Stop creating a sandbox extension for the Icon service when the attachment element is enabled, since local testing indicates that this is not needed.
Created attachment 449975 [details] Patch
Comment on attachment 449975 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=449975&action=review > Source/WebKit/ChangeLog:3 > + [iOS][macOS] Block access to Icon service I think it's "Icon Services" > Source/WebKit/ChangeLog:9 > + Stop creating a sandbox extension for the Icon service when the attachment element is enabled, > + since local testing indicates that this is not needed. I’m kind of surprised. Maybe we don’t put the icon into <input type=file> element on the webpage any more, like we did in the past. Did you test with a file with an unusual icon to make sure the icon was correct?
Created attachment 450172 [details] Patch
Created attachment 450173 [details] Patch
(In reply to Per Arne Vollan from comment #1) > Created attachment 449975 [details] > Patch (In reply to Darin Adler from comment #2) > Comment on attachment 449975 [details] > Patch > > View in context: > https://bugs.webkit.org/attachment.cgi?id=449975&action=review > > > Source/WebKit/ChangeLog:3 > > + [iOS][macOS] Block access to Icon service > > I think it's "Icon Services" > Fixed! > > Source/WebKit/ChangeLog:9 > > + Stop creating a sandbox extension for the Icon service when the attachment element is enabled, > > + since local testing indicates that this is not needed. > > I’m kind of surprised. Maybe we don’t put the icon into <input type=file> > element on the webpage any more, like we did in the past. Did you test with > a file with an unusual icon to make sure the icon was correct? That is a good point. This change should only affect apps that enable the attachment element, like Mail, etc. Based on your comment, I see that the original patch is incorrectly changing the sandbox, since an extension is still in use in file upload dialogs. I have updated the patch. Thanks for reviewing!
<rdar://88158797>
Committed r289972 (247358@main): <https://commits.webkit.org/247358@main> All reviewed patches have been landed. Closing bug and clearing flags on attachment 450173 [details].