[webkit-reviews] review denied: [Bug 75155] [chromium] Add isSameSchemeHostPort method to WebSecurityOrigin : [Attachment 120419] Patch
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Thu Dec 22 18:13:27 PST 2011
Adam Barth <abarth at webkit.org> has denied Karl Koscher
<supersat at chromium.org>'s request for review:
Bug 75155: [chromium] Add isSameSchemeHostPort method to WebSecurityOrigin
https://bugs.webkit.org/show_bug.cgi?id=75155
Attachment 120419: Patch
https://bugs.webkit.org/attachment.cgi?id=120419&action=review
------- Additional Comments from Adam Barth <abarth at webkit.org>
View in context: https://bugs.webkit.org/attachment.cgi?id=120419&action=review
> Source/WebKit/chromium/public/WebSecurityOrigin.h:96
> + // Returns true if this origin matches the other's scheme, host, and
port
> + WEBKIT_EXPORT bool isSameSchemeHostPort(const WebSecurityOrigin&) const;
Hum... I can understand why you wrote this patch, but it makes me somewhat
sad. isSameSchemeHostPort is a tempting function to call, but it's almost
aways wrong. Is there some way we can do this access check inside of WebKit or
WebCore instead of exposing this sandtrap to the embedder?
More information about the webkit-reviews
mailing list