From 790b76186e32f4344f256cb2cbebc1b929a246b4 Mon Sep 17 00:00:00 2001 From: mjs Date: Fri, 21 Jan 2005 01:50:02 +0000 Subject: [PATCH] Reviewed by Ken. security fix for javascript: exploit missed one case (already fixed in updates) * khtml/ecma/kjs_window.cpp: (WindowFunc::tryCall): correct mistake in earlier fix for the following bug, caught by Adele: REGRESSION (Mail): underline behavior is flaky because of how CSS handles text-decoration git-svn-id: https://svn.webkit.org/repository/webkit/trunk@8423 268f45cc-cd09-0410-ab3c-d52691b4dbfc --- WebCore/ChangeLog-2005-08-23 | 11 +++++++++++ WebCore/khtml/ecma/kjs_window.cpp | 2 +- 2 files changed, 12 insertions(+), 1 deletion(-) diff --git a/WebCore/ChangeLog-2005-08-23 b/WebCore/ChangeLog-2005-08-23 index d910ecb3c54e..ef679ffa4b24 100644 --- a/WebCore/ChangeLog-2005-08-23 +++ b/WebCore/ChangeLog-2005-08-23 @@ -1,3 +1,14 @@ +2005-01-20 Maciej Stachowiak + + Reviewed by Ken. + + security fix for javascript: exploit missed one case (already fixed in updates) + + * khtml/ecma/kjs_window.cpp: + (WindowFunc::tryCall): correct mistake in earlier fix for the following bug, caught by Adele: + + REGRESSION (Mail): underline behavior is flaky because of how CSS handles text-decoration + 2005-01-20 Maciej Stachowiak Reviewed by Ken. diff --git a/WebCore/khtml/ecma/kjs_window.cpp b/WebCore/khtml/ecma/kjs_window.cpp index 406c9ebfcaf7..be79603659ff 100644 --- a/WebCore/khtml/ecma/kjs_window.cpp +++ b/WebCore/khtml/ecma/kjs_window.cpp @@ -1602,7 +1602,7 @@ Value WindowFunc::tryCall(ExecState *exec, Object &thisObj, const List &args) } #if APPLE_CHANGES if (!url.isEmpty()) { - const Window* window = Window::retrieveWindow(part); + const Window* window = Window::retrieveWindow(khtmlpart); if (!url.url().startsWith("javascript:", false) || (window && window->isSafeScript(exec))) { bool userGesture = static_cast(exec->dynamicInterpreter())->wasRunByUserGesture(); // FIXME: Need to pass referrer here. -- 2.36.0