Summary: | Add security checks for iframe seamless | ||||||||
---|---|---|---|---|---|---|---|---|---|
Product: | WebKit | Reporter: | Eric Seidel (no email) <eric> | ||||||
Component: | WebCore Misc. | Assignee: | Eric Seidel (no email) <eric> | ||||||
Status: | RESOLVED LATER | ||||||||
Severity: | Normal | CC: | abarth, ap, kkimdavenport, webkit.review.bot | ||||||
Priority: | P2 | ||||||||
Version: | 528+ (Nightly build) | ||||||||
Hardware: | Unspecified | ||||||||
OS: | Unspecified | ||||||||
Bug Depends on: | |||||||||
Bug Blocks: | 45950 | ||||||||
Attachments: |
|
Description
Eric Seidel (no email)
2012-03-31 01:19:37 PDT
Created attachment 134950 [details]
Patch
We don't have to land this by itself, but I figure its easier to review in isolation. Ideally i'd present this whole series as a git branch instead of patches. :) Comment on attachment 134950 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=134950&action=review This is fine, but I'd prefer to land this together with tests. > Source/WebCore/dom/Document.cpp:4755 > +static bool computeEligabilityForSeamless(Document* parent, Document* child) I would have called this isEligabilityForSeamless > Source/WebCore/dom/SecurityContext.h:70 > + bool mayDisplaySeamlessWithParent() const { return m_mayDisplaySeamlessWithParent; } Usually we use the word "can" rather than "may", although you're right that "may" is more grammatically correct. IMHO, we should use "can" for consistency. > Source/WebCore/dom/SecurityContext.h:85 > + // Set in Document::initSecurityContext() at Document creation, per: I'd remove this comment. > I would have called this isEligabilityForSeamless
isEligibleForSeamless?
Created attachment 135011 [details]
Patch for landing
Comment on attachment 135011 [details] Patch for landing Rejecting attachment 135011 [details] from commit-queue. Failed to run "['/mnt/git/webkit-commit-queue/Tools/Scripts/webkit-patch', '--status-host=queues.webkit.org', '-..." exit_code: 2 Last 500 characters of output: geLog Hunk #1 FAILED at 1. 1 out of 1 hunk FAILED -- saving rejects to file Source/WebCore/ChangeLog.rej patching file Source/WebCore/dom/Document.cpp patching file Source/WebCore/dom/SecurityContext.cpp patching file Source/WebCore/dom/SecurityContext.h patching file Source/WebCore/html/HTMLIFrameElement.cpp patching file Source/WebCore/html/HTMLIFrameElement.h Failed to run "[u'/mnt/git/webkit-commit-queue/Tools/Scripts/svn-apply', u'--force']" exit_code: 1 cwd: /mnt/git/webkit-commit-queue/ Full output: http://queues.webkit.org/results/12306374 Will land this differently when merging the branch into trunk. |