154270 – Do security checks early in JSDOMWindow::put*()

RESOLVED FIXED 154270

Do security checks early in JSDOMWindow::put*()

https://bugs.webkit.org/show_bug.cgi?id=154270

Summary Do security checks early in JSDOMWindow::put*()

Chris Dumez

Reported 2016-02-15 17:14:43 PST

Do security checks early in JSDOMWindow::put*() to make it less error-prone. Also lock-down further to return early when trying to set cross-origin any other property than "location" instead of relying only on individual setters to do the security checks.

Attachments
Patch (13.26 KB, patch) 2016-02-15 18:54 PST, Chris Dumez	no flags	Details Formatted Diff Diff
View All Add attachment proposed patch, testcase, etc.

Chris Dumez

Comment 1 2016-02-15 18:54:10 PST

Created attachment 271404 [details] Patch

WebKit Commit Bot

Comment 2 2016-02-16 00:11:46 PST

Comment on attachment 271404 [details] Patch Clearing flags on attachment: 271404 Committed r196628: <http://trac.webkit.org/changeset/196628>

WebKit Commit Bot

Comment 3 2016-02-16 00:11:51 PST

All reviewed patches have been landed. Closing bug.

Note You need to log in before you can comment on or make changes to this bug.

Status RESOLVED

Resolution FIXED

Priority P2

Severity Normal

Classification Unclassified

Version WebKit Nightly Build

Hardware Unspecified

OS Unspecified

Product WebKit

Component Bindings

Assignee

Chris Dumez

Reported

2016-02-15 17:14 PST

Modified

2016-02-16 00:11 PST History

CC List

5 users Show

URL

Keywords

Depends on

Blocks

154120

Dependencies

tree graph