Ignore case in the check for security origin inheritance
authorwilander@apple.com <wilander@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Fri, 17 Jun 2016 19:50:45 +0000 (19:50 +0000)
committerwilander@apple.com <wilander@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Fri, 17 Jun 2016 19:50:45 +0000 (19:50 +0000)
https://bugs.webkit.org/show_bug.cgi?id=158878

Reviewed by Alex Christensen.

Source/WebCore:

Darin Adler commented in https://bugs.webkit.org/show_bug.cgi?id=158855:
"Are these comparisons intentionally case sensitive? Shouldn’t they ignore ASCII
case? We could use equalIgnoringASCIICase and equalLettersIgnoringASCIICase for
those two lines instead of using ==. URL::parse normalizes letters in the scheme
and host by using toASCIILower, but does not normalize letters elsewhere in the
URL, such as in the "blank" or "srcdoc" in the above URLs."

Test: http/tests/dom/window-open-about-uppercase-blank-and-access-document.html

* platform/URL.cpp:
(WebCore::URL::shouldInheritSecurityOriginFromOwner):

LayoutTests:

* http/tests/dom/window-open-about-uppercase-blank-and-access-document-expected.txt: Added.
* http/tests/dom/window-open-about-uppercase-blank-and-access-document.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@202174 268f45cc-cd09-0410-ab3c-d52691b4dbfc

LayoutTests/ChangeLog
LayoutTests/http/tests/dom/window-open-about-uppercase-blank-and-access-document-expected.txt [new file with mode: 0644]
LayoutTests/http/tests/dom/window-open-about-uppercase-blank-and-access-document.html [new file with mode: 0644]
Source/WebCore/ChangeLog
Source/WebCore/platform/URL.cpp

index 017e448..634ab75 100644 (file)
@@ -1,3 +1,13 @@
+2016-06-17  John Wilander  <wilander@apple.com>
+
+        Ignore case in the check for security origin inheritance
+        https://bugs.webkit.org/show_bug.cgi?id=158878
+
+        Reviewed by Alex Christensen.
+
+        * http/tests/dom/window-open-about-uppercase-blank-and-access-document-expected.txt: Added.
+        * http/tests/dom/window-open-about-uppercase-blank-and-access-document.html: Added.
+
 2016-06-17  Ryan Haddad  <ryanhaddad@apple.com>
 
         Skipping two new LayoutTests that rely on mouse events on ios-simulator.
 2016-06-17  Ryan Haddad  <ryanhaddad@apple.com>
 
         Skipping two new LayoutTests that rely on mouse events on ios-simulator.
diff --git a/LayoutTests/http/tests/dom/window-open-about-uppercase-blank-and-access-document-expected.txt b/LayoutTests/http/tests/dom/window-open-about-uppercase-blank-and-access-document-expected.txt
new file mode 100644 (file)
index 0000000..451edb9
--- /dev/null
@@ -0,0 +1,3 @@
+CONSOLE MESSAGE: line 1: Injected script running.
+PASS newWindow.document is defined.
+
diff --git a/LayoutTests/http/tests/dom/window-open-about-uppercase-blank-and-access-document.html b/LayoutTests/http/tests/dom/window-open-about-uppercase-blank-and-access-document.html
new file mode 100644 (file)
index 0000000..3d8a6a9
--- /dev/null
@@ -0,0 +1,38 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+    <meta charset="UTF-8">
+    <title>Tests opening a new about:blank window and accessing its document</title>
+    <script src="../resources/js-test-pre.js"></script>
+    <script>
+        var newWindow;
+
+        if (window.testRunner) {
+            testRunner.setCanOpenWindows();
+            testRunner.waitUntilDone();
+            testRunner.setPopupBlockingEnabled(false);
+        }
+
+        function checkNewWindowDocumentIsDefined () {
+            shouldBeDefined("newWindow.document");
+            if (window.testRunner)
+                testRunner.notifyDone();
+        }
+
+        function run() {
+            newWindow = window.open("about:BLANK");
+            try {
+                newWindow.document.write("<scri" + "pt>console.log('Injected script running.')</sc" + "ript>");
+                setTimeout(checkNewWindowDocumentIsDefined, 500);
+            } catch (e) {
+                testFailed("Was not able to write to the new window's document.");
+                if (window.testRunner)
+                    testRunner.notifyDone();
+            }
+        }
+    </script>
+</head>
+<body onload="run()">
+<div id="console"></div>
+</body>
+</html>
\ No newline at end of file
index a7a31f1..a804a25 100644 (file)
@@ -1,3 +1,22 @@
+2016-06-17  John Wilander  <wilander@apple.com>
+
+        Ignore case in the check for security origin inheritance
+        https://bugs.webkit.org/show_bug.cgi?id=158878
+
+        Reviewed by Alex Christensen.
+
+        Darin Adler commented in https://bugs.webkit.org/show_bug.cgi?id=158855:
+        "Are these comparisons intentionally case sensitive? Shouldn’t they ignore ASCII 
+        case? We could use equalIgnoringASCIICase and equalLettersIgnoringASCIICase for 
+        those two lines instead of using ==. URL::parse normalizes letters in the scheme 
+        and host by using toASCIILower, but does not normalize letters elsewhere in the 
+        URL, such as in the "blank" or "srcdoc" in the above URLs."
+
+        Test: http/tests/dom/window-open-about-uppercase-blank-and-access-document.html
+
+        * platform/URL.cpp:
+        (WebCore::URL::shouldInheritSecurityOriginFromOwner):
+
 2016-06-17  Hyungwook Lee  <hyungwook.lee@navercorp.com>
 
         Fix compilation errors when we enable DUMP_NODE_STATISTICS in Node.h
 2016-06-17  Hyungwook Lee  <hyungwook.lee@navercorp.com>
 
         Fix compilation errors when we enable DUMP_NODE_STATISTICS in Node.h
index 9b6c29b..0882ba4 100644 (file)
@@ -2065,8 +2065,8 @@ bool URL::isBlankURL() const
 bool URL::shouldInheritSecurityOriginFromOwner() const
 {
     return isEmpty()
 bool URL::shouldInheritSecurityOriginFromOwner() const
 {
     return isEmpty()
-        || m_string == blankURL().string()
-        || m_string == "about:srcdoc";
+        || equalIgnoringASCIICase(m_string, blankURL().string())
+        || equalLettersIgnoringASCIICase(m_string, "about:srcdoc");
 }
 
 typedef HashMap<String, unsigned short, ASCIICaseInsensitiveHash> DefaultPortsMap;
 }
 
 typedef HashMap<String, unsigned short, ASCIICaseInsensitiveHash> DefaultPortsMap;