Descriptionbinding: Moves the check for the first access to the initial document into BindingSecurity.
Checks the access to the initial document and reports it not only at
securityCheck() in V8Window.cpp but also at every call to
BindingSecurity::shouldAllowAccessTo() because V8 only calls back
securityCheck() on property lookups, and not for function invocation.
BindingSecurity::shouldAllowAccessTo() is called with every possible
cross-origin window, which means every possible new window. Thus,
shouldAllowAccessTo() should be the right place to check the access
to the initial document.
BUG=630662
TBR=benwells@chromium.org
Committed: https://crrev.com/b8dcfeb065bbfd777cdc5f5433da9a87f25e6ec6
Cr-Commit-Position: refs/heads/master@{#412195}
Patch Set 1 #Patch Set 2 : Synced. #Patch Set 3 : . #Patch Set 4 : . #Patch Set 5 : Synced. #Patch Set 6 : Synced. #Patch Set 7 : Fixed android_webview tests. #
Total comments: 6
Patch Set 8 : Addressed review comments. #
Messages
Total messages: 44 (34 generated)
|