Bug 205496

Summary:

Deny Notification API access for non secure contexts

Product:

WebKit

Reporter:

youenn fablet <youennf>

Component:

WebCore Misc.

Assignee:

youenn fablet <youennf>

Status:

RESOLVED FIXED

Severity:

Normal

CC:

achristensen, cdumez, commit-queue, webkit-bug-importer

Priority:

Keywords:

InRadar

Version:

WebKit Nightly Build

Hardware:

Unspecified

OS:

Unspecified

Attachments:

Description	Flags
Patch	none
Patch	none
Fix API test	none

youenn fablet

Reported 2019-12-20 05:17:12 PST

Make Notification API SecureContext

Attachments
Patch (1.53 KB, patch) 2019-12-20 05:28 PST, youenn fablet	no flags	Details Formatted Diff Diff
Patch (4.39 KB, patch) 2019-12-20 09:54 PST, youenn fablet	no flags	Details Formatted Diff Diff
Fix API test (6.23 KB, patch) 2019-12-24 03:35 PST, youenn fablet	no flags	Details Formatted Diff Diff
Show Obsolete (2) View All Add attachment proposed patch, testcase, etc.

youenn fablet

Comment 1 2019-12-20 05:18:13 PST

Spec issue link: https://github.com/whatwg/notifications/issues/93 Chrome intent to ship: https://groups.google.com/a/chromium.org/forum/#!topic/blink-dev/n37ij1E_1aY Firefox intent to ship: https://groups.google.com/forum/#!topic/mozilla.dev.platform/FMPrIMGBNtg

youenn fablet

Comment 2 2019-12-20 05:18:25 PST

<rdar://problem/58074660>

youenn fablet

Comment 3 2019-12-20 05:28:42 PST

Created attachment 386208 [details] Patch

Chris Dumez

Comment 4 2019-12-20 08:03:27 PST

Comment on attachment 386208 [details] Patch Layout test please. See internals.markContextAsInsecure().

Chris Dumez

Comment 5 2019-12-20 08:11:21 PST

Comment on attachment 386208 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=386208&action=review > Source/WebCore/ChangeLog:8 > + Also, please beef up the change log to include some of the information that is on the radar. In particular, the spec issue about this (since the new behavior does not currently match the spec) and the behavior of other browsers.

youenn fablet

Comment 6 2019-12-20 09:54:18 PST

Created attachment 386221 [details] Patch

youenn fablet

Comment 7 2019-12-20 10:01:05 PST

Thanks for the review. I don’t have a compiler right now so I haven’t validated the patch. I’ll fix the patch if ews is not happy.

youenn fablet

Comment 8 2019-12-24 03:35:16 PST

Created attachment 386387 [details] Fix API test

WebKit Commit Bot

Comment 9 2019-12-24 06:41:27 PST

Comment on attachment 386387 [details] Fix API test Clearing flags on attachment: 386387 Committed r253899: <https://trac.webkit.org/changeset/253899>

WebKit Commit Bot

Comment 10 2019-12-24 06:41:29 PST

All reviewed patches have been landed. Closing bug.

Note You need to log in before you can comment on or make changes to this bug.