Diff
Modified: trunk/LayoutTests/ChangeLog (205170 => 205171)
--- trunk/LayoutTests/ChangeLog 2016-08-30 05:18:48 UTC (rev 205170)
+++ trunk/LayoutTests/ChangeLog 2016-08-30 05:24:13 UTC (rev 205171)
@@ -1,3 +1,24 @@
+2016-08-29 Chris Dumez <cdu...@apple.com>
+
+ We should throw a SecurityError when denying setting a cross-origin Location property
+ https://bugs.webkit.org/show_bug.cgi?id=161368
+
+ Reviewed by Ryosuke Niwa.
+
+ Update / Rebaseline existing tests to reflect behavior change.
+
+ * http/tests/security/cross-frame-access-location-put-expected.txt:
+ * http/tests/security/location-cross-origin-expected.txt:
+ * http/tests/security/location-cross-origin.html:
+ * http/tests/security/xss-DENIED-assign-location-hash-expected.txt:
+ * http/tests/security/xss-DENIED-assign-location-host-expected.txt:
+ * http/tests/security/xss-DENIED-assign-location-hostname-expected.txt:
+ * http/tests/security/xss-DENIED-assign-location-nonstandardProperty-expected.txt:
+ * http/tests/security/xss-DENIED-assign-location-pathname-expected.txt:
+ * http/tests/security/xss-DENIED-assign-location-protocol-expected.txt:
+ * http/tests/security/xss-DENIED-assign-location-reload-expected.txt:
+ * http/tests/security/xss-DENIED-assign-location-search-expected.txt:
+
2016-08-29 Gyuyoung Kim <gyuyoung....@webkit.org>
[EFL] Gardening on Aug 30
Modified: trunk/LayoutTests/http/tests/security/cross-frame-access-location-put-expected.txt (205170 => 205171)
--- trunk/LayoutTests/http/tests/security/cross-frame-access-location-put-expected.txt 2016-08-30 05:18:48 UTC (rev 205170)
+++ trunk/LayoutTests/http/tests/security/cross-frame-access-location-put-expected.txt 2016-08-30 05:24:13 UTC (rev 205171)
@@ -1,8 +1,8 @@
-CONSOLE MESSAGE: line 29: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 29: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 29: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 29: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
--------
Modified: trunk/LayoutTests/http/tests/security/location-cross-origin-expected.txt (205170 => 205171)
--- trunk/LayoutTests/http/tests/security/location-cross-origin-expected.txt 2016-08-30 05:18:48 UTC (rev 205170)
+++ trunk/LayoutTests/http/tests/security/location-cross-origin-expected.txt 2016-08-30 05:24:13 UTC (rev 205171)
@@ -27,6 +27,26 @@
PASS Object.getOwnPropertyDescriptor(window.location, 'ancestorOrigins').get.call(frames[0].location) threw exception SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match..
PASS Object.getOwnPropertyDescriptor(window.location, 'toString').value.call(frames[0].location) threw exception SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match..
PASS Object.getOwnPropertyDescriptor(window.location, 'href').get.call(frames[0].location) threw exception SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match..
+PASS frames[0].location.protocol = 1 threw exception SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match..
+PASS frames[0].location.host = 1 threw exception SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match..
+PASS frames[0].location.hostname = 1 threw exception SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match..
+PASS frames[0].location.port = 1 threw exception SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match..
+PASS frames[0].location.pathname = 1 threw exception SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match..
+PASS frames[0].location.search = 1 threw exception SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match..
+PASS frames[0].location.hash = 1 threw exception SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match..
+PASS frames[0].location.origin = 1 threw exception SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match..
+PASS frames[0].location.ancestorOrigins = 1 threw exception SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match..
+FAIL frames[0].location.toString = 1 should throw a SecurityError. Did not throw.
+PASS frames[0].location.reload = 1 threw exception SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match..
+PASS frames[0].location.replace = 1 threw exception SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match..
+PASS frames[0].location.assign = 1 threw exception SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match..
+PASS Object.getOwnPropertyDescriptor(window.location, 'protocol').set.call(frames[0].location, 1) threw exception SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match..
+PASS Object.getOwnPropertyDescriptor(window.location, 'host').set.call(frames[0].location, 1) threw exception SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match..
+PASS Object.getOwnPropertyDescriptor(window.location, 'hostname').set.call(frames[0].location, 1) threw exception SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match..
+PASS Object.getOwnPropertyDescriptor(window.location, 'port').set.call(frames[0].location, 1) threw exception SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match..
+PASS Object.getOwnPropertyDescriptor(window.location, 'pathname').set.call(frames[0].location, 1) threw exception SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match..
+PASS Object.getOwnPropertyDescriptor(window.location, 'search').set.call(frames[0].location, 1) threw exception SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match..
+PASS Object.getOwnPropertyDescriptor(window.location, 'hash').set.call(frames[0].location, 1) threw exception SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match..
PASS frames[0].location.href = '' did not throw exception.
PASS frames[0].location.href is "about:blank"
PASS successfullyParsed is true
Modified: trunk/LayoutTests/http/tests/security/location-cross-origin.html (205170 => 205171)
--- trunk/LayoutTests/http/tests/security/location-cross-origin.html 2016-08-30 05:18:48 UTC (rev 205170)
+++ trunk/LayoutTests/http/tests/security/location-cross-origin.html 2016-08-30 05:24:13 UTC (rev 205171)
@@ -34,6 +34,28 @@
shouldThrowErrorName("Object.getOwnPropertyDescriptor(window.location, 'toString').value.call(frames[0].location)", "SecurityError");
shouldThrowErrorName("Object.getOwnPropertyDescriptor(window.location, 'href').get.call(frames[0].location)", "SecurityError");
+ shouldThrowErrorName("frames[0].location.protocol = 1", "SecurityError");
+ shouldThrowErrorName("frames[0].location.host = 1", "SecurityError");
+ shouldThrowErrorName("frames[0].location.hostname = 1", "SecurityError");
+ shouldThrowErrorName("frames[0].location.port = 1", "SecurityError");
+ shouldThrowErrorName("frames[0].location.pathname = 1", "SecurityError");
+ shouldThrowErrorName("frames[0].location.search = 1", "SecurityError");
+ shouldThrowErrorName("frames[0].location.hash = 1", "SecurityError");
+ shouldThrowErrorName("frames[0].location.origin = 1", "SecurityError");
+ shouldThrowErrorName("frames[0].location.ancestorOrigins = 1", "SecurityError");
+ shouldThrowErrorName("frames[0].location.toString = 1", "SecurityError");
+ shouldThrowErrorName("frames[0].location.reload = 1", "SecurityError");
+ shouldThrowErrorName("frames[0].location.replace = 1", "SecurityError");
+ shouldThrowErrorName("frames[0].location.assign = 1", "SecurityError");
+
+ shouldThrowErrorName("Object.getOwnPropertyDescriptor(window.location, 'protocol').set.call(frames[0].location, 1)", "SecurityError");
+ shouldThrowErrorName("Object.getOwnPropertyDescriptor(window.location, 'host').set.call(frames[0].location, 1)", "SecurityError");
+ shouldThrowErrorName("Object.getOwnPropertyDescriptor(window.location, 'hostname').set.call(frames[0].location, 1)", "SecurityError");
+ shouldThrowErrorName("Object.getOwnPropertyDescriptor(window.location, 'port').set.call(frames[0].location, 1)", "SecurityError");
+ shouldThrowErrorName("Object.getOwnPropertyDescriptor(window.location, 'pathname').set.call(frames[0].location, 1)", "SecurityError");
+ shouldThrowErrorName("Object.getOwnPropertyDescriptor(window.location, 'search').set.call(frames[0].location, 1)", "SecurityError");
+ shouldThrowErrorName("Object.getOwnPropertyDescriptor(window.location, 'hash').set.call(frames[0].location, 1)", "SecurityError");
+
// Setting 'href' cross origin should be allowed.
shouldNotThrow("frames[0].location.href = ''");
setTimeout(function() {
Modified: trunk/LayoutTests/http/tests/security/xss-DENIED-assign-location-hash-expected.txt (205170 => 205171)
--- trunk/LayoutTests/http/tests/security/xss-DENIED-assign-location-hash-expected.txt 2016-08-30 05:18:48 UTC (rev 205170)
+++ trunk/LayoutTests/http/tests/security/xss-DENIED-assign-location-hash-expected.txt 2016-08-30 05:24:13 UTC (rev 205171)
@@ -1,3 +1,3 @@
-CONSOLE MESSAGE: line 4: Blocked a frame with origin "http://localhost:8000" from accessing a frame with origin "http://127.0.0.1:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 4: SecurityError (DOM Exception 18): Blocked a frame with origin "http://localhost:8000" from accessing a frame with origin "http://127.0.0.1:8000". Protocols, domains, and ports must match.
PASS: cross-site assignment of location.hash not allowed
Modified: trunk/LayoutTests/http/tests/security/xss-DENIED-assign-location-host-expected.txt (205170 => 205171)
--- trunk/LayoutTests/http/tests/security/xss-DENIED-assign-location-host-expected.txt 2016-08-30 05:18:48 UTC (rev 205170)
+++ trunk/LayoutTests/http/tests/security/xss-DENIED-assign-location-host-expected.txt 2016-08-30 05:24:13 UTC (rev 205171)
@@ -1,3 +1,3 @@
-CONSOLE MESSAGE: line 4: Blocked a frame with origin "http://localhost:8000" from accessing a frame with origin "http://127.0.0.1:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 4: SecurityError (DOM Exception 18): Blocked a frame with origin "http://localhost:8000" from accessing a frame with origin "http://127.0.0.1:8000". Protocols, domains, and ports must match.
PASS: cross-site assignment of location.host not allowed
Modified: trunk/LayoutTests/http/tests/security/xss-DENIED-assign-location-hostname-expected.txt (205170 => 205171)
--- trunk/LayoutTests/http/tests/security/xss-DENIED-assign-location-hostname-expected.txt 2016-08-30 05:18:48 UTC (rev 205170)
+++ trunk/LayoutTests/http/tests/security/xss-DENIED-assign-location-hostname-expected.txt 2016-08-30 05:24:13 UTC (rev 205171)
@@ -1,3 +1,3 @@
-CONSOLE MESSAGE: line 4: Blocked a frame with origin "http://localhost:8000" from accessing a frame with origin "http://127.0.0.1:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 4: SecurityError (DOM Exception 18): Blocked a frame with origin "http://localhost:8000" from accessing a frame with origin "http://127.0.0.1:8000". Protocols, domains, and ports must match.
PASS: cross-site assignment of location.hostname not allowed
Modified: trunk/LayoutTests/http/tests/security/xss-DENIED-assign-location-nonstandardProperty-expected.txt (205170 => 205171)
--- trunk/LayoutTests/http/tests/security/xss-DENIED-assign-location-nonstandardProperty-expected.txt 2016-08-30 05:18:48 UTC (rev 205170)
+++ trunk/LayoutTests/http/tests/security/xss-DENIED-assign-location-nonstandardProperty-expected.txt 2016-08-30 05:24:13 UTC (rev 205171)
@@ -1,3 +1,3 @@
-CONSOLE MESSAGE: line 4: Blocked a frame with origin "http://localhost:8000" from accessing a frame with origin "http://127.0.0.1:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 4: SecurityError (DOM Exception 18): Blocked a frame with origin "http://localhost:8000" from accessing a frame with origin "http://127.0.0.1:8000". Protocols, domains, and ports must match.
PASS: cross-site assignment of location.nonstandardProperty not allowed
Modified: trunk/LayoutTests/http/tests/security/xss-DENIED-assign-location-pathname-expected.txt (205170 => 205171)
--- trunk/LayoutTests/http/tests/security/xss-DENIED-assign-location-pathname-expected.txt 2016-08-30 05:18:48 UTC (rev 205170)
+++ trunk/LayoutTests/http/tests/security/xss-DENIED-assign-location-pathname-expected.txt 2016-08-30 05:24:13 UTC (rev 205171)
@@ -1,3 +1,3 @@
-CONSOLE MESSAGE: line 4: Blocked a frame with origin "http://localhost:8000" from accessing a frame with origin "http://127.0.0.1:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 4: SecurityError (DOM Exception 18): Blocked a frame with origin "http://localhost:8000" from accessing a frame with origin "http://127.0.0.1:8000". Protocols, domains, and ports must match.
PASS: cross-site assignment of location.pathname not allowed
Modified: trunk/LayoutTests/http/tests/security/xss-DENIED-assign-location-protocol-expected.txt (205170 => 205171)
--- trunk/LayoutTests/http/tests/security/xss-DENIED-assign-location-protocol-expected.txt 2016-08-30 05:18:48 UTC (rev 205170)
+++ trunk/LayoutTests/http/tests/security/xss-DENIED-assign-location-protocol-expected.txt 2016-08-30 05:24:13 UTC (rev 205171)
@@ -1,3 +1,3 @@
-CONSOLE MESSAGE: line 4: Blocked a frame with origin "http://localhost:8000" from accessing a frame with origin "http://127.0.0.1:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 4: SecurityError (DOM Exception 18): Blocked a frame with origin "http://localhost:8000" from accessing a frame with origin "http://127.0.0.1:8000". Protocols, domains, and ports must match.
PASS: cross-site assignment of location.protocol not allowed
Modified: trunk/LayoutTests/http/tests/security/xss-DENIED-assign-location-reload-expected.txt (205170 => 205171)
--- trunk/LayoutTests/http/tests/security/xss-DENIED-assign-location-reload-expected.txt 2016-08-30 05:18:48 UTC (rev 205170)
+++ trunk/LayoutTests/http/tests/security/xss-DENIED-assign-location-reload-expected.txt 2016-08-30 05:24:13 UTC (rev 205171)
@@ -1,3 +1,3 @@
-CONSOLE MESSAGE: line 4: Blocked a frame with origin "http://localhost:8000" from accessing a frame with origin "http://127.0.0.1:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 4: SecurityError (DOM Exception 18): Blocked a frame with origin "http://localhost:8000" from accessing a frame with origin "http://127.0.0.1:8000". Protocols, domains, and ports must match.
PASS: cross-site assignment of location.replace not allowed
Modified: trunk/LayoutTests/http/tests/security/xss-DENIED-assign-location-search-expected.txt (205170 => 205171)
--- trunk/LayoutTests/http/tests/security/xss-DENIED-assign-location-search-expected.txt 2016-08-30 05:18:48 UTC (rev 205170)
+++ trunk/LayoutTests/http/tests/security/xss-DENIED-assign-location-search-expected.txt 2016-08-30 05:24:13 UTC (rev 205171)
@@ -1,3 +1,3 @@
-CONSOLE MESSAGE: line 4: Blocked a frame with origin "http://localhost:8000" from accessing a frame with origin "http://127.0.0.1:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 4: SecurityError (DOM Exception 18): Blocked a frame with origin "http://localhost:8000" from accessing a frame with origin "http://127.0.0.1:8000". Protocols, domains, and ports must match.
PASS: cross-site assignment of location.search not allowed
Modified: trunk/Source/WebCore/ChangeLog (205170 => 205171)
--- trunk/Source/WebCore/ChangeLog 2016-08-30 05:18:48 UTC (rev 205170)
+++ trunk/Source/WebCore/ChangeLog 2016-08-30 05:24:13 UTC (rev 205171)
@@ -1,3 +1,24 @@
+2016-08-29 Chris Dumez <cdu...@apple.com>
+
+ We should throw a SecurityError when denying setting a cross-origin Location property
+ https://bugs.webkit.org/show_bug.cgi?id=161368
+
+ Reviewed by Ryosuke Niwa.
+
+ We should throw a SecurityError when denying setting a cross-origin
+ Location property:
+ - https://html.spec.whatwg.org/#location-set
+ - https://html.spec.whatwg.org/#crossoriginset-(-o,-p,-v,-receiver-)
+ - https://html.spec.whatwg.org/#location-getownproperty
+
+ Firefox and Chrome already throw. We currently ignore and log an error
+ message.
+
+ No new tests, updated existing tests.
+
+ * bindings/js/JSLocationCustom.cpp:
+ (WebCore::JSLocation::putDelegate):
+
2016-08-29 Brent Fulgham <bfulg...@apple.com>
Avoid holding GlyphData in MathOperator
Modified: trunk/Source/WebCore/bindings/js/JSLocationCustom.cpp (205170 => 205171)
--- trunk/Source/WebCore/bindings/js/JSLocationCustom.cpp 2016-08-30 05:18:48 UTC (rev 205170)
+++ trunk/Source/WebCore/bindings/js/JSLocationCustom.cpp 2016-08-30 05:24:13 UTC (rev 205171)
@@ -78,8 +78,7 @@
// but not when assigning the individual pieces, since that might inadvertently
// disclose other parts of the original location.
if (propertyName != exec->propertyNames().href) {
- // FIXME: We should throw a SecurityError.
- printErrorMessageForFrame(frame, errorMessage);
+ throwSecurityError(*exec, errorMessage);
return true;
}
return false;