On Jun 19, 2011, at 2:03 PM, Ryosuke Niwa wrote:
> One of the most common security bugs I have seen in editing is that we keep a
> raw pointer to a node and call some helper method that modifies DOM
> (therefore invoking scripts).
>
> I'm sometimes tempted to replace all instances of Node* in the editing
> component by RefPtr/PassRefPtr.
I suspect that if the data members and local variables had type RefPtr, then it
mostly wouldn’t matter if argument types were PassRefPtr or raw pointers for
this purpose.
-- Darin
_______________________________________________
webkit-dev mailing list
[email protected]
http://lists.webkit.org/mailman/listinfo.cgi/webkit-dev
