Diff
Modified: trunk/LayoutTests/ChangeLog (99161 => 99162)
--- trunk/LayoutTests/ChangeLog 2011-11-03 10:23:10 UTC (rev 99161)
+++ trunk/LayoutTests/ChangeLog 2011-11-03 10:33:35 UTC (rev 99162)
@@ -1,3 +1,19 @@
+2011-11-03 Sheriff Bot <[email protected]>
+
+ Unreviewed, rolling out r99138.
+ http://trac.webkit.org/changeset/99138
+ https://bugs.webkit.org/show_bug.cgi?id=71455
+
+ It made 200+ tests flakey on SL and on Qt (Requested by Ossy
+ on #webkit).
+
+ * http/tests/security/popup-allowed-by-sandbox-is-sandboxed-control-expected.txt: Removed.
+ * http/tests/security/popup-allowed-by-sandbox-is-sandboxed-control.html: Removed.
+ * http/tests/security/popup-allowed-by-sandbox-is-sandboxed-expected.txt: Removed.
+ * http/tests/security/popup-allowed-by-sandbox-is-sandboxed.html: Removed.
+ * http/tests/security/popup-allowed-by-sandbox-when-allowed-expected.txt: Removed.
+ * http/tests/security/popup-allowed-by-sandbox-when-allowed.html: Removed.
+
2011-11-03 Kentaro Hara <[email protected]>
Fixed wrong implementation of doubleValue % 2^{64}.
Deleted: trunk/LayoutTests/http/tests/security/popup-allowed-by-sandbox-is-sandboxed-control-expected.txt (99161 => 99162)
--- trunk/LayoutTests/http/tests/security/popup-allowed-by-sandbox-is-sandboxed-control-expected.txt 2011-11-03 10:23:10 UTC (rev 99161)
+++ trunk/LayoutTests/http/tests/security/popup-allowed-by-sandbox-is-sandboxed-control-expected.txt 2011-11-03 10:33:35 UTC (rev 99162)
@@ -1,6 +0,0 @@
-ALERT: /PASS/
-To run this test outside of DumpRenderTree, please disable your popup blocker!
-
-If you change this test, please be sure to change popup-allowed-by-sandbox-is-sandboxed.html as well!
-
-
Deleted: trunk/LayoutTests/http/tests/security/popup-allowed-by-sandbox-is-sandboxed-control.html (99161 => 99162)
--- trunk/LayoutTests/http/tests/security/popup-allowed-by-sandbox-is-sandboxed-control.html 2011-11-03 10:23:10 UTC (rev 99161)
+++ trunk/LayoutTests/http/tests/security/popup-allowed-by-sandbox-is-sandboxed-control.html 2011-11-03 10:33:35 UTC (rev 99162)
@@ -1,16 +0,0 @@
-<script>
-if (window.layoutTestController) {
- layoutTestController.dumpAsText();
- layoutTestController.waitUntilDone();
- layoutTestController.setCanOpenWindows(true);
- layoutTestController.setCloseRemainingWindowsWhenComplete(true);
-}
-</script>
-<p>To run this test outside of DumpRenderTree, please disable your popup blocker!</p>
-<p>If you change this test, please be sure to change popup-allowed-by-sandbox-is-sandboxed.html as well!</p>
-<iframe sandbox="allow-scripts allow-popups allow-forms"
- src=""
- <script>
- var win = window.open('data:text/html,<form action="" ><input type=submit></form><script>document.forms[0].submit(); if (window.layoutTestController) layoutTestController.notifyDone();<\/script>', '_blank');
- </script>"
- ></iframe>
Deleted: trunk/LayoutTests/http/tests/security/popup-allowed-by-sandbox-is-sandboxed-expected.txt (99161 => 99162)
--- trunk/LayoutTests/http/tests/security/popup-allowed-by-sandbox-is-sandboxed-expected.txt 2011-11-03 10:23:10 UTC (rev 99161)
+++ trunk/LayoutTests/http/tests/security/popup-allowed-by-sandbox-is-sandboxed-expected.txt 2011-11-03 10:33:35 UTC (rev 99162)
@@ -1,7 +0,0 @@
-To run this test outside of DumpRenderTree, please disable your popup blocker!
-
-If you change this test, please be sure to change popup-allowed-by-sandbox-is-sandboxed-control.html as well!
-
-This test passes if it doesn't alert FAIL.
-
-
Deleted: trunk/LayoutTests/http/tests/security/popup-allowed-by-sandbox-is-sandboxed.html (99161 => 99162)
--- trunk/LayoutTests/http/tests/security/popup-allowed-by-sandbox-is-sandboxed.html 2011-11-03 10:23:10 UTC (rev 99161)
+++ trunk/LayoutTests/http/tests/security/popup-allowed-by-sandbox-is-sandboxed.html 2011-11-03 10:33:35 UTC (rev 99162)
@@ -1,17 +0,0 @@
-<script>
-if (window.layoutTestController) {
- layoutTestController.dumpAsText();
- layoutTestController.waitUntilDone();
- layoutTestController.setCanOpenWindows(true);
- layoutTestController.setCloseRemainingWindowsWhenComplete(true);
-}
-</script>
-<p>To run this test outside of DumpRenderTree, please disable your popup blocker!</p>
-<p>If you change this test, please be sure to change popup-allowed-by-sandbox-is-sandboxed-control.html as well!</p>
-<p>This test passes if it doesn't alert FAIL.</p>
-<iframe sandbox="allow-scripts allow-popups"
- src=""
- <script>
- var win = window.open('data:text/html,<form action="" ><input type=submit></form><script>document.forms[0].submit(); if (window.layoutTestController) layoutTestController.notifyDone();<\/script>', '_blank');
- </script>"
- ></iframe>
Deleted: trunk/LayoutTests/http/tests/security/popup-allowed-by-sandbox-when-allowed-expected.txt (99161 => 99162)
--- trunk/LayoutTests/http/tests/security/popup-allowed-by-sandbox-when-allowed-expected.txt 2011-11-03 10:23:10 UTC (rev 99161)
+++ trunk/LayoutTests/http/tests/security/popup-allowed-by-sandbox-when-allowed-expected.txt 2011-11-03 10:33:35 UTC (rev 99162)
@@ -1,4 +0,0 @@
-ALERT: PASS
-To run this test outside of DumpRenderTree, please disable your popup blocker!
-
-
Deleted: trunk/LayoutTests/http/tests/security/popup-allowed-by-sandbox-when-allowed.html (99161 => 99162)
--- trunk/LayoutTests/http/tests/security/popup-allowed-by-sandbox-when-allowed.html 2011-11-03 10:23:10 UTC (rev 99161)
+++ trunk/LayoutTests/http/tests/security/popup-allowed-by-sandbox-when-allowed.html 2011-11-03 10:33:35 UTC (rev 99162)
@@ -1,16 +0,0 @@
-<script>
-if (window.layoutTestController) {
- layoutTestController.dumpAsText();
- layoutTestController.waitUntilDone();
- layoutTestController.setCanOpenWindows(true);
- layoutTestController.setCloseRemainingWindowsWhenComplete(true);
-}
-</script>
-<p>To run this test outside of DumpRenderTree, please disable your popup blocker!</p>
-<iframe sandbox="allow-scripts allow-popups"
- src=""
- <script>
- var win = window.open('data:text/html,<script>if (window.layoutTestController) layoutTestController.notifyDone();<\/script>', '_blank');
- alert(win ? 'PASS' : 'FAIL');
- </script>"
- ></iframe>
Modified: trunk/Source/WebCore/ChangeLog (99161 => 99162)
--- trunk/Source/WebCore/ChangeLog 2011-11-03 10:23:10 UTC (rev 99161)
+++ trunk/Source/WebCore/ChangeLog 2011-11-03 10:33:35 UTC (rev 99162)
@@ -1,3 +1,28 @@
+2011-11-03 Sheriff Bot <[email protected]>
+
+ Unreviewed, rolling out r99138.
+ http://trac.webkit.org/changeset/99138
+ https://bugs.webkit.org/show_bug.cgi?id=71455
+
+ It made 200+ tests flakey on SL and on Qt (Requested by Ossy
+ on #webkit).
+
+ * html/HTMLIFrameElement.cpp:
+ (WebCore::parseSandboxAttribute):
+ (WebCore::HTMLIFrameElement::parseMappedAttribute):
+ * loader/FrameLoader.cpp:
+ (WebCore::FrameLoader::setOpener):
+ (WebCore::createWindow):
+ * loader/FrameLoader.h:
+ (WebCore::FrameLoader::setForcedSandboxFlags):
+ * loader/FrameLoaderTypes.h:
+ * loader/PolicyChecker.cpp:
+ (WebCore::PolicyChecker::checkNewWindowPolicy):
+ * page/SecurityOrigin.cpp:
+ * page/SecurityOrigin.h:
+ * svg/graphics/SVGImage.cpp:
+ (WebCore::SVGImage::dataChanged):
+
2011-11-03 Kentaro Hara <[email protected]>
Fixed wrong implementation of doubleValue % 2^{64}.
Modified: trunk/Source/WebCore/html/HTMLIFrameElement.cpp (99161 => 99162)
--- trunk/Source/WebCore/html/HTMLIFrameElement.cpp 2011-11-03 10:23:10 UTC (rev 99161)
+++ trunk/Source/WebCore/html/HTMLIFrameElement.cpp 2011-11-03 10:33:35 UTC (rev 99162)
@@ -32,7 +32,6 @@
#include "HTMLNames.h"
#include "NodeRenderingContext.h"
#include "RenderIFrame.h"
-#include "SecurityOrigin.h"
namespace WebCore {
@@ -69,6 +68,42 @@
return HTMLFrameElementBase::mapToEntry(attrName, result);
}
+static SandboxFlags parseSandboxAttribute(Attribute* attribute)
+{
+ if (attribute->isNull())
+ return SandboxNone;
+
+ // Parse the unordered set of unique space-separated tokens.
+ SandboxFlags flags = SandboxAll;
+ const UChar* characters = attribute->value().characters();
+ unsigned length = attribute->value().length();
+ unsigned start = 0;
+ while (true) {
+ while (start < length && isASCIISpace(characters[start]))
+ ++start;
+ if (start >= length)
+ break;
+ unsigned end = start + 1;
+ while (end < length && !isASCIISpace(characters[end]))
+ ++end;
+
+ // Turn off the corresponding sandbox flag if it's set as "allowed".
+ String sandboxToken = String(characters + start, end - start);
+ if (equalIgnoringCase(sandboxToken, "allow-same-origin"))
+ flags &= ~SandboxOrigin;
+ else if (equalIgnoringCase(sandboxToken, "allow-forms"))
+ flags &= ~SandboxForms;
+ else if (equalIgnoringCase(sandboxToken, "allow-scripts"))
+ flags &= ~SandboxScripts;
+ else if (equalIgnoringCase(sandboxToken, "allow-top-navigation"))
+ flags &= ~SandboxTopNavigation;
+
+ start = end + 1;
+ }
+
+ return flags;
+}
+
void HTMLIFrameElement::parseMappedAttribute(Attribute* attr)
{
if (attr->name() == widthAttr)
@@ -92,7 +127,7 @@
// Add a rule that nulls out our border width.
addCSSLength(attr, CSSPropertyBorderWidth, "0");
} else if (attr->name() == sandboxAttr)
- setSandboxFlags(attr->isNull() ? SandboxNone : SecurityOrigin::parseSandboxPolicy(attr->value()));
+ setSandboxFlags(parseSandboxAttribute(attr));
else
HTMLFrameElementBase::parseMappedAttribute(attr);
}
Modified: trunk/Source/WebCore/loader/FrameLoader.cpp (99161 => 99162)
--- trunk/Source/WebCore/loader/FrameLoader.cpp 2011-11-03 10:23:10 UTC (rev 99161)
+++ trunk/Source/WebCore/loader/FrameLoader.cpp 2011-11-03 10:33:35 UTC (rev 99162)
@@ -945,12 +945,8 @@
m_opener->loader()->m_openedFrames.remove(m_frame);
if (opener)
opener->loader()->m_openedFrames.add(m_frame);
-
m_opener = opener;
- if (m_opener && !m_frame->tree()->parent())
- forceSandboxFlags(m_opener->document()->securityOrigin()->sandboxFlags());
-
if (m_frame->document()) {
m_frame->document()->initSecurityContext();
m_frame->domWindow()->setSecurityOrigin(m_frame->document()->securityOrigin());
@@ -3272,7 +3268,7 @@
}
// Sandboxed frames cannot open new auxiliary browsing contexts.
- if (isDocumentSandboxed(openerFrame, SandboxPopups))
+ if (isDocumentSandboxed(openerFrame, SandboxNavigation))
return 0;
// FIXME: Setting the referrer should be the caller's responsibility.
Modified: trunk/Source/WebCore/loader/FrameLoader.h (99161 => 99162)
--- trunk/Source/WebCore/loader/FrameLoader.h 2011-11-03 10:23:10 UTC (rev 99161)
+++ trunk/Source/WebCore/loader/FrameLoader.h 2011-11-03 10:33:35 UTC (rev 99162)
@@ -215,7 +215,7 @@
SandboxFlags sandboxFlags() const { return m_sandboxFlags; }
// The following sandbox flags will be forced, regardless of changes to
// the sandbox attribute of any parent frames.
- void forceSandboxFlags(SandboxFlags flags) { m_forcedSandboxFlags |= flags; m_sandboxFlags |= flags; }
+ void setForcedSandboxFlags(SandboxFlags flags) { m_forcedSandboxFlags = flags; m_sandboxFlags |= flags; }
// Mixed content related functions.
static bool isMixedContent(SecurityOrigin* context, const KURL&);
Modified: trunk/Source/WebCore/loader/FrameLoaderTypes.h (99161 => 99162)
--- trunk/Source/WebCore/loader/FrameLoaderTypes.h 2011-11-03 10:23:10 UTC (rev 99161)
+++ trunk/Source/WebCore/loader/FrameLoaderTypes.h 2011-11-03 10:33:35 UTC (rev 99162)
@@ -100,7 +100,6 @@
SandboxForms = 1 << 3,
SandboxScripts = 1 << 4,
SandboxTopNavigation = 1 << 5,
- SandboxPopups = 1 << 6,
SandboxAll = -1 // Mask with all bits set to 1.
};
Modified: trunk/Source/WebCore/loader/PolicyChecker.cpp (99161 => 99162)
--- trunk/Source/WebCore/loader/PolicyChecker.cpp 2011-11-03 10:23:10 UTC (rev 99161)
+++ trunk/Source/WebCore/loader/PolicyChecker.cpp 2011-11-03 10:33:35 UTC (rev 99162)
@@ -93,7 +93,7 @@
void PolicyChecker::checkNewWindowPolicy(const NavigationAction& action, NewWindowPolicyDecisionFunction function,
const ResourceRequest& request, PassRefPtr<FormState> formState, const String& frameName, void* argument)
{
- if (m_frame->document() && m_frame->document()->securityOrigin()->isSandboxed(SandboxPopups))
+ if (m_frame->document() && m_frame->document()->securityOrigin()->isSandboxed(SandboxNavigation))
return continueAfterNavigationPolicy(PolicyIgnore);
m_callback.set(request, formState, frameName, action, function, argument);
Modified: trunk/Source/WebCore/page/SecurityOrigin.cpp (99161 => 99162)
--- trunk/Source/WebCore/page/SecurityOrigin.cpp 2011-11-03 10:23:10 UTC (rev 99161)
+++ trunk/Source/WebCore/page/SecurityOrigin.cpp 2011-11-03 10:33:35 UTC (rev 99162)
@@ -543,41 +543,6 @@
return !URLIsSecureURL;
}
-SandboxFlags SecurityOrigin::parseSandboxPolicy(const String& policy)
-{
- // Parse the unordered set of unique space-separated tokens.
- SandboxFlags flags = SandboxAll;
- const UChar* characters = policy.characters();
- unsigned length = policy.length();
- unsigned start = 0;
- while (true) {
- while (start < length && isASCIISpace(characters[start]))
- ++start;
- if (start >= length)
- break;
- unsigned end = start + 1;
- while (end < length && !isASCIISpace(characters[end]))
- ++end;
-
- // Turn off the corresponding sandbox flag if it's set as "allowed".
- String sandboxToken = String(characters + start, end - start);
- if (equalIgnoringCase(sandboxToken, "allow-same-origin"))
- flags &= ~SandboxOrigin;
- else if (equalIgnoringCase(sandboxToken, "allow-forms"))
- flags &= ~SandboxForms;
- else if (equalIgnoringCase(sandboxToken, "allow-scripts"))
- flags &= ~SandboxScripts;
- else if (equalIgnoringCase(sandboxToken, "allow-top-navigation"))
- flags &= ~SandboxTopNavigation;
- else if (equalIgnoringCase(sandboxToken, "allow-popups"))
- flags &= ~SandboxPopups;
-
- start = end + 1;
- }
-
- return flags;
-}
-
void SecurityOrigin::setLocalLoadPolicy(LocalLoadPolicy policy)
{
localLoadPolicy = policy;
Modified: trunk/Source/WebCore/page/SecurityOrigin.h (99161 => 99162)
--- trunk/Source/WebCore/page/SecurityOrigin.h 2011-11-03 10:23:10 UTC (rev 99161)
+++ trunk/Source/WebCore/page/SecurityOrigin.h 2011-11-03 10:33:35 UTC (rev 99162)
@@ -56,7 +56,6 @@
void setDomainFromDOM(const String& newDomain);
bool domainWasSetInDOM() const { return m_domainWasSetInDOM; }
- // FIXME: This should move to SchemeRegistry.
static void setDomainRelaxationForbiddenForURLScheme(bool forbidden, const String&);
static bool isDomainRelaxationForbiddenForURLScheme(const String&);
@@ -115,7 +114,6 @@
void grantUniversalAccess();
bool isSandboxed(SandboxFlags mask) const { return m_sandboxFlags & mask; }
- SandboxFlags sandboxFlags() const { return m_sandboxFlags; }
bool canAccessDatabase() const { return !isUnique(); }
bool canAccessLocalStorage() const { return !isUnique(); }
@@ -180,8 +178,6 @@
// (and whether it was set) but considering the host. It is used for postMessage.
bool isSameSchemeHostPort(const SecurityOrigin*) const;
- static SandboxFlags parseSandboxPolicy(const String& policy);
-
static bool shouldHideReferrer(const KURL&, const String& referrer);
enum LocalLoadPolicy {
Modified: trunk/Source/WebCore/svg/graphics/SVGImage.cpp (99161 => 99162)
--- trunk/Source/WebCore/svg/graphics/SVGImage.cpp 2011-11-03 10:23:10 UTC (rev 99161)
+++ trunk/Source/WebCore/svg/graphics/SVGImage.cpp 2011-11-03 10:33:35 UTC (rev 99162)
@@ -313,7 +313,7 @@
frame->setView(FrameView::create(frame.get()));
frame->init();
FrameLoader* loader = frame->loader();
- loader->forceSandboxFlags(SandboxAll);
+ loader->setForcedSandboxFlags(SandboxAll);
frame->view()->setCanHaveScrollbars(false); // SVG Images will always synthesize a viewBox, if it's not available, and thus never see scrollbars.
frame->view()->setTransparent(true); // SVG Images are transparent.
