Bug 71604

Summary: Implement the sandbox directive for CSP
Product: WebKit Reporter: Adam Barth <abarth>
Component: New BugsAssignee: Adam Barth <abarth>
Status: RESOLVED FIXED    
Severity: Normal CC: dglazkov, eric, sam, webkit.review.bot
Priority: P2    
Version: 528+ (Nightly build)   
Hardware: Unspecified   
OS: Unspecified   
Attachments:
Description Flags
Patch
none
Patch for landing none

Adam Barth
Reported 2011-11-04 20:57:37 PDT
Implement the sandbox directive for CSP
Attachments
Patch (10.75 KB, patch)
2011-11-04 21:02 PDT, Adam Barth 		no flags
DetailsFormatted DiffDiff
Patch for landing (10.63 KB, patch)
2011-11-06 11:55 PST, Adam Barth 		no flags
DetailsFormatted DiffDiff
Show Obsolete (1) View All Add attachment proposed patch, testcase, etc.
Adam Barth
Comment 1 2011-11-04 21:02:36 PDT
Created attachment 113749 [details] Patch
Adam Barth
Comment 2 2011-11-04 21:03:20 PDT
Comment on attachment 113749 [details] Patch This patch depends on the patch in Bug 71603.
WebKit Review Bot
Comment 3 2011-11-04 22:29:54 PDT
Comment on attachment 113749 [details] Patch Attachment 113749 [details] did not pass chromium-ews (chromium-xvfb): Output: http://queues.webkit.org/results/10337215 New failing tests: http/tests/security/contentSecurityPolicy/sandbox-empty-subframe.html http/tests/security/contentSecurityPolicy/sandbox-empty.html
Sam Weinig
Comment 4 2011-11-05 13:43:27 PDT
Is there any reporting that is supposed to associated with this flag?
Adam Barth
Comment 5 2011-11-05 13:58:57 PDT
> Is there any reporting that is supposed to associated with this flag? I wasn't planning to spec any reporting because there isn't any reporting for the HTML5 sandbox attribute. We can certainly ask the working group for an opinion on that topic though.
Sam Weinig
Comment 6 2011-11-05 14:05:22 PDT
(In reply to comment #5) > > Is there any reporting that is supposed to associated with this flag? > > I wasn't planning to spec any reporting because there isn't any reporting for the HTML5 sandbox attribute. We can certainly ask the working group for an opinion on that topic though. Ok. As it currently stands, it seems a bit odd that there is no reporting, but not a show stopper.
WebKit Review Bot
Comment 7 2011-11-05 15:40:25 PDT
Comment on attachment 113749 [details] Patch Rejecting attachment 113749 [details] from commit-queue. New failing tests: http/tests/security/contentSecurityPolicy/sandbox-empty.html Full output: http://queues.webkit.org/results/10331334
Adam Barth
Comment 8 2011-11-06 11:55:33 PST
Created attachment 113795 [details] Patch for landing
WebKit Review Bot
Comment 9 2011-11-06 13:01:48 PST
Comment on attachment 113795 [details] Patch for landing Rejecting attachment 113795 [details] from commit-queue. New failing tests: http/tests/security/contentSecurityPolicy/sandbox-empty.html Full output: http://queues.webkit.org/results/10331511
Adam Barth
Comment 10 2011-11-06 13:25:15 PST
That test doesn't fail for me locally. I'm not sure why.
Sam Weinig
Comment 11 2011-11-06 13:29:34 PST
(In reply to comment #10) > That test doesn't fail for me locally. I'm not sure why. Maybe something to do with is the patch for 71603 is landed yet?
Adam Barth
Comment 12 2011-11-06 13:30:47 PST
> Maybe something to do with is the patch for 71603 is landed yet? That seems to have been landed for a while. I'm going to land the patch and see what the post-commit bots think.
Adam Barth
Comment 13 2011-11-06 13:31:53 PST
Comment on attachment 113795 [details] Patch for landing Clearing flags on attachment: 113795 Committed r99383: <http://trac.webkit.org/changeset/99383>
Adam Barth
Comment 14 2011-11-06 13:31:57 PST
All reviewed patches have been landed. Closing bug.
Sam Weinig
Comment 15 2011-11-06 13:35:43 PST
(In reply to comment #12) > > Maybe something to do with is the patch for 71603 is landed yet? > > That seems to have been landed for a while. I'm going to land the patch and see what the post-commit bots think. That's what I would do :).
Adam Barth
Comment 16 2011-11-06 14:08:31 PST
Looks like the problem is that the testing harness isn't prepared to handle the case when script is disabled in the main frame: base::debug::StackTrace::StackTrace() [0x5aaace] base::(anonymous namespace)::StackDumpSignalHandler() [0x593ff9] 0x7fca7ec08af0 v8::Context::Enter() [0x63fecc] WebCoreTestSupport::resetInternalsObject() [0x554ae0] WebKit::WebTestingSupport::resetInternalsObject() [0x45269e] TestShell::resetTestController() [0x442d2a] runTest() [0x4252f8] main [0x4259a3] 0x7fca7ebf3c4d 0x41a009 Will fix.
Note You need to log in before you can comment on or make changes to this bug.