Source/WebCore/page/DOMWindow.cpp - Issue 7499005: Merge 91611

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: Source/WebCore/page/DOMWindow.cpp

Issue 7499005: Merge 91611 (Closed) Base URL: http://svn.webkit.org/repository/webkit/branches/chromium/782/

Patch Set: Created 9 years, 5 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

Index: Source/WebCore/page/DOMWindow.cpp

===================================================================

--- Source/WebCore/page/DOMWindow.cpp (revision 91684)

+++ Source/WebCore/page/DOMWindow.cpp (working copy)

@@ -1671,7 +1671,7 @@

if (completedURL.isNull())

return;

- if (isInsecureScriptAccess(activeWindow, urlString))

+ if (isInsecureScriptAccess(activeWindow, completedURL))

return;

// We want a new history item if we are processing a user gesture.

@@ -1756,7 +1756,7 @@

newFrame->loader()->setOpener(openerFrame);

newFrame->page()->setOpenedByDOM();

- if (newFrame->domWindow()->isInsecureScriptAccess(activeWindow, urlString))

+ if (newFrame->domWindow()->isInsecureScriptAccess(activeWindow, completedURL))

return newFrame;

if (function)

@@ -1806,7 +1806,9 @@

if (!activeFrame->loader()->shouldAllowNavigation(targetFrame))

return 0;

- if (targetFrame->domWindow()->isInsecureScriptAccess(activeWindow, urlString))

+ KURL completedURL = firstFrame->document()->completeURL(urlString);

+ if (targetFrame->domWindow()->isInsecureScriptAccess(activeWindow, completedURL))

return targetFrame->domWindow();

if (urlString.isEmpty())

@@ -1815,7 +1817,7 @@

// For whatever reason, Firefox uses the first window rather than the active window to

// determine the outgoing referrer. We replicate that behavior here.

targetFrame->navigationScheduler()->scheduleLocationChange(activeFrame->document()->securityOrigin(),

- firstFrame->document()->completeURL(urlString).string(),

+ completedURL,

firstFrame->loader()->outgoingReferrer(),

!activeFrame->script()->anyPageIsProcessingUserGesture(), false);

« no previous file with comments | « LayoutTests/http/tests/security/xss-DENIED-document-baseURI-javascript-expected.txt ('k') | no next file » | no next file with comments »