diff options
| author | Steve Block <steveblock@google.com> | 2009-12-17 09:55:06 -0800 |
|---|---|---|
| committer | Android Git Automerger <android-git-automerger@android.com> | 2009-12-17 09:55:06 -0800 |
| commit | b880d713c04257ca40abfef97c300afdead423b8 (patch) | |
| tree | 6982576c228bcd1a7efe98afed544d840751094c /WebCore/loader/CrossOriginAccessControl.cpp | |
| parent | e2e7a5c57b53f01e63a0245b4420d54b454cb373 (diff) | |
| parent | 643ca7872b450ea4efacab6188849e5aac2ba161 (diff) | |
| download | external_webkit-b880d713c04257ca40abfef97c300afdead423b8.zip external_webkit-b880d713c04257ca40abfef97c300afdead423b8.tar.gz external_webkit-b880d713c04257ca40abfef97c300afdead423b8.tar.bz2 | |
am 643ca787: Merge webkit.org at r51976 : Initial merge by git.
Merge commit '643ca7872b450ea4efacab6188849e5aac2ba161' into eclair-mr2-plus-aosp
* commit '643ca7872b450ea4efacab6188849e5aac2ba161':
Merge webkit.org at r51976 : Initial merge by git.
Diffstat (limited to 'WebCore/loader/CrossOriginAccessControl.cpp')
| -rw-r--r-- | WebCore/loader/CrossOriginAccessControl.cpp | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/WebCore/loader/CrossOriginAccessControl.cpp b/WebCore/loader/CrossOriginAccessControl.cpp index f0f8b6a..7a21280 100644 --- a/WebCore/loader/CrossOriginAccessControl.cpp +++ b/WebCore/loader/CrossOriginAccessControl.cpp @@ -100,6 +100,10 @@ bool passesAccessControlCheck(const ResourceResponse& response, bool includeCred if (accessControlOriginString == "*" && !includeCredentials) return true; + // A sandboxed frame has a unique origin (for same-origin purposes). + if (securityOrigin->isSandboxed(SandboxOrigin)) + return false; + RefPtr<SecurityOrigin> accessControlOrigin = SecurityOrigin::createFromString(accessControlOriginString); if (!accessControlOrigin->isSameSchemeHostPort(securityOrigin)) return false; |