debugging

components/script/dom/bindings/utils.rs

@@ -82,6 +82,7 @@ enum CrossOriginObjectType {
 }
 
 unsafe fn identify_cross_origin_object(obj: HandleObject) -> CrossOriginObjectType {
+    println!("unchecked unwrap for identfy xoo");
     let obj = UncheckedUnwrapObject(obj.get(), /* stopAtWindowProxy = */ 0);
     let obj_class = JS_GetClass(obj);
     let name = str::from_utf8(CStr::from_ptr((*obj_class).name).to_bytes()).unwrap().to_owned();
@@ -312,6 +313,7 @@ pub fn is_platform_object(obj: *mut JSObject) -> bool {
         }
         // Now for simplicity check for security wrappers before anything else
         if IsWrapper(obj) {
+            println!("unwrap obj for sec wrapper check");
             let unwrapped_obj = UnwrapObject(obj, /* stopAtWindowProxy = */ 0);
             if unwrapped_obj.is_null() {
                 return false;

tests/wpt/web-platform-tests/html/browsers/origin/cross-origin-objects/cross-origin-objects.html

@@ -59,9 +59,24 @@
   assert_equals(B.parent, window, "window.parent works same-origin");
   //assert_equals(C.parent, window, "window.parent works cross-origin");
   assert_equals(B.location.pathname, path, "location.href works same-origin");
+  //TODO do document.write and console.log have same behavior?
+  try {
+    console.log(C.location.pathname);  //permission denied to unwrap object
+  } catch(err) {
+    console.log(err.message);
+  }
   //assert_throws("SecurityError", function() { C.location.pathname; }, "location.pathname throws cross-origin");
-  assert_equals(B.frames, 'override', "Overrides visible in the same-origin case");
-  //document.write(C.frames);
+  try {
+    console.log(B.frames); 
+  } catch(err) {
+    console.log(err.message);
+  }
+  //assert_equals(B.frames, 'override', "Overrides visible in the same-origin case");
+  try {
+    console.log(C.frames); 
+  } catch(err) {
+    console.log(err.message);
+  }
   //assert_equals(C.frames, C, "Overrides invisible in the cross-origin case");
 }, "Basic sanity-checking");
 
@@ -71,7 +86,7 @@
  * Also tests for [[GetOwnProperty]] and [[HasOwnProperty]] behavior.
  */
 
-var whitelistedWindowIndices = ['0', '1'];
+/*var whitelistedWindowIndices = ['0', '1'];
 var whitelistedWindowPropNames = ['location', 'postMessage', 'window', 'frames', 'self', 'top', 'parent',
                                   'opener', 'closed', 'close', 'blur', 'focus', 'length'];
 whitelistedWindowPropNames = whitelistedWindowPropNames.concat(whitelistedWindowIndices);
@@ -115,7 +130,7 @@
       //assert_throws("SecurityError", function() { C[prop] = undefined; }, "Should throw when writing to " + prop + " on Location");
   }
 }, "Only whitelisted properties are accessible cross-origin");
-
+/*
 /*
  * ES Internal Methods.
  */