43504 2010-08-04 12:51:38 -0700 location.href does not throw SECURITY_ERR when accessed across origins 2017-03-30 08:52:58 -0700 1 1 1 Unclassified WebKit WebCore JavaScript 528+ (Nightly build) All All RESOLVED DUPLICATE 161368 EasyFix, HasReduction, HTML5 P2 Normal --- 43891 43892 98408 1 mihaip cdumez abarth annevk ap bugs.webkit.org dpranke j levin mkwst sam tonyg oldest_to_newest 260161 0 mihaip 2010-08-04 12:51:38 -0700 The HTML5 spec is pretty clear about this: http://www.whatwg.org/specs/web-apps/current-work/multipage/history.html#security-location For a test case, see the frames[0].location.href line of: http://persistent.info/webkit/test-cases/iframe-location-href.html?http://example.com It just shows that the return value is undefined, with no exception being thrown. Gecko and IE do throw the exception. 260162 1 mihaip 2010-08-04 12:53:04 -0700 Alexey, adding you to the cc list since you mentioned this in comment 5 of bug 17627. I couldn't find another bug filed for this issue, but perhaps you're aware of one. 263561 2 mihaip 2010-08-11 18:35:42 -0700 Since fixing the V8 bindings is significantly more complex than the JSC ones (see http://groups.google.com/group/v8-users/browse_thread/thread/e73680b6ca97a46d), I've split this bug into two (bug 43891 and bug 43892), since it'll be two pretty different patches. 585847 3 levin 2012-03-22 16:25:23 -0700 *** Bug 81973 has been marked as a duplicate of this bug. *** 730312 4 mkwst 2012-09-28 00:35:11 -0700 Mihai, I'm going to pick this up if you don't mind. 824270 5 mkwst 2013-02-04 05:12:23 -0800 Poking the webkit-dev bear again: https://lists.webkit.org/pipermail/webkit-dev/2013-February/023636.html 1292721 6 annevk 2017-03-30 00:04:49 -0700 Chris, I think you fixed this and some of the other bugs here too right? I can't reproduce comment 0 anymore in Safari TP anyway. 1292791 7 cdumez 2017-03-30 08:52:39 -0700 *** This bug has been marked as a duplicate of bug 161368 *** 1292794 8 cdumez 2017-03-30 08:52:58 -0700 (In reply to Anne van Kesteren from comment #6) > Chris, I think you fixed this and some of the other bugs here too right? I > can't reproduce comment 0 anymore in Safari TP anyway. Yes, thanks.