New issue
Advanced search Search tips
Note: Color blocks (like or ) mean that a user may not be available. Tooltip shows the reason.

Issue 748547 link

Starred by 1 user
Status: Available
Owner: ----
Cc:
jochen@chromium.org
mkwst@chromium.org
a...@chromium.org
fw...@igalia.com
Components:
EstimatedDays: ----
NextAction: ----
OS: ----
Pri: 3
Type: Bug



Sign in to add a comment

beforeunload allows to open modal dialog in sandboxed frame without allow-modals

Project Member Reported by fw...@igalia.com, Jul 25 2017 
Chrome Version: 60.0.3078.0

What steps will reproduce the problem?

Open a page with the following content:

<iframe sandbox="allow-scripts"
        src="data:text/html,<script>
               window.addEventListener('beforeunload', function (event) {
                   event.returnValue = 'MESSAGE';
               });
               window.addEventListener('load', function() {
                  location = 'https://duckduckgo.com';
               });
            </script>"></iframe>

What is the expected result?

Modal dialogs should be blocked per https://html.spec.whatwg.org/multipage/origin.html#sandboxed-modals-flag

What happens instead?

A modal dialog is opened, asking whether we want to leave the page

Comment 1 by dtapu...@chromium.org, Oct 27 2017

Components: Blink>SecurityFeature

Comment 2 by mkwst@chromium.org, Nov 2 2017

Cc: jochen@chromium.org a...@chromium.org
Components: -Blink>SecurityFeature Blink>SecurityFeature>IFrameSandbox
Status: Available (was: Untriaged)
+Jochen/Avi, who love modal dialogs.

Comment 3 by est...@chromium.org, Nov 10 2017

Labels: Hotlist-EnamelAndFriendsFixIt

Comment 4 by est...@chromium.org, Feb 18 2018

Labels: -Hotlist-EnamelAndFriendsFixIt

Sign in to add a comment