diff options
| author | jochen <jochen@chromium.org> | 2015-10-29 09:21:24 -0700 |
|---|---|---|
| committer | Commit bot <commit-bot@chromium.org> | 2015-10-29 16:22:06 +0000 |
| commit | 520e622d4d7a0e8e94b1e528f426070c604171c8 (patch) | |
| tree | e887acfbcd62d4bb4ad24f419334cfd7762d84a5 /extensions/renderer/console.cc | |
| parent | 5d98eb9ffa726aee7605b096fe90035191a1463a (diff) | |
| download | chromium_src-520e622d4d7a0e8e94b1e528f426070c604171c8.zip chromium_src-520e622d4d7a0e8e94b1e528f426070c604171c8.tar.gz chromium_src-520e622d4d7a0e8e94b1e528f426070c604171c8.tar.bz2 | |
Don't use calling context in chrome
Usually, calling context should be equal to current context. Then using the
current context is easier, and it's always defined what it is.
If they are different, and have different privileges, the check on calling
context does not prevent anything, because an attacker can freely chose it.
It's, however, also not safer to use the current context in that situation...
contexts with different privileges must not have access to each other.
BUG=541703
Review URL: https://codereview.chromium.org/1401913003
Cr-Commit-Position: refs/heads/master@{#356864}
Diffstat (limited to 'extensions/renderer/console.cc')
| -rw-r--r-- | extensions/renderer/console.cc | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/extensions/renderer/console.cc b/extensions/renderer/console.cc index b763e8e..c2a93c2 100644 --- a/extensions/renderer/console.cc +++ b/extensions/renderer/console.cc @@ -43,7 +43,7 @@ void BoundLogMethodCallback(const v8::FunctionCallbackInfo<v8::Value>& info) { message += *v8::String::Utf8Value(info[i]); } - v8::Local<v8::Context> context = info.GetIsolate()->GetCallingContext(); + v8::Local<v8::Context> context = info.GetIsolate()->GetCurrentContext(); if (context.IsEmpty()) { LOG(WARNING) << "Could not log \"" << message << "\": no context given"; return; |