Return different functions with the same behavior between cross-origin access...

Return different functions with the same behavior between cross-origin access and same-origin access for data properties According to the spec (test), when a data property of cross-origin properties is called, different functions with the same behavior should be returned between cross-origin access and same-origin access. However, completely the same functions via the same function template are returned currently. This CL fixes the gap by using a different template for each. Bug: 715418 Change-Id: Ibb410999e87547ead088a49f86274150783724a1 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1846620Reviewed-by: Hitoshi Yoshida <peria@chromium.org> Reviewed-by: Yuki Shiino <yukishiino@chromium.org> Reviewed-by: Kentaro Hara <haraken@chromium.org> Commit-Queue: Marina Sakai <marinasakai@google.com> Cr-Commit-Position: refs/heads/master@{#704047}

Return different functions with the same behavior between cross-origin access...
Return different functions with the same behavior between cross-origin access and same-origin access for data properties According to the spec (test), when a data property of cross-origin properties is called, different functions with the same behavior should be returned between cross-origin access and same-origin access. However, completely the same functions via the same function template are returned currently. This CL fixes the gap by using a different template for each. Bug: 715418 Change-Id: Ibb410999e87547ead088a49f86274150783724a1 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1846620Reviewed-by: Hitoshi Yoshida <peria@chromium.org> Reviewed-by: Yuki Shiino <yukishiino@chromium.org> Reviewed-by: Kentaro Hara <haraken@chromium.org> Commit-Queue: Marina Sakai <marinasakai@google.com> Cr-Commit-Position: refs/heads/master@{#704047}
9c00e198 · Marina Sakai · Commit Bot · 3ba6b936 · 9c00e198 · 9c00e198
Commit 9c00e198 authored Oct 09, 2019 by Marina Sakai Committed by Commit Bot Oct 09, 2019
4 changed files
--- a/third_party/blink/renderer/bindings/templates/interface.cc.tmpl
+++ b/third_party/blink/renderer/bindings/templates/interface.cc.tmpl
@@ -974,10 +974,40 @@ static const V8DOMConfiguration::AttributeConfiguration {{method.name}}OriginSaf
 {% set getter_callback_for_main_world = '%sForMainWorld' % getter_callback %}
 {% set setter_callback_for_main_world = '%sForMainWorld' % setter_callback
       if not method.is_unforgeable else 'nullptr' %}
-    {"{{method.name}}", {{getter_callback_for_main_world}}, {{setter_callback_for_main_world}}, {{property_attribute}}, {{property_location(method)}}, {{holder_check}}, V8DOMConfiguration::kHasSideEffect, V8DOMConfiguration::kAlwaysCallGetter, V8DOMConfiguration::MainWorld},
+    {
-    {"{{method.name}}", {{getter_callback}}, {{setter_callback}}, {{property_attribute}}, {{property_location(method)}}, {{holder_check}}, V8DOMConfiguration::kHasSideEffect, V8DOMConfiguration::kAlwaysCallGetter, V8DOMConfiguration::NonMainWorlds}}
+        "{{method.name}}",
+        {{getter_callback_for_main_world}},
+        {{setter_callback_for_main_world}},
+        {{property_attribute}},
+        {{property_location(method)}},
+        {{holder_check}},
+        V8DOMConfiguration::kHasSideEffect,
+        V8DOMConfiguration::kAlwaysCallGetter,
+        V8DOMConfiguration::MainWorld,
+    },
+    {
+        "{{method.name}}",
+        {{getter_callback}},
+        {{setter_callback}},
+        {{property_attribute}},
+        {{property_location(method)}},
+        {{holder_check}},
+        V8DOMConfiguration::kHasSideEffect,
+        V8DOMConfiguration::kAlwaysCallGetter,
+        V8DOMConfiguration::NonMainWorlds,
+    }
 {% else %}
-    {"{{method.name}}", {{getter_callback}}, {{setter_callback}}, {{property_attribute}}, {{property_location(method)}}, {{holder_check}}, V8DOMConfiguration::kHasSideEffect, V8DOMConfiguration::kAlwaysCallGetter, V8DOMConfiguration::kAllWorlds}
+    {
+        "{{method.name}}",
+        {{getter_callback}},
+        {{setter_callback}},
+        {{property_attribute}},
+        {{property_location(method)}},
+        {{holder_check}},
+        V8DOMConfiguration::kHasSideEffect,
+        V8DOMConfiguration::kAlwaysCallGetter,
+        V8DOMConfiguration::kAllWorlds,
+    }
 {% endif %}
 };
 for (const auto& attributeConfig : {{method.name}}OriginSafeAttributeConfiguration)

--- a/third_party/blink/renderer/bindings/templates/methods.cc.tmpl
+++ b/third_party/blink/renderer/bindings/templates/methods.cc.tmpl
@@ -507,7 +507,6 @@ void {{v8_class_or_partial}}::{{method.camel_case_name}}MethodCallback{{world_su
 {##############################################################################}
 {% macro origin_safe_method_getter(method, world_suffix) %}
 static void {{method.camel_case_name}}OriginSafeMethodGetter{{world_suffix}}(const v8::PropertyCallbackInfo<v8::Value>& info) {
-  static int dom_template_key; // This address is used for a key to look up the dom template.
  v8::Isolate* isolate = info.GetIsolate();
  V8PerIsolateData* data = V8PerIsolateData::From(isolate);
  const DOMWrapperWorld& world =
@@ -517,6 +516,14 @@ static void {{method.camel_case_name}}OriginSafeMethodGetter{{world_suffix}}(con
  v8::Local<v8::Signature> signature =
      v8::Signature::New(isolate, interface_template);
+  {{cpp_class}}* impl = {{v8_class}}::ToImpl(info.Holder());
+  // Different FunctionTemplates should be used between cross-origin access and
+  // same-origin access.
+  if (!BindingSecurity::ShouldAllowAccessTo(
+          CurrentDOMWindow(isolate), impl,
+          BindingSecurity::ErrorReportOption::kDoNotReport)) {
+    static int dom_template_key; // This address is used for a key to look up the dom template.
    v8::Local<v8::FunctionTemplate> method_template =
        data->FindOrCreateOperationTemplate(
            world,
@@ -526,10 +533,6 @@ static void {{method.camel_case_name}}OriginSafeMethodGetter{{world_suffix}}(con
            signature,
            {{method.length}});
-  {{cpp_class}}* impl = {{v8_class}}::ToImpl(info.Holder());
-  if (!BindingSecurity::ShouldAllowAccessTo(
-          CurrentDOMWindow(isolate), impl,
-          BindingSecurity::ErrorReportOption::kDoNotReport)) {
    V8SetReturnValue(
        info,
        method_template->GetFunction(
@@ -537,6 +540,17 @@ static void {{method.camel_case_name}}OriginSafeMethodGetter{{world_suffix}}(con
    return;
  }
+  static int dom_template_key; // This address is used for a key to look up the dom template.
+  v8::Local<v8::FunctionTemplate> method_template =
+      data->FindOrCreateOperationTemplate(
+          world,
+          &dom_template_key,
+          {{v8_class_or_partial}}::{{method.camel_case_name}}MethodCallback{{world_suffix}},
+          v8::Local<v8::Value>(),
+          signature,
+          {{method.length}});
  // When the web author overwrote the property, return the overwriting value.
  //
  // "{{method.name}}" must be the same as |name_in_utf8| (=name) in

--- a/third_party/blink/renderer/bindings/tests/results/core/v8_test_interface_check_security.cc
+++ b/third_party/blink/renderer/bindings/tests/results/core/v8_test_interface_check_security.cc
@@ -193,7 +193,6 @@ static void DoNotCheckSecurityVoidMethodMethod(const v8::FunctionCallbackInfo<v8
 }
 static void DoNotCheckSecurityVoidMethodOriginSafeMethodGetter(const v8::PropertyCallbackInfo<v8::Value>& info) {
-  static int dom_template_key; // This address is used for a key to look up the dom template.
  v8::Isolate* isolate = info.GetIsolate();
  V8PerIsolateData* data = V8PerIsolateData::From(isolate);
  const DOMWrapperWorld& world =
@@ -203,6 +202,14 @@ static void DoNotCheckSecurityVoidMethodOriginSafeMethodGetter(const v8::Propert
  v8::Local<v8::Signature> signature =
      v8::Signature::New(isolate, interface_template);
+  TestInterfaceCheckSecurity* impl = V8TestInterfaceCheckSecurity::ToImpl(info.Holder());
+  // Different FunctionTemplates should be used between cross-origin access and
+  // same-origin access.
+  if (!BindingSecurity::ShouldAllowAccessTo(
+          CurrentDOMWindow(isolate), impl,
+          BindingSecurity::ErrorReportOption::kDoNotReport)) {
+    static int dom_template_key; // This address is used for a key to look up the dom template.
    v8::Local<v8::FunctionTemplate> method_template =
        data->FindOrCreateOperationTemplate(
            world,
@@ -212,10 +219,6 @@ static void DoNotCheckSecurityVoidMethodOriginSafeMethodGetter(const v8::Propert
            signature,
            0);
-  TestInterfaceCheckSecurity* impl = V8TestInterfaceCheckSecurity::ToImpl(info.Holder());
-  if (!BindingSecurity::ShouldAllowAccessTo(
-          CurrentDOMWindow(isolate), impl,
-          BindingSecurity::ErrorReportOption::kDoNotReport)) {
    V8SetReturnValue(
        info,
        method_template->GetFunction(
@@ -223,6 +226,17 @@ static void DoNotCheckSecurityVoidMethodOriginSafeMethodGetter(const v8::Propert
    return;
  }
+  static int dom_template_key; // This address is used for a key to look up the dom template.
+  v8::Local<v8::FunctionTemplate> method_template =
+      data->FindOrCreateOperationTemplate(
+          world,
+          &dom_template_key,
+          V8TestInterfaceCheckSecurity::DoNotCheckSecurityVoidMethodMethodCallback,
+          v8::Local<v8::Value>(),
+          signature,
+          0);
  // When the web author overwrote the property, return the overwriting value.
  //
  // "doNotCheckSecurityVoidMethod" must be the same as |name_in_utf8| (=name) in
@@ -247,7 +261,6 @@ static void DoNotCheckSecurityPerWorldBindingsVoidMethodMethod(const v8::Functio
 }
 static void DoNotCheckSecurityPerWorldBindingsVoidMethodOriginSafeMethodGetter(const v8::PropertyCallbackInfo<v8::Value>& info) {
-  static int dom_template_key; // This address is used for a key to look up the dom template.
  v8::Isolate* isolate = info.GetIsolate();
  V8PerIsolateData* data = V8PerIsolateData::From(isolate);
  const DOMWrapperWorld& world =
@@ -257,6 +270,14 @@ static void DoNotCheckSecurityPerWorldBindingsVoidMethodOriginSafeMethodGetter(c
  v8::Local<v8::Signature> signature =
      v8::Signature::New(isolate, interface_template);
+  TestInterfaceCheckSecurity* impl = V8TestInterfaceCheckSecurity::ToImpl(info.Holder());
+  // Different FunctionTemplates should be used between cross-origin access and
+  // same-origin access.
+  if (!BindingSecurity::ShouldAllowAccessTo(
+          CurrentDOMWindow(isolate), impl,
+          BindingSecurity::ErrorReportOption::kDoNotReport)) {
+    static int dom_template_key; // This address is used for a key to look up the dom template.
    v8::Local<v8::FunctionTemplate> method_template =
        data->FindOrCreateOperationTemplate(
            world,
@@ -266,10 +287,6 @@ static void DoNotCheckSecurityPerWorldBindingsVoidMethodOriginSafeMethodGetter(c
            signature,
            0);
-  TestInterfaceCheckSecurity* impl = V8TestInterfaceCheckSecurity::ToImpl(info.Holder());
-  if (!BindingSecurity::ShouldAllowAccessTo(
-          CurrentDOMWindow(isolate), impl,
-          BindingSecurity::ErrorReportOption::kDoNotReport)) {
    V8SetReturnValue(
        info,
        method_template->GetFunction(
@@ -277,6 +294,17 @@ static void DoNotCheckSecurityPerWorldBindingsVoidMethodOriginSafeMethodGetter(c
    return;
  }
+  static int dom_template_key; // This address is used for a key to look up the dom template.
+  v8::Local<v8::FunctionTemplate> method_template =
+      data->FindOrCreateOperationTemplate(
+          world,
+          &dom_template_key,
+          V8TestInterfaceCheckSecurity::DoNotCheckSecurityPerWorldBindingsVoidMethodMethodCallback,
+          v8::Local<v8::Value>(),
+          signature,
+          0);
  // When the web author overwrote the property, return the overwriting value.
  //
  // "doNotCheckSecurityPerWorldBindingsVoidMethod" must be the same as |name_in_utf8| (=name) in
@@ -301,7 +329,6 @@ static void DoNotCheckSecurityPerWorldBindingsVoidMethodMethodForMainWorld(const
 }
 static void DoNotCheckSecurityPerWorldBindingsVoidMethodOriginSafeMethodGetterForMainWorld(const v8::PropertyCallbackInfo<v8::Value>& info) {
-  static int dom_template_key; // This address is used for a key to look up the dom template.
  v8::Isolate* isolate = info.GetIsolate();
  V8PerIsolateData* data = V8PerIsolateData::From(isolate);
  const DOMWrapperWorld& world =
@@ -311,6 +338,14 @@ static void DoNotCheckSecurityPerWorldBindingsVoidMethodOriginSafeMethodGetterFo
  v8::Local<v8::Signature> signature =
      v8::Signature::New(isolate, interface_template);
+  TestInterfaceCheckSecurity* impl = V8TestInterfaceCheckSecurity::ToImpl(info.Holder());
+  // Different FunctionTemplates should be used between cross-origin access and
+  // same-origin access.
+  if (!BindingSecurity::ShouldAllowAccessTo(
+          CurrentDOMWindow(isolate), impl,
+          BindingSecurity::ErrorReportOption::kDoNotReport)) {
+    static int dom_template_key; // This address is used for a key to look up the dom template.
    v8::Local<v8::FunctionTemplate> method_template =
        data->FindOrCreateOperationTemplate(
            world,
@@ -320,10 +355,6 @@ static void DoNotCheckSecurityPerWorldBindingsVoidMethodOriginSafeMethodGetterFo
            signature,
            0);
-  TestInterfaceCheckSecurity* impl = V8TestInterfaceCheckSecurity::ToImpl(info.Holder());
-  if (!BindingSecurity::ShouldAllowAccessTo(
-          CurrentDOMWindow(isolate), impl,
-          BindingSecurity::ErrorReportOption::kDoNotReport)) {
    V8SetReturnValue(
        info,
        method_template->GetFunction(
@@ -331,6 +362,17 @@ static void DoNotCheckSecurityPerWorldBindingsVoidMethodOriginSafeMethodGetterFo
    return;
  }
+  static int dom_template_key; // This address is used for a key to look up the dom template.
+  v8::Local<v8::FunctionTemplate> method_template =
+      data->FindOrCreateOperationTemplate(
+          world,
+          &dom_template_key,
+          V8TestInterfaceCheckSecurity::DoNotCheckSecurityPerWorldBindingsVoidMethodMethodCallbackForMainWorld,
+          v8::Local<v8::Value>(),
+          signature,
+          0);
  // When the web author overwrote the property, return the overwriting value.
  //
  // "doNotCheckSecurityPerWorldBindingsVoidMethod" must be the same as |name_in_utf8| (=name) in
@@ -355,7 +397,6 @@ static void DoNotCheckSecurityUnforgeableVoidMethodMethod(const v8::FunctionCall
 }
 static void DoNotCheckSecurityUnforgeableVoidMethodOriginSafeMethodGetter(const v8::PropertyCallbackInfo<v8::Value>& info) {
-  static int dom_template_key; // This address is used for a key to look up the dom template.
  v8::Isolate* isolate = info.GetIsolate();
  V8PerIsolateData* data = V8PerIsolateData::From(isolate);
  const DOMWrapperWorld& world =
@@ -365,6 +406,14 @@ static void DoNotCheckSecurityUnforgeableVoidMethodOriginSafeMethodGetter(const
  v8::Local<v8::Signature> signature =
      v8::Signature::New(isolate, interface_template);
+  TestInterfaceCheckSecurity* impl = V8TestInterfaceCheckSecurity::ToImpl(info.Holder());
+  // Different FunctionTemplates should be used between cross-origin access and
+  // same-origin access.
+  if (!BindingSecurity::ShouldAllowAccessTo(
+          CurrentDOMWindow(isolate), impl,
+          BindingSecurity::ErrorReportOption::kDoNotReport)) {
+    static int dom_template_key; // This address is used for a key to look up the dom template.
    v8::Local<v8::FunctionTemplate> method_template =
        data->FindOrCreateOperationTemplate(
            world,
@@ -374,10 +423,6 @@ static void DoNotCheckSecurityUnforgeableVoidMethodOriginSafeMethodGetter(const
            signature,
            0);
-  TestInterfaceCheckSecurity* impl = V8TestInterfaceCheckSecurity::ToImpl(info.Holder());
-  if (!BindingSecurity::ShouldAllowAccessTo(
-          CurrentDOMWindow(isolate), impl,
-          BindingSecurity::ErrorReportOption::kDoNotReport)) {
    V8SetReturnValue(
        info,
        method_template->GetFunction(
@@ -385,6 +430,17 @@ static void DoNotCheckSecurityUnforgeableVoidMethodOriginSafeMethodGetter(const
    return;
  }
+  static int dom_template_key; // This address is used for a key to look up the dom template.
+  v8::Local<v8::FunctionTemplate> method_template =
+      data->FindOrCreateOperationTemplate(
+          world,
+          &dom_template_key,
+          V8TestInterfaceCheckSecurity::DoNotCheckSecurityUnforgeableVoidMethodMethodCallback,
+          v8::Local<v8::Value>(),
+          signature,
+          0);
  // When the web author overwrote the property, return the overwriting value.
  //
  // "doNotCheckSecurityUnforgeableVoidMethod" must be the same as |name_in_utf8| (=name) in
@@ -506,7 +562,6 @@ static void DoNotCheckSecurityVoidOverloadMethodMethod(const v8::FunctionCallbac
 }
 static void DoNotCheckSecurityVoidOverloadMethodOriginSafeMethodGetter(const v8::PropertyCallbackInfo<v8::Value>& info) {
-  static int dom_template_key; // This address is used for a key to look up the dom template.
  v8::Isolate* isolate = info.GetIsolate();
  V8PerIsolateData* data = V8PerIsolateData::From(isolate);
  const DOMWrapperWorld& world =
@@ -516,6 +571,14 @@ static void DoNotCheckSecurityVoidOverloadMethodOriginSafeMethodGetter(const v8:
  v8::Local<v8::Signature> signature =
      v8::Signature::New(isolate, interface_template);
+  TestInterfaceCheckSecurity* impl = V8TestInterfaceCheckSecurity::ToImpl(info.Holder());
+  // Different FunctionTemplates should be used between cross-origin access and
+  // same-origin access.
+  if (!BindingSecurity::ShouldAllowAccessTo(
+          CurrentDOMWindow(isolate), impl,
+          BindingSecurity::ErrorReportOption::kDoNotReport)) {
+    static int dom_template_key; // This address is used for a key to look up the dom template.
    v8::Local<v8::FunctionTemplate> method_template =
        data->FindOrCreateOperationTemplate(
            world,
@@ -525,10 +588,6 @@ static void DoNotCheckSecurityVoidOverloadMethodOriginSafeMethodGetter(const v8:
            signature,
            test_interface_check_security_v8_internal::DoNotCheckSecurityVoidOverloadMethodMethodLength());
-  TestInterfaceCheckSecurity* impl = V8TestInterfaceCheckSecurity::ToImpl(info.Holder());
-  if (!BindingSecurity::ShouldAllowAccessTo(
-          CurrentDOMWindow(isolate), impl,
-          BindingSecurity::ErrorReportOption::kDoNotReport)) {
    V8SetReturnValue(
        info,
        method_template->GetFunction(
@@ -536,6 +595,17 @@ static void DoNotCheckSecurityVoidOverloadMethodOriginSafeMethodGetter(const v8:
    return;
  }
+  static int dom_template_key; // This address is used for a key to look up the dom template.
+  v8::Local<v8::FunctionTemplate> method_template =
+      data->FindOrCreateOperationTemplate(
+          world,
+          &dom_template_key,
+          V8TestInterfaceCheckSecurity::DoNotCheckSecurityVoidOverloadMethodMethodCallback,
+          v8::Local<v8::Value>(),
+          signature,
+          test_interface_check_security_v8_internal::DoNotCheckSecurityVoidOverloadMethodMethodLength());
  // When the web author overwrote the property, return the overwriting value.
  //
  // "doNotCheckSecurityVoidOverloadMethod" must be the same as |name_in_utf8| (=name) in
@@ -920,23 +990,73 @@ static void InstallV8TestInterfaceCheckSecurityTemplate(
  // Custom signature
  static const V8DOMConfiguration::AttributeConfiguration doNotCheckSecurityVoidMethodOriginSafeAttributeConfiguration[] = {
-      {"doNotCheckSecurityVoidMethod", V8TestInterfaceCheckSecurity::DoNotCheckSecurityVoidMethodOriginSafeMethodGetterCallback, V8TestInterfaceCheckSecurity::TestInterfaceCheckSecurityOriginSafeMethodSetterCallback, static_cast<v8::PropertyAttribute>(v8::None), V8DOMConfiguration::kOnInstance, V8DOMConfiguration::kCheckHolder, V8DOMConfiguration::kHasSideEffect, V8DOMConfiguration::kAlwaysCallGetter, V8DOMConfiguration::kAllWorlds}
+      {
+          "doNotCheckSecurityVoidMethod",
+          V8TestInterfaceCheckSecurity::DoNotCheckSecurityVoidMethodOriginSafeMethodGetterCallback,
+          V8TestInterfaceCheckSecurity::TestInterfaceCheckSecurityOriginSafeMethodSetterCallback,
+          static_cast<v8::PropertyAttribute>(v8::None),
+          V8DOMConfiguration::kOnInstance,
+          V8DOMConfiguration::kCheckHolder,
+          V8DOMConfiguration::kHasSideEffect,
+          V8DOMConfiguration::kAlwaysCallGetter,
+          V8DOMConfiguration::kAllWorlds,
+      }
  };
   for (const auto& attributeConfig : doNotCheckSecurityVoidMethodOriginSafeAttributeConfiguration)
    V8DOMConfiguration::InstallAttribute(isolate, world, instance_template, prototype_template, attributeConfig);
  static const V8DOMConfiguration::AttributeConfiguration doNotCheckSecurityPerWorldBindingsVoidMethodOriginSafeAttributeConfiguration[] = {
-      {"doNotCheckSecurityPerWorldBindingsVoidMethod", V8TestInterfaceCheckSecurity::DoNotCheckSecurityPerWorldBindingsVoidMethodOriginSafeMethodGetterCallbackForMainWorld, V8TestInterfaceCheckSecurity::TestInterfaceCheckSecurityOriginSafeMethodSetterCallbackForMainWorld, static_cast<v8::PropertyAttribute>(v8::None), V8DOMConfiguration::kOnInstance, V8DOMConfiguration::kCheckHolder, V8DOMConfiguration::kHasSideEffect, V8DOMConfiguration::kAlwaysCallGetter, V8DOMConfiguration::MainWorld},
+      {
-      {"doNotCheckSecurityPerWorldBindingsVoidMethod", V8TestInterfaceCheckSecurity::DoNotCheckSecurityPerWorldBindingsVoidMethodOriginSafeMethodGetterCallback, V8TestInterfaceCheckSecurity::TestInterfaceCheckSecurityOriginSafeMethodSetterCallback, static_cast<v8::PropertyAttribute>(v8::None), V8DOMConfiguration::kOnInstance, V8DOMConfiguration::kCheckHolder, V8DOMConfiguration::kHasSideEffect, V8DOMConfiguration::kAlwaysCallGetter, V8DOMConfiguration::NonMainWorlds}}
+          "doNotCheckSecurityPerWorldBindingsVoidMethod",
+          V8TestInterfaceCheckSecurity::DoNotCheckSecurityPerWorldBindingsVoidMethodOriginSafeMethodGetterCallbackForMainWorld,
+          V8TestInterfaceCheckSecurity::TestInterfaceCheckSecurityOriginSafeMethodSetterCallbackForMainWorld,
+          static_cast<v8::PropertyAttribute>(v8::None),
+          V8DOMConfiguration::kOnInstance,
+          V8DOMConfiguration::kCheckHolder,
+          V8DOMConfiguration::kHasSideEffect,
+          V8DOMConfiguration::kAlwaysCallGetter,
+          V8DOMConfiguration::MainWorld,
+      },
+      {
+          "doNotCheckSecurityPerWorldBindingsVoidMethod",
+          V8TestInterfaceCheckSecurity::DoNotCheckSecurityPerWorldBindingsVoidMethodOriginSafeMethodGetterCallback,
+          V8TestInterfaceCheckSecurity::TestInterfaceCheckSecurityOriginSafeMethodSetterCallback,
+          static_cast<v8::PropertyAttribute>(v8::None),
+          V8DOMConfiguration::kOnInstance,
+          V8DOMConfiguration::kCheckHolder,
+          V8DOMConfiguration::kHasSideEffect,
+          V8DOMConfiguration::kAlwaysCallGetter,
+          V8DOMConfiguration::NonMainWorlds,
+      }
  };
   for (const auto& attributeConfig : doNotCheckSecurityPerWorldBindingsVoidMethodOriginSafeAttributeConfiguration)
    V8DOMConfiguration::InstallAttribute(isolate, world, instance_template, prototype_template, attributeConfig);
  static const V8DOMConfiguration::AttributeConfiguration doNotCheckSecurityUnforgeableVoidMethodOriginSafeAttributeConfiguration[] = {
-      {"doNotCheckSecurityUnforgeableVoidMethod", V8TestInterfaceCheckSecurity::DoNotCheckSecurityUnforgeableVoidMethodOriginSafeMethodGetterCallback, nullptr, static_cast<v8::PropertyAttribute>(v8::ReadOnly | v8::DontDelete), V8DOMConfiguration::kOnInstance, V8DOMConfiguration::kCheckHolder, V8DOMConfiguration::kHasSideEffect, V8DOMConfiguration::kAlwaysCallGetter, V8DOMConfiguration::kAllWorlds}
+      {
+          "doNotCheckSecurityUnforgeableVoidMethod",
+          V8TestInterfaceCheckSecurity::DoNotCheckSecurityUnforgeableVoidMethodOriginSafeMethodGetterCallback,
+          nullptr,
+          static_cast<v8::PropertyAttribute>(v8::ReadOnly | v8::DontDelete),
+          V8DOMConfiguration::kOnInstance,
+          V8DOMConfiguration::kCheckHolder,
+          V8DOMConfiguration::kHasSideEffect,
+          V8DOMConfiguration::kAlwaysCallGetter,
+          V8DOMConfiguration::kAllWorlds,
+      }
  };
   for (const auto& attributeConfig : doNotCheckSecurityUnforgeableVoidMethodOriginSafeAttributeConfiguration)
    V8DOMConfiguration::InstallAttribute(isolate, world, instance_template, prototype_template, attributeConfig);
  static const V8DOMConfiguration::AttributeConfiguration doNotCheckSecurityVoidOverloadMethodOriginSafeAttributeConfiguration[] = {
-      {"doNotCheckSecurityVoidOverloadMethod", V8TestInterfaceCheckSecurity::DoNotCheckSecurityVoidOverloadMethodOriginSafeMethodGetterCallback, V8TestInterfaceCheckSecurity::TestInterfaceCheckSecurityOriginSafeMethodSetterCallback, static_cast<v8::PropertyAttribute>(v8::None), V8DOMConfiguration::kOnInstance, V8DOMConfiguration::kCheckHolder, V8DOMConfiguration::kHasSideEffect, V8DOMConfiguration::kAlwaysCallGetter, V8DOMConfiguration::kAllWorlds}
+      {
+          "doNotCheckSecurityVoidOverloadMethod",
+          V8TestInterfaceCheckSecurity::DoNotCheckSecurityVoidOverloadMethodOriginSafeMethodGetterCallback,
+          V8TestInterfaceCheckSecurity::TestInterfaceCheckSecurityOriginSafeMethodSetterCallback,
+          static_cast<v8::PropertyAttribute>(v8::None),
+          V8DOMConfiguration::kOnInstance,
+          V8DOMConfiguration::kCheckHolder,
+          V8DOMConfiguration::kHasSideEffect,
+          V8DOMConfiguration::kAlwaysCallGetter,
+          V8DOMConfiguration::kAllWorlds,
+      }
  };
   for (const auto& attributeConfig : doNotCheckSecurityVoidOverloadMethodOriginSafeAttributeConfiguration)
    V8DOMConfiguration::InstallAttribute(isolate, world, instance_template, prototype_template, attributeConfig);

--- a/third_party/blink/web_tests/external/wpt/html/browsers/origin/cross-origin-objects/cross-origin-objects-expected.txt
+++ b/third_party/blink/web_tests/external/wpt/html/browsers/origin/cross-origin-objects/cross-origin-objects-expected.txt
 This is a testharness.js-based test.
-Found 90 tests; 42 PASS, 48 FAIL, 0 TIMEOUT, 0 NOTRUN.
+Found 90 tests; 45 PASS, 45 FAIL, 0 TIMEOUT, 0 NOTRUN.
 PASS Basic sanity-checking (cross-origin)
 PASS Basic sanity-checking (same-origin + document.domain)
 PASS Basic sanity-checking (cross-site)
@@ -66,9 +66,9 @@ PASS Cross-origin functions get local Function.prototype (cross-site)
 FAIL Cross-origin Window accessors get local Function.prototype (cross-origin) Cannot read property 'name' of undefined
 FAIL Cross-origin Window accessors get local Function.prototype (same-origin + document.domain) Cannot read property 'name' of undefined
 FAIL Cross-origin Window accessors get local Function.prototype (cross-site) Cannot read property 'name' of undefined
-FAIL Same-origin observers get different functions for cross-origin objects (cross-origin) assert_not_equals: cross-origin Window functions get their own object got disallowed value function "function () { [native code] }"
+PASS Same-origin observers get different functions for cross-origin objects (cross-origin)
-FAIL Same-origin observers get different functions for cross-origin objects (same-origin + document.domain) assert_not_equals: cross-origin Window functions get their own object got disallowed value function "function () { [native code] }"
+PASS Same-origin observers get different functions for cross-origin objects (same-origin + document.domain)
-FAIL Same-origin observers get different functions for cross-origin objects (cross-site) assert_not_equals: cross-origin Window functions get their own object got disallowed value function "function () { [native code] }"
+PASS Same-origin observers get different functions for cross-origin objects (cross-site)
 FAIL Same-origin observers get different accessors for cross-origin Window (cross-origin) assert_not_equals: different Window accessors per-incumbent script settings object got disallowed value undefined
 FAIL Same-origin observers get different accessors for cross-origin Window (same-origin + document.domain) assert_not_equals: different Window accessors per-incumbent script settings object got disallowed value undefined
 FAIL Same-origin observers get different accessors for cross-origin Window (cross-site) assert_not_equals: different Window accessors per-incumbent script settings object got disallowed value undefined