1. 31 Jan, 2008 1 commit
    • weinig@apple.com's avatar
      WebCore: · 7da76c9e
      weinig@apple.com authored
              Reviewed by Darin Adler.
      
              Fix for <rdar://problem/5708993> Mutability of the History object
      
              - Don't allow cross-domain get access to any of the history objects properties
                except the back(), forward() and go() methods.
              - Don't allow cross-domain put access to any of the history objects properties.
              - Don't allow cross-domain enumeration of the History or Location objects.
      
              Tests: http/tests/security/cross-frame-access-history-get-override.html
                     http/tests/security/cross-frame-access-history-get.html
                     http/tests/security/cross-frame-access-history-put.html
      
              * WebCore.xcodeproj/project.pbxproj:
              * bindings/js/JSDOMWindowCustom.cpp: Remove unnessary KJS::'s
              (WebCore::JSDOMWindow::customGetOwnPropertySlot):
              (WebCore::JSDOMWindow::customPut):
              (WebCore::JSDOMWindow::getPropertyNames): Moved implementation from KJS::Window now that the declaration is autogenerated
              using the new CustomGetPropertyNames.
              (WebCore::JSDOMWindow::postMessage):
      
              * bindings/js/JSHistoryCustom.cpp: Added.
              (WebCore::allowsAccessFromFrame):
              (WebCore::JSHistory::customGetOwnPropertySlot): Only allow getting the declared functions back(), forward() and go() from cross-domain.
              Deny all other gets.
              (WebCore::JSHistory::customPut): Don't allow putting cross-domain.
              (WebCore::JSHistory::getPropertyNames): Don't allow enumeration cross-domain.
      
              * bindings/js/JSLocation.cpp:
              (WebCore::allowsAccessFromFrame):
              (WebCore::JSLocation::getPropertyNames): Don't allow enumeration cross-domain.
              * bindings/js/JSLocation.h:
      
              * bindings/js/kjs_window.cpp:
              * bindings/js/kjs_window.h:
      
              * bindings/scripts/CodeGeneratorJS.pm:
              Add support for new CustomGetPropertNames extended attribute and changed the logic of CustomPutFunction
              to create an overrided put() function even if no read-write properties exist.
      
              * page/DOMWindow.idl: Added CustomGetPropertNames
              * page/History.idl: Added CustomGetPropertNames
      
      LayoutTests:
      
              Reviewed by Darin Adler.
      
              Tests for <rdar://problem/5708993> Mutability of the History object
      
              * http/tests/security/cross-frame-access-enumeration-expected.txt:
              * http/tests/security/cross-frame-access-enumeration.html:
              * http/tests/security/cross-frame-access-history-expected.txt: Removed.
              * http/tests/security/cross-frame-access-history-get-expected.txt: Renamed from LayoutTests/http/tests/security/cross-frame-access-history-expected.txt.
              * http/tests/security/cross-frame-access-history-get-override-expected.txt: Added.
              * http/tests/security/cross-frame-access-history-get-override.html: Added.
              * http/tests/security/cross-frame-access-history-get.html: Renamed from LayoutTests/http/tests/security/cross-frame-access-history.html.
              * http/tests/security/cross-frame-access-history-put-expected.txt: Added.
              * http/tests/security/cross-frame-access-history-put.html: Added.
              * http/tests/security/cross-frame-access-history.html: Removed.
              * http/tests/security/resources/cross-frame-access.js:
              * http/tests/security/resources/cross-frame-iframe-for-enumeration-test.html:
              * http/tests/security/resources/cross-frame-iframe-for-history-get-override-test.html: Added.
              * http/tests/security/resources/cross-frame-iframe-for-history-get-test.html: Added.
              * http/tests/security/resources/cross-frame-iframe-for-history-put-test.html: Added.
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@29890 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      7da76c9e