Cherry pick r91152 DOMWindow::open performs a security check on a wrong window DO NOT MERGE
Bug: 17050386
Change-Id: I17ca28b2dfe3327831dc283730dd1583d12baac2
diff --git a/Source/WebCore/page/DOMWindow.cpp b/Source/WebCore/page/DOMWindow.cpp
index c7f162a..1806a21 100644
--- a/Source/WebCore/page/DOMWindow.cpp
+++ b/Source/WebCore/page/DOMWindow.cpp
@@ -1835,7 +1835,7 @@
if (!activeFrame->loader()->shouldAllowNavigation(targetFrame))
return 0;
- if (isInsecureScriptAccess(activeWindow, urlString))
+ if (targetFrame->domWindow()->isInsecureScriptAccess(activeWindow, urlString))
return targetFrame->domWindow();
if (urlString.isEmpty())