Implement cross-origin attributes using access check interceptors.

third_party/WebKit/Source/bindings/core/v8/BindingSecurity.cpp

Index: third_party/WebKit/Source/bindings/core/v8/BindingSecurity.cpp
diff --git a/third_party/WebKit/Source/bindings/core/v8/BindingSecurity.cpp b/third_party/WebKit/Source/bindings/core/v8/BindingSecurity.cpp
index e79f6af8840253391420cfec41c14d750513f20c..6edc185e54b752afb9a33263d240a2c40c610a32 100644
--- a/third_party/WebKit/Source/bindings/core/v8/BindingSecurity.cpp
+++ b/third_party/WebKit/Source/bindings/core/v8/BindingSecurity.cpp
@@ -30,6 +30,7 @@
 
 #include "bindings/core/v8/BindingSecurity.h"
 
+#include "bindings/core/v8/ExceptionState.h"
 #include "bindings/core/v8/V8Binding.h"
 #include "core/dom/Document.h"
 #include "core/frame/LocalDOMWindow.h"
@@ -222,4 +223,24 @@ bool BindingSecurity::shouldAllowAccessToDetachedWindow(
                         exceptionState);
 }
 
+void BindingSecurity::failedAccessCheckFor(v8::Isolate* isolate,
+                                           const Frame* target) {
+  // TODO(dcheng): See if this null check can be removed or hoisted to a
+  // different location.
+  if (!target)

[dcheng, 2016/12/07 08:19:08]

This is probably needed, but I'd like to confirm in a followup.

+    return;
+
+  DOMWindow* targetWindow = target->domWindow();
+
+  // FIXME: We should modify V8 to pass in more contextual information (context,
+  // property, and object).
+  ExceptionState exceptionState(ExceptionState::UnknownContext, 0, 0,
+                                isolate->GetCurrentContext()->Global(),
+                                isolate);
+  exceptionState.throwSecurityError(
+      targetWindow->sanitizedCrossDomainAccessErrorMessage(
+          currentDOMWindow(isolate)),
+      targetWindow->crossDomainAccessErrorMessage(currentDOMWindow(isolate)));
+}
+
 }  // namespace blink