[webkit-reviews] review granted: [Bug 185412] Use PlatformStrategies to switch between WebKit and WebKitLegacy checking of CSP frame-ancestors and X-Frame-Options : [Attachment 340128] Patch
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Thu May 10 21:48:08 PDT 2018
Ryosuke Niwa <rniwa at webkit.org> has granted Daniel Bates <dbates at webkit.org>'s
request for review:
Bug 185412: Use PlatformStrategies to switch between WebKit and WebKitLegacy
checking of CSP frame-ancestors and X-Frame-Options
https://bugs.webkit.org/show_bug.cgi?id=185412
Attachment 340128: Patch
https://bugs.webkit.org/attachment.cgi?id=340128&action=review
--- Comment #4 from Ryosuke Niwa <rniwa at webkit.org> ---
Comment on attachment 340128
--> https://bugs.webkit.org/attachment.cgi?id=340128
Patch
View in context: https://bugs.webkit.org/attachment.cgi?id=340128&action=review
> Source/WebCore/loader/LoaderStrategy.h:84
> + virtual bool shouldPerformSecurityChecks() const { return false; }
This doesn't tell us what kind of security checks we're performing.
How about shouldRestrictedHTTPResponseAccess instead?
That would be very descriptive of the feature we're conditioning.
> Source/WebCore/loader/LoaderStrategy.h:85
> + virtual bool havePerformedSecurityChecks(const ResourceResponse&) const
{ return false; }
And how about haveRestrictedHTTPResponseAccess for this one?
More information about the webkit-reviews
mailing list