[Webkit-unassigned] [Bug 149489] stop propagating custom scrollbar styles across iframe boundaries

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Sat Sep 26 14:43:49 PDT 2015


Steve Kobes <skobes at chromium.org> changed:

           What    |Removed                     |Added
                 CC|                            |skobes at chromium.org

--- Comment #5 from Steve Kobes <skobes at chromium.org> ---
FYI, we discussed this in Blink on http://crbug.com/450577 and in https://groups.google.com/a/chromium.org/forum/#!topic/blink-dev/ULUvtsZ-YQY.

Consistency between Chrome and Safari was a particular concern since custom scrollbar styles are webkit-prefixed.  If WebKit changed this, Blink would probably follow.

The current behavior makes it possible to detect overflow in a cross-origin iframe, which may have security implications (http://sirdarckcat.blogspot.com/2013/09/matryoshka-wrapping-overflow-leak-on.html).

You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.webkit.org/pipermail/webkit-unassigned/attachments/20150926/28821f0b/attachment.html>

More information about the webkit-unassigned mailing list