XSSAuditor doesn't need a copy of the original document URL.
Created attachment 192382 [details] Patch
As Adam noted in https://bugs.webkit.org/show_bug.cgi?id=110733#c36, there doesn't seem to be any good reason to retain a copy of this string.
Comment on attachment 192382 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=192382&action=review > Source/WebCore/html/parser/XSSAuditorDelegate.cpp:76 > reportDetails->setString("request-body", xssInfo.m_originalHTTPBody); Is the same true of the request body?
(In reply to comment #3) > (From update of attachment 192382 [details]) > View in context: https://bugs.webkit.org/attachment.cgi?id=192382&action=review > > > Source/WebCore/html/parser/XSSAuditorDelegate.cpp:76 > > reportDetails->setString("request-body", xssInfo.m_originalHTTPBody); > > Is the same true of the request body? Looks like it might be; I don't think there's any circumstance in which the document's loader would change, or the loader's originalRequest. I'll put together another patch and see what happens if I just remove that property as well.
Comment on attachment 192382 [details] Patch Clearing flags on attachment: 192382 Committed r145331: <http://trac.webkit.org/changeset/145331>
All reviewed patches have been landed. Closing bug.