[Webkit-unassigned] [Bug 17099] Add Mozilla tests for postMessage, fix bugs they reveal
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Fri May 9 15:58:14 PDT 2008
http://bugs.webkit.org/show_bug.cgi?id=17099
jwalden+bwo at mit.edu changed:
What |Removed |Added
----------------------------------------------------------------------------
URL|http://lists.whatwg.org/pipe|http://lists.whatwg.org/pipe
|rmail/whatwg- |rmail/whatwg-
|whatwg.org/2008- |whatwg.org/2008-
|January/013795.html |May/014665.html
------- Comment #6 from jwalden+bwo at mit.edu 2008-05-09 15:58 PDT -------
Tests updated to latest spec, a second time since original posts.
Current failures I see, latest source:
- not throwing security exception accessing variable in other window (returning
undefined, presumably); not inherently postMessage-related
- event.target is document (but target of dispatch is correctly window)
- some funkiness related to a closed-window test, not sure what's up with it
- you choke with a SYNTAX_ERR if targetOrigin is IDN
- you're using the value of document.domain for determining origin -- you
should use the actual location
- data: URI origins not following HTML5 spec mean a test where a data: URI
reaches into its parent ends up failing
The fifth is probably most important -- it's a spoofing concern for hosts which
give out subdomains (although at least it isn't a two-way channel unless "*" is
used with the response, rather only subdomain->other). Fourth is next because
it's not immediately obvious the failure would always be an exception thrown,
and if it's a fail any way it'll be completely silent. Second depends how
smart code is at recognizing that, excepting listeners set across pages,
.target === window -- I'd bet it'd be fairly rare. The others are worth fixing
but are either edge-case behavior or behavior that was one way but the spec now
says do something else, so they're not super-duper important right now.
--
Configure bugmail: http://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
More information about the webkit-unassigned
mailing list