Special-case LocalDOMWindow for same-origin access in bindings.

third_party/WebKit/Source/core/frame/DOMWindow.cpp

Index: third_party/WebKit/Source/core/frame/DOMWindow.cpp
diff --git a/third_party/WebKit/Source/core/frame/DOMWindow.cpp b/third_party/WebKit/Source/core/frame/DOMWindow.cpp
index 7e94256eeb1bf98fc362e9e48c664d7de2d55314..4c1849a63384dd6936e9b873ed61a55bad8d9af9 100644
--- a/third_party/WebKit/Source/core/frame/DOMWindow.cpp
+++ b/third_party/WebKit/Source/core/frame/DOMWindow.cpp
@@ -5,24 +5,18 @@
 #include "core/frame/DOMWindow.h"
 
 #include "core/dom/Document.h"
-#include "core/dom/ExceptionCode.h"
 #include "core/dom/ExecutionContext.h"
 #include "core/dom/SecurityContext.h"
 #include "core/events/MessageEvent.h"
-#include "core/frame/External.h"
 #include "core/frame/Frame.h"
 #include "core/frame/FrameClient.h"
 #include "core/frame/FrameConsole.h"
 #include "core/frame/LocalDOMWindow.h"
 #include "core/frame/Location.h"
-#include "core/frame/RemoteDOMWindow.h"
-#include "core/frame/RemoteFrame.h"
 #include "core/frame/Settings.h"
 #include "core/frame/UseCounter.h"
-#include "core/input/EventHandler.h"
 #include "core/inspector/ConsoleMessage.h"
 #include "core/inspector/InspectorInstrumentation.h"
-#include "core/loader/FrameLoaderClient.h"
 #include "core/loader/MixedContentChecker.h"
 #include "core/page/ChromeClient.h"
 #include "core/page/FocusController.h"
@@ -112,11 +106,6 @@ DOMWindow* DOMWindow::top() const {
   return frame()->tree().top()->domWindow();
 }
 
-External* DOMWindow::external() const {
-  DEFINE_STATIC_LOCAL(Persistent<External>, external, (new External));
-  return external;
-}
-
 DOMWindow* DOMWindow::anonymousIndexedGetter(uint32_t index) const {
   if (!frame())
     return nullptr;
@@ -166,14 +155,6 @@ void DOMWindow::resetLocation() {
   }
 }
 
-bool DOMWindow::isSecureContext() const {
-  if (!frame())
-    return false;
-
-  return document()->isSecureContext(
-      ExecutionContext::StandardSecureContextCheck);
-}
-
 void DOMWindow::postMessage(PassRefPtr<SerializedScriptValue> message,
                             const MessagePortArray& ports,
                             const String& targetOrigin,
@@ -229,7 +210,7 @@ void DOMWindow::postMessage(PassRefPtr<SerializedScriptValue> message,
 
   KURL targetUrl =
       isLocalDOMWindow()
-          ? document()->url()
+          ? blink::toLocalDOMWindow(this)->document()->url()

[dcheng, 2017/02/01 07:22:59]

I did this to explicitly call the non-method version, but I guess we could call
the method one here. It just seems a bit weird either way:
- If we call the member one, it's a random EventTarget override that just
happens to be in scope
- If we call the non-member one, then the callsite just looks weird.

I opted for the latter since it's more consistent with how we generally do
downcasts (using the non-member function)...

           : KURL(KURL(),
                  frame()->securityContext()->getSecurityOrigin()->toString());
   if (MixedContentChecker::isMixedContent(sourceDocument->getSecurityOrigin(),
@@ -312,8 +293,9 @@ String DOMWindow::crossDomainAccessErrorMessage(
   // aren't replicated.  For now, construct the URL using the replicated
   // origin for RemoteFrames. If the target frame is remote and sandboxed,
   // there isn't anything else to show other than "null" for its origin.
-  KURL targetURL = isLocalDOMWindow() ? document()->url()
-                                      : KURL(KURL(), targetOrigin->toString());
+  KURL targetURL = isLocalDOMWindow()
+                       ? blink::toLocalDOMWindow(this)->document()->url()
+                       : KURL(KURL(), targetOrigin->toString());
   if (frame()->securityContext()->isSandboxed(SandboxOrigin) ||
       callingWindow->document()->isSandboxed(SandboxOrigin)) {
     message = "Blocked a frame at \"" +