Created attachment 262966 [details] Patch

<rdar://problem/23082036>

Comment on attachment 262966 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=262966&action=review r=me. I think the duplicated test code could be a method, or perhaps even just a local variable, but the patch is fine as-is. > Source/WebCore/page/DOMWindow.cpp:1717 > + || (m_frame->mainFrame().document() && document()->securityOrigin()->canAccess(m_frame->mainFrame().document()->securityOrigin())))) { It seems like this test (which is repeated three times in this patch) could work as a DOMWindow method (e.g., "bool DOMWindow::frameDoesHaveCompatibleSecurityOriginToMainFrame()")

Created attachment 263018 [details] Patch

Committed r191008: <http://trac.webkit.org/changeset/191008>

Comment on attachment 263018 [details] Patch Clearing review flag as this patch was already landed per comment 5.

Hi Dean, Brent and Daniel, I was actively using device motion and orientation from a child frame. Is there a possibility of allowing an opt-in method for enabling access to device motion and orientation for the child frame? As from my perspective I will always be serving my content requiring the device motion and orientation from a separate domain but always over HTTPS. I noticed there is already an open ticket regarding such here https://bugs.webkit.org/show_bug.cgi?id=152299 Just wanted to raise some awareness as this is quite critical to my business needs. Kind Regards, Stephen Underwood