[SCM] WebKit Debian packaging branch, webkit-1.2, updated. upstream/1.1.90-6072-g9a69373
eric at webkit.org
eric at webkit.org
Thu Apr 8 02:22:37 UTC 2010
The following commit has been merged in the webkit-1.2 branch:
commit 48a974ac3b38a2685fdb0c65050ecf5eb5306b6c
Author: eric at webkit.org <eric at webkit.org@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Date: Mon Mar 15 17:14:10 2010 +0000
2010-03-15 Patrik Persson <patrik.j.persson at ericsson.com>
Reviewed by Darin Adler.
https://bugs.webkit.org/show_bug.cgi?id=32369
Revised test of storage/databases in sandboxed iframes.
Verify that SECURITY_ERR is raised on access to
window.localStorage or window.openDatabase(). Also verify that
window.sessionStorage is now allowed in sandboxed iframes.
WebKit would previously return null references in these cases. The
new behavior is in accordance with HTML5:
- http://dev.w3.org/html5/webstorage/ (sections 4.2 and 4.3)
- http://dev.w3.org/html5/webdatabase/ (section 4.1)
- http://www.mail-archive.com/whatwg@lists.whatwg.org/msg19786.html
* fast/frames/resources/sandboxed-iframe-storage-disallowed.html: expect exceptions, not null
* fast/frames/sandboxed-iframe-storage-expected.txt: expect exceptions, not null
2010-03-15 Patrik Persson <patrik.j.persson at ericsson.com>
Reviewed by Darin Adler.
https://bugs.webkit.org/show_bug.cgi?id=32369
Revise iframe sandbox behavior to match the updated HTML5 spec.
- Enables window.sessionStorage in sandboxed iframes.
- Raises SECURITY_ERR exceptions when window.localStorage or
window.openDatabase() is blocked by iframe sandboxing.
Note: window.sessionStorage does not raise exceptions.
WebKit would previously return null references in these cases. The
new behavior is in accordance with HTML5:
http://dev.w3.org/html5/webstorage/ (sections 4.2 and 4.3)
http://dev.w3.org/html5/webdatabase/ (section 4.1)
http://www.mail-archive.com/whatwg@lists.whatwg.org/msg19786.html
* inspector/InspectorController.cpp:
(WebCore::InspectorController::selectDOMStorage): exception handling
* inspector/InspectorDOMStorageResource.cpp:
(WebCore::InspectorDOMStorageResource::handleEvent): exception handling
* page/DOMWindow.cpp:
(WebCore::DOMWindow::sessionStorage): re-enabled in iframe sandbox
(WebCore::DOMWindow::localStorage): raise exception rather than return null
(WebCore::DOMWindow::openDatabase): raise exception rather than return null
* page/DOMWindow.h: added exceptions to interface
* page/DOMWindow.idl: added exceptions to interface
* page/SecurityOrigin.h:
(WebCore::SecurityOrigin::canAccessLocalStorage): renamed function to reflect its purpose
* storage/StorageEventDispatcher.cpp:
(WebCore::StorageEventDispatcher::dispatch): exception handling
2010-03-15 Patrik Persson <patrik.j.persson at ericsson.com>
Reviewed by Darin Adler.
https://bugs.webkit.org/show_bug.cgi?id=32369
Revise iframe sandbox behavior to match the updated HTML5 spec.
- Enables window.sessionStorage in sandboxed iframes.
- Raises SECURITY_ERR exceptions when window.localStorage or
window.openDatabase() is blocked by iframe sandboxing.
Note: window.sessionStorage does not raise exceptions.
WebKit would previously return null references in these cases. The
new behavior is in accordance with HTML5:
http://dev.w3.org/html5/webstorage/ (sections 4.2 and 4.3)
http://dev.w3.org/html5/webdatabase/ (section 4.1)
http://www.mail-archive.com/whatwg@lists.whatwg.org/msg19786.html
* src/StorageAreaProxy.cpp:
(WebCore::StorageAreaProxy::storageEvent): exception handling
* src/StorageEventDispatcherImpl.cpp:
(WebCore::StorageEventDispatcherImpl::dispatchStorageEvent): exception handling
git-svn-id: http://svn.webkit.org/repository/webkit/trunk@56002 268f45cc-cd09-0410-ab3c-d52691b4dbfc
diff --git a/LayoutTests/ChangeLog b/LayoutTests/ChangeLog
index a8ba388..4773af2 100644
--- a/LayoutTests/ChangeLog
+++ b/LayoutTests/ChangeLog
@@ -1,3 +1,25 @@
+2010-03-15 Patrik Persson <patrik.j.persson at ericsson.com>
+
+ Reviewed by Darin Adler.
+
+ https://bugs.webkit.org/show_bug.cgi?id=32369
+
+ Revised test of storage/databases in sandboxed iframes.
+
+ Verify that SECURITY_ERR is raised on access to
+ window.localStorage or window.openDatabase(). Also verify that
+ window.sessionStorage is now allowed in sandboxed iframes.
+
+ WebKit would previously return null references in these cases. The
+ new behavior is in accordance with HTML5:
+
+ - http://dev.w3.org/html5/webstorage/ (sections 4.2 and 4.3)
+ - http://dev.w3.org/html5/webdatabase/ (section 4.1)
+ - http://www.mail-archive.com/whatwg@lists.whatwg.org/msg19786.html
+
+ * fast/frames/resources/sandboxed-iframe-storage-disallowed.html: expect exceptions, not null
+ * fast/frames/sandboxed-iframe-storage-expected.txt: expect exceptions, not null
+
2010-03-15 Tony Chang <tony at chromium.org>
Reviewed by Darin Adler.
diff --git a/LayoutTests/fast/frames/resources/sandboxed-iframe-storage-disallowed.html b/LayoutTests/fast/frames/resources/sandboxed-iframe-storage-disallowed.html
index 967b84c..3a6eca5 100644
--- a/LayoutTests/fast/frames/resources/sandboxed-iframe-storage-disallowed.html
+++ b/LayoutTests/fast/frames/resources/sandboxed-iframe-storage-disallowed.html
@@ -6,9 +6,9 @@
<script>
window.onload = function() {
- shouldBeTrue("window.openDatabase('SandboxedIframeStorageDisallowed', '1.0', '', 1) == null");
- shouldBeTrue("window.localStorage == null");
- shouldBeTrue("window.sessionStorage == null");
+ shouldThrow("window.openDatabase('SandboxedIframeStorageDisallowed', '1.0', '', 1)", "'Error: SECURITY_ERR: DOM Exception 18'");
+ shouldThrow("window.localStorage", "'Error: SECURITY_ERR: DOM Exception 18'");
+ shouldBeTrue("window.sessionStorage != null");
}
</script>
diff --git a/LayoutTests/fast/frames/sandboxed-iframe-storage-expected.txt b/LayoutTests/fast/frames/sandboxed-iframe-storage-expected.txt
index 8c92ea7..a045e6b 100644
--- a/LayoutTests/fast/frames/sandboxed-iframe-storage-expected.txt
+++ b/LayoutTests/fast/frames/sandboxed-iframe-storage-expected.txt
@@ -14,9 +14,9 @@ TEST COMPLETE
--------
Frame: '<!--framePath //<!--frame0-->-->'
--------
-PASS window.openDatabase('SandboxedIframeStorageDisallowed', '1.0', '', 1) == null is true
-PASS window.localStorage == null is true
-PASS window.sessionStorage == null is true
+PASS window.openDatabase('SandboxedIframeStorageDisallowed', '1.0', '', 1) threw exception Error: SECURITY_ERR: DOM Exception 18.
+PASS window.localStorage threw exception Error: SECURITY_ERR: DOM Exception 18.
+PASS window.sessionStorage != null is true
--------
diff --git a/WebCore/ChangeLog b/WebCore/ChangeLog
index 03d2902..c1b3f60 100644
--- a/WebCore/ChangeLog
+++ b/WebCore/ChangeLog
@@ -1,3 +1,40 @@
+2010-03-15 Patrik Persson <patrik.j.persson at ericsson.com>
+
+ Reviewed by Darin Adler.
+
+ https://bugs.webkit.org/show_bug.cgi?id=32369
+
+ Revise iframe sandbox behavior to match the updated HTML5 spec.
+
+ - Enables window.sessionStorage in sandboxed iframes.
+
+ - Raises SECURITY_ERR exceptions when window.localStorage or
+ window.openDatabase() is blocked by iframe sandboxing.
+
+ Note: window.sessionStorage does not raise exceptions.
+
+ WebKit would previously return null references in these cases. The
+ new behavior is in accordance with HTML5:
+
+ http://dev.w3.org/html5/webstorage/ (sections 4.2 and 4.3)
+ http://dev.w3.org/html5/webdatabase/ (section 4.1)
+ http://www.mail-archive.com/whatwg@lists.whatwg.org/msg19786.html
+
+ * inspector/InspectorController.cpp:
+ (WebCore::InspectorController::selectDOMStorage): exception handling
+ * inspector/InspectorDOMStorageResource.cpp:
+ (WebCore::InspectorDOMStorageResource::handleEvent): exception handling
+ * page/DOMWindow.cpp:
+ (WebCore::DOMWindow::sessionStorage): re-enabled in iframe sandbox
+ (WebCore::DOMWindow::localStorage): raise exception rather than return null
+ (WebCore::DOMWindow::openDatabase): raise exception rather than return null
+ * page/DOMWindow.h: added exceptions to interface
+ * page/DOMWindow.idl: added exceptions to interface
+ * page/SecurityOrigin.h:
+ (WebCore::SecurityOrigin::canAccessLocalStorage): renamed function to reflect its purpose
+ * storage/StorageEventDispatcher.cpp:
+ (WebCore::StorageEventDispatcher::dispatch): exception handling
+
2010-03-15 Alexander Pavlov <apavlov at chromium.org>
Reviewed by Timothy Hatcher.
diff --git a/WebCore/inspector/InspectorController.cpp b/WebCore/inspector/InspectorController.cpp
index 331443d..b2ca3a8 100644
--- a/WebCore/inspector/InspectorController.cpp
+++ b/WebCore/inspector/InspectorController.cpp
@@ -1363,7 +1363,8 @@ void InspectorController::selectDOMStorage(Storage* storage)
return;
Frame* frame = storage->frame();
- bool isLocalStorage = (frame->domWindow()->localStorage() == storage);
+ ExceptionCode ec = 0;
+ bool isLocalStorage = (frame->domWindow()->localStorage(ec) == storage && !ec);
int storageResourceId = 0;
DOMStorageResourcesMap::iterator domStorageEnd = m_domStorageResources.end();
for (DOMStorageResourcesMap::iterator it = m_domStorageResources.begin(); it != domStorageEnd; ++it) {
diff --git a/WebCore/inspector/InspectorDOMStorageResource.cpp b/WebCore/inspector/InspectorDOMStorageResource.cpp
index c93e987..af0530a 100644
--- a/WebCore/inspector/InspectorDOMStorageResource.cpp
+++ b/WebCore/inspector/InspectorDOMStorageResource.cpp
@@ -104,7 +104,8 @@ void InspectorDOMStorageResource::handleEvent(ScriptExecutionContext*, Event* ev
ASSERT(eventNames().storageEvent == event->type());
StorageEvent* storageEvent = static_cast<StorageEvent*>(event);
Storage* storage = storageEvent->storageArea();
- bool isLocalStorage = storage->frame()->domWindow()->localStorage() == storage;
+ ExceptionCode ec = 0;
+ bool isLocalStorage = (storage->frame()->domWindow()->localStorage(ec) == storage && !ec);
if (isSameHostAndType(storage->frame(), isLocalStorage))
m_frontend->updateDOMStorage(m_id);
}
diff --git a/WebCore/page/DOMWindow.cpp b/WebCore/page/DOMWindow.cpp
index cfcbb15..dd90200 100644
--- a/WebCore/page/DOMWindow.cpp
+++ b/WebCore/page/DOMWindow.cpp
@@ -575,9 +575,6 @@ Storage* DOMWindow::sessionStorage() const
Document* document = this->document();
if (!document)
return 0;
-
- if (!document->securityOrigin()->canAccessStorage())
- return 0;
Page* page = document->page();
if (!page)
@@ -592,7 +589,7 @@ Storage* DOMWindow::sessionStorage() const
return m_sessionStorage.get();
}
-Storage* DOMWindow::localStorage() const
+Storage* DOMWindow::localStorage(ExceptionCode& ec) const
{
if (m_localStorage)
return m_localStorage.get();
@@ -601,8 +598,10 @@ Storage* DOMWindow::localStorage() const
if (!document)
return 0;
- if (!document->securityOrigin()->canAccessStorage())
+ if (!document->securityOrigin()->canAccessLocalStorage()) {
+ ec = SECURITY_ERR;
return 0;
+ }
Page* page = document->page();
if (!page)
@@ -1187,8 +1186,10 @@ PassRefPtr<Database> DOMWindow::openDatabase(const String& name, const String& v
return 0;
Document* document = m_frame->document();
- if (!document->securityOrigin()->canAccessDatabase())
+ if (!document->securityOrigin()->canAccessDatabase()) {
+ ec = SECURITY_ERR;
return 0;
+ }
return Database::openDatabase(document, name, version, displayName, estimatedSize, creationCallback, ec);
}
diff --git a/WebCore/page/DOMWindow.h b/WebCore/page/DOMWindow.h
index 5204bf2..a70713b 100644
--- a/WebCore/page/DOMWindow.h
+++ b/WebCore/page/DOMWindow.h
@@ -207,7 +207,7 @@ namespace WebCore {
#if ENABLE(DOM_STORAGE)
// HTML 5 key/value storage
Storage* sessionStorage() const;
- Storage* localStorage() const;
+ Storage* localStorage(ExceptionCode&) const;
#endif
Console* console() const;
diff --git a/WebCore/page/DOMWindow.idl b/WebCore/page/DOMWindow.idl
index c1b6a06..bb0a9aa 100644
--- a/WebCore/page/DOMWindow.idl
+++ b/WebCore/page/DOMWindow.idl
@@ -165,7 +165,8 @@ module window {
#endif
#if defined(ENABLE_DOM_STORAGE) && ENABLE_DOM_STORAGE
readonly attribute [EnabledAtRuntime] Storage sessionStorage;
- readonly attribute [EnabledAtRuntime] Storage localStorage;
+ readonly attribute [EnabledAtRuntime] Storage localStorage
+ getter raises(DOMException);
#endif
#if defined(ENABLE_NOTIFICATIONS) && ENABLE_NOTIFICATIONS
readonly attribute [EnabledAtRuntime] NotificationCenter webkitNotifications;
diff --git a/WebCore/page/SecurityOrigin.h b/WebCore/page/SecurityOrigin.h
index 2f39aee..7ac84ae 100644
--- a/WebCore/page/SecurityOrigin.h
+++ b/WebCore/page/SecurityOrigin.h
@@ -117,7 +117,7 @@ public:
bool isSandboxed(SandboxFlags mask) const { return m_sandboxFlags & mask; }
bool canAccessDatabase() const { return !isUnique(); }
- bool canAccessStorage() const { return !isUnique(); }
+ bool canAccessLocalStorage() const { return !isUnique(); }
bool canAccessCookies() const { return !isUnique(); }
bool isSecureTransitionTo(const KURL&) const;
diff --git a/WebCore/storage/StorageEventDispatcher.cpp b/WebCore/storage/StorageEventDispatcher.cpp
index dc0295b..758ca15 100644
--- a/WebCore/storage/StorageEventDispatcher.cpp
+++ b/WebCore/storage/StorageEventDispatcher.cpp
@@ -67,8 +67,12 @@ void StorageEventDispatcher::dispatch(const String& key, const String& oldValue,
}
}
- for (unsigned i = 0; i < frames.size(); ++i)
- frames[i]->document()->enqueueStorageEvent(StorageEvent::create(eventNames().storageEvent, key, oldValue, newValue, sourceFrame->document()->url(), frames[i]->domWindow()->localStorage()));
+ for (unsigned i = 0; i < frames.size(); ++i) {
+ ExceptionCode ec = 0;
+ Storage* storage = frames[i]->domWindow()->localStorage(ec);
+ if (!ec)
+ frames[i]->document()->enqueueStorageEvent(StorageEvent::create(eventNames().storageEvent, key, oldValue, newValue, sourceFrame->document()->url(), storage));
+ }
}
}
diff --git a/WebKit/chromium/ChangeLog b/WebKit/chromium/ChangeLog
index bbfe9c9..5ffddda 100644
--- a/WebKit/chromium/ChangeLog
+++ b/WebKit/chromium/ChangeLog
@@ -1,3 +1,30 @@
+2010-03-15 Patrik Persson <patrik.j.persson at ericsson.com>
+
+ Reviewed by Darin Adler.
+
+ https://bugs.webkit.org/show_bug.cgi?id=32369
+
+ Revise iframe sandbox behavior to match the updated HTML5 spec.
+
+ - Enables window.sessionStorage in sandboxed iframes.
+
+ - Raises SECURITY_ERR exceptions when window.localStorage or
+ window.openDatabase() is blocked by iframe sandboxing.
+
+ Note: window.sessionStorage does not raise exceptions.
+
+ WebKit would previously return null references in these cases. The
+ new behavior is in accordance with HTML5:
+
+ http://dev.w3.org/html5/webstorage/ (sections 4.2 and 4.3)
+ http://dev.w3.org/html5/webdatabase/ (section 4.1)
+ http://www.mail-archive.com/whatwg@lists.whatwg.org/msg19786.html
+
+ * src/StorageAreaProxy.cpp:
+ (WebCore::StorageAreaProxy::storageEvent): exception handling
+ * src/StorageEventDispatcherImpl.cpp:
+ (WebCore::StorageEventDispatcherImpl::dispatchStorageEvent): exception handling
+
2010-03-15 Tony Chang <tony at chromium.org>
Reviewed by Darin Adler.
diff --git a/WebKit/chromium/src/StorageAreaProxy.cpp b/WebKit/chromium/src/StorageAreaProxy.cpp
index f82e907..c2e851e 100644
--- a/WebKit/chromium/src/StorageAreaProxy.cpp
+++ b/WebKit/chromium/src/StorageAreaProxy.cpp
@@ -138,8 +138,12 @@ void StorageAreaProxy::storageEvent(const String& key, const String& oldValue, c
}
}
- for (unsigned i = 0; i < frames.size(); ++i)
- frames[i]->document()->enqueueStorageEvent(StorageEvent::create(eventNames().storageEvent, key, oldValue, newValue, sourceFrame->document()->url(), frames[i]->domWindow()->localStorage()));
+ for (unsigned i = 0; i < frames.size(); ++i) {
+ ExceptionCode ec = 0;
+ Storage* storage = frames[i]->domWindow()->localStorage(ec);
+ if (!ec)
+ frames[i]->document()->enqueueStorageEvent(StorageEvent::create(eventNames().storageEvent, key, oldValue, newValue, sourceFrame->document()->url(), storage));
+ }
}
}
diff --git a/WebKit/chromium/src/StorageEventDispatcherImpl.cpp b/WebKit/chromium/src/StorageEventDispatcherImpl.cpp
index 3518796..ae25d44 100644
--- a/WebKit/chromium/src/StorageEventDispatcherImpl.cpp
+++ b/WebKit/chromium/src/StorageEventDispatcherImpl.cpp
@@ -73,8 +73,11 @@ void StorageEventDispatcherImpl::dispatchStorageEvent(const String& key, const S
// FIXME: Figure out how to pass in the document URI.
for (unsigned i = 0; i < frames.size(); ++i) {
- frames[i]->document()->dispatchWindowEvent(StorageEvent::create(eventNames().storageEvent, key, oldValue, newValue,
- url, frames[i]->domWindow()->localStorage()));
+ ExceptionCode ec = 0;
+ Storage* storage = frames[i]->domWindow()->localStorage(ec);
+ if (!ec)
+ frames[i]->document()->dispatchWindowEvent(StorageEvent::create(eventNames().storageEvent, key, oldValue, newValue,
+ url, storage));
}
}
--
WebKit Debian packaging
More information about the Pkg-webkit-commits
mailing list