Title: [136173] trunk/Source/WebKit/blackberry
- Revision
- 136173
- Author
- [email protected]
- Date
- 2012-11-29 15:17:24 -0800 (Thu, 29 Nov 2012)
Log Message
[BlackBerry] window.open can load url twice which can cause security and timing issues
https://bugs.webkit.org/show_bug.cgi?id=103670
Patch by Jacky Jiang <[email protected]>.
Reviewed by Yong Li.
PR: 252234
When we call window.open() in JS, DOMWindow will create a window and
change the url to load the resources. However, during the window
creation, we dispatch an OpenWindow event with the url to browser side
and browser side loads the url thereafter as well.
DOMWindow::createWindow() is only required to create the window not to
load url as far as I can tell. This is unneccessary and can cause
unexpected issues. So just pass an empty url instead to avoid
the double-load issue.
* WebCoreSupport/ChromeClientBlackBerry.cpp:
(WebCore::ChromeClientBlackBerry::createWindow):
Modified Paths
Diff
Modified: trunk/Source/WebKit/blackberry/ChangeLog (136172 => 136173)
--- trunk/Source/WebKit/blackberry/ChangeLog 2012-11-29 23:16:13 UTC (rev 136172)
+++ trunk/Source/WebKit/blackberry/ChangeLog 2012-11-29 23:17:24 UTC (rev 136173)
@@ -1,3 +1,23 @@
+2012-11-29 Jacky Jiang <[email protected]>
+
+ [BlackBerry] window.open can load url twice which can cause security and timing issues
+ https://bugs.webkit.org/show_bug.cgi?id=103670
+
+ Reviewed by Yong Li.
+
+ PR: 252234
+ When we call window.open() in JS, DOMWindow will create a window and
+ change the url to load the resources. However, during the window
+ creation, we dispatch an OpenWindow event with the url to browser side
+ and browser side loads the url thereafter as well.
+ DOMWindow::createWindow() is only required to create the window not to
+ load url as far as I can tell. This is unneccessary and can cause
+ unexpected issues. So just pass an empty url instead to avoid
+ the double-load issue.
+
+ * WebCoreSupport/ChromeClientBlackBerry.cpp:
+ (WebCore::ChromeClientBlackBerry::createWindow):
+
2012-11-29 Otto Derek Cheung <[email protected]>
[BlackBerry] Modifying GeoClientBlackBerry to switch between high and low accuracy
Modified: trunk/Source/WebKit/blackberry/WebCoreSupport/ChromeClientBlackBerry.cpp (136172 => 136173)
--- trunk/Source/WebKit/blackberry/WebCoreSupport/ChromeClientBlackBerry.cpp 2012-11-29 23:16:13 UTC (rev 136172)
+++ trunk/Source/WebKit/blackberry/WebCoreSupport/ChromeClientBlackBerry.cpp 2012-11-29 23:17:24 UTC (rev 136173)
@@ -257,7 +257,7 @@
if (features.dialog)
flags |= WebPageClient::FlagWindowIsDialog;
- WebPage* webPage = m_webPagePrivate->m_client->createWindow(x, y, width, height, flags, url.string(), request.frameName());
+ WebPage* webPage = m_webPagePrivate->m_client->createWindow(x, y, width, height, flags, BlackBerry::Platform::String::emptyString(), request.frameName());
if (!webPage)
return 0;
_______________________________________________
webkit-changes mailing list
[email protected]
http://lists.webkit.org/mailman/listinfo/webkit-changes
