diff options
author | Ben Murdoch <benm@google.com> | 2014-09-04 15:36:58 +0100 |
---|---|---|
committer | Paul Kocialkowski <contact@paulk.fr> | 2014-10-05 11:07:17 +0200 |
commit | 0250c1987af104372a30af713389f3a96d865f9e (patch) | |
tree | 7a1df46b9cf024602b0865cd566f348abc1c2743 | |
parent | 25c2cc29cfdd5e0c438bd5387f338d72ba446a5f (diff) | |
download | external_webkit-0250c1987af104372a30af713389f3a96d865f9e.zip external_webkit-0250c1987af104372a30af713389f3a96d865f9e.tar.gz external_webkit-0250c1987af104372a30af713389f3a96d865f9e.tar.bz2 |
Cherry pick r91152 DOMWindow::open performs a security check on a wrong window DO NOT MERGE
Bug: 17050386
Change-Id: I17ca28b2dfe3327831dc283730dd1583d12baac2
-rw-r--r-- | Source/WebCore/page/DOMWindow.cpp | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/Source/WebCore/page/DOMWindow.cpp b/Source/WebCore/page/DOMWindow.cpp index 177c498..0416cb5 100644 --- a/Source/WebCore/page/DOMWindow.cpp +++ b/Source/WebCore/page/DOMWindow.cpp @@ -1835,7 +1835,7 @@ PassRefPtr<DOMWindow> DOMWindow::open(const String& urlString, const AtomicStrin if (!activeFrame->loader()->shouldAllowNavigation(targetFrame)) return 0; - if (isInsecureScriptAccess(activeWindow, urlString)) + if (targetFrame->domWindow()->isInsecureScriptAccess(activeWindow, urlString)) return targetFrame->domWindow(); if (urlString.isEmpty()) |