[[Delete]] should throw for cross-origin Window / Location objects
authorcdumez@apple.com <cdumez@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Tue, 30 Aug 2016 22:24:39 +0000 (22:24 +0000)
committercdumez@apple.com <cdumez@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Tue, 30 Aug 2016 22:24:39 +0000 (22:24 +0000)
commitb850284462ae39bbcbaddafb714855a580e85617
tree9873daa42d1f8214102afadec6c0221a04a83b66
parent428a8975506958db9b7caa9ed78d24409368228c
[[Delete]] should throw for cross-origin Window / Location objects
https://bugs.webkit.org/show_bug.cgi?id=161397

Reviewed by Ryosuke Niwa.

Source/WebCore:

[[Delete]] should throw for cross-origin Window / Location objects:
- https://github.com/whatwg/html/pull/1728

Firefox and Chrome already throw. Previously, WebKit was merely
ignoring the call and logging an error message.

No new tests, updated existing test.

* bindings/js/JSDOMWindowCustom.cpp:
(WebCore::JSDOMWindow::deleteProperty):
(WebCore::JSDOMWindow::deletePropertyByIndex):
* bindings/js/JSLocationCustom.cpp:
(WebCore::JSLocation::deleteProperty):
(WebCore::JSLocation::deletePropertyByIndex):

LayoutTests:

Update / rebaseline existing test to reflect behavior change.

* http/tests/security/cross-frame-access-delete-expected.txt:
* http/tests/security/cross-frame-access-delete.html:
* http/tests/security/resources/cross-frame-iframe-for-delete-test.html:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@205200 268f45cc-cd09-0410-ab3c-d52691b4dbfc
LayoutTests/ChangeLog
LayoutTests/http/tests/security/cross-frame-access-delete-expected.txt
LayoutTests/http/tests/security/cross-frame-access-delete.html
LayoutTests/http/tests/security/resources/cross-frame-iframe-for-delete-test.html
Source/WebCore/ChangeLog
Source/WebCore/bindings/js/JSDOMWindowCustom.cpp
Source/WebCore/bindings/js/JSLocationCustom.cpp