WebCore:
authorweinig@apple.com <weinig@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Tue, 27 Nov 2007 01:52:43 +0000 (01:52 +0000)
committerweinig@apple.com <weinig@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Tue, 27 Nov 2007 01:52:43 +0000 (01:52 +0000)
commit381f4cfd1ecfff0a66dc81d1d75869347606e63b
tree6d93cba5bd9a3fcd1c64e8e9420a996e4555f9c6
parente1ef6031ce3367ed9c5392d441ec9597ff5ca072
WebCore:

        Reviewed and touched up by Sam Weinig.

        Fix for http://bugs.webkit.org/show_bug.cgi?id=16073

        Test: http/tests/security/xss-DENIED-invalid-domain-change.html

        * dom/Document.cpp:
        (WebCore::Document::setDomain): Don't set the securityOrigin policy unless
        the set succeeds.  Adds some early returns as well.

LayoutTests:

        Reviewed by Sam Weinig.

        Tests for http://bugs.webkit.org/show_bug.cgi?id=16073

        * http/tests/security/resources/iframe-invalid-domain-change.html: Added.
        * http/tests/security/xss-DENIED-invalid-domain-change-expected.txt: Added.
        * http/tests/security/xss-DENIED-invalid-domain-change.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@28062 268f45cc-cd09-0410-ab3c-d52691b4dbfc
LayoutTests/ChangeLog
LayoutTests/http/tests/security/resources/iframe-invalid-domain-change.html [new file with mode: 0644]
LayoutTests/http/tests/security/xss-DENIED-invalid-domain-change-expected.txt [new file with mode: 0644]
LayoutTests/http/tests/security/xss-DENIED-invalid-domain-change.html [new file with mode: 0644]
WebCore/ChangeLog
WebCore/dom/Document.cpp