You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Cherry-pick of patch originally reviewed on
https://chromium-review.googlesource.com/c/v8/v8/+/6606957:
Don't create remote objects for non-shared 'Error' objects
Since the page can install accessors on various 'Error' prototypes, its
possible to leak information from cross-origin scripts (via the
inspector remote object).
This CL fixes this particular instance by not creating remote objects
for Errors where the 'SharedCrossOrigin' bit is not set in the
originating script.
Note that to do this, we have to find the right script and get it's
origin info. We can't go via the debugger agent as it has not
necessarily been enabled and so the script map in the debugger agent
could be empty.
Drive-by: There is one more oddity we don't fully understand. The
scriptId passed via V8Inspector is set to 0 if it matches the
top-most frame. This CL reverts this logic in the inspector, but
this might break some expectation in DevTools.
[email protected]
Fixed: 420885124
Change-Id: I3c1a7524349cdbadd6768f8c6bf5119d4b59369a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/6606957
Reviewed-by: Benedikt Meurer <[email protected]>
Commit-Queue: Simon Zünd <[email protected]>
Cr-Commit-Position: refs/heads/main@{#100606}
Reviewed-on: https://codereview.qt-project.org/c/qt/qtwebengine-chromium/+/659329
Reviewed-by: Moss Heim <[email protected]>
0 commit comments