43892 – location.href does not throw SECURITY_ERR when accessed across origins with V8 bindings

RESOLVED INVALID 43892

location.href does not throw SECURITY_ERR when accessed across origins with V8 bindings

https://bugs.webkit.org/show_bug.cgi?id=43892

Summary location.href does not throw SECURITY_ERR when accessed across origins with V...

Mihai Parparita

Reported 2010-08-11 18:33:47 PDT

See bug 43504 for details and test case. This is about fixing the V8 bindings.

Attachments
Add attachment proposed patch, testcase, etc.

Mihai Parparita

Comment 1 2010-08-13 08:35:43 PDT

Once Chromium picks up the V8 change to allow allocations in the failed access check callback (code.google.com/p/v8/source/detail?r=5257), this should be pretty straightforward.

Mike West

Comment 2 2013-02-04 05:12:05 PST

So, looks like the initial V8 bit rolled in, but it's still not possible to directly throw an exception from the FailedAccessCheckCallback. Filed http://code.google.com/p/v8/issues/detail?id=2524, I'll poke at the V8 folks once the next round of discussion on the topic goes somewhere.

David Levin

Comment 3 2013-08-15 20:56:07 PDT

no v8 bindings in webkit

Note You need to log in before you can comment on or make changes to this bug.

Status RESOLVED

Resolution INVALID

Priority P2

Severity Normal

Classification Unclassified

Version 528+ (Nightly build)

Hardware All

OS All

Product WebKit

Component WebCore JavaScript

Assignee

Mike West

Reported

2010-08-11 18:33 PDT

Modified

2013-08-15 20:56 PDT History

CC List

3 users Show

URL

Keywords

Depends on

Blocks

43504

Dependencies

tree graph