. Also it does not reflect the discussions we had on this bug. My take would be just to revert it. I will revisit a better alternative for the patch but it will not be before January. 327254 30 ap 2010-12-28 10:03:41 -0800 Per <http://code.google.com/p/chromium/issues/detail?id=66666>, "Tomcat always adds "charset" to the Content-Type in the response. The only workaround is to modify Tomcat internals." 372290 31 jchaffraix 2011-03-23 11:34:01 -0700 (In reply to comment #30) > Per <http://code.google.com/p/chromium/issues/detail?id=66666>, "Tomcat always adds "charset" to the Content-Type in the response. The only workaround is to modify Tomcat internals." Follow-up on this bug: see bug56942 413351 32 goberman 2011-06-01 07:01:46 -0700 Hello folks, I am trying to get EventSource working for streaming financial market data and it has been a pain so far. Can someone do me a favor and clarify the following questions: 1) The "charset attribute" bug has been fixed in the latest Chrome, but still is a problem with Safari. Is there some wiki page that describes what WebKit version is used for the Chrome/ Safari. 2) There is still a problem with memory leak that I filed about half a year ago: http://code.google.com/p/chromium/issues/detail?id=68160 I see no progress on it (Chrome bugs have terrible turnaround in general). What is the right place to file this issue for it to get resolved? 3) I set "Access-Control-Allow-Origin" header to "*" in server response, but cross domain calls fail. It is very reasonable to allow these. Can it be enhanced? I can file a feature request if necessary. Thanks in advance. 413378 33 jchaffraix 2011-06-01 08:06:40 -0700 Bugs are no place to ask questions. Please direct them to the webkit-help mailing list (http://www.webkit.org/contact.html). If you can confirm that your bug is reproducible on Safari, please file a bug on this bugzilla as it would be WebKit specific. Make sure you include the way to reproduce it. Thanks! 413386 34 goberman 2011-06-01 08:19:57 -0700 OK, Thanks. I filed 2 new bugs for EventSource: https://bugs.webkit.org/show_bug.cgi?id=61863 https://bugs.webkit.org/show_bug.cgi?id=61862 426213 35 goberman 2011-06-23 08:54:52 -0700 This bug was fixed for a while and even worked with Chrome for months. However, I have noticed it is broken again in the latest Chrome. I retested it with the WebKit nightly build and it does not work ether. The bug needs to be reopened. Can someone change the status to open, or do I need to file a new bug? 426226 36 jchaffraix 2011-06-23 09:16:29 -0700 (In reply to comment #35) > This bug was fixed for a while and even worked with Chrome for months. > However, I have noticed it is broken again in the latest Chrome. I retested it with the WebKit nightly build and it does not work ether. > > The bug needs to be reopened. Can someone change the status to open, or do I need to file a new bug? As this was fixed at one point but was regressed, please file another bug and CC me on it. We need to investigate how / why it regressed. 426246 37 goberman 2011-06-23 10:01:52 -0700 Filed: https://bugs.webkit.org/show_bug.cgi?id=63262 67641 2010-09-14 21:42:57 -0700 2010-12-14 03:30:01 -0800 Proposed fix: Use the MIME type and not directly the Content-Type header bug45372-EventSource-ContentType-charset.diff text/plain 8425 jchaffraix ZGlmZiAtLWdpdCBhL0xheW91dFRlc3RzL0NoYW5nZUxvZyBiL0xheW91dFRlc3RzL0NoYW5nZUxv ZwppbmRleCA1NzIzZmYwMGRhNDA1OWViMGI0OTY1NzUxMWU1NzFmMTdkODNiN2MyLi5hMzM0MTM1 NTA4ZTc4ODUzMGYwNmRmNDQ1NzY0M2Q0NzAyYjQ4OWMxIDEwMDY0NAotLS0gYS9MYXlvdXRUZXN0 cy9DaGFuZ2VMb2cKKysrIGIvTGF5b3V0VGVzdHMvQ2hhbmdlTG9nCkBAIC0xLDMgKzEsMjAgQEAK KzIwMTAtMDktMTQgIEp1bGllbiBDaGFmZnJhaXggIDxqY2hhZmZyYWl4QGNvZGVhdXJvcmEub3Jn PgorCisgICAgICAgIFJldmlld2VkIGJ5IE5PQk9EWSAoT09QUyEpLgorCisgICAgICAgIFRlc3Qg Zm9yOiBFdmVudFNvdXJjZSBmYWlscyB0byBjb25uZWN0IGlmIENvbnRlbnQtVHlwZSBoZWFkZXIg aGFzIGEgY2hhcnNldCBhdHRyaWJ1dGUKKyAgICAgICAgaHR0cHM6Ly9idWdzLndlYmtpdC5vcmcv c2hvd19idWcuY2dpP2lkPTQ1MzcyCisKKyAgICAgICAgVGVzdCB0aGF0IGEgQ29udGVudC1UeXBl IG9mICJ0ZXh0L2V2ZW50LXN0cmVhbTsgY2hhcnNldD1VVEY4IiB3b3JrcyBjb3JyZWN0bHkgYnV0 CisgICAgICAgICJ0ZXh0L2V2ZW50LXN0cmVhbSIgZG9lcyBub3Qgd29yay4KKworICAgICAgICAq IGh0dHAvdGVzdHMvZXZlbnRzb3VyY2UvZXZlbnRzb3VyY2UtY29udGVudC10eXBlLWNoYXJzZXQt ZXhwZWN0ZWQudHh0OiBBZGRlZC4KKyAgICAgICAgKiBodHRwL3Rlc3RzL2V2ZW50c291cmNlL2V2 ZW50c291cmNlLWNvbnRlbnQtdHlwZS1jaGFyc2V0Lmh0bWw6IEFkZGVkLgorICAgICAgICAqIGh0 dHAvdGVzdHMvZXZlbnRzb3VyY2UvZXZlbnRzb3VyY2UtY29udGVudC10eXBlLXRleHQtZXZlbnQt c3RyZWFtLWZvb2Jhci1leHBlY3RlZC50eHQ6IEFkZGVkLgorICAgICAgICAqIGh0dHAvdGVzdHMv ZXZlbnRzb3VyY2UvZXZlbnRzb3VyY2UtY29udGVudC10eXBlLXRleHQtZXZlbnQtc3RyZWFtLWZv b2Jhci5odG1sOiBBZGRlZC4KKyAgICAgICAgKiBodHRwL3Rlc3RzL2V2ZW50c291cmNlL3Jlc291 cmNlcy9yZXNwb25zZS1jb250ZW50LXR5cGUtY2hhcnNldC5waHA6IEFkZGVkLgorICAgICAgICAq IGh0dHAvdGVzdHMvZXZlbnRzb3VyY2UvcmVzb3VyY2VzL3Jlc3BvbnNlLWNvbnRlbnQtdHlwZS1l dmVudC1zdHJlYW0tZm9vYmFyLnBocDogQWRkZWQuCisKIDIwMTAtMDktMTQgIFNoZXJpZmYgQm90 ICA8d2Via2l0LnJldmlldy5ib3RAZ21haWwuY29tPgogCiAgICAgICAgIFVucmV2aWV3ZWQsIHJv bGxpbmcgb3V0IHI2NzUwMy4KZGlmZiAtLWdpdCBhL0xheW91dFRlc3RzL2h0dHAvdGVzdHMvZXZl bnRzb3VyY2UvZXZlbnRzb3VyY2UtY29udGVudC10eXBlLWNoYXJzZXQtZXhwZWN0ZWQudHh0IGIv TGF5b3V0VGVzdHMvaHR0cC90ZXN0cy9ldmVudHNvdXJjZS9ldmVudHNvdXJjZS1jb250ZW50LXR5 cGUtY2hhcnNldC1leHBlY3RlZC50eHQKbmV3IGZpbGUgbW9kZSAxMDA2NDQKaW5kZXggMDAwMDAw MDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMC4uZWYxZjYzYjhkYTdjN2QxMjM5YWJj MWMzNjk2OGM1MTNiZWM3Zjc3NAotLS0gL2Rldi9udWxsCisrKyBiL0xheW91dFRlc3RzL2h0dHAv dGVzdHMvZXZlbnRzb3VyY2UvZXZlbnRzb3VyY2UtY29udGVudC10eXBlLWNoYXJzZXQtZXhwZWN0 ZWQudHh0CkBAIC0wLDAgKzEsNyBAQAorVGVzdCBmb3IgYnVnIDQ1MzcyOiBodHRwczovL2J1Z3Mu d2Via2l0Lm9yZy9zaG93X2J1Zy5jZ2k/aWQ9NDUzNzIKKworVGVzdCBFdmVudFNvdXJjZSB3aXRo IGFuIGV2ZW50LXN0cmVhbSB3aXRoIGEgQ29udGVudC1UeXBlIHdpdGggYSBjaGFyc2V0IGlzIHN0 aWxsIHJlY29nbml6ZWQuIFlvdSBzaG91bGQgc2VlIDIgUEFTU0VEIGJlbG93IChvbmUgZm9yIG9w ZW4gYW5kIG9uZSBmb3IgbWVzc2FnZSkuCisKK1BBU1NFRDogZ290IG9wZW4gZXZlbnQKK1BBU1NF RDogZ290IG1lc3NhZ2UgZXZlbnQKKwpkaWZmIC0tZ2l0IGEvTGF5b3V0VGVzdHMvaHR0cC90ZXN0 cy9ldmVudHNvdXJjZS9ldmVudHNvdXJjZS1jb250ZW50LXR5cGUtY2hhcnNldC5odG1sIGIvTGF5 b3V0VGVzdHMvaHR0cC90ZXN0cy9ldmVudHNvdXJjZS9ldmVudHNvdXJjZS1jb250ZW50LXR5cGUt Y2hhcnNldC5odG1sCm5ldyBmaWxlIG1vZGUgMTAwNjQ0CmluZGV4IDAwMDAwMDAwMDAwMDAwMDAw MDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAuLjRlMDdmYTg2MjFjNzYyNGYwMDQ5YTJhNzgyMGZmZGMw ZTA0Y2NkZmYKLS0tIC9kZXYvbnVsbAorKysgYi9MYXlvdXRUZXN0cy9odHRwL3Rlc3RzL2V2ZW50 c291cmNlL2V2ZW50c291cmNlLWNvbnRlbnQtdHlwZS1jaGFyc2V0Lmh0bWwKQEAgLTAsMCArMSw0 MCBAQAorPCFET0NUWVBFIGh0bWw+Cis8aHRtbD4KKzxib2R5PgorPHA+VGVzdCBmb3IgYnVnIDxh IGhyZWY9Imh0dHBzOi8vYnVncy53ZWJraXQub3JnL3Nob3dfYnVnLmNnaT9pZD00NTM3MiI+NDUz NzI8L2E+OiBodHRwczovL2J1Z3Mud2Via2l0Lm9yZy9zaG93X2J1Zy5jZ2k/aWQ9NDUzNzI8L3A+ Cis8cD5UZXN0IEV2ZW50U291cmNlIHdpdGggYW4gZXZlbnQtc3RyZWFtIHdpdGggYSBDb250ZW50 LVR5cGUgd2l0aCBhIGNoYXJzZXQgaXMgc3RpbGwgcmVjb2duaXplZC4gWW91IHNob3VsZCBzZWUg MiBQQVNTRUQgYmVsb3cgKG9uZSBmb3Igb3BlbiBhbmQgb25lIGZvciBtZXNzYWdlKS48L3A+Cis8 ZGl2IGlkPSJyZXN1bHQiPjwvZGl2PgorPHNjcmlwdD4KK2Z1bmN0aW9uIGxvZyhtc2cpIHsKKyAg ICBkb2N1bWVudC5nZXRFbGVtZW50QnlJZCgicmVzdWx0IikuaW5uZXJIVE1MICs9IG1zZyArICI8 YnI+IjsKK30KKworaWYgKHdpbmRvdy5sYXlvdXRUZXN0Q29udHJvbGxlcikgeworICAgIGxheW91 dFRlc3RDb250cm9sbGVyLmR1bXBBc1RleHQoKTsKKyAgICBsYXlvdXRUZXN0Q29udHJvbGxlci53 YWl0VW50aWxEb25lKCk7Cit9CisKK3ZhciBlcyA9IG5ldyBFdmVudFNvdXJjZSgicmVzb3VyY2Vz L3Jlc3BvbnNlLWNvbnRlbnQtdHlwZS1jaGFyc2V0LnBocCIpOworCitlcy5vbm9wZW4gPSBmdW5j dGlvbiAoZXZ0KSB7CisgICAgbG9nKCJQQVNTRUQ6IGdvdCBvcGVuIGV2ZW50Iik7Cit9OworCitl cy5vbm1lc3NhZ2UgPSBmdW5jdGlvbiAoZXZ0KSB7CisgICAgbG9nKCJQQVNTRUQ6IGdvdCBtZXNz YWdlIGV2ZW50Iik7CisgICAgZW5kKCk7Cit9OworCitlcy5vbmVycm9yID0gZnVuY3Rpb24gKCkg eworICAgIGxvZygiRkFJTEVEOiB1bmV4cGVjdGVkIGVycm9yIGV2ZW50Iik7CisgICAgZW5kKCk7 Cit9OworCitmdW5jdGlvbiBlbmQoKSB7CisgICAgZXMuY2xvc2UoKTsKKyAgICBpZiAod2luZG93 LmxheW91dFRlc3RDb250cm9sbGVyKQorICAgICAgICBsYXlvdXRUZXN0Q29udHJvbGxlci5ub3Rp ZnlEb25lKCk7Cit9Cis8L3NjcmlwdD4KKzwvYm9keT4KKzwvaHRtbD4KZGlmZiAtLWdpdCBhL0xh eW91dFRlc3RzL2h0dHAvdGVzdHMvZXZlbnRzb3VyY2UvZXZlbnRzb3VyY2UtY29udGVudC10eXBl LXRleHQtZXZlbnQtc3RyZWFtLWZvb2Jhci1leHBlY3RlZC50eHQgYi9MYXlvdXRUZXN0cy9odHRw L3Rlc3RzL2V2ZW50c291cmNlL2V2ZW50c291cmNlLWNvbnRlbnQtdHlwZS10ZXh0LWV2ZW50LXN0 cmVhbS1mb29iYXItZXhwZWN0ZWQudHh0Cm5ldyBmaWxlIG1vZGUgMTAwNjQ0CmluZGV4IDAwMDAw MDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAuLjY5ZDE0NjA3OTMzMjk1MDFkMWJl MzczZDFhYmZmMGExMWY3MGVmMDMKLS0tIC9kZXYvbnVsbAorKysgYi9MYXlvdXRUZXN0cy9odHRw L3Rlc3RzL2V2ZW50c291cmNlL2V2ZW50c291cmNlLWNvbnRlbnQtdHlwZS10ZXh0LWV2ZW50LXN0 cmVhbS1mb29iYXItZXhwZWN0ZWQudHh0CkBAIC0wLDAgKzEsNiBAQAorVGVzdCBmb3IgYnVnIDQ1 MzcyOiBodHRwczovL2J1Z3Mud2Via2l0Lm9yZy9zaG93X2J1Zy5jZ2k/aWQ9NDUzNzIKKworVGVz dCBFdmVudFNvdXJjZSB3aXRoIGFuIGV2ZW50LXN0cmVhbSB3aXRoIGEgQ29udGVudC1UeXBlIG9m ICJ0ZXh0L2V2ZW50LXN0cmVhbS1mb29iYXIiIGlzIG5vdCByZWNvZ25pemVkIGFzIHZhbGlkLiBZ b3Ugc2hvdWxkIHNlZSAxIFBBU1NFRCBiZWxvdy4KKworUEFTU0VECisKZGlmZiAtLWdpdCBhL0xh eW91dFRlc3RzL2h0dHAvdGVzdHMvZXZlbnRzb3VyY2UvZXZlbnRzb3VyY2UtY29udGVudC10eXBl LXRleHQtZXZlbnQtc3RyZWFtLWZvb2Jhci5odG1sIGIvTGF5b3V0VGVzdHMvaHR0cC90ZXN0cy9l dmVudHNvdXJjZS9ldmVudHNvdXJjZS1jb250ZW50LXR5cGUtdGV4dC1ldmVudC1zdHJlYW0tZm9v YmFyLmh0bWwKbmV3IGZpbGUgbW9kZSAxMDA2NDQKaW5kZXggMDAwMDAwMDAwMDAwMDAwMDAwMDAw MDAwMDAwMDAwMDAwMDAwMDAwMC4uNmZjZmU1YzFmOTBjMWUzNWZmZWU0NDAxMzk4NmQzZDQ3NDFl NzkwOQotLS0gL2Rldi9udWxsCisrKyBiL0xheW91dFRlc3RzL2h0dHAvdGVzdHMvZXZlbnRzb3Vy Y2UvZXZlbnRzb3VyY2UtY29udGVudC10eXBlLXRleHQtZXZlbnQtc3RyZWFtLWZvb2Jhci5odG1s CkBAIC0wLDAgKzEsNDQgQEAKKzwhRE9DVFlQRSBodG1sPgorPGh0bWw+Cis8Ym9keT4KKzxwPlRl c3QgZm9yIGJ1ZyA8YSBocmVmPSJodHRwczovL2J1Z3Mud2Via2l0Lm9yZy9zaG93X2J1Zy5jZ2k/ aWQ9NDUzNzIiPjQ1MzcyPC9hPjogaHR0cHM6Ly9idWdzLndlYmtpdC5vcmcvc2hvd19idWcuY2dp P2lkPTQ1MzcyPC9wPgorPHA+VGVzdCBFdmVudFNvdXJjZSB3aXRoIGFuIGV2ZW50LXN0cmVhbSB3 aXRoIGEgQ29udGVudC1UeXBlIG9mICJ0ZXh0L2V2ZW50LXN0cmVhbS1mb29iYXIiIGlzIG5vdCBy ZWNvZ25pemVkIGFzIHZhbGlkLiBZb3Ugc2hvdWxkIHNlZSAxIFBBU1NFRCBiZWxvdy48L3A+Cis8 ZGl2IGlkPSJyZXN1bHQiPjwvZGl2PgorPHNjcmlwdD4KK2Z1bmN0aW9uIGxvZyhtc2cpIHsKKyAg ICBkb2N1bWVudC5nZXRFbGVtZW50QnlJZCgicmVzdWx0IikuaW5uZXJIVE1MICs9IG1zZyArICI8 YnI+IjsKK30KKworaWYgKHdpbmRvdy5sYXlvdXRUZXN0Q29udHJvbGxlcikgeworICAgIGxheW91 dFRlc3RDb250cm9sbGVyLmR1bXBBc1RleHQoKTsKKyAgICBsYXlvdXRUZXN0Q29udHJvbGxlci53 YWl0VW50aWxEb25lKCk7Cit9CisKK3ZhciBlcyA9IG5ldyBFdmVudFNvdXJjZSgicmVzb3VyY2Vz L3Jlc3BvbnNlLWNvbnRlbnQtdHlwZS10ZXh0LXN0cmVhbS1mb29iYXIucGhwIik7CisKK2VzLm9u b3BlbiA9IGZ1bmN0aW9uIChldnQpIHsKKyAgICBsb2coIkZBSUxFRDogZ290IHVuZXhwZWN0ZWQg b3BlbiBldmVudCIpOworICAgIGVuZCgpOworfTsKKworZXMub25tZXNzYWdlID0gZnVuY3Rpb24g KGV2dCkgeworICAgIGxvZygiRkFJTEVEOiBnb3QgdW5leHBlY3RlZCBtZXNzYWdlIGV2ZW50Iik7 CisgICAgZW5kKCk7Cit9OworCitlcy5vbmVycm9yID0gZnVuY3Rpb24gKCkgeworICAgIGlmIChl cy5yZWFkeVN0YXRlID09IGVzLkNMT1NFRCkKKyAgICAgICAgbG9nKCJQQVNTRUQiKTsKKyAgICBl bHNlCisgICAgICAgIGxvZygiRkFJTEVEOiBpbnZhbGlkIHN0YXRlIik7CisgICAgZW5kKCk7Cit9 OworCitmdW5jdGlvbiBlbmQoKSB7CisgICAgZXMuY2xvc2UoKTsKKyAgICBpZiAod2luZG93Lmxh eW91dFRlc3RDb250cm9sbGVyKQorICAgICAgICBsYXlvdXRUZXN0Q29udHJvbGxlci5ub3RpZnlE b25lKCk7Cit9Cis8L3NjcmlwdD4KKzwvYm9keT4KKzwvaHRtbD4KZGlmZiAtLWdpdCBhL0xheW91 dFRlc3RzL2h0dHAvdGVzdHMvZXZlbnRzb3VyY2UvcmVzb3VyY2VzL3Jlc3BvbnNlLWNvbnRlbnQt dHlwZS1jaGFyc2V0LnBocCBiL0xheW91dFRlc3RzL2h0dHAvdGVzdHMvZXZlbnRzb3VyY2UvcmVz b3VyY2VzL3Jlc3BvbnNlLWNvbnRlbnQtdHlwZS1jaGFyc2V0LnBocApuZXcgZmlsZSBtb2RlIDEw MDY0NAppbmRleCAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwLi5hN2Nk NDJlYjVmNDllMWU4MTA4OTU5M2ZkZGY0MmI5Zjc0Mjc4NzEwCi0tLSAvZGV2L251bGwKKysrIGIv TGF5b3V0VGVzdHMvaHR0cC90ZXN0cy9ldmVudHNvdXJjZS9yZXNvdXJjZXMvcmVzcG9uc2UtY29u dGVudC10eXBlLWNoYXJzZXQucGhwCkBAIC0wLDAgKzEsOCBAQAorPD9waHAKK2hlYWRlcigiQ29u dGVudC1UeXBlOiB0ZXh0L2V2ZW50LXN0cmVhbTsgY2hhcnNldD1VVEY4Iik7Cis/PgorCitpZDog NzcKK3JldHJ5OiAzMDAKK2RhdGE6IGhlbGxvCisKZGlmZiAtLWdpdCBhL0xheW91dFRlc3RzL2h0 dHAvdGVzdHMvZXZlbnRzb3VyY2UvcmVzb3VyY2VzL3Jlc3BvbnNlLWNvbnRlbnQtdHlwZS1ldmVu dC1zdHJlYW0tZm9vYmFyLnBocCBiL0xheW91dFRlc3RzL2h0dHAvdGVzdHMvZXZlbnRzb3VyY2Uv cmVzb3VyY2VzL3Jlc3BvbnNlLWNvbnRlbnQtdHlwZS1ldmVudC1zdHJlYW0tZm9vYmFyLnBocApu ZXcgZmlsZSBtb2RlIDEwMDY0NAppbmRleCAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAw MDAwMDAwMDAwLi5lZjFlNDYwOWM3NDU5NWExYjRhYzg3NjNhYjAzM2RkMWM3ZmM4OGRlCi0tLSAv ZGV2L251bGwKKysrIGIvTGF5b3V0VGVzdHMvaHR0cC90ZXN0cy9ldmVudHNvdXJjZS9yZXNvdXJj ZXMvcmVzcG9uc2UtY29udGVudC10eXBlLWV2ZW50LXN0cmVhbS1mb29iYXIucGhwCkBAIC0wLDAg KzEsOCBAQAorPD9waHAKK2hlYWRlcigiQ29udGVudC1UeXBlOiB0ZXh0L2V2ZW50LXN0cmVhbS1m b29iYXIiKTsKKz8+CisKK2lkOiA3NworcmV0cnk6IDMwMAorZGF0YTogaGVsbG8KKwpkaWZmIC0t Z2l0IGEvV2ViQ29yZS9DaGFuZ2VMb2cgYi9XZWJDb3JlL0NoYW5nZUxvZwppbmRleCBkYjcwYjY0 Y2E2NDMwM2MxOTM4NWI1MzU0MmZkYWY2OTRhYTU1ZmIyLi5jMzQyOWJhMmJmYTJjMzk1OTljMTcz ZWQxNDViMDEyODA1NzJhNzhmIDEwMDY0NAotLS0gYS9XZWJDb3JlL0NoYW5nZUxvZworKysgYi9X ZWJDb3JlL0NoYW5nZUxvZwpAQCAtMSwzICsxLDE3IEBACisyMDEwLTA5LTE0ICBKdWxpZW4gQ2hh ZmZyYWl4ICA8amNoYWZmcmFpeEBjb2RlYXVyb3JhLm9yZz4KKworICAgICAgICBSZXZpZXdlZCBi eSBOT0JPRFkgKE9PUFMhKS4KKworICAgICAgICBUZXN0IGZvcjogRXZlbnRTb3VyY2UgZmFpbHMg dG8gY29ubmVjdCBpZiBDb250ZW50LVR5cGUgaGVhZGVyIGhhcyBhIGNoYXJzZXQgYXR0cmlidXRl CisgICAgICAgIGh0dHBzOi8vYnVncy53ZWJraXQub3JnL3Nob3dfYnVnLmNnaT9pZD00NTM3Mgor CisgICAgICAgIFRlc3RzOiBodHRwL3Rlc3RzL2V2ZW50c291cmNlL2V2ZW50c291cmNlLWNvbnRl bnQtdHlwZS1jaGFyc2V0Lmh0bWwKKyAgICAgICAgICAgICAgIGh0dHAvdGVzdHMvZXZlbnRzb3Vy Y2UvZXZlbnRzb3VyY2UtY29udGVudC10eXBlLXRleHQtZXZlbnQtc3RyZWFtLWZvb2Jhci5odG1s CisKKyAgICAgICAgKiBwYWdlL0V2ZW50U291cmNlLmNwcDoKKyAgICAgICAgKFdlYkNvcmU6OkV2 ZW50U291cmNlOjpkaWRSZWNlaXZlUmVzcG9uc2UpOiBVc2UgdGhlIG1pbWVUeXBlIGluc3RlYWQg b2YgdGhlIENvbnRlbnQtVHlwZQorICAgICAgICBoZWFkZXIgZGlyZWN0bHkuIFRoaXMgbWFrZXMg dGhlIGRldGVjdGlvbiBvZiB0aGUgInRleHQvc3RyZWFtIiBtaW1lVHlwZSBtb3JlIGFjY3VyYXRl LgorCiAyMDEwLTA5LTE0ICBTaGVyaWZmIEJvdCAgPHdlYmtpdC5yZXZpZXcuYm90QGdtYWlsLmNv bT4KIAogICAgICAgICBVbnJldmlld2VkLCByb2xsaW5nIG91dCByNjc1MDMuCmRpZmYgLS1naXQg YS9XZWJDb3JlL3BhZ2UvRXZlbnRTb3VyY2UuY3BwIGIvV2ViQ29yZS9wYWdlL0V2ZW50U291cmNl LmNwcAppbmRleCAwMWFmMDg3OGU2ZjU5NjYzZTY3YzcyNmE3NjlmOTkyOWEyZTM4YWMxLi4yNGFm ZjgxNTY2MTMwNWY2ZjcyNjUyNzMwYjRkY2ZhYjY3NDJlMTNiIDEwMDY0NAotLS0gYS9XZWJDb3Jl L3BhZ2UvRXZlbnRTb3VyY2UuY3BwCisrKyBiL1dlYkNvcmUvcGFnZS9FdmVudFNvdXJjZS5jcHAK QEAgLTE4Myw3ICsxODMsNyBAQCBTY3JpcHRFeGVjdXRpb25Db250ZXh0KiBFdmVudFNvdXJjZTo6 c2NyaXB0RXhlY3V0aW9uQ29udGV4dCgpIGNvbnN0CiB2b2lkIEV2ZW50U291cmNlOjpkaWRSZWNl aXZlUmVzcG9uc2UoY29uc3QgUmVzb3VyY2VSZXNwb25zZSYgcmVzcG9uc2UpCiB7CiAgICAgaW50 IHN0YXR1c0NvZGUgPSByZXNwb25zZS5odHRwU3RhdHVzQ29kZSgpOwotICAgIGlmIChzdGF0dXND b2RlID09IDIwMCAmJiByZXNwb25zZS5odHRwSGVhZGVyRmllbGQoIkNvbnRlbnQtVHlwZSIpID09 ICJ0ZXh0L2V2ZW50LXN0cmVhbSIpIHsKKyAgICBpZiAoc3RhdHVzQ29kZSA9PSAyMDAgJiYgcmVz cG9uc2UubWltZVR5cGUoKSA9PSAidGV4dC9ldmVudC1zdHJlYW0iKSB7CiAgICAgICAgIG1fc3Rh dGUgPSBPUEVOOwogICAgICAgICBkaXNwYXRjaEV2ZW50KEV2ZW50OjpjcmVhdGUoZXZlbnROYW1l cygpLm9wZW5FdmVudCwgZmFsc2UsIGZhbHNlKSk7CiAgICAgfSBlbHNlIHsKCg==