Prevent cross-origin access to Location.assign() / Location.reload() to match the latest specification: https://html.spec.whatwg.org/multipage/browsers.html#crossoriginproperties-(-o-) Firefox and Chrome already prevent this but Safari allows it. We should only allow cross origin access to Location.replace() and the Location.href setter.
Created attachment 272421 [details] Patch
Comment on attachment 272421 [details] Patch Clearing flags on attachment: 272421 Committed r197263: <http://trac.webkit.org/changeset/197263>
All reviewed patches have been landed. Closing bug.