Disable local storage from Suborigins

Per the draft suborigin spec (https://w3c.github.io/webappsec-suborigins/), stateful storage mechanisms, including localStorage and sessionStorage, should not be accessible from a Suborigin. This CL disables DOM access to localStorage and sessionStorage on the window object. BUG=336894 [email protected] Review URL: https://codereview.chromium.org/1844713002 Cr-Commit-Position: refs/heads/master@{#384663}
crosswalk-project · Apr 1, 2016 · 7c22fc0 · 7c22fc0
1 parent 1e11d95
commit 7c22fc0
Show file tree

Hide file tree

Showing 2 changed files with 29 additions and 1 deletion.
diff --git a/..._party/WebKit/LayoutTests/http/tests/security/suborigins/suborigin-storage-dom-access.php b/..._party/WebKit/LayoutTests/http/tests/security/suborigins/suborigin-storage-dom-access.php
@@ -0,0 +1,28 @@
+<?php
+header("Suborigin: foobar");
+?>
+<!DOCTYPE html>
+<html>
+<head>
+<title>Verifies that localStorage and sessionStorage are not accessible from within a suborigin</title>
+<script src="/resources/testharness.js"></script>
+<script src="/resources/testharnessreport.js"></script>
+</head>
+<body>
+<script>
+var expectedError = new DOMException("TEST EXCEPTION", "SecurityError");
+var localStorageTest = async_test("localStorage must not be accessible from a suborigin");
+var sessionStorageTest = async_test("sessionStorage must not be accessible from a suborigin");
+
+function mustThrowSecurityException() {
+    assert_throws(expectedError, function() {
+        window.localStorage;
+    });
+    this.done();
+}
+
+localStorageTest.step(mustThrowSecurityException);
+sessionStorageTest.step(mustThrowSecurityException);
+</script>
+</body>
+</html>
diff --git a/third_party/WebKit/Source/platform/weborigin/SecurityOrigin.h b/third_party/WebKit/Source/platform/weborigin/SecurityOrigin.h
@@ -170,7 +170,7 @@ class PLATFORM_EXPORT SecurityOrigin : public RefCounted<SecurityOrigin> {
     bool isGrantedUniversalAccess() const { return m_universalAccess; }
 
     bool canAccessDatabase() const { return !isUnique(); }
-    bool canAccessLocalStorage() const { return !isUnique(); }
+    bool canAccessLocalStorage() const { return !isUnique() && !hasSuborigin(); }
     bool canAccessSharedWorkers() const { return !isUnique(); }
     bool canAccessServiceWorkers() const { return !isUnique() && !hasSuborigin(); }
     bool canAccessCookies() const { return !isUnique(); }