• weinig@apple.com's avatar
    WebCore: · 7da76c9e
    weinig@apple.com authored
            Reviewed by Darin Adler.
    
            Fix for <rdar://problem/5708993> Mutability of the History object
    
            - Don't allow cross-domain get access to any of the history objects properties
              except the back(), forward() and go() methods.
            - Don't allow cross-domain put access to any of the history objects properties.
            - Don't allow cross-domain enumeration of the History or Location objects.
    
            Tests: http/tests/security/cross-frame-access-history-get-override.html
                   http/tests/security/cross-frame-access-history-get.html
                   http/tests/security/cross-frame-access-history-put.html
    
            * WebCore.xcodeproj/project.pbxproj:
            * bindings/js/JSDOMWindowCustom.cpp: Remove unnessary KJS::'s
            (WebCore::JSDOMWindow::customGetOwnPropertySlot):
            (WebCore::JSDOMWindow::customPut):
            (WebCore::JSDOMWindow::getPropertyNames): Moved implementation from KJS::Window now that the declaration is autogenerated
            using the new CustomGetPropertyNames.
            (WebCore::JSDOMWindow::postMessage):
    
            * bindings/js/JSHistoryCustom.cpp: Added.
            (WebCore::allowsAccessFromFrame):
            (WebCore::JSHistory::customGetOwnPropertySlot): Only allow getting the declared functions back(), forward() and go() from cross-domain.
            Deny all other gets.
            (WebCore::JSHistory::customPut): Don't allow putting cross-domain.
            (WebCore::JSHistory::getPropertyNames): Don't allow enumeration cross-domain.
    
            * bindings/js/JSLocation.cpp:
            (WebCore::allowsAccessFromFrame):
            (WebCore::JSLocation::getPropertyNames): Don't allow enumeration cross-domain.
            * bindings/js/JSLocation.h:
    
            * bindings/js/kjs_window.cpp:
            * bindings/js/kjs_window.h:
    
            * bindings/scripts/CodeGeneratorJS.pm:
            Add support for new CustomGetPropertNames extended attribute and changed the logic of CustomPutFunction
            to create an overrided put() function even if no read-write properties exist.
    
            * page/DOMWindow.idl: Added CustomGetPropertNames
            * page/History.idl: Added CustomGetPropertNames
    
    LayoutTests:
    
            Reviewed by Darin Adler.
    
            Tests for <rdar://problem/5708993> Mutability of the History object
    
            * http/tests/security/cross-frame-access-enumeration-expected.txt:
            * http/tests/security/cross-frame-access-enumeration.html:
            * http/tests/security/cross-frame-access-history-expected.txt: Removed.
            * http/tests/security/cross-frame-access-history-get-expected.txt: Renamed from LayoutTests/http/tests/security/cross-frame-access-history-expected.txt.
            * http/tests/security/cross-frame-access-history-get-override-expected.txt: Added.
            * http/tests/security/cross-frame-access-history-get-override.html: Added.
            * http/tests/security/cross-frame-access-history-get.html: Renamed from LayoutTests/http/tests/security/cross-frame-access-history.html.
            * http/tests/security/cross-frame-access-history-put-expected.txt: Added.
            * http/tests/security/cross-frame-access-history-put.html: Added.
            * http/tests/security/cross-frame-access-history.html: Removed.
            * http/tests/security/resources/cross-frame-access.js:
            * http/tests/security/resources/cross-frame-iframe-for-enumeration-test.html:
            * http/tests/security/resources/cross-frame-iframe-for-history-get-override-test.html: Added.
            * http/tests/security/resources/cross-frame-iframe-for-history-get-test.html: Added.
            * http/tests/security/resources/cross-frame-iframe-for-history-put-test.html: Added.
    
    
    
    git-svn-id: http://svn.webkit.org/repository/webkit/trunk@29890 268f45cc-cd09-0410-ab3c-d52691b4dbfc
    7da76c9e
cross-frame-iframe-for-history-get-test.html 344 Bytes