Title: [210183] releases/WebKitGTK/webkit-2.14
- Revision
- 210183
- Author
- [email protected]
- Date
- 2016-12-28 00:59:00 -0800 (Wed, 28 Dec 2016)
Log Message
Merge r204266 - Popups opened from a sandboxed iframe should themselves be sandboxed
https://bugs.webkit.org/show_bug.cgi?id=134850
<rdar://problem/27375388>
Reviewed by Brent Fulgham.
Source/WebCore:
Test: http/tests/security/window-opened-from-sandboxed-iframe-should-inherit-sandbox.html
* loader/FrameLoader.cpp:
(WebCore::FrameLoader::continueLoadAfterNewWindowPolicy):
Now copies the opener's frame loader effective sandbox flags to the
new frame loader.
LayoutTests:
* http/tests/security/resources/anchor-tag-with-blank-target.html: Added.
* http/tests/security/resources/page-executing-_javascript_.html: Added.
* http/tests/security/window-opened-from-sandboxed-iframe-should-inherit-sandbox-expected.txt: Added.
* http/tests/security/window-opened-from-sandboxed-iframe-should-inherit-sandbox.html: Added.
Modified Paths
Diff
Modified: releases/WebKitGTK/webkit-2.14/LayoutTests/ChangeLog (210182 => 210183)
--- releases/WebKitGTK/webkit-2.14/LayoutTests/ChangeLog 2016-12-28 08:51:09 UTC (rev 210182)
+++ releases/WebKitGTK/webkit-2.14/LayoutTests/ChangeLog 2016-12-28 08:59:00 UTC (rev 210183)
@@ -1,3 +1,16 @@
+2016-08-08 John Wilander <[email protected]>
+
+ Popups opened from a sandboxed iframe should themselves be sandboxed
+ https://bugs.webkit.org/show_bug.cgi?id=134850
+ <rdar://problem/27375388>
+
+ Reviewed by Brent Fulgham.
+
+ * http/tests/security/resources/anchor-tag-with-blank-target.html: Added.
+ * http/tests/security/resources/page-executing-_javascript_.html: Added.
+ * http/tests/security/window-opened-from-sandboxed-iframe-should-inherit-sandbox-expected.txt: Added.
+ * http/tests/security/window-opened-from-sandboxed-iframe-should-inherit-sandbox.html: Added.
+
2016-11-13 Fujii Hironori <[email protected]>
[HarfBuzz] HarfBuzzShaper should not assume numGlyphs is greater than 0
Modified: releases/WebKitGTK/webkit-2.14/Source/WebCore/ChangeLog (210182 => 210183)
--- releases/WebKitGTK/webkit-2.14/Source/WebCore/ChangeLog 2016-12-28 08:51:09 UTC (rev 210182)
+++ releases/WebKitGTK/webkit-2.14/Source/WebCore/ChangeLog 2016-12-28 08:59:00 UTC (rev 210183)
@@ -1,3 +1,18 @@
+2016-08-08 John Wilander <[email protected]>
+
+ Popups opened from a sandboxed iframe should themselves be sandboxed
+ https://bugs.webkit.org/show_bug.cgi?id=134850
+ <rdar://problem/27375388>
+
+ Reviewed by Brent Fulgham.
+
+ Test: http/tests/security/window-opened-from-sandboxed-iframe-should-inherit-sandbox.html
+
+ * loader/FrameLoader.cpp:
+ (WebCore::FrameLoader::continueLoadAfterNewWindowPolicy):
+ Now copies the opener's frame loader effective sandbox flags to the
+ new frame loader.
+
2016-12-27 Michael Catanzaro <[email protected]>
[GTK] Improve user agent construction
_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes
