[Webkit-unassigned] [Bug 209067] New: [ Mac wk1 ] http/tests/security/javascriptURL/xss-DENIED-to-javascript-url-in-foreign-domain-subframe.html is flaky failing.
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Fri Mar 13 11:18:31 PDT 2020
https://bugs.webkit.org/show_bug.cgi?id=209067
Bug ID: 209067
Summary: [ Mac wk1 ]
http/tests/security/javascriptURL/xss-DENIED-to-javasc
ript-url-in-foreign-domain-subframe.html is flaky
failing.
Product: WebKit
Version: WebKit Nightly Build
Hardware: Macintosh
OS: macOS 10.15
Status: NEW
Severity: Normal
Priority: P2
Component: WebCore JavaScript
Assignee: webkit-unassigned at lists.webkit.org
Reporter: Lawrence.j at apple.com
http/tests/security/javascriptURL/xss-DENIED-to-javascript-url-in-foreign-domain-subframe.html
Description:
This test is flaky failing on Mac wk1. The flaky failures are present throughout the visible history.
History:
https://results.webkit.org/?suite=layout-tests&test=http%2Ftests%2Fsecurity%2FjavascriptURL%2Fxss-DENIED-to-javascript-url-in-foreign-domain-subframe.html&platform=mac&flavor=wk1&style=debug&style=release&limit=50000&recent=false
Diff:
--- /Volumes/Data/slave/mojave-release-tests-wk1/build/layout-test-results/http/tests/security/javascriptURL/xss-DENIED-to-javascript-url-in-foreign-domain-subframe-expected.txt
+++ /Volumes/Data/slave/mojave-release-tests-wk1/build/layout-test-results/http/tests/security/javascriptURL/xss-DENIED-to-javascript-url-in-foreign-domain-subframe-actual.txt
@@ -1,20 +1,47 @@
-CONSOLE MESSAGE: line 41: SecurityError: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a cross-origin frame. Protocols, domains, and ports must match.
-The scenario for this test is that you have an iframe with content from a foreign domain. In that foreign content is an iframe which loads a javascript: URL. This tests that this main document does not have access to that javascript: URL loaded iframe.
-
-
-PASS: Cross frame access to a javascript: URL embed in a frame on a foreign domain denied!
-
-
---------
-Frame: '<!--frame1-->'
---------
-Inner iframe on a foreign domain.
-
-
-
---------
-Frame: 'aFrame'
---------
-PASS: Cross frame access from a frame on a foreign domain denied!
-
-Inner-inner iframe. This iframe (which is javascript: URL and whose parent is on a foreign domain) is the frame that the main frame is trying to access. It should not have access to it.
+layer at (0,0) size 800x600
+ RenderView at (0,0) size 800x600
+layer at (0,0) size 800x600
+ RenderBlock {HTML} at (0,0) size 800x600
+ RenderBody {BODY} at (8,8) size 784x579
+ RenderBlock {P} at (0,0) size 784x54
+ RenderText {#text} at (0,0) size 755x54
+ text run at (0,0) width 568: "The scenario for this test is that you have an iframe with content from a foreign domain. "
+ text run at (567,0) width 148: "In that foreign content "
+ text run at (714,0) width 31: "is an"
+ text run at (0,18) width 249: "iframe which loads a javascript: URL. "
+ text run at (248,18) width 405: "This tests that this main document does not have access to that "
+ text run at (652,18) width 103: "javascript: URL"
+ text run at (0,36) width 93: "loaded iframe."
+ RenderBlock (anonymous) at (0,70) size 784x204
+ RenderIFrame {IFRAME} at (0,0) size 404x204 [border: (2px inset #000000)]
+ layer at (0,0) size 385x204
+ RenderView at (0,0) size 385x200
+ layer at (0,0) size 385x204
+ RenderBlock {HTML} at (0,0) size 385x204
+ RenderBody {BODY} at (8,8) size 369x188
+ RenderBlock {P} at (0,0) size 369x18
+ RenderText {#text} at (0,0) size 217x18
+ text run at (0,0) width 217: "Inner iframe on a foreign domain."
+ RenderBlock (anonymous) at (0,34) size 369x154
+ RenderIFrame {IFRAME} at (0,0) size 304x154 [border: (2px inset #000000)]
+ layer at (0,0) size 285x166
+ RenderView at (0,0) size 285x150
+ layer at (0,0) size 285x166
+ RenderBlock {HTML} at (0,0) size 285x166
+ RenderBody {BODY} at (8,8) size 269x142
+ RenderBlock {P} at (0,0) size 269x36
+ RenderText {#text} at (0,0) size 256x36
+ text run at (0,0) width 256: "PASS: Cross frame access from a frame"
+ text run at (0,18) width 182: "on a foreign domain denied!"
+ RenderBlock {P} at (0,52) size 269x90
+ RenderText {#text} at (0,0) size 264x90
+ text run at (0,0) width 263: "Inner-inner iframe. This iframe (which is"
+ text run at (0,18) width 264: "javascript: URL and whose parent is on a"
+ text run at (0,36) width 235: "foreign domain) is the frame that the"
+ text run at (0,54) width 200: "main frame is trying to access. "
+ text run at (199,54) width 57: "It should"
+ text run at (0,72) width 133: "not have access to it."
+ RenderText {#text} at (0,0) size 0x0
+ RenderText {#text} at (0,0) size 0x0
+ RenderText {#text} at (0,0) size 0x0
+ RenderBlock {PRE} at (0,287) size 784x0
--
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20200313/21cbdff8/attachment-0001.htm>
More information about the webkit-unassigned
mailing list