[webkit-reviews] review requested: [Bug 49329] [PATCH] do not allow access to session and local storage when in private browsing mode : [Attachment 73510] [PATCH] checks privateBrowsingEnabled() on local/session storage access
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Wed Nov 10 10:59:00 PST 2010
Anton D'Auria <adauria at apple.com> has asked for review:
Bug 49329: [PATCH] do not allow access to session and local storage when in
private browsing mode
https://bugs.webkit.org/show_bug.cgi?id=49329
Attachment 73510: [PATCH] checks privateBrowsingEnabled() on local/session
storage access
https://bugs.webkit.org/attachment.cgi?id=73510&action=review
------- Additional Comments from Anton D'Auria <adauria at apple.com>
Check privateBrowsingEnabled() on local/session storage reads from
WebCore::Storage. WebCore::StorageAreaImpl checks the privateBrowsingEnabled
setting on writes, so perhaps this patch should be in StorageAreaImpl, though
that would require a change to the interface to pass down a frame pointer. I
would actually prefer moving all the checks to WebCore::Storage. If the
reviewer thinks we should deny access at the same level, -r this patch.
More information about the webkit-reviews
mailing list