[Webkit-unassigned] [Bug 265130] New allow="payment" attribute does not work in nested iFrame lacking the src attribute
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Tue Dec 5 07:56:10 PST 2023
https://bugs.webkit.org/show_bug.cgi?id=265130
--- Comment #9 from RLambert <appsbylamby at gmail.com> ---
(In reply to Abrar Rahman Protyasha from comment #7)
> Created attachment 468812 [details]
> Diff to address bug 265130
>
> So, I think we can consider the frame secure if its owner is secure, so we
> should be consulting `SecurityPolicy::shouldInheritSecurityOriginFromOwner`
> here. A diff like this will probably work, but I haven't introduced any
> testing for this.
@Abrar is there a PR on https://github.com/WebKit/WebKit associated with this?
--
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20231205/af69e4fd/attachment-0001.htm>
More information about the webkit-unassigned
mailing list