[webkit-reviews] review granted: [Bug 92649] [Qt] REGRESSION http/tests/security/contentSecurityPolicy/object-src-none-blocked.html fails after r123978 : [Attachment 156356] Patch
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Fri Aug 3 09:14:06 PDT 2012
Adam Barth <abarth at webkit.org> has granted Mike West <mkwst at chromium.org>'s
request for review:
Bug 92649: [Qt] REGRESSION
http/tests/security/contentSecurityPolicy/object-src-none-blocked.html fails
after r123978
https://bugs.webkit.org/show_bug.cgi?id=92649
Attachment 156356: Patch
https://bugs.webkit.org/attachment.cgi?id=156356&action=review
------- Additional Comments from Adam Barth <abarth at webkit.org>
View in context: https://bugs.webkit.org/attachment.cgi?id=156356&action=review
>>> Source/WebCore/loader/SubframeLoader.cpp:-130
>>> - return false;
>>
>> I assume you removed this check because you don't have a renderer yet at
this point?
>>
>> Are there code paths that go through requestPlugin but never loadPlugin?
>
> Right. Since someone already called out the dependence on renderer in
loadPlugin as an issue, I decided that introducing it in another method would
be a bad idea.
>
> loadPlugin and requestPlugin are both private methods of SubframeLoader, and
so far as I can tell, loadPlugin is only called inside SubframeLoader from
requestPlugin. Removing this check here seems safe.
Is the isSandboxed(SandboxPlugins) needed? Should we add an ASSERT?
More information about the webkit-reviews
mailing list