Bug 43504

Summary:	location.href does not throw SECURITY_ERR when accessed across origins
Product:	WebKit	Reporter:	Mihai Parparita <mihaip>
Component:	WebCore JavaScript	Assignee:	Chris Dumez <cdumez>
Status:	RESOLVED DUPLICATE
Severity:	Normal	CC:	abarth, annevk, ap, bugs.webkit.org, dpranke, j, levin, mkwst, sam, tonyg
Priority:	P2	Keywords:	EasyFix, HasReduction, HTML5
Version:	528+ (Nightly build)
Hardware:	All
OS:	All
Bug Depends on:	43891, 43892
Bug Blocks:	98408

Mihai Parparita

Reported 2010-08-04 12:51:38 PDT

The HTML5 spec is pretty clear about this: http://www.whatwg.org/specs/web-apps/current-work/multipage/history.html#security-location For a test case, see the frames[0].location.href line of: http://persistent.info/webkit/test-cases/iframe-location-href.html?http://example.com It just shows that the return value is undefined, with no exception being thrown. Gecko and IE do throw the exception.

Attachments
Add attachment proposed patch, testcase, etc.

Mihai Parparita

Comment 1 2010-08-04 12:53:04 PDT

Alexey, adding you to the cc list since you mentioned this in comment 5 of bug 17627. I couldn't find another bug filed for this issue, but perhaps you're aware of one.

Mihai Parparita

Comment 2 2010-08-11 18:35:42 PDT

Since fixing the V8 bindings is significantly more complex than the JSC ones (see http://groups.google.com/group/v8-users/browse_thread/thread/e73680b6ca97a46d), I've split this bug into two (bug 43891 and bug 43892), since it'll be two pretty different patches.

David Levin

Comment 3 2012-03-22 16:25:23 PDT

*** Bug 81973 has been marked as a duplicate of this bug. ***

Mike West

Comment 4 2012-09-28 00:35:11 PDT

Mihai, I'm going to pick this up if you don't mind.

Mike West

Comment 5 2013-02-04 05:12:23 PST

Poking the webkit-dev bear again: https://lists.webkit.org/pipermail/webkit-dev/2013-February/023636.html

Anne van Kesteren

Comment 6 2017-03-30 00:04:49 PDT

Chris, I think you fixed this and some of the other bugs here too right? I can't reproduce comment 0 anymore in Safari TP anyway.

Chris Dumez

Comment 7 2017-03-30 08:52:39 PDT

*** This bug has been marked as a duplicate of bug 161368 ***

Chris Dumez

Comment 8 2017-03-30 08:52:58 PDT

(In reply to Anne van Kesteren from comment #6) > Chris, I think you fixed this and some of the other bugs here too right? I > can't reproduce comment 0 anymore in Safari TP anyway. Yes, thanks.

Note You need to log in before you can comment on or make changes to this bug.