New issue
Advanced search Search tips
Note: Color blocks (like or ) mean that a user may not be available. Tooltip shows the reason.

Issue 604583 link

Starred by 1 user
Status: Fixed
Owner:
horo@chromium.org
Closed: May 2016
Cc:
tyoshino@chromium.org
Components:
EstimatedDays: ----
NextAction: ----
OS: ----
Pri: 2
Type: Bug



Sign in to add a comment

Crash on fallback to network after clients.claim

Project Member Reported by falken@chromium.org, Apr 19 2016 
From mek's comments on  bug 604084 :
https://codereview.chromium.org/1894183003 is the test case that I came up with to cause this code to crash with regular fetch:
- start preflight request from uncontrolled client
- install worker
- clients.claim
- (tell server to) respond to preflight
- cors request is send to service worker
- service worker doesn't handle request
- fallback to network code crashes

Comment 1 by horo@chromium.org, Apr 19 2016

Cc: tyoshino@chromium.org
Components: Blink>Network>FetchAPI
This is crashing at DocumentThreadableLoader::handleResponse()
    if (response.wasFetchedViaServiceWorker()) {
        if (response.wasFallbackRequiredByServiceWorker()) {
            ASSERT(!m_fallbackRequestForServiceWorker.isNull());  <== here


I think we have to set skipServiceWorker() in the renderer when isControlledByServiceWorker() is false before sending the request to the browser process.

Comment 2 by horo@chromium.org, May 10 2016

Owner: horo@chromium.org
Status: Started (was: Available)
Project Member

Comment 3 by bugdroid1@chromium.org, May 10 2016 

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/01fb3c2cf2bf84391c488f3a3dd5ef8c59cc0a51

commit 01fb3c2cf2bf84391c488f3a3dd5ef8c59cc0a51
Author: horo <horo@chromium.org>
Date: Tue May 10 15:19:57 2016

Set SkipServiceWorker flag in DocumentThreadableLoader::loadActualRequest().

Before a SW controls the page, when the DTL sends a CORS preflight request, the SkipServiceWorker flag is set by RenderFrameImpl::willSendRequest().
But a new SW may be controlling the page when the DTL sends the actual request by calling clients.claim().
In such case, the request goes to the SW and causes several problems.

To avoid this problem, this cl set the flag in DTL::loadActualRequest().

BUG= 604583 , 610400 

Review-Url: https://codereview.chromium.org/1964823002
Cr-Commit-Position: refs/heads/master@{#392609}

[modify] https://crrev.com/01fb3c2cf2bf84391c488f3a3dd5ef8c59cc0a51/third_party/WebKit/Source/core/loader/DocumentThreadableLoader.cpp

Comment 4 by horo@chromium.org, May 10 2016

Status: Fixed (was: Started)
Project Member

Comment 5 by bugdroid1@chromium.org, May 12 2016

Labels: merge-merged-2704
The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/b083560ed010859fb4cdd23626ddef597d40b1f4

commit b083560ed010859fb4cdd23626ddef597d40b1f4
Author: Tsuyoshi Horo <horo@chromium.org>
Date: Thu May 12 02:17:09 2016

Set SkipServiceWorker flag in DocumentThreadableLoader::loadActualRequest().

Before a SW controls the page, when the DTL sends a CORS preflight request, the SkipServiceWorker flag is set by RenderFrameImpl::willSendRequest().
But a new SW may be controlling the page when the DTL sends the actual request by calling clients.claim().
In such case, the request goes to the SW and causes several problems.

To avoid this problem, this cl set the flag in DTL::loadActualRequest().

BUG= 604583 , 610400 

Review-Url: https://codereview.chromium.org/1964823002
Cr-Commit-Position: refs/heads/master@{#392609}
(cherry picked from commit 01fb3c2cf2bf84391c488f3a3dd5ef8c59cc0a51)

Review URL: https://codereview.chromium.org/1975673002 .

Cr-Commit-Position: refs/branch-heads/2704@{#516}
Cr-Branched-From: 6e53600def8f60d8c632fadc70d7c1939ccea347-refs/heads/master@{#386251}

[modify] https://crrev.com/b083560ed010859fb4cdd23626ddef597d40b1f4/third_party/WebKit/Source/core/loader/DocumentThreadableLoader.cpp

Sign in to add a comment