[webkit-reviews] review denied: [Bug 39670] [Qt] WebView::setUrl crashes after Qt4.7 : [Attachment 75858] Patch
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Thu Dec 23 17:40:14 PST 2010
Adam Barth <abarth at webkit.org> has denied Jan Erik Hanssen
<jhanssen at gmail.com>'s request for review:
Bug 39670: [Qt] WebView::setUrl crashes after Qt4.7
https://bugs.webkit.org/show_bug.cgi?id=39670
Attachment 75858: Patch
https://bugs.webkit.org/attachment.cgi?id=75858&action=review
------- Additional Comments from Adam Barth <abarth at webkit.org>
View in context: https://bugs.webkit.org/attachment.cgi?id=75858&action=review
> WebKit/qt/Api/qwebframe.cpp:709
> + if (d->frame->loader()->isLoading())
> + d->frame->loader()->stopAllLoaders();
> d->frame->loader()->writer()->begin(absolute);
> d->frame->loader()->writer()->end();
These methods are all way too low-level to be called from WebKit. You should
call some API on FrameLoader that does what you want. This code might well be
a security vulnerability too. I'd have to look into the details. The issue is
you're spamming "absolute" over the document, which will give whoever has a
pointer to the document access the cookies for "absolute".
More information about the webkit-reviews
mailing list