Re: [webkit-dev] Suggestion: runtime disable Fetch API until it's complete enough for real web-apps
I filed https://bugs.webkit.org/show_bug.cgi?id=156113. Maciej, would you be able to add details about the polyfill, in particular how it detects whether fetch API is there or not? Thanks, y Le jeu. 31 mars 2016 à 20:32, Maciej Stachowiak a écrit : > > On Mar 31, 2016, at 11:14 AM, youenn fablet wrote: > > Hi, > > I like the idea of a runtime flag. > I would wait to enable fetch use until it passes sufficient numbers of > web-platform-test tests. > This can be tested in http://w3c-test.org/tools/runner/index.html (folder > fetch/api). > I think th > > Also, are you suggesting that it would be in addition to the compile flag > or as a replacement? > > > As long as everything is hidden and there are no bad side effects when the > runtime flag is off, it could substitute entirely for a compile-time flag. > I'd like to see us using runtime flags more and compile-time flags less. > > Regards, > Maciej > > ___ webkit-dev mailing list webkit-dev@lists.webkit.org https://lists.webkit.org/mailman/listinfo/webkit-dev
[webkit-dev] SVG images with foreignObject inside canvas
Hi, After bug 119492, SVG images are allowed inside canvas without tainting as long as they do not contain foreignObject. Two months ago, changeset 195614 landed to make this a bit more secure and the following FIXME comment was added to SVGImage.cpp: // FIXME: Once foreignObject elements within SVG images are updated to not leak cross-origin data // (e.g., visited links, spellcheck) we can remove the SVGForeignObjectElement check here and // research if we can remove the Image::hasSingleSecurityOrigin mechanism entirely. Does anyone know if there is any plan / bug report for this? The FIXME comment misses a bug number, I can not find any bug entry on Bugzilla (only the related bug 91523 and bug 131033) and I don't have access to bug 119492... Thank you, -- Frédéric Wang signature.asc Description: OpenPGP digital signature ___ webkit-dev mailing list webkit-dev@lists.webkit.org https://lists.webkit.org/mailman/listinfo/webkit-dev
