Code cleanup, SSIA.
Created attachment 363758 [details] Patch
Created attachment 363759 [details] Typo fix
Comment on attachment 363759 [details] Typo fix View in context: https://bugs.webkit.org/attachment.cgi?id=363759&action=review > Source/WebCore/ChangeLog:8 > + Move `isTransparentOrFullyClippedRespectingParentFrames()` from RenderObject to RenderLayer, since this function Backticks :\ > Source/WebCore/rendering/RenderLayer.cpp:6602 > +bool RenderLayer::isTransparentOrFullyClippedRespectingParentFrames() const It strikes me that this potentially allows an iframe to learn things about its enclosing frames which is bad from a security perspective.
Comment on attachment 363759 [details] Typo fix View in context: https://bugs.webkit.org/attachment.cgi?id=363759&action=review >> Source/WebCore/ChangeLog:8 >> + Move `isTransparentOrFullyClippedRespectingParentFrames()` from RenderObject to RenderLayer, since this function > > Backticks :\ Backtick'd text like this will show up as a code block in trac.webkit.org (I use it sometimes when referencing function names in ChangeLogs for this reason). But I'll remove it here anyways. >> Source/WebCore/rendering/RenderLayer.cpp:6602 >> +bool RenderLayer::isTransparentOrFullyClippedRespectingParentFrames() const > > It strikes me that this potentially allows an iframe to learn things about its enclosing frames which is bad from a security perspective. An interesting point! That being said, it seems like (1) RenderLayer already knows how to walk out of its current frame in a few other places (e.g. scrollRectToVisible), and (2) the result of isTransparentOrFullyClippedRespectingParentFrames is never web-exposed (it only affects the behavior of platform-specific chrome that's opaque to the web page).
Created attachment 363766 [details] Patch for landing
Comment on attachment 363766 [details] Patch for landing Clearing flags on attachment: 363766 Committed r242561: <https://trac.webkit.org/changeset/242561>
(In reply to Wenson Hsieh from comment #4) > Comment on attachment 363759 [details] > An interesting point! That being said, it seems like (1) RenderLayer already > knows how to walk out of its current frame in a few other places (e.g. > scrollRectToVisible) There's a bug about that somewhere. > and (2) the result of > isTransparentOrFullyClippedRespectingParentFrames is never web-exposed (it > only affects the behavior of platform-specific chrome that's opaque to the > web page). good.
<rdar://problem/48649818>