Issue 6409009: Merge 76429 - 2011-01-21 Yury Semikhatsky <yurys@chromium.org>...

Issue 6409009: Merge 76429 - 2011-01-21 Yury Semikhatsky <yurys@chromium.org>... (Closed)

Created:
9 years, 10 months ago by mnaganov (inactive)

Modified:
9 years, 7 months ago

Reviewers:
yurys

CC:
chromium-reviews

Base URL:
http://svn.webkit.org/repository/webkit/branches/chromium/648/

Visibility:
Public.

Description

Merge 76429 - 2011-01-21 Yury Semikhatsky <yurys@chromium.org>; Reviewed by Adam Barth. Regression: new window.onerror() implementation leaks cross-origin Javascript errors https://bugs.webkit.org/show_bug.cgi?id=52903 In case of an exception in a script from different domain only generic message will be passed to window.onerror hander. Tests: http/tests/security/cross-origin-script-window-onerror-redirected.html http/tests/security/cross-origin-script-window-onerror.html * bindings/js/CachedScriptSourceProvider.h: use URL from the resource response to make sure we do all cross origin checks agains real script URL, not the original URL which may have resulted in a sequence of redirects to different domains. (WebCore::CachedScriptSourceProvider::CachedScriptSourceProvider): * bindings/v8/ScriptSourceCode.h: same for v8. (WebCore::ScriptSourceCode::url): * dom/ScriptExecutionContext.cpp: (WebCore::ScriptExecutionContext::dispatchErrorEvent): in case the error occurred in a script we cannot access provide concise "Script error." message without any information about the error source. This is what Firefox does in this case. 2011-01-21 Yury Semikhatsky <yurys@chromium.org>; Reviewed by Adam Barth. Regression: new window.onerror() implementation leaks cross-origin Javascript errors https://bugs.webkit.org/show_bug.cgi?id=52903 A couple of tests to check that window.onerror won't reveal any content of the resource from a different domain if the latter is referenced via <script src=...> * http/tests/security/cross-origin-script-window-onerror-expected.txt: Added. * http/tests/security/cross-origin-script-window-onerror-redirected-expected.txt: Added. * http/tests/security/cross-origin-script-window-onerror-redirected.html: Added. * http/tests/security/cross-origin-script-window-onerror.html: Added. * http/tests/security/resources/cross-origin-script.txt: Added. TBR=abarth@webkit.org Committed: http://src.chromium.org/viewvc/chrome?view=rev&revision=77122

Patch Set 1 #

Created: 9 years, 10 months ago

Download [raw] [tar.bz2]

	Unified diffs	Side-by-side diffs	Stats (+17 lines, --2 lines)			Patch
A +	LayoutTests/http/tests/security/cross-origin-script-window-onerror.html	View	0 chunks	+-1 lines, --1 lines	0 comments	Download
A +	LayoutTests/http/tests/security/cross-origin-script-window-onerror-expected.txt	View	0 chunks	+-1 lines, --1 lines	0 comments	Download
A +	LayoutTests/http/tests/security/cross-origin-script-window-onerror-redirected.html	View	0 chunks	+-1 lines, --1 lines	0 comments	Download
A +	LayoutTests/http/tests/security/cross-origin-script-window-onerror-redirected-expected.txt	View	0 chunks	+-1 lines, --1 lines	0 comments	Download
A +	LayoutTests/http/tests/security/resources/cross-origin-script.txt	View	0 chunks	+-1 lines, --1 lines	0 comments	Download
M	Source/WebCore/bindings/js/CachedScriptSourceProvider.h	View	1 chunk	+1 line, -1 line	0 comments	Download
M	Source/WebCore/bindings/v8/ScriptSourceCode.h	View	1 chunk	+6 lines, -1 line	0 comments	Download
M	Source/WebCore/dom/ScriptExecutionContext.cpp	View	1 chunk	+15 lines, -1 line	0 comments	Download

Messages

Total messages: 1 (0 generated)

Expand Messages | Collapse Messages