Regression(r272607) Removal of alert()/confirm() in third-party iframes breaks Salesforce

cdumez · cdumez · commit 008eb054013d · 2021-09-01T14:54:39.000Z
https://bugs.webkit.org/show_bug.cgi?id=229737 <rdar://82591122> Source/WebCore: Unreviewed, Revert behavior change made in r272607 as it broke Salesforce. My understanding is that Chrome had to revert this too. Tests: http/tests/security/cross-origin-js-prompt-allowed.html http/tests/security/same-origin-different-domain-js-prompt-allowed.html * page/DOMWindow.cpp: (WebCore::DOMWindow::alert): (WebCore::DOMWindow::confirmForBindings): (WebCore::DOMWindow::prompt): LayoutTests: Unreviewed, Update existing tests to reflect behavior change. * http/tests/security/cross-origin-js-prompt-allowed-expected.txt: Added. * http/tests/security/cross-origin-js-prompt-allowed.html: Renamed from LayoutTests/http/tests/security/cross-origin-js-prompt-forbidden.html. * http/tests/security/cross-origin-js-prompt-forbidden-expected.txt: Removed. * http/tests/security/resources/cross-origin-js-prompt-allowed.html: Renamed from LayoutTests/http/tests/security/resources/cross-origin-js-prompt-forbidden.html. * http/tests/security/same-origin-different-domain-js-prompt-allowed-expected.txt: Added. * http/tests/security/same-origin-different-domain-js-prompt-allowed.html: Renamed from LayoutTests/http/tests/security/same-origin-different-domain-js-prompt-forbidden.html. * http/tests/security/same-origin-different-domain-js-prompt-forbidden-expected.txt: Removed. Canonical link: https://commits.webkit.org/241180@main git-svn-id: https://svn.webkit.org/repository/webkit/trunk@281848 268f45cc-cd09-0410-ab3c-d52691b4dbfc
diff --git a/LayoutTests/ChangeLog b/LayoutTests/ChangeLog
@@ -1,3 +1,19 @@
+2021-09-01  Chris Dumez  <cdumez@apple.com>
+
+        Regression(r272607) Removal of alert()/confirm() in third-party iframes breaks Salesforce
+        https://bugs.webkit.org/show_bug.cgi?id=229737
+        <rdar://82591122>
+
+        Unreviewed, Update existing tests to reflect behavior change.
+
+        * http/tests/security/cross-origin-js-prompt-allowed-expected.txt: Added.
+        * http/tests/security/cross-origin-js-prompt-allowed.html: Renamed from LayoutTests/http/tests/security/cross-origin-js-prompt-forbidden.html.
+        * http/tests/security/cross-origin-js-prompt-forbidden-expected.txt: Removed.
+        * http/tests/security/resources/cross-origin-js-prompt-allowed.html: Renamed from LayoutTests/http/tests/security/resources/cross-origin-js-prompt-forbidden.html.
+        * http/tests/security/same-origin-different-domain-js-prompt-allowed-expected.txt: Added.
+        * http/tests/security/same-origin-different-domain-js-prompt-allowed.html: Renamed from LayoutTests/http/tests/security/same-origin-different-domain-js-prompt-forbidden.html.
+        * http/tests/security/same-origin-different-domain-js-prompt-forbidden-expected.txt: Removed.
+
 2021-09-01  Myles C. Maxfield  <mmaxfield@apple.com>
 
         CSSFontFaceSet.clear() should not clear CSS-connected members
diff --git a/LayoutTests/http/tests/history/cross-origin-replace-history-object-child-expected.txt b/LayoutTests/http/tests/history/cross-origin-replace-history-object-child-expected.txt
@@ -1,6 +1,6 @@
 CONSOLE MESSAGE: SecurityError: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a cross-origin frame. Protocols, domains, and ports must match.
 ALERT: Child window's history object before attempt to clear: undefined
-CONSOLE MESSAGE: Use of window.alert is not allowed in different origin-domain iframes.
+ALERT: About to shadow child window's history object: [object History]
 CONSOLE MESSAGE: PASS: Could not shadow child window's history object: [object History]
 CONSOLE MESSAGE: SecurityError: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a cross-origin frame. Protocols, domains, and ports must match.
 ALERT: Child window's history object after attempt to clear: undefined
diff --git a/LayoutTests/http/tests/security/cross-origin-js-prompt-allowed-expected.txt b/LayoutTests/http/tests/security/cross-origin-js-prompt-allowed-expected.txt
@@ -0,0 +1,12 @@
+PROMPT: PASS: This prompt dialog should show, default text:
+CONFIRM: PASS: This confirm dialog should show
+ALERT: PASS: This alert dialog should show
+Tests that JS prompts are allowed in cross-origin frames
+
+On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".
+
+
+PASS successfullyParsed is true
+
+TEST COMPLETE
+
diff --git a/LayoutTests/http/tests/security/cross-origin-js-prompt-allowed.html b/LayoutTests/http/tests/security/cross-origin-js-prompt-allowed.html
@@ -3,7 +3,7 @@
 <body>
 <script src="/js-test-resources/js-test.js"></script>
 <script>
-description("Tests that JS prompts are forbidden in cross-origin frames");
+description("Tests that JS prompts are allowed in cross-origin frames");
 jsTestIsAsync = true;
 
 onmessage = (e) => {
@@ -13,6 +13,6 @@
     debug(e.data);
 }
 </script>
-<iframe src="http://localhost:8000/security/resources/cross-origin-js-prompt-forbidden.html"></iframe>
+<iframe src="http://localhost:8000/security/resources/cross-origin-js-prompt-allowed.html"></iframe>
 </body>
 </html>
diff --git a/LayoutTests/http/tests/security/cross-origin-js-prompt-forbidden-expected.txt b/LayoutTests/http/tests/security/cross-origin-js-prompt-forbidden-expected.txt
diff --git a/LayoutTests/http/tests/security/resources/cross-origin-js-prompt-allowed.html b/LayoutTests/http/tests/security/resources/cross-origin-js-prompt-allowed.html
@@ -0,0 +1,15 @@
+<!DOCTYPE html>
+<html>
+<body>
+<script>
+onload = () => {
+    setTimeout(() => {
+        window.prompt("PASS: This prompt dialog should show");
+        window.confirm("PASS: This confirm dialog should show");
+        window.alert("PASS: This alert dialog should show");
+        top.postMessage("done", "*");
+    }, 0);
+};
+</script>
+</body>
+</html>
diff --git a/LayoutTests/http/tests/security/resources/cross-origin-js-prompt-forbidden.html b/LayoutTests/http/tests/security/resources/cross-origin-js-prompt-forbidden.html
diff --git a/LayoutTests/http/tests/security/same-origin-different-domain-js-prompt-allowed-expected.txt b/LayoutTests/http/tests/security/same-origin-different-domain-js-prompt-allowed-expected.txt
@@ -0,0 +1,12 @@
+PROMPT: PASS: This prompt dialog should show, default text:
+CONFIRM: PASS: This confirm dialog should show
+ALERT: PASS: This alert dialog should show
+Tests that JS prompts are allowed in same-origin but different-domain iframes
+
+On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".
+
+
+PASS successfullyParsed is true
+
+TEST COMPLETE
+
diff --git a/LayoutTests/http/tests/security/same-origin-different-domain-js-prompt-allowed.html b/LayoutTests/http/tests/security/same-origin-different-domain-js-prompt-allowed.html
@@ -3,7 +3,7 @@
 <body>
 <script src="/js-test-resources/js-test.js"></script>
 <script>
-description("Tests that JS prompts are forbidden in same-origin but different-domain iframes");
+description("Tests that JS prompts are allowed in same-origin but different-domain iframes");
 jsTestIsAsync = true;
 
 if (window.internals)
@@ -17,6 +17,6 @@
     debug(e.data);
 }
 </script>
-<iframe src="http://127.0.0.1:8000/security/resources/cross-origin-js-prompt-forbidden.html"></iframe>
+<iframe src="http://127.0.0.1:8000/security/resources/cross-origin-js-prompt-allowed.html"></iframe>
 </body>
 </html>
diff --git a/LayoutTests/http/tests/security/same-origin-different-domain-js-prompt-forbidden-expected.txt b/LayoutTests/http/tests/security/same-origin-different-domain-js-prompt-forbidden-expected.txt
diff --git a/Source/WebCore/ChangeLog b/Source/WebCore/ChangeLog
@@ -1,3 +1,20 @@
+2021-09-01  Chris Dumez  <cdumez@apple.com>
+
+        Regression(r272607) Removal of alert()/confirm() in third-party iframes breaks Salesforce
+        https://bugs.webkit.org/show_bug.cgi?id=229737
+        <rdar://82591122>
+
+        Unreviewed, Revert behavior change made in r272607 as it broke Salesforce. My understanding is that
+        Chrome had to revert this too.
+
+        Tests: http/tests/security/cross-origin-js-prompt-allowed.html
+               http/tests/security/same-origin-different-domain-js-prompt-allowed.html
+
+        * page/DOMWindow.cpp:
+        (WebCore::DOMWindow::alert):
+        (WebCore::DOMWindow::confirmForBindings):
+        (WebCore::DOMWindow::prompt):
+
 2021-09-01  Alan Bujtas  <zalan@apple.com>
 
         visualWordPosition should operate on a clean tree
diff --git a/Source/WebCore/page/DOMWindow.cpp b/Source/WebCore/page/DOMWindow.cpp
@@ -1117,11 +1117,6 @@ void DOMWindow::alert(const String& message)
         return;
     }
 
-    if (!document->securityOrigin().isSameOriginDomain(document->topDocument().securityOrigin())) {
-        printErrorMessage("Use of window.alert is not allowed in different origin-domain iframes.");
-        return;
-    }
-
     document->updateStyleIfNeeded();
 #if ENABLE(POINTER_LOCK)
     page->pointerLockController().requestPointerUnlock();
@@ -1151,11 +1146,6 @@ bool DOMWindow::confirmForBindings(const String& message)
         return false;
     }
 
-    if (!document->securityOrigin().isSameOriginDomain(document->topDocument().securityOrigin())) {
-        printErrorMessage("Use of window.confirm is not allowed in different origin-domain iframes.");
-        return false;
-    }
-
     document->updateStyleIfNeeded();
 #if ENABLE(POINTER_LOCK)
     page->pointerLockController().requestPointerUnlock();
@@ -1185,11 +1175,6 @@ String DOMWindow::prompt(const String& message, const String& defaultValue)
         return String();
     }
 
-    if (!document->securityOrigin().isSameOriginDomain(document->topDocument().securityOrigin())) {
-        printErrorMessage("Use of window.prompt is not allowed in different origin-domain iframes.");
-        return String();
-    }
-
     document->updateStyleIfNeeded();
 #if ENABLE(POINTER_LOCK)
     page->pointerLockController().requestPointerUnlock();
