[webkit-reviews] review denied: [Bug 39750] Allow peer frame navigation for file URLs when allowFileAccessFromFileURLs is false : [Attachment 57125] Patch
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Thu May 27 15:45:51 PDT 2010
Adam Barth <abarth at webkit.org> has denied Justin Schuh <jschuh at chromium.org>'s
request for review:
Bug 39750: Allow peer frame navigation for file URLs when
allowFileAccessFromFileURLs is false
https://bugs.webkit.org/show_bug.cgi?id=39750
Attachment 57125: Patch
https://bugs.webkit.org/attachment.cgi?id=57125&action=review
------- Additional Comments from Adam Barth <abarth at webkit.org>
This isn't quite accurate. This will allow sibling navigation. We only want
to allow descendants. What you want to do is move this check into
canAccessAncestor after
http://trac.webkit.org/browser/trunk/WebCore/loader/FrameLoader.cpp#L2149.
Basically, you want to fake that the call to |canAccess| there succeeds if both
security origins are local.
More information about the webkit-reviews
mailing list