Bug 206027

Summary: Block cross-site top-frame navigations from untrusted iframes
Product: WebKit Reporter: Chris Dumez <cdumez>
Component: Page LoadingAssignee: Chris Dumez <cdumez>
Status: RESOLVED FIXED    
Severity: Normal CC: beidson, commit-queue, dbates, esprehn+autocc, ews-watchlist, ggaren, gyuyoung.kim, kangil.han, webkit-bug-importer
Priority: P2 Keywords: InRadar
Version: WebKit Nightly Build   
Hardware: Unspecified   
OS: Unspecified   
See Also: https://bugs.webkit.org/show_bug.cgi?id=193076
Attachments:
Description Flags
Patch none

Description Chris Dumez 2020-01-09 13:17:51 PST 
Block cross-site top-frame navigations from untrusted iframes.
Comment 1 Chris Dumez 2020-01-09 13:22:20 PST 
<rdar://problem/58320516>
Comment 2 Chris Dumez 2020-01-09 13:23:07 PST 
Created attachment 387263 [details]
Patch
Comment 3 Geoffrey Garen 2020-01-09 16:55:42 PST 
Comment on attachment 387263 [details]
Patch

r=me
Comment 4 WebKit Commit Bot 2020-01-09 19:38:50 PST 
Comment on attachment 387263 [details]
Patch

Clearing flags on attachment: 387263

Committed r254322: <https://trac.webkit.org/changeset/254322>
Comment 5 WebKit Commit Bot 2020-01-09 19:38:52 PST 
All reviewed patches have been landed.  Closing bug.