third_party/WebKit/LayoutTests/http/tests/security/cross-frame-access-getOwnPropertyDescriptor.html - Issue 1360233007: bindings: Moves event handlers and methods of Window to the instance object.

Side by Side Diff: third_party/WebKit/LayoutTests/http/tests/security/cross-frame-access-getOwnPropertyDescriptor.html

Issue 1360233007: bindings: Moves event handlers and methods of Window to the instance object. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master

Patch Set: Created 5 years, 2 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch

« no previous file with comments | « third_party/WebKit/LayoutTests/fast/dom/Window/window-property-shadowing-onclick-expected.txt ('k') | third_party/WebKit/LayoutTests/http/tests/security/cross-frame-access-getOwnPropertyDescriptor-expected.txt » ('j') | third_party/WebKit/Source/bindings/templates/interface.cpp » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

OLD	NEW
1 <html>	1 <html>

2 <head>	2 <head>

3 <script src="resources/cross-frame-access.js"></script>	3 <script src="resources/cross-frame-access.js"></script>

4 <script>	4 <script>

5 var windowConstructorPropertiesNotAllowed = [	5 var windowConstructorPropertiesNotAllowed = [

6 "Attr",	6 "Attr",

7 "Audio",	7 "Audio",

8 "CDATASection",	8 "CDATASection",

9 "CSSRule",	9 "CSSRule",

10 "CSSStyleDeclaration",	10 "CSSStyleDeclaration",

11 "CharacterData",	11 "CharacterData",

12 "Comment",	12 "Comment",

13 "DOMException",	13 "DOMException",

14 "DOMImplementation",	14 "DOMImplementation",

15 "DOMParser",	15 "DOMParser",

16 "Document",	16 "Document",

17 "DocumentFragment",	17 "DocumentFragment",

18 "DocumentType",	18 "DocumentType",

19 "Element",	19 "Element",

20 "EntityReference",	20 "EntityReference",

21 "EvalError",	21 "EvalError",

22 "Event",	22 "Event",

23 "HTMLAnchorElement",	23 "HTMLAnchorElement",

24 "HTMLAudioElement",	24 "HTMLAudioElement",

25 "HTMLAreaElement",	25 "HTMLAreaElement",

26 "HTMLBRElement",	26 "HTMLBRElement",

27 "HTMLBaseElement",	27 "HTMLBaseElement",

28 "HTMLBodyElement",	28 "HTMLBodyElement",

29 "HTMLButtonElement",	29 "HTMLButtonElement",

30 "HTMLCanvasElement",	30 "HTMLCanvasElement",

31 "HTMLDListElement",	31 "HTMLDListElement",

32 "HTMLDirectoryElement",	32 "HTMLDirectoryElement",

33 "HTMLDivElement",	33 "HTMLDivElement",

34 "HTMLDocument",	34 "HTMLDocument",

35 "HTMLElement",	35 "HTMLElement",

36 "HTMLFieldSetElement",	36 "HTMLFieldSetElement",

37 "HTMLFontElement",	37 "HTMLFontElement",

38 "HTMLFormElement",	38 "HTMLFormElement",

39 "HTMLFrameElement",	39 "HTMLFrameElement",

40 "HTMLFrameSetElement",	40 "HTMLFrameSetElement",

41 "HTMLHRElement",	41 "HTMLHRElement",

42 "HTMLHeadElement",	42 "HTMLHeadElement",

43 "HTMLHeadingElement",	43 "HTMLHeadingElement",

44 "HTMLHtmlElement",	44 "HTMLHtmlElement",

45 "HTMLIFrameElement",	45 "HTMLIFrameElement",

46 "HTMLImageElement",	46 "HTMLImageElement",

47 "HTMLInputElement",	47 "HTMLInputElement",

48 "HTMLIsIndexElement",	48 "HTMLIsIndexElement",

49 "HTMLLIElement",	49 "HTMLLIElement",

50 "HTMLLabelElement",	50 "HTMLLabelElement",

51 "HTMLLegendElement",	51 "HTMLLegendElement",

52 "HTMLLinkElement",	52 "HTMLLinkElement",

53 "HTMLMapElement",	53 "HTMLMapElement",

54 "HTMLMarqueeElement",	54 "HTMLMarqueeElement",

55 "HTMLMediaElement",	55 "HTMLMediaElement",

56 "HTMLMenuElement",	56 "HTMLMenuElement",

57 "HTMLMetaElement",	57 "HTMLMetaElement",

58 "HTMLModElement",	58 "HTMLModElement",

59 "HTMLOListElement",	59 "HTMLOListElement",

60 "HTMLOptGroupElement",	60 "HTMLOptGroupElement",

61 "HTMLOptionElement",	61 "HTMLOptionElement",

62 "HTMLParagraphElement",	62 "HTMLParagraphElement",

63 "HTMLParamElement",	63 "HTMLParamElement",

64 "HTMLPreElement",	64 "HTMLPreElement",

65 "HTMLQuoteElement",	65 "HTMLQuoteElement",

66 "HTMLScriptElement",	66 "HTMLScriptElement",

67 "HTMLSelectElement",	67 "HTMLSelectElement",

68 "HTMLSourceElement",	68 "HTMLSourceElement",

69 "HTMLStyleElement",	69 "HTMLStyleElement",

70 "HTMLTableCaptionElement",	70 "HTMLTableCaptionElement",

71 "HTMLTableCellElement",	71 "HTMLTableCellElement",

72 "HTMLTableColElement",	72 "HTMLTableColElement",

73 "HTMLTableElement",	73 "HTMLTableElement",

74 "HTMLTableRowElement",	74 "HTMLTableRowElement",

75 "HTMLTableSectionElement",	75 "HTMLTableSectionElement",

76 "HTMLTextAreaElement",	76 "HTMLTextAreaElement",

77 "HTMLTitleElement",	77 "HTMLTitleElement",

78 "HTMLUListElement",	78 "HTMLUListElement",

79 "HTMLVideoElement",	79 "HTMLVideoElement",

80 "Image",	80 "Image",

81 "MutationEvent",	81 "MutationEvent",

82 "Node",	82 "Node",

83 "NodeFilter",	83 "NodeFilter",

84 "Option",	84 "Option",

85 "ProcessingInstruction",	85 "ProcessingInstruction",

86 "Range",	86 "Range",

87 "RangeError",	87 "RangeError",

88 "ReferenceError",	88 "ReferenceError",

89 "SyntaxError",	89 "SyntaxError",

90 "Text",	90 "Text",

91 "TypeError",	91 "TypeError",

92 "URIError",	92 "URIError",

93 "XMLDocument",	93 "XMLDocument",

94 "XMLHttpRequest",	94 "XMLHttpRequest",

95 "XMLSerializer",	95 "XMLSerializer",

96 "XPathEvaluator",	96 "XPathEvaluator",

97 "XPathResult",	97 "XPathResult",

98 "XSLTProcessor"	98 "XSLTProcessor"

99 ];	99 ];

100	100

101 var windowFunctionPropertiesNotAllowed = [	101 var windowFunctionPropertiesNotAllowed = [

102 "addEventListener",	102 "addEventListener",

103 "alert",	103 "alert",

104 "atob",	104 "atob",

105 "btoa",	105 "btoa",

106 "captureEvents",	106 "captureEvents",

107 "clearInterval",	107 "clearInterval",

108 "clearTimeout",	108 "clearTimeout",

109 "confirm",	109 "confirm",

110 "find",	110 "find",

111 "getComputedStyle",	111 "getComputedStyle",

112 "getMatchedCSSRules",	112 "getMatchedCSSRules",

113 "getSelection",	113 "getSelection",

114 "moveBy",	114 "moveBy",

115 "moveTo",	115 "moveTo",

116 "open",	116 "open",

117 "print",	117 "print",

118 "prompt",	118 "prompt",

119 "releaseEvents",	119 "releaseEvents",

120 "removeEventListener",	120 "removeEventListener",

121 "resizeBy",	121 "resizeBy",

122 "resizeTo",	122 "resizeTo",

123 "scroll",	123 "scroll",

124 "scrollBy",	124 "scrollBy",

125 "scrollTo",	125 "scrollTo",

126 "setInterval",	126 "setInterval",

127 "setTimeout",	127 "setTimeout",

128 "stop",	128 "stop"

	129 ];

	130

	131 var windowFunctionPropertiesAllowed = [

129 "blur",	132 "blur",

130 "close",	133 "close",

131 "focus"	134 "focus",

	135 "postMessage",

132 ];	136 ];

133	137

134 var windowAttributesPropertiesNotAllowed = [	138 var windowAttributesPropertiesNotAllowed = [

135 "clientInformation",	139 "clientInformation",

136 "console",	140 "console",

137 "crypto",	141 "crypto",

138 "defaultStatus",	142 "defaultStatus",

139 "defaultstatus",	143 "defaultstatus",

140 "devicePixelRatio",	144 "devicePixelRatio",

141 "document",	145 "document",

142 "embeds",	146 "embeds",

143 "eval",	147 "eval",

144 "event",	148 "event",

145 "frameElement",	149 "frameElement",

146 "images",	150 "images",

147 "innerHeight",	151 "innerHeight",

148 "innerWidth",	152 "innerWidth",

149 "locationbar",	153 "locationbar",

150 "menubar",	154 "menubar",

151 "name",	155 "name",

152 "navigator",	156 "navigator",

153 "offscreenBuffering",	157 "offscreenBuffering",

154 "onabort",	158 "onabort",

155 "onbeforeunload",	159 "onbeforeunload",

156 "onblur",	160 "onblur",

157 "onchange",	161 "onchange",

158 "onclick",	162 "onclick",

159 "ondblclick",	163 "ondblclick",

160 "onerror",	164 "onerror",

161 "onfocus",	165 "onfocus",

162 "onkeydown",	166 "onkeydown",

163 "onkeypress",	167 "onkeypress",

164 "onkeyup",	168 "onkeyup",

165 "onload",	169 "onload",

166 "onmousedown",	170 "onmousedown",

167 "onmousemove",	171 "onmousemove",

168 "onmouseout",	172 "onmouseout",

169 "onmouseover",	173 "onmouseover",

170 "onmouseup",	174 "onmouseup",

171 "onmousewheel",	175 "onmousewheel",

172 "onreset",	176 "onreset",

173 "onresize",	177 "onresize",

174 "onscroll",	178 "onscroll",

175 "onsearch",	179 "onsearch",

176 "onselect",	180 "onselect",

177 "onsubmit",	181 "onsubmit",

178 "onunload",	182 "onunload",

179 "outerHeight",	183 "outerHeight",

180 "outerWidth",	184 "outerWidth",

181 "pageXOffset",	185 "pageXOffset",

182 "pageYOffset",	186 "pageYOffset",

183 "personalbar",	187 "personalbar",

184 "plugins",	188 "plugins",

185 "prototype",	189 "prototype",

186 "screen",	190 "screen",

187 "screenLeft",	191 "screenLeft",

188 "screenTop",	192 "screenTop",

189 "screenX",	193 "screenX",

190 "screenY",	194 "screenY",

191 "scrollX",	195 "scrollX",

192 "scrollY",	196 "scrollY",

193 "scrollbars",	197 "scrollbars",

194 "status",	198 "status",

195 "statusbar",	199 "statusbar",

196 "toolbar",	200 "toolbar",

197 "history",	201 "history",

198 ];	202 ];

199	203

200 var windowAttributesPropertiesAllowed = [	204 var windowAttributesPropertiesAllowed = [

201 "closed",	205 "closed",

202 "frames",	206 "frames",

203 "length",	207 "length",

204 "opener",	208 "opener",

205 "parent",	209 "parent",

(...skipping 27 matching lines...) Expand all Loading...
233 for (var i = 0; i < windowConstructorPropertiesNotAllowed.length; i+ +) {	237 for (var i = 0; i < windowConstructorPropertiesNotAllowed.length; i+ +) {

234 var property = windowConstructorPropertiesNotAllowed[i];	238 var property = windowConstructorPropertiesNotAllowed[i];

235 shouldBeFalse("canGetDescriptor(targetWindow, '" + property + "' )");	239 shouldBeFalse("canGetDescriptor(targetWindow, '" + property + "' )");

236 }	240 }

237	241

238 log("\n----- tests for getting of not allowed Functions -----\n");	242 log("\n----- tests for getting of not allowed Functions -----\n");

239 for (var i = 0; i < windowFunctionPropertiesNotAllowed.length; i++) {	243 for (var i = 0; i < windowFunctionPropertiesNotAllowed.length; i++) {

240 var property = windowFunctionPropertiesNotAllowed[i];	244 var property = windowFunctionPropertiesNotAllowed[i];

241 shouldBeFalse("canGetDescriptor(targetWindow, '" + property + "' )");	245 shouldBeFalse("canGetDescriptor(targetWindow, '" + property + "' )");

242 }	246 }

	247 for (var i = 0; i < windowFunctionPropertiesAllowed.length; i++) {

	248 var property = windowFunctionPropertiesAllowed[i];

	249 shouldBeTrue("canGetDescriptor(targetWindow, '" + property + "') ");

	250 }

243	251

244 log("\n----- tests for getting of not allowed Attributes -----\n");	252 log("\n----- tests for getting of not allowed Attributes -----\n");

245 for (var i = 0; i < windowAttributesPropertiesNotAllowed.length; i++ ) {	253 for (var i = 0; i < windowAttributesPropertiesNotAllowed.length; i++ ) {

246 var property = windowAttributesPropertiesNotAllowed[i];	254 var property = windowAttributesPropertiesNotAllowed[i];

247 if (property == "document")	255 if (property == "document")

248 log("Firefox allows access to 'document' but throws an excep tion when you access its properties.");	256 log("Firefox allows access to 'document' but throws an excep tion when you access its properties.");

249 shouldBeFalse("canGetDescriptor(targetWindow, '" + property + "' )");	257 shouldBeFalse("canGetDescriptor(targetWindow, '" + property + "' )");

250 }	258 }

251 for (var i = 0; i < windowAttributesPropertiesAllowed.length; i++) {	259 for (var i = 0; i < windowAttributesPropertiesAllowed.length; i++) {

252 var property = windowAttributesPropertiesAllowed[i];	260 var property = windowAttributesPropertiesAllowed[i];

(...skipping 16 matching lines...) Expand all Loading...
269 shouldThrowException("targetWindow.history");	277 shouldThrowException("targetWindow.history");

270 }	278 }

271 </script>	279 </script>

272 </head>	280 </head>

273 <body>	281 <body>

274 <p>This test checks cross-frame access security of getOwnPropertyDescriptor (htt ps://bugs.webkit.org/show_bug.cgi?id=32119).</p>	282 <p>This test checks cross-frame access security of getOwnPropertyDescriptor (htt ps://bugs.webkit.org/show_bug.cgi?id=32119).</p>

275 <iframe src="http://localhost:8000/security/resources/cross-frame-iframe-for-get -test.html" style=""></iframe>	283 <iframe src="http://localhost:8000/security/resources/cross-frame-iframe-for-get -test.html" style=""></iframe>

276 <pre id="console"></pre>	284 <pre id="console"></pre>

277 </body>	285 </body>

278 </html>	286 </html>

OLD	NEW