New issue
Advanced search Search tips
Note: Color blocks (like or ) mean that a user may not be available. Tooltip shows the reason.

Issue 590815 link

Starred by 1 user
Status: Verified
Owner:
peterlaurens@chromium.org
Last visit > 30 days ago
Closed: Jul 2017
Cc:
danyao@chromium.org
peterlaurens@chromium.org
lgar...@chromium.org
eugene...@chromium.org
kkhorimoto@chromium.org
ios-bugs@chromium.org
EstimatedDays: ----
NextAction: ----
OS: iOS
Pri: 2
Type: Bug



Sign in to add a comment

about:null is displayed as the title for the alerts triggered from iFrames

Project Member Reported by srikanthg@chromium.org, Feb 29 2016 
App Version: M49.0.2623.70 dev
iOS Version: 9.2.1
Device: iPhone5, iPhone6s
URL: http://www.w3schools.com/jsref/tryit.asp?filename=tryjsref_alert

Steps to reproduce:
  1. Launch Google Chrome
  2. Open the above URL and tap on "Try it"
  3. Observe the alert displayed

Observed results: "about:null" is displayed as the alert title

Expected results: web page domain name should be displayed as the alert title.

Number of times you were able to reproduce: 5/5
Bug reproducible after clean install: Yes
Bug reproducible after clearing cache and cookies: Yes
Bug reproducible on Chrome Mobile on Android: Not tested
Bug reproducible on Dolphin/Safari/Firefox: Firefox: NO, Safari: NO
Bug reproducible on current stable build (App Version, iOS Version):  M48 YES
Bug reproducible on the current beta channel build (App Version, iOS Version): M49 YES

Link to video/image: https://docs.google.com/drawings/d/1aCIAHQt_y8OQWak74ZwYeN0exEUtdYygOx0r8DUU-OQ/preview

Comment 1 by baxley@chromium.org, Feb 29 2016

Labels: M-50
Owner: kkhorimoto@chromium.org
Status: Assigned (was: Untriaged)

Comment 2 by eugene...@chromium.org, Apr 27 2017

Components: Mobile>WebView>Glue
Labels: -found-in-m49 found-in-M49

Comment 3 by eugene...@chromium.org, May 10 2017

Cc: palmer@chromium.org eugene...@chromium.org danyao@chromium.org
Chris could you please advice if it's ok to use main frame's hostname from security perspective? alert was requested by iframe and it's URL was about:blank.

Comment 4 by palmer@chromium.org, May 10 2017

Cc: -palmer@chromium.org lgar...@chromium.org
Labels: Team-Security-UX
I'm not on the security UX team anymore. +lgarron

Comment 5 by lgar...@chromium.org, May 10 2017 

> https://developer.mozilla.org/en-US/docs/Web/API/Window/alert

"Starting with Chrome 46.0 this method is blocked inside an <iframe> unless its sandbox attribute has the value allow-modal."
Except... I can still trigger it?

On desktop, we show IDS_JAVASCRIPT_MESSAGEBOX_TITLE_NONSTANDARD_URL_IFRAME [1] in this particular case. See [2] for the logic.

[1] https://cs.chromium.org/chromium/src/components/app_modal_strings.grdp?type=cs&q=%22An+embedded+page%22&l=15
[2] https://cs.chromium.org/chromium/src/components/app_modal/javascript_dialog_manager.cc?q=%22base::string16+JavaScriptDialogManager::GetTitle(%22&l=95
Screen Shot 2017-05-10 at 16.47.38.png
37.7 KB View Download

Comment 6 by lgar...@chromium.org, May 10 2017

Labels: -Restrict-View-Google

Comment 7 by eugene...@chromium.org, May 11 2017 

Thanks Lucas!

Comment 8 by eugene...@chromium.org, May 11 2017

Cc: peterlaurens@chromium.org
Peter, do you want to take this bug?

Comment 9 by peterlaurens@chromium.org, May 11 2017 

Yes! If Kurt isn't planning on working on it any time soon - Kurt, do you want to assign it to me? Thanks!

Comment 10 by kkhorimoto@chromium.org, May 11 2017

Cc: kkhorimoto@chromium.org
Owner: peterlaurens@chromium.org
All yours, Peter!

Comment 11 by peterlaurens@chromium.org, Jun 20 2017

Status: Started (was: Assigned)
Project Member

Comment 12 by bugdroid1@chromium.org, Jun 22 2017 

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/4da94ecef84eb4c38c68952b54f28b1159289998

commit 4da94ecef84eb4c38c68952b54f28b1159289998
Author: peterlaurens <peterlaurens@chromium.org>
Date: Thu Jun 22 17:47:24 2017

Improve dialog titles generated by embedded pages.

BUG= 590815 
TEST=See steps to reproduce in bug.

Review-Url: https://codereview.chromium.org/2944243002
Cr-Commit-Position: refs/heads/master@{#481591}

[modify] https://crrev.com/4da94ecef84eb4c38c68952b54f28b1159289998/ios/chrome/browser/ui/dialogs/dialog_presenter.mm

Comment 13 by jdhakshinamoor@chromium.org, Jun 27 2017 

Verified on iPhone 7 iOS 10.3.1,iPad iOS 10.3.2
The following issue has been Verified for fix on Build - 61.0.3142.0 Canary 

“about:null is displayed as the title for the alerts triggered from iFrames"

The Title appears now for alerts triggered from iFrames.

Comment 15 by eugene...@chromium.org, Jul 11 2017

Status: Fixed (was: Started)

Comment 16 by srikanthg@chromium.org, Nov 1 2017

Status: Verified (was: Fixed)
"An embedded page on this webpage says" is displayed as the title of the alert box.
Verified in M64.0.3254.0 canary
iOS: 11.2 Device: iPhone7Plus

Sign in to add a comment