Summary: | location.href does not throw SECURITY_ERR when accessed across origins with V8 bindings | ||
---|---|---|---|
Product: | WebKit | Reporter: | Mihai Parparita <mihaip> |
Component: | WebCore JavaScript | Assignee: | Mike West <mkwst> |
Status: | RESOLVED INVALID | ||
Severity: | Normal | CC: | levin, mkwst, syoichi |
Priority: | P2 | ||
Version: | 528+ (Nightly build) | ||
Hardware: | All | ||
OS: | All | ||
Bug Depends on: | |||
Bug Blocks: | 43504 |
Description
Mihai Parparita
2010-08-11 18:33:47 PDT
Once Chromium picks up the V8 change to allow allocations in the failed access check callback (code.google.com/p/v8/source/detail?r=5257), this should be pretty straightforward. So, looks like the initial V8 bit rolled in, but it's still not possible to directly throw an exception from the FailedAccessCheckCallback. Filed http://code.google.com/p/v8/issues/detail?id=2524, I'll poke at the V8 folks once the next round of discussion on the topic goes somewhere. no v8 bindings in webkit |