Window's properties such as 'location' should not become null when it loses its brows...
authorcdumez@apple.com <cdumez@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Mon, 15 Oct 2018 14:54:21 +0000 (14:54 +0000)
committercdumez@apple.com <cdumez@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Mon, 15 Oct 2018 14:54:21 +0000 (14:54 +0000)
commitf9608ea9b118f441c5aec9bc7575494ac0436379
treea251d34f3b09410c79500982552f7d565392dd7d
parentf07e1fffd1f83712761d95001df2c5062bc0ed26
Window's properties such as 'location' should not become null when it loses its browsing context
https://bugs.webkit.org/show_bug.cgi?id=190539

Reviewed by Alex Christensen.

LayoutTests/imported/w3c:

Rebaseline WPT test whose output has changed.

* web-platform-tests/html/webappapis/dynamic-markup-insertion/opening-the-input-stream/url.window-expected.txt:

Source/WebCore:

Window's properties such as 'location' should not become null when it loses its browsing context.
This Webkit behavior is not standard and does not match other browsers so this patch makes it so
that those properties persist.

Tests: http/tests/dom/cross-origin-detached-window-properties.html
       http/tests/dom/same-origin-detached-window-properties.html

* bindings/js/JSDOMBindingSecurity.cpp:
(WebCore::BindingSecurity::shouldAllowAccessToDOMWindow):
* bindings/js/JSDOMBindingSecurity.h:
* bindings/js/JSDOMWindowProperties.cpp:
(WebCore::jsDOMWindowPropertiesGetOwnPropertySlotNamedItemGetter):
(WebCore::JSDOMWindowProperties::getOwnPropertySlot):
* bindings/js/JSLocationCustom.cpp:
(WebCore::getOwnPropertySlotCommon):
(WebCore::putCommon):
(WebCore::JSLocation::deleteProperty):
(WebCore::JSLocation::deletePropertyByIndex):
(WebCore::JSLocation::getOwnPropertyNames):
(WebCore::JSLocation::defineOwnProperty):
(WebCore::JSLocation::getPrototype):
(WebCore::JSLocation::toStringName):
* bindings/scripts/CodeGeneratorJS.pm:
(GenerateAttributeGetterBodyDefinition):
(GenerateAttributeSetterBodyDefinition):
(GenerateOperationBodyDefinition):
* bindings/scripts/test/JS/JSTestActiveDOMObject.cpp:
(WebCore::jsTestActiveDOMObjectExcitingAttrGetter):
(WebCore::jsTestActiveDOMObjectPrototypeFunctionExcitingFunctionBody):
* crypto/SubtleCrypto.cpp:
(WebCore::SubtleCrypto::SubtleCrypto):
* crypto/SubtleCrypto.h:
(WebCore::SubtleCrypto::create):
* dom/Document.cpp:
(WebCore::Document::~Document):
* page/Crypto.cpp:
(WebCore::Crypto::Crypto):
* page/Crypto.h:
(WebCore::Crypto::create):
* page/DOMWindow.cpp:
(WebCore::DOMWindow::~DOMWindow):
(WebCore::DOMWindow::frameDestroyed):
(WebCore::DOMWindow::screen):
(WebCore::DOMWindow::history):
(WebCore::DOMWindow::crypto):
(WebCore::DOMWindow::locationbar):
(WebCore::DOMWindow::menubar):
(WebCore::DOMWindow::personalbar):
(WebCore::DOMWindow::scrollbars):
(WebCore::DOMWindow::statusbar):
(WebCore::DOMWindow::toolbar):
(WebCore::DOMWindow::console const):
(WebCore::DOMWindow::applicationCache):
(WebCore::DOMWindow::navigator):
(WebCore::DOMWindow::performance const):
(WebCore::DOMWindow::location):
(WebCore::DOMWindow::visualViewport):
(WebCore::DOMWindow::styleMedia):
* page/DOMWindow.h:
* page/DOMWindow.idl:
* workers/WorkerGlobalScope.cpp:
(WebCore::WorkerGlobalScope::crypto):

LayoutTests:

* http/tests/dom/cross-origin-detached-window-properties-expected.txt: Added.
* http/tests/dom/cross-origin-detached-window-properties.html: Added.
* http/tests/dom/resources/post-message-to-parent-when-loaded.html: Added.
* http/tests/dom/same-origin-detached-window-properties-expected.txt: Added.
* http/tests/dom/same-origin-detached-window-properties.html: Added.
Add layout test coverage.

* fast/frames/detached-frame-property-expected.txt:
* fast/frames/detached-frame-property.html:
* http/tests/security/named-window-property-from-same-origin-inactive-document-expected.txt:
* http/tests/security/named-window-property-from-same-origin-inactive-document.html:
* http/tests/security/xss-DENIED-named-window-property-from-cross-origin-inactive-document-expected.txt:
* http/tests/security/xss-DENIED-named-window-property-from-cross-origin-inactive-document.html:
* http/tests/security/xss-DENIED-script-inject-into-inactive-window.html:
* http/tests/security/xss-DENIED-script-inject-into-inactive-window2-pson.html:
* http/tests/security/xss-DENIED-script-inject-into-inactive-window2.html:
* http/tests/security/xss-DENIED-script-inject-into-inactive-window3.html:
Update existing layout tests to reflect behavior change.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@237105 268f45cc-cd09-0410-ab3c-d52691b4dbfc
33 files changed:
LayoutTests/ChangeLog
LayoutTests/fast/frames/detached-frame-property-expected.txt
LayoutTests/fast/frames/detached-frame-property.html
LayoutTests/http/tests/dom/cross-origin-detached-window-properties-expected.txt [new file with mode: 0644]
LayoutTests/http/tests/dom/cross-origin-detached-window-properties.html [new file with mode: 0644]
LayoutTests/http/tests/dom/resources/post-message-to-parent-when-loaded.html [new file with mode: 0644]
LayoutTests/http/tests/dom/same-origin-detached-window-properties-expected.txt [new file with mode: 0644]
LayoutTests/http/tests/dom/same-origin-detached-window-properties.html [new file with mode: 0644]
LayoutTests/http/tests/security/named-window-property-from-same-origin-inactive-document-expected.txt
LayoutTests/http/tests/security/named-window-property-from-same-origin-inactive-document.html
LayoutTests/http/tests/security/xss-DENIED-named-window-property-from-cross-origin-inactive-document-expected.txt
LayoutTests/http/tests/security/xss-DENIED-named-window-property-from-cross-origin-inactive-document.html
LayoutTests/http/tests/security/xss-DENIED-script-inject-into-inactive-window.html
LayoutTests/http/tests/security/xss-DENIED-script-inject-into-inactive-window2-pson.html
LayoutTests/http/tests/security/xss-DENIED-script-inject-into-inactive-window2.html
LayoutTests/http/tests/security/xss-DENIED-script-inject-into-inactive-window3.html
LayoutTests/imported/w3c/ChangeLog
LayoutTests/imported/w3c/web-platform-tests/html/webappapis/dynamic-markup-insertion/opening-the-input-stream/url.window-expected.txt
Source/WebCore/ChangeLog
Source/WebCore/bindings/js/JSDOMBindingSecurity.cpp
Source/WebCore/bindings/js/JSDOMBindingSecurity.h
Source/WebCore/bindings/js/JSDOMWindowProperties.cpp
Source/WebCore/bindings/js/JSLocationCustom.cpp
Source/WebCore/bindings/scripts/CodeGeneratorJS.pm
Source/WebCore/bindings/scripts/test/JS/JSTestActiveDOMObject.cpp
Source/WebCore/crypto/SubtleCrypto.cpp
Source/WebCore/crypto/SubtleCrypto.h
Source/WebCore/page/Crypto.cpp
Source/WebCore/page/Crypto.h
Source/WebCore/page/DOMWindow.cpp
Source/WebCore/page/DOMWindow.h
Source/WebCore/page/DOMWindow.idl
Source/WebCore/workers/WorkerGlobalScope.cpp