WebKit - CachedFrame does not Detach Openers Universal Cross-Site Scripting
tree.parent; Frame openerFrame = mframe-loader.opener; Frame ownerFrame = parentFrame; if !ownerFrame ownerFrame = openerFrame; if !ownerFrame didFailToInitializeSecurityOrigin; return; ... setCookieURLownerFrame-document-cookieURL; // We alias the SecurityOrigins to match Firefox, see Bug 15313 ...