| Index: third_party/WebKit/Source/bindings/core/v8/BindingSecurity.cpp
|
| diff --git a/third_party/WebKit/Source/bindings/core/v8/BindingSecurity.cpp b/third_party/WebKit/Source/bindings/core/v8/BindingSecurity.cpp
|
| index 8d4873af01c1476e750837de65dcbba650261e6a..4f0e581665f1f7fa7cf7ef67af3fba6224c344cc 100644
|
| --- a/third_party/WebKit/Source/bindings/core/v8/BindingSecurity.cpp
|
| +++ b/third_party/WebKit/Source/bindings/core/v8/BindingSecurity.cpp
|
| @@ -131,13 +131,21 @@ bool BindingSecurity::shouldAllowAccessTo(v8::Isolate* isolate, const LocalDOMWi
|
| return canAccessFrame(isolate, accessingWindow, frame->securityContext()->getSecurityOrigin(), frame->domWindow(), reportingOption);
|
| }
|
|
|
| -bool BindingSecurity::shouldAllowAccessTo(v8::Isolate* isolate, const LocalDOMWindow* accessingWindow, const MainThreadWorkletGlobalScope* target, SecurityReportingOption reportingOption)
|
| +bool BindingSecurity::shouldAllowAccessTo(v8::Isolate* isolate, const v8::Local<v8::Context>& calling, const ExecutionContext* callingExecutionContext, const MainThreadWorkletGlobalScope* workletGlobalScope, SecurityReportingOption reportingOption)
|
| {
|
| - ASSERT(target);
|
| - const Frame* frame = target->frame();
|
| - if (!frame || !frame->securityContext())
|
| + DCHECK(callingExecutionContext);
|
| + DOMWindow* callingDomWindow = toDOMWindow(calling);
|
| + if (callingExecutionContext->isMainThreadWorkletGlobalScope()) {
|
| + Frame* callingFrame = toMainThreadWorkletGlobalScope(callingExecutionContext)->frame();
|
| + callingDomWindow = callingFrame ? callingFrame->domWindow() : nullptr;
|
| + }
|
| +
|
| + DCHECK(workletGlobalScope);
|
| + const Frame* workletGlobalScopeFrame = workletGlobalScope->frame();
|
| + if (!workletGlobalScopeFrame || !workletGlobalScopeFrame->securityContext())
|
| return false;
|
| - return canAccessFrame(isolate, accessingWindow, frame->securityContext()->getSecurityOrigin(), frame->domWindow(), reportingOption);
|
| +
|
| + return canAccessFrame(isolate, toLocalDOMWindow(callingDomWindow), workletGlobalScopeFrame->securityContext()->getSecurityOrigin(), workletGlobalScopeFrame->domWindow(), reportingOption);
|
| }
|
|
|
| bool BindingSecurity::shouldAllowAccessTo(v8::Isolate* isolate, const LocalDOMWindow* accessingWindow, const Node* target, ExceptionState& exceptionState)
|
| @@ -161,4 +169,28 @@ bool BindingSecurity::shouldAllowAccessToFrame(v8::Isolate* isolate, const Local
|
| return canAccessFrame(isolate, accessingWindow, target->securityContext()->getSecurityOrigin(), target->domWindow(), reportingOption);
|
| }
|
|
|
| +bool BindingSecurity::callingContextCanAccessContext(v8::Isolate* isolate, const v8::Local<v8::Context>& calling, const v8::Local<v8::Context>& target, SecurityReportingOption reportingOption)
|
| +{
|
| + ExecutionContext* targetExecutionContext = toExecutionContext(target);
|
| + DCHECK(targetExecutionContext);
|
| +
|
| + if (targetExecutionContext->isWorkerGlobalScope()) {
|
| + // worker's isolate contains only a single worker, so any access is allowed.
|
| + return true;
|
| + }
|
| +
|
| + ExecutionContext* callingExecutionContext = toExecutionContext(calling);
|
| + DCHECK(callingExecutionContext);
|
| +
|
| + if (targetExecutionContext->isMainThreadWorkletGlobalScope())
|
| + return shouldAllowAccessTo(isolate, calling, callingExecutionContext, toMainThreadWorkletGlobalScope(targetExecutionContext), reportingOption);
|
| +
|
| +
|
| + if (callingExecutionContext->isMainThreadWorkletGlobalScope())
|
| + return shouldAllowAccessTo(isolate, target, targetExecutionContext, toMainThreadWorkletGlobalScope(callingExecutionContext), reportingOption);
|
| +
|
| + DOMWindow* window = toDOMWindow(target);
|
| + return window && shouldAllowAccessTo(isolate, toLocalDOMWindow(toDOMWindow(calling)), window, DoNotReportSecurityError);
|
| +}
|
| +
|
| } // namespace blink
|
|
|
Chromium Code Reviews
Issue 2058133002:
Fix DevTools support of worklets (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master