Title: [112083] trunk
- Revision
- 112083
- Author
- [email protected]
- Date
- 2012-03-26 06:07:24 -0700 (Mon, 26 Mar 2012)
Log Message
Web Inspector: [REGRESSION] Workarounds for security checks when retrieving stylesheet rule lists are broken
https://bugs.webkit.org/show_bug.cgi?id=82191
Reviewed by Vsevolod Vlasov.
Source/WebCore:
Test: http/tests/inspector/modify-cross-domain-rule.html
* inspector/InspectorStyleSheet.cpp:
(WebCore::asCSSRuleList):
(WebCore::InspectorStyleSheet::buildObjectForStyleSheet):
LayoutTests:
* http/tests/inspector/modify-cross-domain-rule-expected.txt: Added.
* http/tests/inspector/modify-cross-domain-rule.html: Added.
* http/tests/inspector/styles/modify-cross-domain-rule.css: Added.
(#inspected):
Modified Paths
Added Paths
Diff
Modified: trunk/LayoutTests/ChangeLog (112082 => 112083)
--- trunk/LayoutTests/ChangeLog 2012-03-26 13:05:42 UTC (rev 112082)
+++ trunk/LayoutTests/ChangeLog 2012-03-26 13:07:24 UTC (rev 112083)
@@ -1,3 +1,15 @@
+2012-03-26 Alexander Pavlov <[email protected]>
+
+ Web Inspector: [REGRESSION] Workarounds for security checks when retrieving stylesheet rule lists are broken
+ https://bugs.webkit.org/show_bug.cgi?id=82191
+
+ Reviewed by Vsevolod Vlasov.
+
+ * http/tests/inspector/modify-cross-domain-rule-expected.txt: Added.
+ * http/tests/inspector/modify-cross-domain-rule.html: Added.
+ * http/tests/inspector/styles/modify-cross-domain-rule.css: Added.
+ (#inspected):
+
2012-03-26 Szilard Ledan <[email protected]>
[Qt] Unskip passing tests from the 'new tests without expected results' section.
Added: trunk/LayoutTests/http/tests/inspector/modify-cross-domain-rule-expected.txt (0 => 112083)
--- trunk/LayoutTests/http/tests/inspector/modify-cross-domain-rule-expected.txt (rev 0)
+++ trunk/LayoutTests/http/tests/inspector/modify-cross-domain-rule-expected.txt 2012-03-26 13:07:24 UTC (rev 112083)
@@ -0,0 +1,17 @@
+Tests that modifying a rule in a stylesheet loaded from a different domain does not crash the renderer.
+
+Text
+
+Running: testSetUp
+
+Running: testAddProperty
+=== Rule modified ===
+color: green;
+width: 100%;
+=== Selector changed ===
+body {
+ color: green;
+ width: 100%;
+}
+Affects selected (#inspected) node: false
+
Property changes on: trunk/LayoutTests/http/tests/inspector/modify-cross-domain-rule-expected.txt
___________________________________________________________________
Added: svn:eol-style
Added: trunk/LayoutTests/http/tests/inspector/modify-cross-domain-rule.html (0 => 112083)
--- trunk/LayoutTests/http/tests/inspector/modify-cross-domain-rule.html (rev 0)
+++ trunk/LayoutTests/http/tests/inspector/modify-cross-domain-rule.html 2012-03-26 13:07:24 UTC (rev 112083)
@@ -0,0 +1,110 @@
+<html>
+<head>
+<link rel="stylesheet" href=""
+<script src=""
+<script src=""
+<script>
+
+function test()
+{
+ var nodeId;
+ var allRules;
+ var rule;
+ var matchedRules;
+
+ WebInspector.showPanel("elements");
+
+ InspectorTest.runTestSuite([
+ function testSetUp(next) {
+ InspectorTest.selectNodeAndWaitForStyles("inspected", selectCallback);
+
+ function selectCallback()
+ {
+ var idToDOMNode = WebInspector.domAgent._idToDOMNode;
+ for (var id in idToDOMNode) {
+ node = idToDOMNode[id];
+ if (node.getAttribute && node.getAttribute("id") === "inspected") {
+ nodeId = parseInt(id, 10);
+ break;
+ }
+ }
+
+ if (!nodeId) {
+ InspectorTest.completeTest();
+ return;
+ }
+
+ WebInspector.cssModel.getMatchedStylesAsync(nodeId, null, false, false, callback);
+ }
+
+ function callback(rules)
+ {
+ if (!rules || !rules.matchedCSSRules || !rules.matchedCSSRules.length) {
+ InspectorTest.addResult("[!] No rules found");
+ InspectorTest.completeTest();
+ return;
+ }
+
+ allRules = rules.matchedCSSRules;
+ next();
+ }
+ },
+
+ function testAddProperty(next)
+ {
+ for (var i = 0; i < allRules.length; ++i) {
+ if (allRules[i].isRegular) {
+ rule = allRules[i];
+ break;
+ }
+ }
+ rule.style.appendProperty("width", "100%", callback);
+ function callback(newStyle)
+ {
+ InspectorTest.addResult("=== Rule modified ===");
+ if (!newStyle) {
+ InspectorTest.addResult("[!] No valid rule style received");
+ InspectorTest.completeTest();
+ } else {
+ dumpProperties(newStyle);
+ WebInspector.cssModel.setRuleSelector(rule.id, nodeId, "body", successCallback, failureCallback);
+ }
+ }
+
+ function successCallback(rule, doesAffectSelectedNode)
+ {
+ InspectorTest.addResult("=== Selector changed ===");
+ InspectorTest.addResult(rule.selectorText + " {" + rule.style.cssText + "}");
+ InspectorTest.addResult("Affects selected (#inspected) node: " + doesAffectSelectedNode);
+ next();
+ }
+
+ function failureCallback()
+ {
+ InspectorTest.addResult("[!] Failed to change selector");
+ InspectorTest.completeTest();
+ }
+ }
+ ]);
+
+ function dumpProperties(style)
+ {
+ if (!style)
+ return;
+ var allProperties = style.allProperties;
+ for (var i = 0; i < allProperties.length; ++i)
+ InspectorTest.addResult(allProperties[i].text);
+ }
+}
+</script>
+</head>
+
+<body _onload_="runTest()">
+<p>
+Tests that modifying a rule in a stylesheet loaded from a different domain does not crash the renderer.
+</p>
+
+<div id="inspected">Text</div>
+
+</body>
+</html>
Property changes on: trunk/LayoutTests/http/tests/inspector/modify-cross-domain-rule.html
___________________________________________________________________
Added: svn:eol-style
Added: trunk/LayoutTests/http/tests/inspector/styles/modify-cross-domain-rule.css (0 => 112083)
--- trunk/LayoutTests/http/tests/inspector/styles/modify-cross-domain-rule.css (rev 0)
+++ trunk/LayoutTests/http/tests/inspector/styles/modify-cross-domain-rule.css 2012-03-26 13:07:24 UTC (rev 112083)
@@ -0,0 +1,3 @@
+#inspected {
+ color: green;
+}
Property changes on: trunk/LayoutTests/http/tests/inspector/styles/modify-cross-domain-rule.css
___________________________________________________________________
Added: svn:eol-style
Modified: trunk/Source/WebCore/ChangeLog (112082 => 112083)
--- trunk/Source/WebCore/ChangeLog 2012-03-26 13:05:42 UTC (rev 112082)
+++ trunk/Source/WebCore/ChangeLog 2012-03-26 13:07:24 UTC (rev 112083)
@@ -1,3 +1,16 @@
+2012-03-26 Alexander Pavlov <[email protected]>
+
+ Web Inspector: [REGRESSION] Workarounds for security checks when retrieving stylesheet rule lists are broken
+ https://bugs.webkit.org/show_bug.cgi?id=82191
+
+ Reviewed by Vsevolod Vlasov.
+
+ Test: http/tests/inspector/modify-cross-domain-rule.html
+
+ * inspector/InspectorStyleSheet.cpp:
+ (WebCore::asCSSRuleList):
+ (WebCore::InspectorStyleSheet::buildObjectForStyleSheet):
+
2012-03-26 Carlos Garcia Campos <[email protected]>
Unreviewed. Fix make distcheck.
Modified: trunk/Source/WebCore/inspector/InspectorStyleSheet.cpp (112082 => 112083)
--- trunk/Source/WebCore/inspector/InspectorStyleSheet.cpp 2012-03-26 13:05:42 UTC (rev 112082)
+++ trunk/Source/WebCore/inspector/InspectorStyleSheet.cpp 2012-03-26 13:07:24 UTC (rev 112083)
@@ -153,7 +153,15 @@
if (!styleSheet)
return 0;
- return styleSheet->cssRules();
+ RefPtr<StaticCSSRuleList> list = StaticCSSRuleList::create();
+ Vector<RefPtr<CSSRule> >& listRules = list->rules();
+ for (unsigned i = 0, size = styleSheet->length(); i < size; ++i) {
+ CSSRule* item = styleSheet->item(i);
+ if (item->isCharsetRule())
+ continue;
+ listRules.append(item);
+ }
+ return list.release();
}
static PassRefPtr<CSSRuleList> asCSSRuleList(CSSRule* rule)
@@ -835,7 +843,7 @@
RefPtr<InspectorObject> result = InspectorObject::create();
result->setString("styleSheetId", id());
- RefPtr<CSSRuleList> cssRuleList = styleSheet->cssRules();
+ RefPtr<CSSRuleList> cssRuleList = asCSSRuleList(styleSheet);
RefPtr<InspectorArray> cssRules = buildArrayForRuleList(cssRuleList.get());
result->setArray("rules", cssRules.release());
_______________________________________________
webkit-changes mailing list
[email protected]
http://lists.webkit.org/mailman/listinfo.cgi/webkit-changes
