[webkit-reviews] review requested: [Bug 21288] Implement HTML5's sandbox attribute for iframes : [Attachment 43585] Revised patch in response to comment #51.
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Fri Nov 20 09:08:51 PST 2009
Patrik Persson <patrik.j.persson at ericsson.com> has asked for review:
Bug 21288: Implement HTML5's sandbox attribute for iframes
https://bugs.webkit.org/show_bug.cgi?id=21288
Attachment 43585: Revised patch in response to comment #51.
https://bugs.webkit.org/attachment.cgi?id=43585&action=review
------- Additional Comments from Patrik Persson <patrik.j.persson at ericsson.com>
* Renamed helper JavaEnabled() in HTMLAppletElement to canEmbedJava().
* Added early return in HTMLIFrameElement, for the case when there is
no sandbox attribute.
* Inlined FrameLoader::ownerElementSandboxFlagsChanged().
* Reverted FrameLoader::updateSandboxFlags() to recursive
implementation.
* Added method Document::updateSandboxFlags(). Although this is a
one-liner, I didn't inline it to avoid #including SecurityOrigin.h.
* Changed Document::initSecurityContext() and
FrameLoader::updateSandboxFlags() to invoke
Document::updateSandboxFlags().
* Added named policy checks for storage and database access in
SecurityOrigin, and modified DOMWindow to use these new checks.
More information about the webkit-reviews
mailing list