Forbid setting responseType on all sync XHRs.

Rather than only doing it for http(s) URLs. This matches the XHR2 spec and Firefox. This also avoids having to support the downloadToFile + synchronous load combination in the resource loader stack. Update tests according and add an assertion. BUG=354188 Review URL: https://codereview.chromium.org/206223005 git-svn-id: svn://svn.chromium.org/blink/trunk@169702 bbb929c8-8fbe-4397-9dbb-9b2b20218538

Forbid setting responseType on all sync XHRs.
Rather than only doing it for http(s) URLs. This matches the XHR2 spec and Firefox. This also avoids having to support the downloadToFile + synchronous load combination in the resource loader stack. Update tests according and add an assertion. BUG=354188 Review URL: https://codereview.chromium.org/206223005 git-svn-id: svn://svn.chromium.org/blink/trunk@169702 bbb929c8-8fbe-4397-9dbb-9b2b20218538
361229dd · davidben@chromium.org · 6dc2a2c3 · 361229dd · 361229dd · 361229dd
Commit 361229dd authored Mar 20, 2014 by davidben@chromium.org
9 changed files
--- a/third_party/WebKit/LayoutTests/fast/events/event-on-xhr-document.html
+++ b/third_party/WebKit/LayoutTests/fast/events/event-on-xhr-document.html
@@ -31,16 +31,22 @@ function testEventsFiredOn(doc)
    shouldBe("window.caughtFoo", "[]");
 }
+window.jsTestIsAsync = true;
 var xhrForXML = new XMLHttpRequest();
 xhrForXML.open("GET", "resources/hello-xhr-event.xml", false);
 xhrForXML.send();
 testEventsFiredOn(xhrForXML.responseXML);
+// Must run asynchronous to use responseType.
 var xhrForHTML = new XMLHttpRequest();
-xhrForHTML.open("GET", "resources/hello-xhr-event.html", false);
+xhrForHTML.open("GET", "resources/hello-xhr-event.html", true);
 xhrForHTML.responseType = "document";
+xhrForHTML.onload = function() {
+    testEventsFiredOn(xhrForHTML.response);
+    finishJSTest();
+};
 xhrForHTML.send();
-testEventsFiredOn(xhrForHTML.response);
 </script>
 </body>

--- a/third_party/WebKit/LayoutTests/fast/events/xhr-onclick-crash.html
+++ b/third_party/WebKit/LayoutTests/fast/events/xhr-onclick-crash.html
@@ -3,11 +3,15 @@ This test passes if it doesn't crash.
 if (window.testRunner)
    testRunner.dumpAsText();
+testRunner.waitUntilDone();
 xhr = new XMLHttpRequest();
-xhr.open('GET', 'resources/onclick.html', false);
+xhr.open('GET', 'resources/onclick.html', true);
 xhr.responseType = 'document';
-xhr.onload = function () { r = this.responseXML; }
+xhr.onload = function () {
+    var r = this.responseXML;
+    var td = r.getElementById('foo');
+    td.children[0].onclick;
+    testRunner.notifyDone();
+};
 xhr.send();
-td = r.getElementById('foo');
-td.children[0].onclick;
 </script>
--- a/third_party/WebKit/LayoutTests/fast/html/imports/import-defaultView.html
+++ b/third_party/WebKit/LayoutTests/fast/html/imports/import-defaultView.html
@@ -8,14 +8,19 @@
 <script>
 shouldBe("importLink.import.defaultView", "document.defaultView");
+window.jsTestIsAsync = true;
 var xhr = new XMLHttpRequest();
-xhr.open("GET", "resources/root.html", false);
+xhr.open("GET", "resources/root.html", true);
 xhr.responseType = "document";
-xhr.send();
+xhr.onload = function() {
-shouldBeNull("xhr.response.defaultView");
+  shouldBeNull("xhr.response.defaultView");
-createdDoc = document.implementation.createHTMLDocument("Hello");
+  createdDoc = document.implementation.createHTMLDocument("Hello");
-shouldBeNull("createdDoc.defaultView");
+  shouldBeNull("createdDoc.defaultView");
+  finishJSTest();
+};
+xhr.send();
 </script>
 </body>

--- a/third_party/WebKit/LayoutTests/fast/xmlhttprequest/xmlhttprequest-responsetype-before-open-sync-request-expected.txt
+++ b/third_party/WebKit/LayoutTests/fast/xmlhttprequest/xmlhttprequest-responsetype-before-open-sync-request-expected.txt
@@ -4,16 +4,14 @@ On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE
 xhr.responseType = 'document';
-PASS xhr.open('GET', 'http://mydomain/', false); threw exception InvalidAccessError: Failed to execute 'open' on 'XMLHttpRequest': Synchronous HTTP requests from a document must not set a response type..
+PASS xhr.open('GET', 'http://mydomain/', false); threw exception InvalidAccessError: Failed to execute 'open' on 'XMLHttpRequest': Synchronous requests from a document must not set a response type..
 xhr.responseType = 'document';
-PASS xhr.open('GET', 'https://mysecuredomain/', false); threw exception InvalidAccessError: Failed to execute 'open' on 'XMLHttpRequest': Synchronous HTTP requests from a document must not set a response type..
+PASS xhr.open('GET', 'https://mysecuredomain/', false); threw exception InvalidAccessError: Failed to execute 'open' on 'XMLHttpRequest': Synchronous requests from a document must not set a response type..
 PASS window.location.protocol is "file:"
 xhr.responseType = 'document';
-xhr.open('GET', window.location.href, false);
+PASS xhr.open('GET', window.location.href, false); threw exception InvalidAccessError: Failed to execute 'open' on 'XMLHttpRequest': Synchronous requests from a document must not set a response type..
-PASS xhr.responseType is "document"
 xhr.responseType = 'document';
-xhr.open('GET', dataUrl, false);
+PASS xhr.open('GET', dataUrl, false); threw exception InvalidAccessError: Failed to execute 'open' on 'XMLHttpRequest': Synchronous requests from a document must not set a response type..
-PASS xhr.responseType is "document"
 PASS successfullyParsed is true
 TEST COMPLETE

--- a/third_party/WebKit/LayoutTests/fast/xmlhttprequest/xmlhttprequest-responsetype-before-open-sync-request.html
+++ b/third_party/WebKit/LayoutTests/fast/xmlhttprequest/xmlhttprequest-responsetype-before-open-sync-request.html
@@ -20,8 +20,7 @@
        shouldBeEqualToString('window.location.protocol', 'file:');
        xhr = new XMLHttpRequest();
        evalAndLog("xhr.responseType = 'document';");
-        evalAndLog("xhr.open('GET', window.location.href, false);");
+        shouldThrow("xhr.open('GET', window.location.href, false);");
-        shouldBeEqualToString('xhr.responseType', 'document');
        // DATA
        var dataUrl = 'data:text/html;charset=utf-8,%3C%21DOCTYPE%20' +
@@ -31,8 +30,7 @@
                      '%3C%2Fhtml%3E%0A%0D%0A';
        xhr = new XMLHttpRequest();
        evalAndLog("xhr.responseType = 'document';");
-        evalAndLog("xhr.open('GET', dataUrl, false);");
+        shouldThrow("xhr.open('GET', dataUrl, false);");
-        shouldBeEqualToString('xhr.responseType', 'document');
    </script>
 </head>
 <body>

--- a/third_party/WebKit/LayoutTests/fast/xmlhttprequest/xmlhttprequest-responsetype-sync-request-expected.txt
+++ b/third_party/WebKit/LayoutTests/fast/xmlhttprequest/xmlhttprequest-responsetype-sync-request-expected.txt
@@ -6,10 +6,8 @@ On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE
 PASS xhr.responseType = 'document'; threw exception InvalidAccessError: Failed to set the 'responseType' property on 'XMLHttpRequest': The response type can only be changed for asynchronous HTTP requests made from a document..
 PASS xhr.responseType = 'document'; threw exception InvalidAccessError: Failed to set the 'responseType' property on 'XMLHttpRequest': The response type can only be changed for asynchronous HTTP requests made from a document..
 PASS window.location.protocol is "file:"
-xhr.responseType = 'document';
+PASS xhr.responseType = 'document'; threw exception InvalidAccessError: Failed to set the 'responseType' property on 'XMLHttpRequest': The response type can only be changed for asynchronous HTTP requests made from a document..
-PASS xhr.responseType is "document"
+PASS xhr.responseType = 'document'; threw exception InvalidAccessError: Failed to set the 'responseType' property on 'XMLHttpRequest': The response type can only be changed for asynchronous HTTP requests made from a document..
-xhr.responseType = 'document';
-PASS xhr.responseType is "document"
 PASS successfullyParsed is true
 TEST COMPLETE

--- a/third_party/WebKit/LayoutTests/fast/xmlhttprequest/xmlhttprequest-responsetype-sync-request.html
+++ b/third_party/WebKit/LayoutTests/fast/xmlhttprequest/xmlhttprequest-responsetype-sync-request.html
@@ -20,8 +20,7 @@
        shouldBeEqualToString('window.location.protocol', 'file:');
        xhr = new XMLHttpRequest();
        xhr.open('GET', window.location.href, false);
-        evalAndLog("xhr.responseType = 'document';");
+        shouldThrow("xhr.responseType = 'document';");
-        shouldBeEqualToString('xhr.responseType', 'document');
        // DATA
        var dataUrl = 'data:text/html;charset=utf-8,%3C%21DOCTYPE%20' +
@@ -31,8 +30,7 @@
                      '%3C%2Fhtml%3E%0A%0D%0A';
        xhr = new XMLHttpRequest();
        xhr.open('GET', dataUrl, false);
-        evalAndLog("xhr.responseType = 'document';");
+        shouldThrow("xhr.responseType = 'document';");
-        shouldBeEqualToString('xhr.responseType', 'document');
    </script>
 </head>
 <body>

--- a/third_party/WebKit/Source/core/fetch/ResourceLoader.cpp
+++ b/third_party/WebKit/Source/core/fetch/ResourceLoader.cpp
@@ -448,6 +448,9 @@ void ResourceLoader::requestSynchronously()
    OwnPtr<blink::WebURLLoader> loader = adoptPtr(blink::Platform::current()->createURLLoader());
    ASSERT(loader);
+    // downloadToFile is not supported for synchronous requests.
+    ASSERT(!m_request.downloadToFile());
    RefPtr<ResourceLoader> protect(this);
    RefPtr<ResourceLoaderHost> protectHost(m_host);
    ResourcePtr<Resource> protectResource(m_resource);

--- a/third_party/WebKit/Source/core/xml/XMLHttpRequest.cpp
+++ b/third_party/WebKit/Source/core/xml/XMLHttpRequest.cpp
@@ -346,9 +346,7 @@ void XMLHttpRequest::setResponseType(const String& responseType, ExceptionState&
    // Newer functionality is not available to synchronous requests in window contexts, as a spec-mandated
    // attempt to discourage synchronous XHR use. responseType is one such piece of functionality.
-    // We'll only disable this functionality for HTTP(S) requests since sync requests for local protocols
+    if (!m_async && executionContext()->isDocument()) {
-    // such as file: and data: still make sense to allow.
-    if (!m_async && executionContext()->isDocument() && m_url.protocolIsInHTTPFamily()) {
        exceptionState.throwDOMException(InvalidAccessError, "The response type can only be changed for asynchronous HTTP requests made from a document.");
        return;
    }
@@ -557,10 +555,8 @@ void XMLHttpRequest::open(const AtomicString& method, const KURL& url, bool asyn
        // Newer functionality is not available to synchronous requests in window contexts, as a spec-mandated
        // attempt to discourage synchronous XHR use. responseType is one such piece of functionality.
-        // We'll only disable this functionality for HTTP(S) requests since sync requests for local protocols
+        if (m_responseTypeCode != ResponseTypeDefault) {
-        // such as file: and data: still make sense to allow.
+            exceptionState.throwDOMException(InvalidAccessError, "Synchronous requests from a document must not set a response type.");
-        if (url.protocolIsInHTTPFamily() && m_responseTypeCode != ResponseTypeDefault) {
-            exceptionState.throwDOMException(InvalidAccessError, "Synchronous HTTP requests from a document must not set a response type.");
            return;
        }