Bug 43892
| Summary: | location.href does not throw SECURITY_ERR when accessed across origins with V8 bindings | ||
|---|---|---|---|
| Product: | WebKit | Reporter: | Mihai Parparita <mihaip> |
| Component: | WebCore JavaScript | Assignee: | Mike West <mkwst> |
| Status: | RESOLVED INVALID | ||
| Severity: | Normal | CC: | levin, mkwst, syoichi |
| Priority: | P2 | ||
| Version: | 528+ (Nightly build) | ||
| Hardware: | All | ||
| OS: | All | ||
| Bug Depends on: | |||
| Bug Blocks: | 43504 | ||
Mihai Parparita
See bug 43504 for details and test case. This is about fixing the V8 bindings.
| Attachments | ||
|---|---|---|
| Add attachment proposed patch, testcase, etc. |
Mihai Parparita
Once Chromium picks up the V8 change to allow allocations in the failed access check callback (code.google.com/p/v8/source/detail?r=5257), this should be pretty straightforward.
Mike West
So, looks like the initial V8 bit rolled in, but it's still not possible to directly throw an exception from the FailedAccessCheckCallback. Filed http://code.google.com/p/v8/issues/detail?id=2524, I'll poke at the V8 folks once the next round of discussion on the topic goes somewhere.
David Levin
no v8 bindings in webkit