Title: [125662] trunk/LayoutTests
- Revision
- 125662
- Author
- [email protected]
- Date
- 2012-08-15 03:15:57 -0700 (Wed, 15 Aug 2012)
Log Message
[Qt] Unreviewd gardening. Readd removed expectations in r125658 with some modification.
Patch by Zoltan Arvai <[email protected]> on 2012-08-15
* platform/qt/http/tests/security/aboutBlank/xss-DENIED-navigate-opener-document-write-expected.txt: Added.
* platform/qt/http/tests/security/aboutBlank/xss-DENIED-set-opener-expected.txt: Added.
Modified Paths
Added Paths
Diff
Modified: trunk/LayoutTests/ChangeLog (125661 => 125662)
--- trunk/LayoutTests/ChangeLog 2012-08-15 10:10:11 UTC (rev 125661)
+++ trunk/LayoutTests/ChangeLog 2012-08-15 10:15:57 UTC (rev 125662)
@@ -1,3 +1,10 @@
+2012-08-15 Zoltan Arvai <[email protected]>
+
+ [Qt] Unreviewd gardening. Readd removed expectations in r125658 with some modification.
+
+ * platform/qt/http/tests/security/aboutBlank/xss-DENIED-navigate-opener-document-write-expected.txt: Added.
+ * platform/qt/http/tests/security/aboutBlank/xss-DENIED-set-opener-expected.txt: Added.
+
2012-08-14 Pavel Feldman <[email protected]>
Web Inspector: split standalone test runner, test scanner and test stub.
Added: trunk/LayoutTests/platform/qt/http/tests/security/aboutBlank/xss-DENIED-navigate-opener-document-write-expected.txt (0 => 125662)
--- trunk/LayoutTests/platform/qt/http/tests/security/aboutBlank/xss-DENIED-navigate-opener-document-write-expected.txt (rev 0)
+++ trunk/LayoutTests/platform/qt/http/tests/security/aboutBlank/xss-DENIED-navigate-opener-document-write-expected.txt 2012-08-15 10:15:57 UTC (rev 125662)
@@ -0,0 +1,17 @@
+CONSOLE MESSAGE: Unsafe _javascript_ attempt to access frame with URL http://localhost:8000/security/resources/innocent-victim-with-notify.html from frame with URL http://127.0.0.1:8000/security/aboutBlank/xss-DENIED-navigate-opener-document-write.html. Domains, protocols and ports must match.
+
+CONSOLE MESSAGE: line 1: TypeError: 'undefined' is not an object
+This page opens a window to "", injects malicious code, and then navigates its opener to the victim. The opened window then tries to scripts its opener after document.writeing a new document.
+Code injected into window:
+<script>document.write('<script>function write(target, message) { target.document.body.innerHTML = message; }setTimeout(function() {write(window.opener, \'FAIL: XSS was allowed.\');}, 100);setTimeout(function() {write(window.opener.top.frames[1], \'SUCCESS: Window remained in original SecurityOrigin.\');}, 200);setTimeout(function() { if (window.testRunner) testRunner.globalFlag = true; }, 300);<\/script>');</script>
+
+
+--------
+Frame: '<!--framePath //<!--frame0-->-->'
+--------
+This page doesn't do anything special (except signal that it has finished loading).
+
+--------
+Frame: '<!--framePath //<!--frame1-->-->'
+--------
+SUCCESS: Window remained in original SecurityOrigin.
Added: trunk/LayoutTests/platform/qt/http/tests/security/aboutBlank/xss-DENIED-set-opener-expected.txt (0 => 125662)
--- trunk/LayoutTests/platform/qt/http/tests/security/aboutBlank/xss-DENIED-set-opener-expected.txt (rev 0)
+++ trunk/LayoutTests/platform/qt/http/tests/security/aboutBlank/xss-DENIED-set-opener-expected.txt 2012-08-15 10:15:57 UTC (rev 125662)
@@ -0,0 +1,22 @@
+CONSOLE MESSAGE: Unsafe _javascript_ attempt to access frame with URL http://localhost:8000/security/resources/innocent-victim.html from frame with URL http://127.0.0.1:8000/security/aboutBlank/xss-DENIED-set-opener.html. Domains, protocols and ports must match.
+
+CONSOLE MESSAGE: Unsafe _javascript_ attempt to access frame with URL http://localhost:8000/security/resources/innocent-victim.html from frame with URL http://127.0.0.1:8000/security/aboutBlank/xss-DENIED-set-opener.html. Domains, protocols and ports must match.
+
+CONSOLE MESSAGE: line 1: TypeError: 'undefined' is not an object
+This page opens a window to "", injects malicious code, and then uses window.open.call to set its opener to the victim. The opened window then tries to scripts its opener.
+Code injected into window:
+<script>function write(target, message) { target.document.body.innerHTML = message; }
+setTimeout(function() {write(window.opener.top.frames[0], 'FAIL: XSS was allowed.');}, 100);
+setTimeout(function() {write(window.opener.top.frames[1], 'SUCCESS: Window remained in original SecurityOrigin.');}, 200);
+setTimeout(function() { if (window.testRunner) testRunner.globalFlag = true; }, 300);</script>
+
+
+--------
+Frame: '<!--framePath //<!--frame0-->-->'
+--------
+This page doesn't do anything special.
+
+--------
+Frame: '<!--framePath //<!--frame1-->-->'
+--------
+SUCCESS: Window remained in original SecurityOrigin.
_______________________________________________
webkit-changes mailing list
[email protected]
http://lists.webkit.org/mailman/listinfo/webkit-changes
