[webkit-reviews] review requested: [Bug 21288] Implement HTML5's sandbox attribute for iframes : [Attachment 42859] Revised patch for HTML5 sandboxing.
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Tue Nov 10 06:11:18 PST 2009
Patrik Persson <patrik.j.persson at ericsson.com> has asked for review:
Bug 21288: Implement HTML5's sandbox attribute for iframes
https://bugs.webkit.org/show_bug.cgi?id=21288
Attachment 42859: Revised patch for HTML5 sandboxing.
https://bugs.webkit.org/attachment.cgi?id=42859&action=review
------- Additional Comments from Patrik Persson <patrik.j.persson at ericsson.com>
Updated in response to your feedback on the previous version. A few general
comments:
* A copy of the sandbox status is now kept in the document's
SecurityOrigin, as discussed in posts 8, 10, and 14.
* Both setter and getter for Document::cookie now raise exceptions,
like they should). The FIXME note that used to be in Document.idl has
been moved to Document.cpp, and made more specific.
* A new test has been added for the attribute parser, to ensure that
it behaves nicely when given unconventional input.
* We have combined some test cases into larger ones: plugins
(applets+embeds+objects), allowed navigation (child navigation, self
navigation, sandbox propagation).
* Finally, we have set 'svn:executable' on our CGI scripts, but we
just can't get that carry over from svn-create-patch to
svn-apply. You may need to do
cd LayoutTests/http/tests/xmlhttprequest/resources
chmod a+x access-control-sandboxed-iframe-*.cgi
for things to work properly after patching.
More information about the webkit-reviews
mailing list