Changeset 224287 in webkit
- Timestamp:
- Nov 1, 2017 12:39:12 PM (7 years ago)
- Location:
- trunk
- Files:
-
- 11 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/LayoutTests/ChangeLog
r224284 r224287 1 2017-11-01 Chris Dumez <cdumez@apple.com> 2 3 Regression(r219659): Can no longer log into ifttt.com using Google account 4 https://bugs.webkit.org/show_bug.cgi?id=179117 5 6 Reviewed by Geoffrey Garen. 7 8 Update / rebaseline existing test. 9 10 * http/tests/security/cross-origin-descriptors-expected.txt: 11 * http/tests/security/cross-origin-descriptors.html: 12 1 13 2017-11-01 Frederic Wang <fwang@igalia.com> 2 14 -
trunk/LayoutTests/http/tests/security/cross-origin-descriptors-expected.txt
r219659 r224287 7 7 PASS descriptor.get is undefined. 8 8 PASS descriptor.set is an instance of Function 9 PASS descriptor.enumerable is true9 PASS descriptor.enumerable is false 10 10 PASS descriptor.configurable is true 11 11 * Location.replace 12 12 PASS descriptor.value is an instance of Function 13 13 PASS descriptor.writable is false 14 PASS descriptor.enumerable is true14 PASS descriptor.enumerable is false 15 15 PASS descriptor.configurable is true 16 16 … … 18 18 PASS descriptor.get is an instance of Function 19 19 PASS descriptor.set is undefined. 20 PASS descriptor.enumerable is true20 PASS descriptor.enumerable is false 21 21 PASS descriptor.configurable is true 22 22 * Window.self 23 23 PASS descriptor.get is an instance of Function 24 24 PASS descriptor.set is undefined. 25 PASS descriptor.enumerable is true25 PASS descriptor.enumerable is false 26 26 PASS descriptor.configurable is true 27 27 * Window.location 28 28 PASS descriptor.get is an instance of Function 29 29 PASS descriptor.set is an instance of Function 30 PASS descriptor.enumerable is true30 PASS descriptor.enumerable is false 31 31 PASS descriptor.configurable is true 32 32 * Window.close 33 33 PASS descriptor.value is an instance of Function 34 34 PASS descriptor.writable is false 35 PASS descriptor.enumerable is true35 PASS descriptor.enumerable is false 36 36 PASS descriptor.configurable is true 37 37 * Window.closed 38 38 PASS descriptor.get is an instance of Function 39 39 PASS descriptor.set is undefined. 40 PASS descriptor.enumerable is true40 PASS descriptor.enumerable is false 41 41 PASS descriptor.configurable is true 42 42 * Window.focus 43 43 PASS descriptor.value is an instance of Function 44 44 PASS descriptor.writable is false 45 PASS descriptor.enumerable is true45 PASS descriptor.enumerable is false 46 46 PASS descriptor.configurable is true 47 47 * Window.blur 48 48 PASS descriptor.value is an instance of Function 49 49 PASS descriptor.writable is false 50 PASS descriptor.enumerable is true50 PASS descriptor.enumerable is false 51 51 PASS descriptor.configurable is true 52 52 * Window.frames 53 53 PASS descriptor.get is an instance of Function 54 54 PASS descriptor.set is undefined. 55 PASS descriptor.enumerable is true55 PASS descriptor.enumerable is false 56 56 PASS descriptor.configurable is true 57 57 * Window.length 58 58 PASS descriptor.get is an instance of Function 59 59 PASS descriptor.set is undefined. 60 PASS descriptor.enumerable is true60 PASS descriptor.enumerable is false 61 61 PASS descriptor.configurable is true 62 62 * Window.top 63 63 PASS descriptor.get is an instance of Function 64 64 PASS descriptor.set is undefined. 65 PASS descriptor.enumerable is true65 PASS descriptor.enumerable is false 66 66 PASS descriptor.configurable is true 67 67 * Window.opener 68 68 PASS descriptor.get is an instance of Function 69 69 PASS descriptor.set is undefined. 70 PASS descriptor.enumerable is true70 PASS descriptor.enumerable is false 71 71 PASS descriptor.configurable is true 72 72 * Window.parent 73 73 PASS descriptor.get is an instance of Function 74 74 PASS descriptor.set is undefined. 75 PASS descriptor.enumerable is true75 PASS descriptor.enumerable is false 76 76 PASS descriptor.configurable is true 77 77 * Window.postMessage 78 78 PASS descriptor.value is an instance of Function 79 79 PASS descriptor.writable is false 80 PASS descriptor.enumerable is true80 PASS descriptor.enumerable is false 81 81 PASS descriptor.configurable is true 82 82 -
trunk/LayoutTests/http/tests/security/cross-origin-descriptors.html
r219659 r224287 28 28 shouldBeFalse("descriptor.writable"); 29 29 } 30 shouldBe True("descriptor.enumerable");30 shouldBeFalse("descriptor.enumerable"); 31 31 shouldBeTrue("descriptor.configurable"); 32 32 } -
trunk/LayoutTests/imported/w3c/ChangeLog
r224283 r224287 1 2017-11-01 Chris Dumez <cdumez@apple.com> 2 3 Regression(r219659): Can no longer log into ifttt.com using Google account 4 https://bugs.webkit.org/show_bug.cgi?id=179117 5 6 Reviewed by Geoffrey Garen. 7 8 Rebaseline WPT tests. 9 10 * web-platform-tests/html/browsers/origin/cross-origin-objects/cross-origin-objects-expected.txt: 11 * web-platform-tests/html/browsers/the-window-object/window-indexed-properties-expected.txt: 12 1 13 2017-10-31 Dean Jackson <dino@apple.com> 2 14 -
trunk/LayoutTests/imported/w3c/web-platform-tests/html/browsers/origin/cross-origin-objects/cross-origin-objects-expected.txt
r219659 r224287 7 7 PASS [[PreventExtensions]] should throw for cross-origin objects 8 8 PASS [[GetOwnProperty]] - Properties on cross-origin objects should be reported |own| 9 PASS [[GetOwnProperty]] - Property descriptors for cross-origin properties should be set up correctly 9 FAIL [[GetOwnProperty]] - Property descriptors for cross-origin properties should be set up correctly assert_equals: property descriptor for 0 should be enumerable expected true but got false 10 10 PASS [[Delete]] Should throw on cross-origin objects 11 11 PASS [[DefineOwnProperty]] Should throw for cross-origin objects 12 PASS Can only enumerate safelisted properties 13 PASS [[OwnPropertyKeys]] should return all properties from cross-origin objects 12 FAIL Can only enumerate safelisted properties assert_equals: Enumerate all safelisted cross-origin Window properties expected 15 but got 0 13 FAIL [[OwnPropertyKeys]] should return all properties from cross-origin objects assert_array_equals: Object.keys() gives the right answer for cross-origin Window lengths differ, expected 15 got 0 14 14 PASS [[OwnPropertyKeys]] should return the right symbol-named properties for cross-origin objects 15 15 PASS [[OwnPropertyKeys]] should place the symbols after the property names after the subframe indices -
trunk/LayoutTests/imported/w3c/web-platform-tests/html/browsers/the-window-object/window-indexed-properties-expected.txt
r219659 r224287 1 1 2 2 PASS Indexed properties of the window object (non-strict mode) 3 PASS Ensure indexed properties have the correct configuration 3 FAIL Ensure indexed properties have the correct configuration assert_true: expected true got false 4 4 FAIL Indexed properties of the window object (non-strict mode) 1 assert_throws: function "() => Object.defineProperty(window, 0, { value: "bar" })" did not throw 5 5 FAIL Indexed properties of the window object (non-strict mode) 2 assert_throws: function "() => Object.defineProperty(window, 1, { value: "bar" })" did not throw -
trunk/LayoutTests/js/dom/getOwnPropertyDescriptor-expected.txt
r219659 r224287 129 129 PASS Object.getOwnPropertyDescriptor(global, 0).hasOwnProperty('get') is false 130 130 PASS Object.getOwnPropertyDescriptor(global, 0).hasOwnProperty('set') is false 131 PASS Object.getOwnPropertyDescriptor(global, 0).enumerable is true131 PASS Object.getOwnPropertyDescriptor(global, 0).enumerable is false 132 132 PASS Object.getOwnPropertyDescriptor(global, 0).configurable is true 133 133 PASS Object.getOwnPropertyDescriptor(document.getElementsByTagName('div'), 0).value is document.getElementsByTagName('div')[0] -
trunk/LayoutTests/js/resources/getOwnPropertyDescriptor.js
r219659 r224287 45 45 descriptorShouldBe("global", "'window'", {get: 'globalWindowGetter', set: undefined, enumerable: true, configurable: false}); 46 46 descriptorShouldBe("global", "'XMLHttpRequest'", {writable: true, enumerable: false, configurable: true, value:"XMLHttpRequest"}); 47 descriptorShouldBe("global", "0", {writable: true, enumerable: true, configurable: true, value:"global[0]"});47 descriptorShouldBe("global", "0", {writable: true, enumerable: false, configurable: true, value:"global[0]"}); 48 48 descriptorShouldBe("document.getElementsByTagName('div')", "0", {writable: false, enumerable: true, configurable: true, value:"document.getElementsByTagName('div')[0]"}); 49 49 descriptorShouldBe("document.getElementsByClassName('pass')", "0", {writable: false, enumerable: true, configurable: true, value:"document.getElementsByClassName('pass')[0]"}); -
trunk/Source/WebCore/ChangeLog
r224283 r224287 1 2017-11-01 Chris Dumez <cdumez@apple.com> 2 3 Regression(r219659): Can no longer log into ifttt.com using Google account 4 https://bugs.webkit.org/show_bug.cgi?id=179117 5 6 Reviewed by Geoffrey Garen. 7 8 After r219659, it is no longer possible to log into ifttt.com using a Google 9 account: 10 - Signed into a Google account already 11 - Visit https://ifttt.com/login 12 - Click "Continue with Google" 13 - Select the signed in account 14 15 It turns out that this change to the HTML specification was not Web-compatible: 16 See https://bugzilla.mozilla.org/show_bug.cgi?id=1412741 & https://github.com/whatwg/html/issues/3183 17 18 This patch reverts r219659 for now until we agree on what behavior should get 19 specified. 20 21 No new tests, rebaselined existing tests. 22 23 * bindings/js/JSDOMWindowCustom.cpp: 24 (WebCore::jsDOMWindowGetOwnPropertySlotRestrictedAccess): 25 (WebCore::JSDOMWindow::getOwnPropertySlotByIndex): 26 (WebCore::JSDOMWindow::getOwnPropertyNames): 27 * bindings/js/JSLocationCustom.cpp: 28 (WebCore::getOwnPropertySlotCommon): 29 (WebCore::JSLocation::getOwnPropertyNames): 30 1 31 2017-10-31 Dean Jackson <dino@apple.com> 2 32 -
trunk/Source/WebCore/bindings/js/JSDOMWindowCustom.cpp
r223476 r224287 92 92 if (!frame) { 93 93 if (propertyName == builtinNames.closedPublicName()) { 94 slot.setCustom(thisObject, JSC::PropertyAttribute::ReadOnly | JSC::PropertyAttribute::DontDelete , jsDOMWindowClosed);94 slot.setCustom(thisObject, JSC::PropertyAttribute::ReadOnly | JSC::PropertyAttribute::DontDelete | JSC::PropertyAttribute::DontEnum, jsDOMWindowClosed); 95 95 return true; 96 96 } 97 97 if (propertyName == builtinNames.closePublicName()) { 98 slot.setCustom(thisObject, JSC::PropertyAttribute::ReadOnly | JSC::PropertyAttribute::DontDelete , nonCachingStaticFunctionGetter<jsDOMWindowInstanceFunctionClose, 0>);98 slot.setCustom(thisObject, JSC::PropertyAttribute::ReadOnly | JSC::PropertyAttribute::DontDelete | JSC::PropertyAttribute::DontEnum, nonCachingStaticFunctionGetter<jsDOMWindowInstanceFunctionClose, 0>); 99 99 return true; 100 100 } … … 115 115 // Always provide the original function, on a fresh uncached function object. 116 116 if (propertyName == builtinNames.blurPublicName()) { 117 slot.setCustom(thisObject, static_cast<unsigned>(JSC::PropertyAttribute::ReadOnly ), nonCachingStaticFunctionGetter<jsDOMWindowInstanceFunctionBlur, 0>);117 slot.setCustom(thisObject, static_cast<unsigned>(JSC::PropertyAttribute::ReadOnly | JSC::PropertyAttribute::DontEnum), nonCachingStaticFunctionGetter<jsDOMWindowInstanceFunctionBlur, 0>); 118 118 return true; 119 119 } 120 120 if (propertyName == builtinNames.closePublicName()) { 121 slot.setCustom(thisObject, static_cast<unsigned>(JSC::PropertyAttribute::ReadOnly ), nonCachingStaticFunctionGetter<jsDOMWindowInstanceFunctionClose, 0>);121 slot.setCustom(thisObject, static_cast<unsigned>(JSC::PropertyAttribute::ReadOnly | JSC::PropertyAttribute::DontEnum), nonCachingStaticFunctionGetter<jsDOMWindowInstanceFunctionClose, 0>); 122 122 return true; 123 123 } 124 124 if (propertyName == builtinNames.focusPublicName()) { 125 slot.setCustom(thisObject, static_cast<unsigned>(JSC::PropertyAttribute::ReadOnly ), nonCachingStaticFunctionGetter<jsDOMWindowInstanceFunctionFocus, 0>);125 slot.setCustom(thisObject, static_cast<unsigned>(JSC::PropertyAttribute::ReadOnly | JSC::PropertyAttribute::DontEnum), nonCachingStaticFunctionGetter<jsDOMWindowInstanceFunctionFocus, 0>); 126 126 return true; 127 127 } 128 128 if (propertyName == builtinNames.postMessagePublicName()) { 129 slot.setCustom(thisObject, static_cast<unsigned>(JSC::PropertyAttribute::ReadOnly ), nonCachingStaticFunctionGetter<jsDOMWindowInstanceFunctionPostMessage, 2>);129 slot.setCustom(thisObject, static_cast<unsigned>(JSC::PropertyAttribute::ReadOnly | JSC::PropertyAttribute::DontEnum), nonCachingStaticFunctionGetter<jsDOMWindowInstanceFunctionPostMessage, 2>); 130 130 return true; 131 131 } … … 147 147 bool shouldExposeSetter = propertyName == builtinNames.locationPublicName(); 148 148 CustomGetterSetter* customGetterSetter = CustomGetterSetter::create(vm, entry->propertyGetter(), shouldExposeSetter ? entry->propertyPutter() : nullptr); 149 slot.setCustomGetterSetter(thisObject, static_cast<unsigned>(JSC::PropertyAttribute::CustomAccessor ), customGetterSetter);149 slot.setCustomGetterSetter(thisObject, static_cast<unsigned>(JSC::PropertyAttribute::CustomAccessor | JSC::PropertyAttribute::DontEnum), customGetterSetter); 150 150 return true; 151 151 } … … 164 164 // the Moz way. 165 165 if (auto* scopedChild = frame->tree().scopedChild(propertyNameToAtomicString(propertyName))) { 166 slot.setValue(thisObject, JSC::PropertyAttribute::ReadOnly | JSC::PropertyAttribute::DontDelete , toJS(exec, scopedChild->document()->domWindow()));166 slot.setValue(thisObject, JSC::PropertyAttribute::ReadOnly | JSC::PropertyAttribute::DontDelete | JSC::PropertyAttribute::DontEnum, toJS(exec, scopedChild->document()->domWindow())); 167 167 return true; 168 168 } … … 234 234 // These are also allowed cross-orgin, so come before the access check. 235 235 if (frame && index < frame->tree().scopedChildCount()) { 236 slot.setValue(thisObject, static_cast<unsigned>(JSC::PropertyAttribute::ReadOnly ), toJS(state, frame->tree().scopedChild(index)->document()->domWindow()));236 slot.setValue(thisObject, static_cast<unsigned>(JSC::PropertyAttribute::ReadOnly | JSC::PropertyAttribute::DontEnum), toJS(state, frame->tree().scopedChild(index)->document()->domWindow())); 237 237 return true; 238 238 } … … 352 352 JSDOMWindow* thisObject = jsCast<JSDOMWindow*>(object); 353 353 354 addScopedChildrenIndexes(*exec, thisObject->wrapped(), propertyNames); 354 if (mode.includeDontEnumProperties()) 355 addScopedChildrenIndexes(*exec, thisObject->wrapped(), propertyNames); 355 356 356 357 if (!BindingSecurity::shouldAllowAccessToDOMWindow(exec, thisObject->wrapped(), DoNotReportSecurityError)) { 357 addCrossOriginWindowOwnPropertyNames(*exec, propertyNames); 358 if (mode.includeDontEnumProperties()) 359 addCrossOriginWindowOwnPropertyNames(*exec, propertyNames); 358 360 return; 359 361 } -
trunk/Source/WebCore/bindings/js/JSLocationCustom.cpp
r223476 r224287 63 63 // We only allow access to Location.replace() cross origin. 64 64 if (propertyName == vm.propertyNames->replace) { 65 slot.setCustom(&thisObject, static_cast<unsigned>(PropertyAttribute::ReadOnly ), nonCachingStaticFunctionGetter<jsLocationInstanceFunctionReplace, 1>);65 slot.setCustom(&thisObject, static_cast<unsigned>(PropertyAttribute::ReadOnly | PropertyAttribute::DontEnum), nonCachingStaticFunctionGetter<jsLocationInstanceFunctionReplace, 1>); 66 66 return true; 67 67 } … … 72 72 auto* entry = JSLocation::info()->staticPropHashTable->entry(propertyName); 73 73 CustomGetterSetter* customGetterSetter = CustomGetterSetter::create(vm, nullptr, entry->propertyPutter()); 74 slot.setCustomGetterSetter(&thisObject, static_cast<unsigned>(JSC::PropertyAttribute::CustomAccessor ), customGetterSetter);74 slot.setCustomGetterSetter(&thisObject, static_cast<unsigned>(JSC::PropertyAttribute::CustomAccessor | PropertyAttribute::DontEnum), customGetterSetter); 75 75 return true; 76 76 } … … 189 189 JSLocation* thisObject = jsCast<JSLocation*>(object); 190 190 if (!BindingSecurity::shouldAllowAccessToFrame(exec, thisObject->wrapped().frame(), DoNotReportSecurityError)) { 191 addCrossOriginLocationOwnPropertyNames(*exec, propertyNames); 191 if (mode.includeDontEnumProperties()) 192 addCrossOriginLocationOwnPropertyNames(*exec, propertyNames); 192 193 return; 193 194 }
Note: See TracChangeset
for help on using the changeset viewer.