Reviewed by Adam Barth.
Allow shadowing of history object
https://bugs.webkit.org/show_bug.cgi?id=55965
* fast/dom/Window/get-set-properties-expected.txt:
* fast/dom/Window/get-set-properties.html:
* fast/dom/Window/window-property-shadowing-expected.txt:
* fast/dom/Window/window-property-shadowing.html:
* fast/js/var-declarations-shadowing-expected.txt:
* fast/js/var-declarations-shadowing.html:
* http/tests/history/cross-origin-replace-history-object-child-expected.txt: Added.
* http/tests/history/cross-origin-replace-history-object-child.html: Added.
* http/tests/history/cross-origin-replace-history-object-expected.txt: Added.
* http/tests/history/cross-origin-replace-history-object.html: Added.
* http/tests/history/resources/cross-origin-replaces-history-object-child-iframe.html: Added.
* http/tests/history/resources/cross-origin-replaces-history-object-iframe.html: Added.
* http/tests/security/cross-frame-access-put-expected.txt: Note that a window property with
the DoNotCheckDomainSecurityOnGet attribute generates two cross-origin JS warnings. Amended
expected results to include the additional extra warning for the history object.
2011-04-27 Robert Hogan <robert@webkit.org>
Reviewed by Adam Barth.
Allow shadowing of history object
https://bugs.webkit.org/show_bug.cgi?id=55965
Tests: http/tests/history/cross-origin-replace-history-object-child.html
http/tests/history/cross-origin-replace-history-object.html
* page/DOMWindow.idl:
git-svn-id: https://svn.webkit.org/repository/webkit/trunk@85142
268f45cc-cd09-0410-ab3c-
d52691b4dbfc
+2011-04-27 Robert Hogan <robert@webkit.org>
+
+ Reviewed by Adam Barth.
+
+ Allow shadowing of history object
+ https://bugs.webkit.org/show_bug.cgi?id=55965
+
+ * fast/dom/Window/get-set-properties-expected.txt:
+ * fast/dom/Window/get-set-properties.html:
+ * fast/dom/Window/window-property-shadowing-expected.txt:
+ * fast/dom/Window/window-property-shadowing.html:
+ * fast/js/var-declarations-shadowing-expected.txt:
+ * fast/js/var-declarations-shadowing.html:
+ * http/tests/history/cross-origin-replace-history-object-child-expected.txt: Added.
+ * http/tests/history/cross-origin-replace-history-object-child.html: Added.
+ * http/tests/history/cross-origin-replace-history-object-expected.txt: Added.
+ * http/tests/history/cross-origin-replace-history-object.html: Added.
+ * http/tests/history/resources/cross-origin-replaces-history-object-child-iframe.html: Added.
+ * http/tests/history/resources/cross-origin-replaces-history-object-iframe.html: Added.
+ * http/tests/security/cross-frame-access-put-expected.txt: Note that a window property with
+ the DoNotCheckDomainSecurityOnGet attribute generates two cross-origin JS warnings. Amended
+ expected results to include the additional extra warning for the history object.
+
2011-04-27 Dirk Pranke <dpranke@chromium.org>
Unreviewed, expectations change. Fix some
PASS: canSet('event') should be 'true' and is.
PASS: canGet('frames') should be 'true' and is.
PASS: canSet('frames') should be 'true' and is.
+PASS: canGet('history') should be 'true' and is.
+PASS: canSet('history') should be 'true' and is.
PASS: canGet('innerHeight') should be 'true' and is.
PASS: canSet('innerHeight') should be 'true' and is.
PASS: canGet('innerWidth') should be 'true' and is.
PASS: canSet('closed') should be 'false' and is.
PASS: canGet('document') should be 'true' and is.
PASS: canSet('document') should be 'false' and is.
-PASS: canGet('history') should be 'true' and is.
-PASS: canSet('history') should be 'false' and is.
PASS: canGet('pageXOffset') should be 'true' and is.
PASS: canSet('pageXOffset') should be 'false' and is.
PASS: canGet('pageYOffset') should be 'true' and is.
"devicePixelRatio",
"event",
"frames",
+ "history",
"innerHeight",
"innerWidth",
"length",
var windowReadOnlyProperties = [
"closed",
"document",
- "history",
"pageXOffset",
"pageYOffset",
"window"
PASS: scrollY successfully shadowed
PASS: self successfully shadowed
PASS: top successfully shadowed
+PASS: history successfully shadowed
PASS: getSelection successfully shadowed
PASS: getComputedStyle successfully shadowed
PASS: getMatchedCSSRules successfully shadowed
log(self == 1 ? "PASS: self successfully shadowed" : "FAIL: self was not shadowed");
var top = 1;
log(top == 1 ? "PASS: top successfully shadowed" : "FAIL: top was not shadowed");
+ var history = 1;
+ log(history == 1 ? "PASS: history successfully shadowed" : "FAIL: history was not shadowed");
// Window functions
var getSelection = 1;
PASS: eval('defaultstatus == marker') should be true and is.
PASS: screen == marker should be true and is.
PASS: eval('screen == marker') should be true and is.
+PASS: history == marker should be true and is.
+PASS: eval('history == marker') should be true and is.
-----
-PASS: history == marker should be false and is.
-PASS: eval('history == marker') should be false and is.
PASS: frameElement == marker should be false and is.
PASS: eval('frameElement == marker') should be false and is.
PASS: pageXOffset == marker should be false and is.
shouldBe(screen == marker, "screen == marker", true);
shouldBe(eval('screen == marker'), "eval('screen == marker')", true);
-log("-----");
-
try {
eval("var history = marker");
} catch(e) { }
-shouldBe(history == marker, "history == marker", false);
-shouldBe(eval('history == marker'), "eval('history == marker')", false);
+shouldBe(history == marker, "history == marker", true);
+shouldBe(eval('history == marker'), "eval('history == marker')", true);
+
+log("-----");
try {
eval("var frameElement = marker");
--- /dev/null
+CONSOLE MESSAGE: line 1: Unsafe JavaScript attempt to access frame with URL http://localhost:8000/history/resources/cross-origin-replaces-history-object-child-iframe.html from frame with URL http://127.0.0.1:8000/history/cross-origin-replace-history-object-child.html. Domains, protocols and ports must match.
+
+ALERT: Child window's history object before attempt to clear: [object History]
+ALERT: About to shadow child window's history object: [object History]
+ALERT: Shadowed child window's history object:
+CONSOLE MESSAGE: line 1: Unsafe JavaScript attempt to access frame with URL http://localhost:8000/history/resources/cross-origin-replaces-history-object-child-iframe.html from frame with URL http://127.0.0.1:8000/history/cross-origin-replace-history-object-child.html. Domains, protocols and ports must match.
+
+ALERT: Child window's history object after attempt to clear: [object History]
+
--- /dev/null
+<html>
+<head>
+<script>
+
+if (window.layoutTestController) {
+ layoutTestController.dumpAsText();
+ layoutTestController.waitUntilDone();
+}
+
+window.onmessage = function(evt)
+{
+ if (evt.data != "done") {
+ alert("Unexpected message: " + evt.data);
+ layoutTestController.notifyDone();
+ return;
+ }
+
+ alert("Child window's history object after attempt to clear: " + window.frames[0].history);
+ layoutTestController.notifyDone();
+}
+
+function setHistoryLength()
+{
+ alert("Child window's history object before attempt to clear: " + window.frames[0].history);
+ window.frames[0].postMessage("setHistoryLength", "*");
+}
+
+</script>
+</head>
+<body onload="setHistoryLength();">
+<iframe id='testFrame' src="http://localhost:8000/history/resources/cross-origin-replaces-history-object-child-iframe.html"></iframe>
+</body>
+</html>
--- /dev/null
+ALERT: Parent window's history object before attempt to clear: [object History]
+ALERT: Attempting to clear parent window's history object:
+CONSOLE MESSAGE: line 1: Unsafe JavaScript attempt to access frame with URL http://127.0.0.1:8000/history/cross-origin-replace-history-object.html from frame with URL http://localhost:8000/history/resources/cross-origin-replaces-history-object-iframe.html. Domains, protocols and ports must match.
+
+ALERT: Parent window's history object after attempt to clear: [object History]
+
--- /dev/null
+<html>
+<head>
+<script>
+
+if (window.layoutTestController) {
+ layoutTestController.dumpAsText();
+ layoutTestController.waitUntilDone();
+}
+
+window.onmessage = function(evt)
+{
+ if (evt.data != "done") {
+ alert("Unexpected message: " + evt.data);
+ layoutTestController.notifyDone();
+ return;
+ }
+
+ alert("Parent window's history object after attempt to clear: " + window.history);
+ layoutTestController.notifyDone();
+}
+
+function setHistoryLength()
+{
+ alert("Parent window's history object before attempt to clear: " + window.history);
+ window.frames[0].postMessage("setHistoryLength", "*");
+}
+
+</script>
+</head>
+<body onload="setHistoryLength();">
+<iframe id='testFrame' src="http://localhost:8000/history/resources/cross-origin-replaces-history-object-iframe.html"></iframe>
+</body>
+</html>
--- /dev/null
+<html>
+<script>
+if (window.layoutTestController)
+ layoutTestController.dumpAsText();
+
+window.onmessage = function(evt)
+{
+ if (evt.data == "setHistoryLength") {
+ setHistoryLength();
+ return;
+ } else
+ alert("Unknown message.");
+}
+
+function setHistoryLength()
+{
+ alert("About to shadow child window's history object: " + window.history);
+ window.history = "";
+ alert("Shadowed child window's history object: " + window.history);
+ parent.window.postMessage("done", "*");
+}
+
+</script>
+<body>
+HELLO THERE
+</body>
+</html>
--- /dev/null
+<html>
+<script>
+if (window.layoutTestController)
+ layoutTestController.dumpAsText();
+
+window.onmessage = function(evt)
+{
+ if (evt.data == "setHistoryLength") {
+ setHistoryLength();
+ return;
+ } else
+ alert("Unknown message.");
+}
+
+function setHistoryLength()
+{
+ alert("Attempting to clear parent window's history object:");
+ parent.window.history = "";
+ parent.window.postMessage("done", "*");
+}
+
+</script>
+<body>
+HELLO THERE
+</body>
+</html>
CONSOLE MESSAGE: line 1: Unsafe JavaScript attempt to access frame with URL http://localhost:8000/security/resources/cross-frame-iframe-for-put-test.html from frame with URL http://127.0.0.1:8000/security/cross-frame-access-put.html. Domains, protocols and ports must match.
+CONSOLE MESSAGE: line 1: Unsafe JavaScript attempt to access frame with URL http://localhost:8000/security/resources/cross-frame-iframe-for-put-test.html from frame with URL http://127.0.0.1:8000/security/cross-frame-access-put.html. Domains, protocols and ports must match.
+
ALERT: PASS: window.Attr should be '[object AttrConstructor]' and is.
ALERT: PASS: window.CDATASection should be '[object CDATASectionConstructor]' and is.
ALERT: PASS: window.CharacterData should be '[object CharacterDataConstructor]' and is.
+2011-04-27 Robert Hogan <robert@webkit.org>
+
+ Reviewed by Adam Barth.
+
+ Allow shadowing of history object
+ https://bugs.webkit.org/show_bug.cgi?id=55965
+
+ Tests: http/tests/history/cross-origin-replace-history-object-child.html
+ http/tests/history/cross-origin-replace-history-object.html
+
+ * page/DOMWindow.idl:
+
2011-04-27 James Robinson <jamesr@chromium.org>
Reviewed by Kenneth Russell.
] DOMWindow {
// DOM Level 0
attribute [Replaceable] Screen screen;
- readonly attribute [DoNotCheckDomainSecurity, JSCCustomGetter] History history;
+ attribute [Replaceable, DoNotCheckDomainSecurityOnGet, JSCCustomGetter] History history;
attribute [Replaceable] BarInfo locationbar;
attribute [Replaceable] BarInfo menubar;
attribute [Replaceable] BarInfo personalbar;