[webkit-dev] Best way to disable JavaScript

Geoffrey Garen ggaren at apple.com
Tue Mar 19 14:50:35 PDT 2013

Hi Jochen.

> Adam also cited the Chromium WebKit allowScriptFromSource/didNotAllowScript API.
> From looking at how it hooks into WebCore, it appears to require the decision to execute a script to be dynamic, even when scripting is generally disabled.
> We implement a rule system (called content settings) where script execution (but also e.g. cookies) can be controlled depending on the security origin of the frame, and the security origin of the main frame. This allows for allow scripts from the main frame's security origin to run, while third-party scripts are blocked.

To clarify, do you expect both allowScriptFromSource and didNotAllowScript to fire when JavaScript is disabled? If JavaScript is disabled, but allowScriptFromSource returns true, do you expect the script to execute or not?

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-dev/attachments/20130319/29cfe5b9/attachment.html>

More information about the webkit-dev mailing list