Title: [237598] trunk
- Revision
- 237598
- Author
- [email protected]
- Date
- 2018-10-30 12:58:51 -0700 (Tue, 30 Oct 2018)
Log Message
Calling window.open("", "_self") allows working around restrictions on window.close()
https://bugs.webkit.org/show_bug.cgi?id=191073
Reviewed by Chris Dumez.
Source/WebCore:
Do not treat a re-used frame in DOMWindow::createWindow as having been opened by DOM.
Test: fast/dom/Window/window-open-self-disallow-close.html
* page/DOMWindow.cpp:
(WebCore::DOMWindow::createWindow):
LayoutTests:
* fast/dom/Window/window-open-self-disallow-close-expected.txt: Added.
* fast/dom/Window/window-open-self-disallow-close.html: Added.
Modified Paths
Added Paths
Diff
Modified: trunk/LayoutTests/ChangeLog (237597 => 237598)
--- trunk/LayoutTests/ChangeLog 2018-10-30 19:07:40 UTC (rev 237597)
+++ trunk/LayoutTests/ChangeLog 2018-10-30 19:58:51 UTC (rev 237598)
@@ -1,3 +1,13 @@
+2018-10-30 Ali Juma <[email protected]>
+
+ Calling window.open("", "_self") allows working around restrictions on window.close()
+ https://bugs.webkit.org/show_bug.cgi?id=191073
+
+ Reviewed by Chris Dumez.
+
+ * fast/dom/Window/window-open-self-disallow-close-expected.txt: Added.
+ * fast/dom/Window/window-open-self-disallow-close.html: Added.
+
2018-10-30 Andy Estes <[email protected]>
[Payment Request] Implement PaymentResponse.retry()
Added: trunk/LayoutTests/fast/dom/Window/window-open-self-disallow-close-expected.txt (0 => 237598)
--- trunk/LayoutTests/fast/dom/Window/window-open-self-disallow-close-expected.txt (rev 0)
+++ trunk/LayoutTests/fast/dom/Window/window-open-self-disallow-close-expected.txt 2018-10-30 19:58:51 UTC (rev 237598)
@@ -0,0 +1,4 @@
+CONSOLE MESSAGE: line 8: Can't close the window since it was not opened by _javascript_
+
+PASS Calling window.open with windowName '_self' should not make the window closeable by script
+
Added: trunk/LayoutTests/fast/dom/Window/window-open-self-disallow-close.html (0 => 237598)
--- trunk/LayoutTests/fast/dom/Window/window-open-self-disallow-close.html (rev 0)
+++ trunk/LayoutTests/fast/dom/Window/window-open-self-disallow-close.html 2018-10-30 19:58:51 UTC (rev 237598)
@@ -0,0 +1,13 @@
+<!DOCTYPE html>
+<script src=""
+<script src=""
+<body>
+ <script>
+ test(function() {
+ window.open("", "_self");
+ window.close();
+ assert_false(window.closed, "window should not be closeable by script");
+ }, "Calling window.open with windowName '_self' should not make the window closeable by script");
+ </script>
+</body>
+</html>
Modified: trunk/Source/WebCore/ChangeLog (237597 => 237598)
--- trunk/Source/WebCore/ChangeLog 2018-10-30 19:07:40 UTC (rev 237597)
+++ trunk/Source/WebCore/ChangeLog 2018-10-30 19:58:51 UTC (rev 237598)
@@ -1,3 +1,17 @@
+2018-10-30 Ali Juma <[email protected]>
+
+ Calling window.open("", "_self") allows working around restrictions on window.close()
+ https://bugs.webkit.org/show_bug.cgi?id=191073
+
+ Reviewed by Chris Dumez.
+
+ Do not treat a re-used frame in DOMWindow::createWindow as having been opened by DOM.
+
+ Test: fast/dom/Window/window-open-self-disallow-close.html
+
+ * page/DOMWindow.cpp:
+ (WebCore::DOMWindow::createWindow):
+
2018-10-30 Andy Estes <[email protected]>
[Payment Request] Implement PaymentResponse.retry()
Modified: trunk/Source/WebCore/page/DOMWindow.cpp (237597 => 237598)
--- trunk/Source/WebCore/page/DOMWindow.cpp 2018-10-30 19:07:40 UTC (rev 237597)
+++ trunk/Source/WebCore/page/DOMWindow.cpp 2018-10-30 19:58:51 UTC (rev 237598)
@@ -2241,7 +2241,8 @@
newFrame->loader().setOpener(&openerFrame);
newFrame->page()->setOpenedViaWindowOpenWithOpener();
}
- newFrame->page()->setOpenedByDOM();
+ if (created)
+ newFrame->page()->setOpenedByDOM();
if (newFrame->document()->domWindow()->isInsecureScriptAccess(activeWindow, completedURL))
return windowFeatures.noopener ? RefPtr<Frame> { nullptr } : newFrame;
_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes
