XSSAuditor is silent
authorcommit-queue@webkit.org <commit-queue@webkit.org@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Wed, 2 Nov 2011 21:05:10 +0000 (21:05 +0000)
committercommit-queue@webkit.org <commit-queue@webkit.org@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Wed, 2 Nov 2011 21:05:10 +0000 (21:05 +0000)
https://bugs.webkit.org/show_bug.cgi?id=70973

Patch by Tom Sepez <tsepez@chromium.org> on 2011-11-02
Reviewed by Adam Barth.

Source/WebCore:

Test: http/tests/security/xssAuditor/script-tag-with-callbacks.html

* html/parser/XSSAuditor.cpp:
(WebCore::XSSAuditor::XSSAuditor):
(WebCore::XSSAuditor::filterToken):
* html/parser/XSSAuditor.h:
* loader/EmptyClients.h:
(WebCore::EmptyFrameLoaderClient::didDetectXSS):
* loader/FrameLoaderClient.h:

Source/WebKit/chromium:

* public/WebFrameClient.h:
(WebKit::WebFrameClient::didDetectXSS):
* src/FrameLoaderClientImpl.cpp:
(WebKit::FrameLoaderClientImpl::didDetectXSS):
* src/FrameLoaderClientImpl.h:

Source/WebKit/efl:

* WebCoreSupport/FrameLoaderClientEfl.cpp:
(WebCore::FrameLoaderClientEfl::didDetectXSS):
* WebCoreSupport/FrameLoaderClientEfl.h:

Source/WebKit/gtk:

* WebCoreSupport/FrameLoaderClientGtk.cpp:
(WebKit::FrameLoaderClient::didDetectXSS):
* WebCoreSupport/FrameLoaderClientGtk.h:

Source/WebKit/mac:

* WebCoreSupport/WebFrameLoaderClient.h:
* WebCoreSupport/WebFrameLoaderClient.mm:
(WebFrameLoaderClient::didRunInsecureContent):
(WebFrameLoaderClient::didDetectXSS):
* WebView/WebDelegateImplementationCaching.h:
* WebView/WebFrameLoadDelegatePrivate.h:
* WebView/WebView.mm:
(-[WebView _cacheFrameLoadDelegateImplementations]):

Source/WebKit/qt:

* WebCoreSupport/FrameLoaderClientQt.cpp:
(WebCore::FrameLoaderClientQt::didDetectXSS):
* WebCoreSupport/FrameLoaderClientQt.h:

Source/WebKit/win:

* WebCoreSupport/WebFrameLoaderClient.cpp:
(WebFrameLoaderClient::didDetectXSS):
* WebCoreSupport/WebFrameLoaderClient.h:

Source/WebKit/wince:

* WebCoreSupport/FrameLoaderClientWinCE.cpp:
(WebKit::FrameLoaderClientWinCE::didDetectXSS):
* WebCoreSupport/FrameLoaderClientWinCE.h:

Source/WebKit/wx:

* WebKitSupport/FrameLoaderClientWx.cpp:
(WebCore::FrameLoaderClientWx::didDetectXSS):
* WebKitSupport/FrameLoaderClientWx.h:

Source/WebKit2:

* UIProcess/API/C/WKPage.h:
* UIProcess/API/gtk/WebKitWebLoaderClient.cpp:
(webkitWebLoaderClientAttachLoaderClientToPage):
* UIProcess/WebLoaderClient.cpp:
(WebKit::WebLoaderClient::didDetectXSSForFrame):
* UIProcess/WebLoaderClient.h:
* UIProcess/WebPageProxy.cpp:
(WebKit::WebPageProxy::didDetectXSSForFrame):
* UIProcess/WebPageProxy.h:
* UIProcess/WebPageProxy.messages.in:
* WebProcess/InjectedBundle/API/c/WKBundlePage.h:
* WebProcess/InjectedBundle/InjectedBundlePageLoaderClient.cpp:
(WebKit::InjectedBundlePageLoaderClient::didDetectXSSForFrame):
* WebProcess/InjectedBundle/InjectedBundlePageLoaderClient.h:
* WebProcess/WebCoreSupport/WebFrameLoaderClient.cpp:
(WebKit::WebFrameLoaderClient::didDetectXSS):
* WebProcess/WebCoreSupport/WebFrameLoaderClient.h:

Tools:

* DumpRenderTree/chromium/WebViewHost.cpp:
(WebViewHost::didDetectXSS):
* DumpRenderTree/chromium/WebViewHost.h:
* DumpRenderTree/mac/FrameLoadDelegate.mm:
(-[FrameLoadDelegate webView:didDetectXSS:]):
* MiniBrowser/mac/BrowserWindowController.m:
(didDetectXSSForFrame):
(-[BrowserWindowController awakeFromNib]):
* WebKitTestRunner/InjectedBundle/InjectedBundlePage.cpp:
(WTR::InjectedBundlePage::InjectedBundlePage):
(WTR::InjectedBundlePage::didDetectXSSForFrame):
* WebKitTestRunner/InjectedBundle/InjectedBundlePage.h:

LayoutTests:

* http/tests/security/xssAuditor/script-tag-with-callbacks-expected.txt: Added.
* http/tests/security/xssAuditor/script-tag-with-callbacks.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@99096 268f45cc-cd09-0410-ab3c-d52691b4dbfc

56 files changed:
LayoutTests/ChangeLog
LayoutTests/http/tests/security/xssAuditor/script-tag-with-callbacks-expected.txt [new file with mode: 0644]
LayoutTests/http/tests/security/xssAuditor/script-tag-with-callbacks.html [new file with mode: 0644]
Source/WebCore/ChangeLog
Source/WebCore/html/parser/XSSAuditor.cpp
Source/WebCore/html/parser/XSSAuditor.h
Source/WebCore/loader/EmptyClients.h
Source/WebCore/loader/FrameLoaderClient.h
Source/WebKit/chromium/ChangeLog
Source/WebKit/chromium/public/WebFrameClient.h
Source/WebKit/chromium/src/FrameLoaderClientImpl.cpp
Source/WebKit/chromium/src/FrameLoaderClientImpl.h
Source/WebKit/efl/ChangeLog
Source/WebKit/efl/WebCoreSupport/FrameLoaderClientEfl.cpp
Source/WebKit/efl/WebCoreSupport/FrameLoaderClientEfl.h
Source/WebKit/gtk/ChangeLog
Source/WebKit/gtk/WebCoreSupport/FrameLoaderClientGtk.cpp
Source/WebKit/gtk/WebCoreSupport/FrameLoaderClientGtk.h
Source/WebKit/mac/ChangeLog
Source/WebKit/mac/WebCoreSupport/WebFrameLoaderClient.h
Source/WebKit/mac/WebCoreSupport/WebFrameLoaderClient.mm
Source/WebKit/mac/WebView/WebDelegateImplementationCaching.h
Source/WebKit/mac/WebView/WebFrameLoadDelegatePrivate.h
Source/WebKit/mac/WebView/WebView.mm
Source/WebKit/qt/ChangeLog
Source/WebKit/qt/WebCoreSupport/FrameLoaderClientQt.cpp
Source/WebKit/qt/WebCoreSupport/FrameLoaderClientQt.h
Source/WebKit/win/ChangeLog
Source/WebKit/win/WebCoreSupport/WebFrameLoaderClient.cpp
Source/WebKit/win/WebCoreSupport/WebFrameLoaderClient.h
Source/WebKit/wince/ChangeLog
Source/WebKit/wince/WebCoreSupport/FrameLoaderClientWinCE.cpp
Source/WebKit/wince/WebCoreSupport/FrameLoaderClientWinCE.h
Source/WebKit/wx/ChangeLog
Source/WebKit/wx/WebKitSupport/FrameLoaderClientWx.cpp
Source/WebKit/wx/WebKitSupport/FrameLoaderClientWx.h
Source/WebKit2/ChangeLog
Source/WebKit2/UIProcess/API/C/WKPage.h
Source/WebKit2/UIProcess/API/gtk/WebKitWebLoaderClient.cpp
Source/WebKit2/UIProcess/WebLoaderClient.cpp
Source/WebKit2/UIProcess/WebLoaderClient.h
Source/WebKit2/UIProcess/WebPageProxy.cpp
Source/WebKit2/UIProcess/WebPageProxy.h
Source/WebKit2/UIProcess/WebPageProxy.messages.in
Source/WebKit2/WebProcess/InjectedBundle/API/c/WKBundlePage.h
Source/WebKit2/WebProcess/InjectedBundle/InjectedBundlePageLoaderClient.cpp
Source/WebKit2/WebProcess/InjectedBundle/InjectedBundlePageLoaderClient.h
Source/WebKit2/WebProcess/WebCoreSupport/WebFrameLoaderClient.cpp
Source/WebKit2/WebProcess/WebCoreSupport/WebFrameLoaderClient.h
Tools/ChangeLog
Tools/DumpRenderTree/chromium/WebViewHost.cpp
Tools/DumpRenderTree/chromium/WebViewHost.h
Tools/DumpRenderTree/mac/FrameLoadDelegate.mm
Tools/MiniBrowser/mac/BrowserWindowController.m
Tools/WebKitTestRunner/InjectedBundle/InjectedBundlePage.cpp
Tools/WebKitTestRunner/InjectedBundle/InjectedBundlePage.h

index 1dca4dc..7edc82c 100644 (file)
@@ -1,3 +1,13 @@
+2011-11-02  Tom Sepez  <tsepez@chromium.org>
+
+        XSSAuditor is silent
+        https://bugs.webkit.org/show_bug.cgi?id=70973
+
+        Reviewed by Adam Barth.
+
+        * http/tests/security/xssAuditor/script-tag-with-callbacks-expected.txt: Added.
+        * http/tests/security/xssAuditor/script-tag-with-callbacks.html: Added.
+
 2011-11-02  Tony Chang  <tony@chromium.org>
 
         Land chromium win/leopard baselines for printing/setPrinting.html and printing single-line-must-not-be-split-into-two-pages.html.
diff --git a/LayoutTests/http/tests/security/xssAuditor/script-tag-with-callbacks-expected.txt b/LayoutTests/http/tests/security/xssAuditor/script-tag-with-callbacks-expected.txt
new file mode 100644 (file)
index 0000000..ef06441
--- /dev/null
@@ -0,0 +1,12 @@
+frame "<!--framePath //<!--frame0-->-->" - didStartProvisionalLoadForFrame
+main frame - didFinishDocumentLoadForFrame
+frame "<!--framePath //<!--frame0-->-->" - didCommitLoadForFrame
+CONSOLE MESSAGE: line 1: Refused to execute a JavaScript script. Source code of script found within request.
+
+didDetectXSS
+frame "<!--framePath //<!--frame0-->-->" - didFinishDocumentLoadForFrame
+frame "<!--framePath //<!--frame0-->-->" - didHandleOnloadEventsForFrame
+main frame - didHandleOnloadEventsForFrame
+frame "<!--framePath //<!--frame0-->-->" - didFinishLoadForFrame
+main frame - didFinishLoadForFrame
+
diff --git a/LayoutTests/http/tests/security/xssAuditor/script-tag-with-callbacks.html b/LayoutTests/http/tests/security/xssAuditor/script-tag-with-callbacks.html
new file mode 100644 (file)
index 0000000..8555a0e
--- /dev/null
@@ -0,0 +1,16 @@
+<!DOCTYPE html>
+<html>
+<head>
+<script>
+if (window.layoutTestController) {
+    layoutTestController.dumpAsText();
+    layoutTestController.dumpFrameLoadCallbacks();
+    layoutTestController.setXSSAuditorEnabled(true);
+}
+</script>
+</head>
+<body>
+<iframe src="http://localhost:8000/security/xssAuditor/resources/echo-intertag.pl?q=<script>alert(String.fromCharCode(0x58,0x53,0x53))</script>">
+</iframe>
+</body>
+</html>
index 8c149c2..fab5db8 100644 (file)
@@ -1,3 +1,20 @@
+2011-11-02  Tom Sepez  <tsepez@chromium.org>
+
+        XSSAuditor is silent
+        https://bugs.webkit.org/show_bug.cgi?id=70973
+
+        Reviewed by Adam Barth.
+
+        Test: http/tests/security/xssAuditor/script-tag-with-callbacks.html
+
+        * html/parser/XSSAuditor.cpp:
+        (WebCore::XSSAuditor::XSSAuditor):
+        (WebCore::XSSAuditor::filterToken):
+        * html/parser/XSSAuditor.h:
+        * loader/EmptyClients.h:
+        (WebCore::EmptyFrameLoaderClient::didDetectXSS):
+        * loader/FrameLoaderClient.h:
+
 2011-11-02  Simon Fraser  <simon.fraser@apple.com>
 
         Assertion in FontCache::getCachedFontData() when painting into composited layer
index d8d04bf..4c89169 100644 (file)
@@ -33,6 +33,7 @@
 #include "Document.h"
 #include "DocumentLoader.h"
 #include "Frame.h"
+#include "FrameLoaderClient.h"
 #include "HTMLDocumentParser.h"
 #include "HTMLNames.h"
 #include "HTMLParamElement.h"
@@ -186,6 +187,7 @@ XSSAuditor::XSSAuditor(HTMLDocumentParser* parser)
     , m_isEnabled(false)
     , m_xssProtection(XSSProtectionEnabled)
     , m_state(Uninitialized)
+    , m_notifiedClient(false)
 {
     ASSERT(m_parser);
     if (Frame* frame = parser->document()->frame()) {
@@ -285,10 +287,17 @@ void XSSAuditor::filterToken(HTMLToken& token)
         // FIXME: We should add the real line number to the console.
         m_parser->document()->domWindow()->console()->addMessage(JSMessageSource, LogMessageType, ErrorMessageLevel, consoleMessage, 1, String());
 
-        if (m_xssProtection == XSSProtectionBlockEnabled) {
-            m_parser->document()->frame()->loader()->stopAllLoaders();
-            m_parser->document()->frame()->navigationScheduler()->scheduleLocationChange(m_parser->document()->securityOrigin(), blankURL(), String());
+        bool didBlockEntirePage = (m_xssProtection == XSSProtectionBlockEnabled);
+        if (didBlockEntirePage)
+             m_parser->document()->frame()->loader()->stopAllLoaders();
+
+        if (!m_notifiedClient) {
+            m_parser->document()->frame()->loader()->client()->didDetectXSS(m_parser->document()->url(), didBlockEntirePage);
+            m_notifiedClient = true;
         }
+
+        if (didBlockEntirePage)
+            m_parser->document()->frame()->navigationScheduler()->scheduleLocationChange(m_parser->document()->securityOrigin(), blankURL(), String());
     }
 }
 
index 71219a9..89b7b8c 100644 (file)
@@ -88,6 +88,7 @@ private:
 
     State m_state;
     String m_cachedSnippet;
+    bool m_notifiedClient;
 };
 
 }
index 532f425..2b75efb 100644 (file)
@@ -370,6 +370,7 @@ public:
     virtual bool canCachePage() const { return false; }
     virtual void didDisplayInsecureContent() { }
     virtual void didRunInsecureContent(SecurityOrigin*, const KURL&) { }
+    virtual void didDetectXSS(const KURL&, bool) { }
     virtual PassRefPtr<Frame> createFrame(const KURL&, const String&, HTMLFrameOwnerElement*, const String&, bool, int, int) { return 0; }
     virtual void didTransferChildFrameToNewDocument(Page*) { }
     virtual void transferLoadingResourceFromPage(ResourceLoader*, const ResourceRequest&, Page*) { }
index dd12717..331f09c 100644 (file)
@@ -208,6 +208,7 @@ namespace WebCore {
         // script) from an insecure source.  Note that the insecure content can
         // spread to other frames in the same origin.
         virtual void didRunInsecureContent(SecurityOrigin*, const KURL&) = 0;
+        virtual void didDetectXSS(const KURL&, bool didBlockEntirePage) = 0;
 
         virtual ResourceError cancelledError(const ResourceRequest&) = 0;
         virtual ResourceError blockedError(const ResourceRequest&) = 0;
index 5670aab..405e191 100644 (file)
@@ -1,3 +1,16 @@
+2011-11-02  Tom Sepez  <tsepez@chromium.org>
+
+        XSSAuditor is silent
+        https://bugs.webkit.org/show_bug.cgi?id=70973
+
+        Reviewed by Adam Barth.
+
+        * public/WebFrameClient.h:
+        (WebKit::WebFrameClient::didDetectXSS):
+        * src/FrameLoaderClientImpl.cpp:
+        (WebKit::FrameLoaderClientImpl::didDetectXSS):
+        * src/FrameLoaderClientImpl.h:
+
 2011-11-02  Jon Lee  <jonlee@apple.com>
 
         <input=file multiple> default text uses singular instead of plural
index afc0028..e2dc3b1 100644 (file)
@@ -286,6 +286,9 @@ public:
     // spread to other frames in the same origin.
     virtual void didRunInsecureContent(WebFrame*, const WebSecurityOrigin&, const WebURL& insecureURL) { }
 
+    // A reflected XSS was encountered in the page and suppressed.
+    virtual void didDetectXSS(WebFrame*, const WebURL&, bool didBlockEntirePage) { }
+
     // This frame adopted the resource that is being loaded. This happens when
     // an iframe, that is loading a subresource, is transferred between windows.
     virtual void didAdoptURLLoader(WebURLLoader*) { }
index f94df2a..80936f7 100644 (file)
@@ -1204,6 +1204,12 @@ void FrameLoaderClientImpl::didRunInsecureContent(SecurityOrigin* origin, const
         m_webFrame->client()->didRunInsecureContent(m_webFrame, WebSecurityOrigin(origin), insecureURL);
 }
 
+void FrameLoaderClientImpl::didDetectXSS(const KURL& insecureURL, bool didBlockEntirePage)
+{
+    if (m_webFrame->client())
+        m_webFrame->client()->didDetectXSS(m_webFrame, insecureURL, didBlockEntirePage);
+}
+
 ResourceError FrameLoaderClientImpl::blockedError(const ResourceRequest&)
 {
     // FIXME
index 2095912..e644d18 100644 (file)
@@ -138,6 +138,7 @@ public:
     virtual bool shouldStopLoadingForHistoryItem(WebCore::HistoryItem*) const;
     virtual void didDisplayInsecureContent();
     virtual void didRunInsecureContent(WebCore::SecurityOrigin*, const WebCore::KURL& insecureURL);
+    virtual void didDetectXSS(const WebCore::KURL&, bool didBlockEntirePage);
     virtual WebCore::ResourceError blockedError(const WebCore::ResourceRequest&);
     virtual WebCore::ResourceError cancelledError(const WebCore::ResourceRequest&);
     virtual WebCore::ResourceError cannotShowURLError(const WebCore::ResourceRequest&);
index b214742..c2c146b 100755 (executable)
@@ -1,3 +1,14 @@
+2011-11-02  Tom Sepez  <tsepez@chromium.org>
+
+        XSSAuditor is silent
+        https://bugs.webkit.org/show_bug.cgi?id=70973
+
+        Reviewed by Adam Barth.
+
+        * WebCoreSupport/FrameLoaderClientEfl.cpp:
+        (WebCore::FrameLoaderClientEfl::didDetectXSS):
+        * WebCoreSupport/FrameLoaderClientEfl.h:
+
 2011-11-02  Ryuan Choi  <ryuan.choi@samsung.com>
 
         [EFL] Fix build break when DEBUG_MEM_LEAKS is enabled.
index 22823a4..14c863a 100644 (file)
@@ -531,6 +531,11 @@ void FrameLoaderClientEfl::didRunInsecureContent(SecurityOrigin*, const KURL&)
     notImplemented();
 }
 
+void FrameLoaderClientEfl::didDetectXSS(const KURL&, bool)
+{
+    notImplemented();
+}
+
 void FrameLoaderClientEfl::makeRepresentation(DocumentLoader*)
 {
     m_hasRepresentation = true;
index 5a56bb1..0ff6935 100644 (file)
@@ -163,6 +163,7 @@ class FrameLoaderClientEfl : public FrameLoaderClient {
     virtual bool shouldStopLoadingForHistoryItem(HistoryItem*) const;
     virtual void didDisplayInsecureContent();
     virtual void didRunInsecureContent(SecurityOrigin*, const KURL&);
+    virtual void didDetectXSS(const KURL&, bool didBlockEntirePage);
 
     virtual ResourceError cancelledError(const ResourceRequest&);
     virtual ResourceError blockedError(const ResourceRequest&);
index 2fbbe95..56fe28e 100644 (file)
@@ -1,3 +1,14 @@
+2011-11-02  Tom Sepez  <tsepez@chromium.org>
+
+        XSSAuditor is silent
+        https://bugs.webkit.org/show_bug.cgi?id=70973
+
+        Reviewed by Adam Barth.
+
+        * WebCoreSupport/FrameLoaderClientGtk.cpp:
+        (WebKit::FrameLoaderClient::didDetectXSS):
+        * WebCoreSupport/FrameLoaderClientGtk.h:
+
 2011-11-02  Zan Dobersek  <zandobersek@gmail.com>
 
         [GTK] Visited links of a page group should be removed when clearing back/forward list
index 17514ba..0a14c12 100644 (file)
@@ -724,6 +724,11 @@ void FrameLoaderClient::didRunInsecureContent(SecurityOrigin*, const KURL&)
     notImplemented();
 }
 
+void FrameLoaderClient::didDetectXSS(const KURL&, bool)
+{
+    notImplemented();
+}
+
 void FrameLoaderClient::makeRepresentation(WebCore::DocumentLoader*)
 {
     m_hasRepresentation = true;
index 446f8ba..a90f67d 100644 (file)
@@ -145,6 +145,7 @@ namespace WebKit {
 
         virtual void didDisplayInsecureContent();
         virtual void didRunInsecureContent(WebCore::SecurityOrigin*, const WebCore::KURL&);
+        virtual void didDetectXSS(const WebCore::KURL&, bool didBlockEntirePage);
 
         virtual WebCore::ResourceError cancelledError(const WebCore::ResourceRequest&);
         virtual WebCore::ResourceError blockedError(const WebCore::ResourceRequest&);
index d195c2d..54817bb 100644 (file)
@@ -1,3 +1,19 @@
+2011-11-02  Tom Sepez  <tsepez@chromium.org>
+
+        XSSAuditor is silent
+        https://bugs.webkit.org/show_bug.cgi?id=70973
+
+        Reviewed by Adam Barth.
+
+        * WebCoreSupport/WebFrameLoaderClient.h:
+        * WebCoreSupport/WebFrameLoaderClient.mm:
+        (WebFrameLoaderClient::didRunInsecureContent):
+        (WebFrameLoaderClient::didDetectXSS):
+        * WebView/WebDelegateImplementationCaching.h:
+        * WebView/WebFrameLoadDelegatePrivate.h:
+        * WebView/WebView.mm:
+        (-[WebView _cacheFrameLoadDelegateImplementations]):
+
 2011-11-01  Darin Adler  <darin@apple.com>
 
         Crash in PDF code when script has illegal UTF-8 or UTF-16 sequences
index 79bf2af..29c8820 100644 (file)
@@ -156,6 +156,7 @@ private:
 
     virtual void didDisplayInsecureContent() OVERRIDE;
     virtual void didRunInsecureContent(WebCore::SecurityOrigin*, const WebCore::KURL&) OVERRIDE;
+    virtual void didDetectXSS(const WebCore::KURL&, bool didBlockEntirePage) OVERRIDE;
 
     virtual WebCore::ResourceError cancelledError(const WebCore::ResourceRequest&) OVERRIDE;
     virtual WebCore::ResourceError blockedError(const WebCore::ResourceRequest&) OVERRIDE;
index d795a65..e628042 100644 (file)
@@ -989,12 +989,23 @@ void WebFrameLoaderClient::didDisplayInsecureContent()
 
 void WebFrameLoaderClient::didRunInsecureContent(SecurityOrigin* origin, const KURL& insecureURL)
 {
-    RetainPtr<WebSecurityOrigin> webSecurityOrigin(AdoptNS, [[WebSecurityOrigin alloc] _initWithWebCoreSecurityOrigin:origin]);
-
     WebView *webView = getWebView(m_webFrame.get());   
     WebFrameLoadDelegateImplementationCache* implementations = WebViewGetFrameLoadDelegateImplementations(webView);
-    if (implementations->didRunInsecureContentFunc)
+    if (implementations->didRunInsecureContentFunc) {
+        RetainPtr<WebSecurityOrigin> webSecurityOrigin(AdoptNS, [[WebSecurityOrigin alloc] _initWithWebCoreSecurityOrigin:origin]);
         CallFrameLoadDelegate(implementations->didRunInsecureContentFunc, webView, @selector(webView:didRunInsecureContent:), webSecurityOrigin.get());
+    }
+}
+
+void WebFrameLoaderClient::didDetectXSS(const KURL& insecureURL, bool didBlockEntirePage)
+{
+    WebView *webView = getWebView(m_webFrame.get());   
+    WebFrameLoadDelegateImplementationCache* implementations = WebViewGetFrameLoadDelegateImplementations(webView);
+    if (implementations->didDetectXSSFunc) {
+        // FIXME: must pass didBlockEntirePage if we want to do more on mac than just pass tests.
+        NSURL* insecureNSURL = insecureURL;
+        CallFrameLoadDelegate(implementations->didDetectXSSFunc, webView, @selector(webView:didDetectXSS:), insecureNSURL);
+    }
 }
 
 ResourceError WebFrameLoaderClient::cancelledError(const ResourceRequest& request)
index 036eb17..6568cc9 100644 (file)
@@ -77,6 +77,7 @@ struct WebFrameLoadDelegateImplementationCache {
     IMP didFinishDocumentLoadForFrameFunc;
     IMP didDisplayInsecureContentFunc;
     IMP didRunInsecureContentFunc;
+    IMP didDetectXSSFunc;
 };
 
 struct WebScriptDebugDelegateImplementationCache {
index 2359cc6..f3d21d0 100644 (file)
 @interface NSObject (WebFrameLoadDelegatePrivate)
 
 - (void)webViewDidDisplayInsecureContent:(WebView *)webView;
-
 - (void)webView:(WebView *)webView didRunInsecureContent:(WebSecurityOrigin *)origin;
-
+- (void)webView:(WebView *)webView didDetectXSS:(NSURL *)insecureURL;
 - (void)webView:(WebView *)webView didClearWindowObjectForFrame:(WebFrame *)frame inScriptWorld:(WebScriptWorld *)world;
-
 - (void)webView:(WebView *)webView didPushStateWithinPageForFrame:(WebFrame *)frame;
 - (void)webView:(WebView *)webView didReplaceStateWithinPageForFrame:(WebFrame *)frame;
 - (void)webView:(WebView *)webView didPopStateWithinPageForFrame:(WebFrame *)frame;
index 19f7476..53406df 100644 (file)
@@ -1552,6 +1552,7 @@ static inline IMP getMethod(id o, SEL s)
     cache->windowScriptObjectAvailableFunc = getMethod(delegate, @selector(webView:windowScriptObjectAvailable:));
     cache->didDisplayInsecureContentFunc = getMethod(delegate, @selector(webViewDidDisplayInsecureContent:));
     cache->didRunInsecureContentFunc = getMethod(delegate, @selector(webView:didRunInsecureContent:));
+    cache->didDetectXSSFunc = getMethod(delegate, @selector(webView:didDetectXSS:));
 }
 
 - (void)_cacheScriptDebugDelegateImplementations
index 67fff30..9b388c0 100644 (file)
@@ -1,3 +1,14 @@
+2011-11-02  Tom Sepez  <tsepez@chromium.org>
+
+        XSSAuditor is silent
+        https://bugs.webkit.org/show_bug.cgi?id=70973
+
+        Reviewed by Adam Barth.
+
+        * WebCoreSupport/FrameLoaderClientQt.cpp:
+        (WebCore::FrameLoaderClientQt::didDetectXSS):
+        * WebCoreSupport/FrameLoaderClientQt.h:
+
 2011-11-02  Jon Lee  <jonlee@apple.com>
 
         <input=file multiple> default text uses singular instead of plural
index 83a4903..d443ddf 100644 (file)
@@ -873,6 +873,14 @@ void FrameLoaderClientQt::didRunInsecureContent(WebCore::SecurityOrigin*, const
     notImplemented();
 }
 
+void FrameLoaderClientQt::didDetectXSS(const KURL&, bool)
+{
+    if (dumpFrameLoaderCallbacks)
+        printf("didDetectXSS\n");
+
+    notImplemented();
+}
+
 void FrameLoaderClientQt::saveViewStateToItem(WebCore::HistoryItem* item)
 {
     QWebHistoryItem historyItem(new QWebHistoryItemPrivate(item));
index a0e0929..3d5ffd9 100644 (file)
@@ -162,6 +162,7 @@ public:
     virtual bool shouldStopLoadingForHistoryItem(HistoryItem*) const;
     virtual void didDisplayInsecureContent();
     virtual void didRunInsecureContent(SecurityOrigin*, const KURL&);
+    virtual void didDetectXSS(const KURL&, bool didBlockEntirePage);
 
     virtual ResourceError cancelledError(const ResourceRequest&);
     virtual ResourceError blockedError(const ResourceRequest&);
index 15164a9..03b95ab 100644 (file)
@@ -1,3 +1,14 @@
+2011-11-02  Tom Sepez  <tsepez@chromium.org>
+
+        XSSAuditor is silent
+        https://bugs.webkit.org/show_bug.cgi?id=70973
+
+        Reviewed by Adam Barth.
+
+        * WebCoreSupport/WebFrameLoaderClient.cpp:
+        (WebFrameLoaderClient::didDetectXSS):
+        * WebCoreSupport/WebFrameLoaderClient.h:
+
 2011-10-28  Jochen Eisinger  <jochen@chromium.org>
 
         Rename a number of methods mentioning JavaScript to just Script instead
index 0bb9649..daaf26a 100644 (file)
@@ -656,6 +656,11 @@ void WebFrameLoaderClient::didRunInsecureContent(SecurityOrigin* origin, const K
     frameLoadDelegatePriv2->didRunInsecureContent(webView, webSecurityOrigin.get());
 }
 
+void WebFrameLoaderClient::didDetectXSS(const KURL&, bool)
+{
+    // FIXME: propogate call into the private delegate.
+}
+
 PassRefPtr<DocumentLoader> WebFrameLoaderClient::createDocumentLoader(const ResourceRequest& request, const SubstituteData& substituteData)
 {
     RefPtr<WebDocumentLoader> loader = WebDocumentLoader::create(request, substituteData);
index 4ec8469..e3e8953 100644 (file)
@@ -98,6 +98,7 @@ public:
 
     virtual void didDisplayInsecureContent();
     virtual void didRunInsecureContent(WebCore::SecurityOrigin*, const WebCore::KURL&);
+    virtual void didDetectXSS(const WebCore::KURL&, bool didBlockEntirePage);
 
     virtual PassRefPtr<WebCore::DocumentLoader> createDocumentLoader(const WebCore::ResourceRequest&, const WebCore::SubstituteData&);
     virtual void setTitle(const WebCore::StringWithDirection&, const WebCore::KURL&);
index d0ad0fe..5d3af2b 100644 (file)
@@ -1,3 +1,14 @@
+2011-11-02  Tom Sepez  <tsepez@chromium.org>
+
+        XSSAuditor is silent
+        https://bugs.webkit.org/show_bug.cgi?id=70973
+
+        Reviewed by Adam Barth.
+
+        * WebCoreSupport/FrameLoaderClientWinCE.cpp:
+        (WebKit::FrameLoaderClientWinCE::didDetectXSS):
+        * WebCoreSupport/FrameLoaderClientWinCE.h:
+
 2011-11-02  Jon Lee  <jonlee@apple.com>
 
         <input=file multiple> default text uses singular instead of plural
index c372e21..0c25a63 100644 (file)
@@ -274,6 +274,11 @@ void FrameLoaderClientWinCE::didRunInsecureContent(SecurityOrigin*, const KURL&)
     notImplemented();
 }
 
+void FrameLoaderClientWinCE::didDetectXSS(const KURL&, bool)
+{
+    notImplemented();
+}
+
 void FrameLoaderClientWinCE::makeRepresentation(DocumentLoader*)
 {
     notImplemented();
index 7a4f781..f654223 100644 (file)
@@ -140,6 +140,7 @@ public:
 
     virtual void didDisplayInsecureContent();
     virtual void didRunInsecureContent(WebCore::SecurityOrigin*, const WebCore::KURL&);
+    virtual void didDetectXSS(const WebCore::KURL&, bool didBlockEntirePage);
 
     virtual WebCore::ResourceError cancelledError(const WebCore::ResourceRequest&);
     virtual WebCore::ResourceError blockedError(const WebCore::ResourceRequest&);
index c44b6d6..0368630 100644 (file)
@@ -1,3 +1,14 @@
+2011-11-02  Tom Sepez  <tsepez@chromium.org>
+
+        XSSAuditor is silent
+        https://bugs.webkit.org/show_bug.cgi?id=70973
+
+        Reviewed by Adam Barth.
+
+        * WebKitSupport/FrameLoaderClientWx.cpp:
+        (WebCore::FrameLoaderClientWx::didDetectXSS):
+        * WebKitSupport/FrameLoaderClientWx.h:
+
 2011-10-28  Jochen Eisinger  <jochen@chromium.org>
 
         Rename a number of methods mentioning JavaScript to just Script instead
index 22f5595..1afab23 100644 (file)
@@ -602,6 +602,11 @@ void FrameLoaderClientWx::didRunInsecureContent(WebCore::SecurityOrigin*, const
     notImplemented();
 }
 
+void FrameLoaderClientWx::didDetectXSS(const KURL&, bool)
+{
+    notImplemented();
+}
+
 void FrameLoaderClientWx::saveScrollPositionAndViewStateToItem(WebCore::HistoryItem*)
 {
     notImplemented();
index 61181a9..1937e4a 100644 (file)
@@ -170,6 +170,7 @@ namespace WebCore {
         
         virtual void didDisplayInsecureContent();
         virtual void didRunInsecureContent(SecurityOrigin*, const KURL&);
+        virtual void didDetectXSS(const KURL&, bool didBlockEntirePage);
 
         virtual void setMainDocumentError(DocumentLoader*, const ResourceError&);
         virtual void committedLoad(DocumentLoader*, const char*, int);
index 7d79a3c..e75f9f1 100644 (file)
@@ -1,3 +1,28 @@
+2011-11-02  Tom Sepez  <tsepez@chromium.org>
+
+        XSSAuditor is silent
+        https://bugs.webkit.org/show_bug.cgi?id=70973
+
+        Reviewed by Adam Barth.
+
+        * UIProcess/API/C/WKPage.h:
+        * UIProcess/API/gtk/WebKitWebLoaderClient.cpp:
+        (webkitWebLoaderClientAttachLoaderClientToPage):
+        * UIProcess/WebLoaderClient.cpp:
+        (WebKit::WebLoaderClient::didDetectXSSForFrame):
+        * UIProcess/WebLoaderClient.h:
+        * UIProcess/WebPageProxy.cpp:
+        (WebKit::WebPageProxy::didDetectXSSForFrame):
+        * UIProcess/WebPageProxy.h:
+        * UIProcess/WebPageProxy.messages.in:
+        * WebProcess/InjectedBundle/API/c/WKBundlePage.h:
+        * WebProcess/InjectedBundle/InjectedBundlePageLoaderClient.cpp:
+        (WebKit::InjectedBundlePageLoaderClient::didDetectXSSForFrame):
+        * WebProcess/InjectedBundle/InjectedBundlePageLoaderClient.h:
+        * WebProcess/WebCoreSupport/WebFrameLoaderClient.cpp:
+        (WebKit::WebFrameLoaderClient::didDetectXSS):
+        * WebProcess/WebCoreSupport/WebFrameLoaderClient.h:
+
 2011-11-02  Anders Carlsson  <andersca@apple.com>
 
         More window relative coordinate usage removal
index 7e5a709..58a286b 100644 (file)
@@ -64,6 +64,7 @@ typedef void (*WKPageDidFirstVisuallyNonEmptyLayoutForFrameCallback)(WKPageRef p
 typedef void (*WKPageDidRemoveFrameFromHierarchyCallback)(WKPageRef page, WKFrameRef frame, WKTypeRef userData, const void *clientInfo);
 typedef void (*WKPageDidDisplayInsecureContentForFrameCallback)(WKPageRef page, WKFrameRef frame, WKTypeRef userData, const void *clientInfo);
 typedef void (*WKPageDidRunInsecureContentForFrameCallback)(WKPageRef page, WKFrameRef frame, WKTypeRef userData, const void *clientInfo);
+typedef void (*WKPageDidDetectXSSForFrameCallback)(WKPageRef page, WKFrameRef frame, WKTypeRef userData, const void *clientInfo);
 typedef bool (*WKPageCanAuthenticateAgainstProtectionSpaceInFrameCallback)(WKPageRef page, WKFrameRef frame, WKProtectionSpaceRef protectionSpace, const void *clientInfo);
 typedef void (*WKPageDidReceiveAuthenticationChallengeInFrameCallback)(WKPageRef page, WKFrameRef frame, WKAuthenticationChallengeRef authenticationChallenge, const void *clientInfo);
 typedef void (*WKPageDidChangeBackForwardListCallback)(WKPageRef page, WKBackForwardListItemRef addedItem, WKArrayRef removedItems, const void *clientInfo);
@@ -87,6 +88,7 @@ struct WKPageLoaderClient {
     WKPageDidRemoveFrameFromHierarchyCallback                           didRemoveFrameFromHierarchy;
     WKPageDidDisplayInsecureContentForFrameCallback                     didDisplayInsecureContentForFrame;
     WKPageDidRunInsecureContentForFrameCallback                         didRunInsecureContentForFrame;
+    WKPageDidDetectXSSForFrameCallback                                  didDetectXSSForFrame;
     WKPageCanAuthenticateAgainstProtectionSpaceInFrameCallback          canAuthenticateAgainstProtectionSpaceInFrame;
     WKPageDidReceiveAuthenticationChallengeInFrameCallback              didReceiveAuthenticationChallengeInFrame;
 
index 5c25dd3..0d88d34 100644 (file)
@@ -162,6 +162,7 @@ void webkitWebLoaderClientAttachLoaderClientToPage(WebKitWebLoaderClient* loader
         0, // didRemoveFrameFromHierarchy
         0, // didDisplayInsecureContentForFrame
         0, // didRunInsecureContentForFrame
+        0, // didDetectXSSForFrame
         0, // canAuthenticateAgainstProtectionSpaceInFrame
         0, // didReceiveAuthenticationChallengeInFrame
         didChangeProgress, // didStartProgress
index 7471fb8..624169e 100644 (file)
@@ -147,6 +147,14 @@ void WebLoaderClient::didRunInsecureContentForFrame(WebPageProxy* page, WebFrame
     m_client.didRunInsecureContentForFrame(toAPI(page), toAPI(frame), toAPI(userData), m_client.clientInfo);
 }
 
+void WebLoaderClient::didDetectXSSForFrame(WebPageProxy* page, WebFrameProxy* frame, APIObject* userData)
+{
+    if (!m_client.didDetectXSSForFrame)
+        return;
+
+    m_client.didDetectXSSForFrame(toAPI(page), toAPI(frame), toAPI(userData), m_client.clientInfo);
+}
+
 bool WebLoaderClient::canAuthenticateAgainstProtectionSpaceInFrame(WebPageProxy* page, WebFrameProxy* frame, WebProtectionSpace* protectionSpace)
 {
     if (!m_client.canAuthenticateAgainstProtectionSpaceInFrame)
index d04143c..9fe8fce 100644 (file)
@@ -63,6 +63,7 @@ public:
     void didRemoveFrameFromHierarchy(WebPageProxy*, WebFrameProxy*, APIObject*);
     void didDisplayInsecureContentForFrame(WebPageProxy*, WebFrameProxy*, APIObject*);
     void didRunInsecureContentForFrame(WebPageProxy*, WebFrameProxy*, APIObject*);
+    void didDetectXSSForFrame(WebPageProxy*, WebFrameProxy*, APIObject*);
     
     bool canAuthenticateAgainstProtectionSpaceInFrame(WebPageProxy*, WebFrameProxy*, WebProtectionSpace*);
     void didReceiveAuthenticationChallengeInFrame(WebPageProxy*, WebFrameProxy*, AuthenticationChallengeProxy*);
index 64f6032..d31b19e 100644 (file)
@@ -1840,6 +1840,19 @@ void WebPageProxy::didRunInsecureContentForFrame(uint64_t frameID, CoreIPC::Argu
     m_loaderClient.didRunInsecureContentForFrame(this, frame, userData.get());
 }
 
+void WebPageProxy::didDetectXSSForFrame(uint64_t frameID, CoreIPC::ArgumentDecoder* arguments)
+{
+    RefPtr<APIObject> userData;
+    WebContextUserMessageDecoder messageDecoder(userData, m_process->context());
+    if (!arguments->decode(messageDecoder))
+        return;
+
+    WebFrameProxy* frame = process()->webFrame(frameID);
+    MESSAGE_CHECK(frame);
+
+    m_loaderClient.didDetectXSSForFrame(this, frame, userData.get());
+}
+
 void WebPageProxy::frameDidBecomeFrameSet(uint64_t frameID, bool value)
 {
     WebFrameProxy* frame = process()->webFrame(frameID);
index 7de85b2..2bd6869 100644 (file)
@@ -605,6 +605,7 @@ private:
     void didRemoveFrameFromHierarchy(uint64_t frameID, CoreIPC::ArgumentDecoder*);
     void didDisplayInsecureContentForFrame(uint64_t frameID, CoreIPC::ArgumentDecoder*);
     void didRunInsecureContentForFrame(uint64_t frameID, CoreIPC::ArgumentDecoder*);
+    void didDetectXSSForFrame(uint64_t frameID, CoreIPC::ArgumentDecoder*);
     void frameDidBecomeFrameSet(uint64_t frameID, bool);
     void didStartProgress();
     void didChangeProgress(double);
index 82b961c..53a1e5f 100644 (file)
@@ -108,6 +108,7 @@ messages -> WebPageProxy {
     DidReceiveTitleForFrame(uint64_t frameID, WTF::String title, WebKit::InjectedBundleUserMessageEncoder userData)
     DidDisplayInsecureContentForFrame(uint64_t frameID, WebKit::InjectedBundleUserMessageEncoder userData)
     DidRunInsecureContentForFrame(uint64_t frameID, WebKit::InjectedBundleUserMessageEncoder userData)
+    DidDetectXSSForFrame(uint64_t frameID, WebKit::InjectedBundleUserMessageEncoder userData)
     DidSameDocumentNavigationForFrame(uint64_t frameID, uint32_t type, WTF::String url, WebKit::InjectedBundleUserMessageEncoder userData)
 
     FrameDidBecomeFrameSet(uint64_t frameID, bool value)
index 2a4d4d1..7da8d0a 100644 (file)
@@ -92,6 +92,7 @@ typedef void (*WKBundlePageDidReceiveTitleForFrameCallback)(WKBundlePageRef page
 typedef void (*WKBundlePageDidRemoveFrameFromHierarchyCallback)(WKBundlePageRef page, WKBundleFrameRef frame, WKTypeRef* userData, const void *clientInfo);
 typedef void (*WKBundlePageDidDisplayInsecureContentForFrameCallback)(WKBundlePageRef page, WKBundleFrameRef frame, WKTypeRef* userData, const void *clientInfo);
 typedef void (*WKBundlePageDidRunInsecureContentForFrameCallback)(WKBundlePageRef page, WKBundleFrameRef frame, WKTypeRef* userData, const void *clientInfo);
+typedef void (*WKBundlePageDidDetectXSSForFrameCallback)(WKBundlePageRef page, WKBundleFrameRef frame, WKTypeRef* userData, const void *clientInfo);
 typedef void (*WKBundlePageDidFirstLayoutForFrameCallback)(WKBundlePageRef page, WKBundleFrameRef frame, WKTypeRef* userData, const void *clientInfo);
 typedef void (*WKBundlePageDidFirstVisuallyNonEmptyLayoutForFrameCallback)(WKBundlePageRef page, WKBundleFrameRef frame, WKTypeRef* userData, const void *clientInfo);
 typedef void (*WKBundlePageDidLayoutForFrameCallback)(WKBundlePageRef page, WKBundleFrameRef frame, const void* clientInfo);
@@ -126,6 +127,7 @@ struct WKBundlePageLoaderClient {
 
     // Version 1.
     WKBundlePageDidLayoutForFrameCallback                               didLayoutForFrame;
+    WKBundlePageDidDetectXSSForFrameCallback                            didDetectXSSForFrame;
 };
 typedef struct WKBundlePageLoaderClient WKBundlePageLoaderClient;
 
index be25d43..977a15d 100644 (file)
@@ -156,6 +156,16 @@ void InjectedBundlePageLoaderClient::didRunInsecureContentForFrame(WebPage* page
     userData = adoptRef(toImpl(userDataToPass));
 }
 
+void InjectedBundlePageLoaderClient::didDetectXSSForFrame(WebPage* page, WebFrame* frame, RefPtr<APIObject>& userData)
+{
+    if (!m_client.didRunInsecureContentForFrame)
+        return;
+
+    WKTypeRef userDataToPass = 0;
+    m_client.didDetectXSSForFrame(toAPI(page), toAPI(frame), &userDataToPass, m_client.clientInfo);
+    userData = adoptRef(toImpl(userDataToPass));
+}
+
 void InjectedBundlePageLoaderClient::didFirstLayoutForFrame(WebPage* page, WebFrame* frame, RefPtr<APIObject>& userData)
 {
     if (!m_client.didFirstLayoutForFrame)
index 67079a6..c366c6d 100644 (file)
@@ -59,6 +59,7 @@ public:
     void didRemoveFrameFromHierarchy(WebPage*, WebFrame*, RefPtr<APIObject>& userData);
     void didDisplayInsecureContentForFrame(WebPage*, WebFrame*, RefPtr<APIObject>& userData);
     void didRunInsecureContentForFrame(WebPage*, WebFrame*, RefPtr<APIObject>& userData);
+    void didDetectXSSForFrame(WebPage*, WebFrame*, RefPtr<APIObject>& userData);
 
     void didFirstLayoutForFrame(WebPage*, WebFrame*, RefPtr<APIObject>& userData);
     void didFirstVisuallyNonEmptyLayoutForFrame(WebPage*, WebFrame*, RefPtr<APIObject>& userData);
index 05e18ae..ed71e38 100644 (file)
@@ -944,6 +944,19 @@ void WebFrameLoaderClient::didRunInsecureContent(SecurityOrigin*, const KURL&)
     webPage->send(Messages::WebPageProxy::DidRunInsecureContentForFrame(m_frame->frameID(), InjectedBundleUserMessageEncoder(userData.get())));
 }
 
+void WebFrameLoaderClient::didDetectXSS(const KURL&, bool)
+{
+    WebPage* webPage = m_frame->page();
+    if (!webPage)
+        return;
+
+    RefPtr<APIObject> userData;
+
+    webPage->injectedBundleLoaderClient().didDetectXSSForFrame(webPage, m_frame, userData);
+
+    webPage->send(Messages::WebPageProxy::DidDetectXSSForFrame(m_frame->frameID(), InjectedBundleUserMessageEncoder(userData.get())));
+}
+
 ResourceError WebFrameLoaderClient::cancelledError(const ResourceRequest& request)
 {
     return WebKit::cancelledError(request);
index 57ed1f2..d33332e 100644 (file)
@@ -137,6 +137,7 @@ private:
 
     virtual void didDisplayInsecureContent() OVERRIDE;
     virtual void didRunInsecureContent(WebCore::SecurityOrigin*, const WebCore::KURL&) OVERRIDE;
+    virtual void didDetectXSS(const WebCore::KURL&, bool didBlockEntirePage) OVERRIDE;
 
     virtual WebCore::ResourceError cancelledError(const WebCore::ResourceRequest&) OVERRIDE;
     virtual WebCore::ResourceError blockedError(const WebCore::ResourceRequest&) OVERRIDE;
index c4ed164..0b201a0 100644 (file)
@@ -1,3 +1,23 @@
+2011-11-02  Tom Sepez  <tsepez@chromium.org>
+
+        XSSAuditor is silent
+        https://bugs.webkit.org/show_bug.cgi?id=70973
+
+        Reviewed by Adam Barth.
+
+        * DumpRenderTree/chromium/WebViewHost.cpp:
+        (WebViewHost::didDetectXSS):
+        * DumpRenderTree/chromium/WebViewHost.h:
+        * DumpRenderTree/mac/FrameLoadDelegate.mm:
+        (-[FrameLoadDelegate webView:didDetectXSS:]):
+        * MiniBrowser/mac/BrowserWindowController.m:
+        (didDetectXSSForFrame):
+        (-[BrowserWindowController awakeFromNib]):
+        * WebKitTestRunner/InjectedBundle/InjectedBundlePage.cpp:
+        (WTR::InjectedBundlePage::InjectedBundlePage):
+        (WTR::InjectedBundlePage::didDetectXSSForFrame):
+        * WebKitTestRunner/InjectedBundle/InjectedBundlePage.h:
+
 2011-11-02  Simon Hausmann  <simon.hausmann@nokia.com>
 
         [Qt] REGRESSION: 5 editing tests fail
index 8fe6944..4816c39 100644 (file)
@@ -1171,6 +1171,12 @@ void WebViewHost::didRunInsecureContent(WebFrame*, const WebSecurityOrigin& orig
         fputs("didRunInsecureContent\n", stdout);
 }
 
+void WebViewHost::didDetectXSS(WebFrame*, const WebURL&, bool)
+{
+    if (m_shell->shouldDumpFrameLoadCallbacks())
+        fputs("didDetectXSS\n", stdout);
+}
+
 void WebViewHost::openFileSystem(WebFrame* frame, WebFileSystem::Type type, long long size, bool create, WebFileSystemCallbacks* callbacks)
 {
     webkit_support::OpenFileSystem(frame, type, size, create, callbacks);
index f95fb18..6a720b2 100644 (file)
@@ -210,6 +210,7 @@ class WebViewHost : public WebKit::WebSpellCheckClient, public WebKit::WebViewCl
     virtual void didFailResourceLoad(WebKit::WebFrame*, unsigned identifier, const WebKit::WebURLError&);
     virtual void didDisplayInsecureContent(WebKit::WebFrame*);
     virtual void didRunInsecureContent(WebKit::WebFrame*, const WebKit::WebSecurityOrigin&, const WebKit::WebURL&);
+    virtual void didDetectXSS(WebKit::WebFrame*, const WebKit::WebURL&, bool didBlockEntirePage);
     virtual void openFileSystem(WebKit::WebFrame*, WebKit::WebFileSystem::Type, long long size, bool create, WebKit::WebFileSystemCallbacks*);
 
     WebKit::WebDeviceOrientationClientMock* deviceOrientationClientMock();
index 7c4a5ec..f63493a 100644 (file)
         printf ("didRunInsecureContent\n");
 }
 
+- (void)webView:(WebView *)sender didDetectXSS:(NSURL *)insecureURL
+{
+    if (!done && gLayoutTestController->dumpFrameLoadCallbacks())
+        printf ("didDetectXSS\n");
+}
+
 @end
index 7fd6b10..552d0c0 100644 (file)
@@ -325,6 +325,11 @@ static void didRunInsecureContentForFrame(WKPageRef page, WKFrameRef frame, WKTy
     LOG(@"didRunInsecureContentForFrame");
 }
 
+static void didDetectXSSForFrame(WKPageRef page, WKFrameRef frame, WKTypeRef userData, const void *clientInfo)
+{
+    LOG(@"didDetectXSSForFrame");
+}
+
 static void didStartProgress(WKPageRef page, const void *clientInfo)
 {
     [(BrowserWindowController *)clientInfo didStartProgress];
@@ -593,6 +598,7 @@ static void runOpenPanel(WKPageRef page, WKFrameRef frame, WKOpenPanelParameters
         didRemoveFrameFromHierarchy,
         didDisplayInsecureContentForFrame,
         didRunInsecureContentForFrame,
+        didDetectXSSForFrame,
         0, // canAuthenticateAgainstProtectionSpaceInFrame
         0, // didReceiveAuthenticationChallengeInFrame
         didStartProgress,
index 5c35060..0f4f198 100644 (file)
@@ -215,6 +215,7 @@ InjectedBundlePage::InjectedBundlePage(WKBundlePageRef page)
         willPerformClientRedirectForFrame,
         didHandleOnloadEventsForFrame,
         0, // didLayoutForFrame
+        didDetectXSSForFrame,
     };
     WKBundlePageSetPageLoaderClient(m_page, &loaderClient);
 
@@ -387,6 +388,11 @@ void InjectedBundlePage::didDisplayInsecureContentForFrame(WKBundlePageRef page,
     static_cast<InjectedBundlePage*>(const_cast<void*>(clientInfo))->didDisplayInsecureContentForFrame(frame);
 }
 
+void InjectedBundlePage::didDetectXSSForFrame(WKBundlePageRef page, WKBundleFrameRef frame, WKTypeRef*, const void* clientInfo)
+{
+    static_cast<InjectedBundlePage*>(const_cast<void*>(clientInfo))->didDetectXSSForFrame(frame);
+}
+
 void InjectedBundlePage::didRunInsecureContentForFrame(WKBundlePageRef page, WKBundleFrameRef frame, WKTypeRef*, const void* clientInfo)
 {
     static_cast<InjectedBundlePage*>(const_cast<void*>(clientInfo))->didRunInsecureContentForFrame(frame);
@@ -690,6 +696,10 @@ void InjectedBundlePage::didRunInsecureContentForFrame(WKBundleFrameRef frame)
 {
 }
 
+void InjectedBundlePage::didDetectXSSForFrame(WKBundleFrameRef frame)
+{
+}
+
 void InjectedBundlePage::didInitiateLoadForResource(WKBundlePageRef, WKBundleFrameRef, uint64_t identifier, WKURLRequestRef, bool)
 {
 }
index bc04e9a..b2568d5 100644 (file)
@@ -63,6 +63,7 @@ private:
     static void didHandleOnloadEventsForFrame(WKBundlePageRef, WKBundleFrameRef, const void*);
     static void didDisplayInsecureContentForFrame(WKBundlePageRef, WKBundleFrameRef, WKTypeRef*, const void*);
     static void didRunInsecureContentForFrame(WKBundlePageRef, WKBundleFrameRef, WKTypeRef*, const void*);
+    static void didDetectXSSForFrame(WKBundlePageRef, WKBundleFrameRef, WKTypeRef*, const void*);
     static void didInitiateLoadForResource(WKBundlePageRef, WKBundleFrameRef, uint64_t identifier, WKURLRequestRef, bool pageLoadIsProvisional, const void*);
     static WKURLRequestRef willSendRequestForFrame(WKBundlePageRef, WKBundleFrameRef, uint64_t identifier, WKURLRequestRef, WKURLResponseRef, const void*);
     static void didReceiveResponseForResource(WKBundlePageRef, WKBundleFrameRef, uint64_t identifier, WKURLResponseRef, const void*);
@@ -85,6 +86,7 @@ private:
     void didHandleOnloadEventsForFrame(WKBundleFrameRef);
     void didDisplayInsecureContentForFrame(WKBundleFrameRef);
     void didRunInsecureContentForFrame(WKBundleFrameRef);
+    void didDetectXSSForFrame(WKBundleFrameRef);
 
     // Resource Load Client
     void didInitiateLoadForResource(WKBundlePageRef, WKBundleFrameRef, uint64_t identifier, WKURLRequestRef, bool pageLoadIsProvisional);