Bug 88014 - sandbox directive in X-WebKit-CSP header unable to create a unique origin
Summary: sandbox directive in X-WebKit-CSP header unable to create a unique origin
Status: RESOLVED FIXED
Alias: None
Product: WebKit
Classification: Unclassified
Component: New Bugs (show other bugs)
Version: 528+ (Nightly build)
Hardware: Unspecified Unspecified
: P2 Normal
Assignee: Adam Barth
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2012-05-31 14:55 PDT by Adam Barth
Modified: 2012-06-01 02:26 PDT (History)
5 users (show)

See Also:

Attachments
Patch (8.88 KB, patch)
2012-05-31 15:02 PDT, Adam Barth 		no flags Details | Formatted Diff | Diff
Patch (14.93 KB, patch)
2012-05-31 18:13 PDT, Adam Barth 		no flags Details | Formatted Diff | Diff
Patch (14.96 KB, patch)
2012-05-31 19:22 PDT, Adam Barth 		no flags Details | Formatted Diff | Diff
Patch for landing (14.96 KB, patch)
2012-05-31 23:44 PDT, Adam Barth 		no flags Details | Formatted Diff | Diff
Show Obsolete (3) View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Adam Barth 2012-05-31 14:55:30 PDT 
sandbox directive in X-WebKit-CSP header unable to create a unique origin
Comment 1 Adam Barth 2012-05-31 15:02:09 PDT 
Created attachment 145164 [details]
Patch
Comment 2 Build Bot 2012-05-31 15:29:31 PDT 
Comment on attachment 145164 [details]
Patch

Attachment 145164 [details] did not pass mac-ews (mac):
Output: http://queues.webkit.org/results/12868326
Comment 3 Adam Barth 2012-05-31 18:13:59 PDT 
Created attachment 145185 [details]
Patch
Comment 4 Build Bot 2012-05-31 18:51:59 PDT 
Comment on attachment 145185 [details]
Patch

Attachment 145185 [details] did not pass mac-ews (mac):
Output: http://queues.webkit.org/results/12860493
Comment 5 Adam Barth 2012-05-31 19:22:39 PDT 
Created attachment 145196 [details]
Patch
Comment 6 Mihai Parparita 2012-05-31 20:40:39 PDT 
Comment on attachment 145196 [details]
Patch

View in context: https://bugs.webkit.org/attachment.cgi?id=145196&action=review

> Source/WebCore/ChangeLog:14
> +        the SandboxOrigin bit. This patch is more complicated than you migh

Typo: migh
Comment 7 Ryosuke Niwa 2012-05-31 23:01:28 PDT 
Comment on attachment 145196 [details]
Patch

View in context: https://bugs.webkit.org/attachment.cgi?id=145196&action=review

> Source/WebCore/ChangeLog:11
> +        sandbox directive in CSP couldn't create a unique origin.

Please add URLs of the relevant specs.

> Source/WebCore/dom/Document.cpp:5036
> -void Document::initContentSecurityPolicy()
> +void Document::didUpdateSecurityOrigin()

Could you swap the order of these two functions so that the diff looks saner?
Comment 8 Adam Barth 2012-05-31 23:44:00 PDT 
Created attachment 145218 [details]
Patch for landing
Comment 9 WebKit Review Bot 2012-06-01 02:26:45 PDT 
Comment on attachment 145218 [details]
Patch for landing

Clearing flags on attachment: 145218

Committed r119204: <http://trac.webkit.org/changeset/119204>
Comment 10 WebKit Review Bot 2012-06-01 02:26:50 PDT 
All reviewed patches have been landed.  Closing bug.