[Webkit-unassigned] [Bug 117823] [Qt] Add interface API for origin whitelisting
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Mon Jul 22 03:52:26 PDT 2013
https://bugs.webkit.org/show_bug.cgi?id=117823
--- Comment #13 from Jocelyn Turcotte <jocelyn.turcotte at digia.com> 2013-07-22 03:52:17 PST ---
(From update of attachment 205684)
View in context: https://bugs.webkit.org/attachment.cgi?id=205684&action=review
> Source/WebKit/qt/Api/qwebsecurityorigin.cpp:271
> + Allows application/platform to whilelist an origin to have access to specific desitnations beyond same-origin-policy.
- The documentation should explain a bit what each parameter is about, also using the "\a" switch.
- No need to say "application/platform", who else would call this method?
> Source/WebKit/qt/Api/qwebsecurityorigin.cpp:273
> +void QWebSecurityOrigin::addOriginAccessWhitelistEntry(const QUrl& sourceOrigin, const QString& destinationProtocol, const QString& destinationHost, SubdomainSetting subdomainSetting)
The rest of the class names is "scheme" rather than "protocol", it would be nice to keep it consistent. It's also a bit clearer.
> Source/WebKit/qt/Api/qwebsecurityorigin.h:30
> + class SecurityPolicy;
I think you don't need this here.
> Source/WebKit/qt/Api/qwebsecurityorigin.h:52
> + static void addOriginAccessWhitelistEntry(const QUrl&, const QString&, const QString&, SubdomainSetting);
> + static void removeOriginAccessWhitelistEntry(const QUrl&, const QString&, const QString&, SubdomainSetting);
> + static void resetOriginAccessWhitelists();
The public header should always include parameter names.
I also think that having a QWebSecurityOrigin(const QUrl&) public constructor and have add/remove as member methods would be a cleaner API.
QWebSecurityOrigin basically wraps WebCore::SecurityOrigin and I don't see much reason to prevent its construction if SecurityOrigin allows it.
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list