[Webkit-unassigned] [Bug 21288] Implement HTML5's sandbox attribute for iframes
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Tue Nov 10 06:11:21 PST 2009
https://bugs.webkit.org/show_bug.cgi?id=21288
Patrik Persson <patrik.j.persson at ericsson.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Attachment #42859| |review?
Flag| |
--- Comment #21 from Patrik Persson <patrik.j.persson at ericsson.com> 2009-11-10 06:11:18 PDT ---
Created an attachment (id=42859)
--> (https://bugs.webkit.org/attachment.cgi?id=42859)
Revised patch for HTML5 sandboxing.
Updated in response to your feedback on the previous version. A few general
comments:
* A copy of the sandbox status is now kept in the document's
SecurityOrigin, as discussed in posts 8, 10, and 14.
* Both setter and getter for Document::cookie now raise exceptions,
like they should). The FIXME note that used to be in Document.idl has
been moved to Document.cpp, and made more specific.
* A new test has been added for the attribute parser, to ensure that
it behaves nicely when given unconventional input.
* We have combined some test cases into larger ones: plugins
(applets+embeds+objects), allowed navigation (child navigation, self
navigation, sandbox propagation).
* Finally, we have set 'svn:executable' on our CGI scripts, but we
just can't get that carry over from svn-create-patch to
svn-apply. You may need to do
cd LayoutTests/http/tests/xmlhttprequest/resources
chmod a+x access-control-sandboxed-iframe-*.cgi
for things to work properly after patching.
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list