[Webkit-unassigned] [Bug 149489] stop propagating custom scrollbar styles across iframe boundaries
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Sat Sep 26 14:43:49 PDT 2015
https://bugs.webkit.org/show_bug.cgi?id=149489
Steve Kobes <skobes at chromium.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |skobes at chromium.org
--- Comment #5 from Steve Kobes <skobes at chromium.org> ---
FYI, we discussed this in Blink on http://crbug.com/450577 and in https://groups.google.com/a/chromium.org/forum/#!topic/blink-dev/ULUvtsZ-YQY.
Consistency between Chrome and Safari was a particular concern since custom scrollbar styles are webkit-prefixed. If WebKit changed this, Blink would probably follow.
The current behavior makes it possible to detect overflow in a cross-origin iframe, which may have security implications (http://sirdarckcat.blogspot.com/2013/09/matryoshka-wrapping-overflow-leak-on.html).
--
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.webkit.org/pipermail/webkit-unassigned/attachments/20150926/28821f0b/attachment.html>
More information about the webkit-unassigned
mailing list