Bug 179281 - Release-assert NoEventDispatchAssertion in canExecute, updateLayout, and updateStyle
Summary: Release-assert NoEventDispatchAssertion in canExecute, updateLayout, and upda...
Status: RESOLVED FIXED
Alias: None
Product: WebKit
Classification: Unclassified
Component: DOM (show other bugs)
Version: WebKit Nightly Build
Hardware: Unspecified Unspecified
: P2 Normal
Assignee: Ryosuke Niwa
URL:
Keywords: InRadar
Depends on:
Blocks:
 
Reported: 2017-11-03 21:24 PDT by Ryosuke Niwa
Modified: 2017-11-07 09:41 PST (History)
12 users (show)

See Also:

Attachments
Enables the assertion (8.83 KB, patch)
2017-11-03 22:41 PDT, Ryosuke Niwa 		no flags Details | Formatted Diff | Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Ryosuke Niwa 2017-11-03 21:24:54 PDT 
We should release NoEventDispatchAssertion::InMainThread::isEventAllowed()
ScriptController::canExecute, Document::updateLayout, and Document::updateStyle.

This would prevent the vast majority of unwanted script executions that
directly leads to security bugs in WebCore.
Comment 1 Ryosuke Niwa 2017-11-03 21:35:43 PDT 
<rdar://problem/35008993>
Comment 2 Ryosuke Niwa 2017-11-03 22:41:36 PDT 
Created attachment 326020 [details]
Enables the assertion
Comment 3 Build Bot 2017-11-03 22:44:02 PDT 
Attachment 326020 [details] did not pass style-queue:


ERROR: Source/WebCore/ChangeLog:12:  Please consider whether the use of security-sensitive phrasing could help someone exploit WebKit: security bug, vulnerab  [changelog/unwantedsecurityterms] [3]
Total errors found: 1 in 6 files


If any of these errors are false positives, please file a bug against check-webkit-style.
Comment 4 Antti Koivisto 2017-11-04 01:55:11 PDT 
Comment on attachment 326020 [details]
Enables the assertion

r=me
Comment 5 WebKit Commit Bot 2017-11-07 09:41:09 PST 
Comment on attachment 326020 [details]
Enables the assertion

Clearing flags on attachment: 326020

Committed r224534: <https://trac.webkit.org/changeset/224534>
Comment 6 WebKit Commit Bot 2017-11-07 09:41:11 PST 
All reviewed patches have been landed.  Closing bug.