Bug 143971

Summary: Use ASSERT_WITH_SECURITY_IMPLICATION() for NoEventDispatchAssertion
Product: WebKit Reporter: Chris Dumez <cdumez>
Component: WebCore Misc.Assignee: Chris Dumez <cdumez>
Status: RESOLVED FIXED    
Severity: Normal CC: ap, cmarcelo, commit-queue, ddkilzer, esprehn+autocc, kangil.han, WebkitBugTracker
Priority: P2    
Version: 528+ (Nightly build)   
Hardware: Unspecified   
OS: Unspecified   
Attachments:
Description Flags
Patch none

Chris Dumez
Reported 2015-04-20 16:48:49 PDT
Use ASSERT_WITH_SECURITY_IMPLICATION() for NoEventDispatchAssertion as firing JS events can cause arbitrary JS execution which often leads to security bugs when event firing is forbidden. For e.g. firing events from ActiveDOMObject::suspend() means JS can construct or destroy ActiveDOMObjects while we are iterating over them.
Attachments
Patch (13.12 KB, patch)
2015-04-20 16:55 PDT, Chris Dumez 		no flags
DetailsFormatted DiffDiff
View All Add attachment proposed patch, testcase, etc.
Chris Dumez
Comment 1 2015-04-20 16:55:04 PDT
Created attachment 251204 [details] Patch
Chris Dumez
Comment 2 2015-04-21 09:17:26 PDT
Comment on attachment 251204 [details] Patch Clearing flags on attachment: 251204 Committed r183064: <http://trac.webkit.org/changeset/183064>
Chris Dumez
Comment 3 2015-04-21 09:17:34 PDT
All reviewed patches have been landed. Closing bug.
Note You need to log in before you can comment on or make changes to this bug.