[SCM] WebKit Debian packaging branch, webkit-1.1, updated. upstream/1.1.21-584-g1e41756

eric at webkit.org eric at webkit.org
Fri Feb 26 22:24:04 UTC 2010 

The following commit has been merged in the webkit-1.1 branch:
commit ef31a0a1c41a90779d18bfd0aa05558b818a7d79
Author: eric at webkit.org <eric at webkit.org@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Date:   Thu Feb 18 08:38:32 2010 +0000

    2010-02-18  Chris Evans  <cevans at chromium.org>
    
            Reviewed by Adam Barth.
    
            Add the promised test for the unique file:// origins support.
            See https://bugs.webkit.org/show_bug.cgi?id=34778 for more details.
    
            * fast/xmlhttprequest/xmlhttprequest-no-file-access.html: Added.
            * fast/xmlhttprequest/resources/xmlhttprequest-no-file-access-real.html: Added.
            * fast/xmlhttprequest/xmlhttprequest-no-file-access-expected.txt: Added.
    
    git-svn-id: http://svn.webkit.org/repository/webkit/trunk@54944 268f45cc-cd09-0410-ab3c-d52691b4dbfc

diff --git a/LayoutTests/ChangeLog b/LayoutTests/ChangeLog
index 63c8a0b..46c7292 100644
--- a/LayoutTests/ChangeLog
+++ b/LayoutTests/ChangeLog
@@ -1,3 +1,14 @@
+2010-02-18  Chris Evans  <cevans at chromium.org>
+
+        Reviewed by Adam Barth.
+
+        Add the promised test for the unique file:// origins support.
+        See https://bugs.webkit.org/show_bug.cgi?id=34778 for more details.
+
+        * fast/xmlhttprequest/xmlhttprequest-no-file-access.html: Added.
+        * fast/xmlhttprequest/resources/xmlhttprequest-no-file-access-real.html: Added.
+        * fast/xmlhttprequest/xmlhttprequest-no-file-access-expected.txt: Added.
+
 2010-02-18  Tony Chang  <tony at chromium.org>
 
         Not reviewed, adding a QT layout test result for a new test
diff --git a/LayoutTests/fast/xmlhttprequest/resources/xmlhttprequest-no-file-access-real.html b/LayoutTests/fast/xmlhttprequest/resources/xmlhttprequest-no-file-access-real.html
new file mode 100644
index 0000000..83494eb
--- /dev/null
+++ b/LayoutTests/fast/xmlhttprequest/resources/xmlhttprequest-no-file-access-real.html
@@ -0,0 +1,39 @@
+<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
+                      "http://www.w3.org/TR/html4/loose.dtd">
+<html>
+<head>
+    <script>
+        function log(message)
+        {
+            var console = document.getElementById('console');
+            console.appendChild(document.createTextNode(message));
+            console.appendChild(document.createElement('br'));
+        }
+
+        function testXHRDenied()
+        {
+            log("Doing an XHR to an existing file.");
+            xhr = new XMLHttpRequest();
+
+            try {
+                xhr.open("GET", "../xmlhttprequest-no-file-access-expected.txt", false);
+                xhr.send("");
+            } catch(e) {
+                log("Exception: " + e.message);
+                try {
+                    var results = window.top.document.getElementById('results');
+                } catch (e) {
+                    log("Exception: " + e.message);
+                    if (window.layoutTestController) {
+                        setTimeout("layoutTestController.notifyDone()", 0);
+                    }
+                }
+            }
+        }
+        </script>
+    </head>
+    <body onload="testXHRDenied()">
+        <p> We're checking we can't read an arbitrary file when we set each file:// URI to have a unique domain. </p>
+        <div id="console"/>
+    </body>
+</html>
diff --git a/LayoutTests/fast/xmlhttprequest/xmlhttprequest-no-file-access-expected.txt b/LayoutTests/fast/xmlhttprequest/xmlhttprequest-no-file-access-expected.txt
new file mode 100644
index 0000000..965c701
--- /dev/null
+++ b/LayoutTests/fast/xmlhttprequest/xmlhttprequest-no-file-access-expected.txt
@@ -0,0 +1,4 @@
+CONSOLE MESSAGE: line 1: Unsafe JavaScript attempt to access frame with URL xmlhttprequest-no-file-access-real.html. Domains, protocols and ports must match.
+
+
+The child iframe cannot paste its textual results into this iframe because it is considered a different domain - that's the point of this test! Therefore, success is denoted by the child iframe calling notifyDone. The test will hang if something goes amiss with the access control checks.
diff --git a/LayoutTests/fast/xmlhttprequest/xmlhttprequest-no-file-access.html b/LayoutTests/fast/xmlhttprequest/xmlhttprequest-no-file-access.html
new file mode 100644
index 0000000..48cdb3e
--- /dev/null
+++ b/LayoutTests/fast/xmlhttprequest/xmlhttprequest-no-file-access.html
@@ -0,0 +1,20 @@
+<html>
+<head>
+<script>
+if (window.layoutTestController) {
+    layoutTestController.dumpAsText();
+    layoutTestController.waitUntilDone();
+    layoutTestController.setAllowUniversalAccessFromFileURLs(false);
+    layoutTestController.setAllowFileAccessFromFileURLs(false);
+}
+</script>
+</head>
+<body>
+<iframe src="resources/xmlhttprequest-no-file-access-real.html"></iframe>
+<div id="results"></div>
+The child iframe cannot paste its textual results into this iframe because it
+is considered a different domain - that's the point of this test!
+Therefore, success is denoted by the child iframe calling notifyDone.
+The test will hang if something goes amiss with the access control checks.
+</body>
+</html>

-- 
WebKit Debian packaging

More information about the Pkg-webkit-commits mailing list