[Webkit-unassigned] [Bug 32369] Support for storage and databases in sandboxed iframes
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Fri Mar 12 06:53:58 PST 2010
https://bugs.webkit.org/show_bug.cgi?id=32369
--- Comment #3 from Patrik Persson <patrik.j.persson at ericsson.com> 2010-03-12 06:53:58 PST ---
(This comment really concerns the patch just submitted in comment #2.
I was a bit quick on the "submit" button.)
Adam, thanks for bringing this up in the What WG.
http://www.mail-archive.com/whatwg@lists.whatwg.org/msg19786.html
This is a patch to match the updated HTML5 spec wrt. iframe
sandboxing. The patch does two things:
- Enables window.sessionStorage in sandboxed iframes. (Removed
sandboxing check.)
- Raises SECURITY_ERR exceptions when window.localStorage or
window.openDatabase() is accessed in a sandboxed iframe. (Note:
window.sessionStorage does not raise exceptions.)
The patched behavior is in accordance with HTML5:
http://dev.w3.org/html5/webstorage/ (sections 4.2 and 4.3)
http://dev.w3.org/html5/webdatabase/ (section 4.1)
Raising exceptions in situations where WebKit would previously return
null could raise questions about compatibility. However, iframe
sandboxing is a recent experimental feature, currently implemented
only by WebKit.
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list