[webkit-qt] Interfaces to whitelist origins in QtWebkit API (your thoughts please!)

[Saha, Deepjyoti]

Hello Developers!

I would like to get your opinion/viewpoint on the following:

The QtWebkit API set in Qt 4.8 does not contain any intefraces which could allow a QtWebkit based browser to add/remove specific domains to be whitelisted for cross origin requests.  I understand that previosly these API's were exposed through the intefraces in "QWebSecurityOrigin" which invoked the  API's in WebCore's SecurityOrigin class. But currently the API's to add/remove a whitelist entry are exposed through WebCore's SecurityPolicy class and there are no interfaces in QtWebkit API to invoke the same.

I aslo noticed there was a bug raised and it was discussed in the following thread:
https://bugreports.qt-project.org/browse/QTWEBKIT-24?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel

But it has not been implemented yet. It would be great if you could let me could know of any particluar reason this was not taken up ?
To be specific were there any concerns from the  security standpoint on exposing such interfaces ?

Also I noticed that there have been similar implementation in the chrome and EFL port.

Thanks,

Regards,
Deepjyoti Saha


________________________________

This message is confidential and intended only for the addressee. If you have received this message in error, please immediately notify the postmaster at nds.com and delete it from your system as well as any copies. The content of e-mails as well as traffic data may be monitored by NDS for employment and security purposes.
To protect the environment please do not print this e-mail unless necessary.

An NDS Group Limited company. www.nds.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-qt/attachments/20130315/1c340097/attachment.html>