[webkit-reviews] review denied: [Bug 33469] Support injection of inspector scripts into the inspected ScriptState : [Attachment 46277] patch
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Mon Jan 11 12:28:22 PST 2010
Geoffrey Garen <ggaren at apple.com> has denied Yury Semikhatsky
<yurys at chromium.org>'s request for review:
Bug 33469: Support injection of inspector scripts into the inspected
ScriptState
https://bugs.webkit.org/show_bug.cgi?id=33469
Attachment 46277: patch
https://bugs.webkit.org/attachment.cgi?id=46277&action=review
------- Additional Comments from Geoffrey Garen <ggaren at apple.com>
Usually, we don't allow direct interaction between a web page and the
inspector, because direct interaction opens a security hole. Why should we make
an exception here? Is it safe to do so?
+ void discardInjectedScripts();
This function is never called. Will m_idToInjectedScript grow unbounded?
+ m_nextInjectedScriptId++;
Eventually, this identifier will wrap around, and may collide with previously
vended identifiers. To fix this, I would recommend using the (intptr_t) value
of injectedScriptObject as your identifier.
More information about the webkit-reviews
mailing list