Google Git
Sign in
webkit / WebKit / 29f0c1ad43961da2735229815fc2495ebcc60125
commit29f0c1ad43961da2735229815fc2495ebcc60125[log] [tgz]
authorabarth@webkit.org <abarth@webkit.org@268f45cc-cd09-0410-ab3c-d52691b4dbfc>Sat Nov 05 01:32:07 2011 +0000
committerabarth@webkit.org <abarth@webkit.org@268f45cc-cd09-0410-ab3c-d52691b4dbfc>Sat Nov 05 01:32:07 2011 +0000
treeccdff2d0a0d2467057f318e98841c40aa742cde2
parentfb4e53741e03c36a0be7a283251e4c18a3b57cac [diff]
JavaScript URLs execute in sandboxed iframes
https://bugs.webkit.org/show_bug.cgi?id=71599

Reviewed by Eric Seidel.

Source/WebCore: 

This patch fixes the intentional regression I introduced earlier today
by moving the sandbox bits from SecurityOrigin to Document. In the
process, I renamed SecurityOrigin::createEmpty to
SecurityOrigin::createUnique to better align with HTML5 terminology.

* WebCore.exp.in:
* bindings/ScriptControllerBase.cpp:
(WebCore::ScriptController::canExecuteScripts):
* dom/Document.cpp:
(WebCore::Document::setIsViewSource):
(WebCore::Document::initSecurityContext):
* dom/ScriptExecutionContext.cpp:
(WebCore::ScriptExecutionContext::ScriptExecutionContext):
* dom/ScriptExecutionContext.h:
(WebCore::ScriptExecutionContext::sandboxFlags):
(WebCore::ScriptExecutionContext::enforceSandboxFlags):
(WebCore::ScriptExecutionContext::isSandboxed):
* html/HTMLAppletElement.cpp:
(WebCore::HTMLAppletElement::canEmbedJava):
* loader/DocumentWriter.cpp:
(WebCore::DocumentWriter::begin):
* loader/FrameLoader.cpp:
(WebCore::isDocumentSandboxed):
(WebCore::FrameLoader::addHTTPOriginIfNeeded):
* loader/PolicyChecker.cpp:
(WebCore::PolicyChecker::checkNewWindowPolicy):
* loader/SubframeLoader.cpp:
(WebCore::SubframeLoader::requestPlugin):
* page/SecurityOrigin.cpp:
(WebCore::SecurityOrigin::SecurityOrigin):
(WebCore::SecurityOrigin::create):
(WebCore::SecurityOrigin::createUnique):
* page/SecurityOrigin.h:

LayoutTests: 

Update results to show progression.

* fast/frames/sandboxed-iframe-scripting-expected.txt:
* fast/frames/sandboxed-iframe-scripting.html:


git-svn-id: http://svn.webkit.org/repository/webkit/trunk@99347 268f45cc-cd09-0410-ab3c-d52691b4dbfc
16 files changed
tree: ccdff2d0a0d2467057f318e98841c40aa742cde2
  1. Examples/
  2. LayoutTests/
  3. PerformanceTests/
  4. Source/
  5. Tools/
  6. WebKitLibraries/
  7. Websites/
  8. .gitattributes
  9. .gitignore
  10. autogen.sh
  11. ChangeLog
  12. configure.ac
  13. GNUmakefile.am
  14. Makefile
  15. Makefile.shared
  16. sync.profile
  17. WebKit.pro
  18. wscript