[Webkit-unassigned] [Bug 119284] New: Cross-origin access to Location::reload() should throw a SecurityError
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Tue Jul 30 15:57:53 PDT 2013
https://bugs.webkit.org/show_bug.cgi?id=119284
Summary: Cross-origin access to Location::reload() should throw
a SecurityError
Product: WebKit
Version: 528+ (Nightly build)
Platform: Unspecified
OS/Version: Unspecified
Status: NEW
Keywords: BlinkMergeCandidate
Severity: Normal
Priority: P2
Component: Page Loading
AssignedTo: webkit-unassigned at lists.webkit.org
ReportedBy: rniwa at webkit.org
CC: ap at webkit.org, beidson at apple.com, aestes at apple.com
Consider merging https://chromium.googlesource.com/chromium/blink/+/c63cc03a571db043e50e904a6b462251f3ab6c1f
Location's 'reload' property is currently special-cased to be accessible
cross-origin, but doesn't actually perform the requested action when
executed. Instead, it dumps an error message to the console and returns
early.
Firefox's implementation throws an exception upon access of the property,
and given that we've just changed various other Location properties to
match this behavior. This also better aligns our behavior with the spec[1].
[1]: http://www.whatwg.org/specs/web-apps/current-work/multipage/history.html#security-location
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list