Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Tweak the exposure of cross-origin properties
This contains two separate changes: * It makes all cross-origin properties that would normally be enumerable on same-origin objects, enumerable also on WindowProxy and Location objects (including when accessed same-origin). This includes safelisted methods and attributes, browsing context name properties, and browsing context index properties. The motivation for making them non-enumerable seems to have been a mistaken impression that doing so would prevent a cross-origin information leak. * It hides window names from [[OwnPropertyKeys]](), and thus Object.keys(), Object.getOwnPropertyNames(), etc. This actually prevents a cross-origin information leak. Closes #2753.
- Loading branch information