mirrors/ladybird
0
0
Fork 0
mirror of https://github.com/LadybirdBrowser/ladybird.git synced 2025-04-27 14:58:46 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 9
ladybird/Libraries/LibWeb/HTML/HTMLIFrameElement.idl
Andreas Kling 37c287b1d4 LibWeb: Disallow cross-origin access to <iframe>.contentDocument 
With this patch, we now enforce basic same-origin policy for this one
<iframe> attribute.

To make it easier to add more attributes like this, I've added an
extended IDL attribute ("[ReturnNullIfCrossOrigin]") that does exactly
what it sounds like. :^)
2020-09-22 20:10:20 +02:00

11 lines
369 B
Text
Raw Blame History

interface HTMLIFrameElement : HTMLElement {
[Reflect] attribute DOMString src;
[Reflect] attribute DOMString srcdoc;
[Reflect] attribute DOMString name;
[Reflect] attribute DOMString allow;
[Reflect] attribute DOMString width;
[Reflect] attribute DOMString height;
[ReturnNullIfCrossOrigin] readonly attribute Document? contentDocument;
}
Reference in a new issue View git blame Copy permalink