am 9cb4bc5a: am c32f1f30: Revert "Cherry pick r91611 Perform the JavaScript navigation check on a complete URL"

* commit '9cb4bc5a6824f63c41ec751a3787b2d6512fcb23': Revert "Cherry pick r91611 Perform the JavaScript navigation check on a complete URL"
author: Conley Owens <cco3@android.com> 2014-09-05 17:58:48 +0000
committer: Android Git Automerger <android-git-automerger@android.com> 2014-09-05 17:58:48 +0000
commit: f3631decfc5f78c0ca2d4de0f79b250243c44fb6 (patch)
tree: 74fcdb656cb2f8f899935e3c6c4b7274919e8069
parent: 90b4ea19e439b04457119a2d58be276e17025cfa (diff)
parent: 9cb4bc5a6824f63c41ec751a3787b2d6512fcb23 (diff)
download: webkit-f3631decfc5f78c0ca2d4de0f79b250243c44fb6.tar.gz
1 files changed, 4 insertions, 6 deletions
diff --git a/Source/WebCore/page/DOMWindow.cpp b/Source/WebCore/page/DOMWindow.cpp
index dc927acd2..1806a21cf 100644
--- a/Source/WebCore/page/DOMWindow.cpp
+++ b/Source/WebCore/page/DOMWindow.cpp
@@ -1699,7 +1699,7 @@ void DOMWindow::setLocation(const String& urlString, DOMWindow* activeWindow, DO
     if (completedURL.isNull())
         return;
 
-    if (isInsecureScriptAccess(activeWindow, completedURL))
+    if (isInsecureScriptAccess(activeWindow, urlString))
         return;
 
     // We want a new history item if we are processing a user gesture.
@@ -1785,7 +1785,7 @@ Frame* DOMWindow::createWindow(const String& urlString, const AtomicString& fram
     newFrame->loader()->setOpener(openerFrame);
     newFrame->page()->setOpenedByDOM();
 
-    if (newFrame->domWindow()->isInsecureScriptAccess(activeWindow, completedURL))
+    if (newFrame->domWindow()->isInsecureScriptAccess(activeWindow, urlString))
         return newFrame;
 
     if (function)
@@ -1835,9 +1835,7 @@ PassRefPtr<DOMWindow> DOMWindow::open(const String& urlString, const AtomicStrin
         if (!activeFrame->loader()->shouldAllowNavigation(targetFrame))
             return 0;
 
-        KURL completedURL = firstFrame->document()->completeURL(urlString);
-
-        if (targetFrame->domWindow()->isInsecureScriptAccess(activeWindow, completedURL))
+        if (targetFrame->domWindow()->isInsecureScriptAccess(activeWindow, urlString))
             return targetFrame->domWindow();
 
         if (urlString.isEmpty())
@@ -1846,7 +1844,7 @@ PassRefPtr<DOMWindow> DOMWindow::open(const String& urlString, const AtomicStrin
         // For whatever reason, Firefox uses the first window rather than the active window to
         // determine the outgoing referrer. We replicate that behavior here.
         targetFrame->navigationScheduler()->scheduleLocationChange(activeFrame->document()->securityOrigin(),
-            completedURL,
+            firstFrame->document()->completeURL(urlString).string(),
             firstFrame->loader()->outgoingReferrer(),
             !activeFrame->script()->anyPageIsProcessingUserGesture(), false);
author	Conley Owens <cco3@android.com>	2014-09-05 17:58:48 +0000
committer	Android Git Automerger <android-git-automerger@android.com>	2014-09-05 17:58:48 +0000
commit	f3631decfc5f78c0ca2d4de0f79b250243c44fb6 (patch)
tree	74fcdb656cb2f8f899935e3c6c4b7274919e8069
parent	90b4ea19e439b04457119a2d58be276e17025cfa (diff)
parent	9cb4bc5a6824f63c41ec751a3787b2d6512fcb23 (diff)
download	webkit-f3631decfc5f78c0ca2d4de0f79b250243c44fb6.tar.gz