161248 – Trying to access cross-origin Location properties should throw a SecurityError

Bug 161248 - Trying to access cross-origin Location properties should throw a SecurityError

Summary: Trying to access cross-origin Location properties should throw a SecurityError

Status:	RESOLVED FIXED

Alias:	None

Product:	WebKit
Classification:	Unclassified
Component:	DOM (show other bugs)
Version:	WebKit Nightly Build
Hardware:	Unspecified Unspecified

Importance:	P2 Normal
Assignee:	Chris Dumez

URL:
Keywords:	WebExposed

Depends on:
Blocks:

Reported:	2016-08-26 09:12 PDT by Chris Dumez
Modified:	2016-08-29 10:56 PDT (History)
CC List:	2 users (show)

See Also:	161270 161316

Attachments
Patch (161.63 KB, patch) 2016-08-26 09:15 PDT, Chris Dumez	no flags	Details \| Formatted Diff \| Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Chris Dumez 2016-08-26 09:12:12 PDT

Trying to access cross-origin Location properties should throw a SecurityError:
- https://html.spec.whatwg.org/#crossorigingetownpropertyhelper-(-o,-p-)
- https://html.spec.whatwg.org/#crossoriginproperties-(-o-)

Firefox and Chrome already throw. However, WebKit logs an error message and returns undefined.

Comment 1 Chris Dumez 2016-08-26 09:15:09 PDT

Created attachment 287110 [details]
Patch

Comment 2 Chris Dumez 2016-08-26 10:38:50 PDT

Comment on attachment 287110 [details]
Patch

Clearing flags on attachment: 287110

Committed r205026: <http://trac.webkit.org/changeset/205026>

Comment 3 Chris Dumez 2016-08-26 10:38:54 PDT

All reviewed patches have been landed.  Closing bug.