third_party/WebKit/Source/bindings/core/v8/ScriptController.cpp - Issue 2502783004: Don't skip security checks for javascript: URLs when the JS stack is empty. - Code Review

Chromium Code Reviews

chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out

(368)

My Issues | Starred Open | Closed | All

Unified Diff: third_party/WebKit/Source/bindings/core/v8/ScriptController.cpp

Issue 2502783004: Don't skip security checks for javascript: URLs when the JS stack is empty. (Closed)

Patch Set: Added comment. Created 4 years, 1 month ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

« no previous file with comments | « third_party/WebKit/Source/bindings/core/v8/ScriptController.h ('k') | third_party/WebKit/Source/core/html/HTMLFrameElementBase.cpp » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

Index: third_party/WebKit/Source/bindings/core/v8/ScriptController.cpp

diff --git a/third_party/WebKit/Source/bindings/core/v8/ScriptController.cpp b/third_party/WebKit/Source/bindings/core/v8/ScriptController.cpp

index c32e0ed4a57cc677b02865580e13470ff555c45d..949601ecd6c8b4f9ab0f2b1ed70498707da85253 100644

--- a/third_party/WebKit/Source/bindings/core/v8/ScriptController.cpp

+++ b/third_party/WebKit/Source/bindings/core/v8/ScriptController.cpp

@@ -32,7 +32,6 @@

#include "bindings/core/v8/ScriptController.h"

-#include "bindings/core/v8/BindingSecurity.h"

#include "bindings/core/v8/ScriptSourceCode.h"

#include "bindings/core/v8/ScriptValue.h"

#include "bindings/core/v8/V8Binding.h"

@@ -78,16 +77,6 @@

namespace blink {

-bool ScriptController::canAccessFromCurrentOrigin(v8::Isolate* isolate,

- Frame* frame) {

- if (!frame)

- return false;

- return !isolate->InContext() ||

- BindingSecurity::shouldAllowAccessToFrame(

- currentDOMWindow(isolate), frame,

- BindingSecurity::ErrorReportOption::Report);

-}

-

ScriptController::ScriptController(LocalFrame* frame)

: m_windowProxyManager(WindowProxyManager::create(*frame)) {}

« no previous file with comments | « third_party/WebKit/Source/bindings/core/v8/ScriptController.h ('k') | third_party/WebKit/Source/core/html/HTMLFrameElementBase.cpp » ('j') | no next file with comments »

Powered by Google App Engine

This is Rietveld 408576698