Bug 197466 - Setting a frame's src to a javascript URL should not run it synchronously
Summary: Setting a frame's src to a javascript URL should not run it synchronously
Status: RESOLVED FIXED
Alias: None
Product: WebKit
Classification: Unclassified
Component: WebCore Misc. (show other bugs)
Version: WebKit Nightly Build
Hardware: Unspecified Unspecified
: P2 Normal
Assignee: Chris Dumez
URL:
Keywords: InRadar
Depends on: 197664
Blocks:
  Show dependency treegraph
 
Reported: 2019-05-01 10:23 PDT by Chris Dumez
Modified: 2019-05-07 09:16 PDT (History)
15 users (show)

See Also:


Attachments
WIP Patch (3.15 KB, patch)
2019-05-01 10:24 PDT, Chris Dumez
ews: commit-queue-
Details | Formatted Diff | Diff
Archive of layout-test-results from ews106 for mac-highsierra-wk2 (2.94 MB, application/zip)
2019-05-01 11:44 PDT, Build Bot
no flags Details
Archive of layout-test-results from ews115 for mac-highsierra (3.02 MB, application/zip)
2019-05-01 12:14 PDT, Build Bot
no flags Details
Archive of layout-test-results from ews122 for ios-simulator-wk2 (24.90 MB, application/zip)
2019-05-01 12:22 PDT, Build Bot
no flags Details
Archive of layout-test-results from ews101 for mac-highsierra (3.17 MB, application/zip)
2019-05-01 12:34 PDT, Build Bot
no flags Details
WiP Patch (11.67 KB, patch)
2019-05-01 13:35 PDT, Chris Dumez
no flags Details | Formatted Diff | Diff
WiP Patch (12.74 KB, patch)
2019-05-01 14:10 PDT, Chris Dumez
no flags Details | Formatted Diff | Diff
WiP Patch (3.15 KB, patch)
2019-05-01 14:18 PDT, Chris Dumez
no flags Details | Formatted Diff | Diff
WiP Patch (15.43 KB, patch)
2019-05-01 14:20 PDT, Chris Dumez
ews: commit-queue-
Details | Formatted Diff | Diff
Archive of layout-test-results from ews103 for mac-highsierra (1.08 MB, application/zip)
2019-05-01 15:11 PDT, Build Bot
no flags Details
Archive of layout-test-results from ews104 for mac-highsierra-wk2 (1.95 MB, application/zip)
2019-05-01 15:43 PDT, Build Bot
no flags Details
Archive of layout-test-results from ews114 for mac-highsierra (1.32 MB, application/zip)
2019-05-01 15:59 PDT, Build Bot
no flags Details
WiP Patch (23.06 KB, patch)
2019-05-01 16:10 PDT, Chris Dumez
no flags Details | Formatted Diff | Diff
WiP Patch (25.65 KB, patch)
2019-05-01 16:27 PDT, Chris Dumez
no flags Details | Formatted Diff | Diff
WiP Patch (30.99 KB, patch)
2019-05-01 16:44 PDT, Chris Dumez
no flags Details | Formatted Diff | Diff
WiP Patch (32.24 KB, patch)
2019-05-01 17:00 PDT, Chris Dumez
ews: commit-queue-
Details | Formatted Diff | Diff
Archive of layout-test-results from ews104 for mac-highsierra-wk2 (3.45 MB, application/zip)
2019-05-01 18:06 PDT, Build Bot
no flags Details
Archive of layout-test-results from ews101 for mac-highsierra (3.09 MB, application/zip)
2019-05-01 18:08 PDT, Build Bot
no flags Details
Archive of layout-test-results from ews114 for mac-highsierra (3.28 MB, application/zip)
2019-05-01 19:01 PDT, Build Bot
no flags Details
Archive of layout-test-results from ews125 for ios-simulator-wk2 (8.69 MB, application/zip)
2019-05-01 19:38 PDT, Build Bot
no flags Details
WIP Patch (38.33 KB, patch)
2019-05-01 20:26 PDT, Chris Dumez
no flags Details | Formatted Diff | Diff
Patch (44.58 KB, patch)
2019-05-01 20:38 PDT, Chris Dumez
no flags Details | Formatted Diff | Diff
Patch (41.49 KB, patch)
2019-05-01 21:01 PDT, Chris Dumez
no flags Details | Formatted Diff | Diff
Patch (41.55 KB, patch)
2019-05-01 21:06 PDT, Chris Dumez
no flags Details | Formatted Diff | Diff
Archive of layout-test-results from ews103 for mac-highsierra (3.08 MB, application/zip)
2019-05-01 22:00 PDT, Build Bot
no flags Details
Archive of layout-test-results from ews115 for mac-highsierra (1.55 MB, application/zip)
2019-05-01 22:31 PDT, Build Bot
no flags Details
Archive of layout-test-results from ews105 for mac-highsierra-wk2 (3.12 MB, application/zip)
2019-05-01 22:45 PDT, Build Bot
no flags Details
Archive of layout-test-results from ews123 for ios-simulator-wk2 (95.58 MB, application/zip)
2019-05-01 23:16 PDT, Build Bot
no flags Details
Archive of layout-test-results from ews210 for win-future (13.88 MB, application/zip)
2019-05-02 10:11 PDT, Build Bot
no flags Details
Patch (44.16 KB, patch)
2019-05-02 10:35 PDT, Chris Dumez
no flags Details | Formatted Diff | Diff
Archive of layout-test-results from ews103 for mac-highsierra (3.19 MB, application/zip)
2019-05-02 11:20 PDT, Build Bot
no flags Details
Archive of layout-test-results from ews107 for mac-highsierra-wk2 (2.85 MB, application/zip)
2019-05-02 11:30 PDT, Build Bot
no flags Details
Archive of layout-test-results from ews126 for ios-simulator-wk2 (8.04 MB, application/zip)
2019-05-02 12:33 PDT, Build Bot
no flags Details
Patch (40.91 KB, patch)
2019-05-02 12:34 PDT, Chris Dumez
no flags Details | Formatted Diff | Diff
Patch (40.87 KB, patch)
2019-05-02 13:25 PDT, Chris Dumez
no flags Details | Formatted Diff | Diff
Patch (40.87 KB, patch)
2019-05-02 14:29 PDT, Chris Dumez
no flags Details | Formatted Diff | Diff
Patch (40.86 KB, patch)
2019-05-02 15:08 PDT, Chris Dumez
no flags Details | Formatted Diff | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Chris Dumez 2019-05-01 10:23:12 PDT
Setting a frame's src to a javascript URL should not run it synchronously. Firefox and Chrome appear to schedule a navigation to that javascript URL instead.
Comment 1 Chris Dumez 2019-05-01 10:24:42 PDT
Created attachment 368683 [details]
WIP Patch
Comment 2 Build Bot 2019-05-01 11:44:36 PDT
Comment on attachment 368683 [details]
WIP Patch

Attachment 368683 [details] did not pass mac-wk2-ews (mac-wk2):
Output: https://webkit-queues.webkit.org/results/12052645

New failing tests:
fast/parser/iframe-sets-parent-to-javascript-url.html
fast/dom/javascript-url-exception-isolation.html
http/tests/security/contentSecurityPolicy/javascript-url-blocked.html
imported/blink/loader/iframe-sync-loads.html
fast/dom/Attr/only-attach-attr-once.html
http/tests/security/javascriptURL/xss-ALLOWED-from-javascript-url-sub-frame-2-level.html
fast/loader/javascript-url-in-object.html
fast/dom/javascript-url-crash-function.html
http/tests/security/javascriptURL/xss-ALLOWED-from-javascript-url-sub-frame.html
http/tests/security/contentSecurityPolicy/javascript-url-allowed.html
fast/dom/no-assert-for-malformed-js-url-attribute.html
fast/loader/nested-document-handling.html
Comment 3 Build Bot 2019-05-01 11:44:37 PDT
Created attachment 368689 [details]
Archive of layout-test-results from ews106 for mac-highsierra-wk2

The attached test failures were seen while running run-webkit-tests on the mac-wk2-ews.
Bot: ews106  Port: mac-highsierra-wk2  Platform: Mac OS X 10.13.6
Comment 4 Build Bot 2019-05-01 12:14:30 PDT
Comment on attachment 368683 [details]
WIP Patch

Attachment 368683 [details] did not pass mac-debug-ews (mac):
Output: https://webkit-queues.webkit.org/results/12052681

New failing tests:
fast/parser/iframe-sets-parent-to-javascript-url.html
fast/dom/javascript-url-exception-isolation.html
http/tests/security/contentSecurityPolicy/javascript-url-blocked.html
imported/blink/loader/iframe-sync-loads.html
fast/dom/Attr/only-attach-attr-once.html
fast/loader/javascript-url-in-object.html
fast/dom/javascript-url-crash-function.html
http/tests/security/javascriptURL/xss-ALLOWED-from-javascript-url-sub-frame.html
http/tests/security/contentSecurityPolicy/javascript-url-allowed.html
fast/dom/no-assert-for-malformed-js-url-attribute.html
fast/loader/nested-document-handling.html
Comment 5 Build Bot 2019-05-01 12:14:32 PDT
Created attachment 368690 [details]
Archive of layout-test-results from ews115 for mac-highsierra

The attached test failures were seen while running run-webkit-tests on the mac-debug-ews.
Bot: ews115  Port: mac-highsierra  Platform: Mac OS X 10.13.6
Comment 6 Build Bot 2019-05-01 12:22:18 PDT
Comment on attachment 368683 [details]
WIP Patch

Attachment 368683 [details] did not pass ios-sim-ews (ios-simulator-wk2):
Output: https://webkit-queues.webkit.org/results/12052692

New failing tests:
http/tests/security/javascriptURL/xss-ALLOWED-to-javascript-url-from-javscript-url.html
fast/loader/javascript-url-in-embed.html
fast/dom/javascript-url-exception-isolation.html
http/tests/security/contentSecurityPolicy/javascript-url-blocked.html
imported/blink/loader/iframe-sync-loads.html
fast/dom/Attr/only-attach-attr-once.html
http/tests/security/javascriptURL/xss-ALLOWED-from-javascript-url-sub-frame-2-level.html
fast/loader/javascript-url-in-object.html
fast/dom/javascript-url-crash-function.html
http/tests/security/javascriptURL/xss-ALLOWED-from-javascript-url-sub-frame.html
fast/loader/nested-document-handling.html
http/tests/security/contentSecurityPolicy/javascript-url-allowed.html
fast/dom/no-assert-for-malformed-js-url-attribute.html
fast/parser/iframe-sets-parent-to-javascript-url.html
Comment 7 Build Bot 2019-05-01 12:22:20 PDT
Created attachment 368691 [details]
Archive of layout-test-results from ews122 for ios-simulator-wk2

The attached test failures were seen while running run-webkit-tests on the ios-sim-ews.
Bot: ews122  Port: ios-simulator-wk2  Platform: Mac OS X 10.14.4
Comment 8 Build Bot 2019-05-01 12:34:54 PDT
Comment on attachment 368683 [details]
WIP Patch

Attachment 368683 [details] did not pass mac-ews (mac):
Output: https://webkit-queues.webkit.org/results/12052921

New failing tests:
fast/dom/javascript-url-exception-isolation.html
http/tests/security/javascriptURL/xss-ALLOWED-to-javascript-url-from-javscript-url.html
imported/blink/loader/iframe-sync-loads.html
fast/dom/Attr/only-attach-attr-once.html
http/tests/security/javascriptURL/xss-ALLOWED-from-javascript-url-sub-frame-2-level.html
fast/loader/javascript-url-in-object.html
fast/dom/javascript-url-crash-function.html
http/tests/security/javascriptURL/xss-ALLOWED-from-javascript-url-sub-frame.html
http/tests/security/contentSecurityPolicy/javascript-url-blocked.html
fast/loader/nested-document-handling.html
http/tests/security/contentSecurityPolicy/javascript-url-allowed.html
fast/dom/no-assert-for-malformed-js-url-attribute.html
fast/parser/iframe-sets-parent-to-javascript-url.html
Comment 9 Build Bot 2019-05-01 12:34:56 PDT
Created attachment 368693 [details]
Archive of layout-test-results from ews101 for mac-highsierra

The attached test failures were seen while running run-webkit-tests on the mac-ews.
Bot: ews101  Port: mac-highsierra  Platform: Mac OS X 10.13.6
Comment 10 Chris Dumez 2019-05-01 13:35:41 PDT
Created attachment 368699 [details]
WiP Patch
Comment 11 Chris Dumez 2019-05-01 14:10:24 PDT
Created attachment 368706 [details]
WiP Patch
Comment 12 Chris Dumez 2019-05-01 14:18:56 PDT
Created attachment 368709 [details]
WiP Patch
Comment 13 Chris Dumez 2019-05-01 14:20:01 PDT
Created attachment 368710 [details]
WiP Patch
Comment 14 Build Bot 2019-05-01 15:11:21 PDT
Comment on attachment 368710 [details]
WiP Patch

Attachment 368710 [details] did not pass mac-ews (mac):
Output: https://webkit-queues.webkit.org/results/12054620

Number of test failures exceeded the failure limit.
Comment 15 Build Bot 2019-05-01 15:11:23 PDT
Created attachment 368719 [details]
Archive of layout-test-results from ews103 for mac-highsierra

The attached test failures were seen while running run-webkit-tests on the mac-ews.
Bot: ews103  Port: mac-highsierra  Platform: Mac OS X 10.13.6
Comment 16 Build Bot 2019-05-01 15:43:38 PDT
Comment on attachment 368710 [details]
WiP Patch

Attachment 368710 [details] did not pass mac-wk2-ews (mac-wk2):
Output: https://webkit-queues.webkit.org/results/12054843

Number of test failures exceeded the failure limit.
Comment 17 Build Bot 2019-05-01 15:43:39 PDT
Created attachment 368723 [details]
Archive of layout-test-results from ews104 for mac-highsierra-wk2

The attached test failures were seen while running run-webkit-tests on the mac-wk2-ews.
Bot: ews104  Port: mac-highsierra-wk2  Platform: Mac OS X 10.13.6
Comment 18 Build Bot 2019-05-01 15:59:33 PDT
Comment on attachment 368710 [details]
WiP Patch

Attachment 368710 [details] did not pass mac-debug-ews (mac):
Output: https://webkit-queues.webkit.org/results/12054816

Number of test failures exceeded the failure limit.
Comment 19 Build Bot 2019-05-01 15:59:35 PDT
Created attachment 368725 [details]
Archive of layout-test-results from ews114 for mac-highsierra

The attached test failures were seen while running run-webkit-tests on the mac-debug-ews.
Bot: ews114  Port: mac-highsierra  Platform: Mac OS X 10.13.6
Comment 20 Chris Dumez 2019-05-01 16:10:52 PDT
Created attachment 368729 [details]
WiP Patch
Comment 21 Build Bot 2019-05-01 16:13:33 PDT
Attachment 368729 [details] did not pass style-queue:


ERROR: Source/WebCore/loader/SubframeLoader.cpp:106:  One line control clauses should not use braces.  [whitespace/braces] [4]
Total errors found: 1 in 22 files


If any of these errors are false positives, please file a bug against check-webkit-style.
Comment 22 Chris Dumez 2019-05-01 16:27:49 PDT
Created attachment 368732 [details]
WiP Patch
Comment 23 Build Bot 2019-05-01 16:29:26 PDT
Attachment 368732 [details] did not pass style-queue:


ERROR: Source/WebCore/loader/SubframeLoader.cpp:106:  One line control clauses should not use braces.  [whitespace/braces] [4]
Total errors found: 1 in 25 files


If any of these errors are false positives, please file a bug against check-webkit-style.
Comment 24 Chris Dumez 2019-05-01 16:44:40 PDT
Created attachment 368734 [details]
WiP Patch
Comment 25 Chris Dumez 2019-05-01 17:00:46 PDT
Created attachment 368736 [details]
WiP Patch
Comment 26 Build Bot 2019-05-01 18:06:31 PDT
Comment on attachment 368736 [details]
WiP Patch

Attachment 368736 [details] did not pass mac-wk2-ews (mac-wk2):
Output: https://webkit-queues.webkit.org/results/12056530

New failing tests:
webarchive/loading/javascript-url-iframe-crash.html
imported/w3c/web-platform-tests/webmessaging/without-ports/018.html
http/tests/navigation/lockedhistory-iframe.html
js/dom/call-base-resolution.html
fast/loader/javascript-url-iframe-remove-on-navigate-async-delegate.html
fast/loader/javascript-url-iframe-remove-on-navigate.html
fast/parser/xml-error-adopted.xml
Comment 27 Build Bot 2019-05-01 18:06:33 PDT
Created attachment 368741 [details]
Archive of layout-test-results from ews104 for mac-highsierra-wk2

The attached test failures were seen while running run-webkit-tests on the mac-wk2-ews.
Bot: ews104  Port: mac-highsierra-wk2  Platform: Mac OS X 10.13.6
Comment 28 Build Bot 2019-05-01 18:08:16 PDT
Comment on attachment 368736 [details]
WiP Patch

Attachment 368736 [details] did not pass mac-ews (mac):
Output: https://webkit-queues.webkit.org/results/12056564

New failing tests:
fast/parser/xml-error-adopted.xml
webarchive/loading/javascript-url-iframe-crash.html
js/dom/call-base-resolution.html
imported/w3c/web-platform-tests/webmessaging/without-ports/018.html
http/tests/navigation/lockedhistory-iframe.html
Comment 29 Build Bot 2019-05-01 18:08:18 PDT
Created attachment 368742 [details]
Archive of layout-test-results from ews101 for mac-highsierra

The attached test failures were seen while running run-webkit-tests on the mac-ews.
Bot: ews101  Port: mac-highsierra  Platform: Mac OS X 10.13.6
Comment 30 Build Bot 2019-05-01 19:01:48 PDT
Comment on attachment 368736 [details]
WiP Patch

Attachment 368736 [details] did not pass mac-debug-ews (mac):
Output: https://webkit-queues.webkit.org/results/12056748

New failing tests:
webarchive/loading/javascript-url-iframe-crash.html
js/dom/call-base-resolution.html
imported/w3c/web-platform-tests/webmessaging/without-ports/018.html
http/tests/navigation/lockedhistory-iframe.html
Comment 31 Build Bot 2019-05-01 19:01:50 PDT
Created attachment 368750 [details]
Archive of layout-test-results from ews114 for mac-highsierra

The attached test failures were seen while running run-webkit-tests on the mac-debug-ews.
Bot: ews114  Port: mac-highsierra  Platform: Mac OS X 10.13.6
Comment 32 Build Bot 2019-05-01 19:38:26 PDT
Comment on attachment 368736 [details]
WiP Patch

Attachment 368736 [details] did not pass ios-sim-ews (ios-simulator-wk2):
Output: https://webkit-queues.webkit.org/results/12057226

New failing tests:
webarchive/loading/javascript-url-iframe-crash.html
imported/w3c/web-platform-tests/webmessaging/without-ports/018.html
http/tests/navigation/lockedhistory-iframe.html
js/dom/call-base-resolution.html
fast/loader/javascript-url-iframe-remove-on-navigate-async-delegate.html
fast/loader/javascript-url-iframe-remove-on-navigate.html
fast/parser/xml-error-adopted.xml
Comment 33 Build Bot 2019-05-01 19:38:28 PDT
Created attachment 368751 [details]
Archive of layout-test-results from ews125 for ios-simulator-wk2

The attached test failures were seen while running run-webkit-tests on the ios-sim-ews.
Bot: ews125  Port: ios-simulator-wk2  Platform: Mac OS X 10.14.4
Comment 34 Chris Dumez 2019-05-01 20:26:24 PDT
Created attachment 368755 [details]
WIP Patch
Comment 35 Chris Dumez 2019-05-01 20:38:23 PDT
Created attachment 368756 [details]
Patch
Comment 36 Build Bot 2019-05-01 20:41:45 PDT
Attachment 368756 [details] did not pass style-queue:


ERROR: Source/WebCore/ChangeLog:10:  Please consider whether the use of security-sensitive phrasing could help someone exploit WebKit: security bug  [changelog/unwantedsecurityterms] [3]
Total errors found: 1 in 37 files


If any of these errors are false positives, please file a bug against check-webkit-style.
Comment 37 Chris Dumez 2019-05-01 21:01:30 PDT
Created attachment 368757 [details]
Patch
Comment 38 Build Bot 2019-05-01 21:03:58 PDT
Attachment 368757 [details] did not pass style-queue:


ERROR: Source/WebCore/ChangeLog:10:  Please consider whether the use of security-sensitive phrasing could help someone exploit WebKit: security bug  [changelog/unwantedsecurityterms] [3]
Total errors found: 1 in 34 files


If any of these errors are false positives, please file a bug against check-webkit-style.
Comment 39 Chris Dumez 2019-05-01 21:06:10 PDT
Created attachment 368758 [details]
Patch
Comment 40 Build Bot 2019-05-01 21:07:42 PDT
Attachment 368758 [details] did not pass style-queue:


ERROR: Source/WebCore/ChangeLog:10:  Please consider whether the use of security-sensitive phrasing could help someone exploit WebKit: security bug  [changelog/unwantedsecurityterms] [3]
Total errors found: 1 in 34 files


If any of these errors are false positives, please file a bug against check-webkit-style.
Comment 41 Build Bot 2019-05-01 22:00:37 PDT
Comment on attachment 368758 [details]
Patch

Attachment 368758 [details] did not pass mac-ews (mac):
Output: https://webkit-queues.webkit.org/results/12058925

Number of test failures exceeded the failure limit.
Comment 42 Build Bot 2019-05-01 22:00:39 PDT
Created attachment 368762 [details]
Archive of layout-test-results from ews103 for mac-highsierra

The attached test failures were seen while running run-webkit-tests on the mac-ews.
Bot: ews103  Port: mac-highsierra  Platform: Mac OS X 10.13.6
Comment 43 Build Bot 2019-05-01 22:31:48 PDT
Comment on attachment 368758 [details]
Patch

Attachment 368758 [details] did not pass mac-debug-ews (mac):
Output: https://webkit-queues.webkit.org/results/12058946

Number of test failures exceeded the failure limit.
Comment 44 Build Bot 2019-05-01 22:31:50 PDT
Created attachment 368763 [details]
Archive of layout-test-results from ews115 for mac-highsierra

The attached test failures were seen while running run-webkit-tests on the mac-debug-ews.
Bot: ews115  Port: mac-highsierra  Platform: Mac OS X 10.13.6
Comment 45 Build Bot 2019-05-01 22:45:07 PDT
Comment on attachment 368758 [details]
Patch

Attachment 368758 [details] did not pass mac-wk2-ews (mac-wk2):
Output: https://webkit-queues.webkit.org/results/12059081

New failing tests:
svg/as-object/svg-embedded-in-html-in-iframe.html
imported/w3c/web-platform-tests/html/semantics/embedded-content/the-iframe-element/iframe_javascript_url_01.htm
fast/dom/javascript-url-crash-function.html
fast/parser/iframe-sets-parent-to-javascript-url.html
webarchive/loading/javascript-url-iframe-crash.html
imported/blink/loader/iframe-sync-loads.html
http/tests/security/xssAuditor/non-block-javascript-url-frame.html
fast/loader/javascript-url-encoding.html
imported/w3c/web-platform-tests/html/browsers/browsing-the-web/navigating-across-documents/javascript-url-query-fragment-components.html
fast/loader/nested-document-handling.html
http/tests/security/javascriptURL/xss-DENIED-from-javascript-url-in-foreign-domain-subframe.html
fast/frames/cached-frame-counter.html
imported/w3c/web-platform-tests/html/browsers/browsing-the-web/navigating-across-documents/javascript-url-return-value-handling.html
http/tests/security/javascriptURL/xss-ALLOWED-from-javascript-url-to-javscript-url.html
fast/parser/javascript-url-compat-mode.html
http/tests/security/javascriptURL/xss-ALLOWED-from-javascript-url-sub-frame.html
http/tests/misc/javascript-url-stop-loaders.html
fast/events/frame-programmatic-focus.html
http/tests/security/javascriptURL/xss-ALLOWED-to-javascript-url-from-javscript-url.html
http/tests/security/javascriptURL/xss-ALLOWED-to-javascript-url-sub-frame.html
http/tests/security/javascriptURL/xss-ALLOWED-from-javascript-url-sub-frame-2-level.html
fast/dom/frame-src-javascript-url-async.html
http/tests/security/javascriptURL/xss-DENIED-to-javascript-url-in-foreign-domain-subframe.html
http/tests/security/javascriptURL/xss-ALLOWED-from-javascript-url-sub-frame-to-javascript-url-sub-frame.html
Comment 46 Build Bot 2019-05-01 22:45:09 PDT
Created attachment 368764 [details]
Archive of layout-test-results from ews105 for mac-highsierra-wk2

The attached test failures were seen while running run-webkit-tests on the mac-wk2-ews.
Bot: ews105  Port: mac-highsierra-wk2  Platform: Mac OS X 10.13.6
Comment 47 Build Bot 2019-05-01 23:16:42 PDT
Comment on attachment 368758 [details]
Patch

Attachment 368758 [details] did not pass ios-sim-ews (ios-simulator-wk2):
Output: https://webkit-queues.webkit.org/results/12059057

New failing tests:
imported/w3c/web-platform-tests/html/semantics/embedded-content/the-iframe-element/iframe_javascript_url_01.htm
fast/dom/javascript-url-crash-function.html
fast/loader/nested-document-handling.html
webarchive/loading/javascript-url-iframe-crash.html
imported/blink/loader/iframe-sync-loads.html
http/tests/security/xssAuditor/non-block-javascript-url-frame.html
fast/loader/javascript-url-encoding.html
imported/w3c/web-platform-tests/html/browsers/browsing-the-web/navigating-across-documents/javascript-url-query-fragment-components.html
fast/parser/iframe-sets-parent-to-javascript-url.html
http/tests/security/javascriptURL/xss-DENIED-from-javascript-url-in-foreign-domain-subframe.html
fast/frames/cached-frame-counter.html
imported/w3c/web-platform-tests/html/browsers/browsing-the-web/navigating-across-documents/javascript-url-return-value-handling.html
http/tests/security/javascriptURL/xss-ALLOWED-from-javascript-url-to-javscript-url.html
fast/parser/javascript-url-compat-mode.html
http/tests/security/javascriptURL/xss-ALLOWED-from-javascript-url-sub-frame.html
http/tests/misc/javascript-url-stop-loaders.html
http/tests/security/javascriptURL/xss-ALLOWED-to-javascript-url-from-javscript-url.html
http/tests/security/javascriptURL/xss-ALLOWED-to-javascript-url-sub-frame.html
http/tests/security/javascriptURL/xss-ALLOWED-from-javascript-url-sub-frame-2-level.html
fast/dom/frame-src-javascript-url-async.html
http/tests/security/javascriptURL/xss-DENIED-to-javascript-url-in-foreign-domain-subframe.html
http/tests/security/javascriptURL/xss-ALLOWED-from-javascript-url-sub-frame-to-javascript-url-sub-frame.html
Comment 48 Build Bot 2019-05-01 23:16:47 PDT
Created attachment 368765 [details]
Archive of layout-test-results from ews123 for ios-simulator-wk2

The attached test failures were seen while running run-webkit-tests on the ios-sim-ews.
Bot: ews123  Port: ios-simulator-wk2  Platform: Mac OS X 10.14.4
Comment 49 Build Bot 2019-05-02 10:10:59 PDT
Comment on attachment 368758 [details]
Patch

Attachment 368758 [details] did not pass win-ews (win):
Output: https://webkit-queues.webkit.org/results/12062769

Number of test failures exceeded the failure limit.
Comment 50 Build Bot 2019-05-02 10:11:07 PDT
Created attachment 368781 [details]
Archive of layout-test-results from ews210 for win-future

The attached test failures were seen while running run-webkit-tests on the win-ews.
Bot: ews210  Port: win-future  Platform: CYGWIN_NT-10.0-17763-3.0.5-338.x86_64-x86_64-64bit
Comment 51 Chris Dumez 2019-05-02 10:35:56 PDT
Created attachment 368786 [details]
Patch
Comment 52 Build Bot 2019-05-02 10:37:49 PDT
Attachment 368786 [details] did not pass style-queue:


ERROR: Source/WebCore/ChangeLog:10:  Please consider whether the use of security-sensitive phrasing could help someone exploit WebKit: security bug  [changelog/unwantedsecurityterms] [3]
Total errors found: 1 in 36 files


If any of these errors are false positives, please file a bug against check-webkit-style.
Comment 53 Build Bot 2019-05-02 11:20:34 PDT
Comment on attachment 368786 [details]
Patch

Attachment 368786 [details] did not pass mac-ews (mac):
Output: https://webkit-queues.webkit.org/results/12063566

New failing tests:
imported/w3c/web-platform-tests/webmessaging/with-ports/018.html
Comment 54 Build Bot 2019-05-02 11:20:37 PDT
Created attachment 368793 [details]
Archive of layout-test-results from ews103 for mac-highsierra

The attached test failures were seen while running run-webkit-tests on the mac-ews.
Bot: ews103  Port: mac-highsierra  Platform: Mac OS X 10.13.6
Comment 55 Build Bot 2019-05-02 11:30:08 PDT
Comment on attachment 368786 [details]
Patch

Attachment 368786 [details] did not pass mac-wk2-ews (mac-wk2):
Output: https://webkit-queues.webkit.org/results/12063571

New failing tests:
imported/w3c/web-platform-tests/webmessaging/with-ports/018.html
http/tests/security/javascriptURL/xss-ALLOWED-to-javascript-url-from-javscript-url.html
Comment 56 Build Bot 2019-05-02 11:30:11 PDT
Created attachment 368796 [details]
Archive of layout-test-results from ews107 for mac-highsierra-wk2

The attached test failures were seen while running run-webkit-tests on the mac-wk2-ews.
Bot: ews107  Port: mac-highsierra-wk2  Platform: Mac OS X 10.13.6
Comment 57 Build Bot 2019-05-02 12:32:57 PDT
Comment on attachment 368786 [details]
Patch

Attachment 368786 [details] did not pass ios-sim-ews (ios-simulator-wk2):
Output: https://webkit-queues.webkit.org/results/12063864

New failing tests:
imported/w3c/web-platform-tests/webmessaging/with-ports/018.html
Comment 58 Build Bot 2019-05-02 12:33:00 PDT
Created attachment 368805 [details]
Archive of layout-test-results from ews126 for ios-simulator-wk2

The attached test failures were seen while running run-webkit-tests on the ios-sim-ews.
Bot: ews126  Port: ios-simulator-wk2  Platform: Mac OS X 10.14.4
Comment 59 Chris Dumez 2019-05-02 12:34:13 PDT
Created attachment 368807 [details]
Patch
Comment 60 Build Bot 2019-05-02 12:37:52 PDT
Attachment 368807 [details] did not pass style-queue:


ERROR: Source/WebCore/ChangeLog:10:  Please consider whether the use of security-sensitive phrasing could help someone exploit WebKit: security bug  [changelog/unwantedsecurityterms] [3]
Total errors found: 1 in 33 files


If any of these errors are false positives, please file a bug against check-webkit-style.
Comment 61 Chris Dumez 2019-05-02 13:25:20 PDT
Created attachment 368813 [details]
Patch
Comment 62 Build Bot 2019-05-02 13:27:55 PDT
Attachment 368813 [details] did not pass style-queue:


ERROR: Source/WebCore/ChangeLog:10:  Please consider whether the use of security-sensitive phrasing could help someone exploit WebKit: security bug  [changelog/unwantedsecurityterms] [3]
Total errors found: 1 in 33 files


If any of these errors are false positives, please file a bug against check-webkit-style.
Comment 63 Darin Adler 2019-05-02 14:26:29 PDT
Comment on attachment 368813 [details]
Patch

View in context: https://bugs.webkit.org/attachment.cgi?id=368813&action=review

> Source/WebCore/ChangeLog:10
> +        to execute it asynchronously, which was a source of security bugs and also did

asynchronously -> synchronously

> Source/WebCore/loader/NavigationScheduler.cpp:425
> +        return completionHandler();

Heh, the "return void" debate. I will refrain from commenting further.

> Source/WebCore/loader/SubframeLoader.cpp:90
> +    // If we will schedule a javascript URL load, we need to delay the firing of the load event at least until we've run the javascript URL.

I think it’s strange wording to say "run the javascript URL"; maybe "run the JavaScript in the URL"?
Comment 64 Chris Dumez 2019-05-02 14:29:16 PDT
Created attachment 368821 [details]
Patch
Comment 65 Build Bot 2019-05-02 14:32:15 PDT
Attachment 368821 [details] did not pass style-queue:


ERROR: Source/WebCore/ChangeLog:10:  Please consider whether the use of security-sensitive phrasing could help someone exploit WebKit: security bug  [changelog/unwantedsecurityterms] [3]
Total errors found: 1 in 33 files


If any of these errors are false positives, please file a bug against check-webkit-style.
Comment 66 Darin Adler 2019-05-02 14:41:33 PDT
> ERROR: Source/WebCore/ChangeLog:10:  Please consider whether the use of
> security-sensitive phrasing could help someone exploit WebKit: security bug 
> [changelog/unwantedsecurityterms] [3]

Slightly surprised you decided to leave the word "security" in the change log.
Comment 67 Chris Dumez 2019-05-02 15:06:54 PDT
(In reply to Darin Adler from comment #66)
> > ERROR: Source/WebCore/ChangeLog:10:  Please consider whether the use of
> > security-sensitive phrasing could help someone exploit WebKit: security bug 
> > [changelog/unwantedsecurityterms] [3]
> 
> Slightly surprised you decided to leave the word "security" in the change
> log.

Ok, I will remove it. In the context, it did not particularly bother me.
Comment 68 Chris Dumez 2019-05-02 15:08:42 PDT
Created attachment 368825 [details]
Patch
Comment 69 WebKit Commit Bot 2019-05-02 15:24:34 PDT
Comment on attachment 368825 [details]
Patch

Clearing flags on attachment: 368825

Committed r244892: <https://trac.webkit.org/changeset/244892>
Comment 70 WebKit Commit Bot 2019-05-02 15:24:37 PDT
All reviewed patches have been landed.  Closing bug.
Comment 71 Radar WebKit Bug Importer 2019-05-02 15:26:41 PDT
<rdar://problem/50424426>
Comment 72 Truitt Savell 2019-05-07 09:05:26 PDT
It looks like the new test fast/dom/frame-src-javascript-url-async.html

added in https://trac.webkit.org/changeset/244892/webkit

is flakey. History:
https://webkit-test-results.webkit.org/dashboards/flakiness_dashboard.html#showAllRuns=true&tests=fast%2Fdom%2Fframe-src-javascript-url-async.html