-
Notifications
You must be signed in to change notification settings - Fork 1.3k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
database names leak cross-origin within the same browser session
https://bugs.webkit.org/show_bug.cgi?id=233548 Reviewed by Geoff Garen. Source/WebCore: Test: http/tests/security/getdatabases-crossorigin.html * Modules/indexeddb/server/IDBServer.cpp: (WebCore::IDBServer::IDBServer::getAllDatabaseNamesAndVersions): When iterating the set of all open UniqueIDBDatabases, only add them to the results list if their origins match. * page/ClientOrigin.h: (WebCore::ClientOrigin::operator!= const): LayoutTests: * http/tests/security/getdatabases-crossorigin-expected.txt: Added. * http/tests/security/getdatabases-crossorigin.html: Added. * http/tests/security/resources/getdatabases-otherframe.html: Added. * http/tests/security/resources/getdatabases-otherwindow.html: Added. Canonical link: https://commits.webkit.org/246098@main git-svn-id: https://svn.webkit.org/repository/webkit/trunk@288078 268f45cc-cd09-0410-ab3c-d52691b4dbfc
- Loading branch information
Showing
8 changed files
with
97 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
4 changes: 4 additions & 0 deletions
4
LayoutTests/http/tests/security/getdatabases-crossorigin-expected.txt
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,4 @@ | ||
CONSOLE MESSAGE: Message received from other context | ||
CONSOLE MESSAGE: Message received from other context | ||
CONSOLE MESSAGE: PASS | ||
|
43 changes: 43 additions & 0 deletions
43
LayoutTests/http/tests/security/getdatabases-crossorigin.html
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,43 @@ | ||
<!-- webkit-test-runner [ JavaScriptCanOpenWindowsAutomatically=true ] --> | ||
<html> | ||
<head> | ||
<script> | ||
|
||
if (window.location.hostname == "localhost") | ||
console.log("FAIL: Must be run as 127.0.0.1, not localhost"); | ||
|
||
if (window.testRunner) { | ||
testRunner.dumpAsText(); | ||
testRunner.waitUntilDone(); | ||
} | ||
|
||
var messagesReceived = 0; | ||
|
||
window.onmessage = function(event) { | ||
console.log("Message received from other context") | ||
|
||
if (++messagesReceived < 2) | ||
return; | ||
|
||
indexedDB.databases().then((result) => { | ||
databases = result; | ||
if (databases.length != 0) | ||
console.log("FAIL: There are " + databases.length + " database(s) when there should be 0"); | ||
else | ||
console.log("PASS"); | ||
if (testRunner) | ||
testRunner.notifyDone(); | ||
}); | ||
}; | ||
|
||
function openOtherWindow() | ||
{ | ||
window.open("http://localhost:8000/security/resources/getdatabases-otherwindow.html") | ||
} | ||
|
||
</script> | ||
</head> | ||
<body onload="openOtherWindow()"> | ||
<iframe src="http://localhost:8000/security/resources/getdatabases-otherframe.html"></iframe> | ||
</body> | ||
</html> |
9 changes: 9 additions & 0 deletions
9
LayoutTests/http/tests/security/resources/getdatabases-otherframe.html
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,9 @@ | ||
<head> | ||
<script> | ||
indexedDB.deleteDatabase('getdatabase-otherframe').onsuccess = () => { | ||
indexedDB.open('getdatabase-otherframe').onsuccess = () => { | ||
window.parent.postMessage("Hi there!", "*"); | ||
} | ||
} | ||
</script> | ||
</head> |
9 changes: 9 additions & 0 deletions
9
LayoutTests/http/tests/security/resources/getdatabases-otherwindow.html
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,9 @@ | ||
<head> | ||
<script> | ||
indexedDB.deleteDatabase('getdatabase-otherwindow').onsuccess = () => { | ||
indexedDB.open('getdatabase-otherwindow').onsuccess = () => { | ||
window.opener.postMessage("Hi there!", "*"); | ||
} | ||
} | ||
</script> | ||
</head> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters