Bug 35032

Summary: LayoutTests/http/tests/security/cross-origin-css.html results differ between DumpRenderTree and Safari
Product: WebKit Reporter: David Kilzer (:ddkilzer) <ddkilzer>
Component: Tools / TestsAssignee: Nobody <webkit-unassigned>
Status: RESOLVED INVALID    
Severity: Normal CC: abarth, sam, scarybeasts
Priority: P2 Keywords: LayoutTestFailure
Version: 528+ (Nightly build)   
Hardware: Mac   
OS: OS X 10.4   
URL: http://127.0.0.1:8000/security/cross-origin-css.html
Bug Depends on: 29820    
Bug Blocks:    
Attachments:
Description Flags
Expected test results none

David Kilzer (:ddkilzer)
Reported 2010-02-17 04:52:38 PST
* SUMMARY When LayoutTests/http/tests/security/cross-origin-css.html (added for Bug 29820) is run in Safari 4.0.4 on Mac OS X, it produces different results than when the test is run under DumpRenderTree. The Safari results look more correct, which indicates this is probably a DumpRenderTree bug. * STEPS TO REPRODUCE 1. Start the web server: $ ./WebKitTools/Scripts/run-webkit-httpd -a 2. Launch Safari. 3. Open test case: <http://localhost:8000/security/cross-origin-css.html> * RESULTS The second line of the test results in DumpRenderTree does NOT have a yellow background, while it DOES in Safari: -LINK + IMPORT Cross-origin, HTML, invalid: rgba(0, 0, 0, 0) +LINK + IMPORT Cross-origin, HTML, invalid: rgb(255, 255, 0) Based on the test files, it seems like it should have a yellow background, so the DumpRenderTree results appear to be incorrect. * REGRESSION Unknown. The test landed in r52784. * NOTES See Bug 29820.
Attachments
Expected test results (23.81 KB, image/png)
2010-05-01 16:12 PDT, David Kilzer (:ddkilzer) 		no flags
Details
View All Add attachment proposed patch, testcase, etc.
Chris Evans
Comment 1 2010-02-17 10:24:20 PST
Isn't this just a reflection that the CSS security fix isn't present in Safari 4.0.4 ? The test is checking that the "Cross-origin, HTML, invalid" combination does not load CSS.
David Kilzer (:ddkilzer)
Comment 2 2010-02-22 02:00:50 PST
(In reply to comment #1) > Isn't this just a reflection that the CSS security fix isn't present in Safari > 4.0.4 ? > The test is checking that the "Cross-origin, HTML, invalid" combination does > not load CSS. Nope, this reproduces with WebKit nightly build r55027. The original fix was in r52784.
David Kilzer (:ddkilzer)
Comment 3 2010-02-22 02:27:23 PST
(In reply to comment #2) > (In reply to comment #1) > > Isn't this just a reflection that the CSS security fix isn't present in Safari > > 4.0.4 ? > > The test is checking that the "Cross-origin, HTML, invalid" combination does > > not load CSS. > > Nope, this reproduces with WebKit nightly build r55027. The original fix was > in r52784. Also reproduces with WebKit nightly build r52951 (the first nightly build available after r52784).
David Kilzer (:ddkilzer)
Comment 4 2010-05-01 16:02:25 PDT
I was using the wrong URL to run the test locally with run-webkit-httpd. I should have used <http://127.0.0.1:8000/> instead of <http://localhost:8000/>.
David Kilzer (:ddkilzer)
Comment 5 2010-05-01 16:12:19 PDT
(In reply to comment #4) > I was using the wrong URL to run the test locally with run-webkit-httpd. I > should have used <http://127.0.0.1:8000/> instead of <http://localhost:8000/>. Closing as RESOLVED/INVALID.
David Kilzer (:ddkilzer)
Comment 6 2010-05-01 16:12:52 PDT
Created attachment 54860 [details] Expected test results This is what the expected test results should show.
Note You need to log in before you can comment on or make changes to this bug.