summaryrefslogtreecommitdiffstats
path: root/webkit
diff options
context:
space:
mode:
authorsgjesse@chromium.org <sgjesse@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>2008-11-04 12:08:34 +0000
committersgjesse@chromium.org <sgjesse@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>2008-11-04 12:08:34 +0000
commit1275f9d28ee3f9a96288bfdbc74be4ba0df63aa1 (patch)
tree269d99ad7ee9833b103142d8634abe9ed20c92a8 /webkit
parent5080e18216a41a978c42c2bacf4e16ad15ca84e4 (diff)
downloadchromium_src-1275f9d28ee3f9a96288bfdbc74be4ba0df63aa1.zip
chromium_src-1275f9d28ee3f9a96288bfdbc74be4ba0df63aa1.tar.gz
chromium_src-1275f9d28ee3f9a96288bfdbc74be4ba0df63aa1.tar.bz2
Rebaselined the following layout tests
LayoutTests\http\tests\security\aboutBlank\xss-DENIED-set-opener.html LayoutTests\http\tests\security\aboutBlank\xss-DENIED-navigate-opener-document-write.html LayoutTests\http\tests\security\aboutBlank\xss-DENIED-navigate-opener-javascript-url.html The original expectations included a security access error where the source was about:blank, but as soon as an about:blank is written to it is supposed to get the URL of the script performing the write. This behaviour matches the error messages seen in Firefox and Internet Explorer. Review URL: http://codereview.chromium.org/9106 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@4596 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'webkit')
-rw-r--r--webkit/data/layout_test_results/v8/LayoutTests/http/tests/security/aboutBlank/xss-DENIED-navigate-opener-document-write-expected.txt2
-rw-r--r--webkit/data/layout_test_results/v8/LayoutTests/http/tests/security/aboutBlank/xss-DENIED-navigate-opener-javascript-url-expected.txt2
-rw-r--r--webkit/data/layout_test_results/v8/LayoutTests/http/tests/security/aboutBlank/xss-DENIED-set-opener-expected.txt2
-rw-r--r--webkit/tools/layout_tests/test_lists/win/tests_fixable.txt3
4 files changed, 3 insertions, 6 deletions
diff --git a/webkit/data/layout_test_results/v8/LayoutTests/http/tests/security/aboutBlank/xss-DENIED-navigate-opener-document-write-expected.txt b/webkit/data/layout_test_results/v8/LayoutTests/http/tests/security/aboutBlank/xss-DENIED-navigate-opener-document-write-expected.txt
index ee4126b..fb72c2a 100644
--- a/webkit/data/layout_test_results/v8/LayoutTests/http/tests/security/aboutBlank/xss-DENIED-navigate-opener-document-write-expected.txt
+++ b/webkit/data/layout_test_results/v8/LayoutTests/http/tests/security/aboutBlank/xss-DENIED-navigate-opener-document-write-expected.txt
@@ -1,4 +1,4 @@
-CONSOLE MESSAGE: line 1: Unsafe JavaScript attempt to access frame with URL http://localhost:8000/security/resources/innocent-victim-with-notify.html from frame with URL about:blank. Domains, protocols and ports must match.
+CONSOLE MESSAGE: line 1: Unsafe JavaScript attempt to access frame with URL http://localhost:8000/security/resources/innocent-victim-with-notify.html from frame with URL http://127.0.0.1:8000/security/aboutBlank/xss-DENIED-navigate-opener-document-write.html. Domains, protocols and ports must match.
CONSOLE MESSAGE: line 1: Uncaught TypeError: Cannot read property 'body' of undefined
This page opens a window to "", injects malicious code, and then navigates its opener to the victim. The opened window then tries to scripts its opener after document.writeing a new document.
diff --git a/webkit/data/layout_test_results/v8/LayoutTests/http/tests/security/aboutBlank/xss-DENIED-navigate-opener-javascript-url-expected.txt b/webkit/data/layout_test_results/v8/LayoutTests/http/tests/security/aboutBlank/xss-DENIED-navigate-opener-javascript-url-expected.txt
index 6a23c08..94f6484 100644
--- a/webkit/data/layout_test_results/v8/LayoutTests/http/tests/security/aboutBlank/xss-DENIED-navigate-opener-javascript-url-expected.txt
+++ b/webkit/data/layout_test_results/v8/LayoutTests/http/tests/security/aboutBlank/xss-DENIED-navigate-opener-javascript-url-expected.txt
@@ -1,4 +1,4 @@
-CONSOLE MESSAGE: line 1: Unsafe JavaScript attempt to access frame with URL http://localhost:8000/security/resources/innocent-victim-with-notify.html from frame with URL about:blank. Domains, protocols and ports must match.
+CONSOLE MESSAGE: line 1: Unsafe JavaScript attempt to access frame with URL http://localhost:8000/security/resources/innocent-victim-with-notify.html from frame with URL http://127.0.0.1:8000/security/aboutBlank/xss-DENIED-navigate-opener-javascript-url.html. Domains, protocols and ports must match.
CONSOLE MESSAGE: line 1: Uncaught TypeError: Cannot read property 'body' of undefined
This page opens a window to "", injects malicious code, and then navigates its opener to the victim. The opened window then tries to scripts its opener after reloading itself as a javascript URL.
diff --git a/webkit/data/layout_test_results/v8/LayoutTests/http/tests/security/aboutBlank/xss-DENIED-set-opener-expected.txt b/webkit/data/layout_test_results/v8/LayoutTests/http/tests/security/aboutBlank/xss-DENIED-set-opener-expected.txt
index 28a9215..7bcd3a5 100644
--- a/webkit/data/layout_test_results/v8/LayoutTests/http/tests/security/aboutBlank/xss-DENIED-set-opener-expected.txt
+++ b/webkit/data/layout_test_results/v8/LayoutTests/http/tests/security/aboutBlank/xss-DENIED-set-opener-expected.txt
@@ -1,6 +1,6 @@
CONSOLE MESSAGE: line 1: Unsafe JavaScript attempt to access frame with URL http://localhost:8000/security/resources/innocent-victim.html from frame with URL http://127.0.0.1:8000/security/aboutBlank/xss-DENIED-set-opener.html. Domains, protocols and ports must match.
-CONSOLE MESSAGE: line 1: Unsafe JavaScript attempt to access frame with URL http://localhost:8000/security/resources/innocent-victim.html from frame with URL about:blank. Domains, protocols and ports must match.
+CONSOLE MESSAGE: line 1: Unsafe JavaScript attempt to access frame with URL http://localhost:8000/security/resources/innocent-victim.html from frame with URL http://127.0.0.1:8000/security/aboutBlank/xss-DENIED-set-opener.html. Domains, protocols and ports must match.
CONSOLE MESSAGE: line 1: Uncaught TypeError: Cannot read property 'body' of undefined
This page opens a window to "", injects malicious code, and then uses window.open.call to set its opener to the victim. The opened window then tries to scripts its opener.
diff --git a/webkit/tools/layout_tests/test_lists/win/tests_fixable.txt b/webkit/tools/layout_tests/test_lists/win/tests_fixable.txt
index 5444fa6..09437e9 100644
--- a/webkit/tools/layout_tests/test_lists/win/tests_fixable.txt
+++ b/webkit/tools/layout_tests/test_lists/win/tests_fixable.txt
@@ -895,9 +895,6 @@ V8 | KJS # LayoutTests/http/tests/navigation/back-to-slow-frame.html = FAIL
V8 | KJS # LayoutTests/http/tests/navigation/metaredirect-basic.html = FAIL
V8 | KJS # LayoutTests/http/tests/navigation/post-basic.html = FAIL | PASS
V8 | KJS # LayoutTests/http/tests/navigation/post-frames.html = FAIL | PASS
-V8 | KJS # LayoutTests/http/tests/security/aboutBlank/xss-DENIED-navigate-opener-document-write.html = FAIL
-V8 | KJS # LayoutTests/http/tests/security/aboutBlank/xss-DENIED-navigate-opener-javascript-url.html = FAIL
-V8 | KJS # LayoutTests/http/tests/security/aboutBlank/xss-DENIED-set-opener.html = FAIL
V8 | KJS # LayoutTests/http/tests/security/cross-frame-access-history-put.html = FAIL | TIMEOUT
V8 | KJS # LayoutTests/http/tests/security/listener/xss-JSTargetNode-onclick-addEventListener.html = FAIL
V8 | KJS # LayoutTests/http/tests/security/listener/xss-JSTargetNode-onclick-shortcut.html = FAIL
generated by cgit v1.1 at 2025-01-22 13:37:38 +0000