Summary: | Implement Strict Mixed Content Checking | ||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Product: | WebKit | Reporter: | Daniel Bates <dbates> | ||||||||||||||||
Component: | WebCore Misc. | Assignee: | Daniel Bates <dbates> | ||||||||||||||||
Status: | RESOLVED FIXED | ||||||||||||||||||
Severity: | Normal | CC: | aestes, ap, bfulgham, buildbot, cdumez, commit-queue, esprehn+autocc, japhet, kangil.han, mkwst, rniwa, sam, webkit-bug-importer, wilander | ||||||||||||||||
Priority: | P2 | Keywords: | InRadar, WebExposed | ||||||||||||||||
Version: | WebKit Local Build | ||||||||||||||||||
Hardware: | All | ||||||||||||||||||
OS: | All | ||||||||||||||||||
Attachments: |
|
Description
Daniel Bates
2016-12-05 16:50:55 PST
Created attachment 296225 [details]
Patch and layout tests
Comment on attachment 296225 [details] Patch and layout tests Attachment 296225 [details] did not pass mac-ews (mac): Output: http://webkit-queues.webkit.org/results/2630361 New failing tests: http/tests/security/contentSecurityPolicy/block-all-mixed-content/data-url-iframe-in-main-frame.html Created attachment 296238 [details]
Archive of layout-test-results from ews101 for mac-yosemite
The attached test failures were seen while running run-webkit-tests on the mac-ews.
Bot: ews101 Port: mac-yosemite Platform: Mac OS X 10.10.5
Comment on attachment 296225 [details] Patch and layout tests Attachment 296225 [details] did not pass mac-debug-ews (mac): Output: http://webkit-queues.webkit.org/results/2630418 New failing tests: http/tests/security/contentSecurityPolicy/block-all-mixed-content/data-url-iframe-in-main-frame.html Created attachment 296241 [details]
Archive of layout-test-results from ews112 for mac-yosemite
The attached test failures were seen while running run-webkit-tests on the mac-debug-ews.
Bot: ews112 Port: mac-yosemite Platform: Mac OS X 10.10.5
Comment on attachment 296225 [details] Patch and layout tests Attachment 296225 [details] did not pass ios-sim-ews (ios-simulator-wk2): Output: http://webkit-queues.webkit.org/results/2631455 New failing tests: http/tests/security/contentSecurityPolicy/block-all-mixed-content/insecure-plugin-in-iframe.html Created attachment 296262 [details]
Archive of layout-test-results from ews125 for ios-simulator-wk2
The attached test failures were seen while running run-webkit-tests on the ios-sim-ews.
Bot: ews125 Port: ios-simulator-wk2 Platform: Mac OS X 10.11.6
Created attachment 296292 [details]
Patch and layout tests
Created attachment 296337 [details]
Patch and layout tests
Updated patch to apply strict mixed content checking to XSLT transformed documents and added a test.
Created attachment 296339 [details] Patch and layout tests Unskip test insecure-plugin-in-main-frame.html when running in WebKitTestRunner as bug #165410 was fixed. Comment on attachment 296339 [details]
Patch and layout tests
Looks great! r=me.
Comment on attachment 296339 [details] Patch and layout tests View in context: https://bugs.webkit.org/attachment.cgi?id=296339&action=review > Source/WebCore/dom/SecurityContext.h:84 > + bool isStrictMixedContentMode() { return m_isStrictMixedContentMode; } Can this be const-qualified? (In reply to comment #13) > Comment on attachment 296339 [details] > Patch and layout tests > > View in context: > https://bugs.webkit.org/attachment.cgi?id=296339&action=review > > > Source/WebCore/dom/SecurityContext.h:84 > > + bool isStrictMixedContentMode() { return m_isStrictMixedContentMode; } > > Can this be const-qualified? Will fix before landing. Committed r209577: <http://trac.webkit.org/changeset/209577> |