Bug 88014 - sandbox directive in X-WebKit-CSP header unable to create a unique origin
Summary: sandbox directive in X-WebKit-CSP header unable to create a unique origin
Status: RESOLVED FIXED
Alias: None
Product: WebKit
Classification: Unclassified
Component: New Bugs (show other bugs)
Version: 528+ (Nightly build)
Hardware: Unspecified Unspecified
: P2 Normal
Assignee: Adam Barth
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2012-05-31 14:55 PDT by Adam Barth
Modified: 2012-06-01 02:26 PDT (History)
5 users (show)

See Also:


Attachments
Patch (8.88 KB, patch)
2012-05-31 15:02 PDT, Adam Barth
no flags Details | Formatted Diff | Diff
Patch (14.93 KB, patch)
2012-05-31 18:13 PDT, Adam Barth
no flags Details | Formatted Diff | Diff
Patch (14.96 KB, patch)
2012-05-31 19:22 PDT, Adam Barth
no flags Details | Formatted Diff | Diff
Patch for landing (14.96 KB, patch)
2012-05-31 23:44 PDT, Adam Barth
no flags Details | Formatted Diff | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Adam Barth 2012-05-31 14:55:30 PDT
sandbox directive in X-WebKit-CSP header unable to create a unique origin
Comment 1 Adam Barth 2012-05-31 15:02:09 PDT
Created attachment 145164 [details]
Patch
Comment 2 Build Bot 2012-05-31 15:29:31 PDT
Comment on attachment 145164 [details]
Patch

Attachment 145164 [details] did not pass mac-ews (mac):
Output: http://queues.webkit.org/results/12868326
Comment 3 Adam Barth 2012-05-31 18:13:59 PDT
Created attachment 145185 [details]
Patch
Comment 4 Build Bot 2012-05-31 18:51:59 PDT
Comment on attachment 145185 [details]
Patch

Attachment 145185 [details] did not pass mac-ews (mac):
Output: http://queues.webkit.org/results/12860493
Comment 5 Adam Barth 2012-05-31 19:22:39 PDT
Created attachment 145196 [details]
Patch
Comment 6 Mihai Parparita 2012-05-31 20:40:39 PDT
Comment on attachment 145196 [details]
Patch

View in context: https://bugs.webkit.org/attachment.cgi?id=145196&action=review

> Source/WebCore/ChangeLog:14
> +        the SandboxOrigin bit. This patch is more complicated than you migh

Typo: migh
Comment 7 Ryosuke Niwa 2012-05-31 23:01:28 PDT
Comment on attachment 145196 [details]
Patch

View in context: https://bugs.webkit.org/attachment.cgi?id=145196&action=review

> Source/WebCore/ChangeLog:11
> +        sandbox directive in CSP couldn't create a unique origin.

Please add URLs of the relevant specs.

> Source/WebCore/dom/Document.cpp:5036
> -void Document::initContentSecurityPolicy()
> +void Document::didUpdateSecurityOrigin()

Could you swap the order of these two functions so that the diff looks saner?
Comment 8 Adam Barth 2012-05-31 23:44:00 PDT
Created attachment 145218 [details]
Patch for landing
Comment 9 WebKit Review Bot 2012-06-01 02:26:45 PDT
Comment on attachment 145218 [details]
Patch for landing

Clearing flags on attachment: 145218

Committed r119204: <http://trac.webkit.org/changeset/119204>
Comment 10 WebKit Review Bot 2012-06-01 02:26:50 PDT
All reviewed patches have been landed.  Closing bug.