Bug 77580 - Support targetOrigin = "/" in postMessage for sending messages to same origin as source document
Summary: Support targetOrigin = "/" in postMessage for sending messages to same origin...
Status: RESOLVED FIXED
Alias: None
Product: WebKit
Classification: Unclassified
Component: New Bugs (show other bugs)
Version: 528+ (Nightly build)
Hardware: Unspecified Unspecified
: P2 Normal
Assignee: Nobody
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2012-02-01 15:14 PST by Pablo Flouret
Modified: 2012-02-01 17:40 PST (History)
4 users (show)

See Also:

Attachments
Patch (8.32 KB, patch)
2012-02-01 15:27 PST, Pablo Flouret 		no flags Details | Formatted Diff | Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Pablo Flouret 2012-02-01 15:14:20 PST 
Spec:

http://www.whatwg.org/specs/web-apps/current-work/multipage/web-messaging.html#posting-messages

[[
9. If the targetOrigin argument is a single literal U+002F SOLIDUS character (/), and the Document of the Window object on which the method was invoked does not have the same origin as the entry script's document, then abort these steps silently.
]]

Opera supports this already.
Comment 1 Pablo Flouret 2012-02-01 15:27:23 PST 
Created attachment 125031 [details]
Patch
Comment 2 Adam Barth 2012-02-01 15:34:54 PST 
I thought this was removed from the spec.
Comment 3 Adam Barth 2012-02-01 15:36:52 PST 
Comment on attachment 125031 [details]
Patch

View in context: https://bugs.webkit.org/attachment.cgi?id=125031&action=review

> Source/WebCore/page/DOMWindow.cpp:837
> +        target = sourceDocument->securityOrigin();

Do we need to make a cross-thread copy?
Comment 4 Adam Barth 2012-02-01 15:37:15 PST 
CCing some threading experts.
Comment 5 Dmitry Lomov 2012-02-01 16:13:22 PST 
Comment on attachment 125031 [details]
Patch

View in context: https://bugs.webkit.org/attachment.cgi?id=125031&action=review

>> Source/WebCore/page/DOMWindow.cpp:837
>> +        target = sourceDocument->securityOrigin();
> 
> Do we need to make a cross-thread copy?

No, because this is DOMWindow::postMessage - it is all single threaded.
Comment 6 Adam Barth 2012-02-01 16:54:59 PST 
Comment on attachment 125031 [details]
Patch

View in context: https://bugs.webkit.org/attachment.cgi?id=125031&action=review

Thanks!

> Source/WebCore/page/DOMWindow.cpp:836
> +        if (!sourceDocument)
> +            return;

I wonder if we shouldn't just return right away when !sourceDocument.  I can understand why you've chosen this path though.
Comment 7 Pablo Flouret 2012-02-01 17:00:57 PST 
(In reply to comment #6)
> (From update of attachment 125031 [details])
> View in context: https://bugs.webkit.org/attachment.cgi?id=125031&action=review
> 
> Thanks!
> 
> > Source/WebCore/page/DOMWindow.cpp:836
> > +        if (!sourceDocument)
> > +            return;
> 
> I wonder if we shouldn't just return right away when !sourceDocument.  I can understand why you've chosen this path though.

Yeah, wasn't sure if the syntax error should be reported regardless, but when in doubt i guess it's always better to keep the existing behavior :P.

Under what circumstances can there be no document there? (workers?)
Comment 8 Adam Barth 2012-02-01 17:08:21 PST 
> Under what circumstances can there be no document there? (workers?)

The situation is very rare.  Basically, if the source window is from a frame that has been destroyed (i.e., removed from the DOM).  It's possible to construct those scenarios, but we don't usually care all that much about what happens then (as long as we don't crash or cause security problems).
Comment 9 WebKit Review Bot 2012-02-01 17:40:12 PST 
Comment on attachment 125031 [details]
Patch

Clearing flags on attachment: 125031

Committed r106516: <http://trac.webkit.org/changeset/106516>
Comment 10 WebKit Review Bot 2012-02-01 17:40:16 PST 
All reviewed patches have been landed.  Closing bug.