angler-fishThe Vulnerability History Project

Add window access checks for Suborigins

      As a first enforcement step, this adds access control checks for windows
and JavaScript objects for Suborigins. In short, two origins can only
access each other's objects if they are in the same scheme, host, and
port (as always), but also the same Suborigin. This also sets up the
infrastructure to later start working checks for requests as well. This
does not add any CORS check dependencies on Suborigins yet.

R=jochen@chromium.org
BUG=336894

Review URL: https://codereview.chromium.org/1180923003

git-svn-id: svn://svn.chromium.org/blink/trunk@197195 bbb929c8-8fbe-4397-9dbb-9b2b20218538
by Alexander the Pony 2015-06-16 21:08:46 UTC
commit 464f41055aeb070a55ec30682f8768bd8e88b4e6
Chromium VCC CVE-2016-1661
third_party/WebKit/LayoutTests/http/tests/security/suborigins/crossorigin/suborigin-cross-origin-script-window-onerror-expected.txt
+3
third_party/WebKit/LayoutTests/http/tests/security/suborigins/crossorigin/suborigin-cross-origin-script-window-onerror-no-cors-expected.txt
-15
third_party/WebKit/LayoutTests/http/tests/security/suborigins/crossorigin/suborigin-cross-origin-script-window-onerror-no-cors.php
-29
third_party/WebKit/LayoutTests/http/tests/security/suborigins/crossorigin/suborigin-cross-origin-script-window-onerror-redirected-expected.txt
+3
third_party/WebKit/LayoutTests/http/tests/security/suborigins/crossorigin/suborigin-cross-origin-script-window-onerror-redirected.php
+26
third_party/WebKit/LayoutTests/http/tests/security/suborigins/crossorigin/suborigin-cross-origin-script-window-onerror.php
+28
third_party/WebKit/LayoutTests/http/tests/security/suborigins/crossorigin/suborigin-cross-origin-window-event-exception-expected.txt
+2 -2
third_party/WebKit/LayoutTests/http/tests/security/suborigins/crossorigin/suborigin-cross-origin-window-open-exception-expected.txt
+2 -2
third_party/WebKit/LayoutTests/http/tests/security/suborigins/multiple-suborigins-disallowed-expected.txt
+3 -1
third_party/WebKit/LayoutTests/http/tests/security/suborigins/multiple-suborigins-disallowed.html
+23
third_party/WebKit/LayoutTests/http/tests/security/suborigins/multiple-suborigins-disallowed.php
-12
third_party/WebKit/LayoutTests/http/tests/security/suborigins/resources/child-changes-document-domain.php
+5 -8
third_party/WebKit/LayoutTests/http/tests/security/suborigins/resources/childsuborigin.php
+12
third_party/WebKit/LayoutTests/http/tests/security/suborigins/resources/cors-script-suborigin.php
-22
third_party/WebKit/LayoutTests/http/tests/security/suborigins/resources/iframe-reaches-into-parent.php
-21
third_party/WebKit/LayoutTests/http/tests/security/suborigins/resources/multiple-suborigins.php
+8
third_party/WebKit/LayoutTests/http/tests/security/suborigins/resources/post-document-to-parent.php
-11
third_party/WebKit/LayoutTests/http/tests/security/suborigins/resources/post-to-parent.php
-18
third_party/WebKit/LayoutTests/http/tests/security/suborigins/resources/reach-into-iframe.php
-28
third_party/WebKit/LayoutTests/http/tests/security/suborigins/suborigin-allow-in-http-header-expected.txt
+5
third_party/WebKit/LayoutTests/http/tests/security/suborigins/suborigin-allow-in-http-header.php
+26
third_party/WebKit/LayoutTests/http/tests/security/suborigins/suborigin-allow-same-suborigin-access.html
-48
third_party/WebKit/LayoutTests/http/tests/security/suborigins/suborigin-blocked-different-suborigins-expected.txt
+5
third_party/WebKit/LayoutTests/http/tests/security/suborigins/suborigin-blocked-different-suborigins.html
-15
third_party/WebKit/LayoutTests/http/tests/security/suborigins/suborigin-blocked-different-suborigins.php
+26
third_party/WebKit/LayoutTests/http/tests/security/suborigins/suborigin-blocked-not-in-suborigin-to-suborigin-expected.txt
+5
third_party/WebKit/LayoutTests/http/tests/security/suborigins/suborigin-blocked-not-in-suborigin-to-suborigin.php
+12 -4
third_party/WebKit/LayoutTests/http/tests/security/suborigins/suborigin-change-document-domain-expected.txt
+6
third_party/WebKit/LayoutTests/http/tests/security/suborigins/suborigin-change-document-domain.html
+2 -2
third_party/WebKit/LayoutTests/http/tests/security/suborigins/suborigin-document-suborigin-expected.txt
+5
third_party/WebKit/LayoutTests/http/tests/security/suborigins/{suborigin-document-suborigin.html => suborigin-document-suborigin.php}
+5 -5
third_party/WebKit/LayoutTests/http/tests/security/suborigins/suborigin-in-meta-disallowed-console-warning-expected.txt
-2
third_party/WebKit/LayoutTests/http/tests/security/suborigins/suborigin-in-meta-disallowed-console-warning.html
-10
third_party/WebKit/LayoutTests/http/tests/security/suborigins/suborigin-in-meta-disallowed-expected.txt
+5
third_party/WebKit/LayoutTests/http/tests/security/suborigins/suborigin-in-meta-disallowed.html
+6 -16
third_party/WebKit/LayoutTests/http/tests/security/suborigins/suborigin-invalid-names-expected.txt
+5 -13
third_party/WebKit/LayoutTests/http/tests/security/suborigins/suborigin-invalid-names.html
+16 -15
third_party/WebKit/LayoutTests/http/tests/security/suborigins/suborigin-valid-names-expected.txt
+4 -5
third_party/WebKit/LayoutTests/http/tests/security/suborigins/suborigin-valid-names.html
+17 -16
third_party/WebKit/Source/bindings/core/v8/BindingSecurity.cpp
+1 -1
third_party/WebKit/Source/core/dom/ExecutionContext.cpp
+1 -1
third_party/WebKit/Source/core/frame/DOMWindow.cpp
+3 -3
third_party/WebKit/Source/core/frame/LocalDOMWindow.cpp
+1 -1
third_party/WebKit/Source/platform/weborigin/SecurityOrigin.cpp
-21
third_party/WebKit/Source/platform/weborigin/SecurityOrigin.h
-17
third_party/WebKit/Source/platform/weborigin/SecurityOriginHash.h
+3 -4
third_party/WebKit/Source/platform/weborigin/SecurityOriginTest.cpp
-69
expand_less