2011-04-15 Vsevolod Vlasov <vsevik@chromium.org>

webkit-commit-queue · webkit-commit-queue · commit 0f039f7619f1 · 2011-04-15T16:42:05.000Z
Reviewed by Pavel Feldman. Web Inspector: No console message and headers in inspector when X-Frame-Options header blocks a load https://bugs.webkit.org/show_bug.cgi?id=58136 Passed response info to inspector when X-Frame-Options header blocks resource loading. * http/tests/inspector/network/resources/x-frame-options-deny.cgi: Added. * http/tests/inspector/network/x-frame-options-deny-expected.txt: Added. * http/tests/inspector/network/x-frame-options-deny.html: Added. 2011-04-15 Vsevolod Vlasov <vsevik@chromium.org> Reviewed by Pavel Feldman. Web Inspector: No console message and headers in inspector when X-Frame-Options header blocks a load https://bugs.webkit.org/show_bug.cgi?id=58136 Passed response info to inspector when X-Frame-Options header blocks resource loading. Test: http/tests/inspector/network/x-frame-options-deny.html * inspector/InspectorInstrumentation.cpp: (WebCore::InspectorInstrumentation::continueAfterXFrameOptionsDeniedImpl): * inspector/InspectorInstrumentation.h: (WebCore::InspectorInstrumentation::continueAfterXFrameOptionsDenied): * loader/MainResourceLoader.cpp: (WebCore::MainResourceLoader::didReceiveResponse): Canonical link: https://commits.webkit.org/73738@main git-svn-id: https://svn.webkit.org/repository/webkit/trunk@83984 268f45cc-cd09-0410-ab3c-d52691b4dbfc
diff --git a/LayoutTests/ChangeLog b/LayoutTests/ChangeLog
@@ -1,3 +1,16 @@
+2011-04-15  Vsevolod Vlasov  <vsevik@chromium.org>
+
+        Reviewed by Pavel Feldman.
+
+        Web Inspector: No console message and headers in inspector when X-Frame-Options header blocks a load
+        https://bugs.webkit.org/show_bug.cgi?id=58136
+
+        Passed response info to inspector when X-Frame-Options header blocks resource loading.
+
+        * http/tests/inspector/network/resources/x-frame-options-deny.cgi: Added.
+        * http/tests/inspector/network/x-frame-options-deny-expected.txt: Added.
+        * http/tests/inspector/network/x-frame-options-deny.html: Added.
+
 2011-04-15  Andrey Adaikin  <aandrey@google.com>
 
         Reviewed by Pavel Feldman.
diff --git a/LayoutTests/http/tests/inspector/network/resources/x-frame-options-deny.cgi b/LayoutTests/http/tests/inspector/network/resources/x-frame-options-deny.cgi
@@ -0,0 +1,8 @@
+#!/usr/bin/perl -wT
+use strict;
+
+print "Content-Type: text/html\n";
+print "Cache-Control: no-cache, no-store\n";
+print "X-FRAME-OPTIONS: deny\n\n";
+
+print "<p>FAIL: This should not show up.</p>\n";
diff --git a/LayoutTests/http/tests/inspector/network/x-frame-options-deny-expected.txt b/LayoutTests/http/tests/inspector/network/x-frame-options-deny-expected.txt
@@ -0,0 +1,6 @@
+Tests that responseReceived is called on NetworkDispatcher for resource requests denied due to X-Frame-Options header.
+
+
+Received response for x-frame-options-deny.cgi
+SUCCESS
+
diff --git a/LayoutTests/http/tests/inspector/network/x-frame-options-deny.html b/LayoutTests/http/tests/inspector/network/x-frame-options-deny.html
@@ -0,0 +1,48 @@
+<html>
+<head>
+<script src="../inspector-test.js"></script>
+<script>
+function loadIFrameWithDownload()
+{
+    var iframe = document.createElement("iframe");
+    iframe.setAttribute("src", "http://127.0.0.1:8000/security/XFrameOptions/resources/x-frame-options-deny.cgi");
+    document.body.appendChild(iframe);
+}
+
+function test()
+{
+    InspectorTest.addSniffer(WebInspector.NetworkDispatcher.prototype, "responseReceived", responseReceived);
+    InspectorTest.addSniffer(WebInspector.NetworkDispatcher.prototype, "loadingFailed", loadingFailed);
+    InspectorTest.addSniffer(WebInspector.NetworkDispatcher.prototype, "loadingFinished", loadingFinished);
+    InspectorTest.evaluateInPage("loadIFrameWithDownload()");
+
+    function responseReceived(identifier, time, resourceType, response)
+    {
+        var resource = WebInspector.networkResourceById(identifier);
+        if (/x-frame-options-deny\.cgi/.exec(resource.url)) {
+            InspectorTest.addResult("Received response for x-frame-options-deny.cgi");
+            InspectorTest.addResult("SUCCESS");
+            InspectorTest.completeTest();
+        }
+    }
+
+    function loadingFinished(identifier, finishTime)
+    {
+        var resource = WebInspector.networkResourceById(identifier);
+        if (/x-frame-options-deny\.cgi/.exec(resource.url))
+            InspectorTest.completeTest();
+    }
+
+    function loadingFailed(identifier, time, localizedDescription, canceled)
+    {
+        var resource = WebInspector.networkResourceById(identifier);
+        if (/x-frame-options-deny\.cgi/.exec(resource.url))
+            InspectorTest.completeTest();
+    }
+}
+</script>
+</head>
+<body onload="runTest()">
+<p>Tests that responseReceived is called on NetworkDispatcher for resource requests denied due to X-Frame-Options header.</p>
+</body>
+</html>
diff --git a/Source/WebCore/ChangeLog b/Source/WebCore/ChangeLog
@@ -1,3 +1,21 @@
+2011-04-15  Vsevolod Vlasov  <vsevik@chromium.org>
+
+        Reviewed by Pavel Feldman.
+
+        Web Inspector: No console message and headers in inspector when X-Frame-Options header blocks a load
+        https://bugs.webkit.org/show_bug.cgi?id=58136
+
+        Passed response info to inspector when X-Frame-Options header blocks resource loading.
+
+        Test: http/tests/inspector/network/x-frame-options-deny.html
+
+        * inspector/InspectorInstrumentation.cpp:
+        (WebCore::InspectorInstrumentation::continueAfterXFrameOptionsDeniedImpl):
+        * inspector/InspectorInstrumentation.h:
+        (WebCore::InspectorInstrumentation::continueAfterXFrameOptionsDenied):
+        * loader/MainResourceLoader.cpp:
+        (WebCore::MainResourceLoader::didReceiveResponse):
+
 2011-04-15  Andrey Adaikin  <aandrey@google.com>
 
         Reviewed by Pavel Feldman.
diff --git a/Source/WebCore/inspector/InspectorInstrumentation.cpp b/Source/WebCore/inspector/InspectorInstrumentation.cpp
@@ -463,6 +463,11 @@ void InspectorInstrumentation::didReceiveResourceResponseButCanceledImpl(Frame*
     InspectorInstrumentation::didReceiveResourceResponse(cookie, identifier, loader, r);
 }
 
+void InspectorInstrumentation::continueAfterXFrameOptionsDeniedImpl(Frame* frame, DocumentLoader* loader, unsigned long identifier, const ResourceResponse& r)
+{
+    didReceiveResourceResponseButCanceledImpl(frame, loader, identifier, r);
+}
+
 void InspectorInstrumentation::continueWithPolicyDownloadImpl(Frame* frame, DocumentLoader* loader, unsigned long identifier, const ResourceResponse& r)
 {
     didReceiveResourceResponseButCanceledImpl(frame, loader, identifier, r);
diff --git a/Source/WebCore/inspector/InspectorInstrumentation.h b/Source/WebCore/inspector/InspectorInstrumentation.h
@@ -118,6 +118,7 @@ class InspectorInstrumentation {
     static void didReceiveResourceData(const InspectorInstrumentationCookie&);
     static InspectorInstrumentationCookie willReceiveResourceResponse(Frame*, unsigned long identifier, const ResourceResponse&);
     static void didReceiveResourceResponse(const InspectorInstrumentationCookie&, unsigned long identifier, DocumentLoader*, const ResourceResponse&);
+    static void continueAfterXFrameOptionsDenied(Frame*, DocumentLoader*, unsigned long identifier, const ResourceResponse&);
     static void continueWithPolicyDownload(Frame*, DocumentLoader*, unsigned long identifier, const ResourceResponse&);
     static void continueWithPolicyIgnore(Frame*, DocumentLoader*, unsigned long identifier, const ResourceResponse&);
     static void didReceiveContentLength(Frame*, unsigned long identifier, int dataLength, int lengthReceived);
@@ -237,6 +238,7 @@ class InspectorInstrumentation {
     static InspectorInstrumentationCookie willReceiveResourceResponseImpl(InspectorAgent*, unsigned long identifier, const ResourceResponse&);
     static void didReceiveResourceResponseImpl(const InspectorInstrumentationCookie&, unsigned long identifier, DocumentLoader*, const ResourceResponse&);
     static void didReceiveResourceResponseButCanceledImpl(Frame*, DocumentLoader*, unsigned long identifier, const ResourceResponse&);
+    static void continueAfterXFrameOptionsDeniedImpl(Frame*, DocumentLoader*, unsigned long identifier, const ResourceResponse&);
     static void continueWithPolicyDownloadImpl(Frame*, DocumentLoader*, unsigned long identifier, const ResourceResponse&);
     static void continueWithPolicyIgnoreImpl(Frame*, DocumentLoader*, unsigned long identifier, const ResourceResponse&);
     static void didReceiveContentLengthImpl(InspectorAgent*, unsigned long identifier, int dataLength, int lengthReceived);
@@ -670,6 +672,14 @@ inline void InspectorInstrumentation::didReceiveResourceResponse(const Inspector
 #endif
 }
 
+inline void InspectorInstrumentation::continueAfterXFrameOptionsDenied(Frame* frame, DocumentLoader* loader, unsigned long identifier, const ResourceResponse& r)
+{
+#if ENABLE(INSPECTOR)
+    if (inspectorAgentWithFrontendForFrame(frame))
+        InspectorInstrumentation::continueAfterXFrameOptionsDeniedImpl(frame, loader, identifier, r);
+#endif
+}
+
 inline void InspectorInstrumentation::continueWithPolicyDownload(Frame* frame, DocumentLoader* loader, unsigned long identifier, const ResourceResponse& r)
 {
 #if ENABLE(INSPECTOR)
diff --git a/Source/WebCore/loader/MainResourceLoader.cpp b/Source/WebCore/loader/MainResourceLoader.cpp
@@ -358,6 +358,8 @@ void MainResourceLoader::didReceiveResponse(const ResourceResponse& r)
     if (it != r.httpHeaderFields().end()) {
         String content = it->second;
         if (m_frame->loader()->shouldInterruptLoadForXFrameOptions(content, r.url())) {
+            InspectorInstrumentation::continueAfterXFrameOptionsDenied(m_frame.get(), documentLoader(), identifier(), r);
+
             cancel();
             return;
         }

-Original file line number
+Diff line change
@@ @@ -0,0 +1,6 @@ @@
 +Tests that responseReceived is called on NetworkDispatcher for resource requests denied due to X-Frame-Options header.
++
++
 +Received response for x-frame-options-deny.cgi
 +SUCCESS
++
Original file line number	Diff line number	Diff line change
`@@ -463,6 +463,11 @@ void InspectorInstrumentation::didReceiveResourceResponseButCanceledImpl(Frame*`
`463`	`463`	`InspectorInstrumentation::didReceiveResourceResponse(cookie, identifier, loader, r);`
`464`	`464`	`}`
`465`	`465`
	`466`	`+void InspectorInstrumentation::continueAfterXFrameOptionsDeniedImpl(Frame* frame, DocumentLoader* loader, unsigned long identifier, const ResourceResponse& r)`
	`467`	`+{`
	`468`	`+ didReceiveResourceResponseButCanceledImpl(frame, loader, identifier, r);`
	`469`	`+}`
	`470`	`+`
`466`	`471`	`void InspectorInstrumentation::continueWithPolicyDownloadImpl(Frame* frame, DocumentLoader* loader, unsigned long identifier, const ResourceResponse& r)`
`467`	`472`	`{`
`468`	`473`	`didReceiveResourceResponseButCanceledImpl(frame, loader, identifier, r);`
Original file line number	Diff line number	Diff line change
`@@ -358,6 +358,8 @@ void MainResourceLoader::didReceiveResponse(const ResourceResponse& r)`
`358`	`358`	`if (it != r.httpHeaderFields().end()) {`
`359`	`359`	`String content = it->second;`
`360`	`360`	`if (m_frame->loader()->shouldInterruptLoadForXFrameOptions(content, r.url())) {`
	`361`	`+ InspectorInstrumentation::continueAfterXFrameOptionsDenied(m_frame.get(), documentLoader(), identifier(), r);`
	`362`	`+`
`361`	`363`	`cancel();`
`362`	`364`	`return;`
`363`	`365`	`}`