Changeset 51459 in webkit

Timestamp:

Nov 28, 2009 8:39:11 AM (14 years ago)

Author:

abarth@webkit.org

Message:

2009-11-28 Adam Barth <​abarth@webkit.org>

Reviewed by Dimitri Glazkov.

[Chromium] Sify compose button alerts error
​https://bugs.webkit.org/show_bug.cgi?id=31394

Test: http/tests/security/calling-versus-current.html

We're supposed to use the calling context for security checks. In JSC
land, this is the lexicalGlobalObject.

• bindings/v8/V8Proxy.cpp: (WebCore::V8Proxy::canAccessPrivate):

2009-11-28 Adam Barth <​abarth@webkit.org>

Reviewed by Dimitri Glazkov.

[Chromium] Sify compose button alerts error
​https://bugs.webkit.org/show_bug.cgi?id=31394

Test that we're using the calling security context in a simple case.

• http/tests/security/calling-versus-current-expected.txt: Added.
• http/tests/security/calling-versus-current.html: Added.

Location:

trunk

Files:

• LayoutTests/ChangeLog (modified) (1 diff)
• LayoutTests/http/tests/security/calling-versus-current-expected.txt (added)
• LayoutTests/http/tests/security/calling-versus-current.html (added)
• WebCore/ChangeLog (modified) (1 diff)
• WebCore/bindings/v8/V8Proxy.cpp (modified) (2 diffs)

trunk/LayoutTests/ChangeLog

@@ +1 @@
+2009-11-28  Adam Barth  <abarth@webkit.org>
+
+        Reviewed by Dimitri Glazkov.
+
+        [Chromium] Sify compose button alerts error
+        https://bugs.webkit.org/show_bug.cgi?id=31394
+
+        Test that we're using the calling security context in a simple case.
+
+        * http/tests/security/calling-versus-current-expected.txt: Added.
+        * http/tests/security/calling-versus-current.html: Added.
+
 2009-11-27  Daniel Bates  <dbates@webkit.org>
 

trunk/WebCore/ChangeLog

@@ +1 @@
+2009-11-28  Adam Barth  <abarth@webkit.org>
+
+        Reviewed by Dimitri Glazkov.
+
+        [Chromium] Sify compose button alerts error
+        https://bugs.webkit.org/show_bug.cgi?id=31394
+
+        Test: http/tests/security/calling-versus-current.html
+
+        We're supposed to use the calling context for security checks.  In JSC
+        land, this is the lexicalGlobalObject.
+
+        * bindings/v8/V8Proxy.cpp:
+        (WebCore::V8Proxy::canAccessPrivate):
+
 2009-11-27  Shinichiro Hamaji  <hamaji@chromium.org>
 

trunk/WebCore/bindings/v8/V8Proxy.cpp

@@ -889 +889 @@
     String message;
 
-    DOMWindow* originWindow = retrieveWindow(currentContext());
-    if (originWindow == targetWindow)
+    v8::Local<v8::Context> activeContext = v8::Context::GetCalling();
+    if (activeContext.IsEmpty()) {
+        // There is a single activation record on the stack, so that must
+        // be the activeContext.
+        activeContext = v8::Context::GetCurrent();
+    }
+    DOMWindow* activeWindow = retrieveWindow(activeContext);
+    if (activeWindow == targetWindow)
         return true;
 
-    if (!originWindow)
-        return false;
-
-    const SecurityOrigin* activeSecurityOrigin = originWindow->securityOrigin();
+    if (!activeWindow)
+        return false;
+
+    const SecurityOrigin* activeSecurityOrigin = activeWindow->securityOrigin();
     const SecurityOrigin* targetSecurityOrigin = targetWindow->securityOrigin();
 
@@ -909 +915 @@
     // Allow access to a "about:blank" page if the dynamic context is a
     // detached context of the same frame as the blank page.
-    if (targetSecurityOrigin->isEmpty() && originWindow->frame() == targetWindow->frame())
+    if (targetSecurityOrigin->isEmpty() && activeWindow->frame() == targetWindow->frame())
         return true;