RESOLVED FIXED 205092
[Bindings] Cross-origin checks happen too late for overloaded methods 
https://bugs.webkit.org/show_bug.cgi?id=205092
Summary [Bindings] Cross-origin checks happen too late for overloaded methods
Chris Dumez
Reported 2019-12-10 16:48:47 PST
Cross-origin checks happen too late for overloaded methods. We're supposed to do the security check and then find the right overload to call [1]. In our bindings, we first find the right overload body to call and then do the security check in the body of the chosen overload. This results in the wrong exception being thrown in some cases. [1] https://heycam.github.io/webidl/#dfn-create-operation-function
Attachments
Patch (15.49 KB, patch)
2019-12-10 16:51 PST, Chris Dumez 		no flags
DetailsFormatted DiffDiff
Patch (22.44 KB, patch)
2019-12-10 18:29 PST, Chris Dumez 		no flags
DetailsFormatted DiffDiff
Show Obsolete (1) View All Add attachment proposed patch, testcase, etc.
Chris Dumez
Comment 1 2019-12-10 16:51:48 PST
Created attachment 385317 [details] Patch
Sam Weinig
Comment 2 2019-12-10 18:08:25 PST
Nice catch. Do the bindings tests (run-bindings-tests) output change?
Chris Dumez
Comment 3 2019-12-10 18:15:20 PST
(In reply to Sam Weinig from comment #2) > Nice catch. Do the bindings tests (run-bindings-tests) output change? They do not, the bindings bubble is green.
Chris Dumez
Comment 4 2019-12-10 18:21:25 PST
(In reply to Chris Dumez from comment #3) > (In reply to Sam Weinig from comment #2) > > Nice catch. Do the bindings tests (run-bindings-tests) output change? > > They do not, the bindings bubble is green. Will look into adding test coverage. Looks like there is an EWS failure to investigate too.
Sam Weinig
Comment 5 2019-12-10 18:22:12 PST
(In reply to Chris Dumez from comment #3) > (In reply to Sam Weinig from comment #2) > > Nice catch. Do the bindings tests (run-bindings-tests) output change? > > They do not, the bindings bubble is green. In that case, mind adding an overload that triggers this to the bindings tests? Seeing the new generated code can help make the reviewing easier (and more tests seem good).
Chris Dumez
Comment 6 2019-12-10 18:29:33 PST
Created attachment 385335 [details] Patch
WebKit Commit Bot
Comment 7 2019-12-11 11:05:12 PST
Comment on attachment 385335 [details] Patch Clearing flags on attachment: 385335 Committed r253381: <https://trac.webkit.org/changeset/253381>
WebKit Commit Bot
Comment 8 2019-12-11 11:05:13 PST
All reviewed patches have been landed. Closing bug.
Radar WebKit Bug Importer
Comment 9 2019-12-11 11:06:21 PST
<rdar://problem/57844610>
Note You need to log in before you can comment on or make changes to this bug.