[Webkit-unassigned] [Bug 73083] Fix the Frame Leak Attack
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Tue Apr 10 05:56:33 PDT 2012
https://bugs.webkit.org/show_bug.cgi?id=73083
Ádám Kallai <kadam at inf.u-szeged.hu> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |kadam at inf.u-szeged.hu
--- Comment #47 from Ádám Kallai <kadam at inf.u-szeged.hu> 2012-04-10 05:56:32 PST ---
This test fails on Qt WK2 and Mac Lion WK2.
Diff:
--- /ramdisk/qt-linux-32-release-webkit2/build/layout-test-results/http/tests/navigation/anchor-frames-cross-origin-expected.txt
+++ /ramdisk/qt-linux-32-release-webkit2/build/layout-test-results/http/tests/navigation/anchor-frames-cross-origin-actual.txt
@@ -1,23 +1,2 @@
CONSOLE MESSAGE: Fragment navigation not allowed with cross-origin frames.
-
---------
-Frame: 'main'
---------
-This prevents a cross-origin information leak sometimes know as framesniffing.
-
-On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".
-
-
-PASS document.body.offsetHeight > document.documentElement.clientHeight is true
-PASS document.body.scrollTop == 0 is true
-PASS document.body.scrollLeft == 0 is true
-PASS successfullyParsed is true
-
-TEST COMPLETE
-This is an anchor point named "anchor1.
-
---------
-Frame: 'footer'
---------
-
Could you check it? I'm going to skip this, until It is fixed.
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list