[Webkit-unassigned] [Bug 17651] New: Sandbox plug-ins to run in a separate process
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Mon Mar 3 08:52:37 PST 2008
http://bugs.webkit.org/show_bug.cgi?id=17651
Summary: Sandbox plug-ins to run in a separate process
Product: WebKit
Version: 525+ (Nightly build)
Platform: Macintosh
OS/Version: Mac OS X 10.5
Status: UNCONFIRMED
Severity: Enhancement
Priority: P3
Component: Plug-ins
AssignedTo: webkit-unassigned at lists.webkit.org
ReportedBy: mjr at eyesee360.com
Features introduced in Leopard should make it possible to have plug-ins execute
in their own process while rendering within a page. This would introduce a
considerable benefit to stability, as plug-ins could no longer cause a crash in
the host process.
The basic idea would be to have a separate process for the plug-in rendering
into its own off-screen window. The separate process itself could use WebKit so
that the environment as seen by the plug-in is unaffected.
In the host process, a stand-in for the plug-in would facilitate the exchange
with the plug-in process.
CGWindowListCreateImage() would be an avenue for grabbing the rendering of the
plug-in and drawing it into the web view properly. IPC would be used to
transfer host events (UI and programmatic) to the plug-in process, similarly
for outbound programmatic events sent by the plug-in.
The host plug-in would monitor the status of the plug-in process and disconnect
rendering safely should the process die. The host could post a message to the
user that a plug-in has crashed, giving them the option to re-initialize it or
to stop it. When stopped, a default rendering will be drawn by the host (e.g. a
broken plug-in icon of some sort).
--
Configure bugmail: http://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
More information about the webkit-unassigned
mailing list