[webkit-reviews] review granted: [Bug 70574] [JSC] Don't sanitize window.onerror information on crossorigin-enabled scripts : [Attachment 165904] Patch
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Wed Nov 7 12:00:56 PST 2012
Geoffrey Garen <ggaren at apple.com> has granted Pablo Flouret
<pablof at motorola.com>'s request for review:
Bug 70574: [JSC] Don't sanitize window.onerror information on
crossorigin-enabled scripts
https://bugs.webkit.org/show_bug.cgi?id=70574
Attachment 165904: Patch
https://bugs.webkit.org/attachment.cgi?id=165904&action=review
------- Additional Comments from Geoffrey Garen <ggaren at apple.com>
View in context: https://bugs.webkit.org/attachment.cgi?id=165904&action=review
It looks like all of Adam's prior comments have been addressed, and this patch
looks good to me, so I'll say r+.
Please fix the initializer before landing.
> Source/WebCore/bindings/js/ScriptSourceCode.h:49
> + , m_cachedScript(0)
Explicit initialization is not required here. The class default-initializes to
null.
> Source/WebCore/bindings/js/ScriptSourceCode.h:78
> RefPtr<JSC::SourceProvider> m_provider;
>
> JSC::SourceCode m_code;
> -
> +
> + CachedResourceHandle<CachedScript> m_cachedScript;
It's a little disappointing to have both a SourceProvider and a CachedScript
pointer, since these will point to the same thing. But I don't have an
immediate suggestion for how to fix this.
More information about the webkit-reviews
mailing list