DescriptionMerge 201139 "Use Document of callingWindow for access check in ..."
> Use Document of callingWindow for access check in isInsecureScriptAccess()
>
> The Document call was changed to Frame::securityContext() to make the code more
> RemoteFrame-friendly. However, callingWindow is guaranteed local. Revert to
> getting the SecurityOrigin via Document.
>
> BUG=524074
> TEST=http/tests/security/location-change-from-detached-DOMWindow.html
>
> Review URL: https://codereview.chromium.org/1311253005
TBR=japhet@chromium.org
Committed: https://src.chromium.org/viewvc/blink?view=rev&revision=201159
Patch Set 1 #
Messages
Total messages: 2 (0 generated)
|