debugging

This commit is contained in:
ddh 2017-05-09 16:58:40 +01:00
parent 3acac9d8e0
commit bb283d981a
2 changed files with 21 additions and 4 deletions

View file

@ -82,6 +82,7 @@ enum CrossOriginObjectType {
}
unsafe fn identify_cross_origin_object(obj: HandleObject) -> CrossOriginObjectType {
println!("unchecked unwrap for identfy xoo");
let obj = UncheckedUnwrapObject(obj.get(), /* stopAtWindowProxy = */ 0);
let obj_class = JS_GetClass(obj);
let name = str::from_utf8(CStr::from_ptr((*obj_class).name).to_bytes()).unwrap().to_owned();
@ -312,6 +313,7 @@ pub fn is_platform_object(obj: *mut JSObject) -> bool {
}
// Now for simplicity check for security wrappers before anything else
if IsWrapper(obj) {
println!("unwrap obj for sec wrapper check");
let unwrapped_obj = UnwrapObject(obj, /* stopAtWindowProxy = */ 0);
if unwrapped_obj.is_null() {
return false;

View file

@ -59,9 +59,24 @@ addTest(function() {
assert_equals(B.parent, window, "window.parent works same-origin");
//assert_equals(C.parent, window, "window.parent works cross-origin");
assert_equals(B.location.pathname, path, "location.href works same-origin");
//TODO do document.write and console.log have same behavior?
try {
console.log(C.location.pathname); //permission denied to unwrap object
} catch(err) {
console.log(err.message);
}
//assert_throws("SecurityError", function() { C.location.pathname; }, "location.pathname throws cross-origin");
assert_equals(B.frames, 'override', "Overrides visible in the same-origin case");
//document.write(C.frames);
try {
console.log(B.frames);
} catch(err) {
console.log(err.message);
}
//assert_equals(B.frames, 'override', "Overrides visible in the same-origin case");
try {
console.log(C.frames);
} catch(err) {
console.log(err.message);
}
//assert_equals(C.frames, C, "Overrides invisible in the cross-origin case");
}, "Basic sanity-checking");
@ -71,7 +86,7 @@ addTest(function() {
* Also tests for [[GetOwnProperty]] and [[HasOwnProperty]] behavior.
*/
var whitelistedWindowIndices = ['0', '1'];
/*var whitelistedWindowIndices = ['0', '1'];
var whitelistedWindowPropNames = ['location', 'postMessage', 'window', 'frames', 'self', 'top', 'parent',
'opener', 'closed', 'close', 'blur', 'focus', 'length'];
whitelistedWindowPropNames = whitelistedWindowPropNames.concat(whitelistedWindowIndices);
@ -115,7 +130,7 @@ addTest(function() {
//assert_throws("SecurityError", function() { C[prop] = undefined; }, "Should throw when writing to " + prop + " on Location");
}
}, "Only whitelisted properties are accessible cross-origin");
/*
/*
* ES Internal Methods.
*/