From 9d12fc4a84675b8de0be38bb17816d10e2292e6e Mon Sep 17 00:00:00 2001
From: Aleksander Nowodzinski <a.nowodzinski@cksource.com>
Date: Fri, 23 Nov 2012 12:19:07 +0100
Subject: [PATCH] Fixed: Permission denied in magicline when using editor
 inside of an iframe with sandbox=allow-scripts.

---
 plugins/magicline/plugin.js | 41 ++++++++++++++++++++++---------------
 1 file changed, 25 insertions(+), 16 deletions(-)

diff --git a/plugins/magicline/plugin.js b/plugins/magicline/plugin.js
index 1daafe5fc00..d34a0480610 100644
--- a/plugins/magicline/plugin.js
+++ b/plugins/magicline/plugin.js
@@ -28,22 +28,6 @@
 			triggerOffset = config.magicline_triggerOffset || 30,
 			enterMode = config.enterMode,
 			that = {
-				// %REMOVE_START%
-				// Internal DEBUG uses tools located in the topmost window.
-				debug: window.top.DEBUG || {
-					groupEnd: function() {},
-					groupStart: function() {},
-					log: function() {},
-					logElements: function() {},
-					logElementsEnd: function() {},
-					logEnd: function() {},
-					mousePos: function() {},
-					showHidden: function() {},
-					showTrigger: function() {},
-					startTimer: function() {},
-					stopTimer: function() {}
-				},
-				// %REMOVE_END%
 				// Global stuff is being initialized here.
 				editor: editor,
 				enterBehavior: enterBehaviors[ enterMode ], 		// A tag which is to be inserted by the magicline.
@@ -56,6 +40,31 @@
 			},
 			scrollTimeout, hideTimeout, checkMouseTimeoutPending, checkMouseTimeout, checkMouseTimer;
 
+		// %REMOVE_START%
+		// Internal DEBUG uses tools located in the topmost window.
+
+		// (#9701) Due to security limitations some browsers may throw
+		// errors when accessing window.top object. Do it safely first then.
+		try {
+			that.debug = window.top.DEBUG;
+		}
+		catch ( e ) {}
+
+		that.debug = that.debug || {
+			groupEnd: function() {},
+			groupStart: function() {},
+			log: function() {},
+			logElements: function() {},
+			logElementsEnd: function() {},
+			logEnd: function() {},
+			mousePos: function() {},
+			showHidden: function() {},
+			showTrigger: function() {},
+			startTimer: function() {},
+			stopTimer: function() {}
+		};
+		// %REMOVE_END%
+
 		// Simple irrelevant elements filter.
 		that.isRelevant = function( node ) {
 			return isHtml( node ) 			// 	-> Node must be an existing HTML element.