commit | 5934185d281ff83961832317620da5468e7cf703 | [log] [tgz] |
---|---|---|
author | wjmaclean <wjmaclean@chromium.org> | Fri Feb 24 22:59:01 2017 |
committer | Commit bot <commit-bot@chromium.org> | Fri Feb 24 22:59:01 2017 |
tree | 50df3d366811fe8d7e478d3eb17802edeaeed49b | |
parent | b2827d2c7e7fb65a6936bedb3b08409448e4d737 [diff] |
Don't allow GuestView JS objects to inherit global prototype. Allowing objects like GuestViewImpl and GuestViewContainer to inherit prototypes from the global JS object can allow arbitrary user code to be attached to these objects, and potentially executed. This CL prevents this by forcing the inherited __proto__ objects to be null. BUG=695476 Review-Url: https://codereview.chromium.org/2712913005 Cr-Commit-Position: refs/heads/master@{#452976}