git://git.webkit.org / WebKit-https.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 892bd46) | patch
WebCore:
authorweinig <weinig@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Sat, 25 Aug 2007 19:08:21 +0000 (19:08 +0000)
committerweinig <weinig@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Sat, 25 Aug 2007 19:08:21 +0000 (19:08 +0000)
commitfad2d7edfbf29289978052c2e2abc628769d2ba0
tree3418e2a8d07ae92723459e5891047ab7fe18ec14tree | snapshot
parent892bd46d20faff39e0e140d0e497acb7062614e6commit | diff
WebCore:

        Reviewed by Adele.

        Fix for <rdar://problem/5426142>

        Use the EventTarget's frame when creating the EventListener.

        Tests: http/tests/security/listener/xss-JSTargetNode-onclick-addEventListener.html
               http/tests/security/listener/xss-JSTargetNode-onclick-shortcut.html
               http/tests/security/listener/xss-window-onclick-addEventListener.html
               http/tests/security/listener/xss-window-onclick-shortcut.html

        * bindings/js/JSEventTargetNode.cpp:
        (WebCore::JSEventTargetNode::setListener):
        (WebCore::JSEventTargetNodePrototypeFunction::callAsFunction):
        * bindings/js/kjs_window.cpp:
        (KJS::WindowFunc::callAsFunction):

LayoutTests:

        Reviewed by Adele.

        Tests for <rdar://problem/5426142>

        * http/tests/security/listener: Added.
        * http/tests/security/listener/resources: Added.
        * http/tests/security/listener/resources/childWindow.html: Added.
        * http/tests/security/listener/resources/childWithButton.html: Added.
        * http/tests/security/listener/resources/targetChild-JSTargetNode-onclick-addEventListener.html: Added.
        * http/tests/security/listener/resources/targetChild-JSTargetNode-onclick-shortcut.html: Added.
        * http/tests/security/listener/resources/targetChild-window-onclick-addEventListener.html: Added.
        * http/tests/security/listener/resources/targetChild-window-onclick-shortcut.html: Added.
        * http/tests/security/listener/xss-JSTargetNode-onclick-addEventListener-expected.txt: Added.
        * http/tests/security/listener/xss-JSTargetNode-onclick-addEventListener.html: Added.
        * http/tests/security/listener/xss-JSTargetNode-onclick-shortcut-expected.txt: Added.
        * http/tests/security/listener/xss-JSTargetNode-onclick-shortcut.html: Added.
        * http/tests/security/listener/xss-window-onclick-addEventListener-expected.txt: Added.
        * http/tests/security/listener/xss-window-onclick-addEventListener.html: Added.
        * http/tests/security/listener/xss-window-onclick-shortcut-expected.txt: Added.
        * http/tests/security/listener/xss-window-onclick-shortcut.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@25249 268f45cc-cd09-0410-ab3c-d52691b4dbfc
18 files changed:
LayoutTests/ChangeLog diff | blob | history
LayoutTests/http/tests/security/listener/resources/childWindow.html [new file with mode: 0644] blob
LayoutTests/http/tests/security/listener/resources/childWithButton.html [new file with mode: 0644] blob
LayoutTests/http/tests/security/listener/resources/targetChild-JSTargetNode-onclick-addEventListener.html [new file with mode: 0644] blob
LayoutTests/http/tests/security/listener/resources/targetChild-JSTargetNode-onclick-shortcut.html [new file with mode: 0644] blob
LayoutTests/http/tests/security/listener/resources/targetChild-window-onclick-addEventListener.html [new file with mode: 0644] blob
LayoutTests/http/tests/security/listener/resources/targetChild-window-onclick-shortcut.html [new file with mode: 0644] blob
LayoutTests/http/tests/security/listener/xss-JSTargetNode-onclick-addEventListener-expected.txt [new file with mode: 0644] blob
LayoutTests/http/tests/security/listener/xss-JSTargetNode-onclick-addEventListener.html [new file with mode: 0644] blob
LayoutTests/http/tests/security/listener/xss-JSTargetNode-onclick-shortcut-expected.txt [new file with mode: 0644] blob
LayoutTests/http/tests/security/listener/xss-JSTargetNode-onclick-shortcut.html [new file with mode: 0644] blob
LayoutTests/http/tests/security/listener/xss-window-onclick-addEventListener-expected.txt [new file with mode: 0644] blob
LayoutTests/http/tests/security/listener/xss-window-onclick-addEventListener.html [new file with mode: 0644] blob
LayoutTests/http/tests/security/listener/xss-window-onclick-shortcut-expected.txt [new file with mode: 0644] blob
LayoutTests/http/tests/security/listener/xss-window-onclick-shortcut.html [new file with mode: 0644] blob
WebCore/ChangeLog diff | blob | history
WebCore/bindings/js/JSEventTargetNode.cpp diff | blob | history
WebCore/bindings/js/kjs_window.cpp diff | blob | history
Mirror of the WebKit open source project from svn.webkit.org.