[Bug 22346] Security: When invoking a method, getter, or setter on an object using the property descriptor of another, we need to do a security check from bugzilla@jessica.w3.org on 2013-07-24 (public-script-coord@w3.org from July to September 2013)

From: <bugzilla@jessica.w3.org>
Date: Wed, 24 Jul 2013 02:14:22 +0000
To: public-script-coord@w3.org
Message-ID: <bug-22346-3890-7rixD7bNB1@http.www.w3.org/Bugs/Public/>

https://www.w3.org/Bugs/Public/show_bug.cgi?id=22346

--- Comment #4 from Cameron McCormack <cam@mcc.id.au> ---
OK.  Is there ever a case when the global doesn't have a corresponding
Document?  Can I just follow the chain of

  object -> "associated global environment" [WEBIDL] ->
            WindowProxy object that is the global [HTML] ->
            browsing context for that WindowProxy [HTML] ->
            active document for that browsing context [HTML] ->
            effective script origin for that document [HTML]

?  Maybe there is something simpler.

-- 
You are receiving this mail because:
You are on the CC list for the bug.

Received on Wednesday, 24 July 2013 02:14:23 UTC