git://git.webkit.org / WebKit-https.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 39f1a52) | patch
XSS Auditor should navigate to empty substitute data on full page block
authordbates@webkit.org <dbates@webkit.org@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Tue, 12 Jan 2016 22:28:59 +0000 (22:28 +0000)
committerdbates@webkit.org <dbates@webkit.org@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Tue, 12 Jan 2016 22:28:59 +0000 (22:28 +0000)
commit58ca7aba0c6a94f30682af471b1e80951e3f5a2a
tree777b4fb92bb4c13fa0e1e52f4f03c67678da4a06tree | snapshot
parent39f1a5281f7a6066ad761e1fd68941c5490bed46commit | diff
XSS Auditor should navigate to empty substitute data on full page block
https://bugs.webkit.org/show_bug.cgi?id=152868
<rdar://problem/18658448>

Reviewed by David Kilzer and Andy Estes.

Derived from Blink patch (by Tom Sepez <tsepez@chromium.org>):
<https://src.chromium.org/viewvc/blink?view=rev&revision=179240>

Source/WebCore:

Test: http/tests/security/xssAuditor/block-does-not-leak-that-page-was-blocked-using-empty-data-url.html

* html/parser/XSSAuditorDelegate.cpp:
(WebCore::XSSAuditorDelegate::didBlockScript): Modified to call NavigationScheduler::schedulePageBlock().
* loader/NavigationScheduler.cpp:
(WebCore::ScheduledPageBlock::ScheduledPageBlock): Added.
(WebCore::NavigationScheduler::schedulePageBlock): Navigate to empty substitute data with
the same URL as the originating document.
* loader/NavigationScheduler.h:

LayoutTests:

Added additional test block-does-not-leak-that-page-was-blocked-using-empty-data-url.html to explicitly
tests that we do redirect to an empty data URL when a full page block is triggered.

* http/tests/security/contentSecurityPolicy/1.1/reflected-xss-and-xss-protection-allow-block-expected.txt:
* http/tests/security/contentSecurityPolicy/1.1/reflected-xss-and-xss-protection-block-allow-expected.txt:
* http/tests/security/contentSecurityPolicy/1.1/reflected-xss-and-xss-protection-block-block-expected.txt:
* http/tests/security/contentSecurityPolicy/1.1/reflected-xss-and-xss-protection-block-filter-expected.txt:
* http/tests/security/contentSecurityPolicy/1.1/reflected-xss-and-xss-protection-block-invalid-expected.txt:
* http/tests/security/contentSecurityPolicy/1.1/reflected-xss-and-xss-protection-block-unset-expected.txt:
* http/tests/security/contentSecurityPolicy/1.1/reflected-xss-and-xss-protection-filter-block-expected.txt:
* http/tests/security/contentSecurityPolicy/1.1/reflected-xss-and-xss-protection-invalid-block-expected.txt:
* http/tests/security/contentSecurityPolicy/1.1/reflected-xss-and-xss-protection-unset-block-expected.txt:
* http/tests/security/xssAuditor/block-does-not-leak-location-expected.txt:
* http/tests/security/xssAuditor/block-does-not-leak-referrer-expected.txt:
* http/tests/security/xssAuditor/block-does-not-leak-that-page-was-blocked-using-empty-data-url-expected.txt: Added.
* http/tests/security/xssAuditor/block-does-not-leak-that-page-was-blocked-using-empty-data-url.html: Added.
* http/tests/security/xssAuditor/full-block-base-href-expected.txt:
* http/tests/security/xssAuditor/full-block-iframe-javascript-url-expected.txt:
* http/tests/security/xssAuditor/full-block-javascript-link-expected.txt:
* http/tests/security/xssAuditor/full-block-link-onclick-expected.txt:
* http/tests/security/xssAuditor/full-block-object-tag-expected.txt:
* http/tests/security/xssAuditor/full-block-script-tag-cross-domain-expected.txt:
* http/tests/security/xssAuditor/full-block-script-tag-expected.txt:
* http/tests/security/xssAuditor/full-block-script-tag-with-source-expected.txt:
* http/tests/security/xssAuditor/full-block-script-tag.html:
* http/tests/security/xssAuditor/xss-protection-parsing-03-expected.txt:
* http/tests/security/xssAuditor/xss-protection-parsing-04-expected.txt:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@194927 268f45cc-cd09-0410-ab3c-d52691b4dbfc
29 files changed:
LayoutTests/ChangeLog diff | blob | history
LayoutTests/http/tests/security/contentSecurityPolicy/1.1/reflected-xss-and-xss-protection-allow-block-expected.txt diff | blob | history
LayoutTests/http/tests/security/contentSecurityPolicy/1.1/reflected-xss-and-xss-protection-block-allow-expected.txt diff | blob | history
LayoutTests/http/tests/security/contentSecurityPolicy/1.1/reflected-xss-and-xss-protection-block-block-expected.txt diff | blob | history
LayoutTests/http/tests/security/contentSecurityPolicy/1.1/reflected-xss-and-xss-protection-block-filter-expected.txt diff | blob | history
LayoutTests/http/tests/security/contentSecurityPolicy/1.1/reflected-xss-and-xss-protection-block-invalid-expected.txt diff | blob | history
LayoutTests/http/tests/security/contentSecurityPolicy/1.1/reflected-xss-and-xss-protection-block-unset-expected.txt diff | blob | history
LayoutTests/http/tests/security/contentSecurityPolicy/1.1/reflected-xss-and-xss-protection-filter-block-expected.txt diff | blob | history
LayoutTests/http/tests/security/contentSecurityPolicy/1.1/reflected-xss-and-xss-protection-invalid-block-expected.txt diff | blob | history
LayoutTests/http/tests/security/contentSecurityPolicy/1.1/reflected-xss-and-xss-protection-unset-block-expected.txt diff | blob | history
LayoutTests/http/tests/security/xssAuditor/block-does-not-leak-location-expected.txt diff | blob | history
LayoutTests/http/tests/security/xssAuditor/block-does-not-leak-referrer-expected.txt diff | blob | history
LayoutTests/http/tests/security/xssAuditor/block-does-not-leak-that-page-was-blocked-using-empty-data-url-expected.txt [new file with mode: 0644] blob
LayoutTests/http/tests/security/xssAuditor/block-does-not-leak-that-page-was-blocked-using-empty-data-url.html [new file with mode: 0644] blob
LayoutTests/http/tests/security/xssAuditor/full-block-base-href-expected.txt diff | blob | history
LayoutTests/http/tests/security/xssAuditor/full-block-iframe-javascript-url-expected.txt diff | blob | history
LayoutTests/http/tests/security/xssAuditor/full-block-javascript-link-expected.txt diff | blob | history
LayoutTests/http/tests/security/xssAuditor/full-block-link-onclick-expected.txt diff | blob | history
LayoutTests/http/tests/security/xssAuditor/full-block-object-tag-expected.txt diff | blob | history
LayoutTests/http/tests/security/xssAuditor/full-block-script-tag-cross-domain-expected.txt diff | blob | history
LayoutTests/http/tests/security/xssAuditor/full-block-script-tag-expected.txt diff | blob | history
LayoutTests/http/tests/security/xssAuditor/full-block-script-tag-with-source-expected.txt diff | blob | history
LayoutTests/http/tests/security/xssAuditor/full-block-script-tag.html diff | blob | history
LayoutTests/http/tests/security/xssAuditor/xss-protection-parsing-03-expected.txt diff | blob | history
LayoutTests/http/tests/security/xssAuditor/xss-protection-parsing-04-expected.txt diff | blob | history
Source/WebCore/ChangeLog diff | blob | history
Source/WebCore/html/parser/XSSAuditorDelegate.cpp diff | blob | history
Source/WebCore/loader/NavigationScheduler.cpp diff | blob | history
Source/WebCore/loader/NavigationScheduler.h diff | blob | history
Mirror of the WebKit open source project from svn.webkit.org.