https://bugs.webkit.org/show_bug.cgi?id=135174
<rdar://
17755931>
Reviewed by Anders Carlsson.
We never send these rules so we should just remove use of them
from the profiles.
* Resources/SandboxProfiles/ios/com.apple.WebKit.Networking.sb:
* Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb:
git-svn-id: https://svn.webkit.org/repository/webkit/trunk@171363
268f45cc-cd09-0410-ab3c-
d52691b4dbfc
2014-07-22 Oliver Hunt <oliver@apple.com>
+ Remove unused com.apple.webkit.* rules from profiles
+ https://bugs.webkit.org/show_bug.cgi?id=135174
+ <rdar://17755931>
+
+ Reviewed by Anders Carlsson.
+
+ We never send these rules so we should just remove use of them
+ from the profiles.
+
+ * Resources/SandboxProfiles/ios/com.apple.WebKit.Networking.sb:
+ * Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb:
+
+2014-07-22 Oliver Hunt <oliver@apple.com>
+
Provide networking process with access to its HSTS db
https://bugs.webkit.org/show_bug.cgi?id=135121
<rdar://17654369>
(import "common.sb")
(import "removed-dev-nodes.sb")
-;; Sandbox extensions
-(allow file-read* (extension "com.apple.webkit.read"))
-
;; Access to client's cache folder & re-vending to CFNetwork.
;; FIXME: Remove the webkti specific extension classes <rdar://problem/17755931>
(allow file-issue-extension (require-all
- (require-any (extension "com.apple.webkit.read-write") (extension "com.apple.app-sandbox.read-write"))
+ (extension "com.apple.app-sandbox.read-write")
(extension-class "com.apple.nsurlstorage.extension-cache")))
;; App sandbox extensions
(allow file-read* file-write* (extension "com.apple.app-sandbox.read-write"))
-;; Access to own cache & temp folders.
-(allow file-read* file-write* (extension "com.apple.webkit.read-write"))
-
;; IOKit user clients
(allow iokit-open
(iokit-user-client-class "RootDomainUserClient"))
(read-only-and-issue-extensions (extension "com.apple.app-sandbox.read"))
(read-write-and-issue-extensions (extension "com.apple.app-sandbox.read-write"))
-(allow file-issue-extension
- (require-all
- (extension-class "com.apple.webkit.read")
- (require-any
- (extension "com.apple.app-sandbox.read")
- (extension "com.apple.app-sandbox.read-write"))))
-
-
;; Access to client's cache folder & re-vending to CFNetwork.
;; FIXME: Remove the webkti specific extension classes <rdar://problem/17755931>
(allow file-issue-extension (require-all
- (require-any (extension "com.apple.webkit.read-write") (extension "com.apple.app-sandbox.read-write"))
+ (extension "com.apple.app-sandbox.read-write")
(extension-class "com.apple.nsurlstorage.extension-cache")))
-;; Access to own cache & temp folders.
-(allow file-read* (extension "com.apple.webkit.read"))
-(allow file-read* file-write* (extension "com.apple.webkit.read-write"))
-
-
;; Allow the OpenGL Profiler to attach.
(instruments-support) ; For <rdar://problem/7931952>
git://git.webkit.org / WebKit-https.git / commitdiff