[Webkit-unassigned] [Bug 38340] forbid sandboxed frames to call top.close() when allow-same-origin is not setted
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Wed May 12 17:13:29 PDT 2010
https://bugs.webkit.org/show_bug.cgi?id=38340
--- Comment #10 from Adam Barth <abarth at webkit.org> 2010-05-12 17:13:28 PST ---
> Under what circumstances can toLexicalFrame return 0?
Possibly when the calling JavaScript function was defined in a document that's no longer active. I'd have to test to see.
> Another way to factor this would be to add a version of close in DOMWindow that takes an active frame argument. Then the bindings would compute the lexical frame, and pass it. The JSDOMWindow binding would then be:
>
> JSValue JSDOMWindow::close(ExecState* exec, const ArgList&)
> {
> impl()->close(toLexicalFrame(exec));
> return jsUndefined();
> }
>
> This seems like it would be easy to autogenerate in the future too. I like the idea of having as little of the code as possible in the bindings.
Yeah, that's what I meant by Comment #6. You can see some work in that direction in Bug 38152.
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list