UserAgent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/47.0.2526.80 Safari/537.36
Steps to reproduce the problem:
1. Window in domain A deletes window.blur
2. Iframe or opened window in domain B, tries to access parent.blur or opener.blur
3. Page B catches an exception for SOP violation (while w/o deletion does not)
I've done a very quick demo (a little bogus, try refreshing after every transmission) that sends information to another domain using this mechanism: http://vwzq.net/lab/covert/deletion.html
What is the expected behavior?
Domain B shouldn't be able to detect any direct change in the properties of another domain. Should it?
What went wrong?
Domain B has the ability to detect if another domain has deleted some properties (blur, focus, close, parent, opener, length, frames, closed).
Did this work before? No
Chrome version: 47.0.2526.80 Channel: stable
OS Version: 3.16.0-4-amd64
I don't think that this was a vulnerability, but since other browser were acting "better" I decided to report.