Changeset 48761 in webkit
- Timestamp:
- Sep 25, 2009 10:53:43 AM (15 years ago)
- Location:
- trunk
- Files:
-
- 4 added
- 6 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/LayoutTests/ChangeLog
r48759 r48761 1 2009-09-25 Yuan Song <song.yuan@ericsson.com> 2 3 Reviewed by Darin Adler. 4 5 https://bugs.webkit.org/show_bug.cgi?id=14566 6 7 Add test "invalid-domain-change-throws-exception.html" to ensure a SECURITY_ERR exception is raised if an attempt is made to change document.domain to an invalid value. In the existing test case "basic-textareas.html", fix the faulty behavior of setting document.domain to invalid value, and replace the data URL to a file URL that points to "basic-textareas-standards.html" in order to make "basic-textareas.html" runnable in a browser. 8 9 * fast/forms/basic-textareas.html: 10 * fast/forms/resources/basic-textareas-standards.html: Added. 11 * fast/js/invalid-domain-change-throws-exception-expected.txt: Added. 12 * fast/js/invalid-domain-change-throws-exception.html: Added. 13 * fast/js/resources/invalid-domain-change-throws-exception.js: Added. 14 1 15 2009-09-25 Adam Barth <abarth@webkit.org> 2 16 -
trunk/LayoutTests/fast/forms/basic-textareas.html
r45966 r48761 82 82 } 83 83 84 // Set the domain in the top-level page as well as the iframe.85 // So they can communicate despite use of the data url.86 document.domain = 'mydummydomain';87 84 document.body.style.margin = 0; 88 85 89 86 var standardsIframe = document.createElement('iframe'); 90 // Create a page with a doctype so it's standards mode.91 standardsIframe.src = ' data:text/html;charset=utf-8,%3C!DOCTYPE%20HTML%3E%3Cbody%3E%3Cscript%3Edocument.domain%20%3D%20"mydummydomain"%3B%3C%2Fbody%3E%3C%2Fhtml%3E%0D%0A';87 // Reference a page with a doctype so it's standards mode. 88 standardsIframe.src = 'resources/basic-textareas-standards.html'; 92 89 standardsIframe.onload = function(e) { 93 90 addAllTextareas(e.target, 'CSS1Compat'); -
trunk/WebCore/ChangeLog
r48759 r48761 1 2009-09-25 Yuan Song <song.yuan@ericsson.com> 2 3 Reviewed by Darin Adler. 4 5 https://bugs.webkit.org/show_bug.cgi?id=14566 6 7 Raise SECURITY_ERR exception if an attempt is made to change document.domain to an invalid value. 8 9 Test: fast/js/invalid-domain-change-throws-exception.html 10 11 * dom/Document.cpp: 12 (WebCore::Document::setDomain): 13 * dom/Document.h: 14 * dom/Document.idl: 15 1 16 2009-09-25 Adam Barth <abarth@webkit.org> 2 17 -
trunk/WebCore/dom/Document.cpp
r48701 r48761 3012 3012 } 3013 3013 3014 void Document::setDomain(const String& newDomain )3014 void Document::setDomain(const String& newDomain, ExceptionCode& ec) 3015 3015 { 3016 3016 // Both NS and IE specify that changing the domain is only allowed when … … 3035 3035 int newLength = newDomain.length(); 3036 3036 // e.g. newDomain = webkit.org (10) and domain() = www.webkit.org (14) 3037 if (newLength >= oldLength) 3038 return; 3037 if (newLength >= oldLength) { 3038 ec = SECURITY_ERR; 3039 return; 3040 } 3039 3041 3040 3042 String test = domain(); 3041 3043 // Check that it's a subdomain, not e.g. "ebkit.org" 3042 if (test[oldLength - newLength - 1] != '.') 3043 return; 3044 if (test[oldLength - newLength - 1] != '.') { 3045 ec = SECURITY_ERR; 3046 return; 3047 } 3044 3048 3045 3049 // Now test is "webkit.org" from domain() 3046 3050 // and we check that it's the same thing as newDomain 3047 3051 test.remove(0, oldLength - newLength); 3048 if (test != newDomain) 3049 return; 3052 if (test != newDomain) { 3053 ec = SECURITY_ERR; 3054 return; 3055 } 3050 3056 3051 3057 securityOrigin()->setDomainFromDOM(newDomain); -
trunk/WebCore/dom/Document.h
r48701 r48761 673 673 674 674 String domain() const; 675 void setDomain(const String& newDomain );675 void setDomain(const String& newDomain, ExceptionCode&); 676 676 677 677 String lastModified() const; -
trunk/WebCore/dom/Document.idl
r48190 r48761 156 156 readonly attribute DOMString referrer; 157 157 #if defined(LANGUAGE_JAVASCRIPT) && LANGUAGE_JAVASCRIPT 158 attribute [ConvertNullToNullString] DOMString domain; 158 attribute [ConvertNullToNullString] DOMString domain 159 setter raises (DOMException); 159 160 #else 160 161 readonly attribute DOMString domain;
Note: See TracChangeset
for help on using the changeset viewer.