Bug 85522

Could you please post a failure diff?

--- /Volumes/SSData/Development/OSX/webkit/OpenSource/WebKitBuild/Debug/layout-test-results/http/tests/security/sandboxed-iframe-modify-self-expected.txt
+++ /Volumes/SSData/Development/OSX/webkit/OpenSource/WebKitBuild/Debug/layout-test-results/http/tests/security/sandboxed-iframe-modify-self-actual.txt
@@ -1,3 +1,5 @@
+CONSOLE MESSAGE: Unsafe JavaScript attempt to initiate a navigation change for frame with URL http://127.0.0.1:8000/security/sandboxed-iframe-form-top.html from frame with URL http://127.0.0.1:8000/security/resources/sandboxed-iframe-form-top.html.
+
 CONSOLE MESSAGE: Sandbox access violation: Unsafe JavaScript attempt to access frame with URL http://127.0.0.1:8000/security/sandboxed-iframe-modify-self.html from frame with URL http://127.0.0.1:8000/security/resources/sandboxed-iframe-modify-self.html. The frame requesting access is sandboxed into a unique origin.
 
 This is a "sanity" test case to verify that a sandboxed frame cannot break out of its sandbox by modifying its own sandbox attribute. Two attempts are made:

This test "passes" on windows bots, but in fact the extra Console output appears on the next test that gets run (script-crossorigin-loads-same-origin.html).

Here's the diff of the failing test:
--- /home/buildbot/slave/win-release-tests/build/layout-test-results/http/tests/security/script-crossorigin-loads-same-origin-expected.txt	2012-09-21 19:20:20.676828600 -0700
+++ /home/buildbot/slave/win-release-tests/build/layout-test-results/http/tests/security/script-crossorigin-loads-same-origin-actual.txt	2012-09-21 19:20:20.674828500 -0700
@@ -1,3 +1,5 @@
+CONSOLE MESSAGE: Unsafe JavaScript attempt to initiate a navigation change for frame with URL http://127.0.0.1:8000/security/sandboxed-iframe-form-top.html from frame with URL http://127.0.0.1:8000/security/resources/sandboxed-iframe-form-top.html.
+
 Test that a script element with a crossorigin attribute loads same-origin scripts correctly when there's no access control headers in the response.
 
 PASS

Crazy right? Anyways, I'm skipping this test on Windows to get the other one to pass.

(In reply to comment #3)
> This test "passes" on windows bots, but in fact the extra Console output appears on the next test that gets run (script-crossorigin-loads-same-origin.html).
> 
> Here's the diff of the failing test:
> --- /home/buildbot/slave/win-release-tests/build/layout-test-results/http/tests/security/script-crossorigin-loads-same-origin-expected.txt    2012-09-21 19:20:20.676828600 -0700
> +++ /home/buildbot/slave/win-release-tests/build/layout-test-results/http/tests/security/script-crossorigin-loads-same-origin-actual.txt    2012-09-21 19:20:20.674828500 -0700
> @@ -1,3 +1,5 @@
> +CONSOLE MESSAGE: Unsafe JavaScript attempt to initiate a navigation change for frame with URL http://127.0.0.1:8000/security/sandboxed-iframe-form-top.html from frame with URL http://127.0.0.1:8000/security/resources/sandboxed-iframe-form-top.html.
> +
>  Test that a script element with a crossorigin attribute loads same-origin scripts correctly when there's no access control headers in the response.
> 
>  PASS
> 
> Crazy right? Anyways, I'm skipping this test on Windows to get the other one to pass.

O my, posted in the wrong bug... ignore all that.

The root cause here seems to be the previous test: http/tests/security/sandboxed-iframe-form-top.html, which is leaking state into the next test, whatever that happens to be. I've skipped that test in r134929 and r134789 and reneabled the previously skipped tests.

*** Bug 105819 has been marked as a duplicate of this bug. ***

http/tests/security/sandboxed-iframe-form-top.html got unskipped in r150558 accidentally, so it's causing badness again. I'll see if I can easily fix it, and will skip again if not.

Created attachment 208575 [details]
proposed fix

Comment on attachment 208575 [details]
proposed fix

Clearing flags on attachment: 208575

Committed r153973: <http://trac.webkit.org/changeset/153973>

All reviewed patches have been landed.  Closing bug.