Changeset 126165 in webkit


Ignore:
Timestamp:
Aug 21, 2012 9:54:26 AM (12 years ago)
Author:
abarth@webkit.org
Message:

Implement JSDOMWindow*::allowsAccessFrom* in terms of BindingSecurity
https://bugs.webkit.org/show_bug.cgi?id=93407

Reviewed by Eric Seidel.

Source/WebCore:

This patch removes allowsAccessFrom and implements the security checks
in terms of shouldAllowAccessToDOMWindow directly.

  • bindings/generic/BindingSecurity.cpp:

(WebCore::BindingSecurity::shouldAllowAccessToDOMWindow):
(WebCore):

  • bindings/generic/BindingSecurity.h:

(BindingSecurity):

  • bindings/js/JSDOMBinding.cpp:

(WebCore::shouldAllowAccessToFrame):
(WebCore):
(WebCore::shouldAllowAccessToDOMWindow):

  • bindings/js/JSDOMBinding.h:

(WebCore):

  • bindings/js/JSDOMWindowBase.cpp:

(WebCore::shouldAllowAccessFrom):
(WebCore):

  • bindings/js/JSDOMWindowBase.h:

(JSDOMWindowBase):

  • bindings/js/JSDOMWindowCustom.cpp:

(WebCore::namedItemGetter):
(WebCore::JSDOMWindow::getOwnPropertySlot):
(WebCore::JSDOMWindow::getOwnPropertyDescriptor):
(WebCore::JSDOMWindow::put):
(WebCore::JSDOMWindow::deleteProperty):
(WebCore::JSDOMWindow::getPropertyNames):
(WebCore::JSDOMWindow::getOwnPropertyNames):
(WebCore::JSDOMWindow::defineOwnProperty):
(WebCore::JSDOMWindow::setLocation):

  • bindings/js/JSDOMWindowCustom.h:
  • bindings/js/JSInjectedScriptManager.cpp:

(WebCore::InjectedScriptManager::canAccessInspectedWindow):

  • bindings/objc/WebScriptObject.mm:

(-[WebScriptObject _isSafeScript]):

  • bindings/scripts/CodeGeneratorJS.pm:

(GenerateGetOwnPropertyDescriptorBody):
(GenerateImplementation):

LayoutTests:

These test results are now more similar (although not identical) to the
results for the V8 bindings.

  • http/tests/security/listener/xss-JSTargetNode-onclick-addEventListener-expected.txt:
  • http/tests/security/listener/xss-JSTargetNode-onclick-shortcut-expected.txt:
  • http/tests/security/listener/xss-XMLHttpRequest-addEventListener-expected.txt:
  • http/tests/security/listener/xss-XMLHttpRequest-shortcut-expected.txt:
  • http/tests/security/listener/xss-window-onclick-addEventListener-expected.txt:
  • http/tests/security/listener/xss-window-onclick-shortcut-expected.txt:
Location:
trunk
Files:
19 edited

Legend:

Unmodified
Added
Removed
  • trunk/LayoutTests/ChangeLog

    r126163 r126165  
     12012-08-21  Adam Barth  <abarth@webkit.org>
     2
     3        Implement JSDOMWindow*::allowsAccessFrom* in terms of BindingSecurity
     4        https://bugs.webkit.org/show_bug.cgi?id=93407
     5
     6        Reviewed by Eric Seidel.
     7
     8        These test results are now more similar (although not identical) to the
     9        results for the V8 bindings.
     10
     11        * http/tests/security/listener/xss-JSTargetNode-onclick-addEventListener-expected.txt:
     12        * http/tests/security/listener/xss-JSTargetNode-onclick-shortcut-expected.txt:
     13        * http/tests/security/listener/xss-XMLHttpRequest-addEventListener-expected.txt:
     14        * http/tests/security/listener/xss-XMLHttpRequest-shortcut-expected.txt:
     15        * http/tests/security/listener/xss-window-onclick-addEventListener-expected.txt:
     16        * http/tests/security/listener/xss-window-onclick-shortcut-expected.txt:
     17
    1182012-08-21  Brady Eidson  <beidson@apple.com>
    219
  • trunk/LayoutTests/http/tests/security/listener/xss-JSTargetNode-onclick-addEventListener-expected.txt

    r104803 r126165  
    1 CONSOLE MESSAGE: Unsafe JavaScript attempt to access frame with URL http://localhost:8000/security/resources/cross-frame-iframe.html from frame with URL http://127.0.0.1:8000/security/listener/resources/targetChild-JSTargetNode-onclick-addEventListener.html. Domains, protocols and ports must match.
    2 
    31CONSOLE MESSAGE: Unsafe JavaScript attempt to access frame with URL http://localhost:8000/security/resources/cross-frame-iframe.html from frame with URL http://127.0.0.1:8000/security/listener/resources/targetChild-JSTargetNode-onclick-addEventListener.html. Domains, protocols and ports must match.
    42
  • trunk/LayoutTests/http/tests/security/listener/xss-JSTargetNode-onclick-shortcut-expected.txt

    r104803 r126165  
    1 CONSOLE MESSAGE: Unsafe JavaScript attempt to access frame with URL http://localhost:8000/security/resources/cross-frame-iframe.html from frame with URL http://127.0.0.1:8000/security/listener/resources/targetChild-JSTargetNode-onclick-shortcut.html. Domains, protocols and ports must match.
    2 
    31CONSOLE MESSAGE: Unsafe JavaScript attempt to access frame with URL http://localhost:8000/security/resources/cross-frame-iframe.html from frame with URL http://127.0.0.1:8000/security/listener/resources/targetChild-JSTargetNode-onclick-shortcut.html. Domains, protocols and ports must match.
    42
  • trunk/LayoutTests/http/tests/security/listener/xss-XMLHttpRequest-addEventListener-expected.txt

    r104803 r126165  
    1 CONSOLE MESSAGE: Unsafe JavaScript attempt to access frame with URL http://localhost:8000/security/resources/cross-frame-iframe.html from frame with URL http://127.0.0.1:8000/security/listener/resources/targetChild-XMLHttpRequest-addEventListener.html. Domains, protocols and ports must match.
    2 
    31CONSOLE MESSAGE: Unsafe JavaScript attempt to access frame with URL http://localhost:8000/security/resources/cross-frame-iframe.html from frame with URL http://127.0.0.1:8000/security/listener/resources/targetChild-XMLHttpRequest-addEventListener.html. Domains, protocols and ports must match.
    42
  • trunk/LayoutTests/http/tests/security/listener/xss-XMLHttpRequest-shortcut-expected.txt

    r104803 r126165  
    1 CONSOLE MESSAGE: Unsafe JavaScript attempt to access frame with URL http://localhost:8000/security/resources/cross-frame-iframe.html from frame with URL http://127.0.0.1:8000/security/listener/resources/targetChild-XMLHttpRequest-shortcut.html. Domains, protocols and ports must match.
    2 
    31CONSOLE MESSAGE: Unsafe JavaScript attempt to access frame with URL http://localhost:8000/security/resources/cross-frame-iframe.html from frame with URL http://127.0.0.1:8000/security/listener/resources/targetChild-XMLHttpRequest-shortcut.html. Domains, protocols and ports must match.
    42
  • trunk/LayoutTests/http/tests/security/listener/xss-window-onclick-addEventListener-expected.txt

    r104803 r126165  
    1 CONSOLE MESSAGE: Unsafe JavaScript attempt to access frame with URL http://localhost:8000/security/resources/cross-frame-iframe.html from frame with URL http://127.0.0.1:8000/security/listener/resources/targetChild-window-onclick-addEventListener.html. Domains, protocols and ports must match.
    2 
    31CONSOLE MESSAGE: Unsafe JavaScript attempt to access frame with URL http://localhost:8000/security/resources/cross-frame-iframe.html from frame with URL http://127.0.0.1:8000/security/listener/resources/targetChild-window-onclick-addEventListener.html. Domains, protocols and ports must match.
    42
  • trunk/LayoutTests/http/tests/security/listener/xss-window-onclick-shortcut-expected.txt

    r104803 r126165  
    1 CONSOLE MESSAGE: Unsafe JavaScript attempt to access frame with URL http://localhost:8000/security/resources/cross-frame-iframe.html from frame with URL http://127.0.0.1:8000/security/listener/resources/targetChild-window-onclick-shortcut.html. Domains, protocols and ports must match.
    2 
    31CONSOLE MESSAGE: Unsafe JavaScript attempt to access frame with URL http://localhost:8000/security/resources/cross-frame-iframe.html from frame with URL http://127.0.0.1:8000/security/listener/resources/targetChild-window-onclick-shortcut.html. Domains, protocols and ports must match.
    42
  • trunk/Source/WebCore/ChangeLog

    r126164 r126165  
     12012-08-21  Adam Barth  <abarth@webkit.org>
     2
     3        Implement JSDOMWindow*::allowsAccessFrom* in terms of BindingSecurity
     4        https://bugs.webkit.org/show_bug.cgi?id=93407
     5
     6        Reviewed by Eric Seidel.
     7
     8        This patch removes allowsAccessFrom and implements the security checks
     9        in terms of shouldAllowAccessToDOMWindow directly.
     10
     11        * bindings/generic/BindingSecurity.cpp:
     12        (WebCore::BindingSecurity::shouldAllowAccessToDOMWindow):
     13        (WebCore):
     14        * bindings/generic/BindingSecurity.h:
     15        (BindingSecurity):
     16        * bindings/js/JSDOMBinding.cpp:
     17        (WebCore::shouldAllowAccessToFrame):
     18        (WebCore):
     19        (WebCore::shouldAllowAccessToDOMWindow):
     20        * bindings/js/JSDOMBinding.h:
     21        (WebCore):
     22        * bindings/js/JSDOMWindowBase.cpp:
     23        (WebCore::shouldAllowAccessFrom):
     24        (WebCore):
     25        * bindings/js/JSDOMWindowBase.h:
     26        (JSDOMWindowBase):
     27        * bindings/js/JSDOMWindowCustom.cpp:
     28        (WebCore::namedItemGetter):
     29        (WebCore::JSDOMWindow::getOwnPropertySlot):
     30        (WebCore::JSDOMWindow::getOwnPropertyDescriptor):
     31        (WebCore::JSDOMWindow::put):
     32        (WebCore::JSDOMWindow::deleteProperty):
     33        (WebCore::JSDOMWindow::getPropertyNames):
     34        (WebCore::JSDOMWindow::getOwnPropertyNames):
     35        (WebCore::JSDOMWindow::defineOwnProperty):
     36        (WebCore::JSDOMWindow::setLocation):
     37        * bindings/js/JSDOMWindowCustom.h:
     38        * bindings/js/JSInjectedScriptManager.cpp:
     39        (WebCore::InjectedScriptManager::canAccessInspectedWindow):
     40        * bindings/objc/WebScriptObject.mm:
     41        (-[WebScriptObject _isSafeScript]):
     42        * bindings/scripts/CodeGeneratorJS.pm:
     43        (GenerateGetOwnPropertyDescriptorBody):
     44        (GenerateImplementation):
     45
    1462012-08-21  Dan Bernstein  <mitz@apple.com>
    247
  • trunk/Source/WebCore/bindings/generic/BindingSecurity.cpp

    r125761 r126165  
    6161}
    6262
     63bool BindingSecurity::shouldAllowAccessToDOMWindow(BindingState* state, DOMWindow* target, SecurityReportingOption reportingOption)
     64{
     65    return target && canAccessDocument(state, target->document(), reportingOption);
     66}
     67
    6368bool BindingSecurity::shouldAllowAccessToFrame(BindingState* state, Frame* target, SecurityReportingOption reportingOption)
    6469{
  • trunk/Source/WebCore/bindings/generic/BindingSecurity.h

    r124847 r126165  
    4848public:
    4949    static bool shouldAllowAccessToNode(BindingState*, Node*);
     50    static bool shouldAllowAccessToDOMWindow(BindingState*, DOMWindow*, SecurityReportingOption = ReportSecurityError);
    5051    static bool shouldAllowAccessToFrame(BindingState*, Frame*, SecurityReportingOption = ReportSecurityError);
    5152    static bool allowSettingFrameSrcToJavascriptUrl(BindingState*, HTMLFrameElementBase*, const String& value);
  • trunk/Source/WebCore/bindings/js/JSDOMBinding.cpp

    r125946 r126165  
    213213}
    214214
    215 bool shouldAllowAccessToFrame(ExecState* exec, Frame* frame)
    216 {
    217     return BindingSecurity::shouldAllowAccessToFrame(exec, frame);
     215bool shouldAllowAccessToFrame(ExecState* exec, Frame* target)
     216{
     217    return BindingSecurity::shouldAllowAccessToFrame(exec, target);
    218218}
    219219
     
    228228}
    229229
     230bool shouldAllowAccessToDOMWindow(ExecState* exec, DOMWindow* target, String& message)
     231{
     232    if (!target)
     233        return false;
     234    bool result = BindingSecurity::shouldAllowAccessToDOMWindow(exec, target, DoNotReportSecurityError);
     235    // FIXME: The following line of code should move somewhere that it can be shared with immediatelyReportUnsafeAccessTo.
     236    message = target->crossDomainAccessErrorMessage(activeDOMWindow(exec));
     237    return result;
     238}
     239
    230240void printErrorMessageForFrame(Frame* frame, const String& message)
    231241{
  • trunk/Source/WebCore/bindings/js/JSDOMBinding.h

    r125484 r126165  
    402402    }
    403403
    404     // FIXME: Implement allowAccessToContext(JSC::ExecState*, ScriptExecutionContext*);
    405404    bool shouldAllowAccessToNode(JSC::ExecState*, Node*);
    406405    bool shouldAllowAccessToFrame(JSC::ExecState*, Frame*);
    407406    bool shouldAllowAccessToFrame(JSC::ExecState*, Frame*, String& message);
    408     // FIXME: Implement allowAccessToDOMWindow(JSC::ExecState*, DOMWindow*);
     407    bool shouldAllowAccessToDOMWindow(BindingState*, DOMWindow*, String& message);
    409408
    410409    void printErrorMessageForFrame(Frame*, const String& message);
  • trunk/Source/WebCore/bindings/js/JSDOMWindowBase.cpp

    r125761 r126165  
    2424#include "JSDOMWindowBase.h"
    2525
     26#include "BindingSecurity.h"
    2627#include "Chrome.h"
    2728#include "Console.h"
     
    4344namespace WebCore {
    4445
     46static bool shouldAllowAccessFrom(const JSGlobalObject* thisObject, ExecState* exec)
     47{
     48    return BindingSecurity::shouldAllowAccessToDOMWindow(exec, asJSDOMWindow(thisObject)->impl());
     49}
     50
    4551const ClassInfo JSDOMWindowBase::s_info = { "Window", &JSDOMGlobalObject::s_info, 0, 0, CREATE_METHOD_TABLE(JSDOMWindowBase) };
    4652
    47 const GlobalObjectMethodTable JSDOMWindowBase::s_globalObjectMethodTable = { &allowsAccessFrom, &supportsProfiling, &supportsRichSourceInfo, &shouldInterruptScript, &javaScriptExperimentsEnabled };
     53const GlobalObjectMethodTable JSDOMWindowBase::s_globalObjectMethodTable = { &shouldAllowAccessFrom, &supportsProfiling, &supportsRichSourceInfo, &shouldInterruptScript, &javaScriptExperimentsEnabled };
    4854
    4955JSDOMWindowBase::JSDOMWindowBase(JSGlobalData& globalData, Structure* structure, PassRefPtr<DOMWindow> window, JSDOMWindowShell* shell)
     
    8490}
    8591
    86 String JSDOMWindowBase::crossDomainAccessErrorMessage(const JSGlobalObject* other) const
    87 {
    88     return m_shell->window()->impl()->crossDomainAccessErrorMessage(asJSDOMWindow(other)->impl());
    89 }
    90 
    9192void JSDOMWindowBase::printErrorMessage(const String& message) const
    9293{
    9394    printErrorMessageForFrame(impl()->frame(), message);
    94 }
    95 
    96 // This method checks whether accesss to *this* global object is permitted from
    97 // the given context; this differs from allowsAccessFromPrivate, since that
    98 // method checks whether the given context is permitted to access the current
    99 // window the shell is referencing (which may come from a different security
    100 // origin to this global object).
    101 bool JSDOMWindowBase::allowsAccessFrom(const JSGlobalObject* thisObject, ExecState* exec)
    102 {
    103     JSGlobalObject* otherObject = exec->lexicalGlobalObject();
    104 
    105     const JSDOMWindow* originWindow = asJSDOMWindow(otherObject);
    106     const JSDOMWindow* targetWindow = asJSDOMWindow(thisObject);
    107 
    108     if (originWindow == targetWindow)
    109         return true;
    110 
    111     const SecurityOrigin* originSecurityOrigin = originWindow->impl()->document()->securityOrigin();
    112     const SecurityOrigin* targetSecurityOrigin = targetWindow->impl()->document()->securityOrigin();
    113 
    114     if (originSecurityOrigin->canAccess(targetSecurityOrigin))
    115         return true;
    116 
    117     targetWindow->printErrorMessage(targetWindow->crossDomainAccessErrorMessage(otherObject));
    118     return false;
    11995}
    12096
  • trunk/Source/WebCore/bindings/js/JSDOMWindowBase.h

    r125152 r126165  
    6565        static bool shouldInterruptScript(const JSC::JSGlobalObject*);
    6666        static bool javaScriptExperimentsEnabled(const JSC::JSGlobalObject*);
    67         static bool allowsAccessFrom(const JSC::JSGlobalObject*, JSC::ExecState*);
    68        
    69         bool allowsAccessFrom(JSC::ExecState*) const;
    70         bool allowsAccessFromNoErrorMessage(JSC::ExecState*) const;
    71         bool allowsAccessFrom(JSC::ExecState*, String& message) const;
    7267        void printErrorMessage(const String&) const;
    7368
    74         // Don't call this version of allowsAccessFrom -- it's a slightly incorrect implementation used only by WebScriptObject
    75         bool allowsAccessFrom(const JSC::JSGlobalObject*) const;
    76        
    7769        static JSC::JSObject* toThisObject(JSC::JSCell*, JSC::ExecState*);
    7870        JSDOMWindowShell* shell() const;
     
    8375        RefPtr<DOMWindow> m_impl;
    8476        JSDOMWindowShell* m_shell;
    85 
    86         bool allowsAccessFromPrivate(const JSC::JSGlobalObject*) const;
    87         String crossDomainAccessErrorMessage(const JSC::JSGlobalObject*) const;
    8877    };
    8978
  • trunk/Source/WebCore/bindings/js/JSDOMWindowCustom.cpp

    r125711 r126165  
    2222#include "JSDOMWindowCustom.h"
    2323
     24#include "BindingSecurity.h"
    2425#include "Frame.h"
    2526#include "HTMLCollection.h"
     
    113114    Document* document = thisObj->impl()->frame()->document();
    114115
    115     ASSERT(thisObj->allowsAccessFrom(exec));
     116    ASSERT(BindingSecurity::shouldAllowAccessToDOMWindow(exec, thisObj->impl()));
    116117    ASSERT(document);
    117118    ASSERT(document->isHTMLDocument());
     
    159160    // is allowed.
    160161    String errorMessage;
    161     bool allowsAccess = thisObject->allowsAccessFrom(exec, errorMessage);
     162    bool allowsAccess = shouldAllowAccessToDOMWindow(exec, thisObject->impl(), errorMessage);
    162163
    163164    // Look for overrides before looking at any of our own properties, but ignore overrides completely
     
    167168
    168169    // We need this code here because otherwise JSDOMWindowBase will stop the search before we even get to the
    169     // prototype due to the blanket same origin (allowsAccessFrom) check at the end of getOwnPropertySlot.
     170    // prototype due to the blanket same origin (shouldAllowAccessToDOMWindow) check at the end of getOwnPropertySlot.
    170171    // Also, it's important to get the implementation straight out of the DOMWindow prototype regardless of
    171172    // what prototype is actually set on this object.
     
    273274    JSDOMWindow* thisObject = jsCast<JSDOMWindow*>(object);
    274275    // Never allow cross-domain getOwnPropertyDescriptor
    275     if (!thisObject->allowsAccessFrom(exec))
     276    if (!BindingSecurity::shouldAllowAccessToDOMWindow(exec, thisObject->impl()))
    276277        return false;
    277278
     
    350351    // Optimization: access JavaScript global variables directly before involving the DOM.
    351352    if (thisObject->JSGlobalObject::hasOwnPropertyForWrite(exec, propertyName)) {
    352         if (thisObject->allowsAccessFrom(exec))
     353        if (BindingSecurity::shouldAllowAccessToDOMWindow(exec, thisObject->impl()))
    353354            JSGlobalObject::put(thisObject, exec, propertyName, value, slot);
    354355        return;
     
    358359        return;
    359360
    360     if (thisObject->allowsAccessFrom(exec))
     361    if (BindingSecurity::shouldAllowAccessToDOMWindow(exec, thisObject->impl()))
    361362        Base::put(thisObject, exec, propertyName, value, slot);
    362363}
     
    366367    JSDOMWindow* thisObject = jsCast<JSDOMWindow*>(cell);
    367368    // Only allow deleting properties by frames in the same origin.
    368     if (!thisObject->allowsAccessFrom(exec))
     369    if (!BindingSecurity::shouldAllowAccessToDOMWindow(exec, thisObject->impl()))
    369370        return false;
    370371    return Base::deleteProperty(thisObject, exec, propertyName);
     
    375376    JSDOMWindow* thisObject = jsCast<JSDOMWindow*>(object);
    376377    // Only allow the window to enumerated by frames in the same origin.
    377     if (!thisObject->allowsAccessFrom(exec))
     378    if (!BindingSecurity::shouldAllowAccessToDOMWindow(exec, thisObject->impl()))
    378379        return;
    379380    Base::getPropertyNames(thisObject, exec, propertyNames, mode);
     
    384385    JSDOMWindow* thisObject = jsCast<JSDOMWindow*>(object);
    385386    // Only allow the window to enumerated by frames in the same origin.
    386     if (!thisObject->allowsAccessFrom(exec))
     387    if (!BindingSecurity::shouldAllowAccessToDOMWindow(exec, thisObject->impl()))
    387388        return;
    388389    Base::getOwnPropertyNames(thisObject, exec, propertyNames, mode);
     
    393394    JSDOMWindow* thisObject = jsCast<JSDOMWindow*>(object);
    394395    // Only allow defining properties in this way by frames in the same origin, as it allows setters to be introduced.
    395     if (!thisObject->allowsAccessFrom(exec))
     396    if (!BindingSecurity::shouldAllowAccessToDOMWindow(exec, thisObject->impl()))
    396397        return false;
    397398
     
    413414        if (Settings* settings = activeFrame->settings()) {
    414415            if (settings->usesDashboardBackwardCompatibilityMode() && !activeFrame->tree()->parent()) {
    415                 if (allowsAccessFrom(exec))
     416                if (BindingSecurity::shouldAllowAccessToDOMWindow(exec, impl()))
    416417                    putDirect(exec->globalData(), Identifier(exec, "location"), value);
    417418                return;
  • trunk/Source/WebCore/bindings/js/JSDOMWindowCustom.h

    r125761 r126165  
    3737}
    3838
    39 inline bool JSDOMWindowBase::allowsAccessFrom(const JSGlobalObject* other) const
    40 {
    41     if (allowsAccessFromPrivate(other))
    42         return true;
    43     printErrorMessage(crossDomainAccessErrorMessage(other));
    44     return false;
    45 }
    46 
    47 inline bool JSDOMWindowBase::allowsAccessFrom(JSC::ExecState* exec) const
    48 {
    49     if (allowsAccessFromPrivate(exec->lexicalGlobalObject()))
    50         return true;
    51     printErrorMessage(crossDomainAccessErrorMessage(exec->lexicalGlobalObject()));
    52     return false;
    53 }
    54    
    55 inline bool JSDOMWindowBase::allowsAccessFromNoErrorMessage(JSC::ExecState* exec) const
    56 {
    57     return allowsAccessFromPrivate(exec->lexicalGlobalObject());
    58 }
    59    
    60 inline bool JSDOMWindowBase::allowsAccessFrom(JSC::ExecState* exec, String& message) const
    61 {
    62     if (allowsAccessFromPrivate(exec->lexicalGlobalObject()))
    63         return true;
    64     message = crossDomainAccessErrorMessage(exec->lexicalGlobalObject());
    65     return false;
    66 }
    67    
    68 ALWAYS_INLINE bool JSDOMWindowBase::allowsAccessFromPrivate(const JSGlobalObject* other) const
    69 {
    70     const JSDOMWindow* originWindow = asJSDOMWindow(other);
    71     const JSDOMWindow* targetWindow = m_shell->window();
    72 
    73     if (originWindow == targetWindow)
    74         return true;
    75 
    76     const SecurityOrigin* originSecurityOrigin = originWindow->impl()->document()->securityOrigin();
    77     const SecurityOrigin* targetSecurityOrigin = targetWindow->impl()->document()->securityOrigin();
    78 
    79     return originSecurityOrigin->canAccess(targetSecurityOrigin);
    80 }
    81 
    8239}
    8340
  • trunk/Source/WebCore/bindings/js/JSInjectedScriptManager.cpp

    r125152 r126165  
    3737#include "InjectedScriptManager.h"
    3838
     39#include "BindingSecurity.h"
    3940#include "ExceptionCode.h"
    4041#include "JSDOMWindow.h"
     
    8687    if (!inspectedWindow)
    8788        return false;
    88     return inspectedWindow->allowsAccessFromNoErrorMessage(scriptState);
     89    return BindingSecurity::shouldAllowAccessToDOMWindow(scriptState, inspectedWindow->impl(), DoNotReportSecurityError);
    8990}
    9091
  • trunk/Source/WebCore/bindings/objc/WebScriptObject.mm

    r125152 r126165  
    2727#import "WebScriptObjectPrivate.h"
    2828
     29#import "BindingSecurity.h"
    2930#import "BridgeJSC.h"
    3031#import "Console.h"
     
    242243        return false;
    243244
    244     return jsCast<JSDOMWindowBase*>(root->globalObject())->allowsAccessFrom(_private->originRootObject->globalObject());
     245    // It's not actually correct to call shouldAllowAccessToFrame in this way because
     246    // JSDOMWindowBase* isn't the right object to represent the currently executing
     247    // JavaScript. Instead, we should use ExecState, like we do elsewhere.
     248    JSDOMWindowBase* target = jsCast<JSDOMWindowBase*>(root->globalObject());
     249    return BindingSecurity::shouldAllowAccessToDOMWindow(_private->originRootObject->globalObject()->globalExec(), target->impl());
    245250}
    246251
  • trunk/Source/WebCore/bindings/scripts/CodeGeneratorJS.pm

    r125745 r126165  
    476476    if ($dataNode->extendedAttributes->{"CheckSecurity"}) {
    477477        if ($interfaceName eq "DOMWindow") {
    478             push(@implContent, "    if (!thisObject->allowsAccessFrom(exec))\n");
     478            $implIncludes{"BindingSecurity.h"} = 1;
     479            push(@implContent, "    if (!BindingSecurity::shouldAllowAccessToDOMWindow(exec, jsCast<$className*>(thisObject)->impl()))\n");
    479480        } else {
    480481            push(@implContent, "    if (!shouldAllowAccessToFrame(exec, thisObject->impl()->frame()))\n");
     
    17691770                    !$attribute->signature->extendedAttributes->{"DoNotCheckSecurity"} &&
    17701771                    !$attribute->signature->extendedAttributes->{"DoNotCheckSecurityOnGetter"}) {
    1771                     push(@implContent, "    if (!castedThis->allowsAccessFrom(exec))\n");
     1772                    $implIncludes{"BindingSecurity.h"} = 1;
     1773                    push(@implContent, "    if (!BindingSecurity::shouldAllowAccessToDOMWindow(exec, castedThis->impl()))\n");
    17721774                    push(@implContent, "        return jsUndefined();\n");
    17731775                }
     
    18841886
    18851887                if ($dataNode->extendedAttributes->{"CheckSecurity"}) {
    1886                     push(@implContent, "    if (!domObject->allowsAccessFrom(exec))\n");
     1888                    $implIncludes{"BindingSecurity.h"} = 1;
     1889                    push(@implContent, "    if (!BindingSecurity::shouldAllowAccessToDOMWindow(exec, domObject->impl()))\n");
    18871890                    push(@implContent, "        return jsUndefined();\n");
    18881891                }
     
    19591962                            if ($dataNode->extendedAttributes->{"CheckSecurity"} && !$attribute->signature->extendedAttributes->{"DoNotCheckSecurity"}) {
    19601963                                if ($interfaceName eq "DOMWindow") {
    1961                                     push(@implContent, "    if (!jsCast<$className*>(thisObject)->allowsAccessFrom(exec))\n");
     1964                                    $implIncludes{"BindingSecurity.h"} = 1;
     1965                                    push(@implContent, "    if (!BindingSecurity::shouldAllowAccessToDOMWindow(exec, jsCast<$className*>(thisObject)->impl()))\n");
    19621966                                } else {
    19631967                                    push(@implContent, "    if (!shouldAllowAccessToFrame(exec, jsCast<$className*>(thisObject)->impl()->frame()))\n");
     
    20882092                if ($dataNode->extendedAttributes->{"CheckSecurity"}) {
    20892093                    if ($interfaceName eq "DOMWindow") {
    2090                         push(@implContent, "    if (!jsCast<$className*>(thisObject)->allowsAccessFrom(exec))\n");
     2094                        $implIncludes{"BindingSecurity.h"} = 1;
     2095                        push(@implContent, "    if (!BindingSecurity::shouldAllowAccessToDOMWindow(exec, jsCast<$className*>(thisObject)->impl()))\n");
    20912096                    } else {
    20922097                        push(@implContent, "    if (!shouldAllowAccessToFrame(exec, jsCast<$className*>(thisObject)->impl()->frame()))\n");
     
    21952200                if ($dataNode->extendedAttributes->{"CheckSecurity"} and
    21962201                    !$function->signature->extendedAttributes->{"DoNotCheckSecurity"}) {
    2197                     push(@implContent, "    if (!castedThis->allowsAccessFrom(exec))\n");
     2202                    $implIncludes{"BindingSecurity.h"} = 1;
     2203                    push(@implContent, "    if (!BindingSecurity::shouldAllowAccessToDOMWindow(exec, castedThis->impl()))\n");
    21982204                    push(@implContent, "        return JSValue::encode(jsUndefined());\n");
    21992205                }
Note: See TracChangeset for help on using the changeset viewer.