New issue
Advanced search Search tips
Note: Color blocks (like or ) mean that a user may not be available. Tooltip shows the reason.

Issue 649085 link

Starred by 2 users
Status: Assigned
Owner:
andypaicu@chromium.org
Last visit > 30 days ago
Cc:
mkwst@chromium.org
Components:
EstimatedDays: ----
NextAction: ----
OS: All
Pri: 3
Type: Bug



Sign in to add a comment

CSP violation reports are missing line numbers when the violating content is injected while waiting on parsing-blocking scripts to load

Project Member Reported by engedy@chromium.org, Sep 21 2016 
Consider the following reproduction CL:

https://codereview.chromium.org/2357323002/

The first call to document.write() inserts a <script> element that needs to load, so we trigger the load, but don't wait for it, instead just leave HTMLTreeBuilder::hasParserBlockingScript() and HTMLDocumentParser::isWaitingForScripts() set, and unwind.

The second call to document.write() finds that the parser still in the isWaitingForScripts() state, so it only inserts the HTML text into the HTMLInputStream, and triggers speculative parsing/preloading in the background, but does not call into HTMLDocumentParser::pumpTokenizer(), so the tree builder does not look at the script element.

Not surprisingly, the second <script> element is processed, thus loaded only after the first <script> has finished running along with all its side effects, and parsing resumes.

I will look more closely into how we are sourcing the line numbers and why it is broken in the second case.
Project Member

Comment 1 by sheriffbot@chromium.org, Sep 22 2017

Labels: Hotlist-Recharge-Cold
Status: Untriaged (was: Available)
This issue has been Available for over a year. If it's no longer important or seems unlikely to be fixed, please consider closing it out. If it is important, please re-triage the issue.

Sorry for the inconvenience if the bug really should have been left as Available. If you change it back, also remove the "Hotlist-Recharge-Cold" label.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot

Comment 2 by jochen@chromium.org, Oct 5 2017

Components: -Blink>SecurityFeature Blink>SecurityFeature>ContentSecurityPolicy
Labels: -Pri-2 Pri-3
Owner: andypaicu@chromium.org
Status: Assigned (was: Untriaged)

Comment 3 by est...@chromium.org, Nov 10 2017

Labels: Hotlist-EnamelAndFriendsFixIt

Comment 4 by est...@chromium.org, Feb 18 2018

Labels: -Hotlist-EnamelAndFriendsFixIt

Sign in to add a comment