Reviewed by Sam Weinig

Rest of fix for 5394877 * bindings/js/kjs_window.cpp: (KJS::Window::isSafeScript): Don't log unsafe JavaScript attempts in the other version of isSafeScript() if in private browsing mode either. git-svn-id: http://svn.webkit.org/repository/webkit/trunk@27675 268f45cc-cd09-0410-ab3c-d52691b4dbfc

Reviewed by Sam Weinig
Rest of fix for 5394877 * bindings/js/kjs_window.cpp: (KJS::Window::isSafeScript): Don't log unsafe JavaScript attempts in the other version of isSafeScript() if in private browsing mode either. git-svn-id: http://svn.webkit.org/repository/webkit/trunk@27675 268f45cc-cd09-0410-ab3c-d52691b4dbfc
194b9ac8 · sullivan@apple.com · 8f20e561 · 194b9ac8 · 194b9ac8
Commit 194b9ac8 authored Nov 10, 2007 by sullivan@apple.com
Hide whitespace changes
Inline Side-by-side

Showing with 22 additions and 9 deletions

WebCore/ChangeLog WebCore/ChangeLog +11 -0

WebCore/bindings/js/kjs_window.cpp WebCore/bindings/js/kjs_window.cpp +11 -9

No files found.
--- a/WebCore/ChangeLog
+++ b/WebCore/ChangeLog
+2007-11-10  John Sullivan  <sullivan@apple.com>
+
+        Reviewed by Sam Weinig
+
+        Rest of fix for 5394877
+
+        * bindings/js/kjs_window.cpp:
+        (KJS::Window::isSafeScript):
+        Don't log unsafe JavaScript attempts in the other version of isSafeScript() if in
+        private browsing mode either.
+
 2007-11-10  Nikolas Zimmermann  <zimmermann@kde.org>

        Reviewed by Oliver.

--- a/WebCore/bindings/js/kjs_window.cpp
+++ b/WebCore/bindings/js/kjs_window.cpp
@@ -936,15 +936,17 @@ bool Window::isSafeScript(ExecState *exec) const
  if (actSecurityOrigin.canAccess(thisSecurityOrigin))
    return true;

-  // FIXME: this error message should contain more specifics of why the same origin check has failed.
-  String message = String::format("Unsafe JavaScript attempt to access frame with URL %s from frame with URL %s. Domains, protocols and ports must match.\n",
-                                  thisDocument->URL().utf8().data(), actDocument->URL().utf8().data());
-
-  if (Interpreter::shouldPrintExceptions())
-    printf("%s", message.utf8().data());
-
-  if (Page* page = frame->page())
-    page->chrome()->addMessageToConsole(JSMessageSource, ErrorMessageLevel, message, 1, String());
+    if (!frame->settings()->privateBrowsingEnabled()) {
+        // FIXME: this error message should contain more specifics of why the same origin check has failed.
+        String message = String::format("Unsafe JavaScript attempt to access frame with URL %s from frame with URL %s. Domains, protocols and ports must match.\n",
+                                        thisDocument->URL().utf8().data(), actDocument->URL().utf8().data());
+        
+        if (Interpreter::shouldPrintExceptions())
+            printf("%s", message.utf8().data());
+        
+        if (Page* page = frame->page())
+            page->chrome()->addMessageToConsole(JSMessageSource, ErrorMessageLevel, message, 1, String());
+    }

  return false;
 }