Changeset 25783 in webkit

Timestamp:

Sep 27, 2007, 4:56:17 PM (17 years ago)

Author:

antti

Message:

WebCore:

Reviewed by Geoff.

Fix for <rdar://problem/5499125>
REGRESSION (r21367): After launching Kidzui beta, a webview frame fails to appear in its main window

If window object properties were modified when it had initial empty document (synchronously after
window.open() for example) those modifications were lost when the real document was switched in.

Match Firefox behavior where window properties are not cleared if the inital document and the loaded one
have matching security domains.

Tests: fast/dom/Window/window-early-properties.html

http/tests/security/window-properties-clear-domain.html
http/tests/security/window-properties-clear-port.html
http/tests/security/window-properties-pass.html

• WebCore.exp:
• loader/FrameLoader.cpp: (WebCore::FrameLoader::FrameLoader): (WebCore::FrameLoader::init): (WebCore::FrameLoader::clear): (WebCore::FrameLoader::isSecureTransition): (WebCore::FrameLoader::begin):
• loader/FrameLoader.h: If we are transitioning from initial empty document to the final one, do a domain security check between old security policy URL and new URL. If that passes don't clear script proxy and script objects.

• bindings/js/kjs_proxy.cpp: (WebCore::KJSProxy::updateDocumentWrapper):
• bindings/js/kjs_proxy.h:
• page/Frame.cpp: (WebCore::Frame::setDocument): Since we don't always clear window properties anymore, we need to update the document property to point to the newly created one.

LayoutTests:

Reviewed by Geoff.

Tests for <rdar://problem/5499125>
REGRESSION (r21359-21368): After launching Kidzui beta, a webview frame fails to appear in its main window

• fast/dom/Window/window-early-properties-expected.txt: Added.
• fast/dom/Window/window-early-properties.html: Added.
• http/tests/security/resources/has-custom-property.html: Added.
• http/tests/security/resources/no-custom-property.html: Added.
• http/tests/security/window-properties-clear-domain-expected.txt: Added.
• http/tests/security/window-properties-clear-domain.html: Added.
• http/tests/security/window-properties-clear-port-expected.txt: Added.
• http/tests/security/window-properties-clear-port.html: Added.
• http/tests/security/window-properties-pass-expected.txt: Added.
• http/tests/security/window-properties-pass.html: Added.

Location:

trunk

Files:

• LayoutTests/ChangeLog (modified) (1 diff)
• LayoutTests/fast/dom/Window/window-early-properties-expected.txt (added)
• LayoutTests/fast/dom/Window/window-early-properties.html (added)
• LayoutTests/http/tests/security/resources/has-custom-property.html (added)
• LayoutTests/http/tests/security/resources/no-custom-property.html (added)
• LayoutTests/http/tests/security/window-properties-clear-domain-expected.txt (added)
• LayoutTests/http/tests/security/window-properties-clear-domain.html (added)
• LayoutTests/http/tests/security/window-properties-clear-port-expected.txt (added)
• LayoutTests/http/tests/security/window-properties-clear-port.html (added)
• LayoutTests/http/tests/security/window-properties-pass-expected.txt (added)
• LayoutTests/http/tests/security/window-properties-pass.html (added)
• WebCore/ChangeLog (modified) (1 diff)
• WebCore/WebCore.exp (modified) (1 diff)
• WebCore/bindings/js/kjs_proxy.cpp (modified) (2 diffs)
• WebCore/bindings/js/kjs_proxy.h (modified) (1 diff)
• WebCore/loader/FrameLoader.cpp (modified) (8 diffs)
• WebCore/loader/FrameLoader.h (modified) (3 diffs)
• WebCore/page/Frame.cpp (modified) (1 diff)

trunk/LayoutTests/ChangeLog

@@ +1 @@
+2007-09-27  Antti Koivisto  <antti@apple.com>
+
+        Reviewed by Geoff.
+        
+        Tests for <rdar://problem/5499125>
+        REGRESSION (r21359-21368): After launching Kidzui beta, a webview frame fails to appear in its main window
+
+        * fast/dom/Window/window-early-properties-expected.txt: Added.
+        * fast/dom/Window/window-early-properties.html: Added.
+        * http/tests/security/resources/has-custom-property.html: Added.
+        * http/tests/security/resources/no-custom-property.html: Added.
+        * http/tests/security/window-properties-clear-domain-expected.txt: Added.
+        * http/tests/security/window-properties-clear-domain.html: Added.
+        * http/tests/security/window-properties-clear-port-expected.txt: Added.
+        * http/tests/security/window-properties-clear-port.html: Added.
+        * http/tests/security/window-properties-pass-expected.txt: Added.
+        * http/tests/security/window-properties-pass.html: Added.
+
 2007-09-26  Adam Roben  <aroben@apple.com>
 

trunk/WebCore/ChangeLog

@@ +1 @@
+2007-09-27  Antti Koivisto  <antti@apple.com>
+
+        Reviewed by Geoff.
+        
+        Fix for <rdar://problem/5499125>
+        REGRESSION (r21367): After launching Kidzui beta, a webview frame fails to appear in its main window
+        
+        If window object properties were modified when it had initial empty document (synchronously after 
+        window.open() for example) those modifications were lost when the real document was switched in.
+        
+        Match Firefox behavior where window properties are not cleared if the inital document and the loaded one
+        have matching security domains.
+
+        Tests: fast/dom/Window/window-early-properties.html
+               http/tests/security/window-properties-clear-domain.html
+               http/tests/security/window-properties-clear-port.html
+               http/tests/security/window-properties-pass.html
+
+        * WebCore.exp:
+        * loader/FrameLoader.cpp:
+        (WebCore::FrameLoader::FrameLoader):
+        (WebCore::FrameLoader::init):
+        (WebCore::FrameLoader::clear):
+        (WebCore::FrameLoader::isSecureTransition):
+        (WebCore::FrameLoader::begin):
+        * loader/FrameLoader.h:
+        If we are transitioning from initial empty document to the final one, do a domain security check
+        between old security policy URL and new URL. If that passes don't clear script proxy and script objects.
+        
+        * bindings/js/kjs_proxy.cpp:
+        (WebCore::KJSProxy::updateDocumentWrapper):
+        * bindings/js/kjs_proxy.h:
+        * page/Frame.cpp:
+        (WebCore::Frame::setDocument):
+        Since we don't always clear window properties anymore, we need to update the document property to point to
+        the newly created one. 
+        
 2007-09-27  Kevin Decker  <kdecker@apple.com>
 

trunk/WebCore/WebCore.exp

@@ -169 +169 @@
 __ZN7WebCore11FrameLoader4loadERKNS_4KURLEPNS_5EventE
 __ZN7WebCore11FrameLoader4loadERKNS_4KURLERKNS_6StringENS_13FrameLoadTypeES6_PNS_5EventEN3WTF10PassRefPtrINS_9FormStateEEE
-__ZN7WebCore11FrameLoader5clearEb
+__ZN7WebCore11FrameLoader5clearEbb
 __ZN7WebCore11FrameLoader6reloadEv
 __ZN7WebCore11FrameLoader7canLoadERKNS_4KURLEPKNS_8DocumentE

trunk/WebCore/bindings/js/kjs_proxy.cpp

@@ -27 +27 @@
 #include "FrameLoader.h"
 #include "GCController.h"
+#include "JSDocument.h"
 #include "JSDOMWindow.h"
 #include "Page.h"
@@ -165 +166 @@
   m_frame->loader()->dispatchWindowObjectAvailable();
 }
+    
+void KJSProxy::updateDocumentWrapper() 
+{
+    if (!m_script || !m_frame->document())
+        return;
+    JSLock lock;
+    // this will update 'document' property to point to the current document
+    toJS(m_script->globalExec(), m_frame->document());
+}
 
 }

trunk/WebCore/bindings/js/kjs_proxy.h

@@ -55 +55 @@
 
     bool haveInterpreter() const { return m_script; }
+    
+    void updateDocumentWrapper();
 
 private:

trunk/WebCore/loader/FrameLoader.cpp

@@ -237 +237 @@
     , m_openedByDOM(false)
     , m_creatingInitialEmptyDocument(false)
+    , m_isDisplayingInitialEmptyDocument(false)
     , m_committedFirstRealDocumentLoad(false)
     , m_didPerformFirstNavigation(false)
@@ -261 +262 @@
 {
     // this somewhat odd set of steps is needed to give the frame an initial empty document
+    m_isDisplayingInitialEmptyDocument = false;
     m_creatingInitialEmptyDocument = true;
     setPolicyDocumentLoader(m_client->createDocumentLoader(ResourceRequest(String("")), SubstituteData()).get());
@@ -764 +766 @@
 }
 
-void FrameLoader::clear(bool clearWindowProperties)
+void FrameLoader::clear(bool clearWindowProperties, bool clearScriptObjects)
 {
     // FIXME: Commenting out the below line causes <http://bugs.webkit.org/show_bug.cgi?id=11212>, but putting it
@@ -801 +803 @@
 
     m_containsPlugIns = false;
-    m_frame->clearScriptObjects();
+    
+    if (clearScriptObjects)
+        m_frame->clearScriptObjects();
   
     m_redirectionTimer.stop();
@@ -810 +814 @@
 
     m_receivedData = false;
+    m_isDisplayingInitialEmptyDocument = false;
 
     if (!m_encodingWasChosenByUser)
@@ -854 +859 @@
     m_responseMIMEType = type;
 }
+    
+bool FrameLoader::isSecureTransition(const KURL& fromURL, const KURL& toURL)
+{ 
+    // new window created by the application
+    if (fromURL.isEmpty())
+        return true;
+    
+    if (fromURL.isLocalFile())
+        return true;
+    
+    if (equalIgnoringCase(fromURL.host(), toURL.host()) && equalIgnoringCase(fromURL.protocol(), toURL.protocol()) && fromURL.port() == toURL.port())
+        return true;
+    
+    return false;
+}
 
 void FrameLoader::begin()
@@ -862 +882 @@
 void FrameLoader::begin(const KURL& url, bool dispatch)
 {
-    clear();
+    bool resetScripting = !(m_isDisplayingInitialEmptyDocument && m_frame->document() 
+                            && isSecureTransition(m_frame->document()->securityPolicyURL(), url));
+    clear(resetScripting, resetScripting);
     if (dispatch)
         dispatchWindowObjectAvailable();
@@ -870 +892 @@
     m_didCallImplicitClose = false;
     m_isLoadingMainResource = true;
+    m_isDisplayingInitialEmptyDocument = m_creatingInitialEmptyDocument;
 
     KURL ref(url);

trunk/WebCore/loader/FrameLoader.h

@@ -532 +532 @@
         void updateHistoryAfterClientRedirect();
 
-        void clear(bool clearWindowProperties = true);
+        void clear(bool clearWindowProperties = true, bool clearScriptObjects = true);
 
         bool shouldReloadToHandleUnreachableURL(DocumentLoader*);
@@ -546 +546 @@
 
         void startIconLoader();
+        
+        bool isSecureTransition(const KURL& fromURL, const KURL& toURL);
 
 #if USE(LOW_BANDWIDTH_DISPLAY)
@@ -637 +639 @@
 
         bool m_creatingInitialEmptyDocument;
+        bool m_isDisplayingInitialEmptyDocument;
         bool m_committedFirstRealDocumentLoad;
 

trunk/WebCore/page/Frame.cpp

@@ -280 +280 @@
     if (d->m_doc && !d->m_doc->attached())
         d->m_doc->attach();
+    
+    if (d->m_jscript && d->m_doc)
+        d->m_jscript->updateDocumentWrapper();
 }