[webkit-reviews] review requested: [Bug 173162] Align Document::canNavigate on the HTM5 specification : [Attachment 314004] Patch
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Wed Jun 28 01:40:06 PDT 2017
Frédéric Wang (:fredw) <fred.wang at free.fr> has asked for review:
Bug 173162: Align Document::canNavigate on the HTM5 specification
https://bugs.webkit.org/show_bug.cgi?id=173162
Attachment 314004: Patch
https://bugs.webkit.org/attachment.cgi?id=314004&action=review
--- Comment #25 from Frédéric Wang (:fredw) <fred.wang at free.fr> ---
Created attachment 314004
--> https://bugs.webkit.org/attachment.cgi?id=314004&action=review
Patch
(In reply to Chris Dumez from comment #13)
> > Source/WebCore/dom/Document.cpp:3104
> > if (!isSandboxed(SandboxTopNavigation) && targetFrame ==
&m_frame->tree().top())
>
> Why is this still here?
(In reply to Frédéric Wang (:fredw) from comment #11)
> I have to check whether I can actually remove some conditions in canNavigate
> because when I initially tried (e.g. the one about "Frame-busting is
> generally allowed..."), this broke existing tests in WebKit.
So indeed, removing "frame-busting" breaks tests (comment 20) and it seems this
is still used by many pages, so I suspect we won't be able to remove it so
easily. For the record, Chromium people are trying to get rid of it but have
failed so far:
https://bugs.chromium.org/p/chromium/issues/detail?id=640057
https://github.com/WICG/interventions/issues/16
https://bugs.chromium.org/p/chromium/issues/detail?id=624061
https://cs.chromium.org/chromium/src/third_party/WebKit/Source/core/frame/Local
Frame.cpp?type=cs&q=Frame-busting
More information about the webkit-reviews
mailing list