Many browser able to execute JavaScript method from browser address bar as below. javascript:{alert("ok");} We also need to support this functionality for same user experience what they expected in address bar.
Created attachment 254433 [details] Patch
Comment on attachment 254433 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=254433&action=review > Source/WebKit2/ChangeLog:9 > + Many browser able to execute JavaScript contents in browser address bar using 'javascript:' scheme. > + WebKit EFL port also need to support this functionality for same user experience. Interesting choice. Safari choses to not include this feature by default, and only enables it for developers who turn it on, to improve security for typical web browser users who have no need to do this, and could be tricked into doing it by social engineering.
Comment on attachment 254433 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=254433&action=review >> Source/WebKit2/ChangeLog:9 >> + WebKit EFL port also need to support this functionality for same user experience. > > Interesting choice. > > Safari choses to not include this feature by default, and only enables it for developers who turn it on, to improve security for typical web browser users who have no need to do this, and could be tricked into doing it by social engineering. In my investigation, Chrome, Firefox, Opera, Internet Explorer supports this functionality in default. I also agreed with your opinion. How about turn it on only WebKit EFL mini browser as same as WebKit GTK Port?
Comment on attachment 254433 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=254433&action=review >>> Source/WebKit2/ChangeLog:9 >>> + WebKit EFL port also need to support this functionality for same user experience. >> >> Interesting choice. >> >> Safari choses to not include this feature by default, and only enables it for developers who turn it on, to improve security for typical web browser users who have no need to do this, and could be tricked into doing it by social engineering. > > In my investigation, Chrome, Firefox, Opera, Internet Explorer supports this functionality in default. > I also agreed with your opinion. > How about turn it on only WebKit EFL mini browser as same as WebKit GTK Port? Sorry about late answer. But, I think that it looks not good. We should not assume whether the browser want javascript scheme or not, so we should consider both use cases. With your patch, browser can't disable javascript scheme.
Comment on attachment 254433 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=254433&action=review >>>> Source/WebKit2/ChangeLog:9 >>>> + WebKit EFL port also need to support this functionality for same user experience. >>> >>> Interesting choice. >>> >>> Safari choses to not include this feature by default, and only enables it for developers who turn it on, to improve security for typical web browser users who have no need to do this, and could be tricked into doing it by social engineering. >> >> In my investigation, Chrome, Firefox, Opera, Internet Explorer supports this functionality in default. >> I also agreed with your opinion. >> How about turn it on only WebKit EFL mini browser as same as WebKit GTK Port? > > Sorry about late answer. > > But, I think that it looks not good. > We should not assume whether the browser want javascript scheme or not, so we should consider both use cases. > With your patch, browser can't disable javascript scheme. I will re-implement this only for efl mini browser.
Created attachment 254563 [details] Patch
Comment on attachment 254563 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=254563&action=review > Tools/MiniBrowser/efl/main.c:1064 > +load_url_from_user_input(Evas_Object* ewk_view, const char* url) - Wrong * place. - url_load_from_user_input() looks more like efl function name style.
Comment on attachment 254563 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=254563&action=review >> Tools/MiniBrowser/efl/main.c:1064 >> +load_url_from_user_input(Evas_Object* ewk_view, const char* url) > > - Wrong * place. > > - url_load_from_user_input() looks more like efl function name style. I referenced url_from_user_input() looks simulator function name in this case. Could you suggest new one for me?
Comment on attachment 254563 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=254563&action=review >>> Tools/MiniBrowser/efl/main.c:1064 >>> +load_url_from_user_input(Evas_Object* ewk_view, const char* url) >> >> - Wrong * place. >> >> - url_load_from_user_input() looks more like efl function name style. > > I referenced url_from_user_input() looks simulator function name in this case. > Could you suggest new one for me? > - url_load_from_user_input() looks more like efl function name style. I already did ;)
Created attachment 254623 [details] Patch
Comment on attachment 254623 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=254623&action=review > Tools/MiniBrowser/efl/main.c:1064 > +url_load_from_user_input(Evas_Object* ewk_view, const char* url) Though I pointed out, it is not fixed yet. Wrong * place.
Created attachment 254630 [details] Patch
Comment on attachment 254630 [details] Patch Clearing flags on attachment: 254630 Committed r185405: <http://trac.webkit.org/changeset/185405>
All reviewed patches have been landed. Closing bug.