NetworkBlobRegistry holds sandbox extensions for as long as a blob exists, and the same blob could be loaded multiple times.
Since an extension is revoked at the end of a load, this does not work.
Created attachment 192270 [details]
It seems like this patch caused a test failure:
Re-opened since this is blocked by bug 111917
Got it. The regression is caused by a bug in SandboxExtensionTracker that used to be hidden because we used to permanently leak the consumed extension in this case.
Created attachment 192335 [details]
patch to land later
Updated with build fix, removed an unneeded null check, and added an assertion that would have caught this condition earlier.
Created attachment 192346 [details]
It turned out that it makes much more sense to fix the pre-existing bug now, as that's easier to do with the new SandboxExtension functionality.
The new patch also changes SandboxExtension to require manual balancing of consume and revoke calls. It's less error prone this way.
Comment on attachment 192346 [details]
Clearing flags on attachment: 192346
Committed r145369: <http://trac.webkit.org/changeset/145369>
All reviewed patches have been landed. Closing bug.