Title: [124368] trunk
- Revision
- 124368
- Author
- [email protected]
- Date
- 2012-08-01 14:21:55 -0700 (Wed, 01 Aug 2012)
Log Message
Block pointer lock for sandboxed iframes.
https://bugs.webkit.org/show_bug.cgi?id=92796
Reviewed by Adam Barth.
Source/WebCore:
Sandboxed iframe documents should be blocked from using the
pointer lock API until there is specification agreement
on what attribute to use to allow the feature. After
specification this restriction can be relaxed, but not
restricting it now would require breaking applications
later.
Test: http/tests/pointer-lock/iframe-sandboxed.html
* dom/SecurityContext.h:
* page/PointerLockController.cpp:
(WebCore::PointerLockController::requestPointerLock):
LayoutTests:
Sandboxed iframe documents should be blocked from using the
pointer lock API until there is specification agreement
on what attribute to use to allow the feature.
* http/tests/pointer-lock/iframe-sandboxed-expected.txt: Added.
* http/tests/pointer-lock/iframe-sandboxed.html: Added.
Modified Paths
Added Paths
Diff
Modified: trunk/LayoutTests/ChangeLog (124367 => 124368)
--- trunk/LayoutTests/ChangeLog 2012-08-01 21:19:18 UTC (rev 124367)
+++ trunk/LayoutTests/ChangeLog 2012-08-01 21:21:55 UTC (rev 124368)
@@ -1,3 +1,17 @@
+2012-08-01 Vincent Scheib <[email protected]>
+
+ Block pointer lock for sandboxed iframes.
+ https://bugs.webkit.org/show_bug.cgi?id=92796
+
+ Reviewed by Adam Barth.
+
+ Sandboxed iframe documents should be blocked from using the
+ pointer lock API until there is specification agreement
+ on what attribute to use to allow the feature.
+
+ * http/tests/pointer-lock/iframe-sandboxed-expected.txt: Added.
+ * http/tests/pointer-lock/iframe-sandboxed.html: Added.
+
2012-08-01 Emil A Eklund <[email protected]>
Added: trunk/LayoutTests/http/tests/pointer-lock/iframe-sandboxed-expected.txt (0 => 124368)
--- trunk/LayoutTests/http/tests/pointer-lock/iframe-sandboxed-expected.txt (rev 0)
+++ trunk/LayoutTests/http/tests/pointer-lock/iframe-sandboxed-expected.txt 2012-08-01 21:21:55 UTC (rev 124368)
@@ -0,0 +1,10 @@
+Test sandboxed iframe blocks pointer lock.
+
+On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".
+
+
+PASS message is "inner-iframe.html onwebkitpointerlockerror"
+PASS successfullyParsed is true
+
+TEST COMPLETE
+
Added: trunk/LayoutTests/http/tests/pointer-lock/iframe-sandboxed.html (0 => 124368)
--- trunk/LayoutTests/http/tests/pointer-lock/iframe-sandboxed.html (rev 0)
+++ trunk/LayoutTests/http/tests/pointer-lock/iframe-sandboxed.html 2012-08-01 21:21:55 UTC (rev 124368)
@@ -0,0 +1,34 @@
+<!DOCTYPE HTML>
+<html>
+<head>
+<script src=""
+<script src=""
+</head>
+<body>
+<div>
+ <div id="target1"></div>
+ <iframe src="" sandbox="allow-same-origin allow-scripts" _onload_="doNextStepWithUserGesture()"></iframe>
+</div>
+<script>
+ description("Test sandboxed iframe blocks pointer lock.")
+ window.jsTestIsAsync = true;
+
+ targetDiv1 = document.getElementById("target1");
+ iframe = document.getElementsByTagName("iframe")[0];
+
+ todo = [
+ function () {
+ iframe.contentWindow.postMessage(["eval", 'document.body.webkitRequestPointerLock()'], "*");
+ window._onmessage_ = function (messageEvent) {
+ message = messageEvent.data;
+ shouldBeEqualToString("message", "inner-iframe.html onwebkitpointerlockerror");
+ window._onmessage_ = null;
+ doNextStep();
+ }
+ },
+ ];
+ // doNextStep() called by iframe onload handler.
+</script>
+<script src=""
+</body>
+</html>
Modified: trunk/Source/WebCore/ChangeLog (124367 => 124368)
--- trunk/Source/WebCore/ChangeLog 2012-08-01 21:19:18 UTC (rev 124367)
+++ trunk/Source/WebCore/ChangeLog 2012-08-01 21:21:55 UTC (rev 124368)
@@ -1,3 +1,23 @@
+2012-08-01 Vincent Scheib <[email protected]>
+
+ Block pointer lock for sandboxed iframes.
+ https://bugs.webkit.org/show_bug.cgi?id=92796
+
+ Reviewed by Adam Barth.
+
+ Sandboxed iframe documents should be blocked from using the
+ pointer lock API until there is specification agreement
+ on what attribute to use to allow the feature. After
+ specification this restriction can be relaxed, but not
+ restricting it now would require breaking applications
+ later.
+
+ Test: http/tests/pointer-lock/iframe-sandboxed.html
+
+ * dom/SecurityContext.h:
+ * page/PointerLockController.cpp:
+ (WebCore::PointerLockController::requestPointerLock):
+
2012-08-01 Patrick Gansterer <[email protected]>
Replace WTF::getCurrentLocalTime() with GregorianDateTime::setToCurrentLocalTime()
Modified: trunk/Source/WebCore/dom/SecurityContext.h (124367 => 124368)
--- trunk/Source/WebCore/dom/SecurityContext.h 2012-08-01 21:19:18 UTC (rev 124367)
+++ trunk/Source/WebCore/dom/SecurityContext.h 2012-08-01 21:21:55 UTC (rev 124368)
@@ -49,6 +49,7 @@
SandboxPopups = 1 << 6, // See https://www.w3.org/Bugs/Public/show_bug.cgi?id=12393
SandboxAutomaticFeatures = 1 << 7,
SandboxSeamlessIframes = 1 << 8,
+ SandboxPointerLock = 1 << 9,
SandboxAll = -1 // Mask with all bits set to 1.
};
Modified: trunk/Source/WebCore/page/PointerLockController.cpp (124367 => 124368)
--- trunk/Source/WebCore/page/PointerLockController.cpp 2012-08-01 21:19:18 UTC (rev 124367)
+++ trunk/Source/WebCore/page/PointerLockController.cpp 2012-08-01 21:21:55 UTC (rev 124368)
@@ -48,7 +48,8 @@
void PointerLockController::requestPointerLock(Element* target, PassRefPtr<VoidCallback> successCallback, PassRefPtr<VoidCallback> failureCallback)
{
- if (!target || !target->inDocument() || m_documentOfRemovedElementWhileWaitingForUnlock) {
+ if (!target || !target->inDocument() || m_documentOfRemovedElementWhileWaitingForUnlock
+ || target->document()->isSandboxed(SandboxPointerLock)) {
enqueueEvent(eventNames().webkitpointerlockerrorEvent, target);
return;
}
_______________________________________________
webkit-changes mailing list
[email protected]
http://lists.webkit.org/mailman/listinfo/webkit-changes
