Changeset 120093 in webkit


Ignore:
Timestamp:
Jun 12, 2012 11:02:56 AM (12 years ago)
Author:
commit-queue@webkit.org
Message:

Make document.documentURI readonly from JavaScript
https://bugs.webkit.org/show_bug.cgi?id=65187

Patch by Mike West <mkwst@chromium.org> on 2012-06-12
Reviewed by Alexey Proskuryakov.

Source/WebCore:

The DOM4 working draft marks the documentURI attribute as read only
(http://www.w3.org/TR/dom/#document). Firefox has shipped with this
behavior since https://hg.mozilla.org/mozilla-central/rev/3bc751906409
landed in October 2011, IE9 doesn't support the property, and
Opera throws a NO_MODIFICATION_ALLOWED_ERR. This patch changes WebKit
to silently fail (matching Firefox's behavior) by setting the property
to readonly in the IDL.

Document::setDocumentURI and the m_documentURI property are retained
for compatibility with ObjC clients, and the readonly attribute is
ifdeffed out for ObjC.

This patch adds a single test to verify the behavior, and removes a
variety of tests that depended on the writable behavior. In particular,
potential security issues involving the document.baseURL property are
avoided completely as long as this property can't be changed.

Test: fast/dom/documenturi-readonly.html

  • dom/Document.cpp:

(WebCore::Document::setDocumentURI):

Adds a comment explaining that the fallback is necessary only to
support ObjC, not for JS calls.

  • dom/Document.cpp:

(WebCore::Document::updateBaseURL):

Ditto.

(Document):

  • dom/Document.idl:

Add readonly to the attribute and drop null value when not in
LANGUAGE_OBJECTIVE_C.

Tools:

  • TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj:
  • TestWebKitAPI/Tests/mac/SetDocumentURI.html: Added.
  • TestWebKitAPI/Tests/mac/SetDocumentURI.mm: Added.

(-[SetDocumentURITest webView:didFinishLoadForFrame:]):
(TestWebKitAPI):
(TestWebKitAPI::TEST):

LayoutTests:

  • dom/xhtml/level3/core/documentsetdocumenturi01-expected.txt: Removed.
  • dom/xhtml/level3/core/documentsetdocumenturi01.xhtml-disabled: Renamed from LayoutTests/dom/xhtml/level3/core/documentsetdocumenturi01.xhtml.
  • dom/xhtml/level3/core/documentsetdocumenturi02-expected.txt: Removed.
  • dom/xhtml/level3/core/documentsetdocumenturi02.xhtml-disabled: Renamed from LayoutTests/dom/xhtml/level3/core/documentsetdocumenturi02.xhtml.

Disabling these two tests, because they write out documentURI which is a file: URL dependent on a local path.

  • dom/xhtml/level3/core/documentsetdocumenturi03-expected.txt:
  • dom/xhtml/level3/core/nodegetbaseuri02-expected.txt:

Updating these two tests to match the new, read-only behavior.

  • fast/dom/documenturi-affects-relative-paths-expected.txt: Removed.
  • fast/dom/documenturi-affects-relative-paths.html: Removed.
  • fast/dom/documenturi-assigned-junk-implies-baseuri-null-expected.txt: Removed.
  • fast/dom/documenturi-assigned-junk-implies-baseuri-null.html: Removed.
  • fast/dom/documenturi-assigned-junk-implies-relative-urls-do-not-resolve-expected.txt: Removed.
  • fast/dom/documenturi-assigned-junk-implies-relative-urls-do-not-resolve.html: Removed.
  • fast/dom/documenturi-can-hold-arbitrary-string-expected.txt: Removed.
  • fast/dom/documenturi-can-hold-arbitrary-string.html: Removed.

Removing now-irrelevant tests.

  • fast/dom/documenturi-readonly-expected.txt: Added.
  • fast/dom/documenturi-readonly.html: Added.

Adding a test to verify that document.documentURI is read-only.

  • http/tests/security/xss-DENIED-document-baseURI-javascript-expected.txt: Removed.
  • http/tests/security/xss-DENIED-document-baseURI-javascript-with-spaces-expected.txt: Removed.
  • http/tests/security/xss-DENIED-document-baseURI-javascript-with-spaces.html: Removed.
  • http/tests/security/xss-DENIED-document-baseURI-javascript.html: Removed.
  • platform/chromium/dom/xhtml/level3/core/nodegetbaseuri02-expected.txt: Added

Platform-specific result for Chromium, which doesn't set the line property on exceptions.

  • storage/domstorage/events/documentURI-expected.txt: Removed.
  • storage/domstorage/events/documentURI.html: Removed.
  • storage/domstorage/events/script-tests/documentURI.js: Removed.

Removing now-irrelevant tests.

Location:
trunk
Files:
4 added
17 deleted
9 edited
1 copied
2 moved

Legend:

Unmodified
Added
Removed
  • trunk/LayoutTests/ChangeLog

    r120084 r120093  
     12012-06-12  Mike West  <mkwst@chromium.org>
     2
     3        Make document.documentURI readonly from JavaScript
     4        https://bugs.webkit.org/show_bug.cgi?id=65187
     5
     6        Reviewed by Alexey Proskuryakov.
     7
     8        * dom/xhtml/level3/core/documentsetdocumenturi01-expected.txt: Removed.
     9        * dom/xhtml/level3/core/documentsetdocumenturi01.xhtml-disabled: Renamed from LayoutTests/dom/xhtml/level3/core/documentsetdocumenturi01.xhtml.
     10        * dom/xhtml/level3/core/documentsetdocumenturi02-expected.txt: Removed.
     11        * dom/xhtml/level3/core/documentsetdocumenturi02.xhtml-disabled: Renamed from LayoutTests/dom/xhtml/level3/core/documentsetdocumenturi02.xhtml.
     12            Disabling these two tests, because they write out documentURI which is a `file:` URL dependent on a local path.
     13        * dom/xhtml/level3/core/documentsetdocumenturi03-expected.txt:
     14        * dom/xhtml/level3/core/nodegetbaseuri02-expected.txt:
     15            Updating these two tests to match the new, read-only behavior.
     16        * fast/dom/documenturi-affects-relative-paths-expected.txt: Removed.
     17        * fast/dom/documenturi-affects-relative-paths.html: Removed.
     18        * fast/dom/documenturi-assigned-junk-implies-baseuri-null-expected.txt: Removed.
     19        * fast/dom/documenturi-assigned-junk-implies-baseuri-null.html: Removed.
     20        * fast/dom/documenturi-assigned-junk-implies-relative-urls-do-not-resolve-expected.txt: Removed.
     21        * fast/dom/documenturi-assigned-junk-implies-relative-urls-do-not-resolve.html: Removed.
     22        * fast/dom/documenturi-can-hold-arbitrary-string-expected.txt: Removed.
     23        * fast/dom/documenturi-can-hold-arbitrary-string.html: Removed.
     24            Removing now-irrelevant tests.
     25        * fast/dom/documenturi-readonly-expected.txt: Added.
     26        * fast/dom/documenturi-readonly.html: Added.
     27            Adding a test to verify that document.documentURI is read-only.
     28        * http/tests/security/xss-DENIED-document-baseURI-javascript-expected.txt: Removed.
     29        * http/tests/security/xss-DENIED-document-baseURI-javascript-with-spaces-expected.txt: Removed.
     30        * http/tests/security/xss-DENIED-document-baseURI-javascript-with-spaces.html: Removed.
     31        * http/tests/security/xss-DENIED-document-baseURI-javascript.html: Removed.
     32        * platform/chromium/dom/xhtml/level3/core/nodegetbaseuri02-expected.txt: Added
     33            Platform-specific result for Chromium, which doesn't set the `line` property on exceptions.
     34        * storage/domstorage/events/documentURI-expected.txt: Removed.
     35        * storage/domstorage/events/documentURI.html: Removed.
     36        * storage/domstorage/events/script-tests/documentURI.js: Removed.
     37            Removing now-irrelevant tests.
     38
    1392012-06-12  Christophe Dumez  <christophe.dumez@intel.com>
    240
  • trunk/LayoutTests/dom/xhtml/level3/core/documentsetdocumenturi03-expected.txt

    r21687 r120093  
    11Test    http://www.w3.org/2001/DOM-Test-Suite/level3/core/documentsetdocumenturi03
    2 Status  Success
     2Status  failure
     3Message documentsetdocumenturi03: assertEquals failed, actual null, expected somestring.
  • trunk/LayoutTests/dom/xhtml/level3/core/nodegetbaseuri02-expected.txt

    r21687 r120093  
    11Test    http://www.w3.org/2001/DOM-Test-Suite/level3/core/nodegetbaseuri02
    2 Status  Success
     2Status  error
     3Message Line 120: TypeError
  • trunk/LayoutTests/platform/chromium/dom/xhtml/level3/core/nodegetbaseuri02-expected.txt

    r120092 r120093  
    11Test    http://www.w3.org/2001/DOM-Test-Suite/level3/core/nodegetbaseuri02
    2 Status  Success
     2Status  error
     3Message Line undefined: TypeError
  • trunk/Source/WebCore/ChangeLog

    r120092 r120093  
     12012-06-12  Mike West  <mkwst@chromium.org>
     2
     3        Make document.documentURI readonly from JavaScript
     4        https://bugs.webkit.org/show_bug.cgi?id=65187
     5
     6        Reviewed by Alexey Proskuryakov.
     7
     8        The DOM4 working draft marks the documentURI attribute as read only
     9        (http://www.w3.org/TR/dom/#document). Firefox has shipped with this
     10        behavior since https://hg.mozilla.org/mozilla-central/rev/3bc751906409
     11        landed in October 2011, IE9 doesn't support the property, and
     12        Opera throws a NO_MODIFICATION_ALLOWED_ERR. This patch changes WebKit
     13        to silently fail (matching Firefox's behavior) by setting the property
     14        to readonly in the IDL.
     15
     16        Document::setDocumentURI and the m_documentURI property are retained
     17        for compatibility with ObjC clients, and the readonly attribute is
     18        ifdeffed out for ObjC.
     19
     20        This patch adds a single test to verify the behavior, and removes a
     21        variety of tests that depended on the writable behavior. In particular,
     22        potential security issues involving the document.baseURL property are
     23        avoided completely as long as this property can't be changed.
     24
     25        Test: fast/dom/documenturi-readonly.html
     26
     27        * dom/Document.cpp:
     28        (WebCore::Document::setDocumentURI):
     29            Adds a comment explaining that the fallback is necessary only to
     30            support ObjC, not for JS calls.
     31        * dom/Document.cpp:
     32        (WebCore::Document::updateBaseURL):
     33            Ditto.
     34        (Document):
     35        * dom/Document.idl:
     36            Add readonly to the attribute and drop null value when not in
     37            LANGUAGE_OBJECTIVE_C.
     38
    1392012-06-12  Silvia Pfeiffer  <silviapf@chromium.org>
    240
  • trunk/Source/WebCore/dom/Document.cpp

    r120057 r120093  
    13171317void Document::setDocumentURI(const String& uri)
    13181318{
     1319    // This property is read-only from JavaScript, but writable from Objective-C.
    13191320    m_documentURI = uri;
    13201321    updateBaseURL();
     
    26892690        m_baseURL = m_baseURLOverride;
    26902691    else {
    2691         // The documentURI attribute is an arbitrary string. DOM 3 Core does not specify how it should be resolved,
    2692         // so we use a null base URL.
     2692        // The documentURI attribute is read-only from JavaScript, but writable from Objective C, so we need to retain
     2693        // this fallback behavior. We use a null base URL, since the documentURI attribute is an arbitrary string
     2694        // and DOM 3 Core does not specify how it should be resolved.
    26932695        m_baseURL = KURL(KURL(), documentURI());
    26942696    }
  • trunk/Source/WebCore/dom/Document.h

    r120057 r120093  
    12331233    // document contains a <base> element, in which case the <base> element
    12341234    // takes precedence.
     1235    //
     1236    // This property is read-only from JavaScript, but writable from Objective C.
    12351237    String m_documentURI;
    12361238
  • trunk/Source/WebCore/dom/Document.idl

    r120031 r120093  
    7676            raises (DOMException);
    7777
     78#if defined(LANGUAGE_OBJECTIVE_C) && LANGUAGE_OBJECTIVE_C
     79        // document.documentURI was writable in DOM3 Core, but is read-only in DOM4
     80        // (see http://www.w3.org/TR/2011/WD-dom-20110915/#document). We need to keep
     81        // the writable version around for Objective C clients, but are moving to
     82        // read-only for other clients.
    7883                 attribute [TreatReturnedNullStringAs=Null, TreatNullAs=NullString] DOMString documentURI;
     84#else
     85        readonly attribute [TreatReturnedNullStringAs=Null] DOMString documentURI;
     86#endif
    7987
    8088        // DOM Level 2 Events (DocumentEvents interface)
  • trunk/Tools/ChangeLog

    r120084 r120093  
     12012-06-12  Mike West  <mkwst@chromium.org>
     2
     3        Make document.documentURI readonly from JavaScript
     4        https://bugs.webkit.org/show_bug.cgi?id=65187
     5
     6        Reviewed by Alexey Proskuryakov.
     7
     8        * TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj:
     9        * TestWebKitAPI/Tests/mac/SetDocumentURI.html: Added.
     10        * TestWebKitAPI/Tests/mac/SetDocumentURI.mm: Added.
     11        (-[SetDocumentURITest webView:didFinishLoadForFrame:]):
     12        (TestWebKitAPI):
     13        (TestWebKitAPI::TEST):
     14
    1152012-06-12  Christophe Dumez  <christophe.dumez@intel.com>
    216
  • trunk/Tools/TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj

    r117870 r120093  
    5151                520BCF4C141EB09E00937EA8 /* WebArchive_Bundle.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 520BCF4A141EB09E00937EA8 /* WebArchive_Bundle.cpp */; };
    5252                520BCF4D141EB09E00937EA8 /* WebArchive.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 520BCF4B141EB09E00937EA8 /* WebArchive.cpp */; };
     53                52B8CF9615868CF000281053 /* SetDocumentURI.mm in Sources */ = {isa = PBXBuildFile; fileRef = 52B8CF9515868CF000281053 /* SetDocumentURI.mm */; };
     54                52B8CF9815868D9100281053 /* SetDocumentURI.html in Copy Resources */ = {isa = PBXBuildFile; fileRef = 52B8CF9415868CF000281053 /* SetDocumentURI.html */; };
    5355                52CB47411448FB9300873995 /* LoadAlternateHTMLStringWithNonDirectoryURL.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 52CB47401448FB9300873995 /* LoadAlternateHTMLStringWithNonDirectoryURL.cpp */; };
    5456                52E5CE4614D21E9D003B2BD8 /* ParentFrame.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 52E5CE4514D21E9D003B2BD8 /* ParentFrame.cpp */; };
     
    180182                        dstSubfolderSpec = 7;
    181183                        files = (
     184                                52B8CF9815868D9100281053 /* SetDocumentURI.html in Copy Resources */,
    182185                                B55F11BE15191A0600915916 /* Ahem.ttf in Copy Resources */,
    183186                                B55F11B71517D03300915916 /* attributedStringCustomFont.html in Copy Resources */,
     
    255258                520BCF4A141EB09E00937EA8 /* WebArchive_Bundle.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = WebArchive_Bundle.cpp; sourceTree = "<group>"; };
    256259                520BCF4B141EB09E00937EA8 /* WebArchive.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = WebArchive.cpp; sourceTree = "<group>"; };
     260                52B8CF9415868CF000281053 /* SetDocumentURI.html */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = text.html; path = SetDocumentURI.html; sourceTree = "<group>"; };
     261                52B8CF9515868CF000281053 /* SetDocumentURI.mm */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.objcpp; path = SetDocumentURI.mm; sourceTree = "<group>"; };
    257262                52CB47401448FB9300873995 /* LoadAlternateHTMLStringWithNonDirectoryURL.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = LoadAlternateHTMLStringWithNonDirectoryURL.cpp; sourceTree = "<group>"; };
    258263                52E5CE4514D21E9D003B2BD8 /* ParentFrame.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = ParentFrame.cpp; sourceTree = "<group>"; };
     
    658663                                517E7DFB15110EA600D0B008 /* MemoryCachePruneWithinResourceLoadDelegate.mm */,
    659664                                3722C8681461E03E00C45D00 /* RenderedImageFromDOMRange.mm */,
     665                                52B8CF9515868CF000281053 /* SetDocumentURI.mm */,
    660666                                C540F775152E4DA000A40C8C /* SimplifyMarkup.mm */,
    661667                                3799AD3914120A43005EB0C6 /* StringByEvaluatingJavaScriptFromString.mm */,
     
    670676                        isa = PBXGroup;
    671677                        children = (
     678                                52B8CF9415868CF000281053 /* SetDocumentURI.html */,
    672679                                B55F11B9151916E600915916 /* Ahem.ttf */,
    673680                                B55F11B01517A2C400915916 /* attributedStringCustomFont.html */,
     
    884891                                F6F49C6915545C8E0007F39D /* DOMWindowExtensionNoCache.cpp in Sources */,
    885892                                51E93017156B13E1004C99DF /* WKPageGetScaleFactorNotZero.cpp in Sources */,
     893                                52B8CF9615868CF000281053 /* SetDocumentURI.mm in Sources */,
    886894                        );
    887895                        runOnlyForDeploymentPostprocessing = 0;
Note: See TracChangeset for help on using the changeset viewer.