Index: third_party/WebKit/Source/core/dom/Document.cpp |
diff --git a/third_party/WebKit/Source/core/dom/Document.cpp b/third_party/WebKit/Source/core/dom/Document.cpp |
index 08845387cb46b4133be4ff986ec4b19720e5aa7d..4122f10a49a543df03c2e75bf14225187bb2a7c6 100644 |
--- a/third_party/WebKit/Source/core/dom/Document.cpp |
+++ b/third_party/WebKit/Source/core/dom/Document.cpp |
@@ -354,15 +354,6 @@ static bool acceptsEditingFocus(const Element& element) |
return element.document().frame() && element.rootEditableElement(); |
} |
-static bool isOriginPotentiallyTrustworthy(SecurityOrigin* origin, String* errorMessage) |
-{ |
- if (origin->isPotentiallyTrustworthy()) |
- return true; |
- if (errorMessage) |
- *errorMessage = origin->isPotentiallyTrustworthyErrorMessage(); |
- return false; |
-} |
- |
uint64_t Document::s_globalTreeVersion = 0; |
static bool s_threadedParsingEnabledForTesting = true; |
@@ -3349,20 +3340,21 @@ bool Document::isSecureContextImpl(String* errorMessage, const SecureContextChec |
// |
// In all cases, a frame must be potentially trustworthy in addition to |
// having an exception listed in order for the exception to be granted. |
- if (!isOriginPotentiallyTrustworthy(getSecurityOrigin(), errorMessage)) |
+ if (!getSecurityOrigin()->isPotentiallyTrustworthy()) { |
+ if (errorMessage) |
+ *errorMessage = SecurityOrigin::isPotentiallyTrustworthyErrorMessage(); |
return false; |
+ } |
if (SchemeRegistry::schemeShouldBypassSecureContextCheck(getSecurityOrigin()->protocol())) |
return true; |
if (privilegeContextCheck == StandardSecureContextCheck) { |
- if (!m_frame) |
- return true; |
- Frame* parent = m_frame->tree().parent(); |
- while (parent) { |
- if (!isOriginPotentiallyTrustworthy(parent->securityContext()->getSecurityOrigin(), errorMessage)) |
- return false; |
- parent = parent->tree().parent(); |
+ Frame* parent = m_frame ? m_frame->tree().parent() : nullptr; |
+ if (parent && !parent->canHaveSecureChild()) { |
+ if (errorMessage) |
+ *errorMessage = SecurityOrigin::isPotentiallyTrustworthyErrorMessage(); |
+ return false; |
} |
} |
return true; |