[webkit-reviews] review granted: [Bug 57433] clean up Document's handling of title changes : [Attachment 87488] Patch
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Wed Mar 30 03:34:59 PDT 2011
Ryosuke Niwa <rniwa at webkit.org> has granted Evan Martin <evan at chromium.org>'s
request for review:
Bug 57433: clean up Document's handling of title changes
https://bugs.webkit.org/show_bug.cgi?id=57433
Attachment 87488: Patch
https://bugs.webkit.org/attachment.cgi?id=87488&action=review
------- Additional Comments from Ryosuke Niwa <rniwa at webkit.org>
View in context: https://bugs.webkit.org/attachment.cgi?id=87488&action=review
> Source/WebCore/dom/Document.cpp:1354
> + if (m_titleElement)
Okay, so this code is valid because only HTMLTitleElement and SVGTitleElement
calls setTitleElement with an arbitrary element but that's not entirely obvious
to me.
Please assert that m_titleElement->hasTagName(titleTag). But I'd also prefer
to have the condition in the if statement as well because otherwise we'll be
introducing a security vulnerability if we ever hit the assertion.
More information about the webkit-reviews
mailing list