154779 – Prevent cross-origin access to Location.assign() / Location.reload()

Bug 154779 - Prevent cross-origin access to Location.assign() / Location.reload()

Summary: Prevent cross-origin access to Location.assign() / Location.reload()

Status:	RESOLVED FIXED

Alias:	None

Product:	WebKit
Classification:	Unclassified
Component:	DOM (show other bugs)
Version:	WebKit Nightly Build
Hardware:	Unspecified Unspecified

Importance:	P2 Normal
Assignee:	Chris Dumez

URL:	https://html.spec.whatwg.org/multipag...
Keywords:	WebExposed

Depends on:
Blocks:

Reported:	2016-02-27 12:47 PST by Chris Dumez
Modified:	2016-02-27 16:50 PST (History)
CC List:	3 users (show)

See Also:

Attachments
Patch (16.93 KB, patch) 2016-02-27 13:27 PST, Chris Dumez	no flags	Details \| Formatted Diff \| Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Chris Dumez 2016-02-27 12:47:54 PST

Prevent cross-origin access to Location.assign() / Location.reload() to match the latest specification:
https://html.spec.whatwg.org/multipage/browsers.html#crossoriginproperties-(-o-)

Firefox and Chrome already prevent this but Safari allows it.

We should only allow cross origin access to Location.replace() and the Location.href setter.

Comment 1 Chris Dumez 2016-02-27 13:27:20 PST

Created attachment 272421 [details]
Patch

Comment 2 WebKit Commit Bot 2016-02-27 16:50:22 PST

Comment on attachment 272421 [details]
Patch

Clearing flags on attachment: 272421

Committed r197263: <http://trac.webkit.org/changeset/197263>

Comment 3 WebKit Commit Bot 2016-02-27 16:50:26 PST

All reviewed patches have been landed.  Closing bug.