[webkit-reviews] review granted: [Bug 184029] ContentSecurityPolicy::upgradeInsecureRequestIfNeeded() should be called from the main thread : [Attachment 336626] Alternative patch using SecurityOriginData
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Tue Mar 27 16:06:16 PDT 2018
youenn fablet <youennf at gmail.com> has granted Chris Dumez <cdumez at apple.com>'s
request for review:
Bug 184029: ContentSecurityPolicy::upgradeInsecureRequestIfNeeded() should be
called from the main thread
https://bugs.webkit.org/show_bug.cgi?id=184029
Attachment 336626: Alternative patch using SecurityOriginData
https://bugs.webkit.org/attachment.cgi?id=336626&action=review
--- Comment #14 from youenn fablet <youennf at gmail.com> ---
Comment on attachment 336626
--> https://bugs.webkit.org/attachment.cgi?id=336626
Alternative patch using SecurityOriginData
View in context: https://bugs.webkit.org/attachment.cgi?id=336626&action=review
> Source/WebCore/loader/DocumentWriter.cpp:158
> + HashSet<SecurityOriginData> insecureNavigationRequestsToUpgrade;
insecureNavigationRequestsToUpgrade seems not totally correct.
insecureNavigationRequestOriginsToUpgrade seems better, but maybe not worth the
refactoring effort, since it would require changing
takeNavigationRequestsToUpgrade and m_insecureNavigationRequestsToUpgrade?
> Source/WebCore/page/csp/ContentSecurityPolicy.h:167
> + HashSet<SecurityOriginData>&& takeNavigationRequestsToUpgrade();
Why not HashSet<SecurityOriginData>?
More information about the webkit-reviews
mailing list