[Webkit-unassigned] [Bug 14319] Move the Selection object out of the JS bindings
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Tue Jun 26 14:26:22 PDT 2007
http://bugs.webkit.org/show_bug.cgi?id=14319
ggaren at apple.com changed:
What |Removed |Added
----------------------------------------------------------------------------
Attachment #15210|review? |review+
Flag| |
------- Comment #4 from ggaren at apple.com 2007-06-26 14:26 PDT -------
(From update of attachment 15210)
+ return "";
A different way to do this is to return String(), which gives you the null
string. I'm not sure which we want here -- null string or empty string --
though. Empty seems fine.
This patch doesn't fix the security problem, but, like I said, I don't think it
introduced the problem, either. Can you file a new bug about it?
One solution to the security problem would be to call
DOMSelection::disconnectFrame inside Window::clear. Another solution would be
to include isSafeScript checks in the JSSelection object.
--
Configure bugmail: http://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
More information about the webkit-unassigned
mailing list