Fix use-after-move in WebCore::WorkerScriptLoader::loadAsynchronously() in Source/WebCore/workers/WorkerScriptLoader.cpp. There is a use-after-move of `scriptRequest` where `scriptRequest.url()` is called later in the method, but `m_url` may be used instead. ``` void WorkerScriptLoader::loadAsynchronously(ScriptExecutionContext& scriptExecutionContext, ResourceRequest&& scriptRequest, Source source, FetchOptions&& fetchOptions, ContentSecurityPolicyEnforcement contentSecurityPolicyEnforcement, ServiceWorkersMode serviceWorkerMode, WorkerScriptLoaderClient& client, String&& taskMode, ScriptExecutionContextIdentifier clientIdentifier) { m_client = &client; m_url = scriptRequest.url(); m_source = source; m_destination = fetchOptions.destination; m_isCOEPEnabled = scriptExecutionContext.settingsValues().crossOriginEmbedderPolicyEnabled; m_clientIdentifier = clientIdentifier; ASSERT(scriptRequest.httpMethod() == "GET"_s); auto request = makeUnique<ResourceRequest>(WTFMove(scriptRequest)); if (!request) return; [...] if (m_destination == FetchOptions::Destination::Sharedworker) m_userAgentForSharedWorker = scriptExecutionContext.userAgent(scriptRequest.url()); // Use-after-move of `scriptRequest`. // During create, callbacks may happen which remove the last reference to this object. Ref<WorkerScriptLoader> protectedThis(*this); m_threadableLoader = ThreadableLoader::create(scriptExecutionContext, *this, WTFMove(*request), options, { }, WTFMove(taskMode)); } ```
<rdar://problem/103203412>
Pull request: https://github.com/WebKit/WebKit/pull/7428
Committed 257748@main (3a91df74661a): <https://commits.webkit.org/257748@main> Reviewed commits have been landed. Closing PR #7428 and removing active labels.