[webkit-reviews] review denied: [Bug 108666] Continue making XSSAuditor thread safe: Remove dependency on the parser's tokenizer : [Attachment 186082] Patch
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Fri Feb 1 11:42:56 PST 2013
Adam Barth <abarth at webkit.org> has denied Tony Gentilcore
<tonyg at chromium.org>'s request for review:
Bug 108666: Continue making XSSAuditor thread safe: Remove dependency on the
parser's tokenizer
https://bugs.webkit.org/show_bug.cgi?id=108666
Attachment 186082: Patch
https://bugs.webkit.org/attachment.cgi?id=186082&action=review
------- Additional Comments from Adam Barth <abarth at webkit.org>
View in context: https://bugs.webkit.org/attachment.cgi?id=186082&action=review
> Source/WebCore/html/parser/HTMLDocumentParser.cpp:95
> + m_xssAuditor.setTokenizer(m_tokenizer.get());
Hum... This approach look dangerous because m_tokenizer now has a shorter
lifetime than HTMLDocumentParser and therefore m_xssAuditor. We do that
because we now have the ability to move the tokenizer back and forth between
the main and background thread.
Can we pass the tokenizer each time we call filterToken?
More information about the webkit-reviews
mailing list