Bug 154270

Summary: Do security checks early in JSDOMWindow::put*()
Product: WebKit Reporter: Chris Dumez <cdumez>
Component: BindingsAssignee: Chris Dumez <cdumez>
Status: RESOLVED FIXED    
Severity: Normal CC: barraclough, commit-queue, ggaren, mkwst, sam
Priority: P2    
Version: WebKit Nightly Build   
Hardware: Unspecified   
OS: Unspecified   
Bug Depends on:    
Bug Blocks: 154120    
Attachments:
Description Flags
Patch none

Description Chris Dumez 2016-02-15 17:14:43 PST 
Do security checks early in JSDOMWindow::put*() to make it less error-prone. Also lock-down further to return early when trying to set cross-origin any other property than "location" instead of relying only on individual setters to do the security checks.
Comment 1 Chris Dumez 2016-02-15 18:54:10 PST 
Created attachment 271404 [details]
Patch
Comment 2 WebKit Commit Bot 2016-02-16 00:11:46 PST 
Comment on attachment 271404 [details]
Patch

Clearing flags on attachment: 271404

Committed r196628: <http://trac.webkit.org/changeset/196628>
Comment 3 WebKit Commit Bot 2016-02-16 00:11:51 PST 
All reviewed patches have been landed.  Closing bug.