[Webkit-unassigned] [Bug 23900] Prevent frames from calling themselves _top

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Thu Feb 19 01:58:34 PST 2009


https://bugs.webkit.org/show_bug.cgi?id=23900


ap at webkit.org changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
  Attachment #27749|review?                     |review-
               Flag|                            |




------- Comment #6 from ap at webkit.org  2009-02-19 01:58 PDT -------
(From update of attachment 27749)
What do other browsers do with e.g. "_foobar"? Please check, because being more
restrictive than others is dangerous. Have you checked that the name "_top" is
ignored by other browsers?

The test doesn't need to dump pixels, but it needs to have some text explaining
what's going on (the title alone isn't enough). This may be easier to achieve
with IFrame. E.g.

<p>Test for <a href="https://bugs.webkit.org/show_bug.cgi?id=23900">bug
23900</a>: A frame named _top crashes the browser.</p><p>PASS if no crash.</p>
<script>
if (window.layoutTestController)
     layoutTestController.dumpAsText();
</script>
<iframe name="_top" src="about:blank"></iframe>

The function allowedChildName() should be a static in cpp file - it doesn't use
data members, so there is no reason to make it a private member. We start such
function names with "is":

static bool isAllowedChildName(const AtomicString& name)
{...}


-- 
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.



More information about the webkit-unassigned mailing list