Bug 43504

Summary: location.href does not throw SECURITY_ERR when accessed across origins
Product: WebKit Reporter: Mihai Parparita <mihaip>
Component: WebCore JavaScriptAssignee: Chris Dumez <cdumez>
Status: RESOLVED DUPLICATE    
Severity: Normal CC: abarth, annevk, ap, bugs.webkit.org, dpranke, j, levin, mkwst, sam, tonyg
Priority: P2 Keywords: EasyFix, HasReduction, HTML5
Version: 528+ (Nightly build)   
Hardware: All   
OS: All   
Bug Depends on: 43891, 43892    
Bug Blocks: 98408    

Description Mihai Parparita 2010-08-04 12:51:38 PDT
The HTML5 spec is pretty clear about this:

http://www.whatwg.org/specs/web-apps/current-work/multipage/history.html#security-location

For a test case, see the frames[0].location.href line of:

http://persistent.info/webkit/test-cases/iframe-location-href.html?http://example.com

It just shows that the return value is undefined, with no exception being thrown.

Gecko and IE do throw the exception.
Comment 1 Mihai Parparita 2010-08-04 12:53:04 PDT
Alexey, adding you to the cc list since you mentioned this in comment 5 of bug 17627. I couldn't find another bug filed for this issue, but perhaps you're aware of one.
Comment 2 Mihai Parparita 2010-08-11 18:35:42 PDT
Since fixing the V8 bindings is significantly more complex than the JSC ones (see http://groups.google.com/group/v8-users/browse_thread/thread/e73680b6ca97a46d), I've split this bug into two (bug 43891 and bug 43892), since it'll be two pretty different patches.
Comment 3 David Levin 2012-03-22 16:25:23 PDT
*** Bug 81973 has been marked as a duplicate of this bug. ***
Comment 4 Mike West 2012-09-28 00:35:11 PDT
Mihai, I'm going to pick this up if you don't mind.
Comment 5 Mike West 2013-02-04 05:12:23 PST
Poking the webkit-dev bear again: https://lists.webkit.org/pipermail/webkit-dev/2013-February/023636.html
Comment 6 Anne van Kesteren 2017-03-30 00:04:49 PDT
Chris, I think you fixed this and some of the other bugs here too right? I can't reproduce comment 0 anymore in Safari TP anyway.
Comment 7 Chris Dumez 2017-03-30 08:52:39 PDT

*** This bug has been marked as a duplicate of bug 161368 ***
Comment 8 Chris Dumez 2017-03-30 08:52:58 PDT
(In reply to Anne van Kesteren from comment #6)
> Chris, I think you fixed this and some of the other bugs here too right? I
> can't reproduce comment 0 anymore in Safari TP anyway.

Yes, thanks.