http/tests/security/xss-DENIED-script-inject-into-inactive-window2.html times out...
authorcdumez@apple.com <cdumez@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Tue, 12 Jun 2018 01:27:59 +0000 (01:27 +0000)
committercdumez@apple.com <cdumez@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Tue, 12 Jun 2018 01:27:59 +0000 (01:27 +0000)
commit1a167d7ff326569fe2dda1a93ddee99b8f1ccd59
tree1eda92b33fbfead8157e9848e90baaba29977199
parent459d5b93cce0405b8da3290efba92e038226889e
http/tests/security/xss-DENIED-script-inject-into-inactive-window2.html times out with PSON enabled
https://bugs.webkit.org/show_bug.cgi?id=186546

Reviewed by Brady Eidson.

Source/WebCore:

Add a hasOpenedFrames flag to NavigationAction, which we'll use in the UIProcess when deciding
to process swap on navigation or not.

Test: http/tests/security/xss-DENIED-script-inject-into-inactive-window2-pson.html

* loader/FrameLoader.cpp:
(WebCore::FrameLoader::loadURL):
* loader/NavigationAction.h:
(WebCore::NavigationAction::hasOpenedFrames const):
(WebCore::NavigationAction::setHasOpenedFrames):

Source/WebKit:

Disable process swap on navigation in frames that have opened other frames via
window.open(). These new windows may have a WindowProxy to their opener, and it
would therefore be unsafe to process swap at this point.

* Shared/NavigationActionData.cpp:
(WebKit::NavigationActionData::encode const):
(WebKit::NavigationActionData::decode):
* Shared/NavigationActionData.h:
* UIProcess/API/APINavigation.h:
(API::Navigation::setHasOpenedFrames):
(API::Navigation::hasOpenedFrames const):
* UIProcess/WebPageProxy.cpp:
(WebKit::WebPageProxy::decidePolicyForNavigationAction):
* UIProcess/WebProcessPool.cpp:
(WebKit::WebProcessPool::processForNavigationInternal):
* WebProcess/WebCoreSupport/WebFrameLoaderClient.cpp:
(WebKit::WebFrameLoaderClient::dispatchDecidePolicyForNavigationAction):

LayoutTests:

Add layout test coverage.

* http/tests/security/xss-DENIED-script-inject-into-inactive-window2-pson-expected.txt: Added.
* http/tests/security/xss-DENIED-script-inject-into-inactive-window2-pson.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@232737 268f45cc-cd09-0410-ab3c-d52691b4dbfc
13 files changed:
LayoutTests/ChangeLog
LayoutTests/http/tests/security/xss-DENIED-script-inject-into-inactive-window2-pson-expected.txt [new file with mode: 0644]
LayoutTests/http/tests/security/xss-DENIED-script-inject-into-inactive-window2-pson.html [new file with mode: 0644]
Source/WebCore/ChangeLog
Source/WebCore/loader/FrameLoader.cpp
Source/WebCore/loader/NavigationAction.h
Source/WebKit/ChangeLog
Source/WebKit/Shared/NavigationActionData.cpp
Source/WebKit/Shared/NavigationActionData.h
Source/WebKit/UIProcess/API/APINavigation.h
Source/WebKit/UIProcess/WebPageProxy.cpp
Source/WebKit/UIProcess/WebProcessPool.cpp
Source/WebKit/WebProcess/WebCoreSupport/WebFrameLoaderClient.cpp