Bug 179281

Summary: Release-assert NoEventDispatchAssertion in canExecute, updateLayout, and updateStyle
Product: WebKit Reporter: Ryosuke Niwa <rniwa>
Component: DOMAssignee: Ryosuke Niwa <rniwa>
Status: RESOLVED FIXED    
Severity: Normal CC: bfulgham, buildbot, cdumez, commit-queue, dbates, ddkilzer, esprehn+autocc, fpizlo, kangil.han, koivisto, simon.fraser, zalan
Priority: P2 Keywords: InRadar
Version: WebKit Nightly Build   
Hardware: Unspecified   
OS: Unspecified   
Attachments:
Description Flags
Enables the assertion none

Ryosuke Niwa
Reported 2017-11-03 21:24:54 PDT
We should release NoEventDispatchAssertion::InMainThread::isEventAllowed() ScriptController::canExecute, Document::updateLayout, and Document::updateStyle. This would prevent the vast majority of unwanted script executions that directly leads to security bugs in WebCore.
Attachments
Enables the assertion (8.83 KB, patch)
2017-11-03 22:41 PDT, Ryosuke Niwa 		no flags
DetailsFormatted DiffDiff
View All Add attachment proposed patch, testcase, etc.
Ryosuke Niwa
Comment 1 2017-11-03 21:35:43 PDT
<rdar://problem/35008993>
Ryosuke Niwa
Comment 2 2017-11-03 22:41:36 PDT
Created attachment 326020 [details] Enables the assertion
Build Bot
Comment 3 2017-11-03 22:44:02 PDT
Attachment 326020 [details] did not pass style-queue: ERROR: Source/WebCore/ChangeLog:12: Please consider whether the use of security-sensitive phrasing could help someone exploit WebKit: security bug, vulnerab [changelog/unwantedsecurityterms] [3] Total errors found: 1 in 6 files If any of these errors are false positives, please file a bug against check-webkit-style.
Antti Koivisto
Comment 4 2017-11-04 01:55:11 PDT
Comment on attachment 326020 [details] Enables the assertion r=me
WebKit Commit Bot
Comment 5 2017-11-07 09:41:09 PST
Comment on attachment 326020 [details] Enables the assertion Clearing flags on attachment: 326020 Committed r224534: <https://trac.webkit.org/changeset/224534>
WebKit Commit Bot
Comment 6 2017-11-07 09:41:11 PST
All reviewed patches have been landed. Closing bug.
Note You need to log in before you can comment on or make changes to this bug.