W3C home > Mailing lists > Public > public-script-coord@w3.org > July to September 2013

[Bug 22346] Security: When invoking a method, getter, or setter on an object using the property descriptor of another, we need to do a security check

From: <bugzilla@jessica.w3.org>
Date: Wed, 24 Jul 2013 02:14:22 +0000
To: public-script-coord@w3.org
Message-ID: <bug-22346-3890-7rixD7bNB1@http.www.w3.org/Bugs/Public/>
https://www.w3.org/Bugs/Public/show_bug.cgi?id=22346

--- Comment #4 from Cameron McCormack <cam@mcc.id.au> ---
OK.  Is there ever a case when the global doesn't have a corresponding
Document?  Can I just follow the chain of

  object -> "associated global environment" [WEBIDL] ->
            WindowProxy object that is the global [HTML] ->
            browsing context for that WindowProxy [HTML] ->
            active document for that browsing context [HTML] ->
            effective script origin for that document [HTML]

?  Maybe there is something simpler.

-- 
You are receiving this mail because:
You are on the CC list for the bug.
Received on Wednesday, 24 July 2013 02:14:23 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 21:37:50 UTC