Google Git
Sign in
webkit / WebKit / f35acf4dec0405556f617f437de0ec2308bf2b38
commitf35acf4dec0405556f617f437de0ec2308bf2b38[log] [tgz]
authorcdumez@apple.com <cdumez@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>Wed Oct 28 04:40:04 2015 +0000
committercdumez@apple.com <cdumez@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>Wed Oct 28 04:40:04 2015 +0000
treecc541fbf02af4ea032b4129a15d6758543863373
parentaf9e4d3fb0357c06bcb5920d162b774d77105d22 [diff]
id of iframe incorrectly sets window name
https://bugs.webkit.org/show_bug.cgi?id=150565

Reviewed by Darin Adler.

Source/WebCore:

As per the specification, the iframe's contentWindow name should be an
empty string if the frame's name attribute is unset:
http://www.whatwg.org/specs/web-apps/current-work/multipage/the-iframe-element.html#attr-iframe-name

Instead, WebKit was using the iframe's id as window name if the name
was unset.

Firefox, IE and Chrome behave according to the specification.

This is a merge of the following Blink commit:
https://src.chromium.org/viewvc/blink?revision=169803&view=revision

Test: fast/frames/iframe-no-name.html

* html/HTMLFrameElementBase.cpp:
(WebCore::HTMLFrameElementBase::parseAttribute):
(WebCore::HTMLFrameElementBase::insertedInto): Deleted.

LayoutTests:

Add a test to check that id of iframe incorrectly sets the window name
when the iframe's name is not set.

Also set frame names in a lot of layout tests so that they keep giving
the same output.

* fast/css-generated-content/positioned-div-with-floating-after-content-crash.html:
* fast/dom/Window/slow-unload-handler-overwritten-date.html:
* fast/dom/Window/timeout-callback-scope.html:
* fast/dom/Window/window-access-after-navigation.html:
* fast/dom/Window/window-collection-length-no-crash.html:
* fast/dom/Window/window-special-properties-expected.txt:
* fast/dom/microtask-detach.html:
* fast/dom/microtask-inorder.html:
* fast/dom/microtask-reverse.html:
* fast/dom/wrapper-context.html:
* fast/dom/xss-DENIED-javascript-variations.html:
* fast/events/onbeforeunload-focused-iframe.html:
* fast/events/open-window-from-another-frame.html:
* fast/events/popup-blocked-to-post-blank.html:
* fast/events/popup-blocking-click-in-iframe.html:
* fast/events/popup-when-select-change.html:
* fast/frames/detach-frame-during-focus.html:
* fast/frames/frame-inherit-noresize-from-frameset.html:
* fast/frames/frame-programmatic-noresize.html:
* fast/frames/frame-with-noresize-can-be-resized-after-removal-of-noresize.html:
* fast/frames/frame-with-noresize-can-be-resized-after-setting-noResize-to-false.html:
* fast/frames/iframe-no-name-expected.txt: Added.
* fast/frames/iframe-no-name.html: Added.
* fast/frames/unload-reparent-sibling-frame.html:
* fast/history/form-submit-in-frame-via-onclick.html:
* fast/history/form-submit-in-frame.html:
* fast/history/same-document-iframes-changing-fragment.html:
* fast/history/same-document-iframes-changing-pushstate.html:
* fast/history/saves-state-after-frame-nav.html:
* fast/images/exif-orientation-image-document.html:
* fast/loader/resources/subframe-navigate-during-main-frame-load2.html:
* fast/overflow/scrollRevealButton.html:
* fast/parser/xml-colon-entity.html:
* fast/parser/xml-declaration-missing-ending-mark.html:
* fast/scrolling/latching/scroll-nested-iframe.html:
* fullscreen/full-screen-frameset.html:
* http/tests/contentextensions/block-cookies-in-csp-report.html:
* http/tests/contentextensions/block-cookies-in-ping.html:
* http/tests/contentextensions/block-cookies-send.html:
* http/tests/contentextensions/block-csp-report.html:
* http/tests/contentextensions/block-everything-unless-domain-iframe.html:
* http/tests/contentextensions/block-ping.html:
* http/tests/contentextensions/hide-on-csp-report.html:
* http/tests/contentextensions/hide-on-ping.html:
* http/tests/loading/text-content-type-with-binary-extension.html:
* http/tests/misc/location-replace-crossdomain.html:
* http/tests/multipart/multipart-wait-before-boundary.html:
* http/tests/navigation/no-referrer-subframe.html:
* http/tests/security/cross-frame-access-child-explicit-domain.html:
* http/tests/security/cross-frame-access-document-direct.html:
* http/tests/security/cross-frame-access-parent-explicit-domain.html:
* http/tests/security/cross-frame-access-port-explicit-domain.html:
* http/tests/security/cross-frame-access-port.html:
* http/tests/security/dataURL/resources/foreign-domain-data-url-accessee-iframe.html:
* http/tests/security/dataURL/resources/foreign-domain-data-url-accessor-iframe.html:
* http/tests/security/dataURL/xss-DENIED-from-data-url-in-foreign-domain-subframe.html:
* http/tests/security/dataURL/xss-DENIED-from-data-url-sub-frame-2-level.html:
* http/tests/security/dataURL/xss-DENIED-from-data-url-sub-frame.html:
* http/tests/security/dataURL/xss-DENIED-from-data-url-to-data-url.html:
* http/tests/security/dataURL/xss-DENIED-to-data-url-from-data-url.html:
* http/tests/security/dataURL/xss-DENIED-to-data-url-sub-frame-2-level.html:
* http/tests/security/dataURL/xss-DENIED-to-data-url-sub-frame-uppercase.html:
* http/tests/security/dataURL/xss-DENIED-to-data-url-sub-frame.html:
* http/tests/security/host-compare-case-insensitive.html:
* http/tests/security/javascriptURL/javascriptURL-execution-context-frame-location-htmldom.html:
* http/tests/security/javascriptURL/javascriptURL-execution-context-frame-src-getAttribute-value.html:
* http/tests/security/javascriptURL/javascriptURL-execution-context-frame-src-htmldom.html:
* http/tests/security/javascriptURL/javascriptURL-execution-context-frame-src-setAttribute.html:
* http/tests/security/javascriptURL/javascriptURL-execution-context-frame-src-setAttributeNS.html:
* http/tests/security/javascriptURL/javascriptURL-execution-context-frame-src-setAttributeNode.html:
* http/tests/security/javascriptURL/javascriptURL-execution-context-frame-src-setAttributeNodeNS.html:
* http/tests/security/javascriptURL/javascriptURL-execution-context-iframe-src-getAttribute-value.html:
* http/tests/security/javascriptURL/javascriptURL-execution-context-iframe-src-htmldom.html:
* http/tests/security/javascriptURL/javascriptURL-execution-context-iframe-src-setAttribute.html:
* http/tests/security/javascriptURL/javascriptURL-execution-context-iframe-src-setAttributeNS.html:
* http/tests/security/javascriptURL/javascriptURL-execution-context-iframe-src-setAttributeNode.html:
* http/tests/security/javascriptURL/javascriptURL-execution-context-iframe-src-setAttributeNodeNS.html:
* http/tests/security/javascriptURL/resources/foreign-domain-javascript-url-accessee-iframe.html:
* http/tests/security/javascriptURL/resources/foreign-domain-javascript-url-accessor-iframe.html:
* http/tests/security/javascriptURL/xss-ALLOWED-from-javascript-url-sub-frame-2-level.html:
* http/tests/security/javascriptURL/xss-ALLOWED-from-javascript-url-sub-frame.html:
* http/tests/security/javascriptURL/xss-ALLOWED-to-javascript-url-from-javscript-url.html:
* http/tests/security/javascriptURL/xss-ALLOWED-to-javascript-url-sub-frame.html:
* http/tests/security/protocol-compare-case-insensitive.html:
* http/tests/security/referrer-policy-redirect-link.html:
* http/tests/security/sandboxed-iframe-blocks-access-from-parent.html:
* http/tests/security/srcdoc-inherits-referrer-for-forms.html:
* http/tests/security/xssAuditor/full-block-base-href.html:
* http/tests/security/xssAuditor/full-block-iframe-javascript-url.html:
* http/tests/security/xssAuditor/full-block-iframe-no-inherit.php:
* http/tests/security/xssAuditor/full-block-javascript-link.html:
* http/tests/security/xssAuditor/full-block-link-onclick.html:
* http/tests/security/xssAuditor/full-block-object-tag.html:
* http/tests/security/xssAuditor/full-block-script-tag-cross-domain.html:
* http/tests/security/xssAuditor/full-block-script-tag-with-source.html:
* http/tests/security/xssAuditor/full-block-script-tag.html:
* http/tests/security/xssAuditor/malformed-xss-protection-header-1.html:
* http/tests/security/xssAuditor/malformed-xss-protection-header-2.html:
* http/tests/security/xssAuditor/malformed-xss-protection-header-3.html:
* http/tests/security/xssAuditor/malformed-xss-protection-header-4.html:
* http/tests/security/xssAuditor/malformed-xss-protection-header-5.html:
* http/tests/security/xssAuditor/malformed-xss-protection-header-6.html:
* http/tests/security/xssAuditor/malformed-xss-protection-header-7.html:
* http/tests/security/xssAuditor/malformed-xss-protection-header-8.html:
* http/tests/security/xssAuditor/malformed-xss-protection-header-9.html:
* http/tests/security/xssAuditor/report-script-tag-replace-state.html:
* http/tests/security/xssAuditor/report-script-tag.html:
* http/tests/security/xssAuditor/resources/utilities.js:
(sendRequestFromIFrame):
* http/tests/security/xssAuditor/xss-protection-parsing-02.html:
* http/tests/security/xssAuditor/xss-protection-parsing-03.html:
* http/tests/security/xssAuditor/xss-protection-parsing-04.html:
* platform/mac/webarchive/archive-empty-frame-dom-expected.txt:
* plugins/plugin-remove-subframe.html:
* webarchive/archive-empty-frame-dom-expected.webarchive:
* webarchive/archive-empty-frame-dom.html:


git-svn-id: http://svn.webkit.org/repository/webkit/trunk@191652 268f45cc-cd09-0410-ab3c-d52691b4dbfc
128 files changed
tree: cc541fbf02af4ea032b4129a15d6758543863373
  1. Examples/
  2. LayoutTests/
  3. ManualTests/
  4. PerformanceTests/
  5. Source/
  6. Tools/
  7. WebKit.xcworkspace/
  8. WebKitLibraries/
  9. Websites/
  10. .dir-locals.el
  11. .gitattributes
  12. .gitignore
  13. ChangeLog
  14. ChangeLog-2012-05-22
  15. CMakeLists.txt
  16. Makefile
  17. Makefile.shared