<html>

    <head>

      <base href="https://bugs.webkit.org/" />

    </head>

    <body><span class="vcard"><a class="email" href="mailto:achristensen&#64;apple.com" title="Alex Christensen &lt;achristensen&#64;apple.com&gt;"> <span class="fn">Alex Christensen</span></a>

</span> changed

              <a class="bz_bug_link 

          bz_status_NEW "

   title="NEW - [Content Extensions] Content blocking rules are not consulted for pings"

   href="https://bugs.webkit.org/show_bug.cgi?id=149873">bug 149873</a>

        <br>

             <table border="1" cellspacing="0" cellpadding="8">

          <tr>

            <th>What</th>

            <th>Removed</th>

            <th>Added</th>

          </tr>

         <tr>

           <td style="text-align:right;">Attachment #263155 Flags</td>

           <td>review?

           </td>

           <td>review+, commit-queue-

           </td>

         </tr></table>

      <p>

        <div>

            <b><a class="bz_bug_link 

          bz_status_NEW "

   title="NEW - [Content Extensions] Content blocking rules are not consulted for pings"

   href="https://bugs.webkit.org/show_bug.cgi?id=149873#c28">Comment # 28</a>

              on <a class="bz_bug_link 

          bz_status_NEW "

   title="NEW - [Content Extensions] Content blocking rules are not consulted for pings"

   href="https://bugs.webkit.org/show_bug.cgi?id=149873">bug 149873</a>

              from <span class="vcard"><a class="email" href="mailto:achristensen&#64;apple.com" title="Alex Christensen &lt;achristensen&#64;apple.com&gt;"> <span class="fn">Alex Christensen</span></a>

</span></b>

        <pre>Comment on <span class=""><a href="attachment.cgi?id=263155&amp;action=diff" name="attach_263155" title="Patch using Option (b)">attachment 263155</a> <a href="attachment.cgi?id=263155&amp;action=edit" title="Patch using Option (b)">[details]</a></span>

Patch using Option (b)

View in context: <a href="https://bugs.webkit.org/attachment.cgi?id=263155&amp;action=review">https://bugs.webkit.org/attachment.cgi?id=263155&amp;action=review</a>

r=me 

I don't think we should change the null checks in this patch.  That's a separate bug

<span class="quote">&gt; Source/WebCore/loader/PingLoader.cpp:143

&gt; -    request.setAllowCookies(frame.document()-&gt;securityOrigin()-&gt;isSameSchemeHostPort(SecurityOrigin::create(reportURL).ptr()));

&gt; +    if (Document* document = frame.document()) {

&gt; +        if (SecurityOrigin* securityOrigin = document-&gt;securityOrigin()) {

&gt; +            if (!securityOrigin-&gt;isSameSchemeHostPort(SecurityOrigin::create(reportURL).ptr()))

&gt; +                request.setAllowCookies(false);

&gt; +        }

&gt; +    }</span >

I like that this adds null checks, but not that this would fail to remove cookies if one of the null checks fails.  I think if the null checks fail, then we should setAllowCookies(false) to avoid sending cookies to somewhere we're not supposed to, which could be a privacy problem.</pre>

        </div>

      </p>

      <hr>

      <span>You are receiving this mail because:</span>

      <ul>

          <li>You are the assignee for the bug.</li>

      </ul>

    </body>

</html>