Changeset 125613 in webkit


Ignore:
Timestamp:
Aug 14, 2012, 3:14:47 PM (13 years ago)
Author:
abarth@webkit.org
Message:

Delete DOMWindow::m_url
https://bugs.webkit.org/show_bug.cgi?id=93989

Reviewed by Eric Seidel.

Source/WebCore:

There's no reason for DOMWindow to keep a separate copy of the
Document's URL now that there is a predictable way to get a Document
from a DOMWindow.

  • loader/DocumentWriter.cpp:

(WebCore::DocumentWriter::begin):

  • loader/FrameLoader.cpp:

(WebCore::FrameLoader::open):

  • page/DOMWindow.cpp:

(WebCore::DOMWindow::crossDomainAccessErrorMessage):

  • page/DOMWindow.h:

(DOMWindow):

LayoutTests:

The error messages for these tests now relect the document's updated
URL after document.write has changed the URL. Previously, we failed to
sync these changes to DOMWindow::m_url, which is why the error messages
showed the wrong URL.

  • http/tests/security/aboutBlank/xss-DENIED-navigate-opener-document-write-expected.txt:
  • http/tests/security/aboutBlank/xss-DENIED-set-opener-expected.txt:
Location:
trunk
Files:
8 edited

Legend:

Unmodified
Added
Removed

  • trunk/LayoutTests/ChangeLog

    r125610 r125613  
     12012-08-14  Adam Barth  <abarth@webkit.org>
     2
     3        Delete DOMWindow::m_url
     4        https://bugs.webkit.org/show_bug.cgi?id=93989
     5
     6        Reviewed by Eric Seidel.
     7
     8        The error messages for these tests now relect the document's updated
     9        URL after document.write has changed the URL. Previously, we failed to
     10        sync these changes to DOMWindow::m_url, which is why the error messages
     11        showed the wrong URL.
     12
     13        * http/tests/security/aboutBlank/xss-DENIED-navigate-opener-document-write-expected.txt:
     14        * http/tests/security/aboutBlank/xss-DENIED-set-opener-expected.txt:
     15
    1162012-08-14  Andrei Onea  <onea@adobe.com>
    217

  • trunk/LayoutTests/http/tests/security/aboutBlank/xss-DENIED-navigate-opener-document-write-expected.txt

    r120174 r125613  
    1 CONSOLE MESSAGE: Unsafe JavaScript attempt to access frame with URL http://localhost:8000/security/resources/innocent-victim-with-notify.html from frame with URL about:blank. Domains, protocols and ports must match.
     1CONSOLE MESSAGE: Unsafe JavaScript attempt to access frame with URL http://localhost:8000/security/resources/innocent-victim-with-notify.html from frame with URL http://127.0.0.1:8000/security/aboutBlank/xss-DENIED-navigate-opener-document-write.html. Domains, protocols and ports must match.
    22
    33CONSOLE MESSAGE: line 1: TypeError: 'undefined' is not an object (evaluating 'target.document.body')

  • trunk/LayoutTests/http/tests/security/aboutBlank/xss-DENIED-set-opener-expected.txt

    r120174 r125613  
    11CONSOLE MESSAGE: Unsafe JavaScript attempt to access frame with URL http://localhost:8000/security/resources/innocent-victim.html from frame with URL http://127.0.0.1:8000/security/aboutBlank/xss-DENIED-set-opener.html. Domains, protocols and ports must match.
    22
    3 CONSOLE MESSAGE: Unsafe JavaScript attempt to access frame with URL http://localhost:8000/security/resources/innocent-victim.html from frame with URL about:blank. Domains, protocols and ports must match.
     3CONSOLE MESSAGE: Unsafe JavaScript attempt to access frame with URL http://localhost:8000/security/resources/innocent-victim.html from frame with URL http://127.0.0.1:8000/security/aboutBlank/xss-DENIED-set-opener.html. Domains, protocols and ports must match.
    44
    55CONSOLE MESSAGE: line 1: TypeError: 'undefined' is not an object (evaluating 'target.document.body')

  • trunk/Source/WebCore/ChangeLog

    r125612 r125613  
     12012-08-14  Adam Barth  <abarth@webkit.org>
     2
     3        Delete DOMWindow::m_url
     4        https://bugs.webkit.org/show_bug.cgi?id=93989
     5
     6        Reviewed by Eric Seidel.
     7
     8        There's no reason for DOMWindow to keep a separate copy of the
     9        Document's URL now that there is a predictable way to get a Document
     10        from a DOMWindow.
     11
     12        * loader/DocumentWriter.cpp:
     13        (WebCore::DocumentWriter::begin):
     14        * loader/FrameLoader.cpp:
     15        (WebCore::FrameLoader::open):
     16        * page/DOMWindow.cpp:
     17        (WebCore::DOMWindow::crossDomainAccessErrorMessage):
     18        * page/DOMWindow.h:
     19        (DOMWindow):
     20
    1212012-08-14  Nikhil Bhargava  <nbhargava@google.com>
    222

  • trunk/Source/WebCore/loader/DocumentWriter.cpp

    r125592 r125613  
    147147        document->setSecurityOrigin(ownerDocument->securityOrigin());
    148148    }
    149 
    150     // FIXME: DOMWindow should get the URL from the document itself.
    151     m_frame->domWindow()->setURL(document->url());
    152149
    153150    m_frame->loader()->didBeginDocument(dispatch);

  • trunk/Source/WebCore/loader/FrameLoader.cpp

    r125592 r125613  
    19501950    m_frame->setDocument(document);
    19511951    document->domWindow()->resumeFromPageCache();
    1952     // FIXME: This shouldn't be necessary now that Document owns the DOMWindow.
    1953     m_frame->domWindow()->setURL(document->url());
    19541952
    19551953    updateFirstPartyForCookies();

  • trunk/Source/WebCore/page/DOMWindow.cpp

    r125592 r125613  
    17611761String DOMWindow::crossDomainAccessErrorMessage(DOMWindow* activeWindow)
    17621762{
    1763     const KURL& activeWindowURL = activeWindow->url();
     1763    const KURL& activeWindowURL = activeWindow->document()->url();
    17641764    if (activeWindowURL.isNull())
    17651765        return String();
     
    17681768    // Perhaps we should involve the security origin object in composing it.
    17691769    // FIXME: This message, and other console messages, have extra newlines. Should remove them.
    1770     return "Unsafe JavaScript attempt to access frame with URL " + m_url.string() + " from frame with URL " + activeWindowURL.string() + ". Domains, protocols and ports must match.\n";
     1770    return "Unsafe JavaScript attempt to access frame with URL " + document()->url().string() + " from frame with URL " + activeWindowURL.string() + ". Domains, protocols and ports must match.\n";
    17711771}
    17721772

  • trunk/Source/WebCore/page/DOMWindow.h

    r125592 r125613  
    118118        // FIXME: Callers should use document()->securityOrigin() directly.
    119119        SecurityOrigin* securityOrigin() const;
    120 
    121         // FIXME: We should get the URL from document()->url() directly.
    122         void setURL(const KURL& url) { m_url = url; }
    123         KURL url() const { return m_url; }
    124120
    125121        unsigned pendingUnloadEventListeners() const;
     
    435431        void willDestroyDocumentInFrame();
    436432
    437         KURL m_url;
    438 
    439433        bool m_shouldPrintWhenFinishedLoading;
    440434        bool m_suspendedForPageCache;
Note: See TracChangeset for help on using the changeset viewer.