RESOLVED FIXED 18870
SQUIRRELFISH: security check is wrong (global object issues?) 
https://bugs.webkit.org/show_bug.cgi?id=18870
Summary SQUIRRELFISH: security check is wrong (global object issues?)
Maciej Stachowiak
Reported 2008-05-03 01:40:13 PDT
We seem to be doing global object comparison security checks wrong, leading the following layout tests to fail: http/tests/security/cross-frame-access-callback-explicit-domain-ALLOW.htm http/tests/security/listener/xss-JSTargetNode-onclick-shortcut.html http/tests/security/listener/xss-XMLHttpRequest-addEventListener.html http/tests/security/listener/xss-XMLHttpRequest-shortcut.html http/tests/security/listener/xss-window-onclick-addEventListener.html http/tests/security/listener/xss-window-onclick-shortcut.html
Attachments
patch to fix much of the underlying problem, but not all (10.75 KB, patch)
2008-05-03 13:25 PDT, Geoffrey Garen 		sam: review+
DetailsFormatted DiffDiff
View All Add attachment proposed patch, testcase, etc.
Geoffrey Garen
Comment 1 2008-05-03 13:25:22 PDT
Created attachment 20953 [details] patch to fix much of the underlying problem, but not all
Geoffrey Garen
Comment 2 2008-05-03 13:39:25 PDT
Committed revision 32840. We still need to figure out why the exception messages in these tests have changed.
Geoffrey Garen
Comment 3 2008-05-07 21:24:25 PDT
Looks like two issues: - "-CONSOLE MESSAGE: line 6: Value undefined (result of expression alert) is not object." The difference here is a difference of exception message style. - "+CONSOLE MESSAGE: line 1: Unsafe JavaScript attempt to access frame..." The difference here seems to be that squirrelfish looks up a global value an extra time. (Seems like a real bug.)
Geoffrey Garen
Comment 4 2008-05-07 23:15:44 PDT
Committed revision 32971.
Note You need to log in before you can comment on or make changes to this bug.