Changeset 30634 in webkit
- Timestamp:
- Feb 27, 2008 3:59:54 PM (16 years ago)
- Location:
- trunk
- Files:
-
- 8 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/LayoutTests/ChangeLog
r30632 r30634 1 2008-02-27 Sam Weinig <sam@webkit.org> 2 3 Reviewed by Darin. 4 5 Updates tests for <rdar://problem/5768769> 6 7 * http/tests/security/aboutBlank/xss-DENIED-set-opener-expected.txt: 8 * http/tests/security/cross-frame-access-call-expected.txt: 9 * http/tests/security/cross-frame-access-call.html: 10 1 11 2008-02-27 Brady Eidson <beidson@apple.com> 2 12 -
trunk/LayoutTests/http/tests/security/aboutBlank/xss-DENIED-set-opener-expected.txt
r29266 r30634 1 CONSOLE MESSAGE: line 1: Unsafe JavaScript attempt to access frame with URL http://localhost:8000/security/resources/innocent-victim.html from frame with URL http://127.0.0.1:8000/security/aboutBlank/xss-DENIED-set-opener.html. Domains, protocols and ports must match. 2 1 3 CONSOLE MESSAGE: line 1: Unsafe JavaScript attempt to access frame with URL http://localhost:8000/security/resources/innocent-victim.html from frame with URL about:blank. Domains, protocols and ports must match. 2 4 -
trunk/LayoutTests/http/tests/security/cross-frame-access-call-expected.txt
r29008 r30634 7 7 CONSOLE MESSAGE: line 1: Unsafe JavaScript attempt to access frame with URL http://localhost:8000/security/resources/cross-frame-iframe-for-get-test.html from frame with URL http://127.0.0.1:8000/security/cross-frame-access-call.html. Domains, protocols and ports must match. 8 8 9 CONSOLE MESSAGE: line 1: Unsafe JavaScript attempt to access frame with URL http://localhost:8000/security/resources/cross-frame-iframe-for-get-test.html from frame with URL http://127.0.0.1:8000/security/cross-frame-access-call.html. Domains, protocols and ports must match. 10 11 CONSOLE MESSAGE: line 1: Unsafe JavaScript attempt to access frame with URL http://localhost:8000/security/resources/cross-frame-iframe-for-get-test.html from frame with URL http://127.0.0.1:8000/security/cross-frame-access-call.html. Domains, protocols and ports must match. 12 13 CONSOLE MESSAGE: line 1: Unsafe JavaScript attempt to access frame with URL http://localhost:8000/security/resources/cross-frame-iframe-for-get-test.html from frame with URL http://127.0.0.1:8000/security/cross-frame-access-call.html. Domains, protocols and ports must match. 14 15 CONSOLE MESSAGE: line 1: Unsafe JavaScript attempt to access frame with URL http://localhost:8000/security/resources/cross-frame-iframe-for-get-test.html from frame with URL http://127.0.0.1:8000/security/cross-frame-access-call.html. Domains, protocols and ports must match. 16 17 CONSOLE MESSAGE: line 1: Unsafe JavaScript attempt to access frame with URL http://localhost:8000/security/resources/cross-frame-iframe-for-get-test.html from frame with URL http://127.0.0.1:8000/security/cross-frame-access-call.html. Domains, protocols and ports must match. 18 19 CONSOLE MESSAGE: line 1: Unsafe JavaScript attempt to access frame with URL http://localhost:8000/security/resources/cross-frame-iframe-for-get-test.html from frame with URL http://127.0.0.1:8000/security/cross-frame-access-call.html. Domains, protocols and ports must match. 20 21 CONSOLE MESSAGE: line 1: Unsafe JavaScript attempt to access frame with URL http://localhost:8000/security/resources/cross-frame-iframe-for-get-test.html from frame with URL http://127.0.0.1:8000/security/cross-frame-access-call.html. Domains, protocols and ports must match. 22 23 CONSOLE MESSAGE: line 1: Unsafe JavaScript attempt to access frame with URL http://localhost:8000/security/resources/cross-frame-iframe-for-get-test.html from frame with URL http://127.0.0.1:8000/security/cross-frame-access-call.html. Domains, protocols and ports must match. 24 25 CONSOLE MESSAGE: line 1: Unsafe JavaScript attempt to access frame with URL http://localhost:8000/security/resources/cross-frame-iframe-for-get-test.html from frame with URL http://127.0.0.1:8000/security/cross-frame-access-call.html. Domains, protocols and ports must match. 26 27 CONSOLE MESSAGE: line 1: Unsafe JavaScript attempt to access frame with URL http://localhost:8000/security/resources/cross-frame-iframe-for-get-test.html from frame with URL http://127.0.0.1:8000/security/cross-frame-access-call.html. Domains, protocols and ports must match. 28 29 CONSOLE MESSAGE: line 1: Unsafe JavaScript attempt to access frame with URL http://localhost:8000/security/resources/cross-frame-iframe-for-get-test.html from frame with URL http://127.0.0.1:8000/security/cross-frame-access-call.html. Domains, protocols and ports must match. 30 31 CONSOLE MESSAGE: line 1: Unsafe JavaScript attempt to access frame with URL http://localhost:8000/security/resources/cross-frame-iframe-for-get-test.html from frame with URL http://127.0.0.1:8000/security/cross-frame-access-call.html. Domains, protocols and ports must match. 32 33 CONSOLE MESSAGE: line 1: Unsafe JavaScript attempt to access frame with URL http://localhost:8000/security/resources/cross-frame-iframe-for-get-test.html from frame with URL http://127.0.0.1:8000/security/cross-frame-access-call.html. Domains, protocols and ports must match. 34 35 CONSOLE MESSAGE: line 1: Unsafe JavaScript attempt to access frame with URL http://localhost:8000/security/resources/cross-frame-iframe-for-get-test.html from frame with URL http://127.0.0.1:8000/security/cross-frame-access-call.html. Domains, protocols and ports must match. 36 37 CONSOLE MESSAGE: line 1: Unsafe JavaScript attempt to access frame with URL http://localhost:8000/security/resources/cross-frame-iframe-for-get-test.html from frame with URL http://127.0.0.1:8000/security/cross-frame-access-call.html. Domains, protocols and ports must match. 38 39 CONSOLE MESSAGE: line 1: Unsafe JavaScript attempt to access frame with URL http://localhost:8000/security/resources/cross-frame-iframe-for-get-test.html from frame with URL http://127.0.0.1:8000/security/cross-frame-access-call.html. Domains, protocols and ports must match. 40 41 CONSOLE MESSAGE: line 1: Unsafe JavaScript attempt to access frame with URL http://localhost:8000/security/resources/cross-frame-iframe-for-get-test.html from frame with URL http://127.0.0.1:8000/security/cross-frame-access-call.html. Domains, protocols and ports must match. 42 43 CONSOLE MESSAGE: line 1: Unsafe JavaScript attempt to access frame with URL http://localhost:8000/security/resources/cross-frame-iframe-for-get-test.html from frame with URL http://127.0.0.1:8000/security/cross-frame-access-call.html. Domains, protocols and ports must match. 44 45 CONSOLE MESSAGE: line 1: Unsafe JavaScript attempt to access frame with URL http://localhost:8000/security/resources/cross-frame-iframe-for-get-test.html from frame with URL http://127.0.0.1:8000/security/cross-frame-access-call.html. Domains, protocols and ports must match. 46 47 CONSOLE MESSAGE: line 1: Unsafe JavaScript attempt to access frame with URL http://localhost:8000/security/resources/cross-frame-iframe-for-get-test.html from frame with URL http://127.0.0.1:8000/security/cross-frame-access-call.html. Domains, protocols and ports must match. 48 49 CONSOLE MESSAGE: line 1: Unsafe JavaScript attempt to access frame with URL http://localhost:8000/security/resources/cross-frame-iframe-for-get-test.html from frame with URL http://127.0.0.1:8000/security/cross-frame-access-call.html. Domains, protocols and ports must match. 50 51 CONSOLE MESSAGE: line 1: Unsafe JavaScript attempt to access frame with URL http://localhost:8000/security/resources/cross-frame-iframe-for-get-test.html from frame with URL http://127.0.0.1:8000/security/cross-frame-access-call.html. Domains, protocols and ports must match. 52 53 CONSOLE MESSAGE: line 55: Undefined value 9 54 10 55 11 56 ----- tests for calling methods of another frame using Function.call ----- 12 57 13 PASS: setTimeout.call(targetWindow, 'void(0);', 0) should be 'undefined' and is. 14 PASS: setInterval.call(targetWindow, 'void(0);', 0) should be 'undefined' and is. 58 PASS: window.setTimeout.call(targetWindow, 'void(0);', 0) should be 'undefined' and is. 59 PASS: window.setInterval.call(targetWindow, 'void(0);', 0) should be 'undefined' and is. 60 PASS: window.getSelection.call(targetWindow) should be 'undefined' and is. 61 PASS: window.find.call(targetWindow, 'string', false, false, false, false, false, false) should be 'undefined' and is. 62 PASS: window.confirm.call(targetWindow, 'message') should be 'undefined' and is. 63 PASS: window.prompt.call(targetWindow, 'message', 'defaultValue') should be 'undefined' and is. 64 PASS: window.getComputedStyle.call(targetWindow, document.body, '') should be 'undefined' and is. 65 PASS: window.getMatchedCSSRules.call(targetWindow, document.body, '', false) should be 'undefined' and is. 66 PASS: window.openDatabase.call(targetWindow, 'name') should be 'undefined' and is. 67 PASS: window.atob.call(targetWindow, 'string') should be 'undefined' and is. 68 PASS: window.btoa.call(targetWindow, 'string') should be 'undefined' and is. 69 PASS: window.open.call(targetWindow, '') should be 'undefined' and is. 15 70 -
trunk/LayoutTests/http/tests/security/cross-frame-access-call.html
r29008 r30634 17 17 log("\n----- tests for calling methods of another frame using Function.call -----\n"); 18 18 19 // Allowed 20 // void focus(); 21 // void blur(); 22 // void close(); 23 // void postMessage(in DOMString message); 24 25 // - Tests for the Window object - 19 26 // undefined value indicates failure 20 shouldBe("setTimeout.call(targetWindow, 'void(0);', 0)", undefined); 21 shouldBe("setInterval.call(targetWindow, 'void(0);', 0)", undefined); 27 shouldBe("window.setTimeout.call(targetWindow, 'void(0);', 0)", "undefined"); 28 shouldBe("window.setInterval.call(targetWindow, 'void(0);', 0)", "undefined"); 29 shouldBe("window.getSelection.call(targetWindow)", "undefined"); 30 shouldBe("window.find.call(targetWindow, 'string', false, false, false, false, false, false)", "undefined"); 31 shouldBe("window.confirm.call(targetWindow, 'message')", "undefined"); 32 shouldBe("window.prompt.call(targetWindow, 'message', 'defaultValue')", "undefined"); 33 shouldBe("window.getComputedStyle.call(targetWindow, document.body, '')", "undefined"); 34 shouldBe("window.getMatchedCSSRules.call(targetWindow, document.body, '', false)", "undefined"); 35 shouldBe("window.openDatabase.call(targetWindow, 'name')", "undefined"); 36 shouldBe("window.atob.call(targetWindow, 'string')", "undefined"); 37 shouldBe("window.btoa.call(targetWindow, 'string')", "undefined"); 38 shouldBe("window.open.call(targetWindow, '')", "undefined"); 22 39 23 // these always return undefined so we use the error console to detect failure 24 addEventListener.call(targetWindow, "load", null, false); 25 removeEventListener.call(targetWindow, "load", null, false); 40 // These always return undefined so we use the error console to detect failure 41 window.addEventListener.call(targetWindow, "load", null, false); 42 window.removeEventListener.call(targetWindow, "load", null, false); 43 window.clearTimeout.call(targetWindow, 0); 44 window.clearInterval.call(targetWindow, 0); 45 window.print.call(targetWindow); 46 window.stop.call(targetWindow); 47 window.alert.call(targetWindow, 'message'); 48 window.scrollBy.call(targetWindow, 0, 0); 49 window.scrollTo.call(targetWindow, 0, 0); 50 window.scroll.call(targetWindow, 0, 0); 51 window.moveBy.call(targetWindow, 0, 0); 52 window.moveTo.call(targetWindow, 0, 0); 53 window.resizeBy.call(targetWindow, 0, 0); 54 window.resizeTo.call(targetWindow, 0, 0); 55 window.showModalDialog.call(targetWindow); 56 57 // - Tests for the Location object - 58 // undefined value indicates failure 59 shouldBe("window.location.toString.call(targetWindow.location)", "undefined"); 26 60 27 61 // Work around DRT bug that causes subsequent tests to fail. -
trunk/WebCore/ChangeLog
r30633 r30634 1 2008-02-27 Sam Weinig <sam@webkit.org> 2 3 Reviewed by Darin. 4 5 Fix for <rdar://problem/5768769> 6 7 - Don't allow cross-origin calls using window.functionName.call(otherFrame) 8 syntax. 9 10 * bindings/js/JSLocation.cpp: 11 (WebCore::jsLocationProtoFuncToString): Do same-origin check. 12 * bindings/js/kjs_window.cpp: 13 (KJS::windowProtoFuncAToB): Ditto. 14 (KJS::windowProtoFuncBToA): Ditto. 15 (KJS::windowProtoFuncOpen): Ditto. 16 (KJS::windowProtoFuncClearTimeout): Ditto. 17 * bindings/scripts/CodeGeneratorJS.pm: Ditto. 18 1 19 2008-02-27 David Hyatt <hyatt@apple.com> 2 20 -
trunk/WebCore/bindings/js/JSLocation.cpp
r30534 r30634 302 302 if (!frame) 303 303 return jsUndefined(); 304 if (!allowsAccessFromFrame(exec, frame)) 305 return jsUndefined(); 304 306 305 307 const KURL& url = frame->loader()->url(); -
trunk/WebCore/bindings/js/kjs_window.cpp
r30617 r30634 1074 1074 if (!thisObj->inherits(&Window::info)) 1075 1075 return throwError(exec, TypeError); 1076 if (!static_cast<Window*>(thisObj)->allowsAccessFrom(exec)) 1077 return jsUndefined(); 1076 1078 1077 1079 if (args.size() < 1) … … 1103 1105 if (!thisObj->inherits(&Window::info)) 1104 1106 return throwError(exec, TypeError); 1107 if (!static_cast<Window*>(thisObj)->allowsAccessFrom(exec)) 1108 return jsUndefined(); 1105 1109 1106 1110 if (args.size() < 1) … … 1132 1136 return throwError(exec, TypeError); 1133 1137 Window* window = static_cast<Window*>(thisObj); 1138 if (!window->allowsAccessFrom(exec)) 1139 return jsUndefined(); 1140 1134 1141 Frame* frame = window->impl()->frame(); 1135 1142 if (!frame) … … 1221 1228 return throwError(exec, TypeError); 1222 1229 Window* window = static_cast<Window*>(thisObj); 1230 if (!window->allowsAccessFrom(exec)) 1231 return jsUndefined(); 1223 1232 1224 1233 window->clearTimeout(args[0]->toInt32(exec)); -
trunk/WebCore/bindings/scripts/CodeGeneratorJS.pm
r30534 r30634 1150 1150 push(@implContent, " $className* castedThisObj = static_cast<$className*>(thisObj);\n"); 1151 1151 1152 if ($dataNode->extendedAttributes->{"CheckDomainSecurity"} && 1153 !$function->signature->extendedAttributes->{"DoNotCheckDomainSecurity"}) { 1154 push(@implContent, " if (!castedThisObj->allowsAccessFrom(exec))\n"); 1155 push(@implContent, " return jsUndefined();\n"); 1156 } 1157 1152 1158 if ($function->signature->extendedAttributes->{"Custom"}) { 1153 push(@implContent, " 1159 push(@implContent, " return castedThisObj->" . $codeGenerator->WK_lcfirst($function->signature->name) . "(exec, args);\n"); 1154 1160 } else { 1155 1161 if ($podType) {
Note: See TracChangeset
for help on using the changeset viewer.