The HTML5 spec is pretty clear about this: http://www.whatwg.org/specs/web-apps/current-work/multipage/history.html#security-location For a test case, see the frames[0].location.href line of: http://persistent.info/webkit/test-cases/iframe-location-href.html?http://example.com It just shows that the return value is undefined, with no exception being thrown. Gecko and IE do throw the exception.
Alexey, adding you to the cc list since you mentioned this in comment 5 of bug 17627. I couldn't find another bug filed for this issue, but perhaps you're aware of one.
Since fixing the V8 bindings is significantly more complex than the JSC ones (see http://groups.google.com/group/v8-users/browse_thread/thread/e73680b6ca97a46d), I've split this bug into two (bug 43891 and bug 43892), since it'll be two pretty different patches.
*** Bug 81973 has been marked as a duplicate of this bug. ***
Mihai, I'm going to pick this up if you don't mind.
Poking the webkit-dev bear again: https://lists.webkit.org/pipermail/webkit-dev/2013-February/023636.html
Chris, I think you fixed this and some of the other bugs here too right? I can't reproduce comment 0 anymore in Safari TP anyway.
*** This bug has been marked as a duplicate of bug 161368 ***
(In reply to Anne van Kesteren from comment #6) > Chris, I think you fixed this and some of the other bugs here too right? I > can't reproduce comment 0 anymore in Safari TP anyway. Yes, thanks.