Changeset 116132 in webkit


Ignore:
Timestamp:
May 4, 2012 11:38:03 AM (12 years ago)
Author:
abarth@webkit.org
Message:

CSP: Eval isn't blocked in about:blank subframes
https://bugs.webkit.org/show_bug.cgi?id=85553

Reviewed by Eric Seidel.

This patch fixes a race condition in this test. We need to wait for
the load event to ensure that the iframe has finished loading.

  • http/tests/security/contentSecurityPolicy/eval-blocked-in-about-blank-iframe.html:
Location:
trunk/LayoutTests
Files:
2 edited

Legend:

Unmodified
Added
Removed

  • trunk/LayoutTests/ChangeLog

    r116128 r116132  
     12012-05-04  Adam Barth  <abarth@webkit.org>
     2
     3        CSP: Eval isn't blocked in about:blank subframes
     4        https://bugs.webkit.org/show_bug.cgi?id=85553
     5
     6        Reviewed by Eric Seidel.
     7
     8        This patch fixes a race condition in this test.  We need to wait for
     9        the load event to ensure that the iframe has finished loading.
     10
     11        * http/tests/security/contentSecurityPolicy/eval-blocked-in-about-blank-iframe.html:
     12
    1132012-05-04  Alexander Pavlov  <apavlov@chromium.org>
    214

  • trunk/LayoutTests/http/tests/security/contentSecurityPolicy/eval-blocked-in-about-blank-iframe.html

    r116066 r116132  
    77Eval should be blocked in the iframe, but inline script should be allowed.
    88<script>
    9 frames[0].document.write("<script>alert(/PASS/); eval('alert(/FAIL/);');<\/script>");
     9window.onload = function() {
     10    frames[0].document.write("<script>alert(/PASS/); eval('alert(/FAIL/);');<\/script>");
     11}
    1012</script>
Note: See TracChangeset for help on using the changeset viewer.