Changeset 106736 in webkit
- Timestamp:
- Feb 4, 2012 2:09:16 AM (12 years ago)
- Location:
- trunk/LayoutTests
- Files:
-
- 4 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/LayoutTests/ChangeLog
r106733 r106736 1 2012-02-04 Adam Barth <abarth@webkit.org> 2 3 http/tests/security/xss-eval fails due to difference in JSC and V8 eval 4 https://bugs.webkit.org/show_bug.cgi?id=77806 5 6 Reviewed by Eric Seidel. 7 8 Both the JSC and V8 behaviors are reasonable in this case. This patch 9 modifies the test to show that either behavior isn't a security 10 vulnerability. 11 12 * http/tests/security/xss-eval.html: 13 * platform/chromium/http/tests/security/xss-eval-expected.txt: 14 * platform/chromium/test_expectations.txt: 15 1 16 2012-02-04 David Grogan <dgrogan@chromium.org> 2 17 -
trunk/LayoutTests/http/tests/security/xss-eval.html
r33006 r106736 26 26 } 27 27 28 document.testExpando = "It's me!"; 29 28 30 addEventListener("message", function() 29 31 { 30 shouldBe("eval.call(frames[0], 'document')", (function() { try { return eval.call(frames[0], 'document'); } catch(e) { return e.name; } })(), "EvalError"); 32 (function() { 33 try { 34 var doc = eval.call(frames[0], 'document'); 35 // V8 execute the eval our scope, which is safe. 36 shouldBe("documentFromEval", doc.testExpando, "It's me!") 37 } catch(e) { 38 // JSC throws an exception, which is also safe. 39 shouldBe("eval.call(frames[0], 'document')", e.name, "EvalError"); 40 } 41 })(); 31 42 32 43 shouldBe("childEval.call(frames[0], 'document')", (function() { try { return childEval.call(frames[0], 'document'); } catch(e) { return e.name; } })(), "EvalError"); 33 44 34 45 shouldBe("childEvalCaller('document')", (function() { try { return childEvalCaller('document'); } catch(e) { return e.name; } })(), "TypeError"); 35 46 36 47 shouldBe("childLocalEvalCaller('document')", (function() { try { return childLocalEvalCaller('document'); } catch(e) { return e.name; } })(), "EvalError"); 37 48 38 49 if (window.layoutTestController) 39 50 layoutTestController.notifyDone(); -
trunk/LayoutTests/platform/chromium/http/tests/security/xss-eval-expected.txt
r104912 r106736 5 5 If the test passes, you'll see a pass message below. 6 6 7 PASS: eval.call(frames[0], 'document') should be EvalErrorand is.7 PASS: documentFromEval should be It's me! and is. 8 8 PASS: childEval.call(frames[0], 'document') should be EvalError and is. 9 9 PASS: childEvalCaller('document') should be TypeError and is. -
trunk/LayoutTests/platform/chromium/test_expectations.txt
r106733 r106736 797 797 BUGWK71451 LINUX : http/tests/security/contentSecurityPolicy/object-src-none-allowed.html = TEXT PASS 798 798 BUGWK59552 SNOWLEOPARD DEBUG : http/tests/security/cross-frame-access-custom.html = PASS CRASH 799 BUGRICOW : http/tests/security/xss-eval.html = TEXT800 799 BUGWK72272 WIN : security/crypto-random-values-types.html = TEXT PASS 801 800 BUGCR24182 WIN RELEASE : http/tests/security/cross-origin-css.html = PASS TIMEOUT
Note: See TracChangeset
for help on using the changeset viewer.