Changeset 120093 in webkit
- Timestamp:
- Jun 12, 2012 11:02:56 AM (12 years ago)
- Location:
- trunk
- Files:
-
- 4 added
- 17 deleted
- 9 edited
- 1 copied
- 2 moved
Legend:
- Unmodified
- Added
- Removed
-
trunk/LayoutTests/ChangeLog
r120084 r120093 1 2012-06-12 Mike West <mkwst@chromium.org> 2 3 Make document.documentURI readonly from JavaScript 4 https://bugs.webkit.org/show_bug.cgi?id=65187 5 6 Reviewed by Alexey Proskuryakov. 7 8 * dom/xhtml/level3/core/documentsetdocumenturi01-expected.txt: Removed. 9 * dom/xhtml/level3/core/documentsetdocumenturi01.xhtml-disabled: Renamed from LayoutTests/dom/xhtml/level3/core/documentsetdocumenturi01.xhtml. 10 * dom/xhtml/level3/core/documentsetdocumenturi02-expected.txt: Removed. 11 * dom/xhtml/level3/core/documentsetdocumenturi02.xhtml-disabled: Renamed from LayoutTests/dom/xhtml/level3/core/documentsetdocumenturi02.xhtml. 12 Disabling these two tests, because they write out documentURI which is a `file:` URL dependent on a local path. 13 * dom/xhtml/level3/core/documentsetdocumenturi03-expected.txt: 14 * dom/xhtml/level3/core/nodegetbaseuri02-expected.txt: 15 Updating these two tests to match the new, read-only behavior. 16 * fast/dom/documenturi-affects-relative-paths-expected.txt: Removed. 17 * fast/dom/documenturi-affects-relative-paths.html: Removed. 18 * fast/dom/documenturi-assigned-junk-implies-baseuri-null-expected.txt: Removed. 19 * fast/dom/documenturi-assigned-junk-implies-baseuri-null.html: Removed. 20 * fast/dom/documenturi-assigned-junk-implies-relative-urls-do-not-resolve-expected.txt: Removed. 21 * fast/dom/documenturi-assigned-junk-implies-relative-urls-do-not-resolve.html: Removed. 22 * fast/dom/documenturi-can-hold-arbitrary-string-expected.txt: Removed. 23 * fast/dom/documenturi-can-hold-arbitrary-string.html: Removed. 24 Removing now-irrelevant tests. 25 * fast/dom/documenturi-readonly-expected.txt: Added. 26 * fast/dom/documenturi-readonly.html: Added. 27 Adding a test to verify that document.documentURI is read-only. 28 * http/tests/security/xss-DENIED-document-baseURI-javascript-expected.txt: Removed. 29 * http/tests/security/xss-DENIED-document-baseURI-javascript-with-spaces-expected.txt: Removed. 30 * http/tests/security/xss-DENIED-document-baseURI-javascript-with-spaces.html: Removed. 31 * http/tests/security/xss-DENIED-document-baseURI-javascript.html: Removed. 32 * platform/chromium/dom/xhtml/level3/core/nodegetbaseuri02-expected.txt: Added 33 Platform-specific result for Chromium, which doesn't set the `line` property on exceptions. 34 * storage/domstorage/events/documentURI-expected.txt: Removed. 35 * storage/domstorage/events/documentURI.html: Removed. 36 * storage/domstorage/events/script-tests/documentURI.js: Removed. 37 Removing now-irrelevant tests. 38 1 39 2012-06-12 Christophe Dumez <christophe.dumez@intel.com> 2 40 -
trunk/LayoutTests/dom/xhtml/level3/core/documentsetdocumenturi03-expected.txt
r21687 r120093 1 1 Test http://www.w3.org/2001/DOM-Test-Suite/level3/core/documentsetdocumenturi03 2 Status Success 2 Status failure 3 Message documentsetdocumenturi03: assertEquals failed, actual null, expected somestring. -
trunk/LayoutTests/dom/xhtml/level3/core/nodegetbaseuri02-expected.txt
r21687 r120093 1 1 Test http://www.w3.org/2001/DOM-Test-Suite/level3/core/nodegetbaseuri02 2 Status Success 2 Status error 3 Message Line 120: TypeError -
trunk/LayoutTests/platform/chromium/dom/xhtml/level3/core/nodegetbaseuri02-expected.txt
r120092 r120093 1 1 Test http://www.w3.org/2001/DOM-Test-Suite/level3/core/nodegetbaseuri02 2 Status Success 2 Status error 3 Message Line undefined: TypeError -
trunk/Source/WebCore/ChangeLog
r120092 r120093 1 2012-06-12 Mike West <mkwst@chromium.org> 2 3 Make document.documentURI readonly from JavaScript 4 https://bugs.webkit.org/show_bug.cgi?id=65187 5 6 Reviewed by Alexey Proskuryakov. 7 8 The DOM4 working draft marks the documentURI attribute as read only 9 (http://www.w3.org/TR/dom/#document). Firefox has shipped with this 10 behavior since https://hg.mozilla.org/mozilla-central/rev/3bc751906409 11 landed in October 2011, IE9 doesn't support the property, and 12 Opera throws a NO_MODIFICATION_ALLOWED_ERR. This patch changes WebKit 13 to silently fail (matching Firefox's behavior) by setting the property 14 to readonly in the IDL. 15 16 Document::setDocumentURI and the m_documentURI property are retained 17 for compatibility with ObjC clients, and the readonly attribute is 18 ifdeffed out for ObjC. 19 20 This patch adds a single test to verify the behavior, and removes a 21 variety of tests that depended on the writable behavior. In particular, 22 potential security issues involving the document.baseURL property are 23 avoided completely as long as this property can't be changed. 24 25 Test: fast/dom/documenturi-readonly.html 26 27 * dom/Document.cpp: 28 (WebCore::Document::setDocumentURI): 29 Adds a comment explaining that the fallback is necessary only to 30 support ObjC, not for JS calls. 31 * dom/Document.cpp: 32 (WebCore::Document::updateBaseURL): 33 Ditto. 34 (Document): 35 * dom/Document.idl: 36 Add readonly to the attribute and drop null value when not in 37 LANGUAGE_OBJECTIVE_C. 38 1 39 2012-06-12 Silvia Pfeiffer <silviapf@chromium.org> 2 40 -
trunk/Source/WebCore/dom/Document.cpp
r120057 r120093 1317 1317 void Document::setDocumentURI(const String& uri) 1318 1318 { 1319 // This property is read-only from JavaScript, but writable from Objective-C. 1319 1320 m_documentURI = uri; 1320 1321 updateBaseURL(); … … 2689 2690 m_baseURL = m_baseURLOverride; 2690 2691 else { 2691 // The documentURI attribute is an arbitrary string. DOM 3 Core does not specify how it should be resolved, 2692 // so we use a null base URL. 2692 // The documentURI attribute is read-only from JavaScript, but writable from Objective C, so we need to retain 2693 // this fallback behavior. We use a null base URL, since the documentURI attribute is an arbitrary string 2694 // and DOM 3 Core does not specify how it should be resolved. 2693 2695 m_baseURL = KURL(KURL(), documentURI()); 2694 2696 } -
trunk/Source/WebCore/dom/Document.h
r120057 r120093 1233 1233 // document contains a <base> element, in which case the <base> element 1234 1234 // takes precedence. 1235 // 1236 // This property is read-only from JavaScript, but writable from Objective C. 1235 1237 String m_documentURI; 1236 1238 -
trunk/Source/WebCore/dom/Document.idl
r120031 r120093 76 76 raises (DOMException); 77 77 78 #if defined(LANGUAGE_OBJECTIVE_C) && LANGUAGE_OBJECTIVE_C 79 // document.documentURI was writable in DOM3 Core, but is read-only in DOM4 80 // (see http://www.w3.org/TR/2011/WD-dom-20110915/#document). We need to keep 81 // the writable version around for Objective C clients, but are moving to 82 // read-only for other clients. 78 83 attribute [TreatReturnedNullStringAs=Null, TreatNullAs=NullString] DOMString documentURI; 84 #else 85 readonly attribute [TreatReturnedNullStringAs=Null] DOMString documentURI; 86 #endif 79 87 80 88 // DOM Level 2 Events (DocumentEvents interface) -
trunk/Tools/ChangeLog
r120084 r120093 1 2012-06-12 Mike West <mkwst@chromium.org> 2 3 Make document.documentURI readonly from JavaScript 4 https://bugs.webkit.org/show_bug.cgi?id=65187 5 6 Reviewed by Alexey Proskuryakov. 7 8 * TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj: 9 * TestWebKitAPI/Tests/mac/SetDocumentURI.html: Added. 10 * TestWebKitAPI/Tests/mac/SetDocumentURI.mm: Added. 11 (-[SetDocumentURITest webView:didFinishLoadForFrame:]): 12 (TestWebKitAPI): 13 (TestWebKitAPI::TEST): 14 1 15 2012-06-12 Christophe Dumez <christophe.dumez@intel.com> 2 16 -
trunk/Tools/TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj
r117870 r120093 51 51 520BCF4C141EB09E00937EA8 /* WebArchive_Bundle.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 520BCF4A141EB09E00937EA8 /* WebArchive_Bundle.cpp */; }; 52 52 520BCF4D141EB09E00937EA8 /* WebArchive.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 520BCF4B141EB09E00937EA8 /* WebArchive.cpp */; }; 53 52B8CF9615868CF000281053 /* SetDocumentURI.mm in Sources */ = {isa = PBXBuildFile; fileRef = 52B8CF9515868CF000281053 /* SetDocumentURI.mm */; }; 54 52B8CF9815868D9100281053 /* SetDocumentURI.html in Copy Resources */ = {isa = PBXBuildFile; fileRef = 52B8CF9415868CF000281053 /* SetDocumentURI.html */; }; 53 55 52CB47411448FB9300873995 /* LoadAlternateHTMLStringWithNonDirectoryURL.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 52CB47401448FB9300873995 /* LoadAlternateHTMLStringWithNonDirectoryURL.cpp */; }; 54 56 52E5CE4614D21E9D003B2BD8 /* ParentFrame.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 52E5CE4514D21E9D003B2BD8 /* ParentFrame.cpp */; }; … … 180 182 dstSubfolderSpec = 7; 181 183 files = ( 184 52B8CF9815868D9100281053 /* SetDocumentURI.html in Copy Resources */, 182 185 B55F11BE15191A0600915916 /* Ahem.ttf in Copy Resources */, 183 186 B55F11B71517D03300915916 /* attributedStringCustomFont.html in Copy Resources */, … … 255 258 520BCF4A141EB09E00937EA8 /* WebArchive_Bundle.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = WebArchive_Bundle.cpp; sourceTree = "<group>"; }; 256 259 520BCF4B141EB09E00937EA8 /* WebArchive.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = WebArchive.cpp; sourceTree = "<group>"; }; 260 52B8CF9415868CF000281053 /* SetDocumentURI.html */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = text.html; path = SetDocumentURI.html; sourceTree = "<group>"; }; 261 52B8CF9515868CF000281053 /* SetDocumentURI.mm */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.objcpp; path = SetDocumentURI.mm; sourceTree = "<group>"; }; 257 262 52CB47401448FB9300873995 /* LoadAlternateHTMLStringWithNonDirectoryURL.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = LoadAlternateHTMLStringWithNonDirectoryURL.cpp; sourceTree = "<group>"; }; 258 263 52E5CE4514D21E9D003B2BD8 /* ParentFrame.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = ParentFrame.cpp; sourceTree = "<group>"; }; … … 658 663 517E7DFB15110EA600D0B008 /* MemoryCachePruneWithinResourceLoadDelegate.mm */, 659 664 3722C8681461E03E00C45D00 /* RenderedImageFromDOMRange.mm */, 665 52B8CF9515868CF000281053 /* SetDocumentURI.mm */, 660 666 C540F775152E4DA000A40C8C /* SimplifyMarkup.mm */, 661 667 3799AD3914120A43005EB0C6 /* StringByEvaluatingJavaScriptFromString.mm */, … … 670 676 isa = PBXGroup; 671 677 children = ( 678 52B8CF9415868CF000281053 /* SetDocumentURI.html */, 672 679 B55F11B9151916E600915916 /* Ahem.ttf */, 673 680 B55F11B01517A2C400915916 /* attributedStringCustomFont.html */, … … 884 891 F6F49C6915545C8E0007F39D /* DOMWindowExtensionNoCache.cpp in Sources */, 885 892 51E93017156B13E1004C99DF /* WKPageGetScaleFactorNotZero.cpp in Sources */, 893 52B8CF9615868CF000281053 /* SetDocumentURI.mm in Sources */, 886 894 ); 887 895 runOnlyForDeploymentPostprocessing = 0;
Note: See TracChangeset
for help on using the changeset viewer.