Diff
Modified: trunk/LayoutTests/ChangeLog (202760 => 202761)
--- trunk/LayoutTests/ChangeLog 2016-07-01 23:15:48 UTC (rev 202760)
+++ trunk/LayoutTests/ChangeLog 2016-07-01 23:22:23 UTC (rev 202761)
@@ -1,3 +1,16 @@
+2016-07-01 Chris Dumez <[email protected]>
+
+ Regression(r199087): window.focus() / window.close() can no longer be called by a Window's opener
+ https://bugs.webkit.org/show_bug.cgi?id=159364
+ <rdar://problem/27117169>
+
+ Reviewed by Gavin Barraclough.
+
+ Add layout test coverage.
+
+ * fast/dom/Window/child-window-focus-expected.txt: Added.
+ * fast/dom/Window/child-window-focus.html: Added.
+
2016-07-01 Ryan Haddad <[email protected]>
Test gardening for Sierra WK1
Added: trunk/LayoutTests/fast/dom/Window/child-window-focus-expected.txt (0 => 202761)
--- trunk/LayoutTests/fast/dom/Window/child-window-focus-expected.txt (rev 0)
+++ trunk/LayoutTests/fast/dom/Window/child-window-focus-expected.txt 2016-07-01 23:22:23 UTC (rev 202761)
@@ -0,0 +1,14 @@
+Test that a Window can be focused / closed by its opener
+
+On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".
+
+
+* Opening new window
+PASS newWindow.opener is window
+newWindow.focus()
+PASS New Window focused
+PASS newWindow.closed is true
+PASS successfullyParsed is true
+
+TEST COMPLETE
+
Added: trunk/LayoutTests/fast/dom/Window/child-window-focus.html (0 => 202761)
--- trunk/LayoutTests/fast/dom/Window/child-window-focus.html (rev 0)
+++ trunk/LayoutTests/fast/dom/Window/child-window-focus.html 2016-07-01 23:22:23 UTC (rev 202761)
@@ -0,0 +1,26 @@
+<!DOCTYPE html>
+<html>
+<script src=""
+<script>
+description("Test that a Window can be focused / closed by its opener");
+
+window.jsTestIsAsync = true;
+
+if (window.testRunner)
+ testRunner.setCanOpenWindows(true);
+
+debug("* Opening new window");
+newWindow = window.open('about:blank', '_blank');
+newWindow._onfocus_ = function() {
+ testPassed("New Window focused");
+ newWindow.close();
+ setTimeout(function() {
+ shouldBeTrue("newWindow.closed");
+ finishJSTest();
+ }, 0);
+}
+shouldBe("newWindow.opener", "window");
+evalAndLog("newWindow.focus()");
+</script>
+<script src=""
+</html>
Modified: trunk/LayoutTests/platform/ios-simulator/TestExpectations (202760 => 202761)
--- trunk/LayoutTests/platform/ios-simulator/TestExpectations 2016-07-01 23:15:48 UTC (rev 202760)
+++ trunk/LayoutTests/platform/ios-simulator/TestExpectations 2016-07-01 23:22:23 UTC (rev 202761)
@@ -2976,6 +2976,7 @@
fast/images/image-map-outline-in-positioned-container.html [ Pass ImageOnlyFailure ]
fast/images/image-map-outline-with-paint-root-offset.html [ Pass ImageOnlyFailure ]
fast/images/image-map-outline-with-scale-transform.html [ Pass ImageOnlyFailure ]
+fast/dom/Window/child-window-focus.html
# iOS does not allow you to scroll by dragging the scrollbar thumb.
webkit.org/b/157201 fast/scrolling/rtl-drag-vertical-scroller.html [ Failure ]
Modified: trunk/LayoutTests/platform/mac-wk1/TestExpectations (202760 => 202761)
--- trunk/LayoutTests/platform/mac-wk1/TestExpectations 2016-07-01 23:15:48 UTC (rev 202760)
+++ trunk/LayoutTests/platform/mac-wk1/TestExpectations 2016-07-01 23:22:23 UTC (rev 202761)
@@ -144,6 +144,7 @@
# This test is WebKit2-only
http/tests/contentfiltering/load-substitute-data-from-appcache.html
+fast/dom/Window/child-window-focus.html
# Testing the system language declaratively only makes sense in WK2, because it's implemented in WebKitTestRunner by launching a new WebContent process.
fast/text/international/system-language [ Pass Failure ImageOnlyFailure ]
Modified: trunk/LayoutTests/platform/win/TestExpectations (202760 => 202761)
--- trunk/LayoutTests/platform/win/TestExpectations 2016-07-01 23:15:48 UTC (rev 202760)
+++ trunk/LayoutTests/platform/win/TestExpectations 2016-07-01 23:22:23 UTC (rev 202761)
@@ -3327,6 +3327,9 @@
webkit.org/b/137204 svg/text/text-hkern.svg [ Failure ]
webkit.org/b/137204 svg/text/text-vkern.svg [ Failure ]
+# This test is WebKit2 only.
+fast/dom/Window/child-window-focus.html
+
# SVG Fonts don't draw multibyte characters.
webkit.org/b/154690 svg/W3C-SVG-1.1/text-align-08-b.svg [ Failure ]
webkit.org/b/154690 svg/W3C-SVG-1.1/text-intro-01-t.svg [ Failure ]
Modified: trunk/Source/WebCore/ChangeLog (202760 => 202761)
--- trunk/Source/WebCore/ChangeLog 2016-07-01 23:15:48 UTC (rev 202760)
+++ trunk/Source/WebCore/ChangeLog 2016-07-01 23:22:23 UTC (rev 202761)
@@ -1,5 +1,39 @@
2016-07-01 Chris Dumez <[email protected]>
+ Regression(r199087): window.focus() / window.close() can no longer be called by a Window's opener
+ https://bugs.webkit.org/show_bug.cgi?id=159364
+ <rdar://problem/27117169>
+
+ Reviewed by Gavin Barraclough.
+
+ window.focus() / window.close() could no longer be called by a Window's opener
+ after r199087, which would break focusing of open iWork documents on icloud.com.
+
+ Before r199087, we would construct a new function in the caller's context every
+ time window.focus and window.close was accessed. r199087 fixed the issue so that
+ we always call the same function. However, those functions are using
+ [CallWith=Document] and they are were no longer passed the *caller*'s document
+ as a result. This broke focus / close permission checking as the code needed the
+ caller's document to do the check.
+
+ This patch introduces [CallWith=CallerDocument] and [CallWith=CallerWindow] so
+ that the implementation can now pass the caller's Document / Window to the
+ implementation. The bindings rely on JSDOMWindow's callerDOMWindow() to get the
+ caller DOMWindow / document. This new functionality is now used for window.close
+ and window.focus to unbreak their permission checking.
+
+ Test: fast/dom/Window/child-window-focus.html
+
+ * bindings/scripts/CodeGeneratorJS.pm:
+ (GenerateCallWith):
+ * bindings/scripts/IDLAttributes.txt:
+ * page/DOMWindow.cpp:
+ (WebCore::DOMWindow::focus):
+ * page/DOMWindow.h:
+ * page/DOMWindow.idl:
+
+2016-07-01 Chris Dumez <[email protected]>
+
[iOS] Possible null Range dereference under computeAutocorrectionContext()
https://bugs.webkit.org/show_bug.cgi?id=159328
<rdar://problem/26766720>
Modified: trunk/Source/WebCore/bindings/scripts/CodeGeneratorJS.pm (202760 => 202761)
--- trunk/Source/WebCore/bindings/scripts/CodeGeneratorJS.pm 2016-07-01 23:15:48 UTC (rev 202760)
+++ trunk/Source/WebCore/bindings/scripts/CodeGeneratorJS.pm 2016-07-01 23:22:23 UTC (rev 202761)
@@ -3521,6 +3521,13 @@
push(@$outputArray, " auto& document = downcast<Document>(*context);\n");
push(@callWithArgs, "document");
}
+ if ($codeGenerator->ExtendedAttributeContains($callWith, "CallerDocument")) {
+ $implIncludes{"Document.h"} = 1;
+ push(@$outputArray, " auto* document = callerDOMWindow(state).document();\n");
+ push(@$outputArray, " if (!document)\n");
+ push(@$outputArray, " return" . ($returnValue ? " " . $returnValue : "") . ";\n");
+ push(@callWithArgs, "*document");
+ }
if ($function and $codeGenerator->ExtendedAttributeContains($callWith, "ScriptArguments")) {
push(@$outputArray, " RefPtr<Inspector::ScriptArguments> scriptArguments(Inspector::createScriptArguments(state, " . @{$function->parameters} . "));\n");
$implIncludes{"<inspector/ScriptArguments.h>"} = 1;
@@ -3529,6 +3536,7 @@
}
push(@callWithArgs, "activeDOMWindow(state)") if $codeGenerator->ExtendedAttributeContains($callWith, "ActiveWindow");
push(@callWithArgs, "firstDOMWindow(state)") if $codeGenerator->ExtendedAttributeContains($callWith, "FirstWindow");
+ push(@callWithArgs, "callerDOMWindow(state)") if $codeGenerator->ExtendedAttributeContains($callWith, "CallerWindow");
return @callWithArgs;
}
Modified: trunk/Source/WebCore/bindings/scripts/IDLAttributes.txt (202760 => 202761)
--- trunk/Source/WebCore/bindings/scripts/IDLAttributes.txt 2016-07-01 23:15:48 UTC (rev 202760)
+++ trunk/Source/WebCore/bindings/scripts/IDLAttributes.txt 2016-07-01 23:22:23 UTC (rev 202761)
@@ -24,7 +24,7 @@
CachedAttribute
CallbackNeedsOperatorEqual
Callback=FunctionOnly
-CallWith=Document|ScriptExecutionContext|ScriptState|ScriptArguments|CallStack|ActiveWindow|FirstWindow
+CallWith=Document|ScriptExecutionContext|ScriptState|ScriptArguments|CallStack|ActiveWindow|FirstWindow|CallerDocument|CallerWindow
CheckSecurity
CheckSecurityForNode
Clamp
Modified: trunk/Source/WebCore/bindings/scripts/test/GObject/WebKitDOMTestObj.cpp (202760 => 202761)
--- trunk/Source/WebCore/bindings/scripts/test/GObject/WebKitDOMTestObj.cpp 2016-07-01 23:15:48 UTC (rev 202760)
+++ trunk/Source/WebCore/bindings/scripts/test/GObject/WebKitDOMTestObj.cpp 2016-07-01 23:22:23 UTC (rev 202761)
@@ -1600,6 +1600,22 @@
item->withDocumentArgument();
}
+void webkit_dom_test_obj_with_caller_document_argument(WebKitDOMTestObj* self)
+{
+ WebCore::JSMainThreadNullState state;
+ g_return_if_fail(WEBKIT_DOM_IS_TEST_OBJ(self));
+ WebCore::TestObj* item = WebKit::core(self);
+ item->withCallerDocumentArgument();
+}
+
+void webkit_dom_test_obj_with_caller_window_argument(WebKitDOMTestObj* self)
+{
+ WebCore::JSMainThreadNullState state;
+ g_return_if_fail(WEBKIT_DOM_IS_TEST_OBJ(self));
+ WebCore::TestObj* item = WebKit::core(self);
+ item->withCallerWindowArgument();
+}
+
void webkit_dom_test_obj_method_with_optional_arg(WebKitDOMTestObj* self, glong opt)
{
WebCore::JSMainThreadNullState state;
Modified: trunk/Source/WebCore/bindings/scripts/test/GObject/WebKitDOMTestObj.h (202760 => 202761)
--- trunk/Source/WebCore/bindings/scripts/test/GObject/WebKitDOMTestObj.h 2016-07-01 23:15:48 UTC (rev 202760)
+++ trunk/Source/WebCore/bindings/scripts/test/GObject/WebKitDOMTestObj.h 2016-07-01 23:22:23 UTC (rev 202761)
@@ -498,6 +498,24 @@
webkit_dom_test_obj_with_document_argument(WebKitDOMTestObj* self);
/**
+ * webkit_dom_test_obj_with_caller_document_argument:
+ * @self: A #WebKitDOMTestObj
+ *
+ * Stability: Unstable
+**/
+WEBKIT_API void
+webkit_dom_test_obj_with_caller_document_argument(WebKitDOMTestObj* self);
+
+/**
+ * webkit_dom_test_obj_with_caller_window_argument:
+ * @self: A #WebKitDOMTestObj
+ *
+ * Stability: Unstable
+**/
+WEBKIT_API void
+webkit_dom_test_obj_with_caller_window_argument(WebKitDOMTestObj* self);
+
+/**
* webkit_dom_test_obj_method_with_optional_arg:
* @self: A #WebKitDOMTestObj
* @opt: A #glong
Modified: trunk/Source/WebCore/bindings/scripts/test/JS/JSTestObj.cpp (202760 => 202761)
--- trunk/Source/WebCore/bindings/scripts/test/JS/JSTestObj.cpp 2016-07-01 23:15:48 UTC (rev 202760)
+++ trunk/Source/WebCore/bindings/scripts/test/JS/JSTestObj.cpp 2016-07-01 23:22:23 UTC (rev 202761)
@@ -620,6 +620,8 @@
JSC::EncodedJSValue JSC_HOST_CALL jsTestObjPrototypeFunctionWithScriptExecutionContextAndScriptStateWithSpaces(JSC::ExecState*);
JSC::EncodedJSValue JSC_HOST_CALL jsTestObjPrototypeFunctionWithScriptArgumentsAndCallStack(JSC::ExecState*);
JSC::EncodedJSValue JSC_HOST_CALL jsTestObjPrototypeFunctionWithDocumentArgument(JSC::ExecState*);
+JSC::EncodedJSValue JSC_HOST_CALL jsTestObjPrototypeFunctionWithCallerDocumentArgument(JSC::ExecState*);
+JSC::EncodedJSValue JSC_HOST_CALL jsTestObjPrototypeFunctionWithCallerWindowArgument(JSC::ExecState*);
JSC::EncodedJSValue JSC_HOST_CALL jsTestObjPrototypeFunctionMethodWithOptionalArg(JSC::ExecState*);
JSC::EncodedJSValue JSC_HOST_CALL jsTestObjPrototypeFunctionMethodWithOptionalArgAndDefaultValue(JSC::ExecState*);
JSC::EncodedJSValue JSC_HOST_CALL jsTestObjPrototypeFunctionMethodWithNonOptionalArgAndOptionalArg(JSC::ExecState*);
@@ -1200,6 +1202,8 @@
{ "withScriptExecutionContextAndScriptStateWithSpaces", JSC::Function, NoIntrinsic, { (intptr_t)static_cast<NativeFunction>(jsTestObjPrototypeFunctionWithScriptExecutionContextAndScriptStateWithSpaces), (intptr_t) (0) } },
{ "withScriptArgumentsAndCallStack", JSC::Function, NoIntrinsic, { (intptr_t)static_cast<NativeFunction>(jsTestObjPrototypeFunctionWithScriptArgumentsAndCallStack), (intptr_t) (0) } },
{ "withDocumentArgument", JSC::Function, NoIntrinsic, { (intptr_t)static_cast<NativeFunction>(jsTestObjPrototypeFunctionWithDocumentArgument), (intptr_t) (0) } },
+ { "withCallerDocumentArgument", JSC::Function, NoIntrinsic, { (intptr_t)static_cast<NativeFunction>(jsTestObjPrototypeFunctionWithCallerDocumentArgument), (intptr_t) (0) } },
+ { "withCallerWindowArgument", JSC::Function, NoIntrinsic, { (intptr_t)static_cast<NativeFunction>(jsTestObjPrototypeFunctionWithCallerWindowArgument), (intptr_t) (0) } },
{ "methodWithOptionalArg", JSC::Function, NoIntrinsic, { (intptr_t)static_cast<NativeFunction>(jsTestObjPrototypeFunctionMethodWithOptionalArg), (intptr_t) (0) } },
{ "methodWithOptionalArgAndDefaultValue", JSC::Function, NoIntrinsic, { (intptr_t)static_cast<NativeFunction>(jsTestObjPrototypeFunctionMethodWithOptionalArgAndDefaultValue), (intptr_t) (0) } },
{ "methodWithNonOptionalArgAndOptionalArg", JSC::Function, NoIntrinsic, { (intptr_t)static_cast<NativeFunction>(jsTestObjPrototypeFunctionMethodWithNonOptionalArgAndOptionalArg), (intptr_t) (1) } },
@@ -4627,6 +4631,33 @@
return JSValue::encode(jsUndefined());
}
+EncodedJSValue JSC_HOST_CALL jsTestObjPrototypeFunctionWithCallerDocumentArgument(ExecState* state)
+{
+ JSValue thisValue = state->thisValue();
+ auto castedThis = jsDynamicCast<JSTestObj*>(thisValue);
+ if (UNLIKELY(!castedThis))
+ return throwThisTypeError(*state, "TestObj", "withCallerDocumentArgument");
+ ASSERT_GC_OBJECT_INHERITS(castedThis, JSTestObj::info());
+ auto& impl = castedThis->wrapped();
+ auto* document = callerDOMWindow(state).document();
+ if (!document)
+ return JSValue::encode(jsUndefined());
+ impl.withCallerDocumentArgument(*document);
+ return JSValue::encode(jsUndefined());
+}
+
+EncodedJSValue JSC_HOST_CALL jsTestObjPrototypeFunctionWithCallerWindowArgument(ExecState* state)
+{
+ JSValue thisValue = state->thisValue();
+ auto castedThis = jsDynamicCast<JSTestObj*>(thisValue);
+ if (UNLIKELY(!castedThis))
+ return throwThisTypeError(*state, "TestObj", "withCallerWindowArgument");
+ ASSERT_GC_OBJECT_INHERITS(castedThis, JSTestObj::info());
+ auto& impl = castedThis->wrapped();
+ impl.withCallerWindowArgument(callerDOMWindow(state));
+ return JSValue::encode(jsUndefined());
+}
+
EncodedJSValue JSC_HOST_CALL jsTestObjPrototypeFunctionMethodWithOptionalArg(ExecState* state)
{
JSValue thisValue = state->thisValue();
Modified: trunk/Source/WebCore/bindings/scripts/test/ObjC/DOMTestObj.h (202760 => 202761)
--- trunk/Source/WebCore/bindings/scripts/test/ObjC/DOMTestObj.h 2016-07-01 23:15:48 UTC (rev 202760)
+++ trunk/Source/WebCore/bindings/scripts/test/ObjC/DOMTestObj.h 2016-07-01 23:22:23 UTC (rev 202761)
@@ -176,6 +176,8 @@
- (DOMTestObj *)withScriptExecutionContextAndScriptStateWithSpaces;
- (void)withScriptArgumentsAndCallStack;
- (void)withDocumentArgument;
+- (void)withCallerDocumentArgument;
+- (void)withCallerWindowArgument;
- (void)methodWithOptionalArg:(int)opt;
- (void)methodWithOptionalArgAndDefaultValue:(int)opt;
- (void)methodWithNonOptionalArgAndOptionalArg:(int)nonOpt opt:(int)opt;
Modified: trunk/Source/WebCore/bindings/scripts/test/ObjC/DOMTestObj.mm (202760 => 202761)
--- trunk/Source/WebCore/bindings/scripts/test/ObjC/DOMTestObj.mm 2016-07-01 23:15:48 UTC (rev 202760)
+++ trunk/Source/WebCore/bindings/scripts/test/ObjC/DOMTestObj.mm 2016-07-01 23:22:23 UTC (rev 202761)
@@ -1330,6 +1330,18 @@
IMPL->withDocumentArgument();
}
+- (void)withCallerDocumentArgument
+{
+ WebCore::JSMainThreadNullState state;
+ IMPL->withCallerDocumentArgument();
+}
+
+- (void)withCallerWindowArgument
+{
+ WebCore::JSMainThreadNullState state;
+ IMPL->withCallerWindowArgument();
+}
+
- (void)methodWithOptionalArg:(int)opt
{
WebCore::JSMainThreadNullState state;
Modified: trunk/Source/WebCore/bindings/scripts/test/TestObj.idl (202760 => 202761)
--- trunk/Source/WebCore/bindings/scripts/test/TestObj.idl 2016-07-01 23:15:48 UTC (rev 202760)
+++ trunk/Source/WebCore/bindings/scripts/test/TestObj.idl 2016-07-01 23:22:23 UTC (rev 202761)
@@ -169,6 +169,8 @@
[CallWith= ScriptExecutionContext & ScriptState ] TestObj withScriptExecutionContextAndScriptStateWithSpaces();
[CallWith=ScriptArguments&CallStack] void withScriptArgumentsAndCallStack();
[CallWith=Document] void withDocumentArgument();
+ [CallWith=CallerDocument] void withCallerDocumentArgument();
+ [CallWith=CallerWindow] void withCallerWindowArgument();
[CallWith=ScriptState] attribute long withScriptStateAttribute;
[CallWith=ScriptState, SetterCallWith=ActiveWindow&FirstWindow] attribute long withCallWithAndSetterCallWithAttribute;
Modified: trunk/Source/WebCore/page/DOMWindow.cpp (202760 => 202761)
--- trunk/Source/WebCore/page/DOMWindow.cpp 2016-07-01 23:15:48 UTC (rev 202760)
+++ trunk/Source/WebCore/page/DOMWindow.cpp 2016-07-01 23:22:23 UTC (rev 202761)
@@ -972,9 +972,9 @@
return m_frame->ownerElement();
}
-void DOMWindow::focus(Document& document)
+void DOMWindow::focus(DOMWindow& callerWindow)
{
- focus(opener() && opener() != this && document.domWindow() == opener());
+ focus(opener() && opener() != this && &callerWindow == opener());
}
void DOMWindow::focus(bool allowFocus)
Modified: trunk/Source/WebCore/page/DOMWindow.h (202760 => 202761)
--- trunk/Source/WebCore/page/DOMWindow.h 2016-07-01 23:15:48 UTC (rev 202760)
+++ trunk/Source/WebCore/page/DOMWindow.h 2016-07-01 23:22:23 UTC (rev 202761)
@@ -163,7 +163,7 @@
Element* frameElement() const;
WEBCORE_EXPORT void focus(bool allowFocus = false);
- void focus(Document&);
+ void focus(DOMWindow& callerWindow);
void blur();
WEBCORE_EXPORT void close();
void close(Document&);
Modified: trunk/Source/WebCore/page/DOMWindow.idl (202760 => 202761)
--- trunk/Source/WebCore/page/DOMWindow.idl 2016-07-01 23:15:48 UTC (rev 202760)
+++ trunk/Source/WebCore/page/DOMWindow.idl 2016-07-01 23:22:23 UTC (rev 202761)
@@ -58,9 +58,9 @@
[CheckSecurityForNode] readonly attribute Element frameElement;
- [DoNotCheckSecurity, CallWith=Document, ForwardDeclareInHeader] void focus();
+ [DoNotCheckSecurity, CallWith=CallerWindow, ForwardDeclareInHeader] void focus();
[DoNotCheckSecurity, ForwardDeclareInHeader] void blur();
- [DoNotCheckSecurity, CallWith=Document, ForwardDeclareInHeader] void close();
+ [DoNotCheckSecurity, CallWith=CallerDocument, ForwardDeclareInHeader] void close();
void print();
void stop();
