[Webkit-unassigned] [Bug 171321] Add flag allow-modals to iframe sandbox
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Wed Jul 12 01:23:30 PDT 2017
https://bugs.webkit.org/show_bug.cgi?id=171321
Frédéric Wang (:fredw) <fred.wang at free.fr> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |cdumez at apple.com,
| |dvoytenko at google.com,
| |malteubl at google.com,
| |rbyers at chromium.org
--- Comment #1 from Frédéric Wang (:fredw) <fred.wang at free.fr> ---
I did a quick check of the WebKit and Chromium code and I believe this won't be too difficult to implement.
@Bin Lu, Rick:
So if I understand correctly, WebKit currently always allows modal dialogs in sandboxed frames so implementing the allow-modals flag won't change anything for that case, right? The relevant benefit is when allow-modals is not specified: Modals dialogs would then be blocked, providing better security.
This is however a behavior change that might (in theory) break existing pages using dialogs in sandboxed frame. IIUC, only Gecko and Chromium implements that flag for now. What was your experience with that change at Google? I see that the Chromium counters give very low usage for dialogs in sandboxed frame: https://www.chromestatus.com/metrics/feature/timeline/popularity/767
--
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20170712/b1dfa691/attachment.html>
More information about the webkit-unassigned
mailing list