Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(3076)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: WebCore/html/HTMLFrameElementBase.cpp

Issue 2159006: Merge 59866 - 20100520 Justin Schuh <jschuh@chromium.org>... (Closed) Base URL: svn://svn.chromium.org/chrome/branches/WebKit/375/
Patch Set: '' Created 10 years, 7 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « WebCore/bindings/v8/ScriptController.cpp ('k') | no next file » | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: WebCore/html/HTMLFrameElementBase.cpp
===================================================================
--- WebCore/html/HTMLFrameElementBase.cpp (revision 48155)
+++ WebCore/html/HTMLFrameElementBase.cpp (working copy)
@@ -34,6 +34,7 @@
#include "FrameView.h"
#include "HTMLFrameSetElement.h"
#include "HTMLNames.h"
+#include "ScriptController.h"
#include "ScriptEventListener.h"
#include "KURL.h"
#include "MappedAttribute.h"
@@ -64,6 +65,12 @@
const KURL& completeURL = document()->completeURL(m_URL);
+ if (protocolIsJavaScript(completeURL)) {
+ Document* contentDoc = this->contentDocument();
+ if (contentDoc && !ScriptController::canAccessFromCurrentOrigin(contentDoc->frame()))
+ return false;
+ }
+
// Don't allow more than 200 total frames in a set. This seems
// like a reasonable upper bound, and otherwise mutually recursive
// frameset pages can quickly bring the program to its knees with
« no previous file with comments | « WebCore/bindings/v8/ScriptController.cpp ('k') | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698