Continuing to skim through the sandbox flags we're currently not logging. This touches the (only) call site which checks SandboxedScripts: ScriptControllerBase::canExecuteScript.
Created attachment 178205 [details] Patch
Comment on attachment 178205 [details] Patch Attachment 178205 [details] did not pass chromium-ews (chromium-xvfb): Output: http://queues.webkit.org/results/15191256 New failing tests: http/tests/security/contentSecurityPolicy/sandbox-empty.html http/tests/security/isolatedWorld/sandboxed-iframe.html http/tests/security/contentSecurityPolicy/sandbox-in-http-header.html http/tests/security/sandbox-inherit-to-initial-document-2.html http/tests/security/contentSecurityPolicy/sandbox-invalid-header.html http/tests/security/contentSecurityPolicy/sandbox-empty-subframe.html http/tests/security/contentSecurityPolicy/sandbox-in-http-header-control.html media/video-controls-no-scripting.html
Created attachment 178218 [details] Patch
Created attachment 178376 [details] Patch for landing
Comment on attachment 178376 [details] Patch for landing Clearing flags on attachment: 178376 Committed r137053: <http://trac.webkit.org/changeset/137053>
All reviewed patches have been landed. Closing bug.
(In reply to comment #5) > (From update of attachment 178376 [details]) > Clearing flags on attachment: 178376 > > Committed r137053: <http://trac.webkit.org/changeset/137053> It broke the Parser/html-parser.html perf test. See the Qt perf bots for details
Re-opened since this is blocked by bug 104471
The correct fix is to ignore "CONSOLE MESSAGE: Blocked script execution in 'html-parser.html' because the document's frame is sandboxed and the 'allow-scripts' permission is not set.” in perf_test.py.
Created attachment 178520 [details] Patch
(In reply to comment #9) > The correct fix is to ignore "CONSOLE MESSAGE: Blocked script execution in 'html-parser.html' because the document's frame is sandboxed and the 'allow-scripts' permission is not set.” in perf_test.py. Thanks, excellent tip. :) The attached patch adjusts perftest.py as you've suggested. The test passes locally, and I'm carrying over Ojan's r+. Still, I'd appreciate you taking a look before I land it, just to ensure I've skipped the warning in the right place.
(In reply to comment #11) > (In reply to comment #9) > > The correct fix is to ignore "CONSOLE MESSAGE: Blocked script execution in 'html-parser.html' because the document's frame is sandboxed and the 'allow-scripts' permission is not set.” in perf_test.py. > > Thanks, excellent tip. :) > > The attached patch adjusts perftest.py as you've suggested. The test passes locally, and I'm carrying over Ojan's r+. Still, I'd appreciate you taking a look before I land it, just to ensure I've skipped the warning in the right place. Change looks right.
Comment on attachment 178520 [details] Patch Thanks for taking a look.
Comment on attachment 178520 [details] Patch Clearing flags on attachment: 178520 Committed r137180: <http://trac.webkit.org/changeset/137180>