Make error messages for cross-domain access OOPIF-friendly.

Source/bindings/core/v8/BindingSecurity.cpp

Index: Source/bindings/core/v8/BindingSecurity.cpp
diff --git a/Source/bindings/core/v8/BindingSecurity.cpp b/Source/bindings/core/v8/BindingSecurity.cpp
index 61c8742b83008cd4bedacf1fd2bc8b86848c9d37..ba7570083dd4c505c1fee57161df7c093b9a3496 100644
--- a/Source/bindings/core/v8/BindingSecurity.cpp
+++ b/Source/bindings/core/v8/BindingSecurity.cpp
@@ -90,8 +90,15 @@ bool BindingSecurity::shouldAllowAccessToFrame(v8::Isolate* isolate, Frame* targ
 
 bool BindingSecurity::shouldAllowAccessToFrame(v8::Isolate* isolate, Frame* target, ExceptionState& exceptionState)
 {
-    if (!target || !target->isLocalFrame())
+    if (!target)
+        return false;
+
+    if (target->isRemoteFrame() && target->domWindow()) {

[haraken, 2015/04/16 03:41:19]

Shouldn't this be something like:

if (target->isRemoteFrame()) {
  if (target->domWindow()) {
    throwSecurityError(...);
  }
  return false;
}

?

[alexmos, 2015/04/17 16:49:06]

Yes.  I've already removed this code though, as this will now be handled by
canAccessFrame(), the OOPIF-friendly replacement for canAccessDocument.

+        LocalDOMWindow* callingWindow = callingDOMWindow(isolate);
+        exceptionState.throwSecurityError(target->domWindow()->sanitizedCrossDomainAccessErrorMessage(callingWindow), target->domWindow()->crossDomainAccessErrorMessage(callingWindow));
         return false;
+    }
+
     return canAccessDocument(isolate, toLocalFrame(target)->document(), exceptionState);
 }