New issue
Advanced search Search tips
Note: Color blocks (like or ) mean that a user may not be available. Tooltip shows the reason.

Issue 682726 link

Starred by 0 users

Issue metadata

Status: Fixed
Owner:
Closed: Jan 2017
Cc:
Components:
EstimatedDays: ----
NextAction: ----
OS: ----
Pri: 2
Type: Bug



Sign in to add a comment

OOPIF-specific layout test output diff from sandbox-DENIED-top-navigation-without-user-gesture.html

Project Member Reported by lukasza@chromium.org, Jan 19 2017

Issue description

Results from a red build on site-isolation bots: https://storage.googleapis.com/chromium-layout-test-archives/Site_Isolation_Linux/13501/layout-test-results/results.html

Without OOPIFs:

CONSOLE ERROR: line 8: Unsafe JavaScript attempt to initiate navigation for frame with URL 'http://127.0.0.1:8000/security/frameNavigation/sandbox-DENIED-top-navigation-without-user-gesture.html' ...


With OOPIFs:

CONSOLE ERROR: line 8: Unsafe JavaScript attempt to initiate navigation for frame with origin 'http://127.0.0.1:8000' ...

 
It seems safe to disable console output for this test, because the essence of the test validation depends on dumping contents of the child frame (which if the test passes should contain:

"The top navigation from this iframe should be blocked. This text should appear."

I'll start working on a CL that does this.
Project Member

Comment 2 by bugdroid1@chromium.org, Jan 19 2017

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/ea3bb6bbd7ff85c64dd603505ba7822dd86cff16

commit ea3bb6bbd7ff85c64dd603505ba7822dd86cff16
Author: lukasza <lukasza@chromium.org>
Date: Thu Jan 19 19:05:35 2017

Disable console output from the test, to ignore msg diff for x-site frames.

Without OOPIFs the console message emitted during the test looks as
follows:

  CONSOLE ERROR: line 8: Unsafe JavaScript attempt to initiate navigation
  for frame with URL
  'http://127.0.0.1:8000/security/frameNavigation/sandbox-DENIED-top-navigation-without-user-gesture.html'

With OOPIFs only the origin is known:

  CONSOLE ERROR: line 8: Unsafe JavaScript attempt to initiate navigation
  for frame with origin 'http://127.0.0.1:8000' ...

This CL makes sure the test output is the same with and without OOPIFs,
by disabling logging of console output.  The validation of the main
thing the test wants to test (whether top-level navigation happened
or not) is still happening by verifying if the child frame stayed
at its current location (which wouldn't have happened if its top-level
parent was navigated) - this is verified by checking if the child frame
still contains the following text:

  The top navigation from this iframe should be blocked.
  This text should appear.

BUG= 682726 
TEST=Run the layout test with and without --site-per-process

Review-Url: https://codereview.chromium.org/2642163002
Cr-Commit-Position: refs/heads/master@{#444806}

[modify] https://crrev.com/ea3bb6bbd7ff85c64dd603505ba7822dd86cff16/third_party/WebKit/LayoutTests/http/tests/security/frameNavigation/sandbox-DENIED-top-navigation-without-user-gesture-expected.txt
[modify] https://crrev.com/ea3bb6bbd7ff85c64dd603505ba7822dd86cff16/third_party/WebKit/LayoutTests/http/tests/security/frameNavigation/sandbox-DENIED-top-navigation-without-user-gesture.html

Status: Fixed (was: Started)

Sign in to add a comment