2011-04-27 Robert Hogan <robert@webkit.org>
authorrobert@webkit.org <robert@webkit.org@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Thu, 28 Apr 2011 03:18:18 +0000 (03:18 +0000)
committerrobert@webkit.org <robert@webkit.org@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Thu, 28 Apr 2011 03:18:18 +0000 (03:18 +0000)
        Reviewed by Adam Barth.

        Allow shadowing of history object
        https://bugs.webkit.org/show_bug.cgi?id=55965

        * fast/dom/Window/get-set-properties-expected.txt:
        * fast/dom/Window/get-set-properties.html:
        * fast/dom/Window/window-property-shadowing-expected.txt:
        * fast/dom/Window/window-property-shadowing.html:
        * fast/js/var-declarations-shadowing-expected.txt:
        * fast/js/var-declarations-shadowing.html:
        * http/tests/history/cross-origin-replace-history-object-child-expected.txt: Added.
        * http/tests/history/cross-origin-replace-history-object-child.html: Added.
        * http/tests/history/cross-origin-replace-history-object-expected.txt: Added.
        * http/tests/history/cross-origin-replace-history-object.html: Added.
        * http/tests/history/resources/cross-origin-replaces-history-object-child-iframe.html: Added.
        * http/tests/history/resources/cross-origin-replaces-history-object-iframe.html: Added.
        * http/tests/security/cross-frame-access-put-expected.txt: Note that a window property with
          the DoNotCheckDomainSecurityOnGet attribute generates two cross-origin JS warnings. Amended
          expected results to include the additional extra warning for the history object.
2011-04-27  Robert Hogan  <robert@webkit.org>

        Reviewed by Adam Barth.

        Allow shadowing of history object
        https://bugs.webkit.org/show_bug.cgi?id=55965

        Tests: http/tests/history/cross-origin-replace-history-object-child.html
               http/tests/history/cross-origin-replace-history-object.html

        * page/DOMWindow.idl:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@85142 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 files changed:
LayoutTests/ChangeLog
LayoutTests/fast/dom/Window/get-set-properties-expected.txt
LayoutTests/fast/dom/Window/get-set-properties.html
LayoutTests/fast/dom/Window/window-property-shadowing-expected.txt
LayoutTests/fast/dom/Window/window-property-shadowing.html
LayoutTests/fast/js/var-declarations-shadowing-expected.txt
LayoutTests/fast/js/var-declarations-shadowing.html
LayoutTests/http/tests/history/cross-origin-replace-history-object-child-expected.txt [new file with mode: 0644]
LayoutTests/http/tests/history/cross-origin-replace-history-object-child.html [new file with mode: 0644]
LayoutTests/http/tests/history/cross-origin-replace-history-object-expected.txt [new file with mode: 0644]
LayoutTests/http/tests/history/cross-origin-replace-history-object.html [new file with mode: 0644]
LayoutTests/http/tests/history/resources/cross-origin-replaces-history-object-child-iframe.html [new file with mode: 0644]
LayoutTests/http/tests/history/resources/cross-origin-replaces-history-object-iframe.html [new file with mode: 0644]
LayoutTests/http/tests/security/cross-frame-access-put-expected.txt
Source/WebCore/ChangeLog
Source/WebCore/page/DOMWindow.idl

index 64169cc..a46bd50 100644 (file)
@@ -1,3 +1,26 @@
+2011-04-27  Robert Hogan  <robert@webkit.org>
+
+        Reviewed by Adam Barth.
+
+        Allow shadowing of history object
+        https://bugs.webkit.org/show_bug.cgi?id=55965
+
+        * fast/dom/Window/get-set-properties-expected.txt:
+        * fast/dom/Window/get-set-properties.html:
+        * fast/dom/Window/window-property-shadowing-expected.txt:
+        * fast/dom/Window/window-property-shadowing.html:
+        * fast/js/var-declarations-shadowing-expected.txt:
+        * fast/js/var-declarations-shadowing.html:
+        * http/tests/history/cross-origin-replace-history-object-child-expected.txt: Added.
+        * http/tests/history/cross-origin-replace-history-object-child.html: Added.
+        * http/tests/history/cross-origin-replace-history-object-expected.txt: Added.
+        * http/tests/history/cross-origin-replace-history-object.html: Added.
+        * http/tests/history/resources/cross-origin-replaces-history-object-child-iframe.html: Added.
+        * http/tests/history/resources/cross-origin-replaces-history-object-iframe.html: Added.
+        * http/tests/security/cross-frame-access-put-expected.txt: Note that a window property with
+          the DoNotCheckDomainSecurityOnGet attribute generates two cross-origin JS warnings. Amended
+          expected results to include the additional extra warning for the history object.
+
 2011-04-27  Dirk Pranke  <dpranke@chromium.org>
 
         Unreviewed, expectations change. Fix some
index 78a21a6..6d5f0af 100644 (file)
@@ -217,6 +217,8 @@ PASS: canGet('event') should be 'true' and is.
 PASS: canSet('event') should be 'true' and is.
 PASS: canGet('frames') should be 'true' and is.
 PASS: canSet('frames') should be 'true' and is.
+PASS: canGet('history') should be 'true' and is.
+PASS: canSet('history') should be 'true' and is.
 PASS: canGet('innerHeight') should be 'true' and is.
 PASS: canSet('innerHeight') should be 'true' and is.
 PASS: canGet('innerWidth') should be 'true' and is.
@@ -270,8 +272,6 @@ PASS: canGet('closed') should be 'true' and is.
 PASS: canSet('closed') should be 'false' and is.
 PASS: canGet('document') should be 'true' and is.
 PASS: canSet('document') should be 'false' and is.
-PASS: canGet('history') should be 'true' and is.
-PASS: canSet('history') should be 'false' and is.
 PASS: canGet('pageXOffset') should be 'true' and is.
 PASS: canSet('pageXOffset') should be 'false' and is.
 PASS: canGet('pageYOffset') should be 'true' and is.
index abb511c..4dd24ad 100644 (file)
@@ -176,6 +176,7 @@ var windowReadWriteProperties = [
     "devicePixelRatio", 
     "event", 
     "frames",
+    "history",
     "innerHeight", 
     "innerWidth", 
     "length",
@@ -204,7 +205,6 @@ var windowReadWriteProperties = [
 var windowReadOnlyProperties = [
     "closed",
     "document",
-    "history",
     "pageXOffset",
     "pageYOffset",
     "window"
index db96d86..f539cb3 100644 (file)
@@ -29,6 +29,7 @@ PASS: scrollX successfully shadowed
 PASS: scrollY successfully shadowed
 PASS: self successfully shadowed
 PASS: top successfully shadowed
+PASS: history successfully shadowed
 PASS: getSelection successfully shadowed
 PASS: getComputedStyle successfully shadowed
 PASS: getMatchedCSSRules successfully shadowed
index f034d29..5691e8d 100644 (file)
@@ -77,6 +77,8 @@
         log(self == 1 ? "PASS: self successfully shadowed" : "FAIL: self was not shadowed");
         var top = 1;
         log(top == 1 ? "PASS: top successfully shadowed" : "FAIL: top was not shadowed");
+        var history = 1;
+        log(history == 1 ? "PASS: history successfully shadowed" : "FAIL: history was not shadowed");
 
         // Window functions
         var getSelection = 1;
index 999fd23..c365596 100644 (file)
@@ -82,9 +82,9 @@ PASS: defaultstatus == marker should be true and is.
 PASS: eval('defaultstatus == marker') should be true and is.
 PASS: screen == marker should be true and is.
 PASS: eval('screen == marker') should be true and is.
+PASS: history == marker should be true and is.
+PASS: eval('history == marker') should be true and is.
 -----
-PASS: history == marker should be false and is.
-PASS: eval('history == marker') should be false and is.
 PASS: frameElement == marker should be false and is.
 PASS: eval('frameElement == marker') should be false and is.
 PASS: pageXOffset == marker should be false and is.
index 6282bec..b83981c 100644 (file)
@@ -259,13 +259,13 @@ try {
 shouldBe(screen == marker, "screen == marker", true);
 shouldBe(eval('screen == marker'), "eval('screen == marker')", true);
 
-log("-----");
-
 try {
     eval("var history = marker");
 } catch(e) { }
-shouldBe(history == marker, "history == marker", false);
-shouldBe(eval('history == marker'), "eval('history == marker')", false);
+shouldBe(history == marker, "history == marker", true);
+shouldBe(eval('history == marker'), "eval('history == marker')", true);
+
+log("-----");
 
 try {
     eval("var frameElement = marker");
diff --git a/LayoutTests/http/tests/history/cross-origin-replace-history-object-child-expected.txt b/LayoutTests/http/tests/history/cross-origin-replace-history-object-child-expected.txt
new file mode 100644 (file)
index 0000000..b7892af
--- /dev/null
@@ -0,0 +1,9 @@
+CONSOLE MESSAGE: line 1: Unsafe JavaScript attempt to access frame with URL http://localhost:8000/history/resources/cross-origin-replaces-history-object-child-iframe.html from frame with URL http://127.0.0.1:8000/history/cross-origin-replace-history-object-child.html. Domains, protocols and ports must match.
+
+ALERT: Child window's history object before attempt to clear: [object History]
+ALERT: About to shadow child window's history object: [object History]
+ALERT: Shadowed child window's history object: 
+CONSOLE MESSAGE: line 1: Unsafe JavaScript attempt to access frame with URL http://localhost:8000/history/resources/cross-origin-replaces-history-object-child-iframe.html from frame with URL http://127.0.0.1:8000/history/cross-origin-replace-history-object-child.html. Domains, protocols and ports must match.
+
+ALERT: Child window's history object after attempt to clear: [object History]
+
diff --git a/LayoutTests/http/tests/history/cross-origin-replace-history-object-child.html b/LayoutTests/http/tests/history/cross-origin-replace-history-object-child.html
new file mode 100644 (file)
index 0000000..ff4ebe6
--- /dev/null
@@ -0,0 +1,33 @@
+<html>
+<head>
+<script>
+
+if (window.layoutTestController) {
+    layoutTestController.dumpAsText();
+    layoutTestController.waitUntilDone();
+}
+
+window.onmessage = function(evt)
+{
+    if (evt.data != "done") {
+        alert("Unexpected message: " + evt.data);
+        layoutTestController.notifyDone();
+        return;
+    }
+
+    alert("Child window's history object after attempt to clear: " + window.frames[0].history);
+    layoutTestController.notifyDone();
+}
+
+function setHistoryLength()
+{
+    alert("Child window's history object before attempt to clear: " + window.frames[0].history);
+    window.frames[0].postMessage("setHistoryLength", "*");
+}
+
+</script>
+</head>
+<body onload="setHistoryLength();">
+<iframe id='testFrame' src="http://localhost:8000/history/resources/cross-origin-replaces-history-object-child-iframe.html"></iframe>
+</body>
+</html>
diff --git a/LayoutTests/http/tests/history/cross-origin-replace-history-object-expected.txt b/LayoutTests/http/tests/history/cross-origin-replace-history-object-expected.txt
new file mode 100644 (file)
index 0000000..08a9554
--- /dev/null
@@ -0,0 +1,6 @@
+ALERT: Parent window's history object before attempt to clear: [object History]
+ALERT: Attempting to clear parent window's history object:
+CONSOLE MESSAGE: line 1: Unsafe JavaScript attempt to access frame with URL http://127.0.0.1:8000/history/cross-origin-replace-history-object.html from frame with URL http://localhost:8000/history/resources/cross-origin-replaces-history-object-iframe.html. Domains, protocols and ports must match.
+
+ALERT: Parent window's history object after attempt to clear: [object History]
+
diff --git a/LayoutTests/http/tests/history/cross-origin-replace-history-object.html b/LayoutTests/http/tests/history/cross-origin-replace-history-object.html
new file mode 100644 (file)
index 0000000..259e0b2
--- /dev/null
@@ -0,0 +1,33 @@
+<html>
+<head>
+<script>
+
+if (window.layoutTestController) {
+    layoutTestController.dumpAsText();
+    layoutTestController.waitUntilDone();
+}
+
+window.onmessage = function(evt)
+{
+    if (evt.data != "done") {
+        alert("Unexpected message: " + evt.data);
+        layoutTestController.notifyDone();
+        return;
+    }
+
+    alert("Parent window's history object after attempt to clear: " + window.history);
+    layoutTestController.notifyDone();
+}
+
+function setHistoryLength()
+{
+    alert("Parent window's history object before attempt to clear: " + window.history);
+    window.frames[0].postMessage("setHistoryLength", "*");
+}
+
+</script>
+</head>
+<body onload="setHistoryLength();">
+<iframe id='testFrame' src="http://localhost:8000/history/resources/cross-origin-replaces-history-object-iframe.html"></iframe>
+</body>
+</html>
diff --git a/LayoutTests/http/tests/history/resources/cross-origin-replaces-history-object-child-iframe.html b/LayoutTests/http/tests/history/resources/cross-origin-replaces-history-object-child-iframe.html
new file mode 100644 (file)
index 0000000..7bed7c0
--- /dev/null
@@ -0,0 +1,27 @@
+<html>
+<script>
+if (window.layoutTestController)
+    layoutTestController.dumpAsText();
+
+window.onmessage = function(evt)
+{
+    if (evt.data == "setHistoryLength") {
+        setHistoryLength();
+        return;
+    } else
+        alert("Unknown message.");
+}
+
+function setHistoryLength()
+{
+    alert("About to shadow child window's history object: " + window.history);
+    window.history = "";
+    alert("Shadowed child window's history object: " + window.history);
+    parent.window.postMessage("done", "*");
+}
+
+</script>
+<body>
+HELLO THERE
+</body>
+</html>
diff --git a/LayoutTests/http/tests/history/resources/cross-origin-replaces-history-object-iframe.html b/LayoutTests/http/tests/history/resources/cross-origin-replaces-history-object-iframe.html
new file mode 100644 (file)
index 0000000..5c392bc
--- /dev/null
@@ -0,0 +1,26 @@
+<html>
+<script>
+if (window.layoutTestController)
+    layoutTestController.dumpAsText();
+
+window.onmessage = function(evt)
+{
+    if (evt.data == "setHistoryLength") {
+        setHistoryLength();
+        return;
+    } else
+        alert("Unknown message.");
+}
+
+function setHistoryLength()
+{
+    alert("Attempting to clear parent window's history object:");
+    parent.window.history = "";
+    parent.window.postMessage("done", "*");
+}
+
+</script>
+<body>
+HELLO THERE
+</body>
+</html>
index 8e26f64..184133c 100644 (file)
@@ -374,6 +374,8 @@ CONSOLE MESSAGE: line 1: Unsafe JavaScript attempt to access frame with URL http
 
 CONSOLE MESSAGE: line 1: Unsafe JavaScript attempt to access frame with URL http://localhost:8000/security/resources/cross-frame-iframe-for-put-test.html from frame with URL http://127.0.0.1:8000/security/cross-frame-access-put.html. Domains, protocols and ports must match.
 
+CONSOLE MESSAGE: line 1: Unsafe JavaScript attempt to access frame with URL http://localhost:8000/security/resources/cross-frame-iframe-for-put-test.html from frame with URL http://127.0.0.1:8000/security/cross-frame-access-put.html. Domains, protocols and ports must match.
+
 ALERT: PASS: window.Attr should be '[object AttrConstructor]' and is.
 ALERT: PASS: window.CDATASection should be '[object CDATASectionConstructor]' and is.
 ALERT: PASS: window.CharacterData should be '[object CharacterDataConstructor]' and is.
index aa7530f..88e573d 100644 (file)
@@ -1,3 +1,15 @@
+2011-04-27  Robert Hogan  <robert@webkit.org>
+
+        Reviewed by Adam Barth.
+
+        Allow shadowing of history object
+        https://bugs.webkit.org/show_bug.cgi?id=55965
+
+        Tests: http/tests/history/cross-origin-replace-history-object-child.html
+               http/tests/history/cross-origin-replace-history-object.html
+
+        * page/DOMWindow.idl:
+
 2011-04-27  James Robinson  <jamesr@chromium.org>
 
         Reviewed by Kenneth Russell.
index fccf731..87f9b2b 100644 (file)
@@ -45,7 +45,7 @@ module window {
     ] DOMWindow {
         // DOM Level 0
         attribute [Replaceable] Screen screen;
-        readonly attribute [DoNotCheckDomainSecurity, JSCCustomGetter] History history;
+        attribute [Replaceable, DoNotCheckDomainSecurityOnGet, JSCCustomGetter] History history;
         attribute [Replaceable] BarInfo locationbar;
         attribute [Replaceable] BarInfo menubar;
         attribute [Replaceable] BarInfo personalbar;