Bug 182140 - Access to service workers / Cache API should be disabled in sandboxed frames without allow-same-origin flag
Summary: Access to service workers / Cache API should be disabled in sandboxed frames ...
Status: RESOLVED FIXED
Alias: None
Product: WebKit
Classification: Unclassified
Component: Service Workers (show other bugs)
Version: WebKit Nightly Build
Hardware: Unspecified Unspecified
: P2 Normal
Assignee: Chris Dumez
URL:
Keywords: InRadar
Depends on:
Blocks:
 
Reported: 2018-01-25 13:07 PST by Chris Dumez
Modified: 2018-01-25 15:09 PST (History)
8 users (show)

See Also:

Attachments
Patch (9.11 KB, patch)
2018-01-25 13:41 PST, Chris Dumez 		no flags Details | Formatted Diff | Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Chris Dumez 2018-01-25 13:07:23 PST 
Access to service workers / Cache API should be disabled in sandboxed frames without allow-same-origin flag.
Comment 1 Radar WebKit Bug Importer 2018-01-25 13:08:31 PST 
<rdar://problem/36879952>
Comment 2 Chris Dumez 2018-01-25 13:41:55 PST 
Created attachment 332308 [details]
Patch
Comment 3 youenn fablet 2018-01-25 14:57:08 PST 
Comment on attachment 332308 [details]
Patch

r=me.
Let's check in a follow-up whether workers in a sandboxed iframes are an issue for Cache as well.
Comment 4 Chris Dumez 2018-01-25 15:09:43 PST 
Comment on attachment 332308 [details]
Patch

Clearing flags on attachment: 332308

Committed r227639: <https://trac.webkit.org/changeset/227639>
Comment 5 Chris Dumez 2018-01-25 15:09:47 PST 
All reviewed patches have been landed.  Closing bug.