Changeset 218000 in webkit

Timestamp:

Jun 9, 2017 10:59:18 AM (7 years ago)

Author:

commit-queue@webkit.org

Message:

Add flag allow-popups-to-escape-sandbox to iframe sandbox
​https://bugs.webkit.org/show_bug.cgi?id=158875

Patch by Frederic Wang <​fwang@igalia.com> on 2017-06-09
Reviewed by Chris Dumez.

LayoutTests/imported/w3c:

Update expected results for iframe popup escaping tests.

• web-platform-tests/html/semantics/embedded-content/the-iframe-element/iframe_sandbox_popups_escaping-1-expected.txt: This test passes.
• web-platform-tests/html/semantics/embedded-content/the-iframe-element/iframe_sandbox_popups_escaping-2-expected.txt: This test passes.
• web-platform-tests/html/semantics/embedded-content/the-iframe-element/iframe_sandbox_popups_escaping-3-expected.txt: Remove error message from text expectation.

Source/WebCore:

This patch adds support for the iframe@allow-popups-to-escape-sandbox attribute.
This allows to pass more W3C Web Platform tests.

Tests: imported/w3c/web-platform-tests/html/semantics/embedded-content/the-iframe-element/iframe_sandbox_popups_escaping-1.html

imported/w3c/web-platform-tests/html/semantics/embedded-content/the-iframe-element/iframe_sandbox_popups_escaping-2.html

• dom/SecurityContext.cpp: Add allow-popups-to-escape-sandbox flag.

(WebCore::SecurityContext::isSupportedSandboxPolicy):
(WebCore::SecurityContext::parseSandboxPolicy):

• dom/SecurityContext.h: Ditto.
• loader/FrameLoader.cpp:

(WebCore::FrameLoader::continueLoadAfterNewWindowPolicy): Do not force sandbox flags when we have allow-popups-to-escape-sandbox.
(WebCore::createWindow): Ditto.

Location:

trunk

Files:

• LayoutTests/imported/w3c/ChangeLog (modified) (1 diff)
• LayoutTests/imported/w3c/web-platform-tests/html/semantics/embedded-content/the-iframe-element/iframe_sandbox_popups_escaping-1-expected.txt (modified) (1 diff)
• LayoutTests/imported/w3c/web-platform-tests/html/semantics/embedded-content/the-iframe-element/iframe_sandbox_popups_escaping-2-expected.txt (modified) (1 diff)
• LayoutTests/imported/w3c/web-platform-tests/html/semantics/embedded-content/the-iframe-element/iframe_sandbox_popups_escaping-3-expected.txt (modified) (1 diff)
• Source/WebCore/ChangeLog (modified) (1 diff)
• Source/WebCore/dom/SecurityContext.cpp (modified) (2 diffs)
• Source/WebCore/dom/SecurityContext.h (modified) (1 diff)
• Source/WebCore/loader/FrameLoader.cpp (modified) (2 diffs)

trunk/LayoutTests/imported/w3c/ChangeLog

@@ +1 @@
+2017-06-09  Frederic Wang  <fwang@igalia.com>
+
+        Add flag allow-popups-to-escape-sandbox to iframe sandbox
+        https://bugs.webkit.org/show_bug.cgi?id=158875
+
+        Reviewed by Chris Dumez.
+
+        Update expected results for iframe popup escaping tests.
+
+        * web-platform-tests/html/semantics/embedded-content/the-iframe-element/iframe_sandbox_popups_escaping-1-expected.txt: This test passes.
+        * web-platform-tests/html/semantics/embedded-content/the-iframe-element/iframe_sandbox_popups_escaping-2-expected.txt: This test passes.
+        * web-platform-tests/html/semantics/embedded-content/the-iframe-element/iframe_sandbox_popups_escaping-3-expected.txt: Remove error message from text expectation.
+
 2017-06-09  Zan Dobersek  <zdobersek@igalia.com>
 

trunk/LayoutTests/imported/w3c/web-platform-tests/html/semantics/embedded-content/the-iframe-element/iframe_sandbox_popups_escaping-1-expected.txt

@@ -1 @@
-CONSOLE MESSAGE: line 7: Error while parsing the 'sandbox' attribute: 'allow-popups-to-escape-sandbox' is an invalid sandbox flag.
 
 
-FAIL Check that popups from a sandboxed iframe escape the sandbox if
-       allow-popups-to-escape-sandbox is used assert_equals: Should have escaped the sandbox expected "http://localhost:8800" but got "null"
+PASS Check that popups from a sandboxed iframe escape the sandbox if
+       allow-popups-to-escape-sandbox is used 
 

trunk/LayoutTests/imported/w3c/web-platform-tests/html/semantics/embedded-content/the-iframe-element/iframe_sandbox_popups_escaping-2-expected.txt

@@ -1 @@
-CONSOLE MESSAGE: line 7: Error while parsing the 'sandbox' attribute: 'allow-popups-to-escape-sandbox' is an invalid sandbox flag.
 
 
-FAIL Check that popups from a sandboxed iframe escape the sandbox if
-       allow-popups-to-escape-sandbox is used assert_equals: Should have escaped the sandbox expected "http://localhost:8800" but got "null"
+PASS Check that popups from a sandboxed iframe escape the sandbox if
+       allow-popups-to-escape-sandbox is used 
 

trunk/LayoutTests/imported/w3c/web-platform-tests/html/semantics/embedded-content/the-iframe-element/iframe_sandbox_popups_escaping-3-expected.txt

@@ -1 @@
-CONSOLE MESSAGE: line 7: Error while parsing the 'sandbox' attribute: 'allow-popups-to-escape-sandbox' is an invalid sandbox flag.
 CONSOLE MESSAGE: line 15: Unsafe JavaScript attempt to initiate navigation for frame with URL 'about:blank' from frame with URL 'http://localhost:8800/html/semantics/embedded-content/the-iframe-element/iframe_sandbox_popups_helper-3.html'. The frame attempting navigation is sandboxed, and is therefore disallowed from navigating its ancestors.
 

trunk/Source/WebCore/ChangeLog

@@ +1 @@
+2017-06-09  Frederic Wang  <fwang@igalia.com>
+
+        Add flag allow-popups-to-escape-sandbox to iframe sandbox
+        https://bugs.webkit.org/show_bug.cgi?id=158875
+
+        Reviewed by Chris Dumez.
+
+        This patch adds support for the iframe@allow-popups-to-escape-sandbox attribute.
+        This allows to pass more W3C Web Platform tests.
+
+        Tests: imported/w3c/web-platform-tests/html/semantics/embedded-content/the-iframe-element/iframe_sandbox_popups_escaping-1.html
+               imported/w3c/web-platform-tests/html/semantics/embedded-content/the-iframe-element/iframe_sandbox_popups_escaping-2.html
+
+        * dom/SecurityContext.cpp: Add allow-popups-to-escape-sandbox flag.
+        (WebCore::SecurityContext::isSupportedSandboxPolicy):
+        (WebCore::SecurityContext::parseSandboxPolicy):
+        * dom/SecurityContext.h: Ditto.
+        * loader/FrameLoader.cpp:
+        (WebCore::FrameLoader::continueLoadAfterNewWindowPolicy): Do not force sandbox flags when we have allow-popups-to-escape-sandbox.
+        (WebCore::createWindow): Ditto.
+
 2017-06-09  Jer Noble  <jer.noble@apple.com>
 

trunk/Source/WebCore/dom/SecurityContext.cpp

@@ -87 +87 @@
 {
     static const char* const supportedPolicies[] = {
-        "allow-forms", "allow-same-origin", "allow-scripts", "allow-top-navigation", "allow-pointer-lock", "allow-popups"
+        "allow-forms", "allow-same-origin", "allow-scripts", "allow-top-navigation", "allow-pointer-lock", "allow-popups", "allow-popups-to-escape-sandbox"
     };
 
@@ -131 +131 @@
         else if (equalLettersIgnoringASCIICase(sandboxToken, "allow-pointer-lock"))
             flags &= ~SandboxPointerLock;
+        else if (equalLettersIgnoringASCIICase(sandboxToken, "allow-popups-to-escape-sandbox"))
+            flags &= ~SandboxPropagatesToAuxiliaryBrowsingContexts;
         else {
             if (numberOfTokenErrors)

trunk/Source/WebCore/dom/SecurityContext.h

@@ -50 +50 @@
     SandboxAutomaticFeatures    = 1 << 7,
     SandboxPointerLock          = 1 << 8,
+    SandboxPropagatesToAuxiliaryBrowsingContexts = 1 << 9,
     SandboxAll                  = -1 // Mask with all bits set to 1.
 };

trunk/Source/WebCore/loader/FrameLoader.cpp

@@ -3161 +3161 @@
         return;
 
-    mainFrame->loader().forceSandboxFlags(frame->loader().effectiveSandboxFlags());
+    SandboxFlags sandboxFlags = frame->loader().effectiveSandboxFlags();
+    if (sandboxFlags & SandboxPropagatesToAuxiliaryBrowsingContexts)
+        mainFrame->loader().forceSandboxFlags(sandboxFlags);
 
     if (!equalIgnoringASCIICase(frameName, "_blank"))
@@ -3705 +3707 @@
     RefPtr<Frame> frame = &page->mainFrame();
 
-    frame->loader().forceSandboxFlags(openerFrame.document()->sandboxFlags());
+    if (isDocumentSandboxed(openerFrame, SandboxPropagatesToAuxiliaryBrowsingContexts))
+        frame->loader().forceSandboxFlags(openerFrame.document()->sandboxFlags());
 
     if (!equalIgnoringASCIICase(request.frameName(), "_blank"))