Use GetMutableSecurityOrigin() for modifying SecurityContext's SecurityOrigin

No behavior changes. Bug: 779730 Change-Id: Iee799336a5f5f2db61d6990edfead3c31b377c50 Reviewed-on: https://chromium-review.googlesource.com/762342Reviewed-by: Kinuko Yasuda <kinuko@chromium.org> Reviewed-by: Mike West <mkwst@chromium.org> Commit-Queue: Hiroshige Hayashizaki <hiroshige@chromium.org> Cr-Commit-Position: refs/heads/master@{#520845}

Use GetMutableSecurityOrigin() for modifying SecurityContext's SecurityOrigin
No behavior changes. Bug: 779730 Change-Id: Iee799336a5f5f2db61d6990edfead3c31b377c50 Reviewed-on: https://chromium-review.googlesource.com/762342Reviewed-by: Kinuko Yasuda <kinuko@chromium.org> Reviewed-by: Mike West <mkwst@chromium.org> Commit-Queue: Hiroshige Hayashizaki <hiroshige@chromium.org> Cr-Commit-Position: refs/heads/master@{#520845}
62acf2e5 · Hiroshige Hayashizaki · Commit Bot · 9281d2eb · 62acf2e5 · 62acf2e5
Commit 62acf2e5 authored Dec 01, 2017 by Hiroshige Hayashizaki Committed by Commit Bot Dec 01, 2017
2 changed files
--- a/third_party/WebKit/Source/core/dom/Document.cpp
+++ b/third_party/WebKit/Source/core/dom/Document.cpp
@@ -5171,7 +5171,7 @@ void Document::setDomain(const String& raw_domain,
                          ? WebFeature::kDocumentDomainSetWithDefaultPort
                          : WebFeature::kDocumentDomainSetWithNonDefaultPort);
    bool was_cross_domain = frame_->IsCrossOriginSubframe();
-    GetSecurityOrigin()->SetDomainFromDOM(new_domain);
+    GetMutableSecurityOrigin()->SetDomainFromDOM(new_domain);
    if (View() && (was_cross_domain != frame_->IsCrossOriginSubframe()))
      View()->CrossOriginStatusChanged();
@@ -6082,23 +6082,23 @@ void Document::InitSecurityContext(const DocumentInit& initializer) {
      // Web security is turned off. We should let this document access every
      // other document. This is used primary by testing harnesses for web
      // sites.
-      GetSecurityOrigin()->GrantUniversalAccess();
+      GetMutableSecurityOrigin()->GrantUniversalAccess();
    } else if (GetSecurityOrigin()->IsLocal()) {
      if (settings->GetAllowUniversalAccessFromFileURLs()) {
        // Some clients want local URLs to have universal access, but that
        // setting is dangerous for other clients.
-        GetSecurityOrigin()->GrantUniversalAccess();
+        GetMutableSecurityOrigin()->GrantUniversalAccess();
      } else if (!settings->GetAllowFileAccessFromFileURLs()) {
        // Some clients do not want local URLs to have access to other local
        // URLs.
-        GetSecurityOrigin()->BlockLocalAccessFromLocalOrigin();
+        GetMutableSecurityOrigin()->BlockLocalAccessFromLocalOrigin();
      }
    }
  }
  if (GetSecurityOrigin()->IsUnique() &&
      SecurityOrigin::Create(url_)->IsPotentiallyTrustworthy())
-    GetSecurityOrigin()->SetUniqueOriginIsPotentiallyTrustworthy(true);
+    GetMutableSecurityOrigin()->SetUniqueOriginIsPotentiallyTrustworthy(true);
  ApplyFeaturePolicy({});

--- a/third_party/WebKit/Source/core/frame/WebLocalFrameImpl.cpp
+++ b/third_party/WebKit/Source/core/frame/WebLocalFrameImpl.cpp
@@ -1765,7 +1765,7 @@ void WebLocalFrameImpl::InitializeCoreFrame(Page& page,
  CHECK(frame_->Loader().StateMachine()->IsDisplayingInitialEmptyDocument());
  if (!Parent() && !Opener() &&
      frame_->GetSettings()->GetShouldReuseGlobalForUnownedMainFrame()) {
-    frame_->GetDocument()->GetSecurityOrigin()->GrantUniversalAccess();
+    frame_->GetDocument()->GetMutableSecurityOrigin()->GrantUniversalAccess();
  }
  if (!owner) {