Use Document of callingWindow for access check in isInsecureScriptAccess()

Source/core/frame/DOMWindow.cpp

Index: Source/core/frame/DOMWindow.cpp
diff --git a/Source/core/frame/DOMWindow.cpp b/Source/core/frame/DOMWindow.cpp
index 713fb660ef29868dd7c46689b3a0527bde006a96..d48eb8c1674f8915640d86002e1dc7ed1ec274e7 100644
--- a/Source/core/frame/DOMWindow.cpp
+++ b/Source/core/frame/DOMWindow.cpp
@@ -137,7 +137,7 @@ bool DOMWindow::isInsecureScriptAccess(LocalDOMWindow& callingWindow, const Stri
 
         // FIXME: The name canAccess seems to be a roundabout way to ask "can execute script".
         // Can we name the SecurityOrigin function better to make this more clear?
-        if (callingWindow.frame()->securityContext()->securityOrigin()->canAccessCheckSuborigins(frame()->securityContext()->securityOrigin()))
+        if (callingWindow.document()->securityOrigin()->canAccessCheckSuborigins(frame()->securityContext()->securityOrigin()))

[dcheng, 2015/08/24 23:49:44]

Sorry for missing this in the original review. I think this is more reason to
try to figure out a way to eagerly clear DOMWindow's pointer back to the Frame*
on detach.

             return false;
     }