Bug 39330

Summary: For <iframe src="some.swf" sandbox="...">, we should bail out of actually loading the plug-in data as soon as possible.
Product: WebKit Reporter: Brady Eidson <beidson>
Component: Page LoadingAssignee: Nobody <webkit-unassigned>
Status: NEW ---    
Severity: Normal    
Priority: P2    
Version: 528+ (Nightly build)   
Hardware: All   
OS: All   

Description Brady Eidson 2010-05-18 16:28:00 PDT 
For <iframe src="some.swf" sandbox="...">, we should bail out of actually loading the plug-in data as soon as possible.

Spun off from https://bugs.webkit.org/show_bug.cgi?id=39323.

To resolve 39323, I planned on just making sure the plugin code itself is never instantiated which both prevents the described crash and prevents the security/sandboxing exploits of having the plugin code executing.

But we should actually avoid actually loading anymore of the plugin data itself once we know it violates the sandboxing flags.