126733 – securing web inspector server by notifying user for remote web inspector connection ( allow or disallow)

Bug 126733 - securing web inspector server by notifying user for remote web inspector connection ( allow or disallow)

Summary: securing web inspector server by notifying user for remote web inspector conn...

Status:	NEW

Alias:	None

Product:	WebKit
Classification:	Unclassified
Component:	WebKit2 (show other bugs)
Version:	528+ (Nightly build)
Hardware:	Unspecified Linux

Importance:	P2 Normal
Assignee:	Nobody

URL:
Keywords:

Depends on:
Blocks:

Reported:	2014-01-09 20:33 PST by jaybhaskar
Modified:	2014-12-29 21:36 PST (History)
CC List:	2 users (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description jaybhaskar 2014-01-09 20:33:18 PST

As discussed in thread
https://bugs.webkit.org/show_bug.cgi?id=126571#c13, i am reporting this bug, we should discuss this issue
and re-implement the initialization of web inspector server for gtk/efl etc . ports

Comment 1 jaybhaskar 2014-12-29 20:35:53 PST

The non intentional users who are not aware of remote web inspector will not set env variable to run inspector server i agree, but it is possibility that  env variable can be set before ruing webkit based browser in shell and without user permission user's webpage may be inspected remotely.
enabling the feature through an environment variable is not ideal.

Comment 2 Ankit 2014-12-29 21:36:24 PST

We could ask  the user for the consent whether to establish the connection or not for the remote webInspector connection