[Webkit-unassigned] [Bug 50265] Webkit should not alow cross origin scripts to access the HTMLDocument object
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Wed Dec 1 11:29:07 PST 2010
https://bugs.webkit.org/show_bug.cgi?id=50265
Alexey Proskuryakov <ap at webkit.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|UNCONFIRMED |RESOLVED
Resolution| |INVALID
--- Comment #3 from Alexey Proskuryakov <ap at webkit.org> 2010-12-01 11:29:07 PST ---
This is correct behavior. Scripts don't have security origins of their own - only documents do.
The cross origin scripting limitations described in HTML5 (and implemented in WebKit) are about things like subframes and child windows.
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list