[Webkit-unassigned] [Bug 21288] Implement HTML5's sandbox attribute for iframes
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Mon Nov 16 15:03:59 PST 2009
https://bugs.webkit.org/show_bug.cgi?id=21288
--- Comment #35 from Adam Barth <abarth at webkit.org> 2009-11-16 15:03:54 PST ---
FrameLoader is fine for now. We might move it later, but I'm not sure there's
another object that's better at the moment.
> I'm not sure all the isSandboxed calls are talking to the right frame. In
> particular, I am surprised that createWindow is checking openerFrame rather
> than either lexicalFrame or dynamicFrame and that FrameLoader::submitForm is
> checking the frame rather than the document. Those might be right, but I'm not
> sure they are.
lexicalFrame is likely correct here. dynamicFrame would be the "first script"
in HTML5 parlance. openerFrame is whatever the attacker wants it to be.
w.r.t. FrameLoader::submitForm, I think it's fine to use m_frame here. That
function only works for active documents anyway, so the frame and the document
are in harmony.
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list