Join GitHub today
GitHub is home to over 50 million developers working together to host and review code, manage projects, and build software together.
Sign upAdded some same-origin-domain checks #15478
Closed
Conversation
highfive
commented
Feb 9, 2017
|
Heads up! This PR modifies the following files:
|
highfive
commented
Feb 9, 2017
|
|
|
cc @jdm @cbrewster |
asajeffrey
changed the title
|
I'm not convinced it's a good idea to land this until we actually have document.domain, and I can tell you to write tests for each and every change here. |
| fn GetContentDocument(&self) -> Option<Root<Document>> { | ||
| self.get_content_window().map(|window| window.Document()) | ||
| // Step 1. | ||
| if let Some(pipeline_id) = self.pipeline_id.get() { |
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
|
I updated the test expectations (d6e2792). Summary:
@Ms2ger: with these updates to the test expectations, are you okay with this PR going ahead without |
asajeffrey
force-pushed the
asajeffrey:script-same-origin-domain
branch
from
d7d00a2
to
583a7dd
|
Updated #15438. |
|
@Ms2ger ping? |
asajeffrey
force-pushed the
asajeffrey:script-same-origin-domain
branch
from
583a7dd
to
92d220b
|
Rebased. |
|
|
asajeffrey
force-pushed the
asajeffrey:script-same-origin-domain
branch
from
92d220b
to
b07d2dc
|
Fixed a bug which was causing |
|
|
asajeffrey
force-pushed the
asajeffrey:script-same-origin-domain
branch
2 times, most recently
from
d91b63a
to
26ea806
|
|
asajeffrey
force-pushed the
asajeffrey:script-same-origin-domain
branch
from
26ea806
to
1d8d6ac
|
Conversation with @jdm on irc: http://logs.glob.uno/?c=mozilla%23servo&s=24+Feb+2017&e=24+Feb+2017#c619500 TL;DR: merge this PR with #15536. |
bors-servo
added a commit
that referenced
this pull request
Mar 15, 2017
Implement setter for document.domain <!-- Please describe your changes on the following line: --> This PR implements the setter for `document.domain`. It builds on #15438 and #15478, only the last commit is part of this PR. It includes tests for similar-origin security checks. --- <!-- Thank you for contributing to Servo! Please replace each `[ ]` by `[X]` when the step is complete, and replace `__` with appropriate data: --> - [X] `./mach build -d` does not report any errors - [X] `./mach test-tidy` does not report any errors - [X] These changes fix #934. - [X] There are tests for these changes. <!-- Pull requests that do not address these steps are welcome, but they will require additional verification as part of the review process. --> <!-- Reviewable:start --> --- This change is [<img src="https://reviewable.io/review_button.svg" height="34" align="absmiddle" alt="Reviewable"/>](https://reviewable.io/reviews/servo/servo/15536) <!-- Reviewable:end -->
bors-servo
added a commit
that referenced
this pull request
Mar 15, 2017
Implement setter for document.domain <!-- Please describe your changes on the following line: --> This PR implements the setter for `document.domain`. It builds on #15438 and #15478, only the last commit is part of this PR. It includes tests for similar-origin security checks. --- <!-- Thank you for contributing to Servo! Please replace each `[ ]` by `[X]` when the step is complete, and replace `__` with appropriate data: --> - [X] `./mach build -d` does not report any errors - [X] `./mach test-tidy` does not report any errors - [X] These changes fix #934. - [X] There are tests for these changes. <!-- Pull requests that do not address these steps are welcome, but they will require additional verification as part of the review process. --> <!-- Reviewable:start --> --- This change is [<img src="https://reviewable.io/review_button.svg" height="34" align="absmiddle" alt="Reviewable"/>](https://reviewable.io/reviews/servo/servo/15536) <!-- Reviewable:end -->
bors-servo
added a commit
that referenced
this pull request
Mar 15, 2017
Implement cross-thread postMessage <!-- Please describe your changes on the following line: --> This PR implements cross-thread postMessage, It builds on #15438 and #15478, only the last commit is part of this PR. --- <!-- Thank you for contributing to Servo! Please replace each `[ ]` by `[X]` when the step is complete, and replace `__` with appropriate data: --> - [X] `./mach build -d` does not report any errors - [X] `./mach test-tidy` does not report any errors - [X] There are tests for these changes <!-- Pull requests that do not address these steps are welcome, but they will require additional verification as part of the review process. --> <!-- Reviewable:start --> --- This change is [<img src="https://reviewable.io/review_button.svg" height="34" align="absmiddle" alt="Reviewable"/>](https://reviewable.io/reviews/servo/servo/15679) <!-- Reviewable:end -->
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
asajeffrey commentedFeb 9, 2017
•
edited by larsbergstrom
This PR adds some same-origin-domain checks, replacing some same-origin checks. This will make a difference once we support setting document.domain.
This PR builds on #15438, only the last commit is part of this PR.
./mach build -ddoes not report any errors./mach test-tidydoes not report any errorsThis change is