[CSP] Don't check the path component of the URL when the response was fetched via ServiceWorker.

[CSP] Don't check the path component of the URL when the response was fetched via ServiceWorker.

In ResourceFetcher::didReceiveResponse() we check the response URL when the response is fetched via ServiceWorker.
But the match algorithm should ignore the path component of the URL.

BUG=542060
Committed: https://crrev.com/114b8b13ab4fd5c83eb42986946b0051fdd10127
Cr-Commit-Position: refs/heads/master@{#360733}

[horo, 2015-11-19 06:50:36]

Description was changed from

==========
allow response

BUG=
==========

to

==========
In ResourceFetcher::didReceiveResponse() we check the response URL when the
response is fetched via ServiceWorker.
But while checking the URL, the match algorithm should ignore the path component
of the URL.

BUG=542060
==========

[horo, 2015-11-19 06:50:50]

Description was changed from

==========
In ResourceFetcher::didReceiveResponse() we check the response URL when the
response is fetched via ServiceWorker.
But while checking the URL, the match algorithm should ignore the path component
of the URL.

BUG=542060
==========

to

==========
[CSP] Do not check the path component of the URL when the response was fetched
via ServiceWorker.

In ResourceFetcher::didReceiveResponse() we check the response URL when the
response is fetched via ServiceWorker.
But while checking the URL, the match algorithm should ignore the path component
of the URL.

BUG=542060
==========

[horo, 2015-11-19 06:51:04]

Description was changed from

==========
[CSP] Do not check the path component of the URL when the response was fetched
via ServiceWorker.

In ResourceFetcher::didReceiveResponse() we check the response URL when the
response is fetched via ServiceWorker.
But while checking the URL, the match algorithm should ignore the path component
of the URL.

BUG=542060
==========

to

==========
[CSP] Don't check the path component of the URL when the response was fetched
via ServiceWorker.

In ResourceFetcher::didReceiveResponse() we check the response URL when the
response is fetched via ServiceWorker.
But while checking the URL, the match algorithm should ignore the path component
of the URL.

BUG=542060
==========

[horo, 2015-11-19 07:11:55]

Description was changed from

==========
[CSP] Don't check the path component of the URL when the response was fetched
via ServiceWorker.

In ResourceFetcher::didReceiveResponse() we check the response URL when the
response is fetched via ServiceWorker.
But while checking the URL, the match algorithm should ignore the path component
of the URL.

BUG=542060
==========

to

==========
[CSP] Don't check the path component of the URL when the response was fetched
via ServiceWorker.

In ResourceFetcher::didReceiveResponse() we check the response URL when the
response is fetched via ServiceWorker.
But the match algorithm should ignore the path component of the URL.

BUG=542060
==========

[horo, 2015-11-19 07:12:06]

Patchset #1 (id:1) has been deleted

[horo, 2015-11-19 07:12:23]

Patchset #1 (id:20001) has been deleted

[horo, 2015-11-19 07:15:03]

horo@chromium.org changed reviewers:
+ mkwst@chromium.org

[horo, 2015-11-19 07:15:03]

mkwst@
Could you please review this?

[Mike West, 2015-11-19 09:46:25]

LGTM, thanks for this!

https://codereview.chromium.org/1454003003/diff/40001/third_party/WebKit/Sour...
File third_party/WebKit/Source/core/loader/FrameFetchContext.cpp (right):

https://codereview.chromium.org/1454003003/diff/40001/third_party/WebKit/Sour...
third_party/WebKit/Source/core/loader/FrameFetchContext.cpp:348:
ContentSecurityPolicy::RedirectStatus redirectStatus =
resourceRequest.followedRedirect() ? ContentSecurityPolicy::DidRedirect :
ContentSecurityPolicy::DidNotRedirect;
Is `followedRedirect` true for any response that's been returned from cache or
synthesized via the SW?

[horo, 2015-11-20 02:17:07]

https://chromiumcodereview.appspot.com/1454003003/diff/40001/third_party/WebK...
File third_party/WebKit/Source/core/loader/FrameFetchContext.cpp (right):

https://chromiumcodereview.appspot.com/1454003003/diff/40001/third_party/WebK...
third_party/WebKit/Source/core/loader/FrameFetchContext.cpp:348:
ContentSecurityPolicy::RedirectStatus redirectStatus =
resourceRequest.followedRedirect() ? ContentSecurityPolicy::DidRedirect :
ContentSecurityPolicy::DidNotRedirect;
On 2015/11/19 09:46:25, Mike West wrote:
> Is `followedRedirect` true for any response that's been returned from cache or
> synthesized via the SW?

Yes.
If the SW returns a redirect response (ex:"Response.redirect('/new_url')"),
followedRedirect will be set in ResourceLoader::willFollowRedirect() in the
page's renderer process.

[horo, 2015-11-20 02:17:14]

The CQ bit was checked by horo@chromium.org

[commit-bot: I haz the power, 2015-11-20 02:18:12]

CQ is trying da patch. Follow status at
 https://chromium-cq-status.appspot.com/patch-status/1454003003/40001
View timeline at
 https://chromium-cq-status.appspot.com/patch-timeline/1454003003/40001

[commit-bot: I haz the power, 2015-11-20 03:15:04]

Committed patchset #1 (id:40001)

[commit-bot: I haz the power, 2015-11-20 03:16:15]

Patchset 1 (id:??) landed as
https://crrev.com/114b8b13ab4fd5c83eb42986946b0051fdd10127
Cr-Commit-Position: refs/heads/master@{#360733}