[webkit-changes] [WebKit/WebKit] b2630b: [Site Isolation] window.frameElement cross-origin ...

Thu, 02 Apr 2026 16:12:56 -0700 

  Branch: refs/heads/main
  Home:   https://github.com/WebKit/WebKit
  Commit: b2630b88dc2420b31df955babfd65fdfe9745683
      
https://github.com/WebKit/WebKit/commit/b2630b88dc2420b31df955babfd65fdfe9745683
  Author: Roberto Rodriguez <[email protected]>
  Date:   2026-04-02 (Thu, 02 Apr 2026)

  Changed paths:
    M LayoutTests/platform/mac-site-isolation/TestExpectations
    M Source/WebCore/SaferCPPExpectations/UncheckedCallArgsCheckerExpectations
    M Source/WebCore/SaferCPPExpectations/UncountedCallArgsCheckerExpectations
    M Source/WebCore/bindings/js/JSDOMBindingSecurity.h
    M Source/WebCore/bindings/scripts/CodeGeneratorJS.pm
    M Source/WebCore/bindings/scripts/IDLAttributes.json
    M Source/WebCore/page/DOMWindow.idl

  Log Message:
  -----------
  [Site Isolation] window.frameElement cross-origin access does not log 
"Blocked a frame" console error
https://bugs.webkit.org/show_bug.cgi?id=311215
rdar://173803357

Reviewed by Sihui Liu.

With site isolation and a cross-origin parent frame, 
LocalDOMWindow::frameElement() returns
null because Frame::ownerElement() is in the parent's process. 
BindingSecurity::shouldAllowAccessToNode()
short-circuits on the null target parameter so canAccessTargetOrigin() is never 
called and the
cross-origin console error is never logged.

Add [CheckSecurityForNodeWithDOMWindow] IDL attribute and 
BindingSecurity::checkSecurityForNodeWithDOMWindow(),
following the pattern of [CheckSecurityForNodeWithFrameOwner]. When the node is 
null and the DOMWindow's
parent frame is a RemoteFrame, explicitly call 
BindingSecurity::shouldAllowAccessToFrame()
to produce the console error.

* LayoutTests/platform/mac-site-isolation/TestExpectations:
* Source/WebCore/SaferCPPExpectations/UncheckedCallArgsCheckerExpectations:
* Source/WebCore/SaferCPPExpectations/UncountedCallArgsCheckerExpectations:
* Source/WebCore/bindings/js/JSDOMBindingSecurity.h:
* Source/WebCore/bindings/scripts/CodeGeneratorJS.pm:
(NativeToJSValue):
* Source/WebCore/bindings/scripts/IDLAttributes.json:
* Source/WebCore/page/DOMWindow.idl:

Canonical link: https://commits.webkit.org/310476@main



To unsubscribe from these emails, change your notification settings at 
https://github.com/WebKit/WebKit/settings/notifications

Reply via email to