Bug 127937

Summary: WebGLLoadPolicy should be queried for the top document
Product: WebKit Reporter: Roger Fong <roger_fong>
Component: WebGLAssignee: Nobody <webkit-unassigned>
Status: RESOLVED FIXED    
Severity: Normal CC: bfulgham, commit-queue, dino, esprehn+autocc, gyuyoung.kim, jonlee, mmaxfield, roger_fong, thorton, webkit-bug-importer
Priority: P2 Keywords: InRadar
Version: 528+ (Nightly build)   
Hardware: Unspecified   
OS: Unspecified   
Attachments:
Description Flags
patch thorton: review+

Roger Fong
Reported 2014-01-30 12:55:55 PST
If an iframe loads a webgl context we need to make sure that we query for the load policy of the top document's url, not the iframe's.
Attachments
patch (1.65 KB, patch)
2014-01-30 13:26 PST, Roger Fong 		thorton: review+
DetailsFormatted DiffDiff
View All Add attachment proposed patch, testcase, etc.
Roger Fong
Comment 1 2014-01-30 13:19:22 PST
<rdar://problem/15950122>
Roger Fong
Comment 2 2014-01-30 13:26:19 PST
Created attachment 222723 [details] patch
Tim Horton
Comment 3 2014-01-30 14:55:46 PST
Comment on attachment 222723 [details] patch View in context: https://bugs.webkit.org/attachment.cgi?id=222723&action=review > Source/WebCore/html/HTMLCanvasElement.cpp:-229 > - Page* page = document().page(); I asked if this was right because it means that trusting the main document's domain would let subdocuments from origins the user doesn't trust run, and he noted that plugins do the same thing, so I think this is fine (but maybe we should revisit this?).
Roger Fong
Comment 4 2014-01-30 15:13:33 PST
Landed: http://trac.webkit.org/changeset/163127 until someone yells at me.
Note You need to log in before you can comment on or make changes to this bug.