Commit e13621e6 authored by eric@webkit.org's avatar eric@webkit.org

2009-09-25 Yuan Song <song.yuan@ericsson.com>

        Reviewed by Darin Adler.

        https://bugs.webkit.org/show_bug.cgi?id=14566

        Add test "invalid-domain-change-throws-exception.html" to ensure a SECURITY_ERR exception is raised if an attempt is made to change document.domain to an invalid value. In the existing test case "basic-textareas.html", fix the faulty behavior of setting document.domain to invalid value, and replace the data URL to a file URL that points to "basic-textareas-standards.html" in order to make "basic-textareas.html" runnable in a browser.

        * fast/forms/basic-textareas.html:
        * fast/forms/resources/basic-textareas-standards.html: Added.
        * fast/js/invalid-domain-change-throws-exception-expected.txt: Added.
        * fast/js/invalid-domain-change-throws-exception.html: Added.
        * fast/js/resources/invalid-domain-change-throws-exception.js: Added.
2009-09-25  Yuan Song  <song.yuan@ericsson.com>

        Reviewed by Darin Adler.

        https://bugs.webkit.org/show_bug.cgi?id=14566

        Raise SECURITY_ERR exception if an attempt is made to change document.domain to an invalid value.

        Test: fast/js/invalid-domain-change-throws-exception.html

        * dom/Document.cpp:
        (WebCore::Document::setDomain):
        * dom/Document.h:
        * dom/Document.idl:

git-svn-id: http://svn.webkit.org/repository/webkit/trunk@48761 268f45cc-cd09-0410-ab3c-d52691b4dbfc
parent 9a7b9c3a
2009-09-25 Yuan Song <song.yuan@ericsson.com>
Reviewed by Darin Adler.
https://bugs.webkit.org/show_bug.cgi?id=14566
Add test "invalid-domain-change-throws-exception.html" to ensure a SECURITY_ERR exception is raised if an attempt is made to change document.domain to an invalid value. In the existing test case "basic-textareas.html", fix the faulty behavior of setting document.domain to invalid value, and replace the data URL to a file URL that points to "basic-textareas-standards.html" in order to make "basic-textareas.html" runnable in a browser.
* fast/forms/basic-textareas.html:
* fast/forms/resources/basic-textareas-standards.html: Added.
* fast/js/invalid-domain-change-throws-exception-expected.txt: Added.
* fast/js/invalid-domain-change-throws-exception.html: Added.
* fast/js/resources/invalid-domain-change-throws-exception.js: Added.
2009-09-25 Adam Barth <abarth@webkit.org>
Reviewed by Dimitri Glazkov.
......
......@@ -81,14 +81,11 @@ function addAllTextareas(iframe, compatMode) {
iframe.style.height = docToAppendTo.body.offsetHeight + 5 + 'px';
}
// Set the domain in the top-level page as well as the iframe.
// So they can communicate despite use of the data url.
document.domain = 'mydummydomain';
document.body.style.margin = 0;
var standardsIframe = document.createElement('iframe');
// Create a page with a doctype so it's standards mode.
standardsIframe.src = 'data:text/html;charset=utf-8,%3C!DOCTYPE%20HTML%3E%3Cbody%3E%3Cscript%3Edocument.domain%20%3D%20"mydummydomain"%3B%3C%2Fbody%3E%3C%2Fhtml%3E%0D%0A';
// Reference a page with a doctype so it's standards mode.
standardsIframe.src = 'resources/basic-textareas-standards.html';
standardsIframe.onload = function(e) {
addAllTextareas(e.target, 'CSS1Compat');
}
......
This test checks that a SECURITY_ERR exception is raised if an attempt is made to change document.domain to an invalid value.
On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".
PASS document.domain = "apple.com" threw exception Error: SECURITY_ERR: DOM Exception 18.
PASS successfullyParsed is true
TEST COMPLETE
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML//EN">
<html>
<head>
<link rel="stylesheet" href="resources/js-test-style.css">
<script src="resources/js-test-pre.js"></script>
</head>
<body>
<p id="description"></p>
<div id="console"></div>
<script src="resources/invalid-domain-change-throws-exception.js"></script>
<script src="resources/js-test-post.js"></script>
</body>
</html>
description("This test checks that a SECURITY_ERR exception is raised if an attempt is made to change document.domain to an invalid value.");
shouldThrow('document.domain = "apple.com"', '"Error: SECURITY_ERR: DOM Exception 18"');
var successfullyParsed = true;
2009-09-25 Yuan Song <song.yuan@ericsson.com>
Reviewed by Darin Adler.
https://bugs.webkit.org/show_bug.cgi?id=14566
Raise SECURITY_ERR exception if an attempt is made to change document.domain to an invalid value.
Test: fast/js/invalid-domain-change-throws-exception.html
* dom/Document.cpp:
(WebCore::Document::setDomain):
* dom/Document.h:
* dom/Document.idl:
2009-09-25 Adam Barth <abarth@webkit.org>
Reviewed by Dimitri Glazkov.
......@@ -3011,7 +3011,7 @@ String Document::domain() const
return securityOrigin()->domain();
}
void Document::setDomain(const String& newDomain)
void Document::setDomain(const String& newDomain, ExceptionCode& ec)
{
// Both NS and IE specify that changing the domain is only allowed when
// the new domain is a suffix of the old domain.
......@@ -3034,19 +3034,25 @@ void Document::setDomain(const String& newDomain)
int oldLength = domain().length();
int newLength = newDomain.length();
// e.g. newDomain = webkit.org (10) and domain() = www.webkit.org (14)
if (newLength >= oldLength)
if (newLength >= oldLength) {
ec = SECURITY_ERR;
return;
}
String test = domain();
// Check that it's a subdomain, not e.g. "ebkit.org"
if (test[oldLength - newLength - 1] != '.')
if (test[oldLength - newLength - 1] != '.') {
ec = SECURITY_ERR;
return;
}
// Now test is "webkit.org" from domain()
// and we check that it's the same thing as newDomain
test.remove(0, oldLength - newLength);
if (test != newDomain)
if (test != newDomain) {
ec = SECURITY_ERR;
return;
}
securityOrigin()->setDomainFromDOM(newDomain);
if (m_frame)
......
......@@ -672,7 +672,7 @@ public:
String referrer() const;
String domain() const;
void setDomain(const String& newDomain);
void setDomain(const String& newDomain, ExceptionCode&);
String lastModified() const;
......
......@@ -155,7 +155,8 @@ module core {
attribute [ConvertNullToNullString] DOMString title;
readonly attribute DOMString referrer;
#if defined(LANGUAGE_JAVASCRIPT) && LANGUAGE_JAVASCRIPT
attribute [ConvertNullToNullString] DOMString domain;
attribute [ConvertNullToNullString] DOMString domain
setter raises (DOMException);
#else
readonly attribute DOMString domain;
#endif
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment