<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN"
"http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head><meta http-equiv="content-type" content="text/html; charset=utf-8" />
<title>[205359] trunk</title>
</head>
<body>
<style type="text/css"><!--
#msg dl.meta { border: 1px #006 solid; background: #369; padding: 6px; color: #fff; }
#msg dl.meta dt { float: left; width: 6em; font-weight: bold; }
#msg dt:after { content:':';}
#msg dl, #msg dt, #msg ul, #msg li, #header, #footer, #logmsg { font-family: verdana,arial,helvetica,sans-serif; font-size: 10pt; }
#msg dl a { font-weight: bold}
#msg dl a:link { color:#fc3; }
#msg dl a:active { color:#ff0; }
#msg dl a:visited { color:#cc6; }
h3 { font-family: verdana,arial,helvetica,sans-serif; font-size: 10pt; font-weight: bold; }
#msg pre { overflow: auto; background: #ffc; border: 1px #fa0 solid; padding: 6px; }
#logmsg { background: #ffc; border: 1px #fa0 solid; padding: 1em 1em 0 1em; }
#logmsg p, #logmsg pre, #logmsg blockquote { margin: 0 0 1em 0; }
#logmsg p, #logmsg li, #logmsg dt, #logmsg dd { line-height: 14pt; }
#logmsg h1, #logmsg h2, #logmsg h3, #logmsg h4, #logmsg h5, #logmsg h6 { margin: .5em 0; }
#logmsg h1:first-child, #logmsg h2:first-child, #logmsg h3:first-child, #logmsg h4:first-child, #logmsg h5:first-child, #logmsg h6:first-child { margin-top: 0; }
#logmsg ul, #logmsg ol { padding: 0; list-style-position: inside; margin: 0 0 0 1em; }
#logmsg ul { text-indent: -1em; padding-left: 1em; }#logmsg ol { text-indent: -1.5em; padding-left: 1.5em; }
#logmsg > ul, #logmsg > ol { margin: 0 0 1em 0; }
#logmsg pre { background: #eee; padding: 1em; }
#logmsg blockquote { border: 1px solid #fa0; border-left-width: 10px; padding: 1em 1em 0 1em; background: white;}
#logmsg dl { margin: 0; }
#logmsg dt { font-weight: bold; }
#logmsg dd { margin: 0; padding: 0 0 0.5em 0; }
#logmsg dd:before { content:'\00bb';}
#logmsg table { border-spacing: 0px; border-collapse: collapse; border-top: 4px solid #fa0; border-bottom: 1px solid #fa0; background: #fff; }
#logmsg table th { text-align: left; font-weight: normal; padding: 0.2em 0.5em; border-top: 1px dotted #fa0; }
#logmsg table td { text-align: right; border-top: 1px dotted #fa0; padding: 0.2em 0.5em; }
#logmsg table thead th { text-align: center; border-bottom: 1px solid #fa0; }
#logmsg table th.Corner { text-align: left; }
#logmsg hr { border: none 0; border-top: 2px dashed #fa0; height: 1px; }
#header, #footer { color: #fff; background: #636; border: 1px #300 solid; padding: 6px; }
#patch { width: 100%; }
#patch h4 {font-family: verdana,arial,helvetica,sans-serif;font-size:10pt;padding:8px;background:#369;color:#fff;margin:0;}
#patch .propset h4, #patch .binary h4 {margin:0;}
#patch pre {padding:0;line-height:1.2em;margin:0;}
#patch .diff {width:100%;background:#eee;padding: 0 0 10px 0;overflow:auto;}
#patch .propset .diff, #patch .binary .diff {padding:10px 0;}
#patch span {display:block;padding:0 10px;}
#patch .modfile, #patch .addfile, #patch .delfile, #patch .propset, #patch .binary, #patch .copfile {border:1px solid #ccc;margin:10px 0;}
#patch ins {background:#dfd;text-decoration:none;display:block;padding:0 10px;}
#patch del {background:#fdd;text-decoration:none;display:block;padding:0 10px;}
#patch .lines, .info {color:#888;background:#fff;}
--></style>
<div id="msg">
<dl class="meta">
<dt>Revision</dt> <dd><a href="http://trac.webkit.org/projects/webkit/changeset/205359">205359</a></dd>
<dt>Author</dt> <dd>cdumez@apple.com</dd>
<dt>Date</dt> <dd>2016-09-02 12:10:12 -0700 (Fri, 02 Sep 2016)</dd>
</dl>
<h3>Log Message</h3>
<pre>Object.preventExtensions() should throw cross-origin
https://bugs.webkit.org/show_bug.cgi?id=161486
Reviewed by Geoffrey Garen.
Source/JavaScriptCore:
Update JSProxy to forward preventExtensions() calls to its target.
* runtime/JSProxy.cpp:
(JSC::JSProxy::preventExtensions):
* runtime/JSProxy.h:
Source/WebCore:
Object.preventExtensions() should throw cross-origin:
- https://html.spec.whatwg.org/#windowproxy-preventextensions
- https://html.spec.whatwg.org/#location-preventextensions
- http://www.ecma-international.org/ecma-262/6.0/#sec-object.preventextensions
Firefox and Chrome both throw in the cross-origin case. Firefox also throws
a TypeError in the same-origin case for Window, as per the specification.
However, Firefox does not seem to throw yet in the same-origin case for
Location yet.
Test: http/tests/security/preventExtensions-window-location.html
* bindings/js/JSDOMWindowCustom.cpp:
(WebCore::JSDOMWindow::preventExtensions):
* bindings/js/JSLocationCustom.cpp:
(WebCore::JSLocation::preventExtensions):
* bindings/scripts/CodeGeneratorJS.pm:
(GenerateHeader):
* bindings/scripts/IDLAttributes.txt:
* page/DOMWindow.idl:
* page/Location.idl:
LayoutTests:
Add layout test coverage. We have a few failures in the same origin case
because we don't fully match the specification yet:
- Object.preventExtensions() should throw a TypeError. However, our
implementation currently does not throw if [[PreventExtensions]] returns
false.
- We do not ignore calls to Object.preventExtensions() for the Location
object yet because other browsers do not seem to either.
* http/tests/security/preventExtensions-window-location-expected.txt: Added.
* http/tests/security/preventExtensions-window-location.html: Added.</pre>
<h3>Modified Paths</h3>
<ul>
<li><a href="#trunkLayoutTestsChangeLog">trunk/LayoutTests/ChangeLog</a></li>
<li><a href="#trunkSourceJavaScriptCoreChangeLog">trunk/Source/JavaScriptCore/ChangeLog</a></li>
<li><a href="#trunkSourceJavaScriptCoreruntimeJSProxycpp">trunk/Source/JavaScriptCore/runtime/JSProxy.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCoreruntimeJSProxyh">trunk/Source/JavaScriptCore/runtime/JSProxy.h</a></li>
<li><a href="#trunkSourceWebCoreChangeLog">trunk/Source/WebCore/ChangeLog</a></li>
<li><a href="#trunkSourceWebCorebindingsjsJSDOMWindowCustomcpp">trunk/Source/WebCore/bindings/js/JSDOMWindowCustom.cpp</a></li>
<li><a href="#trunkSourceWebCorebindingsjsJSLocationCustomcpp">trunk/Source/WebCore/bindings/js/JSLocationCustom.cpp</a></li>
<li><a href="#trunkSourceWebCorebindingsscriptsCodeGeneratorJSpm">trunk/Source/WebCore/bindings/scripts/CodeGeneratorJS.pm</a></li>
<li><a href="#trunkSourceWebCorebindingsscriptsIDLAttributestxt">trunk/Source/WebCore/bindings/scripts/IDLAttributes.txt</a></li>
<li><a href="#trunkSourceWebCorepageDOMWindowidl">trunk/Source/WebCore/page/DOMWindow.idl</a></li>
<li><a href="#trunkSourceWebCorepageLocationidl">trunk/Source/WebCore/page/Location.idl</a></li>
</ul>
<h3>Added Paths</h3>
<ul>
<li><a href="#trunkLayoutTestshttptestssecuritypreventExtensionswindowlocationexpectedtxt">trunk/LayoutTests/http/tests/security/preventExtensions-window-location-expected.txt</a></li>
<li><a href="#trunkLayoutTestshttptestssecuritypreventExtensionswindowlocationhtml">trunk/LayoutTests/http/tests/security/preventExtensions-window-location.html</a></li>
</ul>
</div>
<div id="patch">
<h3>Diff</h3>
<a id="trunkLayoutTestsChangeLog"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/ChangeLog (205358 => 205359)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/ChangeLog        2016-09-02 19:00:22 UTC (rev 205358)
+++ trunk/LayoutTests/ChangeLog        2016-09-02 19:10:12 UTC (rev 205359)
</span><span class="lines">@@ -1,5 +1,23 @@
</span><span class="cx"> 2016-09-02 Chris Dumez <cdumez@apple.com>
</span><span class="cx">
</span><ins>+ Object.preventExtensions() should throw cross-origin
+ https://bugs.webkit.org/show_bug.cgi?id=161486
+
+ Reviewed by Geoffrey Garen.
+
+ Add layout test coverage. We have a few failures in the same origin case
+ because we don't fully match the specification yet:
+ - Object.preventExtensions() should throw a TypeError. However, our
+ implementation currently does not throw if [[PreventExtensions]] returns
+ false.
+ - We do not ignore calls to Object.preventExtensions() for the Location
+ object yet because other browsers do not seem to either.
+
+ * http/tests/security/preventExtensions-window-location-expected.txt: Added.
+ * http/tests/security/preventExtensions-window-location.html: Added.
+
+2016-09-02 Chris Dumez <cdumez@apple.com>
+
</ins><span class="cx"> Object.defineProperty() should throw cross-origin
</span><span class="cx"> https://bugs.webkit.org/show_bug.cgi?id=161460
</span><span class="cx">
</span></span></pre></div>
<a id="trunkLayoutTestshttptestssecuritypreventExtensionswindowlocationexpectedtxt"></a>
<div class="addfile"><h4>Added: trunk/LayoutTests/http/tests/security/preventExtensions-window-location-expected.txt (0 => 205359)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/http/tests/security/preventExtensions-window-location-expected.txt         (rev 0)
+++ trunk/LayoutTests/http/tests/security/preventExtensions-window-location-expected.txt        2016-09-02 19:10:12 UTC (rev 205359)
</span><span class="lines">@@ -0,0 +1,24 @@
</span><ins>+Test the behavior of Object.preventExtensions() for Window / Location.
+
+On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".
+
+
+* Cross origin
+PASS Object.isExtensible(frames[0]) is true
+PASS Object.preventExtensions(frames[0]) threw exception SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match..
+PASS Object.isExtensible(frames[0]) is true
+PASS Object.isExtensible(frames[0].location) is true
+PASS Object.preventExtensions(frames[0].location) threw exception SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match..
+PASS Object.isExtensible(frames[0].location) is true
+
+* Same origin
+PASS Object.isExtensible(window) is true
+FAIL Object.preventExtensions(window) should throw a TypeError. Did not throw.
+PASS Object.isExtensible(window) is true
+PASS Object.isExtensible(window.location) is true
+FAIL Object.preventExtensions(window.location) should throw a TypeError. Did not throw.
+FAIL Object.isExtensible(window.location) should be true. Was false.
+PASS successfullyParsed is true
+
+TEST COMPLETE
+
</ins></span></pre></div>
<a id="trunkLayoutTestshttptestssecuritypreventExtensionswindowlocationhtml"></a>
<div class="addfile"><h4>Added: trunk/LayoutTests/http/tests/security/preventExtensions-window-location.html (0 => 205359)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/http/tests/security/preventExtensions-window-location.html         (rev 0)
+++ trunk/LayoutTests/http/tests/security/preventExtensions-window-location.html        2016-09-02 19:10:12 UTC (rev 205359)
</span><span class="lines">@@ -0,0 +1,35 @@
</span><ins>+<!DOCTYPE html>
+<html>
+<body>
+<script src="../../../resources/js-test-pre.js"></script>
+<iframe src="http://localhost:8000/security/resources/iframe-with-element.html"></iframe>
+<script>
+description("Test the behavior of Object.preventExtensions() for Window / Location.");
+jsTestIsAsync = true;
+
+onload = function() {
+ debug ("* Cross origin");
+ shouldBeTrue("Object.isExtensible(frames[0])");
+ shouldThrowErrorName("Object.preventExtensions(frames[0])", "SecurityError");
+ shouldBeTrue("Object.isExtensible(frames[0])");
+
+ shouldBeTrue("Object.isExtensible(frames[0].location)");
+ shouldThrowErrorName("Object.preventExtensions(frames[0].location)", "SecurityError");
+ shouldBeTrue("Object.isExtensible(frames[0].location)");
+
+ debug("");
+ debug("* Same origin");
+ shouldBeTrue("Object.isExtensible(window)");
+ shouldThrowErrorName("Object.preventExtensions(window)", "TypeError");
+ shouldBeTrue("Object.isExtensible(window)");
+
+ shouldBeTrue("Object.isExtensible(window.location)");
+ shouldThrowErrorName("Object.preventExtensions(window.location)", "TypeError");
+ shouldBeTrue("Object.isExtensible(window.location)");
+
+ finishJSTest();
+};
+</script>
+<script src="../../../resources/js-test-post.js"></script>
+</body>
+</html>
</ins></span></pre></div>
<a id="trunkSourceJavaScriptCoreChangeLog"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/ChangeLog (205358 => 205359)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/ChangeLog        2016-09-02 19:00:22 UTC (rev 205358)
+++ trunk/Source/JavaScriptCore/ChangeLog        2016-09-02 19:10:12 UTC (rev 205359)
</span><span class="lines">@@ -1,5 +1,18 @@
</span><span class="cx"> 2016-09-02 Chris Dumez <cdumez@apple.com>
</span><span class="cx">
</span><ins>+ Object.preventExtensions() should throw cross-origin
+ https://bugs.webkit.org/show_bug.cgi?id=161486
+
+ Reviewed by Geoffrey Garen.
+
+ Update JSProxy to forward preventExtensions() calls to its target.
+
+ * runtime/JSProxy.cpp:
+ (JSC::JSProxy::preventExtensions):
+ * runtime/JSProxy.h:
+
+2016-09-02 Chris Dumez <cdumez@apple.com>
+
</ins><span class="cx"> Align proto getter / setter behavior with other browsers
</span><span class="cx"> https://bugs.webkit.org/show_bug.cgi?id=161455
</span><span class="cx">
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoreruntimeJSProxycpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/runtime/JSProxy.cpp (205358 => 205359)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/runtime/JSProxy.cpp        2016-09-02 19:00:22 UTC (rev 205358)
+++ trunk/Source/JavaScriptCore/runtime/JSProxy.cpp        2016-09-02 19:10:12 UTC (rev 205359)
</span><span class="lines">@@ -102,6 +102,12 @@
</span><span class="cx"> return thisObject->target()->methodTable(exec->vm())->deleteProperty(thisObject->target(), exec, propertyName);
</span><span class="cx"> }
</span><span class="cx">
</span><ins>+bool JSProxy::preventExtensions(JSObject* object, ExecState* exec)
+{
+ JSProxy* thisObject = jsCast<JSProxy*>(object);
+ return thisObject->target()->methodTable(exec->vm())->preventExtensions(thisObject->target(), exec);
+}
+
</ins><span class="cx"> bool JSProxy::deletePropertyByIndex(JSCell* cell, ExecState* exec, unsigned propertyName)
</span><span class="cx"> {
</span><span class="cx"> JSProxy* thisObject = jsCast<JSProxy*>(cell);
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoreruntimeJSProxyh"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/runtime/JSProxy.h (205358 => 205359)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/runtime/JSProxy.h        2016-09-02 19:00:22 UTC (rev 205358)
+++ trunk/Source/JavaScriptCore/runtime/JSProxy.h        2016-09-02 19:10:12 UTC (rev 205359)
</span><span class="lines">@@ -96,6 +96,7 @@
</span><span class="cx"> JS_EXPORT_PRIVATE static bool defineOwnProperty(JSObject*, ExecState*, PropertyName, const PropertyDescriptor&, bool shouldThrow);
</span><span class="cx"> JS_EXPORT_PRIVATE static bool setPrototype(JSObject*, ExecState*, JSValue, bool shouldThrowIfCantSet);
</span><span class="cx"> JS_EXPORT_PRIVATE static JSValue getPrototype(JSObject*, ExecState*);
</span><ins>+ JS_EXPORT_PRIVATE static bool preventExtensions(JSObject*, ExecState*);
</ins><span class="cx">
</span><span class="cx"> private:
</span><span class="cx"> WriteBarrier<JSObject> m_target;
</span></span></pre></div>
<a id="trunkSourceWebCoreChangeLog"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/ChangeLog (205358 => 205359)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/ChangeLog        2016-09-02 19:00:22 UTC (rev 205358)
+++ trunk/Source/WebCore/ChangeLog        2016-09-02 19:10:12 UTC (rev 205359)
</span><span class="lines">@@ -1,5 +1,34 @@
</span><span class="cx"> 2016-09-02 Chris Dumez <cdumez@apple.com>
</span><span class="cx">
</span><ins>+ Object.preventExtensions() should throw cross-origin
+ https://bugs.webkit.org/show_bug.cgi?id=161486
+
+ Reviewed by Geoffrey Garen.
+
+ Object.preventExtensions() should throw cross-origin:
+ - https://html.spec.whatwg.org/#windowproxy-preventextensions
+ - https://html.spec.whatwg.org/#location-preventextensions
+ - http://www.ecma-international.org/ecma-262/6.0/#sec-object.preventextensions
+
+ Firefox and Chrome both throw in the cross-origin case. Firefox also throws
+ a TypeError in the same-origin case for Window, as per the specification.
+ However, Firefox does not seem to throw yet in the same-origin case for
+ Location yet.
+
+ Test: http/tests/security/preventExtensions-window-location.html
+
+ * bindings/js/JSDOMWindowCustom.cpp:
+ (WebCore::JSDOMWindow::preventExtensions):
+ * bindings/js/JSLocationCustom.cpp:
+ (WebCore::JSLocation::preventExtensions):
+ * bindings/scripts/CodeGeneratorJS.pm:
+ (GenerateHeader):
+ * bindings/scripts/IDLAttributes.txt:
+ * page/DOMWindow.idl:
+ * page/Location.idl:
+
+2016-09-02 Chris Dumez <cdumez@apple.com>
+
</ins><span class="cx"> Object.defineProperty() should throw cross-origin
</span><span class="cx"> https://bugs.webkit.org/show_bug.cgi?id=161460
</span><span class="cx">
</span></span></pre></div>
<a id="trunkSourceWebCorebindingsjsJSDOMWindowCustomcpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/bindings/js/JSDOMWindowCustom.cpp (205358 => 205359)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/bindings/js/JSDOMWindowCustom.cpp        2016-09-02 19:00:22 UTC (rev 205358)
+++ trunk/Source/WebCore/bindings/js/JSDOMWindowCustom.cpp        2016-09-02 19:10:12 UTC (rev 205359)
</span><span class="lines">@@ -361,6 +361,14 @@
</span><span class="cx"> return Base::getPrototype(object, exec);
</span><span class="cx"> }
</span><span class="cx">
</span><ins>+bool JSDOMWindow::preventExtensions(JSObject* object, ExecState* exec)
+{
+ JSDOMWindow* thisObject = jsCast<JSDOMWindow*>(object);
+ if (!BindingSecurity::shouldAllowAccessToDOMWindow(exec, thisObject->wrapped(), ThrowSecurityError))
+ return false;
+ return false;
+}
+
</ins><span class="cx"> // Custom Attributes
</span><span class="cx">
</span><span class="cx"> void JSDOMWindow::setLocation(ExecState& state, JSValue value)
</span></span></pre></div>
<a id="trunkSourceWebCorebindingsjsJSLocationCustomcpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/bindings/js/JSLocationCustom.cpp (205358 => 205359)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/bindings/js/JSLocationCustom.cpp        2016-09-02 19:00:22 UTC (rev 205358)
+++ trunk/Source/WebCore/bindings/js/JSLocationCustom.cpp        2016-09-02 19:10:12 UTC (rev 205359)
</span><span class="lines">@@ -147,6 +147,16 @@
</span><span class="cx"> return Base::getPrototype(object, exec);
</span><span class="cx"> }
</span><span class="cx">
</span><ins>+bool JSLocation::preventExtensions(JSObject* object, ExecState* exec)
+{
+ JSLocation* thisObject = jsCast<JSLocation*>(object);
+ if (!BindingSecurity::shouldAllowAccessToFrame(exec, thisObject->wrapped().frame(), ThrowSecurityError))
+ return false;
+ // FIXME: The specification says to return false in the same origin case as well but other browsers have
+ // not implemented this yet.
+ return Base::preventExtensions(object, exec);
+}
+
</ins><span class="cx"> bool JSLocationPrototype::putDelegate(ExecState* exec, PropertyName propertyName, JSValue, PutPropertySlot&, bool& putResult)
</span><span class="cx"> {
</span><span class="cx"> putResult = false;
</span></span></pre></div>
<a id="trunkSourceWebCorebindingsscriptsCodeGeneratorJSpm"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/bindings/scripts/CodeGeneratorJS.pm (205358 => 205359)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/bindings/scripts/CodeGeneratorJS.pm        2016-09-02 19:00:22 UTC (rev 205358)
+++ trunk/Source/WebCore/bindings/scripts/CodeGeneratorJS.pm        2016-09-02 19:10:12 UTC (rev 205359)
</span><span class="lines">@@ -1326,6 +1326,9 @@
</span><span class="cx"> push (@headerContent, " static JSC::JSValue getPrototype(JSC::JSObject*, JSC::ExecState*);\n") if $interface->extendedAttributes->{"CustomGetPrototype"};
</span><span class="cx"> push (@headerContent, " static bool setPrototype(JSC::JSObject*, JSC::ExecState*, JSC::JSValue, bool shouldThrowIfCantSet);\n") if $interface->extendedAttributes->{"CustomSetPrototype"};
</span><span class="cx">
</span><ins>+ # Custom preventExtensions function.
+ push(@headerContent, " static bool preventExtensions(JSC::JSObject*, JSC::ExecState*);\n") if $interface->extendedAttributes->{"CustomPreventExtensions"};
+
</ins><span class="cx"> # Override toBoolean to return false for objects that want to 'MasqueradesAsUndefined'.
</span><span class="cx"> if ($interface->extendedAttributes->{"MasqueradesAsUndefined"}) {
</span><span class="cx"> $structureFlags{"JSC::MasqueradesAsUndefined"} = 1;
</span></span></pre></div>
<a id="trunkSourceWebCorebindingsscriptsIDLAttributestxt"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/bindings/scripts/IDLAttributes.txt (205358 => 205359)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/bindings/scripts/IDLAttributes.txt        2016-09-02 19:00:22 UTC (rev 205358)
+++ trunk/Source/WebCore/bindings/scripts/IDLAttributes.txt        2016-09-02 19:10:12 UTC (rev 205359)
</span><span class="lines">@@ -47,6 +47,7 @@
</span><span class="cx"> CustomIsReachable
</span><span class="cx"> CustomNamedGetter
</span><span class="cx"> CustomNamedSetter
</span><ins>+CustomPreventExtensions
</ins><span class="cx"> CustomProxyToJSObject
</span><span class="cx"> CustomPutFunction
</span><span class="cx"> CustomReturn
</span></span></pre></div>
<a id="trunkSourceWebCorepageDOMWindowidl"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/page/DOMWindow.idl (205358 => 205359)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/page/DOMWindow.idl        2016-09-02 19:00:22 UTC (rev 205358)
+++ trunk/Source/WebCore/page/DOMWindow.idl        2016-09-02 19:10:12 UTC (rev 205359)
</span><span class="lines">@@ -30,6 +30,7 @@
</span><span class="cx"> CustomEnumerateProperty,
</span><span class="cx"> CustomGetOwnPropertySlot,
</span><span class="cx"> CustomGetPrototype,
</span><ins>+ CustomPreventExtensions,
</ins><span class="cx"> CustomProxyToJSObject,
</span><span class="cx"> CustomPutFunction,
</span><span class="cx"> CustomSetPrototype,
</span></span></pre></div>
<a id="trunkSourceWebCorepageLocationidl"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/page/Location.idl (205358 => 205359)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/page/Location.idl        2016-09-02 19:00:22 UTC (rev 205358)
+++ trunk/Source/WebCore/page/Location.idl        2016-09-02 19:10:12 UTC (rev 205359)
</span><span class="lines">@@ -32,6 +32,7 @@
</span><span class="cx"> CustomEnumerateProperty,
</span><span class="cx"> CustomGetPrototype,
</span><span class="cx"> CustomNamedSetter,
</span><ins>+ CustomPreventExtensions,
</ins><span class="cx"> CustomSetPrototype,
</span><span class="cx"> GenerateIsReachable=ImplFrame,
</span><span class="cx"> JSCustomDefineOwnProperty,
</span></span></pre>
</div>
</div>
</body>
</html>