[Webkit-unassigned] [Bug 38705] chromium fails http/tests/sandbox-inherit-to-initial-document-2
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Wed Jul 14 17:15:31 PDT 2010
https://bugs.webkit.org/show_bug.cgi?id=38705
--- Comment #7 from Rajiv Makhijani <rajivmakhijani at chromium.org> 2010-07-14 17:15:31 PST ---
I traced back this problem as follows:
WebCore::FrameLoader::isSandboxed
WebCore::ScriptController::canExecuteScripts
WebCore::V8Proxy::retrieve
WebCore::V8Proxy::mainWorldContext
WebCore::V8Proxy::context
WebCore::toV8
WebCore::V8DomWindow::indexedPropertyGetter
I could not find any reason why "retrieve" needed to check that canExecuteScripts was okay in this case. This check was causing undefined to be returned because the sandbox attribute did not include "allow-scripts."
I also investigated whether other uses of "retrieve" were reliant on this check, but I could find no such instances.
Therefore I have attached a patch which removes the canExecuteScripts check.
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list