[SCM] WebKit Debian packaging branch, webkit-1.1, updated. upstream/1.1.16-1409-g5afdf4d

pfeldman at chromium.org pfeldman at chromium.org
Thu Dec 3 13:35:53 UTC 2009 

The following commit has been merged in the webkit-1.1 branch:
commit cde582f48bfbcf19a39f6b9f60beb76f3daa106e
Author: pfeldman at chromium.org <pfeldman at chromium.org@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Date:   Fri Nov 13 17:10:48 2009 +0000

    2009-11-13  Pavel Feldman  <pfeldman at chromium.org>
    
            Reviewed by Adam Barth.
    
            Chromium: [REGRESSION] Crash while stopping on a breakpoint.
            Rolling back r50890.
    
            https://bugs.webkit.org/show_bug.cgi?id=31467
    
            * bindings/v8/V8Proxy.cpp:
            (WebCore::V8Proxy::canAccessPrivate):
    
    
    git-svn-id: http://svn.webkit.org/repository/webkit/trunk@50946 268f45cc-cd09-0410-ab3c-d52691b4dbfc

diff --git a/LayoutTests/ChangeLog b/LayoutTests/ChangeLog
index 6f9d4d2..049b05a 100644
--- a/LayoutTests/ChangeLog
+++ b/LayoutTests/ChangeLog
@@ -1,3 +1,15 @@
+2009-11-13  Pavel Feldman  <pfeldman at chromium.org>
+
+        Reviewed by Adam Barth.
+
+        Chromium: [REGRESSION] Crash while stopping on a breakpoint.
+        Rolling back r50890.
+
+        https://bugs.webkit.org/show_bug.cgi?id=31467
+
+        * http/tests/security/calling-versus-current-expected.txt: Removed.
+        * http/tests/security/calling-versus-current.html: Removed.
+
 2009-11-13  Dirk Schulze  <krit at webkit.org>
 
         Reviewed by Gustavo Noronha.
diff --git a/LayoutTests/http/tests/security/calling-versus-current-expected.txt b/LayoutTests/http/tests/security/calling-versus-current-expected.txt
deleted file mode 100644
index aa44e7c..0000000
--- a/LayoutTests/http/tests/security/calling-versus-current-expected.txt
+++ /dev/null
@@ -1,2 +0,0 @@
-
-PASS
diff --git a/LayoutTests/http/tests/security/calling-versus-current.html b/LayoutTests/http/tests/security/calling-versus-current.html
deleted file mode 100644
index 7c50e61..0000000
--- a/LayoutTests/http/tests/security/calling-versus-current.html
+++ /dev/null
@@ -1,13 +0,0 @@
-<iframe src="resources/innocent-victim.html"></iframe>
-<div id="console">FAIL</div>
-<script>
-if (window.layoutTestController)
-    layoutTestController.dumpAsText();
-
-window.onload = function() {
-    window.f = frames[0].atob;
-    document.domain = "0.0.1";
-    if (btoa(window.f("PASS")) == "PASS")
-        document.getElementById("console").innerHTML = "PASS"
-}
-</script>
diff --git a/WebCore/ChangeLog b/WebCore/ChangeLog
index 455a7fc..8c2f402 100644
--- a/WebCore/ChangeLog
+++ b/WebCore/ChangeLog
@@ -1,3 +1,15 @@
+2009-11-13  Pavel Feldman  <pfeldman at chromium.org>
+
+        Reviewed by Adam Barth.
+
+        Chromium: [REGRESSION] Crash while stopping on a breakpoint.
+        Rolling back r50890.
+
+        https://bugs.webkit.org/show_bug.cgi?id=31467
+
+        * bindings/v8/V8Proxy.cpp:
+        (WebCore::V8Proxy::canAccessPrivate):
+
 2009-11-13  Dirk Schulze  <krit at webkit.org>
 
         Reviewed by Gustavo Noronha.
diff --git a/WebCore/bindings/v8/V8Proxy.cpp b/WebCore/bindings/v8/V8Proxy.cpp
index b785f41..de977b8 100644
--- a/WebCore/bindings/v8/V8Proxy.cpp
+++ b/WebCore/bindings/v8/V8Proxy.cpp
@@ -880,20 +880,14 @@ bool V8Proxy::canAccessPrivate(DOMWindow* targetWindow)
 
     String message;
 
-    v8::Local<v8::Context> activeContext = v8::Context::GetCalling();
-    if (activeContext.IsEmpty()) {
-        // There is a single activation record on the stack, so that must
-        // be the activeContext.
-        activeContext = v8::Context::GetCurrent();
-    }
-    DOMWindow* activeWindow = retrieveWindow(activeContext);
-    if (activeWindow == targetWindow)
+    DOMWindow* originWindow = retrieveWindow(currentContext());
+    if (originWindow == targetWindow)
         return true;
 
-    if (!activeWindow)
+    if (!originWindow)
         return false;
 
-    const SecurityOrigin* activeSecurityOrigin = activeWindow->securityOrigin();
+    const SecurityOrigin* activeSecurityOrigin = originWindow->securityOrigin();
     const SecurityOrigin* targetSecurityOrigin = targetWindow->securityOrigin();
 
     // We have seen crashes were the security origin of the target has not been
@@ -906,7 +900,7 @@ bool V8Proxy::canAccessPrivate(DOMWindow* targetWindow)
 
     // Allow access to a "about:blank" page if the dynamic context is a
     // detached context of the same frame as the blank page.
-    if (targetSecurityOrigin->isEmpty() && activeWindow->frame() == targetWindow->frame())
+    if (targetSecurityOrigin->isEmpty() && originWindow->frame() == targetWindow->frame())
         return true;
 
     return false;

-- 
WebKit Debian packaging

More information about the Pkg-webkit-commits mailing list