RGBCube/serenity
1
Fork 0
mirror of https://github.com/RGBCube/serenity synced 2025-05-14 19:14:58 +00:00
Code Issues Activity Actions

LibWeb: <iframe src> same-origin check should be based on host document

Browse source 
We were basing the src attribute's cross-origin check on whatever was
currently loaded in the iframe, instead of the surrounding document.

Fixes #4236.
This commit is contained in:
Andreas Kling 2020-12-08 17:47:47 +01:00
parent df2a6cb4ab
commit 6496895b16
1 changed files with 2 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

4
Libraries/LibWeb/HTML/HTMLIFrameElement.cpp
View file

@ -79,8 +79,8 @@ void HTMLIFrameElement::load_src(const String& value)
dbg() << "iframe failed to load URL: Invalid URL: " << value;
return;
}
if (url.protocol() == "file" && content_origin().protocol() != "file") {
dbg() << "iframe failed to load URL: Security violation: " << document().url() << " may not load " << value;
if (url.protocol() == "file" && document().origin().protocol() != "file") {
dbg() << "iframe failed to load URL: Security violation: " << document().url() << " may not load " << url;
return;
}