New issue
Advanced search Search tips

Issue 760954 link

Starred by 14 users

Issue metadata

Status: Available
Owner: ----
Components:
EstimatedDays: ----
NextAction: ----
OS: Linux , Windows , Mac
Pri: 2
Type: Bug



Sign in to add a comment

Content scripts will not be injected on frames with srcdoc attribute when calling document.write()

Reported by alex.tro...@gmail.com, Aug 31 2017

Issue description

UserAgent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36

Steps to reproduce the problem:
1. Install sample extension.
2. Open link https://atropnikov.github.io/Static/examples/content-script-frame.html
3. Open the page console.

Example page contains script:

<script>
    var frame = document.createElement("iframe");
    frame.setAttribute('srcdoc', '');
    (document.body || document.head || document.documentElement).appendChild(frame);
    var frameWindow = frame.contentWindow;
    frameWindow.document.write("<!DOCTYPE html><html><head></head><body></body></html>");
    frameWindow.document.close();
</script>

In the console log, you will see "Injected into https://atropnikov.github.io/Static/examples/content-script-frame.html"
But console should also contain record "Injected into about:srcdoc" for the dynamically created iframe.

What is the expected behavior?
Content script should be applied to the main frame and dynamically created iframe, but it doesn't happen.

What went wrong?
Content script is applied only to the main frame.

Did this work before? No 

Does this work in other browsers? N/A

Chrome version: 60.0.3112.113  Channel: stable
OS Version: OS X 10.12.6
Flash Version:
 
sample-extension.zip
800 bytes Download
Reproduced on Windows 10 build 15063 as well. 
Components: Platform>Extensions
Labels: Needs-Triage-M60 M-62 OS-Linux OS-Windows
Status: Untriaged (was: Unconfirmed)
Able to reproduce the issue on Windows-10, Ubuntu 14.04 and Mac OS 10.12.6 using chrome latest stable #60.0.3112.113 by following steps mentioned in the original comment. Observed 'Injected into https://atropnikov.github.io/Static/examples/content-script-frame.html' in displayed in the console.

This issue is observed on older version of chrome #50.0.2624.0 as well. Considering the above issue as non-regression and marking it as untriaged.

Thanks!
For the record, I can still reproduce this on Chrome 69 (Canary). Also, this works correctly on Firefox.

Code used:

let target = document.querySelector('#target');
let iframe = document.createElement('iframe');
iframe.srcdoc = "old";
target.appendChild(iframe);
iframe.contentWindow.document.open("text/html", "replace");
iframe.contentWindow.document.write(`<html><head></head><body>new</body></html>`);
iframe.contentWindow.document.close()
Status: Available (was: Untriaged)

Sign in to add a comment