Changeset 111098 in webkit
- Timestamp:
- Mar 16, 2012 5:31:22 PM (12 years ago)
- Location:
- trunk
- Files:
-
- 9 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/LayoutTests/ChangeLog
r111094 r111098 1 2012-03-16 Tom Sepez <tsepez@chromium.org> 2 3 Make V8 window.open.call(), window.open.showModalDialog() results more closely match JSC. 4 https://bugs.webkit.org/show_bug.cgi?id=81260 5 https://bugs.webkit.org/show_bug.cgi?id=39897 6 7 Reviewed by Adam Barth. 8 9 * http/tests/security/cross-frame-access-call-expected.txt: 10 * http/tests/security/cross-frame-access-call.html: 11 * http/tests/security/cross-frame-access-get-expected.txt: 12 * http/tests/security/cross-frame-access-get.html: 13 * platform/chromium/http/tests/security/aboutBlank/xss-DENIED-set-opener-expected.txt: 14 * platform/chromium/http/tests/security/cross-frame-access-call-expected.txt: 15 1 16 2012-03-16 Tony Chang <tony@chromium.org> 2 17 -
trunk/LayoutTests/http/tests/security/cross-frame-access-call-expected.txt
r104803 r111098 1 CONSOLE MESSAGE: Unsafe JavaScript attempt to access frame with URL http://localhost:8000/security/resources/cross-frame-iframe-for-get-test.html from frame with URL http://127.0.0.1:8000/security/cross-frame-access-call.html. Domains, protocols and ports must match. 2 1 3 CONSOLE MESSAGE: Unsafe JavaScript attempt to access frame with URL http://localhost:8000/security/resources/cross-frame-iframe-for-get-test.html from frame with URL http://127.0.0.1:8000/security/cross-frame-access-call.html. Domains, protocols and ports must match. 2 4 … … 83 85 PASS: window.resizeBy.call(targetWindow, 0, 0); should be 'undefined' and is. 84 86 PASS: window.resizeTo.call(targetWindow, 0, 0); should be 'undefined' and is. 87 PASS: window.showModalDialog.call(targetWindow); should be 'undefined' and is. 88 PASS: window.eval.call(targetWindow, '1+2'); should be 'EvalError: The "this" value passed to eval must be the global object from which eval originated' and is. 85 89 PASS: window.location.toString.call(targetWindow.location) should be 'undefined' and is. 86 90 -
trunk/LayoutTests/http/tests/security/cross-frame-access-call.html
r70335 r111098 55 55 shouldBe("window.resizeBy.call(targetWindow, 0, 0);", "undefined"); 56 56 shouldBe("window.resizeTo.call(targetWindow, 0, 0);", "undefined"); 57 shouldBe("window.showModalDialog.call(targetWindow);", "undefined"); 57 58 58 // FIXME: showModalDialog now works on DRT and thus breaks this test. Will uncomment after adding a separate test for Mac for showModalDialog - Bug #39897 59 // Throws a TypeError and logs to the error console 60 // shouldBe("window.showModalDialog.call(targetWindow);", '"TypeError: Result of expression \'window.showModalDialog\' [undefined] is not an object."'); 59 // Throws an EvalError and logs to the error console 60 shouldBe("window.eval.call(targetWindow, '1+2');", '"EvalError: The \\"this\\" value passed to eval must be the global object from which eval originated"'); 61 61 62 62 // - Tests for the Location object - -
trunk/LayoutTests/http/tests/security/cross-frame-access-get-expected.txt
r104803 r111098 1 CONSOLE MESSAGE: Unsafe JavaScript attempt to access frame with URL http://localhost:8000/security/resources/cross-frame-iframe-for-get-test.html from frame with URL http://127.0.0.1:8000/security/cross-frame-access-get.html. Domains, protocols and ports must match. 2 1 3 CONSOLE MESSAGE: Unsafe JavaScript attempt to access frame with URL http://localhost:8000/security/resources/cross-frame-iframe-for-get-test.html from frame with URL http://127.0.0.1:8000/security/cross-frame-access-get.html. Domains, protocols and ports must match. 2 4 … … 537 539 PASS: canGet('targetWindow.setInterval') should be 'false' and is. 538 540 PASS: canGet('targetWindow.setTimeout') should be 'false' and is. 541 PASS: canGet('targetWindow.showModalDialog') should be 'false' and is. 539 542 PASS: canGet('targetWindow.stop') should be 'false' and is. 540 543 -
trunk/LayoutTests/http/tests/security/cross-frame-access-get.html
r69553 r111098 134 134 "setInterval", 135 135 "setTimeout", 136 // FIXME: This function is now implemented on mac and hence the expected output changes. Uncomment after adding a 137 // mac specific test for showModalDialog. Bug# 39897 138 // "showModalDialog", 136 "showModalDialog", 139 137 "stop" 140 138 ]; -
trunk/LayoutTests/platform/chromium/http/tests/security/aboutBlank/xss-DENIED-set-opener-expected.txt
r104803 r111098 1 CONSOLE MESSAGE: Unsafe JavaScript attempt to access frame with URL http://localhost:8000/security/resources/innocent-victim.html from frame with URL http://127.0.0.1:8000/security/aboutBlank/xss-DENIED-set-opener.html. Domains, protocols and ports must match. 2 1 3 CONSOLE MESSAGE: Unsafe JavaScript attempt to access frame with URL http://localhost:8000/security/resources/innocent-victim.html from frame with URL http://127.0.0.1:8000/security/aboutBlank/xss-DENIED-set-opener.html. Domains, protocols and ports must match. 2 4 -
trunk/LayoutTests/platform/chromium/http/tests/security/cross-frame-access-call-expected.txt
r108729 r111098 21 21 CONSOLE MESSAGE: Unsafe JavaScript attempt to access frame with URL http://localhost:8000/security/resources/cross-frame-iframe-for-get-test.html from frame with URL http://127.0.0.1:8000/security/cross-frame-access-call.html. Domains, protocols and ports must match. 22 22 23 CONSOLE MESSAGE: Unsafe JavaScript attempt to access frame with URL about:blank from frame with URL http://127.0.0.1:8000/security/cross-frame-access-call.html. Domains, protocols and ports must match. 23 CONSOLE MESSAGE: Unsafe JavaScript attempt to access frame with URL http://localhost:8000/security/resources/cross-frame-iframe-for-get-test.html from frame with URL http://127.0.0.1:8000/security/cross-frame-access-call.html. Domains, protocols and ports must match. 24 25 CONSOLE MESSAGE: Unsafe JavaScript attempt to access frame with URL http://localhost:8000/security/resources/cross-frame-iframe-for-get-test.html from frame with URL http://127.0.0.1:8000/security/cross-frame-access-call.html. Domains, protocols and ports must match. 24 26 25 27 CONSOLE MESSAGE: Unsafe JavaScript attempt to access frame with URL http://localhost:8000/security/resources/cross-frame-iframe-for-get-test.html from frame with URL http://127.0.0.1:8000/security/cross-frame-access-call.html. Domains, protocols and ports must match. … … 68 70 PASS: window.atob.call(targetWindow, 'string') should be 'undefined' and is. 69 71 PASS: window.btoa.call(targetWindow, 'string') should be 'undefined' and is. 70 *** FAIL: window.open.call(targetWindow, '') should be 'undefined' but instead is [object Window]. *** 72 PASS: window.open.call(targetWindow, '') should be 'undefined' and is. 71 73 PASS: window.addEventListener.call(targetWindow, 'load', null, false); should be 'undefined' and is. 72 74 PASS: window.removeEventListener.call(targetWindow, 'load', null, false); should be 'undefined' and is. … … 83 85 PASS: window.resizeBy.call(targetWindow, 0, 0); should be 'undefined' and is. 84 86 PASS: window.resizeTo.call(targetWindow, 0, 0); should be 'undefined' and is. 87 PASS: window.showModalDialog.call(targetWindow); should be 'undefined' and is. 88 *** FAIL: window.eval.call(targetWindow, '1+2'); should be 'EvalError: The "this" value passed to eval must be the global object from which eval originated' but instead is 3. *** 85 89 PASS: window.location.toString.call(targetWindow.location) should be 'undefined' and is. 86 90 -
trunk/Source/WebCore/ChangeLog
r111096 r111098 1 2012-03-16 Tom Sepez <tsepez@chromium.org> 2 3 Make V8 window.open.call(), window.open.showModalDialog() results more closely match JSC. 4 https://bugs.webkit.org/show_bug.cgi?id=81260 5 https://bugs.webkit.org/show_bug.cgi?id=39897 6 7 Reviewed by Adam Barth. 8 9 Tested via http/tests/security/cross-frame-access-call.htm 10 11 * bindings/v8/custom/V8DOMWindowCustom.cpp: 12 (WebCore::V8DOMWindow::showModalDialogCallback): 13 (WebCore::V8DOMWindow::openCallback): 14 1 15 2012-03-16 Matt Lilek <mrl@apple.com> 2 16 -
trunk/Source/WebCore/bindings/v8/custom/V8DOMWindowCustom.cpp
r108700 r111098 427 427 INC_STATS("DOM.DOMWindow.showModalDialog()"); 428 428 DOMWindow* impl = V8DOMWindow::toNative(args.Holder()); 429 430 429 V8BindingState* state = V8BindingState::Only(); 430 if (!V8BindingSecurity::canAccessFrame(state, impl->frame(), true)) 431 return v8::Undefined(); 432 433 // FIXME: Handle exceptions properly. 434 String urlString = toWebCoreStringWithNullOrUndefinedCheck(args[0]); 435 DialogHandler handler(args[1]); 436 String dialogFeaturesString = toWebCoreStringWithNullOrUndefinedCheck(args[2]); 431 437 432 438 DOMWindow* activeWindow = state->activeWindow(); 433 439 DOMWindow* firstWindow = state->firstWindow(); 434 435 // FIXME: Handle exceptions properly.436 String urlString = toWebCoreStringWithNullOrUndefinedCheck(args[0]);437 String dialogFeaturesString = toWebCoreStringWithNullOrUndefinedCheck(args[2]);438 439 DialogHandler handler(args[1]);440 441 440 impl->showModalDialog(urlString, dialogFeaturesString, activeWindow, firstWindow, setUpDialog, &handler); 442 441 … … 448 447 INC_STATS("DOM.DOMWindow.open()"); 449 448 DOMWindow* impl = V8DOMWindow::toNative(args.Holder()); 450 451 449 V8BindingState* state = V8BindingState::Only(); 452 453 DOMWindow* activeWindow = state->activeWindow(); 454 DOMWindow* firstWindow = state->firstWindow(); 450 if (!V8BindingSecurity::canAccessFrame(state, impl->frame(), true)) 451 return v8::Undefined(); 455 452 456 453 // FIXME: Handle exceptions properly. … … 459 456 String windowFeaturesString = toWebCoreStringWithNullOrUndefinedCheck(args[2]); 460 457 458 DOMWindow* activeWindow = state->activeWindow(); 459 DOMWindow* firstWindow = state->firstWindow(); 461 460 RefPtr<DOMWindow> openedWindow = impl->open(urlString, frameName, windowFeaturesString, activeWindow, firstWindow); 462 461 if (!openedWindow) 463 462 return v8::Undefined(); 463 464 464 return toV8(openedWindow.release()); 465 465 }
Note: See TracChangeset
for help on using the changeset viewer.