static bool canAccessAncestor(const SecurityOrigin& activeSecurityOrigin, const Frame* targetFrame) { // targetFrame can be 0 when we're trying to navigate a top-level frame // that has a 0 opener. if (!targetFrame) return false; const bool isLocalActiveOrigin = activeSecurityOrigin.isLocal(); for (const Frame* ancestorFrame = targetFrame; ancestorFrame; ancestorFrame = ancestorFrame->tree().parent()) { const SecurityOrigin* ancestorSecurityOrigin = ancestorFrame->securityContext()->getSecurityOrigin(); if (activeSecurityOrigin.canAccess(ancestorSecurityOrigin)) return true; // Allow file URL descendant navigation even when // allowFileAccessFromFileURLs is false. // FIXME: It's a bit strange to special-case local origins here. Should we // be doing something more general instead? if (isLocalActiveOrigin && ancestorSecurityOrigin->isLocal()) return true; } return false; }