Changeset 156130 in webkit

Timestamp:

Sep 19, 2013 4:19:56 PM (11 years ago)

Author:

ap@apple.com

Message:

Layout Test http/tests/security/canvas-remote-read-remote-image-redirect.html is flaky
​https://bugs.webkit.org/show_bug.cgi?id=121458

Reviewed by Sam Weinig.

Source/WebCore:

The code to automagically produce line numbers is quite fragile. Added some FIXMEs,
and added an issue that was making reporting flaky for code is JS event handlers
executed while parsing was paused.

• page/PageConsole.cpp: (WebCore::PageConsole::addMessage): Use actual "script is

running" check instead of "parsing a script element" one.

LayoutTests:

• fast/frames/sandboxed-iframe-attribute-parsing-06-expected.txt:
• fast/frames/sandboxed-iframe-attribute-parsing-07-expected.txt:
• fast/frames/sandboxed-iframe-attribute-parsing-08-expected.txt:
• fast/frames/sandboxed-iframe-attribute-parsing-09-expected.txt:
• fast/frames/sandboxed-iframe-attribute-parsing-10-expected.txt:
• fast/frames/sandboxed-iframe-attribute-parsing-11-expected.txt:
• fast/frames/sandboxed-iframe-attribute-parsing-12-expected.txt:
• fast/frames/sandboxed-iframe-attribute-parsing-13-expected.txt:
• fast/frames/sandboxed-iframe-attribute-parsing-14-expected.txt:
• fast/frames/sandboxed-iframe-parsing-space-characters-expected.txt:
• fast/frames/sandboxed-iframe-scripting-04-expected.txt:
• http/tests/security/contentSecurityPolicy/sandbox-empty-expected.txt:
• http/tests/security/contentSecurityPolicy/sandbox-empty-subframe-expected.txt:
• http/tests/security/contentSecurityPolicy/sandbox-in-http-header-control-expected.txt:
• http/tests/security/contentSecurityPolicy/sandbox-in-http-header-expected.txt:
• http/tests/security/contentSecurityPolicy/sandbox-invalid-header-expected.txt:
• http/tests/security/isolatedWorld/sandboxed-iframe-expected.txt:
• media/video-controls-no-scripting-expected.txt:

We now get a line number for blocked inline scripts, which is a progression.
It is the line number for the closing </script>, which is not ideal, but better
than nothing.

• http/tests/security/mixedContent/insecure-script-in-iframe-expected.txt:
• http/tests/security/mixedContent/redirect-http-to-https-script-in-iframe-expected.txt:

Also a progression - we now get a line number for offending <script>.

Location:

trunk

Files:

• LayoutTests/ChangeLog (modified) (1 diff)
• LayoutTests/fast/frames/sandboxed-iframe-attribute-parsing-06-expected.txt (modified) (1 diff)
• LayoutTests/fast/frames/sandboxed-iframe-attribute-parsing-07-expected.txt (modified) (1 diff)
• LayoutTests/fast/frames/sandboxed-iframe-attribute-parsing-08-expected.txt (modified) (1 diff)
• LayoutTests/fast/frames/sandboxed-iframe-attribute-parsing-09-expected.txt (modified) (1 diff)
• LayoutTests/fast/frames/sandboxed-iframe-attribute-parsing-10-expected.txt (modified) (1 diff)
• LayoutTests/fast/frames/sandboxed-iframe-attribute-parsing-11-expected.txt (modified) (1 diff)
• LayoutTests/fast/frames/sandboxed-iframe-attribute-parsing-12-expected.txt (modified) (1 diff)
• LayoutTests/fast/frames/sandboxed-iframe-attribute-parsing-13-expected.txt (modified) (1 diff)
• LayoutTests/fast/frames/sandboxed-iframe-attribute-parsing-14-expected.txt (modified) (1 diff)
• LayoutTests/fast/frames/sandboxed-iframe-parsing-space-characters-expected.txt (modified) (1 diff)
• LayoutTests/fast/frames/sandboxed-iframe-scripting-04-expected.txt (modified) (1 diff)
• LayoutTests/http/tests/security/contentSecurityPolicy/sandbox-empty-expected.txt (modified) (1 diff)
• LayoutTests/http/tests/security/contentSecurityPolicy/sandbox-empty-subframe-expected.txt (modified) (1 diff)
• LayoutTests/http/tests/security/contentSecurityPolicy/sandbox-in-http-header-control-expected.txt (modified) (1 diff)
• LayoutTests/http/tests/security/contentSecurityPolicy/sandbox-in-http-header-expected.txt (modified) (1 diff)
• LayoutTests/http/tests/security/contentSecurityPolicy/sandbox-invalid-header-expected.txt (modified) (1 diff)
• LayoutTests/http/tests/security/isolatedWorld/sandboxed-iframe-expected.txt (modified) (1 diff)
• LayoutTests/http/tests/security/mixedContent/insecure-script-in-iframe-expected.txt (modified) (1 diff)
• LayoutTests/http/tests/security/mixedContent/redirect-http-to-https-script-in-iframe-expected.txt (modified) (1 diff)
• LayoutTests/media/video-controls-no-scripting-expected.txt (modified) (1 diff)
• Source/WebCore/ChangeLog (modified) (1 diff)
• Source/WebCore/page/PageConsole.cpp (modified) (2 diffs)

trunk/LayoutTests/ChangeLog

@@ +1 @@
+2013-09-19  Alexey Proskuryakov  <ap@apple.com>
+
+        Layout Test http/tests/security/canvas-remote-read-remote-image-redirect.html is flaky
+        https://bugs.webkit.org/show_bug.cgi?id=121458
+
+        Reviewed by Sam Weinig.
+
+        * fast/frames/sandboxed-iframe-attribute-parsing-06-expected.txt:
+        * fast/frames/sandboxed-iframe-attribute-parsing-07-expected.txt:
+        * fast/frames/sandboxed-iframe-attribute-parsing-08-expected.txt:
+        * fast/frames/sandboxed-iframe-attribute-parsing-09-expected.txt:
+        * fast/frames/sandboxed-iframe-attribute-parsing-10-expected.txt:
+        * fast/frames/sandboxed-iframe-attribute-parsing-11-expected.txt:
+        * fast/frames/sandboxed-iframe-attribute-parsing-12-expected.txt:
+        * fast/frames/sandboxed-iframe-attribute-parsing-13-expected.txt:
+        * fast/frames/sandboxed-iframe-attribute-parsing-14-expected.txt:
+        * fast/frames/sandboxed-iframe-parsing-space-characters-expected.txt:
+        * fast/frames/sandboxed-iframe-scripting-04-expected.txt:
+        * http/tests/security/contentSecurityPolicy/sandbox-empty-expected.txt:
+        * http/tests/security/contentSecurityPolicy/sandbox-empty-subframe-expected.txt:
+        * http/tests/security/contentSecurityPolicy/sandbox-in-http-header-control-expected.txt:
+        * http/tests/security/contentSecurityPolicy/sandbox-in-http-header-expected.txt:
+        * http/tests/security/contentSecurityPolicy/sandbox-invalid-header-expected.txt:
+        * http/tests/security/isolatedWorld/sandboxed-iframe-expected.txt:
+        * media/video-controls-no-scripting-expected.txt:
+        We now get a line number for blocked inline scripts, which is a progression.
+        It is the line number for the closing </script>, which is not ideal, but better
+        than nothing.
+
+        * http/tests/security/mixedContent/insecure-script-in-iframe-expected.txt:
+        * http/tests/security/mixedContent/redirect-http-to-https-script-in-iframe-expected.txt:
+        Also a progression - we now get a line number for offending <script>.
+
 2013-09-19  Bear Travis  <betravis@adobe.com>
 

trunk/LayoutTests/fast/frames/sandboxed-iframe-attribute-parsing-06-expected.txt

@@ -1 +1 @@
 CONSOLE MESSAGE: line 9: Error while parsing the 'sandbox' attribute: 'allowscripts' is an invalid sandbox flag.
-CONSOLE MESSAGE: Blocked script execution in 'sandboxed-iframe-attribute-parsing-disallowed.html' because the document's frame is sandboxed and the 'allow-scripts' permission is not set.
+CONSOLE MESSAGE: line 4: Blocked script execution in 'sandboxed-iframe-attribute-parsing-disallowed.html' because the document's frame is sandboxed and the 'allow-scripts' permission is not set.
 Misspelling.
 

trunk/LayoutTests/fast/frames/sandboxed-iframe-attribute-parsing-07-expected.txt

@@ -1 +1 @@
 CONSOLE MESSAGE: line 9: Error while parsing the 'sandbox' attribute: 'allows-cripts' is an invalid sandbox flag.
-CONSOLE MESSAGE: Blocked script execution in 'sandboxed-iframe-attribute-parsing-disallowed.html' because the document's frame is sandboxed and the 'allow-scripts' permission is not set.
+CONSOLE MESSAGE: line 4: Blocked script execution in 'sandboxed-iframe-attribute-parsing-disallowed.html' because the document's frame is sandboxed and the 'allow-scripts' permission is not set.
 Misspelling.
 

trunk/LayoutTests/fast/frames/sandboxed-iframe-attribute-parsing-08-expected.txt

@@ -1 +1 @@
 CONSOLE MESSAGE: line 9: Error while parsing the 'sandbox' attribute: '-allow-scripts' is an invalid sandbox flag.
-CONSOLE MESSAGE: Blocked script execution in 'sandboxed-iframe-attribute-parsing-disallowed.html' because the document's frame is sandboxed and the 'allow-scripts' permission is not set.
+CONSOLE MESSAGE: line 4: Blocked script execution in 'sandboxed-iframe-attribute-parsing-disallowed.html' because the document's frame is sandboxed and the 'allow-scripts' permission is not set.
 Misspelling.
 

trunk/LayoutTests/fast/frames/sandboxed-iframe-attribute-parsing-09-expected.txt

@@ -1 +1 @@
 CONSOLE MESSAGE: line 9: Error while parsing the 'sandbox' attribute: 'allow_scripts' is an invalid sandbox flag.
-CONSOLE MESSAGE: Blocked script execution in 'sandboxed-iframe-attribute-parsing-disallowed.html' because the document's frame is sandboxed and the 'allow-scripts' permission is not set.
+CONSOLE MESSAGE: line 4: Blocked script execution in 'sandboxed-iframe-attribute-parsing-disallowed.html' because the document's frame is sandboxed and the 'allow-scripts' permission is not set.
 Misspelling.
 

trunk/LayoutTests/fast/frames/sandboxed-iframe-attribute-parsing-10-expected.txt

@@ -1 +1 @@
 CONSOLE MESSAGE: line 9: Error while parsing the 'sandbox' attribute: 'allowScripts' is an invalid sandbox flag.
-CONSOLE MESSAGE: Blocked script execution in 'sandboxed-iframe-attribute-parsing-disallowed.html' because the document's frame is sandboxed and the 'allow-scripts' permission is not set.
+CONSOLE MESSAGE: line 4: Blocked script execution in 'sandboxed-iframe-attribute-parsing-disallowed.html' because the document's frame is sandboxed and the 'allow-scripts' permission is not set.
 Misspelling.
 

trunk/LayoutTests/fast/frames/sandboxed-iframe-attribute-parsing-11-expected.txt

@@ -1 +1 @@
 CONSOLE MESSAGE: line 9: Error while parsing the 'sandbox' attribute: 'aallow-scripts' is an invalid sandbox flag.
-CONSOLE MESSAGE: Blocked script execution in 'sandboxed-iframe-attribute-parsing-disallowed.html' because the document's frame is sandboxed and the 'allow-scripts' permission is not set.
+CONSOLE MESSAGE: line 4: Blocked script execution in 'sandboxed-iframe-attribute-parsing-disallowed.html' because the document's frame is sandboxed and the 'allow-scripts' permission is not set.
 Misspelling.
 

trunk/LayoutTests/fast/frames/sandboxed-iframe-attribute-parsing-12-expected.txt

@@ -1 +1 @@
 CONSOLE MESSAGE: line 9: Error while parsing the 'sandbox' attribute: 'allow-scriptss' is an invalid sandbox flag.
-CONSOLE MESSAGE: Blocked script execution in 'sandboxed-iframe-attribute-parsing-disallowed.html' because the document's frame is sandboxed and the 'allow-scripts' permission is not set.
+CONSOLE MESSAGE: line 4: Blocked script execution in 'sandboxed-iframe-attribute-parsing-disallowed.html' because the document's frame is sandboxed and the 'allow-scripts' permission is not set.
 Misspelling.
 

trunk/LayoutTests/fast/frames/sandboxed-iframe-attribute-parsing-13-expected.txt

@@ -1 +1 @@
 CONSOLE MESSAGE: line 9: Error while parsing the 'sandbox' attribute: 'allow-script' is an invalid sandbox flag.
-CONSOLE MESSAGE: Blocked script execution in 'sandboxed-iframe-attribute-parsing-disallowed.html' because the document's frame is sandboxed and the 'allow-scripts' permission is not set.
+CONSOLE MESSAGE: line 4: Blocked script execution in 'sandboxed-iframe-attribute-parsing-disallowed.html' because the document's frame is sandboxed and the 'allow-scripts' permission is not set.
 Misspelling.
 

trunk/LayoutTests/fast/frames/sandboxed-iframe-attribute-parsing-14-expected.txt

@@ -1 @@
-CONSOLE MESSAGE: Blocked script execution in 'sandboxed-iframe-attribute-parsing-disallowed.html' because the document's frame is sandboxed and the 'allow-scripts' permission is not set.
+CONSOLE MESSAGE: line 4: Blocked script execution in 'sandboxed-iframe-attribute-parsing-disallowed.html' because the document's frame is sandboxed and the 'allow-scripts' permission is not set.
 Full sandbox.
 

trunk/LayoutTests/fast/frames/sandboxed-iframe-parsing-space-characters-expected.txt

@@ -2 +2 @@
 CONSOLE MESSAGE: Error while parsing the 'sandbox' attribute: 'allow-scripts
 allow-forms' is an invalid sandbox flag.
-CONSOLE MESSAGE: Blocked script execution in 'data:text/html,<script>alert('FAIL: Vertical tab is not a delimiter.');</script>' because the document's frame is sandboxed and the 'allow-scripts' permission is not set.
+CONSOLE MESSAGE: line 1: Blocked script execution in 'data:text/html,<script>alert('FAIL: Vertical tab is not a delimiter.');</script>' because the document's frame is sandboxed and the 'allow-scripts' permission is not set.
 ALERT: PASS: Newline is a delimiter.
 ALERT: PASS: Return is a delimiter.
 CONSOLE MESSAGE: Error while parsing the 'sandbox' attribute: 'allow-scriptsxallow-forms' is an invalid sandbox flag.
-CONSOLE MESSAGE: Blocked script execution in 'data:text/html,<script>alert('FAIL: x is not a delimiter.');</script>' because the document's frame is sandboxed and the 'allow-scripts' permission is not set.
+CONSOLE MESSAGE: line 1: Blocked script execution in 'data:text/html,<script>alert('FAIL: x is not a delimiter.');</script>' because the document's frame is sandboxed and the 'allow-scripts' permission is not set.
 ALERT: PASS: Tab is a delimiter.
 ALERT: PASS: Space is a delimiter character.

trunk/LayoutTests/fast/frames/sandboxed-iframe-scripting-04-expected.txt

@@ -1 @@
-CONSOLE MESSAGE: Blocked script execution in 'data:text/html,<script>alert('FAIL: Executed script without allow-scripts in data URL');window.parent.postMessage({'fail': true}, '*');</script>' because the document's frame is sandboxed and the 'allow-scripts' permission is not set.
+CONSOLE MESSAGE: line 1: Blocked script execution in 'data:text/html,<script>alert('FAIL: Executed script without allow-scripts in data URL');window.parent.postMessage({'fail': true}, '*');</script>' because the document's frame is sandboxed and the 'allow-scripts' permission is not set.
 Verify that sandboxed frames without sandbox='allow-scripts' cannot execute script from data: URLs.
 

trunk/LayoutTests/http/tests/security/contentSecurityPolicy/sandbox-empty-expected.txt

@@ -1 @@
-CONSOLE MESSAGE: Blocked script execution in 'http://127.0.0.1:8000/security/contentSecurityPolicy/sandbox-empty.html' because the document's frame is sandboxed and the 'allow-scripts' permission is not set.
+CONSOLE MESSAGE: line 9: Blocked script execution in 'http://127.0.0.1:8000/security/contentSecurityPolicy/sandbox-empty.html' because the document's frame is sandboxed and the 'allow-scripts' permission is not set.
 This test passes if it doesn't alert fail.

trunk/LayoutTests/http/tests/security/contentSecurityPolicy/sandbox-empty-subframe-expected.txt

@@ -1 @@
-CONSOLE MESSAGE: Blocked script execution in 'data:text/html,<script>alert('FAIL');</script>' because the document's frame is sandboxed and the 'allow-scripts' permission is not set.
+CONSOLE MESSAGE: line 1: Blocked script execution in 'data:text/html,<script>alert('FAIL');</script>' because the document's frame is sandboxed and the 'allow-scripts' permission is not set.
 This test passes if it doesn't alert fail. 

trunk/LayoutTests/http/tests/security/contentSecurityPolicy/sandbox-in-http-header-control-expected.txt

@@ -1 @@
-CONSOLE MESSAGE: Blocked script execution in 'http://127.0.0.1:8000/security/contentSecurityPolicy/resources/sandbox.php?sandbox=allow-top-navigation%20allow-same-origin' because the document's frame is sandboxed and the 'allow-scripts' permission is not set.
+CONSOLE MESSAGE: line 6: Blocked script execution in 'http://127.0.0.1:8000/security/contentSecurityPolicy/resources/sandbox.php?sandbox=allow-top-navigation%20allow-same-origin' because the document's frame is sandboxed and the 'allow-scripts' permission is not set.
 ALERT: PASS: Iframe was not in a unique origin
 

trunk/LayoutTests/http/tests/security/contentSecurityPolicy/sandbox-in-http-header-expected.txt

@@ -1 @@
-CONSOLE MESSAGE: Blocked script execution in 'http://127.0.0.1:8000/security/contentSecurityPolicy/resources/sandbox.php?sandbox=allow-top-navigation' because the document's frame is sandboxed and the 'allow-scripts' permission is not set.
+CONSOLE MESSAGE: line 6: Blocked script execution in 'http://127.0.0.1:8000/security/contentSecurityPolicy/resources/sandbox.php?sandbox=allow-top-navigation' because the document's frame is sandboxed and the 'allow-scripts' permission is not set.
 CONSOLE MESSAGE: Sandbox access violation: Blocked a frame at "http://127.0.0.1:8000" from accessing a frame at "http://127.0.0.1:8000".  The frame being accessed is sandboxed and lacks the "allow-same-origin" flag.
 ALERT: PASS: Iframe was in a unique origin

trunk/LayoutTests/http/tests/security/contentSecurityPolicy/sandbox-invalid-header-expected.txt

@@ -1 +1 @@
 CONSOLE MESSAGE: Error while parsing the 'sandbox' Content Security Policy directive: 'allowScript' is an invalid sandbox flag.
-CONSOLE MESSAGE: Blocked script execution in 'http://127.0.0.1:8000/security/contentSecurityPolicy/resources/sandbox.php?sandbox=allowScript' because the document's frame is sandboxed and the 'allow-scripts' permission is not set.
+CONSOLE MESSAGE: line 6: Blocked script execution in 'http://127.0.0.1:8000/security/contentSecurityPolicy/resources/sandbox.php?sandbox=allowScript' because the document's frame is sandboxed and the 'allow-scripts' permission is not set.
 

trunk/LayoutTests/http/tests/security/isolatedWorld/sandboxed-iframe-expected.txt

@@ -1 @@
-CONSOLE MESSAGE: Blocked script execution in 'http://127.0.0.1:8000/security/isolatedWorld/resources/fail.html' because the document's frame is sandboxed and the 'allow-scripts' permission is not set.
+CONSOLE MESSAGE: line 3: Blocked script execution in 'http://127.0.0.1:8000/security/isolatedWorld/resources/fail.html' because the document's frame is sandboxed and the 'allow-scripts' permission is not set.
 ALERT: PASS
 Test that executing scripts in an isolated world works even inside sandboxed iframes. The test passes, if an alert with the text "PASS" is shown.

trunk/LayoutTests/http/tests/security/mixedContent/insecure-script-in-iframe-expected.txt

@@ -1 @@
-CONSOLE MESSAGE: The page at https://127.0.0.1:8443/security/mixedContent/resources/frame-with-insecure-script.html ran insecure content from http://127.0.0.1:8080/security/mixedContent/resources/script.js.
+CONSOLE MESSAGE: line 1: The page at https://127.0.0.1:8443/security/mixedContent/resources/frame-with-insecure-script.html ran insecure content from http://127.0.0.1:8080/security/mixedContent/resources/script.js.
 
 This test loads a secure iframe that loads an insecure script. We should trigger a mixed content callback even though the main frame is HTTP because the HTTPS frame's origin is contaminated with an insecure script.

trunk/LayoutTests/http/tests/security/mixedContent/redirect-http-to-https-script-in-iframe-expected.txt

@@ -2 +2 @@
 main frame - didFinishDocumentLoadForFrame
 frame "<!--framePath //<!--frame0-->-->" - didCommitLoadForFrame
-CONSOLE MESSAGE: The page at https://127.0.0.1:8443/security/mixedContent/resources/frame-with-redirect-http-to-https-script.html ran insecure content from http://127.0.0.1:8080/resources/redirect.php?url=https://127.0.0.1:8443/security/mixedContent/resources/script.js.
+CONSOLE MESSAGE: line 1: The page at https://127.0.0.1:8443/security/mixedContent/resources/frame-with-redirect-http-to-https-script.html ran insecure content from http://127.0.0.1:8080/resources/redirect.php?url=https://127.0.0.1:8443/security/mixedContent/resources/script.js.
 
 didRunInsecureContent

trunk/LayoutTests/media/video-controls-no-scripting-expected.txt

@@ -1 @@
-CONSOLE MESSAGE: Blocked script execution in 'video-controls-no-scripting-iframe.html' because the document's frame is sandboxed and the 'allow-scripts' permission is not set.
+CONSOLE MESSAGE: line 10: Blocked script execution in 'video-controls-no-scripting-iframe.html' because the document's frame is sandboxed and the 'allow-scripts' permission is not set.
 CONSOLE MESSAGE: line 13: Blocked script execution in 'video-controls-no-scripting-iframe.html' because the document's frame is sandboxed and the 'allow-scripts' permission is not set.
 

trunk/Source/WebCore/ChangeLog

@@ +1 @@
+2013-09-19  Alexey Proskuryakov  <ap@apple.com>
+
+        Layout Test http/tests/security/canvas-remote-read-remote-image-redirect.html is flaky
+        https://bugs.webkit.org/show_bug.cgi?id=121458
+
+        Reviewed by Sam Weinig.
+
+        The code to automagically produce line numbers is quite fragile. Added some FIXMEs,
+        and added an issue that was making reporting flaky for code is JS event handlers
+        executed while parsing was paused.
+
+        * page/PageConsole.cpp: (WebCore::PageConsole::addMessage): Use actual "script is
+        running" check instead of "parsing a script element" one.
+
 2013-09-18  Ryosuke Niwa  <rniwa@webkit.org>
 

trunk/Source/WebCore/page/PageConsole.cpp

@@ -38 +38 @@
 #include "InspectorConsoleInstrumentation.h"
 #include "InspectorController.h"
+#include "JSMainThreadExecState.h"
 #include "Page.h"
 #include "ScriptArguments.h"
@@ -137 +138 @@
     if (document)
         url = document->url().string();
-    // FIXME: <http://webkit.org/b/114319> PageConsole::addMessage should automatically determine column number alongside line number
+    // FIXME: <http://webkit.org/b/114319> PageConsole::addMessage should automatically determine column number alongside line number.
+    // FIXME: The below code attempts to determine line numbers for parser generated errors, but this is not the only reason why we can get here.
+    // For example, if we are still parsing and get a WebSocket network error, it will be erroneously attributed to a line where parsing was paused.
+    // Also, we should determine line numbers for script generated messages (e.g. calling getImageData on a canvas).
+    // We probably need to split this function into multiple ones, as appropriate for different call sites. Or maybe decide based on MessageSource.
     unsigned line = 0;
     if (document && document->parsing() && !document->isInDocumentWrite() && document->scriptableDocumentParser()) {
         ScriptableDocumentParser* parser = document->scriptableDocumentParser();
-        if (!parser->isWaitingForScripts() && !parser->isExecutingScript())
+        if (!parser->isWaitingForScripts() && !JSMainThreadExecState::currentState())
             line = parser->lineNumber().oneBasedInt();
     }