New issue
Advanced search Search tips

Issue 710153 link

Starred by 1 user
Status: Untriaged
Owner: ----
Cc:
jkarlin@chromium.org
dcheng@chromium.org
Components:
EstimatedDays: ----
NextAction: ----
OS: All
Pri: 3
Type: Task



Sign in to add a comment

consider a replacement for window.name injection

Project Member Reported by ojan@chromium.org, Apr 10 2017 
Ads will use window.name as a way of doing one-time injection of content into a frame. The SafeFrame spec requires this. The problem is that window.name is meant for a different purpose, so has to be replicated across processes and data structures. 

We should consider building an explicit injection API and get them to migrate, then put a limit on the allowed length of window.name.

-srcdoc could almost be that, except they need to have the origin be their usual origin and you can't have both src and srcdoc.
-postMessage could be that if it queued up instead of failing when the iframe isn't loaded yet.

So, one possible implementation here could be an extra argument on postMessage to queue. That actually could solve a lot of problems with postMessage that would allow people to avoid things like polling while the iframe is booting up.
Project Member

Comment 1 by sheriffbot@chromium.org, May 7 2018

Labels: Hotlist-Recharge-Cold
Status: Untriaged (was: Available)
This issue has been Available for over a year. If it's no longer important or seems unlikely to be fixed, please consider closing it out. If it is important, please re-triage the issue.

Sorry for the inconvenience if the bug really should have been left as Available.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot

Sign in to add a comment