mkwst: PTAL
To view, visit change 877407. To unsubscribe, or for help writing mail filters, visit settings.
LGTM, thanks!
Patch set 3:Code-Review +1
2 comments:
Patch Set #3, Line 18: testRunner.testFailed("'top.location' didn't throw.");
Nit: s/didn't throw/threw/
File third_party/WebKit/Source/core/frame/LocalFrame.cpp:
Patch Set #3, Line 894: // a user gesture and the navigation isn't same-origin for the target.
Nit: s/for the target/with the target/ sounds marginally better to my ear.
To view, visit change 877407. To unsubscribe, or for help writing mail filters, visit settings.
2 comments:
Patch Set #3, Line 18: testRunner.testFailed("'top.location' threw.");
Nit: s/didn't throw/threw/
Done
File third_party/WebKit/Source/core/frame/LocalFrame.cpp:
Patch Set #3, Line 894: // a user gesture and the navigation isn't same-origin with the target.
Nit: s/for the target/with the target/ sounds marginally better to my ear.
Done
To view, visit change 877407. To unsubscribe, or for help writing mail filters, visit settings.
Patch set 4:Commit-Queue +2
CQ is trying the patch.
Note: The patchset sent to CQ was uploaded after this CL was approved.
"Address comments, rebase" https://chromium-review.googlesource.com/c/877407/4
Follow status at: https://chromium-cq-status.appspot.com/v2/patch-status/chromium-review.googlesource.com/877407/4
Bot data: {"action": "start", "triggered_at": "2018-01-22T18:40:27.0Z", "cq_cfg_revision": "a668b5363cd374a29ca0f46124c226e2e2aa21d9", "revision": "eb08c88976de24f2b77ae32c708f062fe35f7a7a"}
Try jobs failed on following builders:
android_n5x_swarming_rel on master.tryserver.chromium.android (JOB_FAILED, https://build.chromium.org/p/tryserver.chromium.android/builders/android_n5x_swarming_rel/builds/345080)
Patch set 4:Commit-Queue +2
CQ is trying the patch.
Note: The patchset sent to CQ was uploaded after this CL was approved.
"Address comments, rebase" https://chromium-review.googlesource.com/c/877407/4
Follow status at: https://chromium-cq-status.appspot.com/v2/patch-status/chromium-review.googlesource.com/877407/4
Bot data: {"action": "start", "triggered_at": "2018-01-22T21:21:24.0Z", "cq_cfg_revision": "a668b5363cd374a29ca0f46124c226e2e2aa21d9", "revision": "eb08c88976de24f2b77ae32c708f062fe35f7a7a"}
Commit Bot merged this change.
Allow framebusting when the target and the destination are same-origin
Bug: 624061
Test: http/tests/security/frameNavigation/xss-ALLOWED-same-origin-top-navigation-without-user-gesture.html
Change-Id: I78909ab0726b85881225de413302886479761a8f
Reviewed-on: https://chromium-review.googlesource.com/877407
Commit-Queue: Nate Chapin <jap...@chromium.org>
Reviewed-by: Mike West <mk...@chromium.org>
Cr-Commit-Position: refs/heads/master@{#531022}
---
A third_party/WebKit/LayoutTests/http/tests/security/frameNavigation/resources/iframe-that-performs-same-origin-top-navigation-without-user-gesture.html
A third_party/WebKit/LayoutTests/http/tests/security/frameNavigation/xss-ALLOWED-same-origin-top-navigation-without-user-gesture-expected.txt
A third_party/WebKit/LayoutTests/http/tests/security/frameNavigation/xss-ALLOWED-same-origin-top-navigation-without-user-gesture.html
M third_party/WebKit/Source/core/frame/LocalFrame.cpp
4 files changed, 48 insertions(+), 2 deletions(-)