|Summary:||Move Local and NoAccess security rules from FrameLoader to SecurityOrigin|
|Product:||WebKit||Reporter:||Darin Fisher (:fishd, Google) <fishd>|
|Component:||Page Loading||Assignee:||Adam Barth <abarth>|
|Severity:||Normal||CC:||abarth, jianli, jorlow, sam|
|Version:||528+ (Nightly build)|
|Bug Depends on:|
Description Darin Fisher (:fishd, Google) 2009-03-10 09:28:14 PDT
Move Local and NoAccess security rules from FrameLoader to SecurityOrigin This bug is about moving the following functions: registerURLSchemeAsLocal shouldTreatURLAsLocal shouldTreatURLSchemeAsLocal registerURLSchemeAsNoAccess shouldTreatURLSchemeAsNoAccess I also question whether we should keep shouldTreatURLAsLocal. It seems a bit unnecessary.
Comment 1 Darin Fisher (:fishd, Google) 2009-03-10 09:28:49 PDT
There is some related discussion in bug 24437.
Comment 2 Jian Li 2009-04-03 15:13:54 PDT
We also need to make SecurityOrigin thread safe. Considering making all statics use TLS.
Comment 3 Darin Fisher (:fishd, Google) 2009-04-03 15:22:26 PDT
I think that should be turned into a separate bug. This one is just above moving some code, which is what I plan to do.
Comment 4 Jeremy Orlow 2009-06-03 13:52:40 PDT
Hm. Interesting. This seems a bit related to https://bugs.webkit.org/show_bug.cgi?id=26143 ("SecurityOrigin should probably be split into Origin and EffectiveScriptOrigin").
Comment 5 Adam Barth 2009-06-13 20:30:59 PDT
Stealing. This is low hanging fruit on my quest to tame FrameLoader.
Comment 7 Darin Fisher (:fishd, Google) 2009-06-13 21:06:53 PDT
Comment on attachment 31251 [details] patchy > +2009-06-13 Adam Barth <firstname.lastname@example.org> > + > + Reviewed by NOBODY (OOPS!). > + > + Moved registerURLSchemeAsLocal and registerURLSchemeAsNoAccess from > + FrameLoader to SecurityOrigin. > + nit: provide a bug reference. same goes for the other ChangeLogs. R=me
Comment 8 Adam Barth 2009-06-13 21:08:27 PDT
> nit: provide a bug reference. same goes for the other ChangeLogs. Thanks. I have trouble remembering to do that for some reason.