81578 – Clean up SecurityOrigin::enforceFilePathSeparation()

Bug 81578 - Clean up SecurityOrigin::enforceFilePathSeparation()

Summary: Clean up SecurityOrigin::enforceFilePathSeparation()

Status:	REOPENED

Alias:	None

Product:	WebKit
Classification:	Unclassified
Component:	WebCore Misc. (show other bugs)
Version:	528+ (Nightly build)
Hardware:	All All

Importance:	P2 Normal
Assignee:	Nobody

URL:
Keywords:

Depends on:
Blocks:

Reported:	2012-03-19 16:00 PDT by Jon Lee
Modified:	2018-01-31 15:55 PST (History)
CC List:	4 users (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Jon Lee 2012-03-19 16:00:16 PDT

This flag was introduced in r56757 via bug 36692 as a way of circumventing file access policy for file:// origins. It has some inconsistencies, in that it is used to treat only file:// URLs as unique origins (see toString()), but can be turned on for an origin with any local protocol (see Document::initSecurityContext()).

At best, this concept gets refactored out into something else that makes more sense. At worst, this function and member variable gets renamed to something that better explains its purpose.

Comment 1 Filip Pizlo 2018-01-31 15:52:53 PST


*** This bug has been marked as a duplicate of bug 182227 ***

Comment 2 Filip Pizlo 2018-01-31 15:53:07 PST

I just stumbled on this.  I need a getter for this property.  I think that means finders-keepers.

Comment 3 Filip Pizlo 2018-01-31 15:55:24 PST

Never mind.  This FIXME is not about this not following getter/setter naming conventions.  It's about something more subtle.