Re: [webkit-dev] LayoutTest results choose from which folder?

[Dirk Pranke]

 Hi Chris,
 In layout test results, we make the latest Mac OS X version the rule, and
 earlier versions the exception. Tiger will look for results in mac-tiger
 first, then in mac-leopard, then in mac-snowleopard, then in mac, then
 finally in cross-platform results. Leopard will begin the search in
 mac-leopard, continue to mac-snowleopard, then mac, the cross-platform.
 As you can see, there are no expected results in mac-snowleopard (other than
 the ones you just added), because it’s the latest Mac OS X version. We will
 only start putting expected results in mac-snowleopard when the “latest”
 version (for which we put results in mac) will be something different.
 You should put the expected results for Snow Leopard in platform/mac (or, if
 they are cross-platform, alongside the test), and you should put the results
 for Leopard and earlier in platform/mac-leopard.
 —Dan

Does this imply that if you've moved results from 'platform/mac' to
'platform/mac-leopard' when you switched from 10.5 to 10.6? (Since,
presumable, some results that were in platform/mac were actually
specific to 10.5?)

I would've expected a different model, where if the output differed by
version, then you had results in 'mac-leopard' and 'mac-snowleopard',
and the presence in 'mac' meant it should be the same across both
(this was the approach I was planning to use for Chromium, which is
just starting to run into this problem with XP/Vista/Win 7). I can see
some advantages to your approach, but it seems more confusing in the
long run.

-- Dirk
___
webkit-dev mailing list
webkit-dev@lists.webkit.org
http://lists.webkit.org/mailman/listinfo.cgi/webkit-dev

Re: [webkit-dev] Security advice for linux browsers based on WebKit

[Adam Barth]

On Sun, Aug 23, 2009 at 9:02 PM, Gustavo Noronha Silvag...@gnome.org wrote:
 On Sat, 2009-08-22 at 22:05 -0700, Adam Barth wrote:
 which disables this behavior.  For legacy reasons, we default this
 setting to true, but I'd like to encourage to use the false
 setting by default in your browser, especially if your browser runs on
 Linux.

 This issue is particularly important on Linux because many Linux users
 use a network file system, such as AFS or NFS, which maps the entire
 world into the local file system.  For example, if I made my home
 directly world-readable, it's quite likely that I would be able to
 control this URL on your user's machines:

 I notice that WebKitGTK+ disables this by default, good =).

Awesome.  :)

 I think, though, that the AFS/NFS issue you mention is more general and
 shouldn't be a motivating factor. We have many GNU/Linux users not in
 corporate networks, these days, as well, and I think we should not be
 designing everything for big installations (those usually have admins
 who can worry about this kind of issue).

 Also, it looks like you can access windows shares using
 file://server/folder/file.html, so this doesn't seem to be UNIX-specific
 in any way. I also bet Mac can be made to use NFS, and AFS, so, again, I
 fail to see this as particularly important on non-Mac UNIX-likes.

I'm not sure I quite followed your line of reasoning here.  Are you
suggesting that everyone should use the more secure setting or are you
saying that you don't think this is an important security measure in
non-enterprise settings?

I agree that everyone should disable universal access for file URLs.
In fact, I think we should make it the default because the current
default is pretty dangerous.

Adam
___
webkit-dev mailing list
webkit-dev@lists.webkit.org
http://lists.webkit.org/mailman/listinfo.cgi/webkit-dev