[Webkit-unassigned] [Bug 60800] InjectedScriptSource.js - "Don't be eval()."
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Fri May 13 14:32:47 PDT 2011
https://bugs.webkit.org/show_bug.cgi?id=60800
--- Comment #5 from Adam Barth <abarth at webkit.org> 2011-05-13 14:32:47 PST ---
> 1) JSON parsing. We can work around it by means of native JSON parsing that we use for the inspector protocol. It is just that we were lazy and used eval
Ok. That sounds like it's under control.
> 2) window.eval for console expression evaluation. I am not quite sure what you are suggesting to do with this one.
I've lost track of how this all fits together, but can we add a binding to InjectedScriptHost to call ScriptController::evaluate ? It's just the JavaScript eval function/operator that's blocked by CSP.
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list