- Adjust your meson.build to depend on WebKitGTK 2.26.0.
- If your application creates its own
WebKitWebContext, callwebkit_web_context_set_sandbox_enabled()on it. - If your application does not create its own
WebKitWebContext, then it uses the default web context. Usewebkit_web_context_get_default()and callwebkit_web_context_set_sandbox_enabled()on it. - Perform a basic functionality test to sanity-check that the sandbox has not broken major app functionality. The vast majority of applications should not notice any issues.
- Applications that attempt to access local files from a web process extension may break if not included in the sandbox. You may need to mount the directory containing the desired file inside the sandbox. Example. Note that most applications only load files via the UI process using webkit_web_view_load_url(); this does not require whitelisting because WebKit will load the file via its unsandboxed network process.
- Example
- Tracking issue