Changeset 220427 in webkit
- Timestamp:
- Aug 8, 2017 4:27:08 PM (7 years ago)
- Location:
- trunk
- Files:
-
- 3 added
- 4 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/LayoutTests/ChangeLog
r220426 r220427 1 2017-08-08 Brent Fulgham <bfulgham@apple.com> 2 3 Sandbox flags do not support document.domain control 4 https://bugs.webkit.org/show_bug.cgi?id=175281 5 <rdar://problem/33778936> 6 7 Reviewed by Chris Dumez. 8 9 * fast/frames/resources/sandboxed-iframe-set-domain.html: Added. 10 * fast/frames/sandboxed-iframe-domain.html: Added. 11 * fast/frames/sandboxed-iframe-domain-expected.txt: Added. 12 1 13 2017-08-08 Matt Lewis <jlewis3@apple.com> 2 14 -
trunk/Source/WebCore/ChangeLog
r220414 r220427 1 2017-08-08 Brent Fulgham <bfulgham@apple.com> 2 3 Sandbox flags do not support document.domain control 4 https://bugs.webkit.org/show_bug.cgi?id=175281 5 <rdar://problem/33778936> 6 7 Reviewed by Chris Dumez. 8 9 Update the 'setDomain' logic to honor the sandbox properties as defined in the current 10 HTML5 specification. This brings us in line with how Chrome and other browsers have 11 worked for some time. 12 13 Test: fast/frames/sandboxed-iframe-domain.html 14 15 * dom/Document.cpp: 16 (WebCore::Document::setDomain): Add check for sandbox flag (with appropriate error message) 17 * dom/SecurityContext.h: 18 1 19 2017-08-08 Jeremy Jones <jeremyj@apple.com> 2 20 -
trunk/Source/WebCore/dom/Document.cpp
r220405 r220427 4488 4488 return Exception { SecurityError, "A browsing context is required to set a domain." }; 4489 4489 4490 if (isSandboxed(SandboxDocumentDomain)) 4491 return Exception { SecurityError, "Assignment is forbidden for sandboxed iframes." }; 4492 4490 4493 if (SchemeRegistry::isDomainRelaxationForbiddenForURLScheme(securityOrigin().protocol())) 4491 4494 return Exception { SecurityError }; 4492 4493 // FIXME(175281): Check for 'document.domain' sandbox flag and return an exception if present.4494 4495 4495 4496 // FIXME: We should add logging indicating why a domain was not allowed. -
trunk/Source/WebCore/dom/SecurityContext.h
r220163 r220427 52 52 SandboxPropagatesToAuxiliaryBrowsingContexts = 1 << 9, 53 53 SandboxTopNavigationByUserActivation = 1 << 10, 54 SandboxDocumentDomain = 1 << 11, 54 55 SandboxAll = -1 // Mask with all bits set to 1. 55 56 };
Note: See TracChangeset
for help on using the changeset viewer.