[webkit-changes] [91044] trunk

Thu, 14 Jul 2011 19:16:17 -0700

Title: [91044] trunk
Revision
91044
Author
[email protected]
Date
2011-07-14 19:16:09 -0700 (Thu, 14 Jul 2011)

Log Message

The beforeload event allows tracking URI changes in a frame
https://bugs.webkit.org/show_bug.cgi?id=64482

Reviewed by Nate Chapin.

Source/WebCore:

Tests: http/tests/security/beforeload-iframe-client-redirect.html
       http/tests/security/beforeload-iframe-server-redirect.html

Only dispatch the beforeload event for a frame if we haven't yet
committed our first real load.  The URL that we send to our parent will
be the same URL the parent seens in the src attribute.

* loader/FrameLoader.cpp:
(WebCore::FrameLoader::loadWithDocumentLoader):

LayoutTests:

Test whether the beforeload event is fired for various kinds of redirects.

* http/tests/security/beforeload-iframe-client-redirect-expected.txt: Added.
* http/tests/security/beforeload-iframe-client-redirect.html: Added.
* http/tests/security/beforeload-iframe-server-redirect-expected.txt: Added.
* http/tests/security/beforeload-iframe-server-redirect.html: Added.
* http/tests/security/resources/post-done.html: Added.
* http/tests/security/resources/client-redir.html: Added.

Modified Paths

Added Paths

Diff

Modified: trunk/LayoutTests/ChangeLog (91043 => 91044)


--- trunk/LayoutTests/ChangeLog	2011-07-15 02:10:53 UTC (rev 91043)
+++ trunk/LayoutTests/ChangeLog	2011-07-15 02:16:09 UTC (rev 91044)
@@ -1,3 +1,19 @@
+2011-07-14  Adam Barth  <[email protected]>
+
+        The beforeload event allows tracking URI changes in a frame
+        https://bugs.webkit.org/show_bug.cgi?id=64482
+
+        Reviewed by Nate Chapin.
+
+        Test whether the beforeload event is fired for various kinds of redirects.
+
+        * http/tests/security/beforeload-iframe-client-redirect-expected.txt: Added.
+        * http/tests/security/beforeload-iframe-client-redirect.html: Added.
+        * http/tests/security/beforeload-iframe-server-redirect-expected.txt: Added.
+        * http/tests/security/beforeload-iframe-server-redirect.html: Added.
+        * http/tests/security/resources/post-done.html: Added.
+        * http/tests/security/resources/client-redir.html: Added.
+
 2011-07-14  Vincent Scheib  <[email protected]>
 
         [chromium] updated test expectations.

Added: trunk/LayoutTests/http/tests/security/beforeload-iframe-client-redirect-expected.txt (0 => 91044)


--- trunk/LayoutTests/http/tests/security/beforeload-iframe-client-redirect-expected.txt	                        (rev 0)
+++ trunk/LayoutTests/http/tests/security/beforeload-iframe-client-redirect-expected.txt	2011-07-15 02:16:09 UTC (rev 91044)
@@ -0,0 +1,2 @@
+CONSOLE MESSAGE: line 15: http://127.0.0.1:8000/security/resources/client-redir.html?url=""
+This test produces output in the console. Only the initial URL should be logged.

Added: trunk/LayoutTests/http/tests/security/beforeload-iframe-client-redirect.html (0 => 91044)


--- trunk/LayoutTests/http/tests/security/beforeload-iframe-client-redirect.html	                        (rev 0)
+++ trunk/LayoutTests/http/tests/security/beforeload-iframe-client-redirect.html	2011-07-15 02:16:09 UTC (rev 91044)
@@ -0,0 +1,16 @@
+<script>
+if (window.layoutTestController) {
+    layoutTestController.dumpAsText();
+    layoutTestController.waitUntilDone();
+}
+
+window.addEventListener('message', function(evt) {
+    if (window.layoutTestController)
+        layoutTestController.notifyDone();
+}, false);
+</script>
+This test produces output in the console.  Only the initial URL should be logged.
+<iframe
+  src=""
+  _onbeforeload_="console.log(event.url)">
+</iframe>

Added: trunk/LayoutTests/http/tests/security/beforeload-iframe-server-redirect-expected.txt (0 => 91044)


--- trunk/LayoutTests/http/tests/security/beforeload-iframe-server-redirect-expected.txt	                        (rev 0)
+++ trunk/LayoutTests/http/tests/security/beforeload-iframe-server-redirect-expected.txt	2011-07-15 02:16:09 UTC (rev 91044)
@@ -0,0 +1,2 @@
+CONSOLE MESSAGE: line 15: http://127.0.0.1:8000/security/resources/redir.php?url=""
+This test produces output in the console. Only the initial URL should be logged.

Added: trunk/LayoutTests/http/tests/security/beforeload-iframe-server-redirect.html (0 => 91044)


--- trunk/LayoutTests/http/tests/security/beforeload-iframe-server-redirect.html	                        (rev 0)
+++ trunk/LayoutTests/http/tests/security/beforeload-iframe-server-redirect.html	2011-07-15 02:16:09 UTC (rev 91044)
@@ -0,0 +1,16 @@
+<script>
+if (window.layoutTestController) {
+    layoutTestController.dumpAsText();
+    layoutTestController.waitUntilDone();
+}
+
+window.addEventListener('message', function(evt) {
+    if (window.layoutTestController)
+        layoutTestController.notifyDone();
+}, false);
+</script>
+This test produces output in the console.  Only the initial URL should be logged.
+<iframe
+  src=""
+  _onbeforeload_="console.log(event.url)">
+</iframe>

Added: trunk/LayoutTests/http/tests/security/resources/client-redir.html (0 => 91044)


--- trunk/LayoutTests/http/tests/security/resources/client-redir.html	                        (rev 0)
+++ trunk/LayoutTests/http/tests/security/resources/client-redir.html	2011-07-15 02:16:09 UTC (rev 91044)
@@ -0,0 +1,3 @@
+<script>
+location.href = ""
+</script>

Added: trunk/LayoutTests/http/tests/security/resources/post-done.html (0 => 91044)


--- trunk/LayoutTests/http/tests/security/resources/post-done.html	                        (rev 0)
+++ trunk/LayoutTests/http/tests/security/resources/post-done.html	2011-07-15 02:16:09 UTC (rev 91044)
@@ -0,0 +1,4 @@
+<script>
+top.postMessage('done', '*');
+</script>
+This frame sends a 'done' message to the top window.

Modified: trunk/Source/WebCore/ChangeLog (91043 => 91044)


--- trunk/Source/WebCore/ChangeLog	2011-07-15 02:10:53 UTC (rev 91043)
+++ trunk/Source/WebCore/ChangeLog	2011-07-15 02:16:09 UTC (rev 91044)
@@ -1,3 +1,20 @@
+2011-07-14  Adam Barth  <[email protected]>
+
+        The beforeload event allows tracking URI changes in a frame
+        https://bugs.webkit.org/show_bug.cgi?id=64482
+
+        Reviewed by Nate Chapin.
+
+        Tests: http/tests/security/beforeload-iframe-client-redirect.html
+               http/tests/security/beforeload-iframe-server-redirect.html
+
+        Only dispatch the beforeload event for a frame if we haven't yet
+        committed our first real load.  The URL that we send to our parent will
+        be the same URL the parent seens in the src attribute.
+
+        * loader/FrameLoader.cpp:
+        (WebCore::FrameLoader::loadWithDocumentLoader):
+
 2011-07-14  Dan Bernstein  <[email protected]>
 
         LLVM Compiler build fix.

Modified: trunk/Source/WebCore/loader/FrameLoader.cpp (91043 => 91044)


--- trunk/Source/WebCore/loader/FrameLoader.cpp	2011-07-15 02:10:53 UTC (rev 91043)
+++ trunk/Source/WebCore/loader/FrameLoader.cpp	2011-07-15 02:16:09 UTC (rev 91044)
@@ -1353,7 +1353,13 @@
             loader->setTriggeringAction(NavigationAction(newURL, policyChecker()->loadType(), isFormSubmission));
 
         if (Element* ownerElement = m_frame->ownerElement()) {
-            if (!ownerElement->dispatchBeforeLoadEvent(loader->request().url().string())) {
+            // We skip dispatching the beforeload event if we've already
+            // committed a real document load because the event would leak
+            // subsequent activity by the frame which the parent frame isn't
+            // supposed to learn. For example, if the child frame navigated to
+            // a new URL, the parent frame shouldn't learn the URL.
+            if (!m_stateMachine.committedFirstRealDocumentLoad()
+                && !ownerElement->dispatchBeforeLoadEvent(loader->request().url().string())) {
                 continueLoadAfterNavigationPolicy(loader->request(), formState, false);
                 return;
             }

_______________________________________________
webkit-changes mailing list
[email protected]
http://lists.webkit.org/mailman/listinfo.cgi/webkit-changes

Reply via email to