BindingSecurity::shouldAllowAccessToNode shouldn't detour through Frame to find the...
authorabarth@webkit.org <abarth@webkit.org@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Sat, 4 Aug 2012 08:13:12 +0000 (08:13 +0000)
committerabarth@webkit.org <abarth@webkit.org@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Sat, 4 Aug 2012 08:13:12 +0000 (08:13 +0000)
commit28e55d063c24e30cc0b59c53db3ec0bef38bd77a
tree68dce011350336974eece9c2fe493225599d3c88
parent0f194fe2c4ca4be2c98c9d45f625c45701fa5fd1
BindingSecurity::shouldAllowAccessToNode shouldn't detour through Frame to find the node's document
https://bugs.webkit.org/show_bug.cgi?id=93140

Reviewed by Eric Seidel.

Previously, shouldAllowAccessToNode took a detour through the Frame to
find the Document associated with a given Node. That's crazy! Nodes
already know their documents. This patch removes the detour.

It's theoretically possible that this patch changes behavior in the
case where the Frame is 0, but I couldn't find any situations in which
we call this function on nodes in inactive documents because the
typical way you find a node worth checking security on is via
a JavaScript window object.

* bindings/generic/BindingSecurity.cpp:
(WebCore::canAccessDocument):
(WebCore::BindingSecurity::shouldAllowAccessToNode):
(WebCore::BindingSecurity::allowSettingFrameSrcToJavascriptUrl):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@124695 268f45cc-cd09-0410-ab3c-d52691b4dbfc
Source/WebCore/ChangeLog
Source/WebCore/bindings/generic/BindingSecurity.cpp