Skip to content
Permalink
Browse files
Prevent hidden documents from locking the screen orientation
https://bugs.webkit.org/show_bug.cgi?id=247248
rdar://102019707

Reviewed by Youenn Fablet.

* LayoutTests/fast/screen-orientation/hidden-document-check-expected.txt: Added.
* LayoutTests/imported/w3c/web-platform-tests/resources/testdriver-vendor.js:
(window.test_driver_internal.action_sequence):
(async if):
(window.test_driver_internal.minimize_window):
(window.test_driver_internal.set_window_rect):
* LayoutTests/imported/w3c/web-platform-tests/screen-orientation/hidden_document-expected.txt: Added.
* LayoutTests/imported/w3c/web-platform-tests/screen-orientation/hidden_document.html: Added.
* LayoutTests/platform/ios/TestExpectations:
* Source/WebCore/page/ScreenOrientation.cpp:
(WebCore::ScreenOrientation::lock):

Canonical link: https://commits.webkit.org/257019@main
  • Loading branch information
marcoscaceres authored and Marcos Caceres committed Nov 25, 2022
1 parent c8c8117 commit a68ef76884df02cb25c760874bfc38df99c09783
Show file tree
Hide file tree
Showing 6 changed files with 119 additions and 1 deletion.
@@ -0,0 +1,12 @@
This test checks that trying to lock or unlock a hidden document results in a SecurityError.

On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".


PASS document.hidden is true
PASS SecurityError rejected promise with SecurityError: Only visible documents can lock the screen orientation.
PASS screen.orientation.unlock() threw exception SecurityError: Only visible documents can unlock the screen orientation.
PASS successfullyParsed is true

TEST COMPLETE

@@ -250,7 +250,7 @@ window.test_driver_internal.click = function (element, coords)

window.test_driver_internal.action_sequence = function(sources)
{
// https://w3c.github.io/webdriver/#processing-actions
// https://w3c.github.io/webdriver/#processing-actions

let noneSource;
let pointerSource;
@@ -338,3 +338,57 @@ window.test_driver_internal.consume_user_activation = async function(context)
throw new Error("unimplemented");
return context.internals.consumeTransientActivation();
}

/**
*
* @param {Window} context
* @returns {Promise<DOMRect>}
*/
window.test_driver_internal.minimize_window = async function (context=null)
{
if (context === null)
context = window;

if (context.document?.fullscreenElement)
await context.document.exitFullscreen();

const rect = internals.visualViewportRect();

if (context.document.visibilityState === "hidden")
return rect;

await new Promise(resolve => {
context.addEventListener("visibilitychange", resolve, { once: true });
testRunner.setPageVisibility("hidden");
});

return rect;
}

/**
*
* @param {DOMRect} rect
* @param {Window} context
* @returns {Promise<void>}
*/
window.test_driver_internal.set_window_rect = async function (rect, context=null)
{
if (typeof rect !== "object" || typeof rect.width !== "number" || typeof rect.height !== "number")
throw new Error("Invalid rect");

if (context === null)
context = window;

if (context.document?.fullscreenElement)
await context.document.exitFullscreen();

context.testRunner.setViewSize(rect.width, rect.height);

if (context.document.visibilityState === "visible")
return;

await new Promise(resolve => {
context.addEventListener("visibilitychange", resolve, { once: true });
testRunner.setPageVisibility("visible");
});
}
@@ -0,0 +1,3 @@

PASS test locking the orientation when document is hidden

@@ -0,0 +1,39 @@
<!DOCTYPE html>
<meta name="timeout" content="long" />
<title>Prevent hidden documents from locking orientation</title>
<link rel="help" href="https://github.com/w3c/screen-orientation/pull/232" />
<script src="/resources/testharness.js"></script>
<script src="/resources/testharnessreport.js"></script>
<script src="/resources/testdriver.js"></script>
<script src="/resources/testdriver-vendor.js"></script>
<script type="module">
import { getOppositeOrientation } from "./resources/orientation-utils.js";
let rect;

promise_setup(async (t) => {
rect = await test_driver.minimize_window();
assert_true(document.hidden, "document must be hidden");
});

promise_test(async (t) => {
await promise_rejects_dom(
t,
"SecurityError",
screen.orientation.lock("landscape"),
"Locking orientation must reject when the document is hidden"
);

assert_throws_dom(
"SecurityError",
() => {
screen.orientation.unlock();
},
"Unlocking orientation must throw when the document is hidden"
);

await test_driver.set_window_rect(rect);
assert_false(document.hidden, "document must not be hidden");
// not longer throws
screen.orientation.unlock();
}, "test locking the orientation when document is hidden");
</script>
@@ -367,6 +367,7 @@ webkit.org/b/165799 svg/animations/animations-paused-page-non-visible.html [ Ski
webkit.org/b/165799 svg/animations/animations-paused-in-background-page-iframe.html [ Skip ]
webkit.org/b/165799 svg/animations/animations-paused-in-background-page.html [ Skip ]
webkit.org/b/165799 webaudio/silent-audio-interrupted-in-background.html [ Skip ]
webkit.org/b/165799 imported/w3c/web-platform-tests/screen-orientation/hidden_document.html

# AutoFill button is not supported
fast/forms/auto-fill-button/mouse-down-input-mouse-release-auto-fill-button.html
@@ -110,6 +110,12 @@ void ScreenOrientation::lock(LockType lockType, Ref<DeferredPromise>&& promise)
promise->reject(Exception { SecurityError, "Only first party documents can lock the screen orientation"_s });
return;
}

if (document->page() && !document->page()->isVisible()) {
promise->reject(Exception { SecurityError, "Only visible documents can lock the screen orientation"_s });
return;
}

if (document->settings().fullscreenRequirementForScreenOrientationLockingEnabled()) {
#if ENABLE(FULLSCREEN_API)
if (!document->fullscreenManager().isFullscreen()) {
@@ -157,6 +163,9 @@ ExceptionOr<void> ScreenOrientation::unlock()
if (!document->isSameOriginAsTopDocument())
return { };

if (document->page() && !document->page()->isVisible())
return Exception { SecurityError, "Only visible documents can unlock the screen orientation"_s };

if (auto* manager = this->manager())
manager->unlock();
return { };

0 comments on commit a68ef76

Please sign in to comment.