Changeset 156130 in webkit
- Timestamp:
- Sep 19, 2013 4:19:56 PM (11 years ago)
- Location:
- trunk
- Files:
-
- 23 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/LayoutTests/ChangeLog
r156116 r156130 1 2013-09-19 Alexey Proskuryakov <ap@apple.com> 2 3 Layout Test http/tests/security/canvas-remote-read-remote-image-redirect.html is flaky 4 https://bugs.webkit.org/show_bug.cgi?id=121458 5 6 Reviewed by Sam Weinig. 7 8 * fast/frames/sandboxed-iframe-attribute-parsing-06-expected.txt: 9 * fast/frames/sandboxed-iframe-attribute-parsing-07-expected.txt: 10 * fast/frames/sandboxed-iframe-attribute-parsing-08-expected.txt: 11 * fast/frames/sandboxed-iframe-attribute-parsing-09-expected.txt: 12 * fast/frames/sandboxed-iframe-attribute-parsing-10-expected.txt: 13 * fast/frames/sandboxed-iframe-attribute-parsing-11-expected.txt: 14 * fast/frames/sandboxed-iframe-attribute-parsing-12-expected.txt: 15 * fast/frames/sandboxed-iframe-attribute-parsing-13-expected.txt: 16 * fast/frames/sandboxed-iframe-attribute-parsing-14-expected.txt: 17 * fast/frames/sandboxed-iframe-parsing-space-characters-expected.txt: 18 * fast/frames/sandboxed-iframe-scripting-04-expected.txt: 19 * http/tests/security/contentSecurityPolicy/sandbox-empty-expected.txt: 20 * http/tests/security/contentSecurityPolicy/sandbox-empty-subframe-expected.txt: 21 * http/tests/security/contentSecurityPolicy/sandbox-in-http-header-control-expected.txt: 22 * http/tests/security/contentSecurityPolicy/sandbox-in-http-header-expected.txt: 23 * http/tests/security/contentSecurityPolicy/sandbox-invalid-header-expected.txt: 24 * http/tests/security/isolatedWorld/sandboxed-iframe-expected.txt: 25 * media/video-controls-no-scripting-expected.txt: 26 We now get a line number for blocked inline scripts, which is a progression. 27 It is the line number for the closing </script>, which is not ideal, but better 28 than nothing. 29 30 * http/tests/security/mixedContent/insecure-script-in-iframe-expected.txt: 31 * http/tests/security/mixedContent/redirect-http-to-https-script-in-iframe-expected.txt: 32 Also a progression - we now get a line number for offending <script>. 33 1 34 2013-09-19 Bear Travis <betravis@adobe.com> 2 35 -
trunk/LayoutTests/fast/frames/sandboxed-iframe-attribute-parsing-06-expected.txt
r138625 r156130 1 1 CONSOLE MESSAGE: line 9: Error while parsing the 'sandbox' attribute: 'allowscripts' is an invalid sandbox flag. 2 CONSOLE MESSAGE: Blocked script execution in 'sandboxed-iframe-attribute-parsing-disallowed.html' because the document's frame is sandboxed and the 'allow-scripts' permission is not set.2 CONSOLE MESSAGE: line 4: Blocked script execution in 'sandboxed-iframe-attribute-parsing-disallowed.html' because the document's frame is sandboxed and the 'allow-scripts' permission is not set. 3 3 Misspelling. 4 4 -
trunk/LayoutTests/fast/frames/sandboxed-iframe-attribute-parsing-07-expected.txt
r138625 r156130 1 1 CONSOLE MESSAGE: line 9: Error while parsing the 'sandbox' attribute: 'allows-cripts' is an invalid sandbox flag. 2 CONSOLE MESSAGE: Blocked script execution in 'sandboxed-iframe-attribute-parsing-disallowed.html' because the document's frame is sandboxed and the 'allow-scripts' permission is not set.2 CONSOLE MESSAGE: line 4: Blocked script execution in 'sandboxed-iframe-attribute-parsing-disallowed.html' because the document's frame is sandboxed and the 'allow-scripts' permission is not set. 3 3 Misspelling. 4 4 -
trunk/LayoutTests/fast/frames/sandboxed-iframe-attribute-parsing-08-expected.txt
r138625 r156130 1 1 CONSOLE MESSAGE: line 9: Error while parsing the 'sandbox' attribute: '-allow-scripts' is an invalid sandbox flag. 2 CONSOLE MESSAGE: Blocked script execution in 'sandboxed-iframe-attribute-parsing-disallowed.html' because the document's frame is sandboxed and the 'allow-scripts' permission is not set.2 CONSOLE MESSAGE: line 4: Blocked script execution in 'sandboxed-iframe-attribute-parsing-disallowed.html' because the document's frame is sandboxed and the 'allow-scripts' permission is not set. 3 3 Misspelling. 4 4 -
trunk/LayoutTests/fast/frames/sandboxed-iframe-attribute-parsing-09-expected.txt
r138625 r156130 1 1 CONSOLE MESSAGE: line 9: Error while parsing the 'sandbox' attribute: 'allow_scripts' is an invalid sandbox flag. 2 CONSOLE MESSAGE: Blocked script execution in 'sandboxed-iframe-attribute-parsing-disallowed.html' because the document's frame is sandboxed and the 'allow-scripts' permission is not set.2 CONSOLE MESSAGE: line 4: Blocked script execution in 'sandboxed-iframe-attribute-parsing-disallowed.html' because the document's frame is sandboxed and the 'allow-scripts' permission is not set. 3 3 Misspelling. 4 4 -
trunk/LayoutTests/fast/frames/sandboxed-iframe-attribute-parsing-10-expected.txt
r138625 r156130 1 1 CONSOLE MESSAGE: line 9: Error while parsing the 'sandbox' attribute: 'allowScripts' is an invalid sandbox flag. 2 CONSOLE MESSAGE: Blocked script execution in 'sandboxed-iframe-attribute-parsing-disallowed.html' because the document's frame is sandboxed and the 'allow-scripts' permission is not set.2 CONSOLE MESSAGE: line 4: Blocked script execution in 'sandboxed-iframe-attribute-parsing-disallowed.html' because the document's frame is sandboxed and the 'allow-scripts' permission is not set. 3 3 Misspelling. 4 4 -
trunk/LayoutTests/fast/frames/sandboxed-iframe-attribute-parsing-11-expected.txt
r138625 r156130 1 1 CONSOLE MESSAGE: line 9: Error while parsing the 'sandbox' attribute: 'aallow-scripts' is an invalid sandbox flag. 2 CONSOLE MESSAGE: Blocked script execution in 'sandboxed-iframe-attribute-parsing-disallowed.html' because the document's frame is sandboxed and the 'allow-scripts' permission is not set.2 CONSOLE MESSAGE: line 4: Blocked script execution in 'sandboxed-iframe-attribute-parsing-disallowed.html' because the document's frame is sandboxed and the 'allow-scripts' permission is not set. 3 3 Misspelling. 4 4 -
trunk/LayoutTests/fast/frames/sandboxed-iframe-attribute-parsing-12-expected.txt
r138625 r156130 1 1 CONSOLE MESSAGE: line 9: Error while parsing the 'sandbox' attribute: 'allow-scriptss' is an invalid sandbox flag. 2 CONSOLE MESSAGE: Blocked script execution in 'sandboxed-iframe-attribute-parsing-disallowed.html' because the document's frame is sandboxed and the 'allow-scripts' permission is not set.2 CONSOLE MESSAGE: line 4: Blocked script execution in 'sandboxed-iframe-attribute-parsing-disallowed.html' because the document's frame is sandboxed and the 'allow-scripts' permission is not set. 3 3 Misspelling. 4 4 -
trunk/LayoutTests/fast/frames/sandboxed-iframe-attribute-parsing-13-expected.txt
r138625 r156130 1 1 CONSOLE MESSAGE: line 9: Error while parsing the 'sandbox' attribute: 'allow-script' is an invalid sandbox flag. 2 CONSOLE MESSAGE: Blocked script execution in 'sandboxed-iframe-attribute-parsing-disallowed.html' because the document's frame is sandboxed and the 'allow-scripts' permission is not set.2 CONSOLE MESSAGE: line 4: Blocked script execution in 'sandboxed-iframe-attribute-parsing-disallowed.html' because the document's frame is sandboxed and the 'allow-scripts' permission is not set. 3 3 Misspelling. 4 4 -
trunk/LayoutTests/fast/frames/sandboxed-iframe-attribute-parsing-14-expected.txt
r138625 r156130 1 CONSOLE MESSAGE: Blocked script execution in 'sandboxed-iframe-attribute-parsing-disallowed.html' because the document's frame is sandboxed and the 'allow-scripts' permission is not set.1 CONSOLE MESSAGE: line 4: Blocked script execution in 'sandboxed-iframe-attribute-parsing-disallowed.html' because the document's frame is sandboxed and the 'allow-scripts' permission is not set. 2 2 Full sandbox. 3 3 -
trunk/LayoutTests/fast/frames/sandboxed-iframe-parsing-space-characters-expected.txt
r137180 r156130 2 2 CONSOLE MESSAGE: Error while parsing the 'sandbox' attribute: 'allow-scripts 3 3 allow-forms' is an invalid sandbox flag. 4 CONSOLE MESSAGE: Blocked script execution in 'data:text/html,<script>alert('FAIL: Vertical tab is not a delimiter.');</script>' because the document's frame is sandboxed and the 'allow-scripts' permission is not set.4 CONSOLE MESSAGE: line 1: Blocked script execution in 'data:text/html,<script>alert('FAIL: Vertical tab is not a delimiter.');</script>' because the document's frame is sandboxed and the 'allow-scripts' permission is not set. 5 5 ALERT: PASS: Newline is a delimiter. 6 6 ALERT: PASS: Return is a delimiter. 7 7 CONSOLE MESSAGE: Error while parsing the 'sandbox' attribute: 'allow-scriptsxallow-forms' is an invalid sandbox flag. 8 CONSOLE MESSAGE: Blocked script execution in 'data:text/html,<script>alert('FAIL: x is not a delimiter.');</script>' because the document's frame is sandboxed and the 'allow-scripts' permission is not set.8 CONSOLE MESSAGE: line 1: Blocked script execution in 'data:text/html,<script>alert('FAIL: x is not a delimiter.');</script>' because the document's frame is sandboxed and the 'allow-scripts' permission is not set. 9 9 ALERT: PASS: Tab is a delimiter. 10 10 ALERT: PASS: Space is a delimiter character. -
trunk/LayoutTests/fast/frames/sandboxed-iframe-scripting-04-expected.txt
r145993 r156130 1 CONSOLE MESSAGE: Blocked script execution in 'data:text/html,<script>alert('FAIL: Executed script without allow-scripts in data URL');window.parent.postMessage({'fail': true}, '*');</script>' because the document's frame is sandboxed and the 'allow-scripts' permission is not set.1 CONSOLE MESSAGE: line 1: Blocked script execution in 'data:text/html,<script>alert('FAIL: Executed script without allow-scripts in data URL');window.parent.postMessage({'fail': true}, '*');</script>' because the document's frame is sandboxed and the 'allow-scripts' permission is not set. 2 2 Verify that sandboxed frames without sandbox='allow-scripts' cannot execute script from data: URLs. 3 3 -
trunk/LayoutTests/http/tests/security/contentSecurityPolicy/sandbox-empty-expected.txt
r137180 r156130 1 CONSOLE MESSAGE: Blocked script execution in 'http://127.0.0.1:8000/security/contentSecurityPolicy/sandbox-empty.html' because the document's frame is sandboxed and the 'allow-scripts' permission is not set.1 CONSOLE MESSAGE: line 9: Blocked script execution in 'http://127.0.0.1:8000/security/contentSecurityPolicy/sandbox-empty.html' because the document's frame is sandboxed and the 'allow-scripts' permission is not set. 2 2 This test passes if it doesn't alert fail. -
trunk/LayoutTests/http/tests/security/contentSecurityPolicy/sandbox-empty-subframe-expected.txt
r137180 r156130 1 CONSOLE MESSAGE: Blocked script execution in 'data:text/html,<script>alert('FAIL');</script>' because the document's frame is sandboxed and the 'allow-scripts' permission is not set.1 CONSOLE MESSAGE: line 1: Blocked script execution in 'data:text/html,<script>alert('FAIL');</script>' because the document's frame is sandboxed and the 'allow-scripts' permission is not set. 2 2 This test passes if it doesn't alert fail. -
trunk/LayoutTests/http/tests/security/contentSecurityPolicy/sandbox-in-http-header-control-expected.txt
r137180 r156130 1 CONSOLE MESSAGE: Blocked script execution in 'http://127.0.0.1:8000/security/contentSecurityPolicy/resources/sandbox.php?sandbox=allow-top-navigation%20allow-same-origin' because the document's frame is sandboxed and the 'allow-scripts' permission is not set.1 CONSOLE MESSAGE: line 6: Blocked script execution in 'http://127.0.0.1:8000/security/contentSecurityPolicy/resources/sandbox.php?sandbox=allow-top-navigation%20allow-same-origin' because the document's frame is sandboxed and the 'allow-scripts' permission is not set. 2 2 ALERT: PASS: Iframe was not in a unique origin 3 3 -
trunk/LayoutTests/http/tests/security/contentSecurityPolicy/sandbox-in-http-header-expected.txt
r146725 r156130 1 CONSOLE MESSAGE: Blocked script execution in 'http://127.0.0.1:8000/security/contentSecurityPolicy/resources/sandbox.php?sandbox=allow-top-navigation' because the document's frame is sandboxed and the 'allow-scripts' permission is not set.1 CONSOLE MESSAGE: line 6: Blocked script execution in 'http://127.0.0.1:8000/security/contentSecurityPolicy/resources/sandbox.php?sandbox=allow-top-navigation' because the document's frame is sandboxed and the 'allow-scripts' permission is not set. 2 2 CONSOLE MESSAGE: Sandbox access violation: Blocked a frame at "http://127.0.0.1:8000" from accessing a frame at "http://127.0.0.1:8000". The frame being accessed is sandboxed and lacks the "allow-same-origin" flag. 3 3 ALERT: PASS: Iframe was in a unique origin -
trunk/LayoutTests/http/tests/security/contentSecurityPolicy/sandbox-invalid-header-expected.txt
r137180 r156130 1 1 CONSOLE MESSAGE: Error while parsing the 'sandbox' Content Security Policy directive: 'allowScript' is an invalid sandbox flag. 2 CONSOLE MESSAGE: Blocked script execution in 'http://127.0.0.1:8000/security/contentSecurityPolicy/resources/sandbox.php?sandbox=allowScript' because the document's frame is sandboxed and the 'allow-scripts' permission is not set.2 CONSOLE MESSAGE: line 6: Blocked script execution in 'http://127.0.0.1:8000/security/contentSecurityPolicy/resources/sandbox.php?sandbox=allowScript' because the document's frame is sandboxed and the 'allow-scripts' permission is not set. 3 3 -
trunk/LayoutTests/http/tests/security/isolatedWorld/sandboxed-iframe-expected.txt
r137180 r156130 1 CONSOLE MESSAGE: Blocked script execution in 'http://127.0.0.1:8000/security/isolatedWorld/resources/fail.html' because the document's frame is sandboxed and the 'allow-scripts' permission is not set.1 CONSOLE MESSAGE: line 3: Blocked script execution in 'http://127.0.0.1:8000/security/isolatedWorld/resources/fail.html' because the document's frame is sandboxed and the 'allow-scripts' permission is not set. 2 2 ALERT: PASS 3 3 Test that executing scripts in an isolated world works even inside sandboxed iframes. The test passes, if an alert with the text "PASS" is shown. -
trunk/LayoutTests/http/tests/security/mixedContent/insecure-script-in-iframe-expected.txt
r106896 r156130 1 CONSOLE MESSAGE: The page at https://127.0.0.1:8443/security/mixedContent/resources/frame-with-insecure-script.html ran insecure content from http://127.0.0.1:8080/security/mixedContent/resources/script.js.1 CONSOLE MESSAGE: line 1: The page at https://127.0.0.1:8443/security/mixedContent/resources/frame-with-insecure-script.html ran insecure content from http://127.0.0.1:8080/security/mixedContent/resources/script.js. 2 2 3 3 This test loads a secure iframe that loads an insecure script. We should trigger a mixed content callback even though the main frame is HTTP because the HTTPS frame's origin is contaminated with an insecure script. -
trunk/LayoutTests/http/tests/security/mixedContent/redirect-http-to-https-script-in-iframe-expected.txt
r153915 r156130 2 2 main frame - didFinishDocumentLoadForFrame 3 3 frame "<!--framePath //<!--frame0-->-->" - didCommitLoadForFrame 4 CONSOLE MESSAGE: The page at https://127.0.0.1:8443/security/mixedContent/resources/frame-with-redirect-http-to-https-script.html ran insecure content from http://127.0.0.1:8080/resources/redirect.php?url=https://127.0.0.1:8443/security/mixedContent/resources/script.js.4 CONSOLE MESSAGE: line 1: The page at https://127.0.0.1:8443/security/mixedContent/resources/frame-with-redirect-http-to-https-script.html ran insecure content from http://127.0.0.1:8080/resources/redirect.php?url=https://127.0.0.1:8443/security/mixedContent/resources/script.js. 5 5 6 6 didRunInsecureContent -
trunk/LayoutTests/media/video-controls-no-scripting-expected.txt
r137180 r156130 1 CONSOLE MESSAGE: Blocked script execution in 'video-controls-no-scripting-iframe.html' because the document's frame is sandboxed and the 'allow-scripts' permission is not set.1 CONSOLE MESSAGE: line 10: Blocked script execution in 'video-controls-no-scripting-iframe.html' because the document's frame is sandboxed and the 'allow-scripts' permission is not set. 2 2 CONSOLE MESSAGE: line 13: Blocked script execution in 'video-controls-no-scripting-iframe.html' because the document's frame is sandboxed and the 'allow-scripts' permission is not set. 3 3 -
trunk/Source/WebCore/ChangeLog
r156125 r156130 1 2013-09-19 Alexey Proskuryakov <ap@apple.com> 2 3 Layout Test http/tests/security/canvas-remote-read-remote-image-redirect.html is flaky 4 https://bugs.webkit.org/show_bug.cgi?id=121458 5 6 Reviewed by Sam Weinig. 7 8 The code to automagically produce line numbers is quite fragile. Added some FIXMEs, 9 and added an issue that was making reporting flaky for code is JS event handlers 10 executed while parsing was paused. 11 12 * page/PageConsole.cpp: (WebCore::PageConsole::addMessage): Use actual "script is 13 running" check instead of "parsing a script element" one. 14 1 15 2013-09-18 Ryosuke Niwa <rniwa@webkit.org> 2 16 -
trunk/Source/WebCore/page/PageConsole.cpp
r155736 r156130 38 38 #include "InspectorConsoleInstrumentation.h" 39 39 #include "InspectorController.h" 40 #include "JSMainThreadExecState.h" 40 41 #include "Page.h" 41 42 #include "ScriptArguments.h" … … 137 138 if (document) 138 139 url = document->url().string(); 139 // FIXME: <http://webkit.org/b/114319> PageConsole::addMessage should automatically determine column number alongside line number 140 // FIXME: <http://webkit.org/b/114319> PageConsole::addMessage should automatically determine column number alongside line number. 141 // FIXME: The below code attempts to determine line numbers for parser generated errors, but this is not the only reason why we can get here. 142 // For example, if we are still parsing and get a WebSocket network error, it will be erroneously attributed to a line where parsing was paused. 143 // Also, we should determine line numbers for script generated messages (e.g. calling getImageData on a canvas). 144 // We probably need to split this function into multiple ones, as appropriate for different call sites. Or maybe decide based on MessageSource. 140 145 unsigned line = 0; 141 146 if (document && document->parsing() && !document->isInDocumentWrite() && document->scriptableDocumentParser()) { 142 147 ScriptableDocumentParser* parser = document->scriptableDocumentParser(); 143 if (!parser->isWaitingForScripts() && ! parser->isExecutingScript())148 if (!parser->isWaitingForScripts() && !JSMainThreadExecState::currentState()) 144 149 line = parser->lineNumber().oneBasedInt(); 145 150 }
Note: See TracChangeset
for help on using the changeset viewer.