Special-case LocalDOMWindow for same-origin access in bindings.

third_party/WebKit/Source/core/frame/DOMWindow.cpp

 // Copyright 2014 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "core/frame/DOMWindow.h"
 
 #include "core/dom/Document.h"
-#include "core/dom/ExceptionCode.h"
 #include "core/dom/ExecutionContext.h"
 #include "core/dom/SecurityContext.h"
 #include "core/events/MessageEvent.h"
-#include "core/frame/External.h"
 #include "core/frame/Frame.h"
 #include "core/frame/FrameClient.h"
 #include "core/frame/FrameConsole.h"
 #include "core/frame/LocalDOMWindow.h"
 #include "core/frame/Location.h"
-#include "core/frame/RemoteDOMWindow.h"
-#include "core/frame/RemoteFrame.h"
 #include "core/frame/Settings.h"
 #include "core/frame/UseCounter.h"
-#include "core/input/EventHandler.h"
 #include "core/inspector/ConsoleMessage.h"
 #include "core/inspector/InspectorInstrumentation.h"
-#include "core/loader/FrameLoaderClient.h"
 #include "core/loader/MixedContentChecker.h"
 #include "core/page/ChromeClient.h"
 #include "core/page/FocusController.h"
 #include "core/page/Page.h"
 #include "platform/weborigin/KURL.h"
 #include "platform/weborigin/SecurityOrigin.h"
 #include "platform/weborigin/Suborigin.h"
 #include <memory>
 
 namespace blink {
@@ skipping 69 matching lines @@
   return parent ? parent->domWindow() : frame()->domWindow();
 }
 
 DOMWindow* DOMWindow::top() const {
   if (!frame())
     return nullptr;
 
   return frame()->tree().top()->domWindow();
 }
 
-External* DOMWindow::external() const {
-  DEFINE_STATIC_LOCAL(Persistent<External>, external, (new External));
-  return external;
-}
-
 DOMWindow* DOMWindow::anonymousIndexedGetter(uint32_t index) const {
   if (!frame())
     return nullptr;
 
   Frame* child = frame()->tree().scopedChild(index);
   return child ? child->domWindow() : nullptr;
 }
 
 bool DOMWindow::isCurrentlyDisplayedInFrame() const {
   if (frame())
@@ skipping 29 matching lines @@
 
 void DOMWindow::resetLocation() {
   // Location needs to be reset manually so that it doesn't retain a stale
   // Frame pointer.
   if (m_location) {
     m_location->reset();
     m_location = nullptr;
   }
 }
 
-bool DOMWindow::isSecureContext() const {
-  if (!frame())
-    return false;
-
-  return document()->isSecureContext(
-      ExecutionContext::StandardSecureContextCheck);
-}
-
 void DOMWindow::postMessage(PassRefPtr<SerializedScriptValue> message,
                             const MessagePortArray& ports,
                             const String& targetOrigin,
                             LocalDOMWindow* source,
                             ExceptionState& exceptionState) {
   if (!isCurrentlyDisplayedInFrame())
     return;
 
   Document* sourceDocument = source->document();
 
@@ skipping 35 matching lines @@
   String sourceOrigin =
       (hasSuborigin &&
        securityOrigin->suborigin()->policyContains(unsafeSendOpt))
           ? securityOrigin->toPhysicalOriginString()
           : securityOrigin->toString();
   String sourceSuborigin =
       hasSuborigin ? securityOrigin->suborigin()->name() : String();
 
   KURL targetUrl =
       isLocalDOMWindow()
-          ? document()->url()
+          ? blink::toLocalDOMWindow(this)->document()->url()

[dcheng, 2017/02/01 07:22:59]

I did this to explicitly call the non-method version, but I guess we could call
the method one here. It just seems a bit weird either way:
- If we call the member one, it's a random EventTarget override that just
happens to be in scope
- If we call the non-member one, then the callsite just looks weird.

I opted for the latter since it's more consistent with how we generally do
downcasts (using the non-member function)...

           : KURL(KURL(),
                  frame()->securityContext()->getSecurityOrigin()->toString());
   if (MixedContentChecker::isMixedContent(sourceDocument->getSecurityOrigin(),
                                           targetUrl)) {
     UseCounter::count(frame(), UseCounter::PostMessageFromSecureToInsecure);
   } else if (MixedContentChecker::isMixedContent(
                  frame()->securityContext()->getSecurityOrigin(),
                  sourceDocument->url())) {
     UseCounter::count(frame(), UseCounter::PostMessageFromInsecureToSecure);
     if (MixedContentChecker::isMixedContent(
@@ skipping 62 matching lines @@
                    "\" from accessing a frame with origin \"" +
                    targetOrigin->toString() + "\". ";
 
   // Sandbox errors: Use the origin of the frames' location, rather than their
   // actual origin (since we know that at least one will be "null").
   KURL activeURL = callingWindow->document()->url();
   // TODO(alexmos): RemoteFrames do not have a document, and their URLs
   // aren't replicated.  For now, construct the URL using the replicated
   // origin for RemoteFrames. If the target frame is remote and sandboxed,
   // there isn't anything else to show other than "null" for its origin.
-  KURL targetURL = isLocalDOMWindow() ? document()->url()
-                                      : KURL(KURL(), targetOrigin->toString());
+  KURL targetURL = isLocalDOMWindow()
+                       ? blink::toLocalDOMWindow(this)->document()->url()
+                       : KURL(KURL(), targetOrigin->toString());
   if (frame()->securityContext()->isSandboxed(SandboxOrigin) ||
       callingWindow->document()->isSandboxed(SandboxOrigin)) {
     message = "Blocked a frame at \"" +
               SecurityOrigin::create(activeURL)->toString() +
               "\" from accessing a frame at \"" +
               SecurityOrigin::create(targetURL)->toString() + "\". ";
     if (frame()->securityContext()->isSandboxed(SandboxOrigin) &&
         callingWindow->document()->isSandboxed(SandboxOrigin))
       return "Sandbox access violation: " + message +
              " Both frames are sandboxed and lack the \"allow-same-origin\" "
@@ skipping 116 matching lines @@
   page->focusController().focusDocumentView(frame(), true /* notifyEmbedder */);
 }
 
 DEFINE_TRACE(DOMWindow) {
   visitor->trace(m_frame);
   visitor->trace(m_location);
   EventTargetWithInlineData::trace(visitor);
 }
 
 }  // namespace blink