Bug 83163

Summary: [EFL] [DRT] LayoutTestController needs implementation of setXSSAuditorEnabled
Product: WebKit Reporter: Sudarsana Nagineni (babu) <naginenis>
Component: WebKit EFLAssignee: Sudarsana Nagineni (babu) <naginenis>
Status: RESOLVED DUPLICATE    
Severity: Normal CC: gyuyoung.kim, lucas.de.marchi, rakuco, webkit.review.bot
Priority: P2    
Version: 528+ (Nightly build)   
Hardware: Unspecified   
OS: Unspecified   
Attachments:
Description Flags
Patch
none
Patch gyuyoung.kim: commit-queue-

Description Sudarsana Nagineni (babu) 2012-04-04 08:01:44 PDT 
LayoutTestController needs implementation of setXSSAuditorEnabled in order to unskip tests in http/tests/security/xssAuditor.
Comment 1 Sudarsana Nagineni (babu) 2012-04-04 09:11:28 PDT 
Created attachment 135607 [details]
Patch

DRT support for setXSSAuditorEnabled
Comment 2 Raphael Kubo da Costa (:rakuco) 2012-04-04 09:24:34 PDT 
Comment on attachment 135607 [details]
Patch

View in context: https://bugs.webkit.org/attachment.cgi?id=135607&action=review

> LayoutTests/platform/efl/Skipped:449
> +# EFL's LayoutTestController does not implement setCanOpenWindows and setCloseRemainingWindowsWhenComplete

These methods are implemented in LTC itself, not in the port's subclass.

> LayoutTests/platform/efl/Skipped:451
> +# EFL's LayoutTestController does not implement dumpFrameLoadCallbacks

You might want to coordinate with Christoph here, as he's working on unskipping tests related to this.
Comment 3 Raphael Kubo da Costa (:rakuco) 2012-04-04 09:25:14 PDT 
What does the XSS auditor do? Is it something that would be useful to expose publicly?
Comment 4 Sudarsana Nagineni (babu) 2012-04-05 03:42:01 PDT 
(In reply to comment #2)

Thanks for review.
> > LayoutTests/platform/efl/Skipped:449
> > +# EFL's LayoutTestController does not implement setCanOpenWindows and setCloseRemainingWindowsWhenComplete
> 
Okay. This test can be unskipped by enabling XSSAuditor by default when new window is opened.

> These methods are implemented in LTC itself, not in the port's subclass.
> 
> > LayoutTests/platform/efl/Skipped:451
> > +# EFL's LayoutTestController does not implement dumpFrameLoadCallbacks
> 
> You might want to coordinate with Christoph here, as he's working on unskipping tests related to this.

Chris patch doesn't fully fix this test. FrameLoaderClientEfl::didDetectXSS implementation also needed in order to unskip this test. I will update the description.
Comment 5 Sudarsana Nagineni (babu) 2012-04-05 03:54:58 PDT 
(In reply to comment #3)
> What does the XSS auditor do? 
It provides protection from reflected XSS attacks of malicious websites.

> Is it something that would be useful to expose publicly?
Yes, good to expose this pref to users. I will create a new bug and implement set/get APIs for this setting.
Comment 6 Sudarsana Nagineni (babu) 2012-04-05 12:35:15 PDT 
Created attachment 135878 [details]
Patch

Use ewk API to enable the setting
Comment 7 Gyuyoung Kim 2012-04-05 12:47:08 PDT 
Comment on attachment 135878 [details]
Patch

Attachment 135878 [details] did not pass efl-ews (efl):
Output: http://queues.webkit.org/results/12264454
Comment 8 Gyuyoung Kim 2012-04-05 20:37:58 PDT 
Comment on attachment 135878 [details]
Patch

Clearing r? flag because you should submit this patch again after landing a patch of Bug 83281
Comment 9 Sudarsana Nagineni (babu) 2012-04-17 11:47:22 PDT 
As mentioned in bug #83281 and discussed on #webkit-efl, implemented everything together in bug #83281.

*** This bug has been marked as a duplicate of bug 83281 ***