angler-fishThe Vulnerability History Project

Make client-triggered navigations more friendly to RemoteFrames

      * Change most callers of NavigationScheduler::scheduleLocationChange() to go through Frame::navigate(), which will proxy the navigation request if the target frame is remote.
* Move some helpers from LocalDOMWindow to DOMWindow and teach them about RemoteFrames.
* Move LocalDOMWindow::setLocation() to Location (its only user) and bring it closer to being remote-friendly.

BUG=

Review URL: https://codereview.chromium.org/799903003

git-svn-id: svn://svn.chromium.org/blink/trunk@188452 bbb929c8-8fbe-4397-9dbb-9b2b20218538
by Loren the Western Gorilla 2015-01-15 07:24:38 UTC
commit 9fe1d58100e6e7a272ac80a378b8a629eb57e3d7
Chromium VCC CVE-2015-1293
third_party/WebKit/Source/bindings/core/v8/custom/V8WindowCustom.cpp
+1 -1
third_party/WebKit/Source/core/dom/Document.cpp
+1 -1
third_party/WebKit/Source/core/frame/DOMWindow.cpp
-28
third_party/WebKit/Source/core/frame/DOMWindow.h
-8
third_party/WebKit/Source/core/frame/LocalDOMWindow.cpp
+73 -14
third_party/WebKit/Source/core/frame/LocalDOMWindow.h
+14 -2
third_party/WebKit/Source/core/frame/Location.cpp
+10 -30
third_party/WebKit/Source/core/frame/Location.h
+1 -2
third_party/WebKit/Source/core/loader/appcache/ApplicationCacheHost.cpp
+1 -1
third_party/WebKit/Source/core/page/CreateWindow.cpp
+1 -1
third_party/WebKit/Source/platform/weborigin/SecurityOrigin.cpp
+2 -2
third_party/WebKit/Source/platform/weborigin/SecurityOrigin.h
+1 -1
expand_less