[Webkit-unassigned] [Bug 58282] Core Animation plugin layers are incorrectly released

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Sat Jul 7 03:27:49 PDT 2012


--- Comment #7 from Stuart Morgan <stuartmorgan at chromium.org>  2012-07-07 03:27:49 PST ---
(In reply to comment #6)
> - The seemingly logic approach of special-casing browsers that do the wrong thing by doing a UA-check to do the retain is, as far as I can tell, impossible to get right. It's impossible to enumerate the apps that are wrong because every WebKit.framework-based app is wrong, and they could have basically any UA.

I had a thought today; I'm not sure why this had never occurred to me before: instead of looking at the UA, a plugin vendor can look for support for the Invalidating Core Animation model. Since any non-Apple implementation of a CA plugin host would want to support ICA for performance reasons, plugin vendors could reasonably assume that a browser that doesn't support ICA must be WebKit.framework-based, and only then violate the spec by leaking the layer.

That solves the enumeration problem, and means that it's not fragile to users doing UA spoofing.

Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

More information about the webkit-unassigned mailing list