Skip to content
  • barraclough@apple.com's avatar
    REGRESSION (r129456): http/tests/security/xss-eval.html is failing on JSC platforms · b364bcbe
    barraclough@apple.com authored
    https://bugs.webkit.org/show_bug.cgi?id=97529
    
    Reviewed by Filip Pizlo.
    
    A recent patch changed JSC's EvalError behaviour; bring this more into line with other browsers.
    
    Source/JavaScriptCore: 
    
    JSC currently throws an EvalError if you try to call eval with a this object that doesn't
    match the given eval function. This does not match other browsers, which generally just
    ignore the this value that was passed, and eval the string in the eval function's environment.
    
    * runtime/JSGlobalObjectFunctions.cpp:
    (JSC::globalFuncEval):
        - Remove EvalError, ignore passed this value.
    
    LayoutTests: 
    
    * fast/js/eval-cross-window-expected.txt:
    * fast/js/eval-cross-window.html:
        - Changed not to expect EvalErrors (this matches other browsers), and modified testThis
          to check that the this object is always set to the global object.
    * http/tests/security/resources/xss-eval2.html:
    * http/tests/security/resources/xss-eval3.html:
    * http/tests/security/xss-eval-expected.txt:
    * http/tests/security/xss-eval.html:
        - Updated. Access via the global environment is not a security risk, since the eval is
          accessing it's own document's informantion. Access via the shell attempts to access
          the navigated pages document, tripping an access check & throwing a TypeError.
    
    
    
    git-svn-id: http://svn.webkit.org/repository/webkit/trunk@129592 268f45cc-cd09-0410-ab3c-d52691b4dbfc
    b364bcbe