.contentDocument on iframe whose current document is cross-origin should return null
Reported by
bzbar...@mit.edu,
Apr 5 2016
|
||||||||
Issue descriptionUserAgent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.10; rv:48.0) Gecko/20100101 Firefox/48.0 Example URL: Steps to reproduce the problem: 1. Load a cross-origin document in an iframe. 2. Access .contentDocument on that iframe. What is the expected behavior? Return null. See https://html.spec.whatwg.org/multipage/embedded-content.html#dom-iframe-contentdocument What went wrong? Exception thrown. Does it occur on multiple sites: Yes Is it a problem with a plugin? No Did this work before? N/A Does this work in other browsers? Yes Chrome version: 51.0.2693.2 (Official Build) dev (64-bit) Channel: n/a OS Version: OS X 10.10 Flash Version: Shockwave Flash 21.0 r0 This works correctly (per spec) in Firefox and Safari. I did check the oldest Chrome version I have handy (37) and it has the bug, so I'm not sure whether the bug predates the Blink/WebKit fork or was introduced after that.
,
Apr 6 2016
JSbin: http://jsbin.com/dayibemagu This does indeed throw an error instead of returning null. Likewise for <iframe sandbox>.
,
May 30 2016
,
May 30 2017
This issue has been Available for over a year. If it's no longer important or seems unlikely to be fixed, please consider closing it out. If it is important, please re-triage the issue. Sorry for the inconvenience if the bug really should have been left as Available. If you change it back, also remove the "Hotlist-Recharge-Cold" label. For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot
,
Jun 19 2017
dominicc@: Do you plan to poke at this? It seems like a pretty small change if you have some time.
,
Nov 10 2017
,
Jan 15 2018
Bulk edit bugs owned by dominicc@
,
Feb 18 2018
|
||||||||
►
Sign in to add a comment |
||||||||
Comment 1 by kojii@chromium.org
, Apr 6 2016