[webkit-reviews] review granted: [Bug 207427] Expose "allowsContentJavaScript" on WKWebpagePreferences : [Attachment 390784] Patch
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Fri Feb 14 15:16:04 PST 2020
Darin Adler <darin at apple.com> has granted Brady Eidson <beidson at apple.com>'s
request for review:
Bug 207427: Expose "allowsContentJavaScript" on WKWebpagePreferences
https://bugs.webkit.org/show_bug.cgi?id=207427
Attachment 390784: Patch
https://bugs.webkit.org/attachment.cgi?id=390784&action=review
--- Comment #20 from Darin Adler <darin at apple.com> ---
Comment on attachment 390784
--> https://bugs.webkit.org/attachment.cgi?id=390784
Patch
View in context: https://bugs.webkit.org/attachment.cgi?id=390784&action=review
I like the public allowsContentJavaScript name so much better than the internal
scriptMarkupPolicy name.
> Source/WebCore/dom/Document.cpp:6817
> + if (!settings().scriptMarkupEnabled())
Seems slightly dangerous to still have this Settings::scriptMarkupEnabled
function. If anyone calls it and it returns true, they will likely do the wrong
thing. Maybe at some point we can rename it?
> Source/WebCore/dom/Document.cpp:6826
> + if (m_contextDocument)
> + return m_contextDocument->scriptMarkupEnabled();
> +
> + // If this Document is frameless or in the wrong frame, *and* it has
no context document,
> + // then it has no business running markup script.
> + return false;
I’d find this slightly easier to read as an && expression:
return m_contextDocument && m_contextDocument->scriptMarkupEnabled();
Also slightly annoying that there’s recursion here, but I suppose it’s unlikely
to recurse deeply.
> Source/WebCore/xml/XMLHttpRequest.cpp:194
> m_responseDocument->setContextDocument(context);
> +
m_responseDocument->setContent(m_responseBuilder.toStringPreserveCapacity());
>
m_responseDocument->setSecurityOriginPolicy(context.securityOriginPolicy());
> m_responseDocument->overrideMIMEType(mimeType);
Maybe we should also move up the setSecurityOriginPolicy and overrideMIMEType
calls up before we call setContent too? Seems like we’d want all those things
set before we do any parsing.
> Source/WebKit/WebProcess/WebPage/WebFrame.cpp:269
> + ASSERT(page());
What guarantees page() is not null?
More information about the webkit-reviews
mailing list