commit 442f0795064ce730ba517af6fd1c3ff9c888eac3
author abarth@webkit.org <abarth@webkit.org@268f45cc-cd09-0410-ab3c-d52691b4dbfc> Sun Jan 02 04:33:03 2011 +0000
committer abarth@webkit.org <abarth@webkit.org@268f45cc-cd09-0410-ab3c-d52691b4dbfc> Sun Jan 02 04:33:03 2011 +0000
tree 403ab564caf214b21a7b38423b20e60afdfe4143
parent 14e0854013adaa96cf58f0a6122c4d7eb082082a

2011-01-01  Adam Barth  <abarth@webkit.org>

        Reviewed by Eric Seidel.

        forbid sandboxed frames to call top.close() when allow-same-origin is not setted
        https://bugs.webkit.org/show_bug.cgi?id=38340

        We now pass the ScriptExecutionContext to window.close so it can find
        the Frame and check whether navigation is allowed.  This check will
        almost always pass because you can only close top-level frames, but the
        check will fail when the calling script is sandboxed.

        Tests: fast/frames/sandboxed-iframe-close-top-noclose.html
               fast/frames/sandboxed-iframe-close-top.html

        * page/DOMWindow.cpp:
        (WebCore::DOMWindow::close):
        * page/DOMWindow.h:
        * page/DOMWindow.idl:
2011-01-01  Adam Barth  <abarth@webkit.org>

        Reviewed by Eric Seidel.

        forbid sandboxed frames to call top.close() when allow-same-origin is not setted
        https://bugs.webkit.org/show_bug.cgi?id=38340

        Test the interaction between the HTML5 sandbox and window.close.

        * fast/frames/resources/close-top.html: Added.
        * fast/frames/resources/sandboxed-iframe-close-top-does-close.html: Added.
        * fast/frames/resources/sandboxed-iframe-close-top-does-not-close.html: Added.
        * fast/frames/sandboxed-iframe-close-top-expected.txt: Added.
        * fast/frames/sandboxed-iframe-close-top-noclose-expected.txt: Added.
        * fast/frames/sandboxed-iframe-close-top-noclose.html: Added.
        * fast/frames/sandboxed-iframe-close-top.html: Added.


git-svn-id: http://svn.webkit.org/repository/webkit/trunk@74854 268f45cc-cd09-0410-ab3c-d52691b4dbfc