WebKit Bugzilla
New
Browse
Log In
×
Sign in with GitHub
or
Remember my login
Create Account
·
Forgot Password
Forgotten password account recovery
RESOLVED FIXED
95549
[GTK] Add API to get/set the security policy of a given URI scheme
https://bugs.webkit.org/show_bug.cgi?id=95549
Summary
[GTK] Add API to get/set the security policy of a given URI scheme
Carlos Garcia Campos
Reported
2012-08-31 03:48:14 PDT
This is useful to set the security policy for custom URI schemes, for example, to be treated as local or secure.
Attachments
Patch
(9.75 KB, patch)
2012-08-31 03:51 PDT
,
Carlos Garcia Campos
mrobinson
: review-
Details
Formatted Diff
Diff
Updated patch to address review comments
(10.02 KB, patch)
2012-09-06 08:19 PDT
,
Carlos Garcia Campos
mrobinson
: review+
Details
Formatted Diff
Diff
Show Obsolete
(1)
View All
Add attachment
proposed patch, testcase, etc.
Carlos Garcia Campos
Comment 1
2012-08-31 03:51:39 PDT
Created
attachment 161654
[details]
Patch
Carlos Garcia Campos
Comment 2
2012-08-31 05:50:04 PDT
I needed this API to implement custom URI schemes in Yelp in preparation for the WebKit2 port. See the last patch in this bug:
https://bugzilla.gnome.org/show_bug.cgi?id=683100
Mario Sanchez Prada
Comment 3
2012-09-03 01:11:59 PDT
The patch looks good to me. If I wanted to be a nitpicker I would just say "maybe expand a bit more the documentation, as in making some things clearer such as what a URI scheme is (maybe a reference to RFC 3986?) or what a 'CORS request' is (Cross-Origin Resource Sharing, I assume)"
Martin Robinson
Comment 4
2012-09-03 18:04:14 PDT
Comment on
attachment 161654
[details]
Patch View in context:
https://bugs.webkit.org/attachment.cgi?id=161654&action=review
Looks good to me! Just a couple comments.
> Source/WebKit/gtk/webkit/webkitglobals.h:149 > + * @WEBKIT_SECURITY_POLICY_NO_ACCESS: Pages loaded with this URI scheme
WEBKIT_SECURITY_POLICY_NO_ACCESS seems a bit too broad. Perhaps WEBKIT_SECURITY_POLICY_NO_ACCESS_TO_OTHER_SCHEMES or something better?
> Source/WebKit/gtk/webkit/webkitglobals.h:155 > + * @WEBKIT_SECURITY_POLICY_CORS_ENABLED: URI scheme that can be sent CORS requests.
Agree with Mario here that you might want to link to the CORS spec.
Carlos Garcia Campos
Comment 5
2012-09-06 08:19:07 PDT
Created
attachment 162512
[details]
Updated patch to address review comments
Carlos Garcia Campos
Comment 6
2012-09-06 09:49:20 PDT
Committed
r127749
: <
http://trac.webkit.org/changeset/127749
>
Note
You need to
log in
before you can comment on or make changes to this bug.
Top of Page
Format For Printing
XML
Clone This Bug