Make sure binding security checks don't pass if the frame is remote.

third_party/WebKit/Source/bindings/core/v8/BindingSecurity.cpp

Index: third_party/WebKit/Source/bindings/core/v8/BindingSecurity.cpp
diff --git a/third_party/WebKit/Source/bindings/core/v8/BindingSecurity.cpp b/third_party/WebKit/Source/bindings/core/v8/BindingSecurity.cpp
index 186f6a165a308c8b33d6afa9eb905d74b7421c16..aac8023e72a0531bcf7bb8caaa774a127c09fbf2 100644
--- a/third_party/WebKit/Source/bindings/core/v8/BindingSecurity.cpp
+++ b/third_party/WebKit/Source/bindings/core/v8/BindingSecurity.cpp
@@ -50,7 +50,7 @@ static bool canAccessFrame(v8::Isolate* isolate, const LocalDOMWindow* accessing
 {
     ASSERT_WITH_SECURITY_IMPLICATION(!(targetWindow && targetWindow->frame()) || targetWindow == targetWindow->frame()->domWindow());
 
-    if (isOriginAccessibleFromDOMWindow(targetFrameOrigin, accessingWindow))

[haraken, 2016/04/13 04:43:19]

isOriginAccessibleFromDOMWindow has already been heavy, so I don't think this
change affects performance.

+    if (targetWindow->isLocalDOMWindow() && isOriginAccessibleFromDOMWindow(targetFrameOrigin, accessingWindow))
         return true;
 
     if (targetWindow)
@@ -62,7 +62,7 @@ static bool canAccessFrame(v8::Isolate* isolate, const LocalDOMWindow* accessing
 {
     ASSERT_WITH_SECURITY_IMPLICATION(!(targetWindow && targetWindow->frame()) || targetWindow == targetWindow->frame()->domWindow());
 
-    if (isOriginAccessibleFromDOMWindow(targetFrameOrigin, accessingWindow))
+    if (targetWindow->isLocalDOMWindow() && isOriginAccessibleFromDOMWindow(targetFrameOrigin, accessingWindow))
         return true;
 
     if (reportingOption == ReportSecurityError && targetWindow)