RESOLVED FIXED 161225
Calling crossOriginWindow.toString() should not be allowed 
https://bugs.webkit.org/show_bug.cgi?id=161225
Summary Calling crossOriginWindow.toString() should not be allowed
Chris Dumez
Reported 2016-08-25 19:35:03 PDT
Calling crossOriginWindow.toString() should not be allowed: - https://html.spec.whatwg.org/#crossoriginproperties-(-o-) In WebKit, we print a security error in the console but return "[object Window]" anyway. In Firefox and Chrome, it throws an exception.
Attachments
Patch (9.05 KB, patch)
2016-08-25 20:46 PDT, Chris Dumez 		no flags
DetailsFormatted DiffDiff
Patch (9.20 KB, patch)
2016-08-26 12:46 PDT, Chris Dumez 		no flags
DetailsFormatted DiffDiff
Show Obsolete (1) View All Add attachment proposed patch, testcase, etc.
Chris Dumez
Comment 1 2016-08-25 20:46:12 PDT
Created attachment 287070 [details] Patch
Andreas Kling
Comment 2 2016-08-26 10:50:34 PDT
Comment on attachment 287070 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=287070&action=review > Source/WebCore/bindings/js/JSDOMWindowCustom.cpp:-78 > - // Allow access to toString() cross-domain, but always Object.prototype.toString. This looks like it was intentional at some point in time. Do we at least know why?
WebKit Commit Bot
Comment 3 2016-08-26 11:01:15 PDT
Comment on attachment 287070 [details] Patch Rejecting attachment 287070 [details] from commit-queue. Failed to run "['/Volumes/Data/EWS/WebKit/Tools/Scripts/webkit-patch', '--status-host=webkit-queues.webkit.org', '--bot-id=webkit-cq-01', 'apply-attachment', '--no-update', '--non-interactive', 287070, '--port=mac']" exit_code: 2 cwd: /Volumes/Data/EWS/WebKit Last 500 characters of output: ayoutTests/http/tests/security/cross-frame-access-custom-expected.txt.rej patching file LayoutTests/http/tests/security/cross-frame-access-custom.html patching file LayoutTests/http/tests/security/cross-frame-access-object-setPrototypeOf-expected.txt patching file LayoutTests/http/tests/security/cross-frame-access-object-setPrototypeOf.html Failed to run "[u'/Volumes/Data/EWS/WebKit/Tools/Scripts/svn-apply', '--force', '--reviewer', u'Andreas Kling']" exit_code: 1 cwd: /Volumes/Data/EWS/WebKit Full output: http://webkit-queues.webkit.org/results/1948060
Chris Dumez
Comment 4 2016-08-26 12:46:52 PDT
Created attachment 287133 [details] Patch
WebKit Commit Bot
Comment 5 2016-08-26 13:37:08 PDT
Comment on attachment 287133 [details] Patch Clearing flags on attachment: 287133 Committed r205037: <http://trac.webkit.org/changeset/205037>
WebKit Commit Bot
Comment 6 2016-08-26 13:37:13 PDT
All reviewed patches have been landed. Closing bug.
Note You need to log in before you can comment on or make changes to this bug.