[SCM] WebKit Debian packaging branch, webkit-1.2, updated. upstream/1.1.90-6072-g9a69373

eric at webkit.org eric at webkit.org
Thu Apr 8 00:46:27 UTC 2010 

The following commit has been merged in the webkit-1.2 branch:
commit 556425f436b4fd81db904493ba77884b063ee0d7
Author: eric at webkit.org <eric at webkit.org@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Date:   Tue Dec 22 21:36:51 2009 +0000

    2009-12-22  Dirk Pranke  <dpranke at chromium.org>
    
            Reviewed by Adam Barth.
    
            Attempting to upstream xss-inactive-closure test from the Chromium
            test suite. https://bugs.webkit.org/show_bug.cgi?id=32691 .
    
            * http/tests/security/listener/resources/xss-inactive-closure-child-2.html: Added.
            * http/tests/security/listener/resources/xss-inactive-closure-child.html: Added.
            * http/tests/security/listener/xss-inactive-closure-expected.txt: Added.
            * http/tests/security/listener/xss-inactive-closure.html: Added.
    
    git-svn-id: http://svn.webkit.org/repository/webkit/trunk@52497 268f45cc-cd09-0410-ab3c-d52691b4dbfc

diff --git a/LayoutTests/ChangeLog b/LayoutTests/ChangeLog
index bc16ae1..c0e1714 100644
--- a/LayoutTests/ChangeLog
+++ b/LayoutTests/ChangeLog
@@ -1,3 +1,15 @@
+2009-12-22  Dirk Pranke  <dpranke at chromium.org>
+
+        Reviewed by Adam Barth.
+
+        Attempting to upstream xss-inactive-closure test from the Chromium
+        test suite. https://bugs.webkit.org/show_bug.cgi?id=32691 .
+
+        * http/tests/security/listener/resources/xss-inactive-closure-child-2.html: Added.
+        * http/tests/security/listener/resources/xss-inactive-closure-child.html: Added.
+        * http/tests/security/listener/xss-inactive-closure-expected.txt: Added.
+        * http/tests/security/listener/xss-inactive-closure.html: Added.
+
 2009-12-22  Pavel Feldman  <pfeldman at chromium.org>
 
         Reviewed by Timothy Hatcher.
diff --git a/LayoutTests/http/tests/security/listener/resources/xss-inactive-closure-child-2.html b/LayoutTests/http/tests/security/listener/resources/xss-inactive-closure-child-2.html
new file mode 100644
index 0000000..9b575d3
--- /dev/null
+++ b/LayoutTests/http/tests/security/listener/resources/xss-inactive-closure-child-2.html
@@ -0,0 +1,8 @@
+<html>
+<body>
+A new child window. My bar is 100.
+<script>
+  document.bar = 100;
+</script>
+</body>
+</html>
diff --git a/LayoutTests/http/tests/security/listener/resources/xss-inactive-closure-child.html b/LayoutTests/http/tests/security/listener/resources/xss-inactive-closure-child.html
new file mode 100644
index 0000000..1fda158
--- /dev/null
+++ b/LayoutTests/http/tests/security/listener/resources/xss-inactive-closure-child.html
@@ -0,0 +1,16 @@
+<html>
+<body>
+    <p>Target Child</p>
+    <script>
+        window.parent.frames[1].document.getElementById('button').addEventListener("click", function() {
+           if (!document) {
+             parent.log("FAILED: document is undefined");
+           } else if (document.bar == 100) {
+             parent.log("FAILED: document.bar = " + document.bar);
+           }
+        }, false);
+
+        window.location = "http://localhost:8000/security/listener/resources/xss-inactive-closure-child-2.html";
+    </script> 
+</body>
+</html>
diff --git a/LayoutTests/http/tests/security/listener/xss-inactive-closure-expected.txt b/LayoutTests/http/tests/security/listener/xss-inactive-closure-expected.txt
new file mode 100644
index 0000000..36a3cf9
--- /dev/null
+++ b/LayoutTests/http/tests/security/listener/xss-inactive-closure-expected.txt
@@ -0,0 +1,6 @@
+This tests that when a frame navigates to a new page, closures in the old page cannot access page content of the new page if there are from different domains.
+
+You should see PASSED at the end of page if the test passes.
+
+  
+PASSED
diff --git a/LayoutTests/http/tests/security/listener/xss-inactive-closure.html b/LayoutTests/http/tests/security/listener/xss-inactive-closure.html
new file mode 100644
index 0000000..3c9f114
--- /dev/null
+++ b/LayoutTests/http/tests/security/listener/xss-inactive-closure.html
@@ -0,0 +1,34 @@
+<html>
+<head>
+    <script>
+        if (window.layoutTestController) {
+            layoutTestController.dumpAsText();
+            layoutTestController.waitUntilDone();
+        }
+
+        function onloadForButtonChild() { 
+            var targetChild = document.getElementById('targetChild');
+            targetChild.src = "resources/xss-inactive-closure-child.html";
+            targetChild.onload = start;
+        }
+
+        function start() {
+            var buttonChild = window.frames[1];
+            buttonChild.document.getElementById('button').click();
+
+            if (window.layoutTestController)
+                layoutTestController.notifyDone();
+        }
+        function log(msg) {
+            document.getElementById('result').innerHTML = msg;
+        }
+    </script>
+</head>
+<body>
+    <p>This tests that when a frame navigates to a new page, closures in the old page cannot access page content of the new page if there are from different domains.</p>
+    <p>You should see PASSED at the end of page if the test passes.</p>
+    <iframe id="targetChild" src=""></iframe>
+    <iframe src="resources/childWithButton.html" onload="onloadForButtonChild();"></iframe>
+    <div id="result">PASSED</div>
+</body>
+</html>

-- 
WebKit Debian packaging

More information about the Pkg-webkit-commits mailing list