[iOS] Fix JS exceptions thrown for iframe elements without src attribute

A JavaScript URL can not be created with an empty string. Attempting to do so will throw an exception, so check if the strings are non empty first. Additionally, postMessage can not be called with an empty string for the targetOrigin parameter. If the iframe element does not have a src attribute, use “*” instead to forward the context menu message to a child frame. Bug: 911899 Change-Id: I866bec11fa48c3a0ef5b95a6a628a64384d9da59 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1779423 Commit-Queue: Mike Dougherty <michaeldo@chromium.org> Auto-Submit: Mike Dougherty <michaeldo@chromium.org> Reviewed-by: Eugene But <eugenebut@chromium.org> Cr-Commit-Position: refs/heads/master@{#693050}

[iOS] Fix JS exceptions thrown for iframe elements without src attribute
A JavaScript URL can not be created with an empty string. Attempting to do so will throw an exception, so check if the strings are non empty first. Additionally, postMessage can not be called with an empty string for the targetOrigin parameter. If the iframe element does not have a src attribute, use “*” instead to forward the context menu message to a child frame. Bug: 911899 Change-Id: I866bec11fa48c3a0ef5b95a6a628a64384d9da59 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1779423 Commit-Queue: Mike Dougherty <michaeldo@chromium.org> Auto-Submit: Mike Dougherty <michaeldo@chromium.org> Reviewed-by: Eugene But <eugenebut@chromium.org> Cr-Commit-Position: refs/heads/master@{#693050}
40ab560f · Mike Dougherty · Commit Bot · 00380bfb · 40ab560f · 40ab560f
Commit 40ab560f authored Sep 04, 2019 by Mike Dougherty Committed by Commit Bot Sep 04, 2019
3 changed files
--- a/ios/web/web_state/js/common_js_unittest.mm
+++ b/ios/web/web_state/js/common_js_unittest.mm
@@ -175,6 +175,9 @@ TEST_F(CommonJsTest, RemoveQueryAndReferenceFromURL) {
 TEST_F(CommonJsTest, IsSameOrigin) {
  TestScriptAndExpectedValue test_data[] = {
+      {@"'', ''", @NO},
+      {@"'http://abc.com', ''", @NO},
+      {@"'', 'http://abc.com'", @NO},
      {@"'http://abc.com', 'http://abc.com'", @YES},
      {@"'http://abc.com',  'https://abc.com'", @NO},
      {@"'http://abc.com', 'http://abc.com:123'", @NO},

--- a/ios/web/web_state/js/resources/all_frames_context_menu.js
+++ b/ios/web/web_state/js/resources/all_frames_context_menu.js
@@ -103,7 +103,11 @@ __gCrWeb['findElementAtPointInPageCoordinates'] = function(requestId, x, y) {
        x: x - element.offsetLeft,
        y: y - element.offsetTop
      };
-      element.contentWindow.postMessage(payload, element.src);
+      // The message will not be sent if |targetOrigin| is null, so use * which
+      // allows the message to be delievered to the contentWindow regardless of
+      // the origin.
+      var targetOrigin = element.src || '*';
+      element.contentWindow.postMessage(payload, targetOrigin);
      return;
    }

--- a/ios/web/web_state/js/resources/common.js
+++ b/ios/web/web_state/js/resources/common.js
@@ -237,6 +237,11 @@ __gCrWeb.common.getFavicons = function() {
 * @return {boolean} Whether the two URLs have the same origin.
 */
 __gCrWeb.common.isSameOrigin = function(url_one, url_two) {
+  if (!url_one || !url_two) {
+    // Attempting to create URL representations of an empty string throws an
+    // exception.
+    return false;
+  }
  return new URL(url_one).origin == new URL(url_two).origin;
 };