[webkit-dev] Blob changes to SecurityOrigin.cpp

Adam Barth abarth at webkit.org
Fri Sep 3 14:50:14 PDT 2010


I was looking at SecurityOrigin.cpp today and I saw a bunch of code
relating to Blob URLs.  I don't really understand why this code is
correct.  Would someone be willing to explain it to me?

Some specific questions:

1) Why do blob URLs get exception from the unique origin check?  How
does that interact with the HTML5 sandboxing model?
2) Why does SecurityOrigin::canLoad take a document as an argument?
What are the semantics of this parameter?  In particular, why does a
SecurityOrigin::canLoad ignore |this| when called with a document
argument on a blob URL?  That seems like a very bad idea.

In general, I'd prefer if folks checked with Sam or me before adding
loopholes in SecurityOrigin.  Although the class might appear simple,
it's quite subtle.

Adam


More information about the webkit-dev mailing list