Add a few more possiblities to the test cases for xss denial.

https://bugs.webkit.org/show_bug.cgi?id=47120

Patch by Tom Sepez <tsepez@chromium.org> on 2011-09-23
Reviewed by Adam Barth.

* http/tests/security/xss-DENIED-document-baseURI-javascript-with-spaces-expected.txt: Added.
* http/tests/security/xss-DENIED-document-baseURI-javascript-with-spaces.html: Added.
* http/tests/security/xss-DENIED-window-open-javascript-url-with-spaces-expected.txt: Added.
* http/tests/security/xss-DENIED-window-open-javascript-url-with-spaces.html: Added.

git-svn-id: http://svn.webkit.org/repository/webkit/trunk@95880 268f45cc-cd09-0410-ab3c-d52691b4dbfc
parent 18bc6bc8
2011-09-23 Tom Sepez <tsepez@chromium.org>
Add a few more possiblities to the test cases for xss denial.
https://bugs.webkit.org/show_bug.cgi?id=47120
Reviewed by Adam Barth.
* http/tests/security/xss-DENIED-document-baseURI-javascript-with-spaces-expected.txt: Added.
* http/tests/security/xss-DENIED-document-baseURI-javascript-with-spaces.html: Added.
* http/tests/security/xss-DENIED-window-open-javascript-url-with-spaces-expected.txt: Added.
* http/tests/security/xss-DENIED-window-open-javascript-url-with-spaces.html: Added.
2011-09-23 Chang Shu <cshu@webkit.org>
[WK2] [Qt] Implement MouseDown/MouseUp/MouseMoveTo functions for WebKit2 EventSender
CONSOLE MESSAGE: line 1: Unsafe JavaScript attempt to access frame with URL http://localhost:8080/security/resources/innocent-victim.html from frame with URL http://127.0.0.1:8000/security/xss-DENIED-document-baseURI-javascript-with-spaces.html. Domains, protocols and ports must match.
This test passes if there is no alert dialog
<html>
<head>
<script>
if (window.layoutTestController) {
layoutTestController.dumpAsText();
layoutTestController.waitUntilDone();
}
window.onload = function()
{
document.documentURI = "\x20\x09\x0a\x0djavascript://hostname.com/%0D%0Aalert('FAIL')";
frame = document.body.appendChild(document.createElement("iframe"));
frame.src = "http://localhost:8080/security/resources/innocent-victim.html";
frame.onload = function()
{
frame.contentWindow.location = "";
setTimeout(finishTest, 0);
}
}
function finishTest()
{
if (window.layoutTestController)
layoutTestController.notifyDone();
}
</script>
</head>
<body>
This test passes if there is no alert dialog
</body>
</html>
CONSOLE MESSAGE: line 1: Unsafe JavaScript attempt to access frame with URL http://localhost:8080/security/resources/innocent-victim.html from frame with URL http://127.0.0.1:8000/security/xss-DENIED-window-open-javascript-url-with-spaces.html. Domains, protocols and ports must match.
This test passes if there is no alert dialog.
<!DOCTYPE html>
<html>
<head>
<script>
if (window.layoutTestController) {
layoutTestController.dumpAsText();
layoutTestController.waitUntilDone();
}
function runTest() {
// Schedule a return to the main event loop so that the javascript: URL
// has a chance to run.
setTimeout(done, 0);
window.open("\x20\x09\x0a\x0djavascript:alert('FAIL')", "tg");
}
function done() {
if (window.layoutTestController)
layoutTestController.notifyDone();
}
</script>
</head>
<body>
This test passes if there is no alert dialog.<br>
<iframe onload="runTest()" name="tg"
src="http://localhost:8080/security/resources/innocent-victim.html"
></iframe>
</body>
</html>
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment