| Index: third_party/WebKit/Source/bindings/core/v8/BindingSecurity.h
|
| diff --git a/third_party/WebKit/Source/bindings/core/v8/BindingSecurity.h b/third_party/WebKit/Source/bindings/core/v8/BindingSecurity.h
|
| index c04db99d5cfa6c907d423321fd00ff876cbfdcb9..92d907c22075a9aa506c2494147a4d1507ef90b8 100644
|
| --- a/third_party/WebKit/Source/bindings/core/v8/BindingSecurity.h
|
| +++ b/third_party/WebKit/Source/bindings/core/v8/BindingSecurity.h
|
| @@ -44,6 +44,7 @@ class Frame;
|
| class LocalDOMWindow;
|
| class Location;
|
| class Node;
|
| +struct WrapperTypeInfo;
|
|
|
| class CORE_EXPORT BindingSecurity {
|
| STATIC_ONLY(BindingSecurity);
|
| @@ -118,6 +119,23 @@ class CORE_EXPORT BindingSecurity {
|
|
|
| static void FailedAccessCheckFor(v8::Isolate*, const Frame* target);
|
|
|
| + // The following two functions were written to be called by
|
| + // V8WrapperInstantiationScope before entering and after exiting an object's
|
| + // creation context during wrapper creation.
|
| +
|
| + // Returns true if the current context has access to creationContext, and
|
| + // throws a SecurityError if it doesn't have access.
|
| + static bool ShouldAllowAccessToCreationContext(
|
| + v8::Local<v8::Context> creation_context,
|
| + const WrapperTypeInfo*);
|
| +
|
| + static void RethrowCrossContextException(
|
| + v8::Local<v8::Context> creation_context,
|
| + const WrapperTypeInfo*,
|
| + v8::Local<v8::Value> cross_context_exception);
|
| +
|
| + static void InitWrapperCreationSecurityCheck();
|
| +
|
| private:
|
| // Returns true if |accessingWindow| is allowed named access to |targetWindow|
|
| // because they're the same origin. Note that named access should be allowed
|
|
|
Chromium Code Reviews
Issue 2745313003:
Move securityCheck out of V8WrapperInstantiationScope (Closed)
