Changeset 128070 in webkit
- Timestamp:
- Sep 10, 2012 9:45:08 AM (12 years ago)
- Location:
- trunk
- Files:
-
- 3 added
- 12 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/LayoutTests/ChangeLog
r128069 r128070 1 2012-09-10 Mike West <mkwst@chromium.org> 2 3 Console warnings generated by script access to sandboxed iframes should make the violation clear. 4 https://bugs.webkit.org/show_bug.cgi?id=64079 5 6 Reviewed by Adam Barth. 7 8 * http/tests/security/resources/blank.html: Added. 9 Adding a blank resource for a same-origin access test. 10 * http/tests/security/sandboxed-iframe-blocks-access-from-parent-expected.txt: Added. 11 * http/tests/security/sandboxed-iframe-blocks-access-from-parent.html: Added. 12 Parents shouldn't be able to access properties (like location) of 13 their sandboxed child frames. 14 * http/tests/security/sandboxed-iframe-modify-self-expected.txt: 15 * http/tests/security/sandboxed-iframe-origin-add-expected.txt: 16 * http/tests/security/sandboxed-iframe-origin-remove-expected.txt: 17 * http/tests/security/srcdoc-in-sandbox-cannot-access-parent-expected.txt: 18 * http/tests/security/xss-DENIED-sandboxed-iframe-expected.txt: 19 * platform/chromium/http/tests/security/sandboxed-iframe-modify-self-expected.txt: 20 * platform/chromium/http/tests/security/srcdoc-in-sandbox-cannot-access-parent-expected.txt: 21 Updating existing error messages. 22 1 23 2012-09-10 Fady Samuel <fsamuel@chromium.org> 2 24 -
trunk/LayoutTests/http/tests/security/contentSecurityPolicy/sandbox-allow-scripts-in-http-header-expected.txt
r119204 r128070 1 1 ALERT: Script executed in iframe. 2 CONSOLE MESSAGE: Unsafe JavaScript attempt to access frame with URL http://127.0.0.1:8000/security/contentSecurityPolicy/resources/sandbox.php?sandbox=allow-scripts from frame with URL http://127.0.0.1:8000/security/contentSecurityPolicy/sandbox-allow-scripts-in-http-header.html. Domains, protocols and ports must match.2 CONSOLE MESSAGE: Sandbox access violation: Unsafe JavaScript attempt to access frame with URL http://127.0.0.1:8000/security/contentSecurityPolicy/resources/sandbox.php?sandbox=allow-scripts from frame with URL http://127.0.0.1:8000/security/contentSecurityPolicy/sandbox-allow-scripts-in-http-header.html. The frame being accessed is sandboxed into a unique origin. 3 3 4 4 ALERT: PASS: Iframe was in a unique origin -
trunk/LayoutTests/http/tests/security/contentSecurityPolicy/sandbox-in-http-header-expected.txt
r119204 r128070 1 CONSOLE MESSAGE: Unsafe JavaScript attempt to access frame with URL http://127.0.0.1:8000/security/contentSecurityPolicy/resources/sandbox.php?sandbox=allow-top-navigation from frame with URL http://127.0.0.1:8000/security/contentSecurityPolicy/sandbox-in-http-header.html. Domains, protocols and ports must match.1 CONSOLE MESSAGE: Sandbox access violation: Unsafe JavaScript attempt to access frame with URL http://127.0.0.1:8000/security/contentSecurityPolicy/resources/sandbox.php?sandbox=allow-top-navigation from frame with URL http://127.0.0.1:8000/security/contentSecurityPolicy/sandbox-in-http-header.html. The frame being accessed is sandboxed into a unique origin. 2 2 3 3 ALERT: PASS: Iframe was in a unique origin -
trunk/LayoutTests/http/tests/security/sandboxed-iframe-modify-self-expected.txt
r104803 r128070 1 CONSOLE MESSAGE: Unsafe JavaScript attempt to access frame with URL http://127.0.0.1:8000/security/sandboxed-iframe-modify-self.html from frame with URL http://127.0.0.1:8000/security/resources/sandboxed-iframe-modify-self.html. Domains, protocols and ports must match.1 CONSOLE MESSAGE: Sandbox access violation: Unsafe JavaScript attempt to access frame with URL http://127.0.0.1:8000/security/sandboxed-iframe-modify-self.html from frame with URL http://127.0.0.1:8000/security/resources/sandboxed-iframe-modify-self.html. The frame requesting access is sandboxed into a unique origin. 2 2 3 3 This is a "sanity" test case to verify that a sandboxed frame cannot break out of its sandbox by modifying its own sandbox attribute. Two attempts are made: -
trunk/LayoutTests/http/tests/security/sandboxed-iframe-origin-add-expected.txt
r104803 r128070 1 CONSOLE MESSAGE: Unsafe JavaScript attempt to access frame with URL http://127.0.0.1:8000/security/sandboxed-iframe-origin-add.html from frame with URL http://127.0.0.1:8000/security/resources/sandboxed-iframe-origin-add-step1.html. Domains, protocols and ports must match.1 CONSOLE MESSAGE: Sandbox access violation: Unsafe JavaScript attempt to access frame with URL http://127.0.0.1:8000/security/sandboxed-iframe-origin-add.html from frame with URL http://127.0.0.1:8000/security/resources/sandboxed-iframe-origin-add-step1.html. The frame requesting access is sandboxed into a unique origin. 2 2 3 3 Test that adding allow-origin after creating an iframe doesn't modify the origin of an existing document, but it doesn modify the origin of the next document. -
trunk/LayoutTests/http/tests/security/sandboxed-iframe-origin-remove-expected.txt
r104803 r128070 1 CONSOLE MESSAGE: Unsafe JavaScript attempt to access frame with URL http://127.0.0.1:8000/security/sandboxed-iframe-origin-remove.html from frame with URL http://127.0.0.1:8000/security/resources/sandboxed-iframe-origin-remove-step2.html. Domains, protocols and ports must match.1 CONSOLE MESSAGE: Sandbox access violation: Unsafe JavaScript attempt to access frame with URL http://127.0.0.1:8000/security/sandboxed-iframe-origin-remove.html from frame with URL http://127.0.0.1:8000/security/resources/sandboxed-iframe-origin-remove-step2.html. The frame requesting access is sandboxed into a unique origin. 2 2 3 3 Test that removing allow-origin after creating an iframe doesn't modify the origin of an existing document, but it doesn modify the origin of the next document. -
trunk/LayoutTests/http/tests/security/srcdoc-in-sandbox-cannot-access-parent-expected.txt
r113145 r128070 1 CONSOLE MESSAGE: Unsafe JavaScript attempt to access frame with URL http://127.0.0.1:8000/security/srcdoc-in-sandbox-cannot-access-parent.html from frame with URL about:srcdoc. Domains, protocols and ports must match.1 CONSOLE MESSAGE: Sandbox access violation: Unsafe JavaScript attempt to access frame with URL http://127.0.0.1:8000/security/srcdoc-in-sandbox-cannot-access-parent.html from frame with URL about:srcdoc. The frame requesting access is sandboxed into a unique origin. 2 2 3 3 CONSOLE MESSAGE: line 4: TypeError: 'undefined' is not an object (evaluating 'parent.document.getElementById') -
trunk/LayoutTests/http/tests/security/xss-DENIED-sandboxed-iframe-expected.txt
r104803 r128070 1 CONSOLE MESSAGE: Unsafe JavaScript attempt to access frame with URL http://127.0.0.1:8000/security/xss-DENIED-sandboxed-iframe.html from frame with URL http://127.0.0.1:8000/security/resources/xss-DENIED-sandboxed-iframe-attacker.html. Domains, protocols and ports must match.1 CONSOLE MESSAGE: Sandbox access violation: Unsafe JavaScript attempt to access frame with URL http://127.0.0.1:8000/security/xss-DENIED-sandboxed-iframe.html from frame with URL http://127.0.0.1:8000/security/resources/xss-DENIED-sandboxed-iframe-attacker.html. The frame requesting access is sandboxed into a unique origin. 2 2 3 CONSOLE MESSAGE: Unsafe JavaScript attempt to access frame with URL http://127.0.0.1:8000/security/xss-DENIED-sandboxed-iframe.html from frame with URL http://127.0.0.1:8000/security/resources/xss-DENIED-sandboxed-iframe-attacker.html. Domains, protocols and ports must match.3 CONSOLE MESSAGE: Sandbox access violation: Unsafe JavaScript attempt to access frame with URL http://127.0.0.1:8000/security/xss-DENIED-sandboxed-iframe.html from frame with URL http://127.0.0.1:8000/security/resources/xss-DENIED-sandboxed-iframe-attacker.html. The frame requesting access is sandboxed into a unique origin. 4 4 5 5 This test verifies that sandboxed iframe prevents cross-domain script access. It will print "PASS" on success. -
trunk/LayoutTests/platform/chromium/http/tests/security/sandboxed-iframe-modify-self-expected.txt
r125139 r128070 1 1 CONSOLE MESSAGE: Unsafe JavaScript attempt to initiate a navigation change for frame with URL http://127.0.0.1:8000/security/sandboxed-iframe-form-top.html from frame with URL http://127.0.0.1:8000/security/resources/sandboxed-iframe-form-top.html. 2 2 3 CONSOLE MESSAGE: Unsafe JavaScript attempt to access frame with URL http://127.0.0.1:8000/security/sandboxed-iframe-modify-self.html from frame with URL http://127.0.0.1:8000/security/resources/sandboxed-iframe-modify-self.html. Domains, protocols and ports must match.3 CONSOLE MESSAGE: Sandbox access violation: Unsafe JavaScript attempt to access frame with URL http://127.0.0.1:8000/security/sandboxed-iframe-modify-self.html from frame with URL http://127.0.0.1:8000/security/resources/sandboxed-iframe-modify-self.html. The frame requesting access is sandboxed into a unique origin. 4 4 5 5 This is a "sanity" test case to verify that a sandboxed frame cannot break out of its sandbox by modifying its own sandbox attribute. Two attempts are made: -
trunk/LayoutTests/platform/chromium/http/tests/security/srcdoc-in-sandbox-cannot-access-parent-expected.txt
r113145 r128070 1 CONSOLE MESSAGE: Unsafe JavaScript attempt to access frame with URL http://127.0.0.1:8000/security/srcdoc-in-sandbox-cannot-access-parent.html from frame with URL about:srcdoc. Domains, protocols and ports must match.1 CONSOLE MESSAGE: Sandbox access violation: Unsafe JavaScript attempt to access frame with URL http://127.0.0.1:8000/security/srcdoc-in-sandbox-cannot-access-parent.html from frame with URL about:srcdoc. The frame requesting access is sandboxed into a unique origin. 2 2 3 3 CONSOLE MESSAGE: line 4: Uncaught TypeError: Cannot call method 'getElementById' of undefined -
trunk/Source/WebCore/ChangeLog
r128064 r128070 1 2012-09-10 Mike West <mkwst@chromium.org> 2 3 Clarify the cause of console warnings generated by "cross-origin" access to sandboxed iframes. 4 https://bugs.webkit.org/show_bug.cgi?id=64079 5 6 Reviewed by Adam Barth. 7 8 The error message generated when accessing cross-origin content is a bit 9 too generic at the moment, which is misleading when the "cross-origin" 10 nature of an access attempt isn't visible in the URLs that the error 11 displays. Sandboxed iframes, for example, are put into unique origins by 12 default, meaning that all access in or out are subject to cross-origin 13 restrictions, even if the resources would otherwise be same-origin. 14 15 This patch improces the error message to explicitly point to sandboxing 16 as the core of cross-origin requests when relevant. It adds a single new 17 test to check access from parents to children, and relies on existing 18 tests for access in the other direction. 19 20 Test: http/tests/security/sandboxed-iframe-blocks-access-from-parent.html 21 22 * page/DOMWindow.cpp: 23 (WebCore::DOMWindow::crossDomainAccessErrorMessage): 24 Check 'isSandboxed(SandboxOrigin)' against the document and 25 activeWindow when generating the error message. If one or the other 26 is sandboxed, make that clear in the console warning. 27 1 28 2012-09-10 Tommy Widenflycht <tommyw@google.com> 2 29 -
trunk/Source/WebCore/page/DOMWindow.cpp
r126926 r128070 1756 1756 return String(); 1757 1757 1758 // FIXME: This error message should contain more specifics of why the same origin check has failed.1759 // Perhaps we should involve the security origin object in composing it.1760 1758 // FIXME: This message, and other console messages, have extra newlines. Should remove them. 1761 return "Unsafe JavaScript attempt to access frame with URL " + document()->url().string() + " from frame with URL " + activeWindowURL.string() + ". Domains, protocols and ports must match.\n"; 1759 String message = makeString("Unsafe JavaScript attempt to access frame with URL ", document()->url().string(), " from frame with URL ", activeWindowURL.string(), "."); 1760 if (document()->isSandboxed(SandboxOrigin) || activeWindow->document()->isSandboxed(SandboxOrigin)) { 1761 if (document()->isSandboxed(SandboxOrigin) && activeWindow->document()->isSandboxed(SandboxOrigin)) 1762 return makeString("Sandbox access violation: ", message, " Both frames are sandboxed into unique origins.\n"); 1763 if (document()->isSandboxed(SandboxOrigin)) 1764 return makeString("Sandbox access violation: ", message, " The frame being accessed is sandboxed into a unique origin.\n"); 1765 return makeString("Sandbox access violation: ", message, " The frame requesting access is sandboxed into a unique origin.\n"); 1766 } 1767 return makeString(message, " Domains, protocols and ports must match.\n"); 1762 1768 } 1763 1769
Note: See TracChangeset
for help on using the changeset viewer.