[Webkit-unassigned] [Bug 21288] Implement HTML5's sandbox attribute for iframes
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Tue Nov 17 23:12:25 PST 2009
https://bugs.webkit.org/show_bug.cgi?id=21288
--- Comment #39 from Darin Adler <darin at apple.com> 2009-11-17 23:12:19 PST ---
(In reply to comment #37)
> * Moved sandboxing check from SecurityOrigin::isSameSchemeHostPort()
> to SecurityOrigin::equal(). (Database origin checks depend on it.)
The database origin checks should use a higher level function rather than an
"equal" function. We just need a name.
> * I have NOT addressed the comment on ScriptController::isEnabled()
> (comment #32). There's quite a lot of calls to it. If someone
> proposes a better name for this function (or another way of doing
> it), we'll be happy to change it.
I agree with Alexey that we need a name change since it's now checking more
than just whether scripting is enabled. I'd like to look at call sites to
figure out what they are checking. Maybe they are checking if they can execute
scripts, in which case canExecuteScripts() would be one good name. Or maybe
they are checking something else.
It's true that there are between 10 and 20 call sites, but I don't think that's
too many to rename. I won't insist on doing it in this patch, but I'd like to
see it done. To keep the code readable over time it is important to avoid
letting design changes creep in that subtle change the meanings of functions,
while retaining their old names.
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list