On Jun 19, 2011, at 2:03 PM, Ryosuke Niwa wrote: > One of the most common security bugs I have seen in editing is that we keep a > raw pointer to a node and call some helper method that modifies DOM > (therefore invoking scripts). > > I'm sometimes tempted to replace all instances of Node* in the editing > component by RefPtr/PassRefPtr.
I suspect that if the data members and local variables had type RefPtr, then it mostly wouldn’t matter if argument types were PassRefPtr or raw pointers for this purpose. -- Darin _______________________________________________ webkit-dev mailing list webkit-dev@lists.webkit.org http://lists.webkit.org/mailman/listinfo.cgi/webkit-dev