Google Suggest
Allan Sandfeld Jensen
kde at carewolf.com
Fri Apr 29 12:40:29 CEST 2005
On Thursday 28 April 2005 01:15, Darin Adler wrote:
> On Apr 27, 2005, at 2:54 AM, Allan Sandfeld Jensen wrote:
> > Oops. I gave you the wrong version of the patch, but it can still
> > be done a
> > lot simpler than you do. Here is the current version:
> >
> > case FrameElement:
> > if (m_frame->m_frame)
> > return getDOMNode(exec,m_frame->m_frame->element());
> > else
> > return Undefined();
>
> That looks good, although we can't use it in our tree because we
> haven't made the change to how frames work that you have.
>
> But it's missing a security check. I believe it needs an isSafeScript
> call.
>
I was not sure about that. The current script is already tested with
isSafeScript which means it is the same domain as the parent script. The
extra test you make tests if the parent is the same domain as the current, so
it is redundant?
`Allan
More information about the Khtml-devel
mailing list