[webkit-dev] Blacklisting some sqlite functions
Dumitru Daniliuc
dumi at chromium.org
Thu Jan 7 12:13:28 PST 2010
>
> in addition to these standard functions, we'd like to whitelist some
> functions from a few extensions chromium uses:
> full text search (fts2.c): whitelist snippet(), offsets(), optimize(), but
> not fts2_tokenizer().
> unicode data (icu.c): whitelist regexp(), lower(), upper(), like(), but not
> icu_load_collation().
>
>
> Is there any reason these are still Chromium-only? Even though we're
> having problems getting different vendors to agree on SQL dialect issues
> with the spec, I think we should make an effort to keep WebKit unified.
>
FTS and ICU are sqlite standard extensions that live in the sqlite tree.
Chromium compiles its own sqlite library and includes these 2 extensions;
I'm not sure if they're included in WebKitLibraries/libWebCoreSQLite3.a
though.
> I'm also going to forward this message on to some of our security
> colleagues at Apple, and we might have more feedback shortly.
>
great, thanks!
dumi
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-dev/attachments/20100107/e72d2c21/attachment.html>
More information about the webkit-dev
mailing list