Diff
Modified: trunk/LayoutTests/ChangeLog (148075 => 148076)
--- trunk/LayoutTests/ChangeLog 2013-04-10 04:59:35 UTC (rev 148075)
+++ trunk/LayoutTests/ChangeLog 2013-04-10 05:12:54 UTC (rev 148076)
@@ -1,3 +1,24 @@
+2013-04-09 Geoffrey Garen <[email protected]>
+
+ [JSC] Script run from an isolated world should bypass a page's CSP
+ https://bugs.webkit.org/show_bug.cgi?id=100815
+
+ Reviewed by Oliver Hunt.
+
+ Enabled these tests, now that they pass.
+
+ I removed all the nonsense in these tests about setting an isolated world's
+ CSP and origin manually, since we have no use for those features.
+
+ * http/tests/security/isolatedWorld/bypass-main-world-csp-expected.txt:
+ * http/tests/security/isolatedWorld/bypass-main-world-csp-for-xhr-expected.txt:
+ * http/tests/security/isolatedWorld/bypass-main-world-csp-for-xhr.html:
+ * http/tests/security/isolatedWorld/bypass-main-world-csp.html:
+ * platform/efl/TestExpectations:
+ * platform/mac/TestExpectations:
+ * platform/qt/TestExpectations:
+ * platform/win/TestExpectations:
+
2013-04-09 Adam Klein <[email protected]>
Update Document's event listener type bitfield when adopting a Node
Modified: trunk/LayoutTests/http/tests/security/isolatedWorld/bypass-main-world-csp-expected.txt (148075 => 148076)
--- trunk/LayoutTests/http/tests/security/isolatedWorld/bypass-main-world-csp-expected.txt 2013-04-10 04:59:35 UTC (rev 148075)
+++ trunk/LayoutTests/http/tests/security/isolatedWorld/bypass-main-world-csp-expected.txt 2013-04-10 05:12:54 UTC (rev 148076)
@@ -1,14 +1,7 @@
CONSOLE MESSAGE: Refused to load the image 'http://127.0.0.1:8000/security/resources/abe.png' because it violates the following Content Security Policy directive: "img-src 'none'".
ALERT: BLOCKED in main world
-CONSOLE MESSAGE: Refused to load the image 'http://127.0.0.1:8000/security/resources/abe.png' because it violates the following Content Security Policy directive: "img-src 'none'".
-
-ALERT: BLOCKED in isolated world
-ALERT: Starting to bypass main world's CSP:
ALERT: LOADED in isolated world
-CONSOLE MESSAGE: Refused to load the image 'http://127.0.0.1:8000/security/resources/abe.png' because it violates the following Content Security Policy directive: "img-src 'none'".
+This test ensures that scripts run in isolated worlds aren't affected by the page's content security policy. Extensions, for example, should be able to load any resource they like.
-ALERT: BLOCKED in main world
-This test ensures that scripts run in isolated worlds marked with their own Content Security Policy aren't affected by the page's content security policy. Extensions, for example, should be able to load any resource they like.
-
Modified: trunk/LayoutTests/http/tests/security/isolatedWorld/bypass-main-world-csp-for-xhr-expected.txt (148075 => 148076)
--- trunk/LayoutTests/http/tests/security/isolatedWorld/bypass-main-world-csp-for-xhr-expected.txt 2013-04-10 04:59:35 UTC (rev 148075)
+++ trunk/LayoutTests/http/tests/security/isolatedWorld/bypass-main-world-csp-for-xhr-expected.txt 2013-04-10 05:12:54 UTC (rev 148076)
@@ -1,11 +1,5 @@
CONSOLE MESSAGE: Refused to connect to 'http://localhost:8000/security/isolatedWorld/resources/cross-origin-xhr.txt' because it violates the following Content Security Policy directive: "connect-src 'none'".
-CONSOLE MESSAGE: Refused to connect to 'http://localhost:8000/security/isolatedWorld/resources/cross-origin-xhr.txt' because it violates the following Content Security Policy directive: "connect-src 'none'".
-
-CONSOLE MESSAGE: Refused to connect to 'http://localhost:8000/security/isolatedWorld/resources/cross-origin-xhr.txt' because it violates the following Content Security Policy directive: "connect-src 'none'".
-
-CONSOLE MESSAGE: Refused to connect to 'http://localhost:8000/security/isolatedWorld/resources/cross-origin-xhr.txt' because it violates the following Content Security Policy directive: "connect-src 'none'".
-
Tests that isolated worlds can have XHRs that the page's CSP wouldn't allow.
On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".
@@ -13,14 +7,8 @@
XHR from main world
PASS: XHR.open threw an exception.
-XHR from isolated world with unchanged CSP
-PASS: XHR.open threw an exception.
-XHR from isolated world with same security origin as XHR target.
-PASS: XHR.open threw an exception.
-XHR from isolated world with same security origin as XHR target, and looser CSP.
+XHR from isolated world
PASS: XHR.open did not throw an exception.
-XHR from main world is not affected by the isolated world origin or CSP
-PASS: XHR.open threw an exception.
PASS successfullyParsed is true
TEST COMPLETE
Modified: trunk/LayoutTests/http/tests/security/isolatedWorld/bypass-main-world-csp-for-xhr.html (148075 => 148076)
--- trunk/LayoutTests/http/tests/security/isolatedWorld/bypass-main-world-csp-for-xhr.html 2013-04-10 04:59:35 UTC (rev 148075)
+++ trunk/LayoutTests/http/tests/security/isolatedWorld/bypass-main-world-csp-for-xhr.html 2013-04-10 05:12:54 UTC (rev 148076)
@@ -17,24 +17,9 @@
xhr(true);
},
function() {
- debug('XHR from isolated world with unchanged CSP');
- runTestInWorld(1, 'xhr', 'true');
+ debug('XHR from isolated world');
+ runTestInWorld(1, 'xhr', 'false');
},
- function() {
- debug('XHR from isolated world with same security origin as XHR target.');
- testRunner.setIsolatedWorldSecurityOrigin(2, 'http://localhost:8000');
- runTestInWorld(2, 'xhr', 'true');
- },
- function() {
- debug('XHR from isolated world with same security origin as XHR target, and looser CSP.');
- testRunner.setIsolatedWorldContentSecurityPolicy(3, 'connect-src *');
- testRunner.setIsolatedWorldSecurityOrigin(3, 'http://localhost:8000');
- runTestInWorld(3, 'xhr', 'false');
- },
- function() {
- debug('XHR from main world is not affected by the isolated world origin or CSP');
- xhr(true);
- }
];
var currentTest = 0;
@@ -47,15 +32,8 @@
switch (message.type) {
case 'test-done':
currentTest++;
- if (currentTest == tests.length) {
- testRunner.setIsolatedWorldSecurityOrigin(1, null);
- testRunner.setIsolatedWorldSecurityOrigin(2, null);
- testRunner.setIsolatedWorldSecurityOrigin(3, null);
- testRunner.setIsolatedWorldContentSecurityPolicy(1, '');
- testRunner.setIsolatedWorldContentSecurityPolicy(2, '');
- testRunner.setIsolatedWorldContentSecurityPolicy(3, '');
+ if (currentTest == tests.length)
finishJSTest();
- }
else
tests[currentTest]();
break;
Modified: trunk/LayoutTests/http/tests/security/isolatedWorld/bypass-main-world-csp.html (148075 => 148076)
--- trunk/LayoutTests/http/tests/security/isolatedWorld/bypass-main-world-csp.html 2013-04-10 04:59:35 UTC (rev 148075)
+++ trunk/LayoutTests/http/tests/security/isolatedWorld/bypass-main-world-csp.html 2013-04-10 05:12:54 UTC (rev 148076)
@@ -8,7 +8,7 @@
testRunner.waitUntilDone();
}
- tests = 4;
+ tests = 2;
window.addEventListener("message", function(message) {
tests -= 1;
test();
@@ -30,22 +30,13 @@
}
switch (tests) {
- case 4:
+ case 2:
setImgSrc(false);
break;
- case 3:
+ case 1:
testRunner.evaluateScriptInIsolatedWorld(1, String(eval("setImgSrc")) + "\nsetImgSrc(true);");
break;
- case 2:
- alert("Starting to bypass main world's CSP:");
- testRunner.setIsolatedWorldContentSecurityPolicy(1, 'img-src *');
- testRunner.evaluateScriptInIsolatedWorld(1, String(eval("setImgSrc")) + "\nsetImgSrc(true);");
- break;
- case 1:
- setImgSrc(false);
- break;
case 0:
- testRunner.setIsolatedWorldContentSecurityPolicy(1, '');
testRunner.notifyDone();
break;
}
@@ -54,10 +45,9 @@
</head>
<body _onload_='test();'>
<p>
- This test ensures that scripts run in isolated worlds marked with their
- own Content Security Policy aren't affected by the page's content
- security policy. Extensions, for example, should be able to load any
- resource they like.
+ This test ensures that scripts run in isolated worlds aren't affected
+ by the page's content security policy. Extensions, for example, should
+ be able to load any resource they like.
</p>
</body>
</html>
Modified: trunk/LayoutTests/platform/efl/TestExpectations (148075 => 148076)
--- trunk/LayoutTests/platform/efl/TestExpectations 2013-04-10 04:59:35 UTC (rev 148075)
+++ trunk/LayoutTests/platform/efl/TestExpectations 2013-04-10 05:12:54 UTC (rev 148076)
@@ -1129,10 +1129,6 @@
webkit.org/b/61540 inspector/extensions/extensions-audits-content-script.html [ Failure ]
webkit.org/b/61540 inspector/extensions/extensions-eval-content-script.html [ Failure ]
-# JSC also doesn't support setIsolatedWorldContentSecurityPolicy
-webkit.org/b/100815 http/tests/security/isolatedWorld/bypass-main-world-csp.html [ Failure ]
-webkit.org/b/100815 http/tests/security/isolatedWorld/bypass-main-world-csp-for-xhr.html [ Failure ]
-
#__worldID is undefined in isolated world
Bug(EFL) http/tests/security/isolatedWorld/didClearWindowObject.html
Modified: trunk/LayoutTests/platform/mac/TestExpectations (148075 => 148076)
--- trunk/LayoutTests/platform/mac/TestExpectations 2013-04-10 04:59:35 UTC (rev 148075)
+++ trunk/LayoutTests/platform/mac/TestExpectations 2013-04-10 05:12:54 UTC (rev 148076)
@@ -494,10 +494,6 @@
# JSC does not support setIsolatedWorldSecurityOrigin (http://webkit.org/b/61540)
http/tests/security/isolatedWorld/cross-origin-xhr.html
-# JSC also doesn't support setIsolatedWorldContentSecurityPolicy (webkit.org/b/100815)
-webkit.org/b/100815 http/tests/security/isolatedWorld/bypass-main-world-csp.html [ Failure ]
-webkit.org/b/100815 http/tests/security/isolatedWorld/bypass-main-world-csp-for-xhr.html [ Failure ]
-
# https://bugs.webkit.org/show_bug.cgi?id=63282 layerTreeAsText doesn't work for iframes
compositing/rtl/rtl-iframe-absolute-overflow-scrolled.html
compositing/rtl/rtl-iframe-absolute-overflow.html
Modified: trunk/LayoutTests/platform/qt/TestExpectations (148075 => 148076)
--- trunk/LayoutTests/platform/qt/TestExpectations 2013-04-10 04:59:35 UTC (rev 148075)
+++ trunk/LayoutTests/platform/qt/TestExpectations 2013-04-10 05:12:54 UTC (rev 148076)
@@ -211,10 +211,6 @@
# JSC does not support setIsolatedWorldSecurityOrigin, (http://webkit.org/b/61540)
http/tests/security/isolatedWorld/cross-origin-xhr.html
-# JSC also doesn't support setIsolatedWorldContentSecurityPolicy (webkit.org/b/100815)
-webkit.org/b/100815 http/tests/security/isolatedWorld/bypass-main-world-csp.html
-webkit.org/b/100815 http/tests/security/isolatedWorld/bypass-main-world-csp-for-xhr.html
-
# This test is for clients that choose to make the missing plugin indicator a button
plugins/clicking-missing-plugin-fires-delegate.html
Modified: trunk/LayoutTests/platform/win/TestExpectations (148075 => 148076)
--- trunk/LayoutTests/platform/win/TestExpectations 2013-04-10 04:59:35 UTC (rev 148075)
+++ trunk/LayoutTests/platform/win/TestExpectations 2013-04-10 05:12:54 UTC (rev 148076)
@@ -1529,10 +1529,6 @@
# JSC does not support setIsolatedWorldSecurityOrigin (http://webkit.org/b/61540)
http/tests/security/isolatedWorld/cross-origin-xhr.html
-# JSC also doesn't support setIsolatedWorldContentSecurityPolicy (webkit.org/b/100815)
-webkit.org/b/100815 http/tests/security/isolatedWorld/bypass-main-world-csp.html [ Failure ]
-webkit.org/b/100815 http/tests/security/isolatedWorld/bypass-main-world-csp-for-xhr.html [ Failure ]
-
# ENABLE(WEBGL) is disabled
compositing/backface-visibility/backface-visibility-webgl.html
compositing/visibility/visibility-simple-webgl-layer.html
Modified: trunk/Source/WebCore/ChangeLog (148075 => 148076)
--- trunk/Source/WebCore/ChangeLog 2013-04-10 04:59:35 UTC (rev 148075)
+++ trunk/Source/WebCore/ChangeLog 2013-04-10 05:12:54 UTC (rev 148076)
@@ -1,3 +1,20 @@
+2013-04-09 Geoffrey Garen <[email protected]>
+
+ [JSC] Script run from an isolated world should bypass a page's CSP
+ https://bugs.webkit.org/show_bug.cgi?id=100815
+
+ Reviewed by Oliver Hunt.
+
+ * bindings/js/ScriptController.cpp:
+ (WebCore::ScriptController::shouldBypassMainWorldContentSecurityPolicy):
+ * bindings/js/ScriptController.h: Test the current caller's DOM wrapper
+ world to decide whether CSP should be enforced.
+
+ Like most of CSP, this is a stupid policy because it doesn't address
+ second-order effects like <script> parsing or event handler execution,
+ which might be triggered indirectly by privileged scripts. These indirect
+ effects are still broken. Oh well.
+
2013-04-09 Benjamin Poulain <[email protected]>
Remove chromium exceptions from WebCore's gitattributes
Modified: trunk/Source/WebCore/bindings/js/ScriptController.cpp (148075 => 148076)
--- trunk/Source/WebCore/bindings/js/ScriptController.cpp 2013-04-10 04:59:35 UTC (rev 148075)
+++ trunk/Source/WebCore/bindings/js/ScriptController.cpp 2013-04-10 05:12:54 UTC (rev 148076)
@@ -471,4 +471,15 @@
return evaluateInWorld(sourceCode, world);
}
+bool ScriptController::shouldBypassMainWorldContentSecurityPolicy()
+{
+ CallFrame* callFrame = JSDOMWindow::commonJSGlobalData()->topCallFrame;
+ if (!callFrame || callFrame == CallFrame::noCaller())
+ return false;
+ DOMWrapperWorld* domWrapperWorld = currentWorld(callFrame);
+ if (domWrapperWorld->isNormal())
+ return false;
+ return true;
+}
+
} // namespace WebCore
Modified: trunk/Source/WebCore/bindings/js/ScriptController.h (148075 => 148076)
--- trunk/Source/WebCore/bindings/js/ScriptController.h 2013-04-10 04:59:35 UTC (rev 148075)
+++ trunk/Source/WebCore/bindings/js/ScriptController.h 2013-04-10 05:12:54 UTC (rev 148076)
@@ -163,8 +163,7 @@
NPObject* windowScriptNPObject();
#endif
- // FIXME: Script run from an isolated world should bypass a page's CSP. http://webkit.org/b/100815
- bool shouldBypassMainWorldContentSecurityPolicy() { return false; }
+ bool shouldBypassMainWorldContentSecurityPolicy();
private:
JSDOMWindowShell* initScript(DOMWrapperWorld* world);
