Apologies for digging up an old thread; I didn't see it until now.
On Thu, Jul 24, 2014 at 7:59 AM, Alexey Proskuryakov a...@webkit.org wrote:
In other words, how is active content defined here?
Note that the WebAppSec WG is working on a mixed content spec that drops
the active/passive
(Resending from the right address, sorry...)
Perhaps relatedly (but probably not), the CQ and other Chromium EWS bots
apparently died about 13 hours ago: http://webkit-commit-queue.appspot.com/
Adam, Eric, mind taking a quick look?
-mike
-Mike
On Sun, Feb 17, 2013 at 12:29 PM, Mike West mk
Over the course of a few patches[1], I've refactored exception handling in
twoish ways:
1. Call sites which ASSERT that no exception occurred have been replaced
with the ASSERT_NO_EXCEPTION macro[2].
2. A new IGNORE_EXCEPTION macro is now available, intended to make it clear
that a method's
changing the behavior significantly.
-mike
-Mike
On Thu, Feb 7, 2013 at 10:17 AM, Mike West mk...@google.com wrote:
I just checked
http://philip.html5.org/tests/ie8/cases/content-type-nosniff.html in
IE10, and '
http://philip.html5.org/tests/ie8/cases/resources/script_as_text_plain_nosniff
Continuing my trend of digging up old threads, I'd like to implement
support for 'X-Content-Type-Options: nosniff' when processing script, as
discussed way back in 2011:
https://lists.webkit.org/pipermail/webkit-dev/2011-November/018557.html.
This should be a pretty small patch[1], but because
Way back in the depths of 2010, Mihai suggested that we begin to throw
exceptions when accessing Location properties across origins[1]. Currently,
we log a Unsafe JavaScript attempt to access... message to the console,
and return null. Hit http://talkingpointsmemo.com/ with the console open
for an
Hello, lovely WebKit folks.
If you never generate console messages for developers (seriously?), you can
stop reading.
Two changes have landed in the last week or so that I'd like to make you
aware of:
1. Call stacks or url/line numbers will now be autogenerated in the common
case
Thanks for the discussion, I'm happy this sparked some interest.
TL;DR: I'd like to strawman up a patch to talk more concretely about
implementation (webkit.org/b/98050 if you'd like to follow along), and
I'll start a
thread on www-dom to hammer out questions of interop.
On Mon, Oct 1, 2012 at
On Fri, May 4, 2012 at 3:13 AM, Adam Barth aba...@webkit.org wrote:
As CSP 1.1 matures (both in specification and
implementation), I plan to upstream the csp11 branch using this meta
bug: https://bugs.webkit.org/show_bug.cgi?id=85558.
Following up on this, I've just uploaded a patch to
9 matches
Mail list logo