Thanks for bring up this issue. We're tracking this at:
http://code.google.com/p/chromium/issues/detail?id=1647
Adam
On Sat, Sep 6, 2008 at 8:27 PM, John Steenbruggen
[EMAIL PROTECTED] wrote:
The URL bar completion and search feature of the Chrome causes the
full typed URL to be send to
I'm happy to review changelists as well as I'm partly to blame for the
lack of unit tests.
Adam
On Thu, Sep 18, 2008 at 12:47 PM, Wan-Teh Chang [EMAIL PROTECTED] wrote:
On Thu, Sep 18, 2008 at 11:32 AM, Avi Drissman [EMAIL PROTECTED] wrote:
I'm going to land some preliminary work on the
I don't quite understand your question. Clients of X509Certificate
should be oblivious of the cache. A client obtains a pointer to a
certificate via the factory method and stores the pointer in a
scoped_refptr. Once the client is done with the cert, the
scoped_refptr is destructed, which
On Sat, Sep 27, 2008 at 5:01 PM, HLS [EMAIL PROTECTED] wrote:
- Not Create sequenced files
I would prefer not to create sequential files as well. What alternate
behavior do you propose if the user already has a file by the given
name?
Thanks,
Adam
Can you describe a use-case that is missing from NonThreadSafe?
NonThreadSafe has already found lots of race conditions for us. I'm
definitely interested in ways to improve it.
also in case of release mode NonThreadSafe is not removed
entirely from code.
Why is that? The optimizer should
What about forms created after
WebFrameLoaderClient::dispatchDidFinishDocumentLoad? For example, if
you click the reply button on Gmail? Seems like you're better off
hooking the focusing of input elements...
Adam
On Tue, Oct 14, 2008 at 2:58 PM, Peterson Trethewey
[EMAIL PROTECTED] wrote:
== Overview ==
We should add a Open link in foreground tab menu item to the context
menu for hyperlinks.
== Use Cases ==
There are two main use cases for opening a link in a new tab:
1) Breath-first: You're viewing the Digg home page and you'd like to
open up a number of articles to read.
I wonder if it would make sense to reuse the existing star button for
something like this. The behavior could be similar to the back button
in that clicking is different from clicking-and-holding /
clicking-and-dragging.
Adam
On Mon, Dec 15, 2008 at 4:50 PM, Darren Horrocks
I'm not sure what the policy is for making up labels on the bug
tracker, but I labeled these bugs SuperAnnoying. I filed and
labeled another bug (space bar doesn't scroll window).
Either my bug search skills suck or not that many people are
dogfooding trunk. How can it be that no one noticed
I can land a swath of these on Wednesday.
On Tue, Dec 16, 2008 at 1:52 PM, Darin Fisher da...@chromium.org wrote:
Here's the list IIRC:
abarth
brettw
darin
eseidel
pamg
pkasting
With the following folks on deck:
dglazkov
mpcomplete
tc
http://nightly.webkit.org/start has a link to the
Awesome! Thanks John. Trailing whitespace be gone!
On Tue, Dec 16, 2008 at 8:16 PM, John Abd-El-Malek j...@chromium.org wrote:
Just a heads-up that I've integrated the script into our Rietveld
instance. If you use gcl, it will ping the server at a special url
after a patchset upload so
Keep in mind that some users will use a high-security profile for
online banking and a low-security profile for reading blogs. I
might decide that I like a certain extension enough to install it in
my low-security profile, but that doesn't mean I like it enough to
install it in my high-security
I wrote this test recently. Let me know if I can be of any assistance.
Adam
On Tue, Dec 23, 2008 at 8:46 AM, Avi Drissman a...@google.com wrote:
The net_unittests started being flaky due to hitting a check in
message_pump_libevent:
[ RUN ] URLRequestTest.Post307RedirectPost
I'm confused. I need to fix a bug in ImageSourceSkia.cpp, but I can't find it
http://src.chromium.org/viewvc/chrome/trunk/src/webkit/port/platform/graphics/
or
http://trac.webkit.org/browser/trunk/WebCore/platform/graphics
Where did it go?
Adam
On Mon, Dec 22, 2008 at 8:42 PM, Darin
If 155 is coming off of trunk, it has postMessage(), which is exciting
for us security wonks.
Adam
On Mon, Jan 5, 2009 at 9:30 PM, Mark Larson (Google) m...@chromium.org wrote:
I'm working on release notes for 155. The big addition in 155 (vs the 154
code we've been releasing) is the WebKit
Please don't add non-standard names to the global scope. We should
bring this up in whatwg to coordinate with Mozilla and Apple who have
similar app modes.
Adam
On Tue, Jan 13, 2009 at 9:41 AM, Dmitry Titov dim...@chromium.org wrote:
+1 to a non-bool
It should be on window rather then on
It's a reasonable size attack surface that we don't need. It's
analogous to our decoding favicons in the renderer for security.
Adam
On Tue, Feb 17, 2009 at 10:17 AM, Darin Fisher da...@chromium.org wrote:
That sounds like a lot of overhead and a lot of costly plumbing to me. Is
it really
No one else has a sandbox for their JavaScript engine. ACE in their
JS engine is game over.
Adam
On Tue, Feb 17, 2009 at 9:42 PM, Darin Fisher da...@chromium.org wrote:
I wonder why this hasn't gotten much attention in other browsers...
-Darin
On Tue, Feb 17, 2009 at 1:42 PM, Adam Barth
On Thu, Feb 19, 2009 at 3:37 PM, Ojan Vafai o...@google.com wrote:
Seem reasonable?
Sounds fine to me.
Adam
--~--~-~--~~~---~--~~
Chromium Developers mailing list: chromium-dev@googlegroups.com
View archives, change email options, or unsubscribe:
for WinChromium but it isn't an option for
the Mac version if we want to use system menus. (And no, that wasn't an
opening for anyone to say that we shouldn't use the system menus on the
Mac...)
Avi
On Mon, Mar 9, 2009 at 4:31 PM, Adam Barth aba...@chromium.org wrote:
I think we should show the menu
On Tue, Mar 10, 2009 at 7:47 AM, Avi Drissman a...@google.com wrote:
And that's the question, isn't it? :) What does affect the availability of
copy/paste? I'll be looking into that soon.
Yep. :)
In principle, almost anything can affect the copy/paste state because
most things can run script
PhistucK,
Thanks for your input, but the interstitial is handled at a different
layer in the browser than the new network stack (chrome/browser versus
net/http).
Adam
2009/3/18 PhistucK phist...@gmail.com:
One more thing, is issue 2010, which discusses the option not to show the
In the long term, we do plan to support out-of-process iframes, but
you shouldn't let this constrain our sessionStorage implementation.
Adam
On Fri, Mar 20, 2009 at 10:23 AM, Jeremy Orlow jor...@google.com wrote:
Are there any plans (long term or short) to render stuff like iframes with a
Yeah, this great works in Chrome. Head over to
http://mycroft.mozdev.org/search-engines.html and try adding any of
the OpenSearch search engines (with the A9 logos).
Adam
On Fri, Mar 20, 2009 at 2:19 PM, Meok meok...@gmail.com wrote:
I'm not talking about tricking someone into setting a
It's important to have this discussion, but we should be having it in
the bug tracker instead of on chromium-dev.
Thanks,
Adam
On Wed, Mar 25, 2009 at 11:22 AM, Robert Dailey rcdai...@gmail.com wrote:
First of all, I'm using Chrome 2.0.171.0
I have been unable to find a way to disable the
Set chrome_exe as your startup project and press F5!
Adam
On Tue, Mar 31, 2009 at 12:14 PM, QAH qah...@gmail.com wrote:
Hello everyone! I got google chrome to compile, but there were lots of
errors given to me with the unit tests. The browser can still run
without the tests, so how can I
On Tue, Mar 31, 2009 at 12:42 PM, Finnur Thorarinsson
fin...@chromium.org wrote:
It's not that simple. I think something fishy is going on with our project
dependencies or something.
Oh, interesting. This has worked for me in the past. (My machine is
really slow and I often skip compiling
You could try using IncrediBuild:
http://www.xoreax.com/
Adam
On Tue, Mar 31, 2009 at 2:08 PM, QAH qah...@gmail.com wrote:
I have 3 computers (2 desktops and 1 laptop). Is there a way I can
compile Google Chrome simultaneously on these computers so that the
compile time will be faster?
Most of the work to make this happen will take place in WebKit (see,
for example, how images and the like are handled). You might want to
file this as a feature request at bugs.webkit.org.
Adam
On Mon, Apr 6, 2009 at 1:56 PM, Evan Martin e...@chromium.org wrote:
Patches welcome. :P
On
Option (b) is better, as far as I can tell. On windows, those
messages have their own HWND anyway.
Adam
On Fri, Apr 10, 2009 at 1:15 PM, Ricardo Vargas rvar...@chromium.org wrote:
I opened bug 7379 a while ago to implement option b on the windows side.
On Fri, Apr 10, 2009 at 1:03 PM,
Oops. Wrong address. See below:
On Sat, Apr 11, 2009 at 3:47 PM, Adam Barth abarth@ wrote:
That sound fine. The other option is to make the history thread not
well-known (i.e., take away its ChromeThread::HISTORY name). Is there
a reason to have N history threads with N profiles?
Adam
Sounds good to me. (Although if I had my way, we'd check the entire
toolchain into SVN, gcc and all.)
Adam
On Wed, Apr 22, 2009 at 9:58 PM, Mark Larson (Google) m...@chromium.org wrote:
I filed http://bugs.chromium.org/10872 for this...
From src/chrome/tools/build/win/version.bat:
::
On Fri, Apr 24, 2009 at 11:29 PM, Ben Goodger (Google) b...@chromium.org
wrote:
chrome/common/clipboard_service.h
I don't see the point of this class. Let's just kill it, finally.
chrome/common/scoped_vector.h
This file really wants to be in base.
Adam
It doesn't take much of layoutTestController to run most of the
LayoutTests. At one point, I had a student implement the low hanging
fruit as a Firefox extension.
Adam
On Thu, Apr 30, 2009 at 11:37 AM, Darin Fisher da...@chromium.org wrote:
I think if we should definitely make it possible to
On Fri, May 1, 2009 at 12:35 PM, Adam Langley a...@chromium.org wrote:
On POSIX, it uses GCC magic to return the correct type based on the expression
and restarts the system call if it throws EINTR. Here it is:
#define HANDLE_EINTR(x) ({ \
typeof(x) ret; \
do { \
ret = x; \
} while
There's also a problem if you write something like:
HANDLE_EINTR(close(PromptUserForFileDescriptor()));
Macros suck.
What about something like base::close that's inline and knows how to loop?
Adam
On Fri, May 1, 2009 at 1:27 PM, Adam Langley a...@chromium.org wrote:
On Fri, May 1, 2009 at
Currently we have a handful of renderer - browser IPC messages that
contain gfx::NativeViewIds:
ViewHostMsg_GetWindowRect
ViewHostMsg_GetScreenInfo
ViewHostMsg_GetRootWindowRect
ViewHostMsg_GetRootWindowResizerRect
ViewHostMsg_ScriptedPrint
These make me sad because the render could ask about
On Sun, May 3, 2009 at 7:50 PM, Evan Martin e...@chromium.org wrote:
Look at base/gfx/gtk_native_view_id_manager -- it implements #2 for GTK.
Interesting. That's similar to what I had in mind, but not quite as
tight in the sense that it lets one renderer interact with view_ids
from another
by the RendererSecurityPolicy to store security bits associated with
the render view so that we don't need to have two maps.
I am already close to eliminating the NativeViewID parameters in the WebKit
API.
-Darin
On Sun, May 3, 2009 at 7:14 PM, Adam Barth aba...@chromium.org wrote:
Currently we have a handful
an untrusted
parameter as an HWND.
--Amanda
On Sun, May 3, 2009 at 10:14 PM, Adam Barth aba...@chromium.org wrote:
Currently we have a handful of renderer - browser IPC messages that
contain gfx::NativeViewIds:
ViewHostMsg_GetWindowRect
ViewHostMsg_GetScreenInfo
We should be careful about adding non-standard APIs to the Web
platform. If we want to make this available to every Web site, we
should first standardized the API through W3C.
Adam
2009/5/6 Jeremy Orlow jor...@google.com:
The JavaScript bindings are (mostly) generated from .idl files found
Maybe the thing to do is to have some kind of WebKit namespace for
experimental JavaScript APIs, in the same way there is
-webkit-border-radius for CSS. Something like:
window.onIdleWebKit
or
window.onIdleWK
Adam
On Wed, May 6, 2009 at 1:07 PM, Aaron Boodman a...@chromium.org wrote:
On
I think Darin had some strong opinions about whether we should do
nested schemes like feed-view:http://foo.com/bar.
From a security point of view, we'd ideally like to render feeds with
JavaScript and plug-ins disabled, as well as in a noAccess
SecurityOrigin. This is easier if the feed preview
that the authority of such an URL is actually foo.com.
(However, we could perhaps support this as we do view-source, where WebKit
never actually sees the view-source URL.)
-Darin
On Wed, May 6, 2009 at 6:56 PM, Adam Barth aba...@chromium.org wrote:
I think Darin had some strong opinions about whether
On Wed, May 6, 2009 at 8:45 PM, Mike Beltzner beltz...@mozilla.com wrote:
FWIW, Firefox has had several security issues crop up with the mixed-content
feed preview implementation. Placing privileged controls so close to web
content should be avoided, IMO, if you want to keep this from being a
I'd encourage you to implement it for extensions first. It seems
really useful for queuing up notifications, etc.
Adam
2009/5/7 PhistucK phist...@gmail.com:
(Creating a new thread for it.)
So, I started looking into it.
And as you wrote, in order to implement this function for all of the
On Thu, May 7, 2009 at 3:55 PM, Aaron Boodman a...@chromium.org wrote:
On Thu, May 7, 2009 at 3:52 PM, Evan Martin e...@chromium.org wrote:
Options here (I can't tell if you're suggesting #2 or #3):
1) filename extension only (what I'm suggesting)
2) require both filename extension and
On Thu, May 7, 2009 at 4:17 PM, Aaron Boodman a...@chromium.org wrote:
Ok, thanks for the recommendation. Currently the magic string is
Cr24. Not enough characters?
I suggested the above to be analogous to HTML5's appcache manifests:
On Thu, May 7, 2009 at 9:12 PM, Aaron Boodman a...@chromium.org wrote:
Just to clarify, you understand we're talking about a binary package
here, right? Not a text file.
Oh, I didn't realize that, but I'm not sure it makes much of a difference.
Chrome extensions are distributed in what are
Recently some folks have asked how we decide what severity to rate
each security vulnerability. Thus far, we've mostly been using an
informal process, but it seemed like a good idea to spell out our
policy publicly. Below is a draft of some guidelines for assigning
severities to security
.
sandbox limits - sandbox is designed to limit. (Lawyers are rubbing off on
me.)
2009/5/7 Adam Barth aba...@chromium.org
Recently some folks have asked how we decide what severity to rate
each security vulnerability. Thus far, we've mostly been using an
informal process, but it seemed like
2009/5/11 Nick Baum nickb...@chromium.org:
I'd like to avoid the An unknown party wishes to install an extension.
phrasing. It's scary and I don't think this actually helps the users make a
decision (and often this will happen in legitimate cases where the developers
simply can't set the
On Mon, May 11, 2009 at 12:02 PM, Aaron Boodman a...@chromium.org wrote:
On Mon, May 11, 2009 at 11:59 AM, Darin Fisher da...@chromium.org wrote:
We should use the same messaging that we use for downloaded
executables. Or, at least we should not make downloaded extensions
seem less scary
On Tue, May 12, 2009 at 11:49 AM, Peter Kasting pkast...@chromium.org wrote:
On Mon, May 11, 2009 at 6:35 PM, Adam Barth aba...@chromium.org wrote:
One feature of #webkit that I find useful is that every commit is
summarized by the CIA-bot.
http://cia.vc/
Funny, that's a feature I find
Thanks for all your comments. The guidelines are now posted at:
http://dev.chromium.org/developers/severity-guidelines
Adam
On Thu, May 7, 2009 at 11:41 PM, Adam Barth aba...@chromium.org wrote:
Recently some folks have asked how we decide what severity to rate
each security vulnerability
We're following Google Style:
http://google-styleguide.googlecode.com/svn/trunk/cppguide.xml
Adam
On Tue, May 12, 2009 at 9:29 PM, Benjamin ice...@gmail.com wrote:
What is the point of a single trailing underscore? Wouldn't it make
more sense to match webkit and have no trailing
I know there has been some amount of pain transitioning over to GYP,
but I, for one, really appreciate it. I've been wanting to reorganize
some of the SSL UI code for a while now but I've been scared of
screwing up the Mac and Linux builds. GYP lets me hack without
breaking other build systems.
When I've seen this before, I've needed to do a clobber build.
Adam
On Wed, May 13, 2009 at 5:21 PM, John Gregg john...@google.com wrote:
I'm synced to 16009 (which is the latest good change according to
http://build.chromium.org/buildbot/continuous/LATEST/REVISION), and I
got everything
On Sun, May 17, 2009 at 8:11 AM, nakro yoav.zilberb...@gmail.com wrote:
i am now playing with the source code of chrome, and doing tests
i did not find a way to say show me which files i have that are
different
Try gcl opened or svn status. If you want to see how they files
are different,
You need to go to deeper levels of the directory hierarchy to get to
the SVN working copies that make up your chrome checkout. For
example, go into src/chrome and try svn revert.
Adam
On Sun, May 17, 2009 at 8:41 AM, nakro yoav.zilberb...@gmail.com wrote:
Try svn revert.
i will try the
In general, we prefer message passing to locking. You might consider
posting a task back to the original thread to notify the download item
about whether the shell execute succeeded.
Adam
On Fri, May 22, 2009 at 6:47 PM, Yuta Kitamura yu...@google.com wrote:
Hi all,
I've been researching on
I'm not sure if we have anything exposed through the UI yet. Folks
are working on instrumenting WebCore in the right places to be able to
measure this. I looked around a bit for the bugs.webkit.org bug, but
I couldn't lay my hands on it.
Adam
On Sat, May 23, 2009 at 12:53 AM, lucius
I don't think you can do that. That would violate the abstraction of
the WebKit API. What are you trying to do? There might be another
way to accomplish your goal.
Adam
On Sat, May 30, 2009 at 11:21 PM, Daniel Dreiberg
daniel.dreiber...@gmail.com wrote:
Hi,
If I have a pointer to WebView,
We're working through this on #chromium
Adam
On Tue, Jun 2, 2009 at 7:29 PM, Mohamed Mansour
m0.interact...@gmail.com wrote:
Hi, I was landing a patch right now, and I am getting all these weird
errors.
C:\b\slave\sub-dbg-xp\build\src\net\http\http_auth_handler_ntlm.cc : warning
C4005:
Who's a good contact for V8DOMMap? It's probably going to need some
surgery to support isolated user scripts, and I want to make sure I'm
not screwing it up.
Thanks,
Adam
--~--~-~--~~~---~--~~
Chromium Developers mailing list: chromium-dev@googlegroups.com
View
On Thu, Jun 4, 2009 at 10:36 AM, Mike Belshe mbel...@google.com wrote:
On Thu, Jun 4, 2009 at 10:33 AM, Aaron Boodman a...@chromium.org wrote:
You mean the idea in general won't work well, or this particular
approach? I talked it over with Feng awhile ago, and he seemed to
think the general
This turns out to be very trick to do securely. I recommend studying
how Flash does this and doing *precisely* the same thing.
Adam
On Sun, Jun 7, 2009 at 10:57 PM, vijaytec...@gmail.com wrote:
Preferably a browser-independent way would be great.
Thanks in advance,
Vijay
Flash does something similar, but not *precisely* the same. I stand
by my statement that the below is insecure.
Adam
On Mon, Jun 8, 2009 at 8:08 PM, John Abd-El-Malekj...@chromium.org wrote:
BTW this is how Flash does it.
On Mon, Jun 8, 2009 at 7:47 PM, Adam Barth aba...@chromium.org wrote
I
observed by looking at their NPN calls.
On Tue, Jun 9, 2009 at 5:23 PM, Adam Barth aba...@chromium.org wrote:
Here's a demo of an attack that works in Chrome:
http://webblaze.org/abarth/tests/document-location/
Flash does something similar, but not *precisely* what Vijay proposed
Maybe it would be worth sweeping through the whole bindings and fixing
all obvious instances of this. Otherwise the bad idiom will continue
to spread like moss. I'm happy to review the change (either
@chromium.org or @webkit.org).
Adam
On Wed, Jun 10, 2009 at 10:20 AM, Drew
Has anyone actually gotten this to work? I'm having trouble with line
endings. It looks like my webkit.org checkout got converted to using
CR LF line endings, but WebKitTools seems to want LF line endings.
Relatedly, which svn.exe should I have in my path for WebKitTools
(depot_tools or
On Tue, Jun 16, 2009 at 9:55 AM, Darin Fisherda...@chromium.org wrote:
On Tue, Jun 16, 2009 at 9:47 AM, Peter Kasting pkast...@google.com wrote:
WebKit trunk checkouts only work when you only use the cygwin svn. You must never use a depot_tools svn or you will hose your checkout.
PK
That's
On Fri, Jun 26, 2009 at 5:38 AM, Dean McNameede...@chromium.org wrote:
On Fri, Jun 26, 2009 at 11:24 AM, Non-Stickkevin.ra...@ntlworld.com wrote:
Before I proceed to build an independent installer, please can you
advise
whether or not there are any plans for Chrome to provide such a
On Sat, Jul 4, 2009 at 12:59 PM, Peter Kastingpkast...@google.com wrote:
On Sat, Jul 4, 2009 at 9:57 AM, Ian Fette i...@chromium.org wrote:
There are a few people looking at doing this safely (including part of the
team in Tokyo). There are ideas on how to do this in a reasonably safe
manner
On Sun, Jul 5, 2009 at 7:38 PM, Marshall
Greenblattmagreenbl...@gmail.com wrote:
On Sun, Jul 5, 2009 at 5:47 PM, Adam Langley a...@chromium.org wrote:
On Sun, Jul 5, 2009 at 8:59 AM, Marshall
Greenblattmagreenbl...@gmail.com wrote:
We currently have the ability to set extra HTTP header
Ideally we would use an existing library instead of rolling our own.
One major benefit of using existing code is that all the XSS holes
will have been worked out already.
Adam
On Wed, Jul 8, 2009 at 11:36 AM, Tony Changt...@chromium.org wrote:
No objections from me-- a faster new tab page
I did a WebKit DEPs roll tonight to pick up the next stage of V8Proxy
cleanup and promptly lost the ability to see the buildbot:
blockquote
Proxy Error
The proxy server received an invalid response from an upstream server.
The proxy server could not handle the request GET /buildbot/waterfall/.
I can see the buildbot intermittenly now, and it looks like Windows
needs a clobber. Unfortunately, I don't see a way to do that on the
buildbot page... :(
On Thu, Jul 9, 2009 at 1:24 AM, Adam Barthaba...@chromium.org wrote:
I did a WebKit DEPs roll tonight to pick up the next stage of
Thanks Jeremy.
Adam
On Thu, Jul 9, 2009 at 1:50 AM, Jeremy Orlowjor...@chromium.org wrote:
I clobbered the WebKit FYI builds. Looks like someone else beat me to the
main windows builds.
On Thu, Jul 9, 2009 at 1:35 AM, Adam Barth aba...@chromium.org wrote:
I can see the buildbot
On Thu, Jul 9, 2009 at 1:04 PM, Drew Wilsonatwil...@chromium.org wrote:
Hi all,
I've been poking around quite a bit recently in the WebKit JS
bindings/constructor code, trying to make some sense of their widespread use
of the lexicalGlobalObject() - basically, it seems like looking at the
I support this. It look me a while to get my mind wrapped around
this, especially when reading JSC / V8 bindings code side-by-side.
Aligning with the JSC names would be even better.
Adam
On Thu, Jul 9, 2009 at 1:39 PM, Aaron Boodmana...@chromium.org wrote:
I have a proposal for a rename of
We already have an abstraction layer around these calls. We can
change names in V8Proxy / whatever these functions end up after
V8Proxy dissolves.
Adam
On Thu, Jul 9, 2009 at 1:55 PM, Aaron Boodmana...@chromium.org wrote:
It could be that the current names make sense if you work on v8, but
Looking at the buildbot, there are a bunch of LayoutTests that are
supposed to fail, timeout, or crash, but which actually pass. We
should update our test expectations / close the cooresponding bugs.
I'll do this tomorrow afternoon if no one beats me to it.
Enjoy:
Expected to fail, but passed
Wow, there are even more on Mac:
Expected to fail, but passed (39)
Adam
On Tue, Jul 14, 2009 at 12:38 AM, Adam Barthaba...@chromium.org wrote:
Looking at the buildbot, there are a bunch of LayoutTests that are
supposed to fail, timeout, or crash, but which actually pass. We
should update
On Tue, Jul 14, 2009 at 1:28 PM, Michael Nordmanmicha...@google.com wrote:
I'd leave decisions about the worker related message port tests for drew and
dimich... the feature isn't fully functional yet in chrome (even if they
don't crash and happen to pass and such).
Seems like we should turn
On Wed, Jul 15, 2009 at 12:44 PM, Peter Kastingpkast...@chromium.org wrote:
On Wed, Jul 15, 2009 at 12:39 PM, Adam Barth aba...@chromium.org wrote:
Thanks to some recent work by Dimitri, Victor, and others, hacking on
WebKit is now easier than ever. If you work on WebKit and Chromium, I
On Wed, Jul 15, 2009 at 12:57 PM, Peter Kastingpkast...@chromium.org wrote:
I am still confused.
I recommend the experimental method. If you have trouble, we can try
to figure out what's different between your setup and my setup.
Adam
--~--~-~--~~~---~--~~
On Wed, Jul 15, 2009 at 1:53 PM, Peter Kastingpkast...@chromium.org wrote:
On Wed, Jul 15, 2009 at 1:45 PM, Adam Barth aba...@chromium.org wrote:
Maybe try removing those directories from your .gclient_entries file?
This fixed things. Updated the directions. Also noted that people should
On Wed, Jul 15, 2009 at 1:55 PM, Adam Barthaba...@chromium.org wrote:
On Wed, Jul 15, 2009 at 1:53 PM, Peter Kastingpkast...@chromium.org wrote:
On Wed, Jul 15, 2009 at 1:45 PM, Adam Barth aba...@chromium.org wrote:
Maybe try removing those directories from your .gclient_entries file
Today I landed a patch that enables a security feature for extensions.
Now when an extension runs a content script, that script runs in a
parallel universe with the page. In its isolated world, the content
script can see the page's DOM, but it can't see any of the page's
JavaScript objects.
The next step for your specification is to go to the W3C.
CSS expressions have be a huge pain point for Internet Explorer, both
in terms of security and in terms of performance. We'll want to be
extremely careful before implementing a similar feature.
Finally, features at this layer should go
On Mon, Jul 20, 2009 at 11:04 AM, darrel karischdkari...@gmail.com wrote:
using the parallel universe V8IsolatedWorld addresses the security
concerns for the most part.
I'm not sure this is the case. That feature was design explicitly for
the extension use case. We'd have to think carefully
I think the way this works in general is that you create the wrapper
for the derived class. You can see all the switch statements in
V8DOMWrapper.cpp that try to do this for Nodes, etc.
Adam
On Tue, Jul 21, 2009 at 10:32 AM, Jeremy Orlowjor...@chromium.org wrote:
On Tue, Jul 21, 2009 at
If you know what WebCore/bindings/v8/ScriptObjectQuarantine.cpp is
supposed to do, can you reply to me privately? There's some code in
there that doesn't make sense to me, and I'd like to understand what
it's trying to accomplish.
Thanks,
Adam
On Wed, Jul 22, 2009 at 6:23 PM, Albert J. Wong
(王重傑)ajw...@chromium.org wrote:
I also got another suggestion that on the action, I should just redo the hit
test to retrieve the media node, which nicely handles cases where the movie
node is getting changed out via javascript from undernearth
There are some important WebKit changes brewing that you'll want to
pull into that branch eventually:
https://bugs.webkit.org/show_bug.cgi?id=27488
https://bugs.webkit.org/show_bug.cgi?id=27628
But they aren't quite landed yet. What's the deadline for getting
patches into the candidate?
Adam
These security properties are quite subtle. I would need to analysis
the feature in detail to give you a reasonable answer.
Adam
On Fri, Jul 24, 2009 at 11:01 AM, darrel karischdkari...@gmail.com wrote:
when I use V8IsolatedWorld I cannot access the window from script, the
value is
I suspect this behavior is related to our general jankiness problem
when paging back in a sleeping tab. I believe some folks are working
on that issue, but I'm not sure who.
Adam
On Fri, Jul 24, 2009 at 11:25 AM, PhistucKphist...@gmail.com wrote:
Note that if you think the implementation
I wonder if we could use something like the plug-in sandbox for the
main browser process in the intermediate term. That way the browser
could still have HWNDs and the like.
Adam
On Wed, Jul 29, 2009 at 9:44 AM, Linus Upsonli...@google.com wrote:
I realize this is not a small request, but it
On Sun, Aug 2, 2009 at 8:35 PM, Peter Kastingpkast...@google.com wrote:
I commented on the duplicate this bug was merged into.
I think there's been a lack of clarity in the request here. The problem is
not that the text is a link; the problem is that the text is keeping its
font, color, etc.
1 - 100 of 175 matches
Mail list logo
