Bug 69700

Summary: [Qt] http/tests/security/xss-DENIED-xsl-document-securityOrigin.xml fails
Product: WebKit Reporter: Csaba Osztrogonác <ossy>
Component: Tools / TestsAssignee: Nobody <webkit-unassigned>
Status: RESOLVED FIXED    
Severity: Critical CC: abarth, ossy, serg.glazunov, vestbo, webkit.review.bot
Priority: P1 Keywords: Qt, QtTriaged
Version: 528+ (Nightly build)   
Hardware: All   
OS: All   
Attachments:
Description Flags
Patch none

Csaba Osztrogonác
Reported 2011-10-08 05:56:25 PDT
http/tests/security/xss-DENIED-xsl-document-securityOrigin.xml introduced in http://trac.webkit.org/changeset/96984 (https://bugs.webkit.org/show_bug.cgi?id=69661), but fails on the Qt bot: --- /ramdisk/qt-linux-release/build/layout-test-results/http/tests/security/xss-DENIED-xsl-document-securityOrigin-expected.txt +++ /ramdisk/qt-linux-release/build/layout-test-results/http/tests/security/xss-DENIED-xsl-document-securityOrigin-actual.txt @@ -1,3 +1,4 @@ -CONSOLE MESSAGE: line 1: Unsafe JavaScript attempt to access frame with URL http://localhost:8080/security/resources/innocent-victim.html from frame with URL about:blank. Domains, protocols and ports must match. - -This test passes if it doesn't alert the contents of innocent-victim.html. +CONSOLE MESSAGE: line 2: <html xmlns='http://www.w3.org/1999/xhtml/'><body><p>Running an XSL-T 1.0 stylesheet with a 2.0 processor.</p></body></html> +CONSOLE MESSAGE: line 2: <html xmlns='http://www.w3.org/1999/xhtml/'><body><p>Running an XSL-T 1.0 stylesheet with a 2.0 processor.</p></body></html> +FAIL: Timed out waiting for notifyDone to be called +This test passes if it doesn't alert the contents of innocent-victim.html. bug69661 is security bug, so I can't comment it, but I cc-ed the author (Sergey), the reviewer (Adam) and a member of security group from Nokia (Tor Arne). Could you check if it is a security problem on Qt or not?
Attachments
Patch (2.33 KB, patch)
2011-10-08 23:05 PDT, Sergey Glazunov 		no flags
DetailsFormatted DiffDiff
View All Add attachment proposed patch, testcase, etc.
Csaba Osztrogonác
Comment 1 2011-10-08 06:09:56 PDT
Skipped by http://trac.webkit.org/changeset/97008 until fix.
Adam Barth
Comment 2 2011-10-08 09:58:54 PDT
It's not a security problem. The test is just timing out for some reason.
Sergey Glazunov
Comment 3 2011-10-08 23:05:14 PDT
Created attachment 110291 [details] Patch
Adam Barth
Comment 4 2011-10-08 23:18:20 PDT
Thanks Sergey.
WebKit Review Bot
Comment 5 2011-10-09 00:22:35 PDT
Comment on attachment 110291 [details] Patch Clearing flags on attachment: 110291 Committed r97021: <http://trac.webkit.org/changeset/97021>
WebKit Review Bot
Comment 6 2011-10-09 00:22:39 PDT
All reviewed patches have been landed. Closing bug.
Sergey Glazunov
Comment 7 2011-10-09 01:21:40 PDT
Aw, it's failing again and the diff is nice: --- /ramdisk/qt-linux-release/build/layout-test-results/http/tests/security/xss-DENIED-xsl-document-securityOrigin-expected.txt +++ /ramdisk/qt-linux-release/build/layout-test-results/http/tests/security/xss-DENIED-xsl-document-securityOrigin-actual.txt @@ -1,3 +1,3 @@ CONSOLE MESSAGE: line 1: Unsafe JavaScript attempt to access frame with URL http://localhost:8080/security/resources/innocent-victim.html from frame with URL about:blank. Domains, protocols and ports must match. -This test passes if it doesn't alert the contents of innocent-victim.html. +This test passes if it doesn't alert the contents of innocent-victim.html.
Csaba Osztrogonác
Comment 8 2011-10-09 03:15:12 PDT
Thanks for the fix. It seems the difference caused by a Qt-DRT bug, new bug report: https://bugs.webkit.org/show_bug.cgi?id=69718 And I added a Qt specific expected file to make our buildbot happy: http://trac.webkit.org/changeset/97024
Note You need to log in before you can comment on or make changes to this bug.