Skip to content

GitLab

T
tangled
Commit 6daf0cab authored by epertoso@chromium.org's avatar epertoso@chromium.org
Browse files
Options

Modifies V8WrapperInstantiationScope::SecurityCheck to only call... 

Modifies V8WrapperInstantiationScope::SecurityCheck to only call BindingSecurity::shouldAllowAccessToFrame if m_context's world is the main world.

BUG=529667

Review URL: https://codereview.chromium.org/1323453005

git-svn-id: svn://svn.chromium.org/blink/trunk@201987 bbb929c8-8fbe-4397-9dbb-9b2b20218538
parent 03248ab1
Show whitespace changes
Inline Side-by-side
Showing with 14 additions and 8 deletions
third_party/WebKit/Source/bindings/core/v8/V8DOMWrapper.cpp
View file @ 6daf0cab
...@@ -130,13 +130,19 @@ bool V8DOMWrapper::hasInternalFieldsSet(v8::Local<v8::Value> value) ...@@ -130,13 +130,19 @@ bool V8DOMWrapper::hasInternalFieldsSet(v8::Local<v8::Value> value)
&& untrustedWrapperTypeInfo->ginEmbedder == gin::kEmbedderBlink; && untrustedWrapperTypeInfo->ginEmbedder == gin::kEmbedderBlink;
} }
void V8WrapperInstantiationScope::SecurityCheck(v8::Isolate* isolate, v8::Local<v8::Context> contextForWrapper) void V8WrapperInstantiationScope::securityCheck(v8::Isolate* isolate, v8::Local<v8::Context> contextForWrapper)
{ {
if (!m_context.IsEmpty()) { if (m_context.IsEmpty())
return;
// If the context is different, we need to make sure that the current // If the context is different, we need to make sure that the current
// context has access to the creation context. // context has access to the creation context.
Frame* frame = toFrameIfNotDetached(contextForWrapper); Frame* frame = toFrameIfNotDetached(contextForWrapper);
RELEASE_ASSERT(!frame || BindingSecurity::shouldAllowAccessToFrame(isolate, frame, DoNotReportSecurityError)); if (!frame)
return;
const DOMWrapperWorld& currentWorld = DOMWrapperWorld::world(m_context);
RELEASE_ASSERT(currentWorld.worldId() == DOMWrapperWorld::world(contextForWrapper).worldId());
if (currentWorld.isMainWorld()) {
RELEASE_ASSERT(BindingSecurity::shouldAllowAccessToFrame(isolate, frame, DoNotReportSecurityError));
} }
} }
......
third_party/WebKit/Source/bindings/core/v8/V8DOMWrapper.h
View file @ 6daf0cab
...@@ -124,7 +124,7 @@ public: ...@@ -124,7 +124,7 @@ public:
if (contextForWrapper == m_context) if (contextForWrapper == m_context)
return; return;
if (withSecurityCheck) if (withSecurityCheck)
SecurityCheck(isolate, contextForWrapper); securityCheck(isolate, contextForWrapper);
m_context = v8::Local<v8::Context>::New(isolate, contextForWrapper); m_context = v8::Local<v8::Context>::New(isolate, contextForWrapper);
m_didEnterContext = true; m_didEnterContext = true;
m_context->Enter(); m_context->Enter();
...@@ -140,7 +140,7 @@ public: ...@@ -140,7 +140,7 @@ public:
v8::Local<v8::Context> context() const { return m_context; } v8::Local<v8::Context> context() const { return m_context; }
private: private:
void SecurityCheck(v8::Isolate*, v8::Local<v8::Context> contextForWrapper); void securityCheck(v8::Isolate*, v8::Local<v8::Context> contextForWrapper);
bool m_didEnterContext; bool m_didEnterContext;
v8::Local<v8::Context> m_context; v8::Local<v8::Context> m_context;
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment