Changeset 126171 in webkit

Timestamp:

Aug 21, 2012 10:42:50 AM (12 years ago)

Author:

scheib@chromium.org

Message:

Add parsing logic for allow-pointer-lock to iframe sandbox attribute.
​https://bugs.webkit.org/show_bug.cgi?id=94513

Reviewed by Adam Barth.

Pointer lock was previously blocked from all sandboxed iframes.
Parsing the sandbox="allow-pointer-lock" attribute allows pages
to control the feature and enable it in sandboxed iframes.

Source/WebCore:

Tests: http/tests/pointer-lock/iframe-sandboxed-allow-pointer-lock.html

http/tests/pointer-lock/iframe-sandboxed-nested-allow-pointer-lock.html
http/tests/pointer-lock/iframe-sandboxed-nested-disallow-then-allow-pointer-lock.html

• dom/SecurityContext.cpp:

(WebCore::SecurityContext::parseSandboxPolicy):

LayoutTests:

• http/tests/pointer-lock/iframe-sandboxed-allow-pointer-lock-expected.txt: Added.
• http/tests/pointer-lock/iframe-sandboxed-allow-pointer-lock.html: Copied from LayoutTests/http/tests/pointer-lock/iframe-sandboxed.html.
• http/tests/pointer-lock/iframe-sandboxed-nested-allow-pointer-lock-expected.txt: Added.
• http/tests/pointer-lock/iframe-sandboxed-nested-allow-pointer-lock.html: Copied from LayoutTests/http/tests/pointer-lock/iframe-sandboxed.html.
• http/tests/pointer-lock/iframe-sandboxed-nested-disallow-then-allow-pointer-lock-expected.txt: Added.
• http/tests/pointer-lock/iframe-sandboxed-nested-disallow-then-allow-pointer-lock.html: Copied from LayoutTests/http/tests/pointer-lock/iframe-sandboxed.html.
• http/tests/pointer-lock/iframe-sandboxed.html:
• http/tests/resources/pointer-lock/iframe-allows-inner-iframe.html: Added.
• http/tests/resources/pointer-lock/iframe-common.js:

(window.onmessage):

Location:

trunk

Files:

• LayoutTests/ChangeLog (modified) (1 diff)
• LayoutTests/http/tests/pointer-lock/iframe-sandboxed-allow-pointer-lock-expected.txt (added)
• LayoutTests/http/tests/pointer-lock/iframe-sandboxed-allow-pointer-lock.html (copied) (copied from trunk/LayoutTests/http/tests/pointer-lock/iframe-sandboxed.html) (2 diffs)
• LayoutTests/http/tests/pointer-lock/iframe-sandboxed-nested-allow-pointer-lock-expected.txt (added)
• LayoutTests/http/tests/pointer-lock/iframe-sandboxed-nested-allow-pointer-lock.html (copied) (copied from trunk/LayoutTests/http/tests/pointer-lock/iframe-sandboxed.html) (2 diffs)
• LayoutTests/http/tests/pointer-lock/iframe-sandboxed-nested-disallow-then-allow-pointer-lock-expected.txt (added)
• LayoutTests/http/tests/pointer-lock/iframe-sandboxed-nested-disallow-then-allow-pointer-lock.html (copied) (copied from trunk/LayoutTests/http/tests/pointer-lock/iframe-sandboxed.html) (2 diffs)
• LayoutTests/http/tests/pointer-lock/iframe-sandboxed.html (modified) (1 diff)
• LayoutTests/http/tests/resources/pointer-lock/iframe-allows-inner-iframe.html (added)
• LayoutTests/http/tests/resources/pointer-lock/iframe-common.js (modified) (1 diff)
• Source/WebCore/ChangeLog (modified) (1 diff)
• Source/WebCore/dom/SecurityContext.cpp (modified) (1 diff)

trunk/LayoutTests/ChangeLog

@@ +1 @@
+2012-08-21  Vincent Scheib  <scheib@chromium.org>
+
+        Add parsing logic for allow-pointer-lock to iframe sandbox attribute.
+        https://bugs.webkit.org/show_bug.cgi?id=94513
+
+        Reviewed by Adam Barth.
+
+        Pointer lock was previously blocked from all sandboxed iframes.
+        Parsing the sandbox="allow-pointer-lock" attribute allows pages
+        to control the feature and enable it in sandboxed iframes.
+
+        * http/tests/pointer-lock/iframe-sandboxed-allow-pointer-lock-expected.txt: Added.
+        * http/tests/pointer-lock/iframe-sandboxed-allow-pointer-lock.html: Copied from LayoutTests/http/tests/pointer-lock/iframe-sandboxed.html.
+        * http/tests/pointer-lock/iframe-sandboxed-nested-allow-pointer-lock-expected.txt: Added.
+        * http/tests/pointer-lock/iframe-sandboxed-nested-allow-pointer-lock.html: Copied from LayoutTests/http/tests/pointer-lock/iframe-sandboxed.html.
+        * http/tests/pointer-lock/iframe-sandboxed-nested-disallow-then-allow-pointer-lock-expected.txt: Added.
+        * http/tests/pointer-lock/iframe-sandboxed-nested-disallow-then-allow-pointer-lock.html: Copied from LayoutTests/http/tests/pointer-lock/iframe-sandboxed.html.
+        * http/tests/pointer-lock/iframe-sandboxed.html:
+        * http/tests/resources/pointer-lock/iframe-allows-inner-iframe.html: Added.
+        * http/tests/resources/pointer-lock/iframe-common.js:
+        (window.onmessage):
+
 2012-08-21  Pavel Feldman  <pfeldman@chromium.org>
 

trunk/LayoutTests/http/tests/pointer-lock/iframe-sandboxed-allow-pointer-lock.html

@@ -8 +8 @@
 <div>
   <div id="target1"></div>
-  <iframe src="../resources/pointer-lock/inner-iframe.html" sandbox="allow-same-origin allow-scripts" onload="doNextStepWithUserGesture()"></iframe>
+  <iframe src="../resources/pointer-lock/inner-iframe.html" sandbox="allow-pointer-lock allow-scripts" onload="doNextStepWithUserGesture()"></iframe>
 </div>
 <script>
-    description("Test sandboxed iframe blocks pointer lock.")
+    description("Test sandboxed iframe with allow-pointer-lock allows pointer lock.");
     window.jsTestIsAsync = true;
 
@@ -22 +22 @@
           window.onmessage = function (messageEvent) {
               message = messageEvent.data;
-              shouldBeEqualToString("message", "inner-iframe.html onwebkitpointerlockerror");
+              shouldBeEqualToString("message", "inner-iframe.html onwebkitpointerlockchange, document.webkitPointerLockElement = [object HTMLBodyElement]");
               window.onmessage = null;
               doNextStep();

trunk/LayoutTests/http/tests/pointer-lock/iframe-sandboxed-nested-allow-pointer-lock.html

@@ -8 +8 @@
 <div>
   <div id="target1"></div>
-  <iframe src="../resources/pointer-lock/inner-iframe.html" sandbox="allow-same-origin allow-scripts" onload="doNextStepWithUserGesture()"></iframe>
+  <iframe src="../resources/pointer-lock/iframe-allows-inner-iframe.html" sandbox="allow-pointer-lock allow-scripts" onload="doNextStepWithUserGesture()"></iframe>
 </div>
 <script>
-    description("Test sandboxed iframe blocks pointer lock.")
+    description("Test nested sandboxed iframes with allow-pointer-lock allow pointer lock.");
     window.jsTestIsAsync = true;
 
@@ -19 +19 @@
     todo = [
       function () {
-          iframe.contentWindow.postMessage(["eval", 'document.body.webkitRequestPointerLock()'], "*");
+          iframe.contentWindow.postMessage(["pass message down", "eval", 'document.body.webkitRequestPointerLock()'], "*");
           window.onmessage = function (messageEvent) {
               message = messageEvent.data;
-              shouldBeEqualToString("message", "inner-iframe.html onwebkitpointerlockerror");
+              shouldBeEqualToString("message", "inner-iframe.html onwebkitpointerlockchange, document.webkitPointerLockElement = [object HTMLBodyElement]");
               window.onmessage = null;
               doNextStep();

trunk/LayoutTests/http/tests/pointer-lock/iframe-sandboxed-nested-disallow-then-allow-pointer-lock.html

@@ -8 +8 @@
 <div>
   <div id="target1"></div>
-  <iframe src="../resources/pointer-lock/inner-iframe.html" sandbox="allow-same-origin allow-scripts" onload="doNextStepWithUserGesture()"></iframe>
+  <iframe src="../resources/pointer-lock/iframe-allows-inner-iframe.html" sandbox="allow-scripts" onload="doNextStepWithUserGesture()"></iframe>
 </div>
 <script>
-    description("Test sandboxed iframe blocks pointer lock.")
+    description("Test nested sandboxed iframes without and then with allow-pointer-lock disallow pointer lock.");
     window.jsTestIsAsync = true;
 
@@ -19 +19 @@
     todo = [
       function () {
-          iframe.contentWindow.postMessage(["eval", 'document.body.webkitRequestPointerLock()'], "*");
+          iframe.contentWindow.postMessage(["pass message down", "eval", 'document.body.webkitRequestPointerLock()'], "*");
           window.onmessage = function (messageEvent) {
               message = messageEvent.data;

trunk/LayoutTests/http/tests/pointer-lock/iframe-sandboxed.html

@@ -8 +8 @@
 <div>
   <div id="target1"></div>
-  <iframe src="../resources/pointer-lock/inner-iframe.html" sandbox="allow-same-origin allow-scripts" onload="doNextStepWithUserGesture()"></iframe>
+  <iframe src="../resources/pointer-lock/inner-iframe.html" sandbox="allow-scripts" onload="doNextStepWithUserGesture()"></iframe>
 </div>
 <script>

trunk/LayoutTests/http/tests/resources/pointer-lock/iframe-common.js

@@ -9 +9 @@
         eval(messageEvent.data[1]);
         break;
+    case "pass message down":
+        iframe = document.getElementsByTagName("iframe")[0];
+        iframe.contentWindow.postMessage(messageEvent.data.slice(1), "*");
+        break;
+    default:
+        // Pass all other messages up to parent.
+        parent.postMessage(messageEvent.data, "*");
     }
 }

trunk/Source/WebCore/ChangeLog

@@ +1 @@
+2012-08-21  Vincent Scheib  <scheib@chromium.org>
+
+        Add parsing logic for allow-pointer-lock to iframe sandbox attribute.
+        https://bugs.webkit.org/show_bug.cgi?id=94513
+
+        Reviewed by Adam Barth.
+
+        Pointer lock was previously blocked from all sandboxed iframes.
+        Parsing the sandbox="allow-pointer-lock" attribute allows pages
+        to control the feature and enable it in sandboxed iframes.
+
+        Tests: http/tests/pointer-lock/iframe-sandboxed-allow-pointer-lock.html
+               http/tests/pointer-lock/iframe-sandboxed-nested-allow-pointer-lock.html
+               http/tests/pointer-lock/iframe-sandboxed-nested-disallow-then-allow-pointer-lock.html
+
+        * dom/SecurityContext.cpp:
+        (WebCore::SecurityContext::parseSandboxPolicy):
+
 2012-08-21  James Robinson  <jamesr@chromium.org>
 

trunk/Source/WebCore/dom/SecurityContext.cpp

@@ -113 +113 @@
         else if (equalIgnoringCase(sandboxToken, "allow-popups"))
             flags &= ~SandboxPopups;
+        else if (equalIgnoringCase(sandboxToken, "allow-pointer-lock"))
+            flags &= ~SandboxPointerLock;
 
         start = end + 1;