Changeset 138517 in webkit

Timestamp:

Dec 27, 2012 4:39:48 PM (11 years ago)

Author:

mkwst@chromium.org

Message:

Add context to the console message generated by Document::printNavigationErrorMessage.
​https://bugs.webkit.org/show_bug.cgi?id=105774

Reviewed by Darin Adler.

Source/WebCore:

When blocking frame navigations, we should give developers more
contextual detail about why the navigation has been blocked. This patch
adds context specifically for sandboxed frames', and gives a slightly
more detailed generic response for all other blockages.

No new tests; the changes to the error message are covered via
rebaselines to existing navigation tests.

• dom/Document.cpp:

(WebCore::printNavigationErrorMessage):
(WebCore::Document::canNavigate):

Pass in a 'reason' parameter when calling printNavigationErrorMessage
to report a blocked navigation.

LayoutTests:

• fast/frames/sandboxed-iframe-close-top-noclose-expected.txt:
• fast/frames/sandboxed-iframe-history-denied-expected.txt:
• fast/frames/sandboxed-iframe-navigation-parent-expected.txt:
• fast/frames/sandboxed-iframe-navigation-targetlink-expected.txt:
• fast/frames/sandboxed-iframe-navigation-top-by-name-denied-expected.txt:
• fast/frames/sandboxed-iframe-navigation-top-denied-expected.txt:
• fast/frames/seamless/seamless-window-location-sandbox-expected.txt:
• http/tests/security/no-popup-from-sandbox-top-expected.txt:
• http/tests/security/frameNavigation/not-opener-expected.txt:
• http/tests/security/frameNavigation/xss-DENIED-plugin-navigation-expected.txt:
• http/tests/security/frameNavigation/xss-DENIED-targeted-link-navigation-expected.txt:
• platform/chromium/http/tests/security/frameNavigation/xss-DENIED-plugin-navigation-expected.txt:
• platform/chromium/http/tests/security/no-popup-from-sandbox-top-expected.txt:

Update test expectations with new error message.

Location:

trunk

Files:

• LayoutTests/ChangeLog (modified) (1 diff)
• LayoutTests/fast/frames/sandboxed-iframe-close-top-noclose-expected.txt (modified) (1 diff)
• LayoutTests/fast/frames/sandboxed-iframe-history-denied-expected.txt (modified) (1 diff)
• LayoutTests/fast/frames/sandboxed-iframe-navigation-parent-expected.txt (modified) (1 diff)
• LayoutTests/fast/frames/sandboxed-iframe-navigation-targetlink-expected.txt (modified) (1 diff)
• LayoutTests/fast/frames/sandboxed-iframe-navigation-top-by-name-denied-expected.txt (modified) (1 diff)
• LayoutTests/fast/frames/sandboxed-iframe-navigation-top-denied-expected.txt (modified) (1 diff)
• LayoutTests/fast/frames/seamless/seamless-window-location-sandbox-expected.txt (modified) (1 diff)
• LayoutTests/http/tests/security/frameNavigation/not-opener-expected.txt (modified) (1 diff)
• LayoutTests/http/tests/security/frameNavigation/xss-DENIED-plugin-navigation-expected.txt (modified) (1 diff)
• LayoutTests/http/tests/security/frameNavigation/xss-DENIED-targeted-link-navigation-expected.txt (modified) (1 diff)
• LayoutTests/http/tests/security/no-popup-from-sandbox-top-expected.txt (modified) (1 diff)
• LayoutTests/platform/chromium/http/tests/security/frameNavigation/xss-DENIED-plugin-navigation-expected.txt (modified) (1 diff)
• LayoutTests/platform/chromium/http/tests/security/no-popup-from-sandbox-top-expected.txt (modified) (1 diff)
• Source/WebCore/ChangeLog (modified) (1 diff)
• Source/WebCore/dom/Document.cpp (modified) (4 diffs)

trunk/LayoutTests/ChangeLog

@@ +1 @@
+2012-12-27  Mike West  <mkwst@chromium.org>
+
+        Add context to the console message generated by Document::printNavigationErrorMessage.
+        https://bugs.webkit.org/show_bug.cgi?id=105774
+
+        Reviewed by Darin Adler.
+
+        * fast/frames/sandboxed-iframe-close-top-noclose-expected.txt:
+        * fast/frames/sandboxed-iframe-history-denied-expected.txt:
+        * fast/frames/sandboxed-iframe-navigation-parent-expected.txt:
+        * fast/frames/sandboxed-iframe-navigation-targetlink-expected.txt:
+        * fast/frames/sandboxed-iframe-navigation-top-by-name-denied-expected.txt:
+        * fast/frames/sandboxed-iframe-navigation-top-denied-expected.txt:
+        * fast/frames/seamless/seamless-window-location-sandbox-expected.txt:
+        * http/tests/security/no-popup-from-sandbox-top-expected.txt:
+        * http/tests/security/frameNavigation/not-opener-expected.txt:
+        * http/tests/security/frameNavigation/xss-DENIED-plugin-navigation-expected.txt:
+        * http/tests/security/frameNavigation/xss-DENIED-targeted-link-navigation-expected.txt:
+        * platform/chromium/http/tests/security/frameNavigation/xss-DENIED-plugin-navigation-expected.txt:
+        * platform/chromium/http/tests/security/no-popup-from-sandbox-top-expected.txt:
+            Update test expectations with new error message.
+
 2012-12-27  Vsevolod Vlasov  <vsevik@chromium.org>
 

trunk/LayoutTests/fast/frames/sandboxed-iframe-close-top-noclose-expected.txt

@@ -1 @@
-CONSOLE MESSAGE: Unsafe JavaScript attempt to initiate a navigation change for frame with URL close-top.html.
+CONSOLE MESSAGE: Unsafe JavaScript attempt to initiate navigation for frame with URL 'close-top.html'. The frame attempting navigation of the top-level window is sandboxed, but the 'allow-top-navigation' flag is not set.
 
 This test verifies that a sandboxed IFrame can close a top-level frame with allow-top-navigation.

trunk/LayoutTests/fast/frames/sandboxed-iframe-history-denied-expected.txt

@@ -1 @@
-CONSOLE MESSAGE: Unsafe JavaScript attempt to initiate a navigation change for frame with URL script>.
+CONSOLE MESSAGE: Unsafe JavaScript attempt to initiate navigation for frame with URL 'script>'. The frame attempting navigation of the top-level window is sandboxed, but the 'allow-top-navigation' flag is not set.
 
 ALERT: PASS

trunk/LayoutTests/fast/frames/sandboxed-iframe-navigation-parent-expected.txt

@@ -1 @@
-CONSOLE MESSAGE: Unsafe JavaScript attempt to initiate a navigation change for frame with URL sandboxed-iframe-navigation-source.html.
+CONSOLE MESSAGE: Unsafe JavaScript attempt to initiate navigation for frame with URL 'sandboxed-iframe-navigation-source.html'. The frame attempting navigation is sandboxed, and is therefore disallowed from navigating its ancestors.
 
 This test verifies that a sandboxed IFrame cannot navigate an ancestor in the frame tree by assigning the location attribute.

trunk/LayoutTests/fast/frames/sandboxed-iframe-navigation-targetlink-expected.txt

@@ -1 @@
-CONSOLE MESSAGE: Unsafe JavaScript attempt to initiate a navigation change for frame with URL about:blank from frame with URL sandboxed-iframe-navigation-targetlink.html.
+CONSOLE MESSAGE: Unsafe JavaScript attempt to initiate navigation for frame with URL 'about:blank' from frame with URL 'sandboxed-iframe-navigation-targetlink.html'. The frame attempting navigation is sandboxed, and is therefore disallowed from navigating its ancestors.
 
-CONSOLE MESSAGE: Unsafe JavaScript attempt to initiate a navigation change for frame with URL about:blank from frame with URL sandboxed-iframe-navigation-targetlink.html.
+CONSOLE MESSAGE: Unsafe JavaScript attempt to initiate navigation for frame with URL 'about:blank' from frame with URL 'sandboxed-iframe-navigation-targetlink.html'. The frame attempting navigation is sandboxed, and is therefore disallowed from navigating its ancestors.
 
 This test verifies that a sandboxed IFrame cannot open a link in another frame using the target attribute of a link.

trunk/LayoutTests/fast/frames/sandboxed-iframe-navigation-top-by-name-denied-expected.txt

@@ -1 @@
-CONSOLE MESSAGE: Unsafe JavaScript attempt to initiate a navigation change for frame with URL navigate-top-by-name-to-fail.html.
+CONSOLE MESSAGE: Unsafe JavaScript attempt to initiate navigation for frame with URL 'navigate-top-by-name-to-fail.html'. The frame attempting navigation of the top-level window is sandboxed, but the 'allow-top-navigation' flag is not set.
 
 CONSOLE MESSAGE: Blocked opening 'fail-and-notify-done.html' in a new window because the request was made in a sandboxed frame whose 'allow-popups' permission is not set.
-CONSOLE MESSAGE: Unsafe JavaScript attempt to initiate a navigation change for frame with URL navigate-top-by-name-to-fail.html.
+CONSOLE MESSAGE: Unsafe JavaScript attempt to initiate navigation for frame with URL 'navigate-top-by-name-to-fail.html'. The frame attempting navigation of the top-level window is sandboxed, but the 'allow-top-navigation' flag is not set.
 
-CONSOLE MESSAGE: Unsafe JavaScript attempt to initiate a navigation change for frame with URL navigate-top-by-name-to-fail.html.
+CONSOLE MESSAGE: Unsafe JavaScript attempt to initiate navigation for frame with URL 'navigate-top-by-name-to-fail.html'. The frame attempting navigation of the top-level window is sandboxed, but the 'allow-top-navigation' flag is not set.
 
 CONSOLE MESSAGE: Blocked opening 'fail-and-notify-done.html' in a new window because the request was made in a sandboxed frame whose 'allow-popups' permission is not set.

trunk/LayoutTests/fast/frames/sandboxed-iframe-navigation-top-denied-expected.txt

@@ -1 @@
-CONSOLE MESSAGE: Unsafe JavaScript attempt to initiate a navigation change for frame with URL navigate-top-to-fail.html.
+CONSOLE MESSAGE: Unsafe JavaScript attempt to initiate navigation for frame with URL 'navigate-top-to-fail.html'. The frame attempting navigation of the top-level window is sandboxed, but the 'allow-top-navigation' flag is not set.
 
 This test verifies that a sandboxed IFrame cannot navigate the top-level frame without allow-top-navigation. This test passes if the navigation does not occur.

trunk/LayoutTests/fast/frames/seamless/seamless-window-location-sandbox-expected.txt

@@ -1 @@
-CONSOLE MESSAGE: Unsafe JavaScript attempt to initiate a navigation change for frame with URL about:srcdoc from frame with URL about:srcdoc.
+CONSOLE MESSAGE: Unsafe JavaScript attempt to initiate navigation for frame with URL 'about:srcdoc' from frame with URL 'about:srcdoc'. The frame attempting navigation is sandboxed, and is therefore disallowed from navigating its ancestors.
 
 This test should not cause any navigation. 

trunk/LayoutTests/http/tests/security/frameNavigation/not-opener-expected.txt

@@ -1 @@
-CONSOLE MESSAGE: Unsafe JavaScript attempt to initiate a navigation change for frame with URL http://127.0.0.1:8000/security/frameNavigation/resources/ready.html from frame with URL http://localhost:8000/security/frameNavigation/resources/not-opener-helper.html.
+CONSOLE MESSAGE: Unsafe JavaScript attempt to initiate navigation for frame with URL 'http://127.0.0.1:8000/security/frameNavigation/resources/ready.html' from frame with URL 'http://localhost:8000/security/frameNavigation/resources/not-opener-helper.html'. The frame attempting navigation is neither same-origin with the target, nor is it the target's parent or opener.
 
 PASS

trunk/LayoutTests/http/tests/security/frameNavigation/xss-DENIED-plugin-navigation-expected.txt

@@ -1 @@
-CONSOLE MESSAGE: Unsafe JavaScript attempt to initiate a navigation change for frame with URL http://127.0.0.1:8000/security/resources/cross-frame-iframe.html from frame with URL http://localhost:8000/security/frameNavigation/resources/frame-with-plugin-to-navigate.html.
+CONSOLE MESSAGE: Unsafe JavaScript attempt to initiate navigation for frame with URL 'http://127.0.0.1:8000/security/resources/cross-frame-iframe.html' from frame with URL 'http://localhost:8000/security/frameNavigation/resources/frame-with-plugin-to-navigate.html'. The frame attempting navigation is neither same-origin with the target, nor is it the target's parent or opener.
 
  

trunk/LayoutTests/http/tests/security/frameNavigation/xss-DENIED-targeted-link-navigation-expected.txt

@@ -1 @@
-CONSOLE MESSAGE: Unsafe JavaScript attempt to initiate a navigation change for frame with URL http://127.0.0.1:8000/security/resources/cross-frame-iframe.html from frame with URL http://localhost:8000/security/frameNavigation/resources/frame-with-link-to-navigate.html.
+CONSOLE MESSAGE: Unsafe JavaScript attempt to initiate navigation for frame with URL 'http://127.0.0.1:8000/security/resources/cross-frame-iframe.html' from frame with URL 'http://localhost:8000/security/frameNavigation/resources/frame-with-link-to-navigate.html'. The frame attempting navigation is neither same-origin with the target, nor is it the target's parent or opener.
 
-CONSOLE MESSAGE: Unsafe JavaScript attempt to initiate a navigation change for frame with URL http://127.0.0.1:8000/security/resources/cross-frame-iframe.html from frame with URL http://localhost:8000/security/frameNavigation/resources/frame-with-link-to-navigate.html.
+CONSOLE MESSAGE: Unsafe JavaScript attempt to initiate navigation for frame with URL 'http://127.0.0.1:8000/security/resources/cross-frame-iframe.html' from frame with URL 'http://localhost:8000/security/frameNavigation/resources/frame-with-link-to-navigate.html'. The frame attempting navigation is neither same-origin with the target, nor is it the target's parent or opener.
 
  

trunk/LayoutTests/http/tests/security/no-popup-from-sandbox-top-expected.txt

@@ -1 @@
-CONSOLE MESSAGE: Unsafe JavaScript attempt to initiate a navigation change for frame with URL http://127.0.0.1:8000/security/no-popup-from-sandbox-top.html from frame with URL data:text/html,       <script>       var win = window.open('about:blank', '_top');       alert(win ?%20'FAIL'%20:%20'PASS');%20%20%20%20%20%20%20%3C/script%3E.
+CONSOLE MESSAGE: Unsafe JavaScript attempt to initiate navigation for frame with URL 'http://127.0.0.1:8000/security/no-popup-from-sandbox-top.html' from frame with URL 'data:text/html,       <script>       var win = window.open('about:blank', '_top');       alert(win ?%20'FAIL'%20:%20'PASS');%20%20%20%20%20%20%20%3C/script%3E'. The frame attempting navigation of the top-level window is sandboxed, but the 'allow-top-navigation' flag is not set.
 
 ALERT: PASS

trunk/LayoutTests/platform/chromium/http/tests/security/frameNavigation/xss-DENIED-plugin-navigation-expected.txt

@@ -1 @@
-CONSOLE MESSAGE: Unsafe JavaScript attempt to initiate a navigation change for frame with URL http://127.0.0.1:8000/security/resources/cross-frame-iframe.html from frame with URL http://localhost:8000/security/frameNavigation/resources/frame-with-plugin-to-navigate.html.
+CONSOLE MESSAGE: Unsafe JavaScript attempt to initiate navigation for frame with URL 'http://127.0.0.1:8000/security/resources/cross-frame-iframe.html' from frame with URL 'http://localhost:8000/security/frameNavigation/resources/frame-with-plugin-to-navigate.html'. The frame attempting navigation is neither same-origin with the target, nor is it the target's parent or opener.
 
-CONSOLE MESSAGE: Unsafe JavaScript attempt to initiate a navigation change for frame with URL http://127.0.0.1:8000/security/resources/cross-frame-iframe.html from frame with URL http://localhost:8000/security/frameNavigation/resources/frame-with-plugin-to-navigate.html.
+CONSOLE MESSAGE: Unsafe JavaScript attempt to initiate navigation for frame with URL 'http://127.0.0.1:8000/security/resources/cross-frame-iframe.html' from frame with URL 'http://localhost:8000/security/frameNavigation/resources/frame-with-plugin-to-navigate.html'. The frame attempting navigation is neither same-origin with the target, nor is it the target's parent or opener.
 
  

trunk/LayoutTests/platform/chromium/http/tests/security/no-popup-from-sandbox-top-expected.txt

@@ -1 @@
-CONSOLE MESSAGE: Unsafe JavaScript attempt to initiate a navigation change for frame with URL http://127.0.0.1:8000/security/no-popup-from-sandbox-top.html from frame with URL data:text/html,       <script>       var win = window.open('about:blank', '_top');       alert(win ? 'FAIL' : 'PASS');       </script>.
+CONSOLE MESSAGE: Unsafe JavaScript attempt to initiate navigation for frame with URL 'http://127.0.0.1:8000/security/no-popup-from-sandbox-top.html' from frame with URL 'data:text/html,       <script>       var win = window.open('about:blank', '_top');       alert(win ? 'FAIL' : 'PASS');       </script>'. The frame attempting navigation of the top-level window is sandboxed, but the 'allow-top-navigation' flag is not set.
 
 ALERT: PASS

trunk/Source/WebCore/ChangeLog

@@ +1 @@
+2012-12-27  Mike West  <mkwst@chromium.org>
+
+        Add context to the console message generated by Document::printNavigationErrorMessage.
+        https://bugs.webkit.org/show_bug.cgi?id=105774
+
+        Reviewed by Darin Adler.
+
+        When blocking frame navigations, we should give developers more
+        contextual detail about why the navigation has been blocked. This patch
+        adds context specifically for sandboxed frames', and gives a slightly
+        more detailed generic response for all other blockages.
+
+        No new tests; the changes to the error message are covered via
+        rebaselines to existing navigation tests.
+
+        * dom/Document.cpp:
+        (WebCore::printNavigationErrorMessage):
+        (WebCore::Document::canNavigate):
+            Pass in a 'reason' parameter when calling printNavigationErrorMessage
+            to report a blocked navigation.
+
 2012-12-27  Dimitri Glazkov  <dglazkov@chromium.org>
 

trunk/Source/WebCore/dom/Document.cpp

@@ -394 +394 @@
 }
 
-static void printNavigationErrorMessage(Frame* frame, const KURL& activeURL)
-{
-    // FIXME: this error message should contain more specifics of why the navigation change is not allowed.
-    String message = "Unsafe JavaScript attempt to initiate a navigation change for frame with URL " +
-                     frame->document()->url().string() + " from frame with URL " + activeURL.string() + ".\n";
+static void printNavigationErrorMessage(Frame* frame, const KURL& activeURL, const char* reason)
+{
+    String message = "Unsafe JavaScript attempt to initiate navigation for frame with URL '" + frame->document()->url().string() + "' from frame with URL '" + activeURL.string() + "'. " + reason + "\n";
 
     // FIXME: should we print to the console of the document performing the navigation instead?
@@ -2712 +2710 @@
         return true;
 
-    // Frame-busting is generally allowed (unless we're sandboxed and prevent from frame-busting).
+    // Frame-busting is generally allowed, but blocked for sandboxed frames lacking the 'allow-top-navigation' flag.
     if (!isSandboxed(SandboxTopNavigation) && targetFrame == m_frame->tree()->top())
         return true;
@@ -2720 +2718 @@
             return true;
 
-        printNavigationErrorMessage(targetFrame, url());
+        const char* reason = "The frame attempting navigation is sandboxed, and is therefore disallowed from navigating its ancestors.";
+        if (isSandboxed(SandboxTopNavigation) && targetFrame == m_frame->tree()->top())
+            reason = "The frame attempting navigation of the top-level window is sandboxed, but the 'allow-top-navigation' flag is not set.";
+
+        printNavigationErrorMessage(targetFrame, url(), reason);
         return false;
     }
@@ -2753 +2755 @@
     }
 
-    printNavigationErrorMessage(targetFrame, url());
+    printNavigationErrorMessage(targetFrame, url(), "The frame attempting navigation is neither same-origin with the target, nor is it the target's parent or opener.");
     return false;
 }