1 files changed, 10 insertions, 16 deletions

diff --git a/Source/WebCore/bindings/js/JSLazyEventListener.cpp b/Source/WebCore/bindings/js/JSLazyEventListener.cpp
index 98db97a..5b17727 100644
--- a/Source/WebCore/bindings/js/JSLazyEventListener.cpp
+++ b/Source/WebCore/bindings/js/JSLazyEventListener.cpp
@@ -20,6 +20,7 @@
 #include "config.h"
 #include "JSLazyEventListener.h"
 
+#include "ContentSecurityPolicy.h"
 #include "Frame.h"
 #include "JSNode.h"
 #include <runtime/FunctionConstructor.h>
@@ -74,36 +75,29 @@ JSObject* JSLazyEventListener::initializeJSFunction(ScriptExecutionContext* exec
     if (!executionContext)
         return 0;
 
-    Frame* frame = static_cast<Document*>(executionContext)->frame();
-    if (!frame)
+    Document* document = static_cast<Document*>(executionContext);
+
+    if (!document->frame())
+        return 0;
+
+    if (!document->contentSecurityPolicy()->allowInlineEventHandlers())
         return 0;
 
-    ScriptController* scriptController = frame->script();
-    if (!scriptController->canExecuteScripts(AboutToExecuteScript))
+    ScriptController* script = document->frame()->script();
+    if (!script->canExecuteScripts(AboutToExecuteScript) || script->isPaused())
         return 0;
 
     JSDOMGlobalObject* globalObject = toJSDOMGlobalObject(executionContext, isolatedWorld());
     if (!globalObject)
         return 0;
 
-    if (executionContext->isDocument()) {
-        JSDOMWindow* window = static_cast<JSDOMWindow*>(globalObject);
-        Frame* frame = window->impl()->frame();
-        if (!frame)
-            return 0;
-        // FIXME: Is this check needed for non-Document contexts?
-        ScriptController* script = frame->script();
-        if (!script->canExecuteScripts(AboutToExecuteScript) || script->isPaused())
-            return 0;
-    }
-
     ExecState* exec = globalObject->globalExec();
 
     MarkedArgumentBuffer args;
     args.append(jsNontrivialString(exec, stringToUString(m_eventParameterName)));
     args.append(jsString(exec, m_code));
 
-    JSObject* jsFunction = constructFunction(exec, args, Identifier(exec, stringToUString(m_functionName)), stringToUString(m_sourceURL), m_lineNumber); // FIXME: is globalExec ok?
+    JSObject* jsFunction = constructFunction(exec, exec->lexicalGlobalObject(), args, Identifier(exec, stringToUString(m_functionName)), stringToUString(m_sourceURL), m_lineNumber); // FIXME: is globalExec ok?
     if (exec->hadException()) {
         exec->clearException();
         return 0;