Bug 143971

Summary: Use ASSERT_WITH_SECURITY_IMPLICATION() for NoEventDispatchAssertion
Product: WebKit Reporter: Chris Dumez <cdumez>
Component: WebCore Misc.Assignee: Chris Dumez <cdumez>
Status: RESOLVED FIXED    
Severity: Normal CC: ap, cmarcelo, commit-queue, ddkilzer, esprehn+autocc, kangil.han, WebkitBugTracker
Priority: P2    
Version: 528+ (Nightly build)   
Hardware: Unspecified   
OS: Unspecified   
Attachments:
Description Flags
Patch none

Description Chris Dumez 2015-04-20 16:48:49 PDT
Use ASSERT_WITH_SECURITY_IMPLICATION() for NoEventDispatchAssertion as firing JS events can cause arbitrary JS execution which often leads to security bugs when event firing is forbidden. For e.g. firing events from ActiveDOMObject::suspend() means JS can construct or destroy ActiveDOMObjects while we are iterating over them.
Comment 1 Chris Dumez 2015-04-20 16:55:04 PDT
Created attachment 251204 [details]
Patch
Comment 2 Chris Dumez 2015-04-21 09:17:26 PDT
Comment on attachment 251204 [details]
Patch

Clearing flags on attachment: 251204

Committed r183064: <http://trac.webkit.org/changeset/183064>
Comment 3 Chris Dumez 2015-04-21 09:17:34 PDT
All reviewed patches have been landed.  Closing bug.