Title: [143508] branches/chromium/1364
- Revision
- 143508
- Author
- cev...@google.com
- Date
- 2013-02-20 14:39:26 -0800 (Wed, 20 Feb 2013)
Log Message
Merge 142063
BUG=173906
Review URL: https://codereview.chromium.org/12324023
Modified Paths
Diff
Modified: branches/chromium/1364/LayoutTests/http/tests/security/xssAuditor/full-block-script-tag-expected.txt (143507 => 143508)
--- branches/chromium/1364/LayoutTests/http/tests/security/xssAuditor/full-block-script-tag-expected.txt 2013-02-20 22:24:20 UTC (rev 143507)
+++ branches/chromium/1364/LayoutTests/http/tests/security/xssAuditor/full-block-script-tag-expected.txt 2013-02-20 22:39:26 UTC (rev 143508)
@@ -1,5 +1,6 @@
CONSOLE MESSAGE: line 4: Refused to execute a _javascript_ script. Source code of script found within request.
+ALERT: Referrer is ""
There should be no content in the iframe below:
Modified: branches/chromium/1364/LayoutTests/http/tests/security/xssAuditor/full-block-script-tag.html (143507 => 143508)
--- branches/chromium/1364/LayoutTests/http/tests/security/xssAuditor/full-block-script-tag.html 2013-02-20 22:24:20 UTC (rev 143507)
+++ branches/chromium/1364/LayoutTests/http/tests/security/xssAuditor/full-block-script-tag.html 2013-02-20 22:39:26 UTC (rev 143508)
@@ -9,11 +9,20 @@
testRunner.waitUntilDone();
testRunner.setXSSAuditorEnabled(true);
}
+
+function checkframe()
+{
+ try {
+ var ref = document.getElementById("frame").contentDocument.referrer;
+ alert('Referrer is "' + ref + '"');
+ } catch (e) {}
+ checkIfFrameLocationMatchesURLAndCallDone('frame', 'about:blank');
+}
</script>
</head>
<body>
<p>There should be no content in the iframe below:</p>
-<iframe id="frame" _onload_="checkIfFrameLocationMatchesURLAndCallDone('frame', 'about:blank')" src=""
+<iframe id="frame" _onload_="checkframe()" src=""
</iframe>
</body>
</html>
Modified: branches/chromium/1364/Source/WebCore/html/parser/XSSAuditor.cpp (143507 => 143508)
--- branches/chromium/1364/Source/WebCore/html/parser/XSSAuditor.cpp 2013-02-20 22:24:20 UTC (rev 143507)
+++ branches/chromium/1364/Source/WebCore/html/parser/XSSAuditor.cpp 2013-02-20 22:39:26 UTC (rev 143508)
@@ -318,7 +318,7 @@
}
if (didBlockEntirePage)
- m_parser->document()->frame()->navigationScheduler()->scheduleLocationChange(m_parser->document()->securityOrigin(), blankURL(), String());
+ m_parser->document()->frame()->navigationScheduler()->scheduleLocationChange(m_parser->document()->securityOrigin(), blankURL(), blankURL());
}
}
_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes