Index: third_party/WebKit/Source/core/html/HTMLFrameElementBase.cpp |
diff --git a/third_party/WebKit/Source/core/html/HTMLFrameElementBase.cpp b/third_party/WebKit/Source/core/html/HTMLFrameElementBase.cpp |
index 5168a162275426a27313b095d744f7cc1b87cfc3..661d21e6e526c5c5b4d6b5ceaf684074a6b976b5 100644 |
--- a/third_party/WebKit/Source/core/html/HTMLFrameElementBase.cpp |
+++ b/third_party/WebKit/Source/core/html/HTMLFrameElementBase.cpp |
@@ -23,6 +23,7 @@ |
#include "core/html/HTMLFrameElementBase.h" |
+#include "bindings/core/v8/BindingSecurity.h" |
#include "bindings/core/v8/ScriptController.h" |
#include "bindings/core/v8/ScriptEventListener.h" |
#include "core/HTMLNames.h" |
@@ -55,10 +56,14 @@ bool HTMLFrameElementBase::isURLAllowed() const { |
const KURL& completeURL = document().completeURL(m_URL); |
- if (protocolIsJavaScript(completeURL)) { |
- if (contentFrame() && |
- !ScriptController::canAccessFromCurrentOrigin(toIsolate(&document()), |
- contentFrame())) |
+ if (contentFrame() && protocolIsJavaScript(completeURL)) { |
haraken
2016/11/21 01:26:31
Add a comment and explain what these security chec
Mariusz Mlynski
2016/11/22 06:30:14
Done.
|
+ v8::Isolate* isolate = toIsolate(&document()); |
+ LocalDOMWindow* accessingWindow = isolate->InContext() |
+ ? currentDOMWindow(isolate) |
+ : document().domWindow(); |
+ if (!BindingSecurity::shouldAllowAccessToFrame( |
+ accessingWindow, contentFrame(), |
+ BindingSecurity::ErrorReportOption::Report)) |
return false; |
} |