[SCM] WebKit Debian packaging branch, webkit-1.3, updated. upstream/1.3.7-4207-g178b198
jnd at chromium.org
jnd at chromium.org
Mon Feb 21 00:17:35 UTC 2011
The following commit has been merged in the webkit-1.3 branch:
commit df0c4676076a0a522831ea4fed520cd0de3679e0
Author: jnd at chromium.org <jnd at chromium.org@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Date: Sat Jan 29 07:06:57 2011 +0000
2011-01-28 Johnny Ding <jnd at chromium.org>
Reviewed by Adam Barth.
Gesture API, disallow popup bypass with using iframe src.
https://bugs.webkit.org/show_bug.cgi?id=53244
* fast/events/popup-blocked-from-iframe-src-expected.txt: Added.
* fast/events/popup-blocked-from-iframe-src.html: Added.
2011-01-28 Johnny Ding <jnd at chromium.org>
Reviewed by Adam Barth.
Gesture API: Don't use current gesture status to set "forceUserGesture" parameter when calling ScriptController::executeScript.
The "forceUserGesture" parameter should be only set when you are definitely sure that the running script is from a hyper-link.
https://bugs.webkit.org/show_bug.cgi?id=53244
Test: fast/events/popup-blocked-from-iframe-src.html
* bindings/ScriptControllerBase.cpp:
(WebCore::ScriptController::executeIfJavaScriptURL):
git-svn-id: http://svn.webkit.org/repository/webkit/trunk@77049 268f45cc-cd09-0410-ab3c-d52691b4dbfc
diff --git a/LayoutTests/ChangeLog b/LayoutTests/ChangeLog
index b62bea5..0a52131 100644
--- a/LayoutTests/ChangeLog
+++ b/LayoutTests/ChangeLog
@@ -1,3 +1,13 @@
+2011-01-28 Johnny Ding <jnd at chromium.org>
+
+ Reviewed by Adam Barth.
+
+ Gesture API, disallow popup bypass with using iframe src.
+ https://bugs.webkit.org/show_bug.cgi?id=53244
+
+ * fast/events/popup-blocked-from-iframe-src-expected.txt: Added.
+ * fast/events/popup-blocked-from-iframe-src.html: Added.
+
2011-01-28 Ryosuke Niwa <rniwa at webkit.org>
Unreviewed; removed Chromium test expectations for tests that have been steadily passing.
diff --git a/LayoutTests/fast/events/popup-blocked-from-iframe-src-expected.txt b/LayoutTests/fast/events/popup-blocked-from-iframe-src-expected.txt
new file mode 100644
index 0000000..b83d900
--- /dev/null
+++ b/LayoutTests/fast/events/popup-blocked-from-iframe-src-expected.txt
@@ -0,0 +1,3 @@
+
+When running script to open a window without user gesture from SRC of the enclosing iframe, webkit should test out that the opening is not initiated by user. This is a test case for bug https://bugs.webkit.org/show_bug.cgi?id=53244.
+PASSED
diff --git a/LayoutTests/fast/events/popup-blocked-from-iframe-src.html b/LayoutTests/fast/events/popup-blocked-from-iframe-src.html
new file mode 100644
index 0000000..2913408
--- /dev/null
+++ b/LayoutTests/fast/events/popup-blocked-from-iframe-src.html
@@ -0,0 +1,29 @@
+<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML//EN">
+<html>
+<head>
+<script>
+if (window.layoutTestController) {
+ layoutTestController.dumpAsText();
+ layoutTestController.setCanOpenWindows();
+ layoutTestController.setPopupBlockingEnabled(true);
+ layoutTestController.setCloseRemainingWindowsWhenComplete(true);
+ layoutTestController.waitUntilDone();
+ // Record current window count.
+ window.windowCount = window.layoutTestController.windowCount();
+}
+function test() {
+ if (!window.layoutTestController)
+ return;
+ if (layoutTestController.windowCount() == window.windowCount)
+ document.getElementById("console").innerText = "PASSED";
+ layoutTestController.notifyDone();
+}
+</script>
+</head>
+<body onload="test();">
+<iframe src="javascript:window.open('about:blank','_blank', 'height=600,width=720')">popup</iframe><br>
+When running script to open a window without user gesture from SRC of the enclosing iframe, webkit should test out that the opening is not initiated by user. This is a test case for bug https://bugs.webkit.org/show_bug.cgi?id=53244.
+<div id="console">FAILED</div>
+</body>
+</html>
+
diff --git a/Source/WebCore/ChangeLog b/Source/WebCore/ChangeLog
index 3ad8fab..0876d22 100644
--- a/Source/WebCore/ChangeLog
+++ b/Source/WebCore/ChangeLog
@@ -1,3 +1,16 @@
+2011-01-28 Johnny Ding <jnd at chromium.org>
+
+ Reviewed by Adam Barth.
+
+ Gesture API: Don't use current gesture status to set "forceUserGesture" parameter when calling ScriptController::executeScript.
+ The "forceUserGesture" parameter should be only set when you are definitely sure that the running script is from a hyper-link.
+ https://bugs.webkit.org/show_bug.cgi?id=53244
+
+ Test: fast/events/popup-blocked-from-iframe-src.html
+
+ * bindings/ScriptControllerBase.cpp:
+ (WebCore::ScriptController::executeIfJavaScriptURL):
+
2011-01-28 Simon Fraser <simon.fraser at apple.com>
Reviewed by Gavin Barraclough.
diff --git a/Source/WebCore/bindings/ScriptControllerBase.cpp b/Source/WebCore/bindings/ScriptControllerBase.cpp
index a77ff9c..85e8b0c 100644
--- a/Source/WebCore/bindings/ScriptControllerBase.cpp
+++ b/Source/WebCore/bindings/ScriptControllerBase.cpp
@@ -90,7 +90,7 @@ bool ScriptController::executeIfJavaScriptURL(const KURL& url, ShouldReplaceDocu
String decodedURL = decodeURLEscapeSequences(url.string());
ScriptValue result;
if (xssAuditor()->canEvaluateJavaScriptURL(decodedURL))
- result = executeScript(decodedURL.substring(javascriptSchemeLength), processingUserGesture(), AllowXSS);
+ result = executeScript(decodedURL.substring(javascriptSchemeLength), false, AllowXSS);
// If executing script caused this frame to be removed from the page, we
// don't want to try to replace its document!
--
WebKit Debian packaging
More information about the Pkg-webkit-commits
mailing list