Summary: | Add SPI to restrict networking to a set of hosts | ||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
Product: | WebKit | Reporter: | Alex Christensen <achristensen> | ||||||||
Component: | New Bugs | Assignee: | Alex Christensen <achristensen> | ||||||||
Status: | RESOLVED FIXED | ||||||||||
Severity: | Normal | CC: | cdumez, ews-watchlist, japhet, thorton, toyoshim, webkit-bug-importer, yutak | ||||||||
Priority: | P2 | Keywords: | InRadar | ||||||||
Version: | WebKit Nightly Build | ||||||||||
Hardware: | Unspecified | ||||||||||
OS: | Unspecified | ||||||||||
See Also: | https://bugs.webkit.org/show_bug.cgi?id=234543 | ||||||||||
Attachments: |
|
Description
Alex Christensen
2021-05-05 17:14:40 PDT
Created attachment 427826 [details]
Patch
Created attachment 427831 [details]
Patch
Created attachment 427833 [details]
Patch
Comment on attachment 427833 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=427833&action=review > Source/WebCore/page/Page.cpp:3307 > + if (!url.protocolIsInHTTPFamily() && !url.protocolIs("ws") && !url.protocolIs("wss")) > + return true; Do we not have a helper somewhere else that is like "the host in this is a host in the HTTP sense"? It seems weird for Page to know this Comment on attachment 427833 [details]
Patch
We don't. This needs to be more than HTTP. This needs to be schemes that access the network, which includes http, https, ws, and wss.
Committed r277336 (237595@main): <https://commits.webkit.org/237595@main> All reviewed patches have been landed. Closing bug and clearing flags on attachment 427833 [details]. |