Changeset 204266 in webkit


Ignore:
Timestamp:
Aug 8, 2016 2:43:36 PM (8 years ago)
Author:
wilander@apple.com
Message:

Popups opened from a sandboxed iframe should themselves be sandboxed
https://bugs.webkit.org/show_bug.cgi?id=134850
<rdar://problem/27375388>

Reviewed by Brent Fulgham.

Source/WebCore:

Test: http/tests/security/window-opened-from-sandboxed-iframe-should-inherit-sandbox.html

  • loader/FrameLoader.cpp:

(WebCore::FrameLoader::continueLoadAfterNewWindowPolicy):

Now copies the opener's frame loader effective sandbox flags to the
new frame loader.

LayoutTests:

  • http/tests/security/resources/anchor-tag-with-blank-target.html: Added.
  • http/tests/security/resources/page-executing-javascript.html: Added.
  • http/tests/security/window-opened-from-sandboxed-iframe-should-inherit-sandbox-expected.txt: Added.
  • http/tests/security/window-opened-from-sandboxed-iframe-should-inherit-sandbox.html: Added.
Location:
trunk
Files:
4 added
3 edited

Legend:

Unmodified
Added
Removed

  • trunk/LayoutTests/ChangeLog

    r204263 r204266  
     12016-08-08  John Wilander  <wilander@apple.com>
     2
     3        Popups opened from a sandboxed iframe should themselves be sandboxed
     4        https://bugs.webkit.org/show_bug.cgi?id=134850
     5        <rdar://problem/27375388>
     6
     7        Reviewed by Brent Fulgham.
     8
     9        * http/tests/security/resources/anchor-tag-with-blank-target.html: Added.
     10        * http/tests/security/resources/page-executing-javascript.html: Added.
     11        * http/tests/security/window-opened-from-sandboxed-iframe-should-inherit-sandbox-expected.txt: Added.
     12        * http/tests/security/window-opened-from-sandboxed-iframe-should-inherit-sandbox.html: Added.
     13
    1142016-08-08  Chris Dumez  <cdumez@apple.com>
    215

  • trunk/Source/WebCore/ChangeLog

    r204263 r204266  
     12016-08-08  John Wilander  <wilander@apple.com>
     2
     3        Popups opened from a sandboxed iframe should themselves be sandboxed
     4        https://bugs.webkit.org/show_bug.cgi?id=134850
     5        <rdar://problem/27375388>
     6
     7        Reviewed by Brent Fulgham.
     8
     9        Test: http/tests/security/window-opened-from-sandboxed-iframe-should-inherit-sandbox.html
     10
     11        * loader/FrameLoader.cpp:
     12        (WebCore::FrameLoader::continueLoadAfterNewWindowPolicy):
     13            Now copies the opener's frame loader effective sandbox flags to the
     14            new frame loader.
     15
    1162016-08-08  Chris Dumez  <cdumez@apple.com>
    217

  • trunk/Source/WebCore/loader/FrameLoader.cpp

    r204127 r204266  
    31193119        return;
    31203120
     3121    mainFrame->loader().forceSandboxFlags(frame->loader().effectiveSandboxFlags());
     3122
    31213123    if (frameName != "_blank")
    31223124        mainFrame->tree().setName(frameName);
Note: See TracChangeset for help on using the changeset viewer.