[Webkit-unassigned] [Bug 36615] SecurityOrigin::isUnique() should not block HTML5 LocalStorage or Database access
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Fri Mar 26 09:31:19 PDT 2010
https://bugs.webkit.org/show_bug.cgi?id=36615
Jeremy Orlow <jorlow at chromium.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |eric at webkit.org,
| |patrik.j.persson at ericsson.c
| |om, scarybeasts at gmail.com
--- Comment #4 from Jeremy Orlow <jorlow at chromium.org> 2010-03-26 09:31:18 PST ---
(In reply to comment #3)
> (From update of attachment 51668 [details])
> This patch isn't correct. It would allow a sandboxed iframe to access the
> storage and database for the underlying origin.
You're right. This code changed since I last touched it and I didn't look
closely enough before making this change.
So the question is how to actually fix this. It seems that the isUnique flag
is already used for sandboxing and thus we should not use it for Chromium's
stricter same origin policy.
It seems as though it may be enough to have SecurityOrigin treat the file path
as the "host" portion of the URL, but this would affect other browser as
well...which was probably should not do lightly. If we can't affect everyone
else, we could maybe add a boolean to SecurityOrigin to tell it whether
different paths should be treated as unique origins.
None of these solutions seem particularly hard, but it's not perfectly clear
which one is correct.
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list