Diff
Modified: trunk/LayoutTests/ChangeLog (127480 => 127481)
--- trunk/LayoutTests/ChangeLog 2012-09-04 18:54:00 UTC (rev 127480)
+++ trunk/LayoutTests/ChangeLog 2012-09-04 18:58:19 UTC (rev 127481)
@@ -1,3 +1,29 @@
+2012-09-04 Christophe Dumez <[email protected]>
+
+ Automatic features should work in sandboxed iframes if "allow-scripts" flag is set
+ https://bugs.webkit.org/show_bug.cgi?id=93961
+
+ Reviewed by Adam Barth.
+
+ Add layout tests to check that automatic features (video
+ autoplay and form control autofocus) are allowed / working
+ in sandboxed iframes if the "allow-scripts" flag is set.
+ This behavior is according to the latest specification at:
+ http://dev.w3.org/html5/spec/browsers.html#attr-iframe-sandbox-allow-same-origin
+
+ The tests to check that automatic features are blocked in
+ sandboxed iframes have been removed since they relied on
+ the "allow-scripts" flag to work.
+
+ * fast/forms/autofocus-in-sandbox-with-allow-scripts-expected.txt: Added.
+ * fast/forms/autofocus-in-sandbox-with-allow-scripts.html: Renamed from LayoutTests/fast/forms/no-autofocus-in-sandbox.html.
+ * fast/forms/no-autofocus-in-sandbox-expected.txt: Removed.
+ * media/auto-play-in-sandbox-with-allow-scripts-expected.txt: Added.
+ * media/auto-play-in-sandbox-with-allow-scripts.html: Renamed from LayoutTests/media/no-auto-play-in-sandbox.html.
+ * media/no-auto-play-in-sandbox-expected.txt: Removed.
+ * media/resources/auto-play-in-sandbox-with-allow-scripts-iframe.html: Added.
+ * media/resources/no-auto-play-in-sandbox-iframe.html: Removed.
+
2012-09-04 Tim Horton <[email protected]>
ASSERTion failure when SVG element is removed from document and readded
Added: trunk/LayoutTests/fast/forms/autofocus-in-sandbox-with-allow-scripts-expected.txt (0 => 127481)
--- trunk/LayoutTests/fast/forms/autofocus-in-sandbox-with-allow-scripts-expected.txt (rev 0)
+++ trunk/LayoutTests/fast/forms/autofocus-in-sandbox-with-allow-scripts-expected.txt 2012-09-04 18:58:19 UTC (rev 127481)
@@ -0,0 +1,2 @@
+ALERT: INPUT
+This test passes if the activeElement is the input element rather than the body (which it would be if the sandbox didn't allow autofocus although allow-scripts flag is set).
Copied: trunk/LayoutTests/fast/forms/autofocus-in-sandbox-with-allow-scripts.html (from rev 127480, trunk/LayoutTests/fast/forms/no-autofocus-in-sandbox.html) (0 => 127481)
--- trunk/LayoutTests/fast/forms/autofocus-in-sandbox-with-allow-scripts.html (rev 0)
+++ trunk/LayoutTests/fast/forms/autofocus-in-sandbox-with-allow-scripts.html 2012-09-04 18:58:19 UTC (rev 127481)
@@ -0,0 +1,8 @@
+<script>
+if (window.testRunner)
+ testRunner.dumpAsText();
+</script>
+This test passes if the activeElement is the input element rather than the body
+(which it would be if the sandbox didn't allow autofocus although allow-scripts flag is set).
+<iframe sandbox="allow-scripts"
+ src="" autofocus onfocus><script>alert(document.activeElement.tagName)</script>"></iframe>
Deleted: trunk/LayoutTests/fast/forms/no-autofocus-in-sandbox-expected.txt (127480 => 127481)
--- trunk/LayoutTests/fast/forms/no-autofocus-in-sandbox-expected.txt 2012-09-04 18:54:00 UTC (rev 127480)
+++ trunk/LayoutTests/fast/forms/no-autofocus-in-sandbox-expected.txt 2012-09-04 18:58:19 UTC (rev 127481)
@@ -1,2 +0,0 @@
-ALERT: BODY
-This test passes if the activeElement is the body rather than the input element (which it would be if the sandbox didn't succeed in blocking autofocus).
Deleted: trunk/LayoutTests/fast/forms/no-autofocus-in-sandbox.html (127480 => 127481)
--- trunk/LayoutTests/fast/forms/no-autofocus-in-sandbox.html 2012-09-04 18:54:00 UTC (rev 127480)
+++ trunk/LayoutTests/fast/forms/no-autofocus-in-sandbox.html 2012-09-04 18:58:19 UTC (rev 127481)
@@ -1,8 +0,0 @@
-<script>
-if (window.testRunner)
- testRunner.dumpAsText();
-</script>
-This test passes if the activeElement is the body rather than the input element
-(which it would be if the sandbox didn't succeed in blocking autofocus).
-<iframe sandbox="allow-scripts"
- src="" autofocus onfocus><script>alert(document.activeElement.tagName)</script>"></iframe>
Added: trunk/LayoutTests/media/auto-play-in-sandbox-with-allow-scripts-expected.txt (0 => 127481)
--- trunk/LayoutTests/media/auto-play-in-sandbox-with-allow-scripts-expected.txt (rev 0)
+++ trunk/LayoutTests/media/auto-play-in-sandbox-with-allow-scripts-expected.txt 2012-09-04 18:58:19 UTC (rev 127481)
@@ -0,0 +1,12 @@
+
+
+--------
+Frame: '<!--framePath //<!--frame0-->-->'
+--------
+Test that play event fires when "src" set with an autoplay attribute in a sandbox with allows-scripts.
+
+EXPECTED (video.paused == 'true') OK
+EVENT(play)
+PLAY fired OK
+END OF TEST
+
Copied: trunk/LayoutTests/media/auto-play-in-sandbox-with-allow-scripts.html (from rev 127480, trunk/LayoutTests/media/no-auto-play-in-sandbox.html) (0 => 127481)
--- trunk/LayoutTests/media/auto-play-in-sandbox-with-allow-scripts.html (rev 0)
+++ trunk/LayoutTests/media/auto-play-in-sandbox-with-allow-scripts.html 2012-09-04 18:58:19 UTC (rev 127481)
@@ -0,0 +1,10 @@
+<script>
+if (window.testRunner) {
+ testRunner.dumpAsText();
+ testRunner.dumpChildFramesAsText();
+}
+</script>
+<iframe
+ style="width: 400px; height: 600px"
+ sandbox="allow-scripts allow-same-origin"
+ src=""
Deleted: trunk/LayoutTests/media/no-auto-play-in-sandbox-expected.txt (127480 => 127481)
--- trunk/LayoutTests/media/no-auto-play-in-sandbox-expected.txt 2012-09-04 18:54:00 UTC (rev 127480)
+++ trunk/LayoutTests/media/no-auto-play-in-sandbox-expected.txt 2012-09-04 18:58:19 UTC (rev 127481)
@@ -1,12 +0,0 @@
-
-
---------
-Frame: '<!--framePath //<!--frame0-->-->'
---------
-Test that play event does not fire when "src" set with an autoplay attribute in a sandbox.
-
-EXPECTED (video.paused == 'true') OK
-EVENT(canplaythrough)
-EXPECTED (video.paused == 'true') OK
-END OF TEST
-
Deleted: trunk/LayoutTests/media/no-auto-play-in-sandbox.html (127480 => 127481)
--- trunk/LayoutTests/media/no-auto-play-in-sandbox.html 2012-09-04 18:54:00 UTC (rev 127480)
+++ trunk/LayoutTests/media/no-auto-play-in-sandbox.html 2012-09-04 18:58:19 UTC (rev 127481)
@@ -1,10 +0,0 @@
-<script>
-if (window.testRunner) {
- testRunner.dumpAsText();
- testRunner.dumpChildFramesAsText();
-}
-</script>
-<iframe
- style="width: 400px; height: 600px"
- sandbox="allow-scripts allow-same-origin"
- src=""
Added: trunk/LayoutTests/media/resources/auto-play-in-sandbox-with-allow-scripts-iframe.html (0 => 127481)
--- trunk/LayoutTests/media/resources/auto-play-in-sandbox-with-allow-scripts-iframe.html (rev 0)
+++ trunk/LayoutTests/media/resources/auto-play-in-sandbox-with-allow-scripts-iframe.html 2012-09-04 18:58:19 UTC (rev 127481)
@@ -0,0 +1,15 @@
+<base href=""
+<video autoplay controls></video>
+<p>Test that play event fires when "src" set with an autoplay attribute in a sandbox with allows-scripts.</p>
+<script src=""
+<script src=""
+<script>
+ testExpected("video.paused", true);
+
+ waitForEvent('play', function () {
+ logResult(true, "PLAY fired");
+ endTest();
+ } );
+
+ video.src = "" "content/test");
+</script>
Deleted: trunk/LayoutTests/media/resources/no-auto-play-in-sandbox-iframe.html (127480 => 127481)
--- trunk/LayoutTests/media/resources/no-auto-play-in-sandbox-iframe.html 2012-09-04 18:54:00 UTC (rev 127480)
+++ trunk/LayoutTests/media/resources/no-auto-play-in-sandbox-iframe.html 2012-09-04 18:58:19 UTC (rev 127481)
@@ -1,22 +0,0 @@
-<base href=""
-<video autoplay controls></video>
-<p>Test that play event does not fire when "src" set with an autoplay attribute in a sandbox.</p>
-<script src=""
-<script src=""
-<script>
- testExpected("video.paused", true);
-
- waitForEvent('play', function () {
- logResult(false, "PLAY fired");
- endTest();
- } );
-
- function testPaused ()
- {
- testExpected("video.paused", true);
- endTest();
- }
- waitForEvent('canplaythrough', function () { setTimeout(testPaused, 500);} );
-
- video.src = "" "content/test");
-</script>
Modified: trunk/Source/WebCore/ChangeLog (127480 => 127481)
--- trunk/Source/WebCore/ChangeLog 2012-09-04 18:54:00 UTC (rev 127480)
+++ trunk/Source/WebCore/ChangeLog 2012-09-04 18:58:19 UTC (rev 127481)
@@ -1,3 +1,29 @@
+2012-09-04 Christophe Dumez <[email protected]>
+
+ Automatic features should work in sandboxed iframes if "allow-scripts" flag is set
+ https://bugs.webkit.org/show_bug.cgi?id=93961
+
+ Reviewed by Adam Barth.
+
+ Allow automatic features (video autoplay and form control
+ autofocus) in a sandboxed iframe that has "allow-scripts"
+ flag set. This behavior is according to the latest
+ specification at:
+ http://dev.w3.org/html5/spec/browsers.html#attr-iframe-sandbox-allow-same-origin
+
+ This sandboxed automatic features browsing context flag is
+ relaxed by the same keyword as scripts, because when
+ scripts are enabled these features are trivially possible
+ anyway, and it would be unfortunate to force authors to
+ use script to do them when sandboxed rather than allowing
+ them to use the declarative features.
+
+ Tests: fast/forms/autofocus-in-sandbox-with-allow-scripts.html
+ media/auto-play-in-sandbox-with-allow-scripts.html
+
+ * dom/SecurityContext.cpp:
+ (WebCore::SecurityContext::parseSandboxPolicy):
+
2012-09-04 Sami Kyostila <[email protected]>
Register scrolling layers with ScrollingCoordinator
Modified: trunk/Source/WebCore/dom/SecurityContext.cpp (127480 => 127481)
--- trunk/Source/WebCore/dom/SecurityContext.cpp 2012-09-04 18:54:00 UTC (rev 127480)
+++ trunk/Source/WebCore/dom/SecurityContext.cpp 2012-09-04 18:58:19 UTC (rev 127481)
@@ -106,9 +106,10 @@
flags &= ~SandboxOrigin;
else if (equalIgnoringCase(sandboxToken, "allow-forms"))
flags &= ~SandboxForms;
- else if (equalIgnoringCase(sandboxToken, "allow-scripts"))
+ else if (equalIgnoringCase(sandboxToken, "allow-scripts")) {
flags &= ~SandboxScripts;
- else if (equalIgnoringCase(sandboxToken, "allow-top-navigation"))
+ flags &= ~SandboxAutomaticFeatures;
+ } else if (equalIgnoringCase(sandboxToken, "allow-top-navigation"))
flags &= ~SandboxTopNavigation;
else if (equalIgnoringCase(sandboxToken, "allow-popups"))
flags &= ~SandboxPopups;
