[webkit-reviews] review granted: [Bug 227343] [GTK] MiniBrowser: add an option to enable the web process sandbox : [Attachment 432143] Patch
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Thu Jun 24 08:46:28 PDT 2021
Michael Catanzaro <mcatanzaro at gnome.org> has granted Carlos Garcia Campos
<cgarcia at igalia.com>'s request for review:
Bug 227343: [GTK] MiniBrowser: add an option to enable the web process sandbox
https://bugs.webkit.org/show_bug.cgi?id=227343
Attachment 432143: Patch
https://bugs.webkit.org/attachment.cgi?id=432143&action=review
--- Comment #2 from Michael Catanzaro <mcatanzaro at gnome.org> ---
Comment on attachment 432143
--> https://bugs.webkit.org/attachment.cgi?id=432143
Patch
View in context: https://bugs.webkit.org/attachment.cgi?id=432143&action=review
> Tools/MiniBrowser/gtk/main.c:149
> + { "enable-sandbox", 0, 0, G_OPTION_ARG_NONE, &enableSandbox, "Enable web
process sandbox support", NULL },
Ideally it would be on by default, to have the best chance of avoiding mistakes
like developing new features that are incompatible with the sandbox (it has
happened recently). I guess the sandbox will probably break layout tests if
we're not careful, though. And I know you want to avoid waiting for D-Bus
registration when running layout tests.
So I would flip it to disable-sandbox, if possible.
> Tools/MiniBrowser/gtk/main.c:682
> + if (!webkit_website_data_manager_is_ephemeral(manager)) {
> + webkit_web_context_add_path_to_sandbox(webContext,
webkit_website_data_manager_get_base_data_directory(manager), TRUE);
> + webkit_web_context_add_path_to_sandbox(webContext,
webkit_website_data_manager_get_base_cache_directory(manager), TRUE);
> + }
Um, I thought this was supposed to be done automatically, but I can't find any
code for it, so I guess it has to be manual. :/
More information about the webkit-reviews
mailing list