Hello, On Fri, Mar 15, 2013 at 10:40:35AM +0000, Saha, Deepjyoti wrote: > The QtWebkit API set in Qt 4.8 does not contain any intefraces which could > allow a QtWebkit based browser to add/remove specific domains to be > whitelisted for cross origin requests. I understand that previosly these > API's were exposed through the intefraces in "QWebSecurityOrigin" which > invoked the API's in WebCore's SecurityOrigin class. But currently the API's > to add/remove a whitelist entry are exposed through WebCore's SecurityPolicy > class and there are no interfaces in QtWebkit API to invoke the same. > > I aslo noticed there was a bug raised and it was discussed in the following > thread: > https://bugreports.qt-project.org/browse/QTWEBKIT-24?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel > > But it has not been implemented yet. It would be great if you could let me > could know of any particluar reason this was not taken up ? > To be specific were there any concerns from the security standpoint on > exposing such interfaces ?
I think that just nobody had enough interest to fix it, yet :) I personally think that this could be implemented as static functions of QWebSecurityOrigin, similar to addLocalScheme and removeLocalScheme. Other people might have better idea but if not now, this could be a good starting point at least. Cheers, Jocelyn _______________________________________________ webkit-qt mailing list [email protected] https://lists.webkit.org/mailman/listinfo/webkit-qt
