Bug 127937 - WebGLLoadPolicy should be queried for the top document
Summary: WebGLLoadPolicy should be queried for the top document
Alias: None
Product: WebKit
Classification: Unclassified
Component: WebGL (show other bugs)
Version: 528+ (Nightly build)
Hardware: Unspecified Unspecified
: P2 Normal
Assignee: Nobody
Keywords: InRadar
Depends on:
Reported: 2014-01-30 12:55 PST by Roger Fong
Modified: 2014-01-30 15:13 PST (History)
10 users (show)

See Also:

patch (1.65 KB, patch)
2014-01-30 13:26 PST, Roger Fong
thorton: review+
Details | Formatted Diff | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Roger Fong 2014-01-30 12:55:55 PST
If an iframe loads a webgl context we need to make sure that we query for the load policy of the top document's url, not the iframe's.
Comment 1 Roger Fong 2014-01-30 13:19:22 PST
Comment 2 Roger Fong 2014-01-30 13:26:19 PST
Created attachment 222723 [details]
Comment 3 Tim Horton 2014-01-30 14:55:46 PST
Comment on attachment 222723 [details]

View in context: https://bugs.webkit.org/attachment.cgi?id=222723&action=review

> Source/WebCore/html/HTMLCanvasElement.cpp:-229
> -                Page* page = document().page();

I asked if this was right because it means that trusting the main document's domain would let subdocuments from origins the user doesn't trust run, and he noted that plugins do the same thing, so I think this is fine (but maybe we should revisit this?).
Comment 4 Roger Fong 2014-01-30 15:13:33 PST
Landed: http://trac.webkit.org/changeset/163127
until someone yells at me.