[webkit-reviews] review granted: [Bug 73083] Fix the Frame Leak Attack : [Attachment 135923] Alternate patch
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Fri Apr 6 13:25:27 PDT 2012
Adam Barth <abarth at webkit.org> has granted Thomas Sepez <tsepez at chromium.org>'s
request for review:
Bug 73083: Fix the Frame Leak Attack
https://bugs.webkit.org/show_bug.cgi?id=73083
Attachment 135923: Alternate patch
https://bugs.webkit.org/attachment.cgi?id=135923&action=review
------- Additional Comments from Adam Barth <abarth at webkit.org>
View in context: https://bugs.webkit.org/attachment.cgi?id=135923&action=review
This patch looks great. I would just add some more information to the
ChangeLog.
> Source/WebCore/ChangeLog:9
> + Match FF behaviour: FF has done this for all iframes for a year now,
but our change
> + is less disruptive in that it only does this in the cross-orgin
case.
These two sentences confuse me. Are we matching Firefox's behavior or not? If
we're not matching their behavior, we should explain why in more detail.
More information about the webkit-reviews
mailing list