Index: third_party/WebKit/Source/bindings/core/v8/BindingSecurity.cpp |
diff --git a/third_party/WebKit/Source/bindings/core/v8/BindingSecurity.cpp b/third_party/WebKit/Source/bindings/core/v8/BindingSecurity.cpp |
index 8d4873af01c1476e750837de65dcbba650261e6a..4f0e581665f1f7fa7cf7ef67af3fba6224c344cc 100644 |
--- a/third_party/WebKit/Source/bindings/core/v8/BindingSecurity.cpp |
+++ b/third_party/WebKit/Source/bindings/core/v8/BindingSecurity.cpp |
@@ -131,13 +131,21 @@ bool BindingSecurity::shouldAllowAccessTo(v8::Isolate* isolate, const LocalDOMWi |
return canAccessFrame(isolate, accessingWindow, frame->securityContext()->getSecurityOrigin(), frame->domWindow(), reportingOption); |
} |
-bool BindingSecurity::shouldAllowAccessTo(v8::Isolate* isolate, const LocalDOMWindow* accessingWindow, const MainThreadWorkletGlobalScope* target, SecurityReportingOption reportingOption) |
+bool BindingSecurity::shouldAllowAccessTo(v8::Isolate* isolate, const v8::Local<v8::Context>& calling, const ExecutionContext* callingExecutionContext, const MainThreadWorkletGlobalScope* workletGlobalScope, SecurityReportingOption reportingOption) |
{ |
- ASSERT(target); |
- const Frame* frame = target->frame(); |
- if (!frame || !frame->securityContext()) |
+ DCHECK(callingExecutionContext); |
+ DOMWindow* callingDomWindow = toDOMWindow(calling); |
+ if (callingExecutionContext->isMainThreadWorkletGlobalScope()) { |
+ Frame* callingFrame = toMainThreadWorkletGlobalScope(callingExecutionContext)->frame(); |
+ callingDomWindow = callingFrame ? callingFrame->domWindow() : nullptr; |
+ } |
+ |
+ DCHECK(workletGlobalScope); |
+ const Frame* workletGlobalScopeFrame = workletGlobalScope->frame(); |
+ if (!workletGlobalScopeFrame || !workletGlobalScopeFrame->securityContext()) |
return false; |
- return canAccessFrame(isolate, accessingWindow, frame->securityContext()->getSecurityOrigin(), frame->domWindow(), reportingOption); |
+ |
+ return canAccessFrame(isolate, toLocalDOMWindow(callingDomWindow), workletGlobalScopeFrame->securityContext()->getSecurityOrigin(), workletGlobalScopeFrame->domWindow(), reportingOption); |
} |
bool BindingSecurity::shouldAllowAccessTo(v8::Isolate* isolate, const LocalDOMWindow* accessingWindow, const Node* target, ExceptionState& exceptionState) |
@@ -161,4 +169,28 @@ bool BindingSecurity::shouldAllowAccessToFrame(v8::Isolate* isolate, const Local |
return canAccessFrame(isolate, accessingWindow, target->securityContext()->getSecurityOrigin(), target->domWindow(), reportingOption); |
} |
+bool BindingSecurity::callingContextCanAccessContext(v8::Isolate* isolate, const v8::Local<v8::Context>& calling, const v8::Local<v8::Context>& target, SecurityReportingOption reportingOption) |
+{ |
+ ExecutionContext* targetExecutionContext = toExecutionContext(target); |
+ DCHECK(targetExecutionContext); |
+ |
+ if (targetExecutionContext->isWorkerGlobalScope()) { |
+ // worker's isolate contains only a single worker, so any access is allowed. |
+ return true; |
+ } |
+ |
+ ExecutionContext* callingExecutionContext = toExecutionContext(calling); |
+ DCHECK(callingExecutionContext); |
+ |
+ if (targetExecutionContext->isMainThreadWorkletGlobalScope()) |
+ return shouldAllowAccessTo(isolate, calling, callingExecutionContext, toMainThreadWorkletGlobalScope(targetExecutionContext), reportingOption); |
+ |
+ |
+ if (callingExecutionContext->isMainThreadWorkletGlobalScope()) |
+ return shouldAllowAccessTo(isolate, target, targetExecutionContext, toMainThreadWorkletGlobalScope(callingExecutionContext), reportingOption); |
+ |
+ DOMWindow* window = toDOMWindow(target); |
+ return window && shouldAllowAccessTo(isolate, toLocalDOMWindow(toDOMWindow(calling)), window, DoNotReportSecurityError); |
+} |
+ |
} // namespace blink |