New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Check document.domain mutation with cross-origin isolated #25597
Conversation
Check that the mutation is no-op when cross-origin isolated.
@annevk: Can you take a look? |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The other cases that would be interesting to test is what if document.domain threw an exception. There are a number of validation steps that throw, before cross-origin isolation would make it return. It seems somewhat worthwhile testing those conditions too.
I think @domenic has done that somewhere, but I cannot find the test right now.
...afe-passing-of-structured-data/shared-array-buffers/resources/iframe-domain-failure.sub.html
Outdated
Show resolved
Hide resolved
Would document.domain actually change here? That is, isn't it already equal to |
Quoting from my comment at https://chromium-review.googlesource.com/c/chromium/src/+/2417872/2#message-050d44f47c5fd0a348193f72035a1d5c0bd3824d:
|
In https://chromium-review.googlesource.com/c/chromium/src/+/2419144 I wrote a test of this sort for origin isolation. (None existed before.) I only checked the easy-to-test registrable suffix condition. Happily, that is the last condition, so it's pretty unlikely that implementations would somehow pass that test but mess up the other conditions. |
There are two document.domain substitutions; one is in window-domain-failure.https.sub.html and the other is in resources/iframe-domain-failure.sub.html. The added check checks the latter. Please note that resources/iframe-domain-failure.sub.html is loaded as a cross-origin iframe in window-domain-failure.https.sub.html, and the initial document.domain is {{domains[www1]}}. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Got it; LGTM then. I will add a similar test to https://chromium-review.googlesource.com/c/chromium/src/+/2419144 for origin isolation.
Check that the mutation is no-op when cross-origin isolated.