V8 should throw a more descriptive exception when blocking 'eval' via CSP.
authormkwst@chromium.org <mkwst@chromium.org@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Wed, 17 Oct 2012 10:00:17 +0000 (10:00 +0000)
committermkwst@chromium.org <mkwst@chromium.org@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Wed, 17 Oct 2012 10:00:17 +0000 (10:00 +0000)
commit2a5aaeb8c701e1920158454928e58f38e90253e0
treecd16cba530d2c7ba72bc8a6a62a4841c7990371c
parent19a1a6d29d9c9650833c9279ccdb8a5fc8caf7a2
V8 should throw a more descriptive exception when blocking 'eval' via CSP.
https://bugs.webkit.org/show_bug.cgi?id=94332

Reviewed by Adam Barth.

Source/WebCore:

Following up on https://bugs.webkit.org/show_bug.cgi?id=94331, this
patch wires up the new error message mechanism to V8, and updates the
Chromium test expectations accordingly.

* bindings/v8/ScriptController.cpp:
(WebCore::ScriptController::disableEval):
    Pass 'errorMessage' through to V8.
* bindings/v8/V8DOMWindowShell.cpp:
(WebCore::V8DOMWindowShell::initializeIfNeeded):
    Grab the error message from ContentSecurityPolicy, and pass it
    through to V8.
* bindings/v8/WorkerContextExecutionProxy.cpp:
(WebCore::WorkerContextExecutionProxy::WorkerContextExecutionProxy):
(WebCore::WorkerContextExecutionProxy::evaluate):
(WebCore::WorkerContextExecutionProxy::setEvalAllowed):
* bindings/v8/WorkerContextExecutionProxy.h:
(WorkerContextExecutionProxy):
    Convert 'm_disableEvalPending' to a string to store the current
    error message, and use it to set the eval state.
* bindings/v8/WorkerScriptController.cpp:
(WebCore::WorkerScriptController::disableEval):
    Pass 'errorMessage' through to V8.

LayoutTests:

* platform/chromium/TestExpectations:
    Unskipping these tests, as this patch unbreaks them.
* platform/chromium/http/tests/security/contentSecurityPolicy/eval-blocked-expected.txt:
* platform/chromium/http/tests/security/contentSecurityPolicy/eval-blocked-in-about-blank-iframe-expected.txt:
* platform/chromium/http/tests/security/contentSecurityPolicy/function-constructor-blocked-expected.txt:
    Updating expectations with the new error message.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@131573 268f45cc-cd09-0410-ab3c-d52691b4dbfc
LayoutTests/ChangeLog
LayoutTests/platform/chromium/TestExpectations
LayoutTests/platform/chromium/http/tests/security/contentSecurityPolicy/eval-blocked-expected.txt
LayoutTests/platform/chromium/http/tests/security/contentSecurityPolicy/eval-blocked-in-about-blank-iframe-expected.txt
LayoutTests/platform/chromium/http/tests/security/contentSecurityPolicy/function-constructor-blocked-expected.txt
Source/WebCore/ChangeLog
Source/WebCore/bindings/v8/ScriptController.cpp
Source/WebCore/bindings/v8/V8DOMWindowShell.cpp
Source/WebCore/bindings/v8/WorkerContextExecutionProxy.cpp
Source/WebCore/bindings/v8/WorkerContextExecutionProxy.h
Source/WebCore/bindings/v8/WorkerScriptController.cpp