DescriptionUse Document of callingWindow for access check in isInsecureScriptAccess()
The Document call was changed to Frame::securityContext() to make the code more
RemoteFrame-friendly. However, callingWindow is guaranteed local. Revert to
getting the SecurityOrigin via Document.
BUG=524074
TEST=http/tests/security/location-change-from-detached-DOMWindow.html
Committed: https://src.chromium.org/viewvc/blink?view=rev&revision=201139
Patch Set 1 #
Total comments: 1
Messages
Total messages: 15 (6 generated)
|