From 9f7a531b886f8f6115d18f0799c4ad7d1c84e216 Mon Sep 17 00:00:00 2001
From: weolar <weolar@qq.com>
Date: Sat, 19 May 2018 23:48:07 +0800
Subject: [PATCH] =?UTF-8?q?*=20=E4=BF=AE=E5=A4=8D=E4=B8=80=E5=A4=84?=
 =?UTF-8?q?=E5=B4=A9=E6=BA=83=E3=80=82=E5=9C=A8=E4=B8=BBframe=E8=B0=83?=
 =?UTF-8?q?=E7=94=A8window.frameElement;=E5=B0=B1=E4=BC=9A=E5=B4=A9?=
 =?UTF-8?q?=E6=BA=83?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../bindings/core/v8/BindingSecurity.cpp      | 19 ++++---------------
 1 file changed, 4 insertions(+), 15 deletions(-)

diff --git a/third_party/WebKit/Source/bindings/core/v8/BindingSecurity.cpp b/third_party/WebKit/Source/bindings/core/v8/BindingSecurity.cpp
index 7263267f61..d2aa8aa5aa 100644
--- a/third_party/WebKit/Source/bindings/core/v8/BindingSecurity.cpp
+++ b/third_party/WebKit/Source/bindings/core/v8/BindingSecurity.cpp
@@ -48,9 +48,6 @@ static bool isOriginAccessibleFromDOMWindow(SecurityOrigin* targetOrigin, LocalD
 
 static bool canAccessFrame(v8::Isolate* isolate, SecurityOrigin* targetFrameOrigin, DOMWindow* targetWindow, ExceptionState& exceptionState)
 {
-    if (!RuntimeEnabledFeatures::cspCheckEnabled())
-        return true;
-
     LocalDOMWindow* callingWindow = callingDOMWindow(isolate);
     if (isOriginAccessibleFromDOMWindow(targetFrameOrigin, callingWindow))
         return true;
@@ -62,9 +59,6 @@ static bool canAccessFrame(v8::Isolate* isolate, SecurityOrigin* targetFrameOrig
 
 static bool canAccessFrame(v8::Isolate* isolate, SecurityOrigin* targetFrameOrigin, DOMWindow* targetWindow, SecurityReportingOption reportingOption = ReportSecurityError)
 {
-    if (!RuntimeEnabledFeatures::cspCheckEnabled())
-        return true;
-
     LocalDOMWindow* callingWindow = callingDOMWindow(isolate);
     if (isOriginAccessibleFromDOMWindow(targetFrameOrigin, callingWindow))
         return true;
@@ -76,29 +70,24 @@ static bool canAccessFrame(v8::Isolate* isolate, SecurityOrigin* targetFrameOrig
 
 bool BindingSecurity::shouldAllowAccessToFrame(v8::Isolate* isolate, Frame* target, SecurityReportingOption reportingOption)
 {
-    if (!RuntimeEnabledFeatures::cspCheckEnabled())
-        return true;
-
     if (!target || !target->securityContext())
         return false;
+    if (!RuntimeEnabledFeatures::cspCheckEnabled())
+        return true;
     return canAccessFrame(isolate, target->securityContext()->securityOrigin(), target->domWindow(), reportingOption);
 }
 
 bool BindingSecurity::shouldAllowAccessToFrame(v8::Isolate* isolate, Frame* target, ExceptionState& exceptionState)
 {
-    if (!RuntimeEnabledFeatures::cspCheckEnabled())
-        return true;
-
     if (!target || !target->securityContext())
         return false;
+    if (!RuntimeEnabledFeatures::cspCheckEnabled())
+        return true;
     return canAccessFrame(isolate, target->securityContext()->securityOrigin(), target->domWindow(), exceptionState);
 }
 
 bool BindingSecurity::shouldAllowAccessToNode(v8::Isolate* isolate, Node* target, ExceptionState& exceptionState)
 {
-    if (!RuntimeEnabledFeatures::cspCheckEnabled())
-        return true;
-
     return target && canAccessFrame(isolate, target->document().securityOrigin(), target->document().domWindow(), exceptionState);
 }